@okta/okta-auth-js 5.11.0 → 6.0.0

package/cjs/TransactionManager.js

@@ -27,12 +27,14 @@ var _sharedStorage = require("./util/sharedStorage");
  */
 class TransactionManager {
   constructor(options) {
+    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
     this.storageManager = options.storageManager;
     this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;
     this.saveNonceCookie = options.saveNonceCookie === false ? false : true;
     this.saveStateCookie = options.saveStateCookie === false ? false : true;
     this.saveParamsCookie = options.saveParamsCookie === false ? false : true;
     this.enableSharedStorage = options.enableSharedStorage === false ? false : true;
+    this.saveLastResponse = options.saveLastResponse === false ? false : true;
     this.options = options;
   } // eslint-disable-next-line complexity
 
@@ -43,10 +45,9 @@ class TransactionManager {
 
     transactionStorage.clearStorage(); // clear IDX response storage
 
-    this.clearIdxResponse(); // Usually we do NOT want to clear shared storage because another tab may need it to continue/complete a flow
-    // It can be cleared after a user succcesfully signs in and receives tokens
+    this.clearIdxResponse(); // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow
 
-    if (this.enableSharedStorage && options.clearSharedStorage) {
+    if (this.enableSharedStorage && options.clearSharedStorage !== false) {
       const state = options.state || (meta === null || meta === void 0 ? void 0 : meta.state);
 
       if (state) {
@@ -245,7 +246,7 @@ class TransactionManager {
     // eslint-disable-next-line max-len
 
 
-    throw new _errors.AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);
+    throw new _errors.AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);
   }
 
   clearLegacyOAuthParams() {
@@ -299,6 +300,10 @@ class TransactionManager {
   }
 
   saveIdxResponse(idxResponse) {
+    if (!this.saveLastResponse) {
+      return;
+    }
+
     const storage = this.storageManager.getIdxResponseStorage();
 
     if (!storage) {
@@ -309,6 +314,10 @@ class TransactionManager {
   }
 
   loadIdxResponse() {
+    if (!this.saveLastResponse) {
+      return null;
+    }
+
     const storage = this.storageManager.getIdxResponseStorage();
 
     if (!storage) {
@@ -325,6 +334,10 @@ class TransactionManager {
   }
 
   clearIdxResponse() {
+    if (!this.saveLastResponse) {
+      return;
+    }
+
     const storage = this.storageManager.getIdxResponseStorage();
     storage === null || storage === void 0 ? void 0 : storage.clearStorage();
   }

package/cjs/TransactionManager.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearIdxResponse","clearSharedStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","JSON","stringify","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","Object","assign","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","getIdxResponseStorage","loadIdxResponse"],"mappings":";;;;AAaA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6Be,MAAMA,kBAAN,CAAyB;AAStCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKN,OAAL,GAAeA,OAAf;AACD,GAjBqC,CAmBtC;;;AACAO,EAAAA,KAAK,CAACP,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMQ,kBAAmC,GAAG,KAAKP,cAAL,CAAoBQ,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,SAAKC,gBAAL,GAR+C,CAU/C;AACA;;AACA,QAAI,KAAKP,mBAAL,IAA4BN,OAAO,CAACc,kBAAxC,EAA4D;AAC1D,YAAMC,KAAK,GAAGf,OAAO,CAACe,KAAR,KAAiBL,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEK,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKd,cAAvC,EAAuDc,KAAvD;AACD;AACF;;AAED,QAAI,CAAC,KAAKb,mBAAV,EAA+B;AAC7B;AACD,KArB8C,CAuB/C;;;AACA,QAAIF,OAAO,CAACgB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIjB,OAAO,CAACkB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GAnDqC,CAqDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBV,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIqB,OAAwB,GAAG,KAAKpB,cAAL,CAAoBQ,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACtB,OAAO,CAACuB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKJ,mBAAL,IAA4BI,IAAI,CAACK,KAArC,EAA4C;AAC1C,yDAA+B,KAAKd,cAApC,EAAoDS,IAAI,CAACK,KAAzD,EAAgEL,IAAhE;AACD;;AAED,QAAI,CAACV,OAAO,CAACgB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKb,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMoB,aAA4B,GAAG,KAAKxB,cAAL,CAAoBU,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKrB,gBAAT,EAA2B;AACzB,cAAM;AACJsB,UAAAA,YADI;AAEJZ,UAAAA,KAFI;AAGJa,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBZ,UAAAA,KAFkB;AAGlBa,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkDC,IAAI,CAACC,SAAL,CAAeJ,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK9B,eAAL,IAAwBO,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBI,qCAAtB,EAAkD5B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKxB,eAAL,IAAwBM,IAAI,CAACK,KAAjC,EAAwC;AACtC;AACAU,QAAAA,aAAa,CAACS,OAAd,CAAsBK,qCAAtB,EAAkD7B,IAAI,CAACK,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDyB,EAAAA,MAAM,CAACxC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMU,IAAqB,GAAG,KAAK+B,IAAL,CAAUzC,OAAV,CAA9B;AACA,aAAO,CAAC,CAACU,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GA7HqC,CA+HtC;AACA;;;AACA+B,EAAAA,IAAI,CAACzC,OAA+B,GAAG,EAAnC,EAAwD;AAE1D,QAAIU,IAAJ,CAF0D,CAI1D;;AACA,QAAI,KAAKJ,mBAAL,IAA4BN,OAAO,CAACe,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKd,cAAxB,EAD6C,CACJ;;AACzCS,MAAAA,IAAI,GAAG,qDAAiC,KAAKT,cAAtC,EAAsDD,OAAO,CAACe,KAA9D,CAAP;;AACA,UAAI,8BAAkBL,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKpB,cAAL,CAAoBQ,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKR,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtByD,CAwB1D;;;AACA,QAAIF,OAAO,CAACgB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKS,qBAAL,EAApB;AACAC,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIjB,OAAO,CAACkB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAM2B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACAH,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBmC,QAApB;AACD,OAHD,SAGU;AACR,aAAK1B,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAhLqC,CAkLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKX,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAEDkC,EAAAA,cAAc,GAAwB;AACpC,QAAIzB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKrB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKrB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAI6B,oBAAJ,CAAiB,yJAAjB,EAA4K,IAA5K,CAAN;AACD;;AAEDlC,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKX,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAIrB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIkB,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDE,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,UAAMjC,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;;AACA,QAAI,CAAClC,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB8B,WAAnB;AACD;;AAEDE,EAAAA,eAAe,GAAmB;AAChC,UAAMnC,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;;AACA,QAAI,CAAClC,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMiC,WAAW,GAAGjC,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC,6BAAiB2C,WAAjB,CAAL,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AAEDzC,EAAAA,gBAAgB,GAAS;AACvB,UAAMQ,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;AACAlC,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AAlSqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport StorageManager from './StorageManager';\nimport {\n  StorageProvider,\n  TransactionMeta,\n  isTransactionMeta,\n  isOAuthTransactionMeta,\n  PKCETransactionMeta,\n  OAuthTransactionMeta,\n  TransactionMetaOptions,\n  TransactionManagerOptions,\n  CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n  clearTransactionFromSharedStorage,\n  loadTransactionFromSharedStorage,\n  pruneSharedStorage,\n  saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n  clearSharedStorage?: boolean;\n}\nexport default class TransactionManager {\n  options: TransactionManagerOptions;\n  storageManager: StorageManager;\n  legacyWidgetSupport: boolean;\n  saveNonceCookie: boolean;\n  saveStateCookie: boolean;\n  saveParamsCookie: boolean;\n  enableSharedStorage: boolean;\n\n  constructor(options: TransactionManagerOptions) {\n    this.storageManager = options.storageManager;\n    this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n    this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n    this.saveStateCookie = options.saveStateCookie === false ? false : true;\n    this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n    this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n    this.options = options;\n  }\n\n  // eslint-disable-next-line complexity\n  clear(options: ClearTransactionMetaOptions = {}) {\n    const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n    const meta = transactionStorage.getStorage();\n\n    // Clear primary storage (by default, sessionStorage on browser)\n    transactionStorage.clearStorage();\n\n    // clear IDX response storage\n    this.clearIdxResponse();\n\n    // Usually we do NOT want to clear shared storage because another tab may need it to continue/complete a flow\n    // It can be cleared after a user succcesfully signs in and receives tokens\n    if (this.enableSharedStorage && options.clearSharedStorage) {\n      const state = options.state || meta?.state;\n      if (state) {\n        clearTransactionFromSharedStorage(this.storageManager, state);\n      }\n    }\n  \n    if (!this.legacyWidgetSupport) {\n      return;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      this.clearLegacyOAuthParams();\n    }\n\n    if (options.pkce) {\n      this.clearLegacyPKCE();\n    }\n  }\n\n  // eslint-disable-next-line complexity\n  save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n    // There must be only one transaction executing at a time.\n    // Before saving, check to see if a transaction is already stored.\n    // An existing transaction indicates a concurrency/race/overlap condition\n\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    const obj = storage.getStorage();\n    // oie process may need to update transaction in the middle of process for tracking purpose\n    // false alarm might be caused \n    // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n    if (isTransactionMeta(obj) && !options.muteWarning) {\n      // eslint-disable-next-line max-len\n      warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n    }\n\n    storage.setStorage(meta);\n\n    // Shared storage allows continuation of transaction in another tab\n    if (this.enableSharedStorage && meta.state) {\n      saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n    }\n\n    if (!options.oauth) {\n      return;\n    }\n  \n    // Legacy cookie storage\n    if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n      const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n      if (this.saveParamsCookie) {\n        const { \n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        } = meta;\n        const oauthParams = {\n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        };\n        cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n      }\n\n      if (this.saveNonceCookie && meta.nonce) {\n        // Set nonce cookie for servers to validate nonce in id_token\n        cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n      }\n\n      if (this.saveStateCookie && meta.state) {\n        // Set state cookie for servers to validate state\n        cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n      }\n    }\n  }\n\n  exists(options: TransactionMetaOptions = {}): boolean {\n    try {\n      const meta: TransactionMeta = this.load(options);\n      return !!meta;\n    } catch {\n      return false;\n    }\n  }\n\n  // load transaction meta from storage\n  // eslint-disable-next-line complexity,max-statements\n  load(options: TransactionMetaOptions = {}): TransactionMeta {\n\n    let meta: TransactionMeta;\n\n    // If state was passed, try loading transaction data from shared storage\n    if (this.enableSharedStorage && options.state) {\n      pruneSharedStorage(this.storageManager); // prune before load\n      meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n      if (isTransactionMeta(meta)) {\n        return meta;\n      }\n    }\n\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    meta = storage.getStorage();\n    if (isTransactionMeta(meta)) {\n      // if we have meta in the new location, there is no need to go further\n      return meta;\n    }\n\n    if (!this.legacyWidgetSupport) {\n      return null;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      try {\n        const oauthParams = this.loadLegacyOAuthParams();\n        Object.assign(meta, oauthParams);\n      } finally {\n        this.clearLegacyOAuthParams();\n      }\n    }\n\n    if (options.pkce) {\n      try {\n        const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n        Object.assign(meta, pkceMeta);\n      } finally {\n        this.clearLegacyPKCE();\n      }\n    }\n\n    if (isTransactionMeta(meta)) {\n      return meta;\n    }\n    return null;\n  }\n\n  // This is for compatibility with older versions of the signin widget. OKTA-304806\n  clearLegacyPKCE(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyPKCE(): PKCETransactionMeta {\n    let storage: StorageProvider;\n    let obj;\n    \n    // Try reading from localStorage first.\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n\n    // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n\n    // If meta is not valid, throw an exception to avoid misleading server-side error\n    // The most likely cause of this error is trying to handle a callback twice\n    // eslint-disable-next-line max-len\n    throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);\n  }\n\n  clearLegacyOAuthParams(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyOAuthParams(): OAuthTransactionMeta {\n    let storage: StorageProvider;\n    let oauthParams;\n  \n    // load first from session storage\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      oauthParams = storage.getStorage();\n    }\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n    // try to load from cookie\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      oauthParams = storage.getStorage();\n    }\n\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n\n    throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n    // Something is there but we don't recognize it\n    // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n  }\n\n  saveIdxResponse(idxResponse: RawIdxResponse): void {\n    const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return;\n    }\n    storage.setStorage(idxResponse);\n  }\n\n  loadIdxResponse(): RawIdxResponse {\n    const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return null;\n    }\n    const idxResponse = storage.getStorage();\n    if (!isRawIdxResponse(idxResponse)) {\n      return null;\n    }\n    return idxResponse;\n  }\n\n  clearIdxResponse(): void {\n    const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n    storage?.clearStorage();\n  }\n}"],"file":"TransactionManager.js"}
+{"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","saveLastResponse","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearIdxResponse","clearSharedStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","JSON","stringify","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","Object","assign","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","undefined","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","getIdxResponseStorage","loadIdxResponse"],"mappings":";;;;AAaA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6Be,MAAMA,kBAAN,CAAyB;AAUtCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C;AACA,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,gBAAL,GAAwBP,OAAO,CAACO,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKP,OAAL,GAAeA,OAAf;AACD,GApBqC,CAsBtC;;;AACAQ,EAAAA,KAAK,CAACR,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMS,kBAAmC,GAAG,KAAKR,cAAL,CAAoBS,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,SAAKC,gBAAL,GAR+C,CAU/C;;AACA,QAAI,KAAKR,mBAAL,IAA4BN,OAAO,CAACe,kBAAR,KAA+B,KAA/D,EAAsE;AACpE,YAAMC,KAAK,GAAGhB,OAAO,CAACgB,KAAR,KAAiBL,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEK,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKf,cAAvC,EAAuDe,KAAvD;AACD;AACF;;AAED,QAAI,CAAC,KAAKd,mBAAV,EAA+B;AAC7B;AACD,KApB8C,CAsB/C;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GArDqC,CAuDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBX,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIsB,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACvB,OAAO,CAACwB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKL,mBAAL,IAA4BK,IAAI,CAACK,KAArC,EAA4C;AAC1C,yDAA+B,KAAKf,cAApC,EAAoDU,IAAI,CAACK,KAAzD,EAAgEL,IAAhE;AACD;;AAED,QAAI,CAACX,OAAO,CAACiB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKd,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMqB,aAA4B,GAAG,KAAKzB,cAAL,CAAoBW,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKtB,gBAAT,EAA2B;AACzB,cAAM;AACJuB,UAAAA,YADI;AAEJZ,UAAAA,KAFI;AAGJa,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBZ,UAAAA,KAFkB;AAGlBa,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkDC,IAAI,CAACC,SAAL,CAAeJ,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK/B,eAAL,IAAwBQ,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBI,qCAAtB,EAAkD5B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKzB,eAAL,IAAwBO,IAAI,CAACK,KAAjC,EAAwC;AACtC;AACAU,QAAAA,aAAa,CAACS,OAAd,CAAsBK,qCAAtB,EAAkD7B,IAAI,CAACK,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDyB,EAAAA,MAAM,CAACzC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMW,IAAI,GAAG,KAAK+B,IAAL,CAAU1C,OAAV,CAAb;AACA,aAAO,CAAC,CAACW,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GA/HqC,CAiItC;AACA;;;AACA+B,EAAAA,IAAI,CAAC1C,OAA+B,GAAG,EAAnC,EAA+D;AAEjE,QAAIW,IAAJ,CAFiE,CAIjE;;AACA,QAAI,KAAKL,mBAAL,IAA4BN,OAAO,CAACgB,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKf,cAAxB,EAD6C,CACJ;;AACzCU,MAAAA,IAAI,GAAG,qDAAiC,KAAKV,cAAtC,EAAsDD,OAAO,CAACgB,KAA9D,CAAP;;AACA,UAAI,8BAAkBL,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKT,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtBgE,CAwBjE;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKS,qBAAL,EAApB;AACAC,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAM2B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACAH,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBmC,QAApB;AACD,OAHD,SAGU;AACR,aAAK1B,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAlLqC,CAoLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAEDkC,EAAAA,cAAc,GAAwB;AACpC,QAAIzB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKtB,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKtB,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAI6B,oBAAJ,CAAiB,yJAAjB,EAA4KC,SAA5K,CAAN;AACD;;AAEDnC,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,2BAApB,CAAgD;AAAE3B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,2BAApB,CAAgD;AAAE3B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAIrB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKjC,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,2BAApB,CAAgD;AAAE3B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKjC,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,2BAApB,CAAgD;AAAE3B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIkB,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDG,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,QAAI,CAAC,KAAKjD,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBwD,qBAApB,EAAhB;;AACA,QAAI,CAACnC,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB+B,WAAnB;AACD;;AAEDE,EAAAA,eAAe,GAA0B;AACvC,QAAI,CAAC,KAAKnD,gBAAV,EAA4B;AAC1B,aAAO,IAAP;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBwD,qBAApB,EAAhB;;AACA,QAAI,CAACnC,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMkC,WAAW,GAAGlC,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC,6BAAiB4C,WAAjB,CAAL,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AAED1C,EAAAA,gBAAgB,GAAS;AACvB,QAAI,CAAC,KAAKP,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBwD,qBAApB,EAAhB;AACAnC,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AA7SqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport StorageManager from './StorageManager';\nimport {\n  StorageProvider,\n  TransactionMeta,\n  isTransactionMeta,\n  isOAuthTransactionMeta,\n  PKCETransactionMeta,\n  OAuthTransactionMeta,\n  TransactionMetaOptions,\n  TransactionManagerOptions,\n  CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n  clearTransactionFromSharedStorage,\n  loadTransactionFromSharedStorage,\n  pruneSharedStorage,\n  saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n  clearSharedStorage?: boolean;\n}\nexport default class TransactionManager {\n  options: TransactionManagerOptions;\n  storageManager: StorageManager;\n  legacyWidgetSupport: boolean;\n  saveNonceCookie: boolean;\n  saveStateCookie: boolean;\n  saveParamsCookie: boolean;\n  enableSharedStorage: boolean;\n  saveLastResponse: boolean;\n\n  constructor(options: TransactionManagerOptions) {\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    this.storageManager = options.storageManager!;\n    this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n    this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n    this.saveStateCookie = options.saveStateCookie === false ? false : true;\n    this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n    this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n    this.saveLastResponse = options.saveLastResponse === false ? false : true;\n    this.options = options;\n  }\n\n  // eslint-disable-next-line complexity\n  clear(options: ClearTransactionMetaOptions = {}) {\n    const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n    const meta = transactionStorage.getStorage();\n\n    // Clear primary storage (by default, sessionStorage on browser)\n    transactionStorage.clearStorage();\n\n    // clear IDX response storage\n    this.clearIdxResponse();\n\n    // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow\n    if (this.enableSharedStorage && options.clearSharedStorage !== false) {\n      const state = options.state || meta?.state;\n      if (state) {\n        clearTransactionFromSharedStorage(this.storageManager, state);\n      }\n    }\n  \n    if (!this.legacyWidgetSupport) {\n      return;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      this.clearLegacyOAuthParams();\n    }\n\n    if (options.pkce) {\n      this.clearLegacyPKCE();\n    }\n  }\n\n  // eslint-disable-next-line complexity\n  save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n    // There must be only one transaction executing at a time.\n    // Before saving, check to see if a transaction is already stored.\n    // An existing transaction indicates a concurrency/race/overlap condition\n\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    const obj = storage.getStorage();\n    // oie process may need to update transaction in the middle of process for tracking purpose\n    // false alarm might be caused \n    // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n    if (isTransactionMeta(obj) && !options.muteWarning) {\n      // eslint-disable-next-line max-len\n      warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n    }\n\n    storage.setStorage(meta);\n\n    // Shared storage allows continuation of transaction in another tab\n    if (this.enableSharedStorage && meta.state) {\n      saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n    }\n\n    if (!options.oauth) {\n      return;\n    }\n  \n    // Legacy cookie storage\n    if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n      const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n      if (this.saveParamsCookie) {\n        const { \n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        } = meta;\n        const oauthParams = {\n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        };\n        cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n      }\n\n      if (this.saveNonceCookie && meta.nonce) {\n        // Set nonce cookie for servers to validate nonce in id_token\n        cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n      }\n\n      if (this.saveStateCookie && meta.state) {\n        // Set state cookie for servers to validate state\n        cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n      }\n    }\n  }\n\n  exists(options: TransactionMetaOptions = {}): boolean {\n    try {\n      const meta = this.load(options);\n      return !!meta;\n    } catch {\n      return false;\n    }\n  }\n\n  // load transaction meta from storage\n  // eslint-disable-next-line complexity,max-statements\n  load(options: TransactionMetaOptions = {}): TransactionMeta | null {\n\n    let meta: TransactionMeta;\n\n    // If state was passed, try loading transaction data from shared storage\n    if (this.enableSharedStorage && options.state) {\n      pruneSharedStorage(this.storageManager); // prune before load\n      meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n      if (isTransactionMeta(meta)) {\n        return meta;\n      }\n    }\n\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    meta = storage.getStorage();\n    if (isTransactionMeta(meta)) {\n      // if we have meta in the new location, there is no need to go further\n      return meta;\n    }\n\n    if (!this.legacyWidgetSupport) {\n      return null;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      try {\n        const oauthParams = this.loadLegacyOAuthParams();\n        Object.assign(meta, oauthParams);\n      } finally {\n        this.clearLegacyOAuthParams();\n      }\n    }\n\n    if (options.pkce) {\n      try {\n        const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n        Object.assign(meta, pkceMeta);\n      } finally {\n        this.clearLegacyPKCE();\n      }\n    }\n\n    if (isTransactionMeta(meta)) {\n      return meta;\n    }\n    return null;\n  }\n\n  // This is for compatibility with older versions of the signin widget. OKTA-304806\n  clearLegacyPKCE(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyPKCE(): PKCETransactionMeta {\n    let storage: StorageProvider;\n    let obj;\n    \n    // Try reading from localStorage first.\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n\n    // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n    \n    // If meta is not valid, throw an exception to avoid misleading server-side error\n    // The most likely cause of this error is trying to handle a callback twice\n    // eslint-disable-next-line max-len\n    throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);\n  }\n\n  clearLegacyOAuthParams(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyOAuthParams(): OAuthTransactionMeta {\n    let storage: StorageProvider;\n    let oauthParams;\n  \n    // load first from session storage\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      oauthParams = storage.getStorage();\n    }\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n    // try to load from cookie\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      oauthParams = storage.getStorage();\n    }\n\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n\n    throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n    // Something is there but we don't recognize it\n    // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n  }\n\n  saveIdxResponse(idxResponse: RawIdxResponse): void {\n    if (!this.saveLastResponse) {\n      return;\n    }\n    const storage = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return;\n    }\n    storage.setStorage(idxResponse);\n  }\n\n  loadIdxResponse(): RawIdxResponse | null {\n    if (!this.saveLastResponse) {\n      return null;\n    }\n    const storage = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return null;\n    }\n    const idxResponse = storage.getStorage();\n    if (!isRawIdxResponse(idxResponse)) {\n      return null;\n    }\n    return idxResponse;\n  }\n\n  clearIdxResponse(): void {\n    if (!this.saveLastResponse) {\n      return;\n    }\n    const storage = this.storageManager.getIdxResponseStorage();\n    storage?.clearStorage();\n  }\n}"],"file":"TransactionManager.js"}

package/cjs/browser/browserStorage.js

@@ -8,6 +8,8 @@ var _AuthSdkError = _interopRequireDefault(require("../errors/AuthSdkError"));
 
 var _util = require("../util");
 
+/* eslint-disable @typescript-eslint/no-non-null-assertion */
+
 /*!
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -76,7 +78,7 @@ var storageUtil = {
     return supported;
   },
   getStorageByType: function (storageType, options) {
-    let storageProvider = null;
+    let storageProvider;
 
     switch (storageType) {
       case 'sessionStorage':
@@ -154,11 +156,11 @@ var storageUtil = {
       }
     };
 
-    if (!options.useMultipleCookies) {
+    if (!options.useSeparateCookies) {
       return storage;
-    } // options.useMultipleCookies - because cookies have size limits.
+    } // Tokens are stored separately because cookies have size limits.
     // Can only be used when storing an object value. Object properties will be saved to separate cookies.
-    //  Each property of the object must also be an object.
+    // Each property of the object must also be an object.
 
 
     return {
@@ -169,7 +171,7 @@ var storageUtil = {
         Object.keys(data).forEach(k => {
           if (k.indexOf(key) === 0) {
             // filter out unrelated cookies
-            value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie dataa
+            value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie data
           }
         });
         return JSON.stringify(value);

package/cjs/browser/browserStorage.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/browser/browserStorage.ts"],"names":["Cookies","require","storageUtil","getHttpCache","getPKCEStorage","browserHasLocalStorage","storage","getLocalStorage","testStorage","e","browserHasSessionStorage","getSessionStorage","testStorageType","storageType","supported","getStorageByType","options","storageProvider","getCookieStorage","getInMemoryStorage","AuthSdkError","findStorageType","types","curType","nextType","slice","shift","length","localStorage","sessionStorage","secure","sameSite","sessionCookie","getItem","get","setItem","key","value","expiresAt","set","removeItem","delete","useMultipleCookies","data","Object","keys","forEach","k","indexOf","replace","JSON","parse","stringify","existingValues","storageKey","valueToStore","inMemoryStore","name","cookieOptions","path","Date","expires","remove"],"mappings":";;;;;;AAaA;;AAWA;;AAxBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAeA,MAAMA,OAAO,GAAGC,OAAO,CAAC,WAAD,CAAvB,C,CAEA;;;AACA,IAAIC,WAA+B,GAAG;AAEpC;AACAC,EAAAA,YAAY,GAAoB;AAC9B,WAAO,IAAP;AACD,GALmC;;AAOpCC,EAAAA,cAAc,GAAgB;AAC5B,WAAO,IAAP;AACD,GATmC;;AAWpC;AACA;AACAC,EAAAA,sBAAsB,EAAE,YAAW;AACjC,QAAI;AACF,UAAIC,OAAO,GAAGJ,WAAW,CAACK,eAAZ,EAAd;AACA,aAAOL,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GApBmC;AAsBpCC,EAAAA,wBAAwB,EAAE,YAAW;AACnC,QAAI;AACF,UAAIJ,OAAO,GAAGJ,WAAW,CAACS,iBAAZ,EAAd;AACA,aAAOT,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA7BmC;AA+BpCG,EAAAA,eAAe,EAAE,UAASC,WAAT,EAA4C;AAC3D,QAAIC,SAAS,GAAG,KAAhB;;AACA,YAAQD,WAAR;AACE,WAAK,gBAAL;AACEC,QAAAA,SAAS,GAAGZ,WAAW,CAACQ,wBAAZ,EAAZ;AACA;;AACF,WAAK,cAAL;AACEI,QAAAA,SAAS,GAAGZ,WAAW,CAACG,sBAAZ,EAAZ;AACA;;AACF,WAAK,QAAL;AACA,WAAK,QAAL;AACES,QAAAA,SAAS,GAAG,IAAZ;AACA;;AACF;AACEA,QAAAA,SAAS,GAAG,KAAZ;AACA;AAbJ;;AAeA,WAAOA,SAAP;AACD,GAjDmC;AAmDpCC,EAAAA,gBAAgB,EAAE,UAASF,WAAT,EAAmCG,OAAnC,EAA2E;AAC3F,QAAIC,eAAe,GAAG,IAAtB;;AACA,YAAQJ,WAAR;AACE,WAAK,gBAAL;AACEI,QAAAA,eAAe,GAAGf,WAAW,CAACS,iBAAZ,EAAlB;AACA;;AACF,WAAK,cAAL;AACEM,QAAAA,eAAe,GAAGf,WAAW,CAACK,eAAZ,EAAlB;AACA;;AACF,WAAK,QAAL;AACEU,QAAAA,eAAe,GAAGf,WAAW,CAACgB,gBAAZ,CAA6BF,OAA7B,CAAlB;AACA;;AACF,WAAK,QAAL;AACEC,QAAAA,eAAe,GAAGf,WAAW,CAACiB,kBAAZ,EAAlB;AACA;;AACF;AACE,cAAM,IAAIC,qBAAJ,CAAkB,gCAA+BP,WAAY,EAA7D,CAAN;AACA;AAfJ;;AAiBA,WAAOI,eAAP;AACD,GAvEmC;AAyEpCI,EAAAA,eAAe,EAAE,UAASC,KAAT,EAA+B;AAC9C,QAAIC,OAAJ;AACA,QAAIC,QAAJ;AAEAF,IAAAA,KAAK,GAAGA,KAAK,CAACG,KAAN,EAAR,CAJ8C,CAIvB;;AACvBF,IAAAA,OAAO,GAAGD,KAAK,CAACI,KAAN,EAAV;AACAF,IAAAA,QAAQ,GAAGF,KAAK,CAACK,MAAN,GAAeL,KAAK,CAAC,CAAD,CAApB,GAA0B,IAArC;;AACA,QAAI,CAACE,QAAL,EAAe;AACb,aAAOD,OAAP;AACD;;AAED,QAAIrB,WAAW,CAACU,eAAZ,CAA4BW,OAA5B,CAAJ,EAA0C;AACxC,aAAOA,OAAP;AACD,KAb6C,CAe9C;;;AACA,oBAAM,gCAA+BA,OAAQ,kBAAiBC,QAAS,GAAvE,EAhB8C,CAkB9C;;AACA,WAAOtB,WAAW,CAACmB,eAAZ,CAA4BC,KAA5B,CAAP;AACD,GA7FmC;AA+FpCf,EAAAA,eAAe,EAAE,YAAW;AAC1B,WAAOqB,YAAP;AACD,GAjGmC;AAmGpCjB,EAAAA,iBAAiB,EAAE,YAAW;AAC5B,WAAOkB,cAAP;AACD,GArGmC;AAuGpC;AACAX,EAAAA,gBAAgB,EAAE,UAASF,OAAT,EAAiC;AACjD,UAAMc,MAAM,GAAGd,OAAO,CAACc,MAAvB;AACA,UAAMC,QAAQ,GAAGf,OAAO,CAACe,QAAzB;AACA,UAAMC,aAAa,GAAGhB,OAAO,CAACgB,aAA9B;;AACA,QAAI,OAAOF,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,YAAM,IAAIX,qBAAJ,CAAiB,oEAAjB,CAAN;AACD;;AACD,UAAMd,OAAsB,GAAG;AAC7B2B,MAAAA,OAAO,EAAE/B,WAAW,CAACI,OAAZ,CAAoB4B,GADA;AAE7BC,MAAAA,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqBC,SAAS,GAAG,0BAAjC,EAA6D;AACpE;AACAA,QAAAA,SAAS,GAAGN,aAAa,GAAG,IAAH,GAAUM,SAAnC;AACApC,QAAAA,WAAW,CAACI,OAAZ,CAAoBiC,GAApB,CAAwBH,GAAxB,EAA6BC,KAA7B,EAAoCC,SAApC,EAA+C;AAC7CR,UAAAA,MAAM,EAAEA,MADqC;AAE7CC,UAAAA,QAAQ,EAAEA;AAFmC,SAA/C;AAID,OAT4B;AAU7BS,MAAAA,UAAU,EAAE,UAASJ,GAAT,EAAc;AACxBlC,QAAAA,WAAW,CAACI,OAAZ,CAAoBmC,MAApB,CAA2BL,GAA3B;AACD;AAZ4B,KAA/B;;AAeA,QAAI,CAACpB,OAAO,CAAC0B,kBAAb,EAAiC;AAC/B,aAAOpC,OAAP;AACD,KAxBgD,CA0BjD;AACA;AACA;;;AACA,WAAO;AACL2B,MAAAA,OAAO,EAAE,UAASG,GAAT,EAAc;AACrB,YAAIO,IAAI,GAAGrC,OAAO,CAAC2B,OAAR,EAAX,CADqB,CACS;;AAC9B,YAAII,KAAK,GAAG,EAAZ;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYF,IAAZ,EAAkBG,OAAlB,CAA0BC,CAAC,IAAI;AAC7B,cAAIA,CAAC,CAACC,OAAF,CAAUZ,GAAV,MAAmB,CAAvB,EAA0B;AAAE;AAC1BC,YAAAA,KAAK,CAACU,CAAC,CAACE,OAAF,CAAW,GAAEb,GAAI,GAAjB,EAAqB,EAArB,CAAD,CAAL,GAAkCc,IAAI,CAACC,KAAL,CAAWR,IAAI,CAACI,CAAD,CAAf,CAAlC,CADwB,CAC+B;AACxD;AACF,SAJD;AAKA,eAAOG,IAAI,CAACE,SAAL,CAAef,KAAf,CAAP;AACD,OAVI;AAWLF,MAAAA,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqB;AAC5B,YAAIgB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAC,QAAAA,KAAK,GAAGa,IAAI,CAACC,KAAL,CAAWd,KAAX,CAAR,CAF4B,CAG5B;;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYR,KAAZ,EAAmBS,OAAnB,CAA2BC,CAAC,IAAI;AAC9B,cAAIO,UAAU,GAAGlB,GAAG,GAAG,GAAN,GAAYW,CAA7B;AACA,cAAIQ,YAAY,GAAGL,IAAI,CAACE,SAAL,CAAef,KAAK,CAACU,CAAD,CAApB,CAAnB;AACAzC,UAAAA,OAAO,CAAC6B,OAAR,CAAgBmB,UAAhB,EAA4BC,YAA5B;AACA,iBAAOF,cAAc,CAACN,CAAD,CAArB;AACD,SALD,EAJ4B,CAU5B;;AACAH,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCzC,UAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD,OAzBI;AA0BLP,MAAAA,UAAU,EAAE,UAASJ,GAAT,EAAc;AACxB,YAAIiB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAQ,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCzC,UAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD;AA/BI,KAAP;AAiCD,GAtKmC;AAwKpC;AACAS,EAAAA,aAAa,EAAE,EAzKqB;AA0KpCrC,EAAAA,kBAAkB,EAAE,YAAW;AAC7B,WAAO;AACLc,MAAAA,OAAO,EAAGG,GAAD,IAAS;AAChB,eAAO,KAAKoB,aAAL,CAAmBpB,GAAnB,CAAP;AACD,OAHI;AAILD,MAAAA,OAAO,EAAE,CAACC,GAAD,EAAMC,KAAN,KAAgB;AACvB,aAAKmB,aAAL,CAAmBpB,GAAnB,IAA0BC,KAA1B;AACD;AANI,KAAP;AAQD,GAnLmC;AAqLpC7B,EAAAA,WAAW,EAAE,UAASF,OAAT,EAAkB;AAC7B,QAAI8B,GAAG,GAAG,mBAAV;;AACA,QAAI;AACF9B,MAAAA,OAAO,CAAC6B,OAAR,CAAgBC,GAAhB,EAAqBA,GAArB;AACA9B,MAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAnB;AACA,aAAO,IAAP;AACD,KAJD,CAIE,OAAO3B,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA9LmC;AAgMpCH,EAAAA,OAAO,EAAE;AACPiC,IAAAA,GAAG,EAAE,UAASkB,IAAT,EAAuBpB,KAAvB,EAAsCC,SAAtC,EAAyDtB,OAAzD,EAAyF;AAC5F,YAAM;AAAEe,QAAAA,QAAF;AAAYD,QAAAA;AAAZ,UAAuBd,OAA7B;;AACA,UAAI,OAAOc,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,cAAM,IAAIX,qBAAJ,CAAiB,+DAAjB,CAAN;AACD;;AACD,UAAIsC,aAA4B,GAAG;AACjCC,QAAAA,IAAI,EAAE3C,OAAO,CAAC2C,IAAR,IAAgB,GADW;AAEjC7B,QAAAA,MAFiC;AAGjCC,QAAAA;AAHiC,OAAnC,CAL4F,CAW5F;;AACA,UAAI,CAAC,CAAE6B,IAAI,CAACT,KAAL,CAAWb,SAAX,CAAP,EAA+B;AAC7B;AACA;AACA;AACA;AACAoB,QAAAA,aAAa,CAACG,OAAd,GAAwB,IAAID,IAAJ,CAAStB,SAAT,CAAxB;AACD;;AAEDtC,MAAAA,OAAO,CAACuC,GAAR,CAAYkB,IAAZ,EAAkBpB,KAAlB,EAAyBqB,aAAzB;AACA,aAAOxD,WAAW,CAACI,OAAZ,CAAoB4B,GAApB,CAAwBuB,IAAxB,CAAP;AACD,KAvBM;AAyBPvB,IAAAA,GAAG,EAAE,UAASuB,IAAT,EAA+B;AAClC,aAAOzD,OAAO,CAACkC,GAAR,CAAYuB,IAAZ,CAAP;AACD,KA3BM;AA6BPhB,IAAAA,MAAM,EAAE,UAASgB,IAAT,EAA+B;AACrC,aAAOzD,OAAO,CAAC8D,MAAR,CAAeL,IAAf,EAAqB;AAAEE,QAAAA,IAAI,EAAE;AAAR,OAArB,CAAP;AACD;AA/BM;AAhM2B,CAAtC;eAmOezD,W","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n  StorageProvider,\n  StorageOptions,\n  PKCEStorage,\n  CookieOptions,\n  SimpleStorage,\n  StorageType,\n  BrowserStorageUtil,\n  CookieStorage\n} from '../types';\nimport { warn } from '../util';\n\nconst Cookies = require('js-cookie');\n\n// Building this as an object allows us to mock the functions in our tests\nvar storageUtil: BrowserStorageUtil = {\n\n  // These are shimmed in `OktaAuthBase.ts`\n  getHttpCache(): StorageProvider {\n    return null;\n  },\n\n  getPKCEStorage(): PKCEStorage {\n    return null;\n  },\n\n  // IE11 bug that Microsoft doesn't plan to fix\n  // https://connect.microsoft.com/IE/Feedback/Details/1496040\n  browserHasLocalStorage: function() {\n    try {\n      var storage = storageUtil.getLocalStorage();\n      return storageUtil.testStorage(storage);\n    } catch (e) {\n      return false;\n    }\n  },\n\n  browserHasSessionStorage: function() {\n    try {\n      var storage = storageUtil.getSessionStorage();\n      return storageUtil.testStorage(storage);\n    } catch (e) {\n      return false;\n    }\n  },\n\n  testStorageType: function(storageType: StorageType): boolean {\n    var supported = false;\n    switch (storageType) {\n      case 'sessionStorage':\n        supported = storageUtil.browserHasSessionStorage();\n        break;\n      case 'localStorage':\n        supported = storageUtil.browserHasLocalStorage();\n        break;\n      case 'cookie':\n      case 'memory':\n        supported = true;\n        break;\n      default:\n        supported = false;\n        break;\n    }\n    return supported;\n  },\n\n  getStorageByType: function(storageType: StorageType, options: StorageOptions): SimpleStorage {\n    let storageProvider = null;\n    switch (storageType) {\n      case 'sessionStorage':\n        storageProvider = storageUtil.getSessionStorage();\n        break;\n      case 'localStorage':\n        storageProvider = storageUtil.getLocalStorage();\n        break;\n      case 'cookie':\n        storageProvider = storageUtil.getCookieStorage(options);\n        break;\n      case 'memory':\n        storageProvider = storageUtil.getInMemoryStorage();\n        break;\n      default:\n        throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n        break;\n    }\n    return storageProvider;\n  },\n\n  findStorageType: function(types: StorageType[]) {\n    let curType;\n    let nextType;\n    \n    types = types.slice(); // copy array\n    curType = types.shift();\n    nextType = types.length ? types[0] : null;\n    if (!nextType) {\n      return curType;\n    }\n\n    if (storageUtil.testStorageType(curType)) {\n      return curType;\n    }\n\n    // preferred type was unsupported.\n    warn(`This browser doesn't support ${curType}. Switching to ${nextType}.`);\n\n    // fallback to the next type. this is a recursive call\n    return storageUtil.findStorageType(types);\n  },\n\n  getLocalStorage: function() {\n    return localStorage;\n  },\n\n  getSessionStorage: function() {\n    return sessionStorage;\n  },\n\n  // Provides webStorage-like interface for cookies\n  getCookieStorage: function(options): CookieStorage {\n    const secure = options.secure;\n    const sameSite = options.sameSite;\n    const sessionCookie = options.sessionCookie;\n    if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n      throw new AuthSdkError('getCookieStorage: \"secure\" and \"sameSite\" options must be provided');\n    }\n    const storage: CookieStorage = {\n      getItem: storageUtil.storage.get,\n      setItem: function(key, value, expiresAt = '2200-01-01T00:00:00.000Z') {\n        // By defauilt, cookie shouldn't expire\n        expiresAt = sessionCookie ? null : expiresAt;\n        storageUtil.storage.set(key, value, expiresAt, {\n          secure: secure, \n          sameSite: sameSite,\n        });\n      },\n      removeItem: function(key) {\n        storageUtil.storage.delete(key);\n      }\n    };\n\n    if (!options.useMultipleCookies) {\n      return storage;\n    }\n\n    // options.useMultipleCookies - because cookies have size limits.\n    // Can only be used when storing an object value. Object properties will be saved to separate cookies.\n    //  Each property of the object must also be an object.\n    return {\n      getItem: function(key) {\n        var data = storage.getItem(); // read all cookies\n        var value = {};\n        Object.keys(data).forEach(k => {\n          if (k.indexOf(key) === 0) { // filter out unrelated cookies\n            value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie dataa\n          }\n        });\n        return JSON.stringify(value);\n      },\n      setItem: function(key, value) {\n        var existingValues = JSON.parse(this.getItem(key));\n        value = JSON.parse(value);\n        // Set key-value pairs from input to cookies\n        Object.keys(value).forEach(k => {\n          var storageKey = key + '_' + k;\n          var valueToStore = JSON.stringify(value[k]);\n          storage.setItem(storageKey, valueToStore);\n          delete existingValues[k];\n        });\n        // Delete unmatched keys from existing cookies\n        Object.keys(existingValues).forEach(k => {\n          storage.removeItem(key + '_' + k);\n        });\n      },\n      removeItem: function(key) {\n        var existingValues = JSON.parse(this.getItem(key));\n        Object.keys(existingValues).forEach(k => {\n          storage.removeItem(key + '_' + k);\n        });\n      }\n    };\n  },\n\n  // Provides an in-memory solution\n  inMemoryStore: {},\n  getInMemoryStorage: function() {\n    return {\n      getItem: (key) => {\n        return this.inMemoryStore[key];\n      },\n      setItem: (key, value) => {\n        this.inMemoryStore[key] = value;\n      }\n    };\n  },\n\n  testStorage: function(storage) {\n    var key = 'okta-test-storage';\n    try {\n      storage.setItem(key, key);\n      storage.removeItem(key);\n      return true;\n    } catch (e) {\n      return false;\n    }\n  },\n\n  storage: {\n    set: function(name: string, value: string, expiresAt: string, options: CookieOptions): string {\n      const { sameSite, secure } = options;\n      if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n        throw new AuthSdkError('storage.set: \"secure\" and \"sameSite\" options must be provided');\n      }\n      var cookieOptions: CookieOptions = {\n        path: options.path || '/',\n        secure,\n        sameSite\n      };\n\n      // eslint-disable-next-line no-extra-boolean-cast\n      if (!!(Date.parse(expiresAt))) {\n        // Expires value can be converted to a Date object.\n        //\n        // If the 'expiresAt' value is not provided, or the value cannot be\n        // parsed as a Date object, the cookie will set as a session cookie.\n        cookieOptions.expires = new Date(expiresAt);\n      }\n\n      Cookies.set(name, value, cookieOptions);\n      return storageUtil.storage.get(name);\n    },\n\n    get: function(name: string): string {\n      return Cookies.get(name);\n    },\n\n    delete: function(name: string): string {\n      return Cookies.remove(name, { path: '/' });\n    }\n  }\n};\n\nexport default storageUtil;\n"],"file":"browserStorage.js"}
+{"version":3,"sources":["../../../lib/browser/browserStorage.ts"],"names":["Cookies","require","storageUtil","getHttpCache","getPKCEStorage","browserHasLocalStorage","storage","getLocalStorage","testStorage","e","browserHasSessionStorage","getSessionStorage","testStorageType","storageType","supported","getStorageByType","options","storageProvider","getCookieStorage","getInMemoryStorage","AuthSdkError","findStorageType","types","curType","nextType","slice","shift","length","localStorage","sessionStorage","secure","sameSite","sessionCookie","getItem","get","setItem","key","value","expiresAt","set","removeItem","delete","useSeparateCookies","data","Object","keys","forEach","k","indexOf","replace","JSON","parse","stringify","existingValues","storageKey","valueToStore","inMemoryStore","name","cookieOptions","path","Date","expires","remove"],"mappings":";;;;;;AAcA;;AAWA;;AAzBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAeA,MAAMA,OAAO,GAAGC,OAAO,CAAC,WAAD,CAAvB,C,CAEA;;;AACA,IAAIC,WAA+B,GAAG;AAEpC;AACAC,EAAAA,YAAY,GAAoB;AAC9B,WAAO,IAAP;AACD,GALmC;;AAOpCC,EAAAA,cAAc,GAAgB;AAC5B,WAAO,IAAP;AACD,GATmC;;AAWpC;AACA;AACAC,EAAAA,sBAAsB,EAAE,YAAW;AACjC,QAAI;AACF,UAAIC,OAAO,GAAGJ,WAAW,CAACK,eAAZ,EAAd;AACA,aAAOL,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GApBmC;AAsBpCC,EAAAA,wBAAwB,EAAE,YAAW;AACnC,QAAI;AACF,UAAIJ,OAAO,GAAGJ,WAAW,CAACS,iBAAZ,EAAd;AACA,aAAOT,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA7BmC;AA+BpCG,EAAAA,eAAe,EAAE,UAASC,WAAT,EAA4C;AAC3D,QAAIC,SAAS,GAAG,KAAhB;;AACA,YAAQD,WAAR;AACE,WAAK,gBAAL;AACEC,QAAAA,SAAS,GAAGZ,WAAW,CAACQ,wBAAZ,EAAZ;AACA;;AACF,WAAK,cAAL;AACEI,QAAAA,SAAS,GAAGZ,WAAW,CAACG,sBAAZ,EAAZ;AACA;;AACF,WAAK,QAAL;AACA,WAAK,QAAL;AACES,QAAAA,SAAS,GAAG,IAAZ;AACA;;AACF;AACEA,QAAAA,SAAS,GAAG,KAAZ;AACA;AAbJ;;AAeA,WAAOA,SAAP;AACD,GAjDmC;AAmDpCC,EAAAA,gBAAgB,EAAE,UAASF,WAAT,EAAmCG,OAAnC,EAA4E;AAC5F,QAAIC,eAAJ;;AACA,YAAQJ,WAAR;AACE,WAAK,gBAAL;AACEI,QAAAA,eAAe,GAAGf,WAAW,CAACS,iBAAZ,EAAlB;AACA;;AACF,WAAK,cAAL;AACEM,QAAAA,eAAe,GAAGf,WAAW,CAACK,eAAZ,EAAlB;AACA;;AACF,WAAK,QAAL;AACEU,QAAAA,eAAe,GAAGf,WAAW,CAACgB,gBAAZ,CAA6BF,OAA7B,CAAlB;AACA;;AACF,WAAK,QAAL;AACEC,QAAAA,eAAe,GAAGf,WAAW,CAACiB,kBAAZ,EAAlB;AACA;;AACF;AACE,cAAM,IAAIC,qBAAJ,CAAkB,gCAA+BP,WAAY,EAA7D,CAAN;AACA;AAfJ;;AAiBA,WAAOI,eAAP;AACD,GAvEmC;AAyEpCI,EAAAA,eAAe,EAAE,UAASC,KAAT,EAA+B;AAC9C,QAAIC,OAAJ;AACA,QAAIC,QAAJ;AAEAF,IAAAA,KAAK,GAAGA,KAAK,CAACG,KAAN,EAAR,CAJ8C,CAIvB;;AACvBF,IAAAA,OAAO,GAAGD,KAAK,CAACI,KAAN,EAAV;AACAF,IAAAA,QAAQ,GAAGF,KAAK,CAACK,MAAN,GAAeL,KAAK,CAAC,CAAD,CAApB,GAA0B,IAArC;;AACA,QAAI,CAACE,QAAL,EAAe;AACb,aAAOD,OAAP;AACD;;AAED,QAAIrB,WAAW,CAACU,eAAZ,CAA4BW,OAA5B,CAAJ,EAA0C;AACxC,aAAOA,OAAP;AACD,KAb6C,CAe9C;;;AACA,oBAAM,gCAA+BA,OAAQ,kBAAiBC,QAAS,GAAvE,EAhB8C,CAkB9C;;AACA,WAAOtB,WAAW,CAACmB,eAAZ,CAA4BC,KAA5B,CAAP;AACD,GA7FmC;AA+FpCf,EAAAA,eAAe,EAAE,YAAW;AAC1B,WAAOqB,YAAP;AACD,GAjGmC;AAmGpCjB,EAAAA,iBAAiB,EAAE,YAAW;AAC5B,WAAOkB,cAAP;AACD,GArGmC;AAuGpC;AACAX,EAAAA,gBAAgB,EAAE,UAASF,OAAT,EAAiC;AACjD,UAAMc,MAAM,GAAGd,OAAO,CAAEc,MAAxB;AACA,UAAMC,QAAQ,GAAGf,OAAO,CAAEe,QAA1B;AACA,UAAMC,aAAa,GAAGhB,OAAO,CAAEgB,aAA/B;;AACA,QAAI,OAAOF,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,YAAM,IAAIX,qBAAJ,CAAiB,oEAAjB,CAAN;AACD;;AACD,UAAMd,OAAsB,GAAG;AAC7B2B,MAAAA,OAAO,EAAE/B,WAAW,CAACI,OAAZ,CAAoB4B,GADA;AAE7BC,MAAAA,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqBC,SAAS,GAAG,0BAAjC,EAA6D;AACpE;AACAA,QAAAA,SAAS,GAAIN,aAAa,GAAG,IAAH,GAAUM,SAApC;AACApC,QAAAA,WAAW,CAACI,OAAZ,CAAoBiC,GAApB,CAAwBH,GAAxB,EAA6BC,KAA7B,EAAoCC,SAApC,EAA+C;AAC7CR,UAAAA,MAAM,EAAEA,MADqC;AAE7CC,UAAAA,QAAQ,EAAEA;AAFmC,SAA/C;AAID,OAT4B;AAU7BS,MAAAA,UAAU,EAAE,UAASJ,GAAT,EAAc;AACxBlC,QAAAA,WAAW,CAACI,OAAZ,CAAoBmC,MAApB,CAA2BL,GAA3B;AACD;AAZ4B,KAA/B;;AAeA,QAAI,CAACpB,OAAO,CAAE0B,kBAAd,EAAkC;AAChC,aAAOpC,OAAP;AACD,KAxBgD,CA0BjD;AACA;AACA;;;AACA,WAAO;AACL2B,MAAAA,OAAO,EAAE,UAASG,GAAT,EAAc;AACrB,YAAIO,IAAI,GAAGrC,OAAO,CAAC2B,OAAR,EAAX,CADqB,CACS;;AAC9B,YAAII,KAAK,GAAG,EAAZ;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYF,IAAZ,EAAkBG,OAAlB,CAA0BC,CAAC,IAAI;AAC7B,cAAIA,CAAC,CAACC,OAAF,CAAUZ,GAAV,MAAoB,CAAxB,EAA2B;AAAE;AAC3BC,YAAAA,KAAK,CAACU,CAAC,CAACE,OAAF,CAAW,GAAEb,GAAI,GAAjB,EAAqB,EAArB,CAAD,CAAL,GAAkCc,IAAI,CAACC,KAAL,CAAWR,IAAI,CAACI,CAAD,CAAf,CAAlC,CADyB,CAC8B;AACxD;AACF,SAJD;AAKA,eAAOG,IAAI,CAACE,SAAL,CAAef,KAAf,CAAP;AACD,OAVI;AAWLF,MAAAA,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqB;AAC5B,YAAIgB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAC,QAAAA,KAAK,GAAGa,IAAI,CAACC,KAAL,CAAWd,KAAX,CAAR,CAF4B,CAG5B;;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYR,KAAZ,EAAmBS,OAAnB,CAA2BC,CAAC,IAAI;AAC9B,cAAIO,UAAU,GAAGlB,GAAG,GAAG,GAAN,GAAYW,CAA7B;AACA,cAAIQ,YAAY,GAAGL,IAAI,CAACE,SAAL,CAAef,KAAK,CAACU,CAAD,CAApB,CAAnB;AACAzC,UAAAA,OAAO,CAAC6B,OAAR,CAAgBmB,UAAhB,EAA4BC,YAA5B;AACA,iBAAOF,cAAc,CAACN,CAAD,CAArB;AACD,SALD,EAJ4B,CAU5B;;AACAH,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCzC,UAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD,OAzBI;AA0BLP,MAAAA,UAAU,EAAE,UAASJ,GAAT,EAAc;AACxB,YAAIiB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAQ,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCzC,UAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD;AA/BI,KAAP;AAiCD,GAtKmC;AAwKpC;AACAS,EAAAA,aAAa,EAAE,EAzKqB;AA0KpCrC,EAAAA,kBAAkB,EAAE,YAAW;AAC7B,WAAO;AACLc,MAAAA,OAAO,EAAGG,GAAD,IAAS;AAChB,eAAO,KAAKoB,aAAL,CAAmBpB,GAAnB,CAAP;AACD,OAHI;AAILD,MAAAA,OAAO,EAAE,CAACC,GAAD,EAAMC,KAAN,KAAgB;AACvB,aAAKmB,aAAL,CAAmBpB,GAAnB,IAA0BC,KAA1B;AACD;AANI,KAAP;AAQD,GAnLmC;AAqLpC7B,EAAAA,WAAW,EAAE,UAASF,OAAT,EAAkB;AAC7B,QAAI8B,GAAG,GAAG,mBAAV;;AACA,QAAI;AACF9B,MAAAA,OAAO,CAAC6B,OAAR,CAAgBC,GAAhB,EAAqBA,GAArB;AACA9B,MAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAnB;AACA,aAAO,IAAP;AACD,KAJD,CAIE,OAAO3B,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA9LmC;AAgMpCH,EAAAA,OAAO,EAAE;AACPiC,IAAAA,GAAG,EAAE,UAASkB,IAAT,EAAuBpB,KAAvB,EAAsCC,SAAtC,EAAyDtB,OAAzD,EAAyF;AAC5F,YAAM;AAAEe,QAAAA,QAAF;AAAYD,QAAAA;AAAZ,UAAuBd,OAA7B;;AACA,UAAI,OAAOc,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,cAAM,IAAIX,qBAAJ,CAAiB,+DAAjB,CAAN;AACD;;AACD,UAAIsC,aAA4B,GAAG;AACjCC,QAAAA,IAAI,EAAE3C,OAAO,CAAC2C,IAAR,IAAgB,GADW;AAEjC7B,QAAAA,MAFiC;AAGjCC,QAAAA;AAHiC,OAAnC,CAL4F,CAW5F;;AACA,UAAI,CAAC,CAAE6B,IAAI,CAACT,KAAL,CAAWb,SAAX,CAAP,EAA+B;AAC7B;AACA;AACA;AACA;AACAoB,QAAAA,aAAa,CAACG,OAAd,GAAwB,IAAID,IAAJ,CAAStB,SAAT,CAAxB;AACD;;AAEDtC,MAAAA,OAAO,CAACuC,GAAR,CAAYkB,IAAZ,EAAkBpB,KAAlB,EAAyBqB,aAAzB;AACA,aAAOxD,WAAW,CAACI,OAAZ,CAAoB4B,GAApB,CAAwBuB,IAAxB,CAAP;AACD,KAvBM;AAyBPvB,IAAAA,GAAG,EAAE,UAASuB,IAAT,EAA+B;AAClC,aAAOzD,OAAO,CAACkC,GAAR,CAAYuB,IAAZ,CAAP;AACD,KA3BM;AA6BPhB,IAAAA,MAAM,EAAE,UAASgB,IAAT,EAA+B;AACrC,aAAOzD,OAAO,CAAC8D,MAAR,CAAeL,IAAf,EAAqB;AAAEE,QAAAA,IAAI,EAAE;AAAR,OAArB,CAAP;AACD;AA/BM;AAhM2B,CAAtC;eAmOezD,W","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n  StorageProvider,\n  StorageOptions,\n  PKCEStorage,\n  CookieOptions,\n  SimpleStorage,\n  StorageType,\n  BrowserStorageUtil,\n  CookieStorage\n} from '../types';\nimport { warn } from '../util';\n\nconst Cookies = require('js-cookie');\n\n// Building this as an object allows us to mock the functions in our tests\nvar storageUtil: BrowserStorageUtil = {\n\n  // These are shimmed in `OktaAuthBase.ts`\n  getHttpCache(): StorageProvider {\n    return null as never as StorageProvider;\n  },\n\n  getPKCEStorage(): PKCEStorage {\n    return null as never as PKCEStorage;\n  },\n\n  // IE11 bug that Microsoft doesn't plan to fix\n  // https://connect.microsoft.com/IE/Feedback/Details/1496040\n  browserHasLocalStorage: function() {\n    try {\n      var storage = storageUtil.getLocalStorage();\n      return storageUtil.testStorage(storage);\n    } catch (e) {\n      return false;\n    }\n  },\n\n  browserHasSessionStorage: function() {\n    try {\n      var storage = storageUtil.getSessionStorage();\n      return storageUtil.testStorage(storage);\n    } catch (e) {\n      return false;\n    }\n  },\n\n  testStorageType: function(storageType: StorageType): boolean {\n    var supported = false;\n    switch (storageType) {\n      case 'sessionStorage':\n        supported = storageUtil.browserHasSessionStorage();\n        break;\n      case 'localStorage':\n        supported = storageUtil.browserHasLocalStorage();\n        break;\n      case 'cookie':\n      case 'memory':\n        supported = true;\n        break;\n      default:\n        supported = false;\n        break;\n    }\n    return supported;\n  },\n\n  getStorageByType: function(storageType: StorageType, options?: StorageOptions): SimpleStorage {\n    let storageProvider;\n    switch (storageType) {\n      case 'sessionStorage':\n        storageProvider = storageUtil.getSessionStorage();\n        break;\n      case 'localStorage':\n        storageProvider = storageUtil.getLocalStorage();\n        break;\n      case 'cookie':\n        storageProvider = storageUtil.getCookieStorage(options);\n        break;\n      case 'memory':\n        storageProvider = storageUtil.getInMemoryStorage();\n        break;\n      default:\n        throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n        break;\n    }\n    return storageProvider;\n  },\n\n  findStorageType: function(types: StorageType[]) {\n    let curType;\n    let nextType;\n    \n    types = types.slice(); // copy array\n    curType = types.shift();\n    nextType = types.length ? types[0] : null;\n    if (!nextType) {\n      return curType;\n    }\n\n    if (storageUtil.testStorageType(curType)) {\n      return curType;\n    }\n\n    // preferred type was unsupported.\n    warn(`This browser doesn't support ${curType}. Switching to ${nextType}.`);\n\n    // fallback to the next type. this is a recursive call\n    return storageUtil.findStorageType(types);\n  },\n\n  getLocalStorage: function() {\n    return localStorage;\n  },\n\n  getSessionStorage: function() {\n    return sessionStorage;\n  },\n\n  // Provides webStorage-like interface for cookies\n  getCookieStorage: function(options): CookieStorage {\n    const secure = options!.secure;\n    const sameSite = options!.sameSite;\n    const sessionCookie = options!.sessionCookie;\n    if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n      throw new AuthSdkError('getCookieStorage: \"secure\" and \"sameSite\" options must be provided');\n    }\n    const storage: CookieStorage = {\n      getItem: storageUtil.storage.get,\n      setItem: function(key, value, expiresAt = '2200-01-01T00:00:00.000Z') {\n        // By defauilt, cookie shouldn't expire\n        expiresAt = (sessionCookie ? null : expiresAt) as string;\n        storageUtil.storage.set(key, value, expiresAt, {\n          secure: secure, \n          sameSite: sameSite,\n        });\n      },\n      removeItem: function(key) {\n        storageUtil.storage.delete(key);\n      }\n    };\n\n    if (!options!.useSeparateCookies) {\n      return storage;\n    }\n\n    // Tokens are stored separately because cookies have size limits.\n    // Can only be used when storing an object value. Object properties will be saved to separate cookies.\n    // Each property of the object must also be an object.\n    return {\n      getItem: function(key) {\n        var data = storage.getItem(); // read all cookies\n        var value = {};\n        Object.keys(data).forEach(k => {\n          if (k.indexOf(key!) === 0) { // filter out unrelated cookies\n            value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie data\n          }\n        });\n        return JSON.stringify(value);\n      },\n      setItem: function(key, value) {\n        var existingValues = JSON.parse(this.getItem(key));\n        value = JSON.parse(value);\n        // Set key-value pairs from input to cookies\n        Object.keys(value).forEach(k => {\n          var storageKey = key + '_' + k;\n          var valueToStore = JSON.stringify(value[k]);\n          storage.setItem(storageKey, valueToStore);\n          delete existingValues[k];\n        });\n        // Delete unmatched keys from existing cookies\n        Object.keys(existingValues).forEach(k => {\n          storage.removeItem(key + '_' + k);\n        });\n      },\n      removeItem: function(key) {\n        var existingValues = JSON.parse(this.getItem(key));\n        Object.keys(existingValues).forEach(k => {\n          storage.removeItem(key + '_' + k);\n        });\n      }\n    };\n  },\n\n  // Provides an in-memory solution\n  inMemoryStore: {},\n  getInMemoryStorage: function() {\n    return {\n      getItem: (key) => {\n        return this.inMemoryStore[key];\n      },\n      setItem: (key, value) => {\n        this.inMemoryStore[key] = value;\n      }\n    };\n  },\n\n  testStorage: function(storage) {\n    var key = 'okta-test-storage';\n    try {\n      storage.setItem(key, key);\n      storage.removeItem(key);\n      return true;\n    } catch (e) {\n      return false;\n    }\n  },\n\n  storage: {\n    set: function(name: string, value: string, expiresAt: string, options: CookieOptions): string {\n      const { sameSite, secure } = options;\n      if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n        throw new AuthSdkError('storage.set: \"secure\" and \"sameSite\" options must be provided');\n      }\n      var cookieOptions: CookieOptions = {\n        path: options.path || '/',\n        secure,\n        sameSite\n      };\n\n      // eslint-disable-next-line no-extra-boolean-cast\n      if (!!(Date.parse(expiresAt))) {\n        // Expires value can be converted to a Date object.\n        //\n        // If the 'expiresAt' value is not provided, or the value cannot be\n        // parsed as a Date object, the cookie will set as a session cookie.\n        cookieOptions.expires = new Date(expiresAt);\n      }\n\n      Cookies.set(name, value, cookieOptions);\n      return storageUtil.storage.get(name);\n    },\n\n    get: function(name: string): string {\n      return Cookies.get(name);\n    },\n\n    delete: function(name: string): string {\n      return Cookies.remove(name, { path: '/' });\n    }\n  }\n};\n\nexport default storageUtil;\n"],"file":"browserStorage.js"}

package/cjs/browser/fingerprint.js

@@ -30,6 +30,8 @@ function fingerprint(sdk, options) {
   var iframe;
   var listener;
   var promise = new Promise(function (resolve, reject) {
+    var _options;
+
     iframe = document.createElement('iframe');
     iframe.style.display = 'none'; // eslint-disable-next-line complexity
 
@@ -67,7 +69,7 @@ function fingerprint(sdk, options) {
     document.body.appendChild(iframe);
     timeout = setTimeout(function () {
       reject(new _errors.AuthSdkError('Fingerprinting timed out'));
-    }, options.timeout || 15000);
+    }, ((_options = options) === null || _options === void 0 ? void 0 : _options.timeout) || 15000);
   });
   return promise.finally(function () {
     clearTimeout(timeout);

package/cjs/browser/fingerprint.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/browser/fingerprint.ts"],"names":["fingerprint","sdk","options","Promise","reject","AuthSdkError","timeout","iframe","listener","promise","resolve","document","createElement","style","display","e","data","origin","getIssuerOrigin","msg","JSON","parse","err","type","source","postMessage","stringify","window","src","body","appendChild","setTimeout","finally","clearTimeout","contains","parentElement","removeChild"],"mappings":";;;;AAcA;;AACA;;AACA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYe,SAASA,WAAT,CAAqBC,GAArB,EAAoCC,OAApC,EAAiE;AAC9EA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;;AAEA,MAAI,CAAC,uCAAL,EAA+B;AAC7B,WAAOC,OAAO,CAACC,MAAR,CAAe,IAAIC,oBAAJ,CAAiB,gDAAjB,CAAf,CAAP;AACD;;AAED,MAAIC,OAAJ;AACA,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,OAAO,GAAG,IAAIN,OAAJ,CAAY,UAAUO,OAAV,EAAmBN,MAAnB,EAA2B;AACnDG,IAAAA,MAAM,GAAGI,QAAQ,CAACC,aAAT,CAAuB,QAAvB,CAAT;AACAL,IAAAA,MAAM,CAACM,KAAP,CAAaC,OAAb,GAAuB,MAAvB,CAFmD,CAInD;;AACAN,IAAAA,QAAQ,GAAG,SAASA,QAAT,CAAkBO,CAAlB,EAAqB;AAC9B,UAAI,CAACA,CAAD,IAAM,CAACA,CAAC,CAACC,IAAT,IAAiBD,CAAC,CAACE,MAAF,KAAahB,GAAG,CAACiB,eAAJ,EAAlC,EAAyD;AACvD;AACD;;AAED,UAAI;AACF,YAAIC,GAAG,GAAGC,IAAI,CAACC,KAAL,CAAWN,CAAC,CAACC,IAAb,CAAV;AACD,OAFD,CAEE,OAAOM,GAAP,EAAY;AACZ;AACA;AACA;AACA;AACD;;AAED,UAAI,CAACH,GAAL,EAAU;AAAE;AAAS;;AACrB,UAAIA,GAAG,CAACI,IAAJ,KAAa,sBAAjB,EAAyC;AACvC,eAAOb,OAAO,CAACS,GAAG,CAACnB,WAAL,CAAd;AACD;;AACD,UAAImB,GAAG,CAACI,IAAJ,KAAa,yBAAjB,EAA4C;AAC1CR,QAAAA,CAAC,CAACS,MAAF,CAASC,WAAT,CAAqBL,IAAI,CAACM,SAAL,CAAe;AAClCH,UAAAA,IAAI,EAAE;AAD4B,SAAf,CAArB,EAEIR,CAAC,CAACE,MAFN;AAGD;AACF,KAvBD;;AAwBA,2BAAYU,MAAZ,EAAoB,SAApB,EAA+BnB,QAA/B;AAEAD,IAAAA,MAAM,CAACqB,GAAP,GAAa3B,GAAG,CAACiB,eAAJ,KAAwB,kCAArC;AACAP,IAAAA,QAAQ,CAACkB,IAAT,CAAcC,WAAd,CAA0BvB,MAA1B;AAEAD,IAAAA,OAAO,GAAGyB,UAAU,CAAC,YAAW;AAC9B3B,MAAAA,MAAM,CAAC,IAAIC,oBAAJ,CAAiB,0BAAjB,CAAD,CAAN;AACD,KAFmB,EAEjBH,OAAO,CAACI,OAAR,IAAmB,KAFF,CAApB;AAGD,GArCa,CAAd;AAuCA,SAAOG,OAAO,CAACuB,OAAR,CAAgB,YAAW;AAChCC,IAAAA,YAAY,CAAC3B,OAAD,CAAZ;AACA,8BAAeqB,MAAf,EAAuB,SAAvB,EAAkCnB,QAAlC;;AACA,QAAIG,QAAQ,CAACkB,IAAT,CAAcK,QAAd,CAAuB3B,MAAvB,CAAJ,EAAoC;AAClCA,MAAAA,MAAM,CAAC4B,aAAP,CAAqBC,WAArB,CAAiC7B,MAAjC;AACD;AACF,GANM,CAAP;AAOD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { OktaAuth } from '../types';\nimport { AuthSdkError } from '../errors';\nimport { isFingerprintSupported } from '../features';\nimport {\n  addListener,\n  removeListener\n} from '../oidc';\nimport { FingerprintOptions } from '../types';\n\nexport default function fingerprint(sdk: OktaAuth, options: FingerprintOptions) {\n  options = options || {};\n\n  if (!isFingerprintSupported()) {\n    return Promise.reject(new AuthSdkError('Fingerprinting is not supported on this device'));\n  }\n\n  var timeout;\n  var iframe;\n  var listener;\n  var promise = new Promise(function (resolve, reject) {\n    iframe = document.createElement('iframe');\n    iframe.style.display = 'none';\n\n    // eslint-disable-next-line complexity\n    listener = function listener(e) {\n      if (!e || !e.data || e.origin !== sdk.getIssuerOrigin()) {\n        return;\n      }\n\n      try {\n        var msg = JSON.parse(e.data);\n      } catch (err) {\n        // iframe messages should all be parsable\n        // skip not parsable messages come from other sources in same origin (browser extensions)\n        // TODO: add namespace flag in okta-core to distinguish messages that come from other sources\n        return;\n      }\n\n      if (!msg) { return; }\n      if (msg.type === 'FingerprintAvailable') {\n        return resolve(msg.fingerprint);\n      }\n      if (msg.type === 'FingerprintServiceReady') {\n        e.source.postMessage(JSON.stringify({\n          type: 'GetFingerprint'\n        }), e.origin);\n      }\n    };\n    addListener(window, 'message', listener);\n\n    iframe.src = sdk.getIssuerOrigin() + '/auth/services/devicefingerprint';\n    document.body.appendChild(iframe);\n\n    timeout = setTimeout(function() {\n      reject(new AuthSdkError('Fingerprinting timed out'));\n    }, options.timeout || 15000);\n  });\n\n  return promise.finally(function() {\n    clearTimeout(timeout);\n    removeListener(window, 'message', listener);\n    if (document.body.contains(iframe)) {\n      iframe.parentElement.removeChild(iframe);\n    }\n  });\n}\n"],"file":"fingerprint.js"}
+{"version":3,"sources":["../../../lib/browser/fingerprint.ts"],"names":["fingerprint","sdk","options","Promise","reject","AuthSdkError","timeout","iframe","listener","promise","resolve","document","createElement","style","display","e","data","origin","getIssuerOrigin","msg","JSON","parse","err","type","source","postMessage","stringify","window","src","body","appendChild","setTimeout","finally","clearTimeout","contains","parentElement","removeChild"],"mappings":";;;;AAcA;;AACA;;AACA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYe,SAASA,WAAT,CAAqBC,GAArB,EAAoCC,OAApC,EAAmF;AAChGA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;;AAEA,MAAI,CAAC,uCAAL,EAA+B;AAC7B,WAAOC,OAAO,CAACC,MAAR,CAAe,IAAIC,oBAAJ,CAAiB,gDAAjB,CAAf,CAAP;AACD;;AAED,MAAIC,OAAJ;AACA,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,OAAO,GAAG,IAAIN,OAAJ,CAAY,UAAUO,OAAV,EAAmBN,MAAnB,EAA2B;AAAA;;AACnDG,IAAAA,MAAM,GAAGI,QAAQ,CAACC,aAAT,CAAuB,QAAvB,CAAT;AACAL,IAAAA,MAAM,CAACM,KAAP,CAAaC,OAAb,GAAuB,MAAvB,CAFmD,CAInD;;AACAN,IAAAA,QAAQ,GAAG,SAASA,QAAT,CAAkBO,CAAlB,EAAqB;AAC9B,UAAI,CAACA,CAAD,IAAM,CAACA,CAAC,CAACC,IAAT,IAAiBD,CAAC,CAACE,MAAF,KAAahB,GAAG,CAACiB,eAAJ,EAAlC,EAAyD;AACvD;AACD;;AAED,UAAI;AACF,YAAIC,GAAG,GAAGC,IAAI,CAACC,KAAL,CAAWN,CAAC,CAACC,IAAb,CAAV;AACD,OAFD,CAEE,OAAOM,GAAP,EAAY;AACZ;AACA;AACA;AACA;AACD;;AAED,UAAI,CAACH,GAAL,EAAU;AAAE;AAAS;;AACrB,UAAIA,GAAG,CAACI,IAAJ,KAAa,sBAAjB,EAAyC;AACvC,eAAOb,OAAO,CAACS,GAAG,CAACnB,WAAL,CAAd;AACD;;AACD,UAAImB,GAAG,CAACI,IAAJ,KAAa,yBAAjB,EAA4C;AAC1CR,QAAAA,CAAC,CAACS,MAAF,CAASC,WAAT,CAAqBL,IAAI,CAACM,SAAL,CAAe;AAClCH,UAAAA,IAAI,EAAE;AAD4B,SAAf,CAArB,EAEIR,CAAC,CAACE,MAFN;AAGD;AACF,KAvBD;;AAwBA,2BAAYU,MAAZ,EAAoB,SAApB,EAA+BnB,QAA/B;AAEAD,IAAAA,MAAM,CAACqB,GAAP,GAAa3B,GAAG,CAACiB,eAAJ,KAAwB,kCAArC;AACAP,IAAAA,QAAQ,CAACkB,IAAT,CAAcC,WAAd,CAA0BvB,MAA1B;AAEAD,IAAAA,OAAO,GAAGyB,UAAU,CAAC,YAAW;AAC9B3B,MAAAA,MAAM,CAAC,IAAIC,oBAAJ,CAAiB,0BAAjB,CAAD,CAAN;AACD,KAFmB,EAEjB,aAAAH,OAAO,UAAP,4CAASI,OAAT,KAAoB,KAFH,CAApB;AAGD,GArCa,CAAd;AAuCA,SAAOG,OAAO,CAACuB,OAAR,CAAgB,YAAW;AAChCC,IAAAA,YAAY,CAAC3B,OAAD,CAAZ;AACA,8BAAeqB,MAAf,EAAuB,SAAvB,EAAkCnB,QAAlC;;AACA,QAAIG,QAAQ,CAACkB,IAAT,CAAcK,QAAd,CAAuB3B,MAAvB,CAAJ,EAAoC;AAClCA,MAAAA,MAAM,CAAC4B,aAAP,CAAqBC,WAArB,CAAiC7B,MAAjC;AACD;AACF,GANM,CAAP;AAOD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { OktaAuth } from '../types';\nimport { AuthSdkError } from '../errors';\nimport { isFingerprintSupported } from '../features';\nimport {\n  addListener,\n  removeListener\n} from '../oidc';\nimport { FingerprintOptions } from '../types';\n\nexport default function fingerprint(sdk: OktaAuth, options?: FingerprintOptions): Promise<string> {\n  options = options || {};\n\n  if (!isFingerprintSupported()) {\n    return Promise.reject(new AuthSdkError('Fingerprinting is not supported on this device'));\n  }\n\n  var timeout;\n  var iframe;\n  var listener;\n  var promise = new Promise(function (resolve, reject) {\n    iframe = document.createElement('iframe');\n    iframe.style.display = 'none';\n\n    // eslint-disable-next-line complexity\n    listener = function listener(e) {\n      if (!e || !e.data || e.origin !== sdk.getIssuerOrigin()) {\n        return;\n      }\n\n      try {\n        var msg = JSON.parse(e.data);\n      } catch (err) {\n        // iframe messages should all be parsable\n        // skip not parsable messages come from other sources in same origin (browser extensions)\n        // TODO: add namespace flag in okta-core to distinguish messages that come from other sources\n        return;\n      }\n\n      if (!msg) { return; }\n      if (msg.type === 'FingerprintAvailable') {\n        return resolve(msg.fingerprint as string);\n      }\n      if (msg.type === 'FingerprintServiceReady') {\n        e.source.postMessage(JSON.stringify({\n          type: 'GetFingerprint'\n        }), e.origin);\n      }\n    };\n    addListener(window, 'message', listener);\n\n    iframe.src = sdk.getIssuerOrigin() + '/auth/services/devicefingerprint';\n    document.body.appendChild(iframe);\n\n    timeout = setTimeout(function() {\n      reject(new AuthSdkError('Fingerprinting timed out'));\n    }, options?.timeout || 15000);\n  });\n\n  return promise.finally(function() {\n    clearTimeout(timeout);\n    removeListener(window, 'message', listener);\n    if (document.body.contains(iframe)) {\n      iframe.parentElement.removeChild(iframe);\n    }\n  }) as Promise<string>;\n}\n"],"file":"fingerprint.js"}

package/cjs/builderUtil.js

@@ -3,7 +3,6 @@
 var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
 
 exports.assertValidConfig = assertValidConfig;
-exports.getUserAgent = getUserAgent;
 
 var _AuthSdkError = _interopRequireDefault(require("./errors/AuthSdkError"));
 
@@ -26,7 +25,8 @@ function assertValidConfig(args) {
 
   if (scopes && !Array.isArray(scopes)) {
     throw new _AuthSdkError.default('scopes must be a array of strings. ' + 'Required usage: new OktaAuth({scopes: ["openid", "email"]})');
-  }
+  } // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+
 
   var issuer = args.issuer;
 
@@ -36,7 +36,7 @@ function assertValidConfig(args) {
 
   var isUrlRegex = new RegExp('^http?s?://.+');
 
-  if (!isUrlRegex.test(args.issuer)) {
+  if (!isUrlRegex.test(issuer)) {
     throw new _AuthSdkError.default('Issuer must be a valid URL. ' + 'Required usage: new OktaAuth({issuer: "https://{yourOktaDomain}.com/oauth2/{authServerId}"})');
   }
 
@@ -44,18 +44,4 @@ function assertValidConfig(args) {
     throw new _AuthSdkError.default('Issuer URL passed to constructor contains "-admin" in subdomain. ' + 'Required usage: new OktaAuth({issuer: "https://{yourOktaDomain}.com})');
   }
 }
-
-function getUserAgent(args, sdkValue) {
-  var userAgent = args.userAgent || {};
-
-  if (userAgent.value) {
-    return userAgent.value;
-  }
-
-  if (userAgent.template) {
-    return userAgent.template.replace('$OKTA_AUTH_JS', sdkValue);
-  }
-
-  return sdkValue;
-}
 //# sourceMappingURL=builderUtil.js.map

package/cjs/builderUtil.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../lib/builderUtil.ts"],"names":["assertValidConfig","args","scopes","Array","isArray","AuthSdkError","issuer","isUrlRegex","RegExp","test","indexOf","getUserAgent","sdkValue","userAgent","value","template","replace"],"mappings":";;;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA;AACA,SAASA,iBAAT,CAA2BC,IAA3B,EAAkD;AAChDA,EAAAA,IAAI,GAAGA,IAAI,IAAI,EAAf;AAEA,MAAIC,MAAM,GAAGD,IAAI,CAACC,MAAlB;;AACA,MAAIA,MAAM,IAAI,CAACC,KAAK,CAACC,OAAN,CAAcF,MAAd,CAAf,EAAsC;AACpC,UAAM,IAAIG,qBAAJ,CAAiB,wCACrB,6DADI,CAAN;AAED;;AAED,MAAIC,MAAM,GAAGL,IAAI,CAACK,MAAlB;;AACA,MAAI,CAACA,MAAL,EAAa;AACX,UAAM,IAAID,qBAAJ,CAAiB,sCACrB,8FADI,CAAN;AAED;;AAED,MAAIE,UAAU,GAAG,IAAIC,MAAJ,CAAW,eAAX,CAAjB;;AACA,MAAI,CAACD,UAAU,CAACE,IAAX,CAAgBR,IAAI,CAACK,MAArB,CAAL,EAAmC;AACjC,UAAM,IAAID,qBAAJ,CAAiB,iCACrB,8FADI,CAAN;AAED;;AAED,MAAIC,MAAM,CAACI,OAAP,CAAe,SAAf,MAA8B,CAAC,CAAnC,EAAsC;AACpC,UAAM,IAAIL,qBAAJ,CAAiB,sEACrB,uEADI,CAAN;AAED;AACF;;AAED,SAASM,YAAT,CAAsBV,IAAtB,EAA6CW,QAA7C,EAAuE;AACrE,MAAIC,SAAS,GAAGZ,IAAI,CAACY,SAAL,IAAkB,EAAlC;;AAEA,MAAIA,SAAS,CAACC,KAAd,EAAqB;AACnB,WAAOD,SAAS,CAACC,KAAjB;AACD;;AAED,MAAID,SAAS,CAACE,QAAd,EAAwB;AACtB,WAAOF,SAAS,CAACE,QAAV,CAAmBC,OAAnB,CAA2B,eAA3B,EAA4CJ,QAA5C,CAAP;AACD;;AAED,SAAOA,QAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { OktaAuthOptions } from './types';\n\n// TODO: use @okta/configuration-validation (move module to this monorepo?)\n// eslint-disable-next-line complexity\nfunction assertValidConfig(args: OktaAuthOptions) {\n  args = args || {};\n\n  var scopes = args.scopes;\n  if (scopes && !Array.isArray(scopes)) {\n    throw new AuthSdkError('scopes must be a array of strings. ' +\n      'Required usage: new OktaAuth({scopes: [\"openid\", \"email\"]})');\n  }\n\n  var issuer = args.issuer;\n  if (!issuer) {\n    throw new AuthSdkError('No issuer passed to constructor. ' + \n      'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n  }\n\n  var isUrlRegex = new RegExp('^http?s?://.+');\n  if (!isUrlRegex.test(args.issuer)) {\n    throw new AuthSdkError('Issuer must be a valid URL. ' + \n      'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n  }\n\n  if (issuer.indexOf('-admin.') !== -1) {\n    throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n      'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n  }\n}\n\nfunction getUserAgent(args: OktaAuthOptions, sdkValue: string): string {\n  var userAgent = args.userAgent || {};\n\n  if (userAgent.value) {\n    return userAgent.value;\n  }\n\n  if (userAgent.template) {\n    return userAgent.template.replace('$OKTA_AUTH_JS', sdkValue);\n  }\n\n  return sdkValue;\n}\n\nexport {\n  assertValidConfig,\n  getUserAgent\n};\n"],"file":"builderUtil.js"}
+{"version":3,"sources":["../../lib/builderUtil.ts"],"names":["assertValidConfig","args","scopes","Array","isArray","AuthSdkError","issuer","isUrlRegex","RegExp","test","indexOf"],"mappings":";;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA;AACA,SAASA,iBAAT,CAA2BC,IAA3B,EAAkD;AAChDA,EAAAA,IAAI,GAAGA,IAAI,IAAI,EAAf;AAEA,MAAIC,MAAM,GAAGD,IAAI,CAACC,MAAlB;;AACA,MAAIA,MAAM,IAAI,CAACC,KAAK,CAACC,OAAN,CAAcF,MAAd,CAAf,EAAsC;AACpC,UAAM,IAAIG,qBAAJ,CAAiB,wCACrB,6DADI,CAAN;AAED,GAP+C,CAShD;;;AACA,MAAIC,MAAM,GAAGL,IAAI,CAACK,MAAlB;;AACA,MAAI,CAACA,MAAL,EAAa;AACX,UAAM,IAAID,qBAAJ,CAAiB,sCACrB,8FADI,CAAN;AAED;;AAED,MAAIE,UAAU,GAAG,IAAIC,MAAJ,CAAW,eAAX,CAAjB;;AACA,MAAI,CAACD,UAAU,CAACE,IAAX,CAAgBH,MAAhB,CAAL,EAA8B;AAC5B,UAAM,IAAID,qBAAJ,CAAiB,iCACrB,8FADI,CAAN;AAED;;AAED,MAAIC,MAAM,CAACI,OAAP,CAAe,SAAf,MAA8B,CAAC,CAAnC,EAAsC;AACpC,UAAM,IAAIL,qBAAJ,CAAiB,sEACrB,uEADI,CAAN;AAED;AACF","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { OktaAuthOptions } from './types';\n\n// TODO: use @okta/configuration-validation (move module to this monorepo?)\n// eslint-disable-next-line complexity\nfunction assertValidConfig(args: OktaAuthOptions) {\n  args = args || {};\n\n  var scopes = args.scopes;\n  if (scopes && !Array.isArray(scopes)) {\n    throw new AuthSdkError('scopes must be a array of strings. ' +\n      'Required usage: new OktaAuth({scopes: [\"openid\", \"email\"]})');\n  }\n\n  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n  var issuer = args.issuer!;\n  if (!issuer) {\n    throw new AuthSdkError('No issuer passed to constructor. ' + \n      'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n  }\n\n  var isUrlRegex = new RegExp('^http?s?://.+');\n  if (!isUrlRegex.test(issuer)) {\n    throw new AuthSdkError('Issuer must be a valid URL. ' + \n      'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n  }\n\n  if (issuer.indexOf('-admin.') !== -1) {\n    throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n      'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n  }\n}\n\nexport {\n  assertValidConfig\n};\n"],"file":"builderUtil.js"}

package/cjs/crypto/oidcHash.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/crypto/oidcHash.ts"],"names":["getOidcHash","str","buffer","TextEncoder","encode","webcrypto","subtle","digest","then","arrayBuffer","intBuffer","Uint8Array","firstHalf","slice","hash","String","fromCharCode","apply","b64u"],"mappings":";;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAIO,SAASA,WAAT,CAAqBC,GAArB,EAA0B;AAC/B,MAAIC,MAAM,GAAG,IAAIC,WAAJ,GAAkBC,MAAlB,CAAyBH,GAAzB,CAAb;AACA,SAAOI,qBAAUC,MAAV,CAAiBC,MAAjB,CAAwB,SAAxB,EAAmCL,MAAnC,EAA2CM,IAA3C,CAAgD,UAASC,WAAT,EAAsB;AAC3E,QAAIC,SAAS,GAAG,IAAIC,UAAJ,CAAeF,WAAf,CAAhB;AACA,QAAIG,SAAS,GAAGF,SAAS,CAACG,KAAV,CAAgB,CAAhB,EAAmB,EAAnB,CAAhB;AACA,QAAIC,IAAI,GAAGC,MAAM,CAACC,YAAP,CAAoBC,KAApB,CAA0B,IAA1B,EAAgCL,SAAhC,CAAX;AACA,QAAIM,IAAI,GAAG,6BAAkBJ,IAAlB,CAAX,CAJ2E,CAIvC;;AACpC,WAAOI,IAAP;AACD,GANM,CAAP;AAOD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* global TextEncoder */\nimport { stringToBase64Url } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function getOidcHash(str) {  \n  var buffer = new TextEncoder().encode(str);\n  return webcrypto.subtle.digest('SHA-256', buffer).then(function(arrayBuffer) {\n    var intBuffer = new Uint8Array(arrayBuffer);\n    var firstHalf = intBuffer.slice(0, 16);\n    var hash = String.fromCharCode.apply(null, firstHalf);\n    var b64u = stringToBase64Url(hash); // url-safe base64 variant\n    return b64u;\n  });\n}\n"],"file":"oidcHash.js"}
+{"version":3,"sources":["../../../lib/crypto/oidcHash.ts"],"names":["getOidcHash","str","buffer","TextEncoder","encode","webcrypto","subtle","digest","then","arrayBuffer","intBuffer","Uint8Array","firstHalf","slice","hash","String","fromCharCode","apply","b64u"],"mappings":";;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAIO,SAASA,WAAT,CAAqBC,GAArB,EAA0B;AAC/B,MAAIC,MAAM,GAAG,IAAIC,WAAJ,GAAkBC,MAAlB,CAAyBH,GAAzB,CAAb;AACA,SAAOI,qBAAUC,MAAV,CAAiBC,MAAjB,CAAwB,SAAxB,EAAmCL,MAAnC,EAA2CM,IAA3C,CAAgD,UAASC,WAAT,EAAsB;AAC3E,QAAIC,SAAS,GAAG,IAAIC,UAAJ,CAAeF,WAAf,CAAhB;AACA,QAAIG,SAAS,GAAGF,SAAS,CAACG,KAAV,CAAgB,CAAhB,EAAmB,EAAnB,CAAhB;AACA,QAAIC,IAAI,GAAGC,MAAM,CAACC,YAAP,CAAoBC,KAApB,CAA0B,IAA1B,EAAgCL,SAAhC,CAAX;AACA,QAAIM,IAAI,GAAG,6BAAkBJ,IAAlB,CAAX,CAJ2E,CAIvC;;AACpC,WAAOI,IAAP;AACD,GANM,CAAP;AAOD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* global TextEncoder */\nimport { stringToBase64Url } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function getOidcHash(str) {  \n  var buffer = new TextEncoder().encode(str);\n  return webcrypto.subtle.digest('SHA-256', buffer).then(function(arrayBuffer) {\n    var intBuffer = new Uint8Array(arrayBuffer);\n    var firstHalf = intBuffer.slice(0, 16);\n    var hash = String.fromCharCode.apply(null, firstHalf as unknown as number[]);\n    var b64u = stringToBase64Url(hash); // url-safe base64 variant\n    return b64u;\n  });\n}\n"],"file":"oidcHash.js"}

package/cjs/features.js

@@ -35,7 +35,12 @@ function isBrowser() {
 }
 
 function isIE11OrLess() {
-  return isBrowser() && !!document.documentMode && document.documentMode <= 11;
+  if (!isBrowser()) {
+    return false;
+  }
+
+  const documentMode = document.documentMode;
+  return !!documentMode && documentMode <= 11;
 }
 
 function getUserAgent() {
@@ -52,9 +57,10 @@ function isPopupPostMessageSupported() {
     return false;
   }
 
-  var isIE8or9 = document.documentMode && document.documentMode < 10;
+  const documentMode = document.documentMode;
+  var isIE8or9 = documentMode && documentMode < 10;
 
-  if (window.postMessage && !isIE8or9) {
+  if (typeof window.postMessage !== 'undefined' && !isIE8or9) {
     return true;
   }
 

package/cjs/features.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../lib/features.ts"],"names":["isWindowsPhone","isBrowser","document","window","isIE11OrLess","documentMode","getUserAgent","navigator","userAgent","isFingerprintSupported","agent","test","isPopupPostMessageSupported","isIE8or9","postMessage","isTokenVerifySupported","webcrypto","subtle","Uint8Array","hasTextEncoder","TextEncoder","isPKCESupported","isHTTPS","location","protocol","isLocalhost","hostname"],"mappings":";;;;;;;;;;;;;AAeA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;;AACA;AAIA,MAAMA,cAAc,GAAG,mCAAvB;;AAEO,SAASC,SAAT,GAAqB;AAC1B,SAAO,OAAOC,QAAP,KAAoB,WAApB,IAAmC,OAAOC,MAAP,KAAkB,WAA5D;AACD;;AAEM,SAASC,YAAT,GAAwB;AAC7B,SAAOH,SAAS,MAAM,CAAC,CAACC,QAAQ,CAACG,YAA1B,IAA0CH,QAAQ,CAACG,YAAT,IAAyB,EAA1E;AACD;;AAEM,SAASC,YAAT,GAAwB;AAC7B,SAAOC,SAAS,CAACC,SAAjB;AACD;;AAEM,SAASC,sBAAT,GAAkC;AACvC,QAAMC,KAAK,GAAGJ,YAAY,EAA1B;AACA,SAAOI,KAAK,IAAI,CAACV,cAAc,CAACW,IAAf,CAAoBD,KAApB,CAAjB;AACD;;AAEM,SAASE,2BAAT,GAAuC;AAC5C,MAAI,CAACX,SAAS,EAAd,EAAkB;AAChB,WAAO,KAAP;AACD;;AACD,MAAIY,QAAQ,GAAGX,QAAQ,CAACG,YAAT,IAAyBH,QAAQ,CAACG,YAAT,GAAwB,EAAhE;;AACA,MAAIF,MAAM,CAACW,WAAP,IAAsB,CAACD,QAA3B,EAAqC;AACnC,WAAO,IAAP;AACD;;AACD,SAAO,KAAP;AACD;;AAEM,SAASE,sBAAT,GAAkC;AACvC,SAAO,OAAOC,iBAAP,KAAqB,WAArB,IACFA,sBAAc,IADZ,IAEF,OAAOA,kBAAUC,MAAjB,KAA4B,WAF1B,IAGF,OAAOC,UAAP,KAAsB,WAH3B;AAID;;AAEM,SAASC,cAAT,GAA0B;AAC/B,SAAO,OAAOC,WAAP,KAAuB,WAA9B;AACD;;AAEM,SAASC,eAAT,GAA2B;AAChC,SAAON,sBAAsB,MAAMI,cAAc,EAAjD;AACD;;AAEM,SAASG,OAAT,GAAmB;AACxB,MAAI,CAACrB,SAAS,EAAd,EAAkB;AAChB,WAAO,KAAP;AACD;;AACD,SAAOE,MAAM,CAACoB,QAAP,CAAgBC,QAAhB,KAA6B,QAApC;AACD;;AAEM,SAASC,WAAT,GAAuB;AAC5B;AACA,SAAOxB,SAAS,MAAME,MAAM,CAACoB,QAAP,CAAgBG,QAAhB,KAA6B,WAAnD;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable node/no-unsupported-features/node-builtins */\n/* global document, window, TextEncoder, navigator */\n\nimport { webcrypto } from './crypto';\n\nconst isWindowsPhone = /windows phone|iemobile|wpdesktop/i;\t\n\nexport function isBrowser() {\n  return typeof document !== 'undefined' && typeof window !== 'undefined';\n}\n\nexport function isIE11OrLess() {\n  return isBrowser() && !!document.documentMode && document.documentMode <= 11;\n}\n\nexport function getUserAgent() {\n  return navigator.userAgent;\n}\n\nexport function isFingerprintSupported() {\n  const agent = getUserAgent();\n  return agent && !isWindowsPhone.test(agent);\t\n}\n\nexport function isPopupPostMessageSupported() {\n  if (!isBrowser()) {\n    return false;\n  }\n  var isIE8or9 = document.documentMode && document.documentMode < 10;\n  if (window.postMessage && !isIE8or9) {\n    return true;\n  }\n  return false;\n}\n\nexport function isTokenVerifySupported() {\n  return typeof webcrypto !== 'undefined'\n    && webcrypto !== null\n    && typeof webcrypto.subtle !== 'undefined'\n    && typeof Uint8Array !== 'undefined';\n}\n\nexport function hasTextEncoder() {\n  return typeof TextEncoder !== 'undefined';\n}\n\nexport function isPKCESupported() {\n  return isTokenVerifySupported() && hasTextEncoder();\n}\n\nexport function isHTTPS() {\n  if (!isBrowser()) {\n    return false;\n  }\n  return window.location.protocol === 'https:';\n}\n\nexport function isLocalhost() {\n  // eslint-disable-next-line compat/compat\n  return isBrowser() && window.location.hostname === 'localhost';\n}\n\n"],"file":"features.js"}
+{"version":3,"sources":["../../lib/features.ts"],"names":["isWindowsPhone","isBrowser","document","window","isIE11OrLess","documentMode","getUserAgent","navigator","userAgent","isFingerprintSupported","agent","test","isPopupPostMessageSupported","isIE8or9","postMessage","isTokenVerifySupported","webcrypto","subtle","Uint8Array","hasTextEncoder","TextEncoder","isPKCESupported","isHTTPS","location","protocol","isLocalhost","hostname"],"mappings":";;;;;;;;;;;;;AAeA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;;AACA;AAIA,MAAMA,cAAc,GAAG,mCAAvB;;AAEO,SAASC,SAAT,GAAqB;AAC1B,SAAO,OAAOC,QAAP,KAAoB,WAApB,IAAmC,OAAOC,MAAP,KAAkB,WAA5D;AACD;;AAEM,SAASC,YAAT,GAAwB;AAC7B,MAAI,CAACH,SAAS,EAAd,EAAkB;AAChB,WAAO,KAAP;AACD;;AACD,QAAMI,YAAY,GAAIH,QAAD,CAAkBG,YAAvC;AACA,SAAO,CAAC,CAACA,YAAF,IAAkBA,YAAY,IAAI,EAAzC;AACD;;AAEM,SAASC,YAAT,GAAwB;AAC7B,SAAOC,SAAS,CAACC,SAAjB;AACD;;AAEM,SAASC,sBAAT,GAAkC;AACvC,QAAMC,KAAK,GAAGJ,YAAY,EAA1B;AACA,SAAOI,KAAK,IAAI,CAACV,cAAc,CAACW,IAAf,CAAoBD,KAApB,CAAjB;AACD;;AAEM,SAASE,2BAAT,GAAuC;AAC5C,MAAI,CAACX,SAAS,EAAd,EAAkB;AAChB,WAAO,KAAP;AACD;;AACD,QAAMI,YAAY,GAAIH,QAAD,CAAkBG,YAAvC;AACA,MAAIQ,QAAQ,GAAGR,YAAY,IAAIA,YAAY,GAAG,EAA9C;;AACA,MAAI,OAAOF,MAAM,CAACW,WAAd,KAA8B,WAA9B,IAA6C,CAACD,QAAlD,EAA4D;AAC1D,WAAO,IAAP;AACD;;AACD,SAAO,KAAP;AACD;;AAEM,SAASE,sBAAT,GAAkC;AACvC,SAAO,OAAOC,iBAAP,KAAqB,WAArB,IACFA,sBAAc,IADZ,IAEF,OAAOA,kBAAUC,MAAjB,KAA4B,WAF1B,IAGF,OAAOC,UAAP,KAAsB,WAH3B;AAID;;AAEM,SAASC,cAAT,GAA0B;AAC/B,SAAO,OAAOC,WAAP,KAAuB,WAA9B;AACD;;AAEM,SAASC,eAAT,GAA2B;AAChC,SAAON,sBAAsB,MAAMI,cAAc,EAAjD;AACD;;AAEM,SAASG,OAAT,GAAmB;AACxB,MAAI,CAACrB,SAAS,EAAd,EAAkB;AAChB,WAAO,KAAP;AACD;;AACD,SAAOE,MAAM,CAACoB,QAAP,CAAgBC,QAAhB,KAA6B,QAApC;AACD;;AAEM,SAASC,WAAT,GAAuB;AAC5B;AACA,SAAOxB,SAAS,MAAME,MAAM,CAACoB,QAAP,CAAgBG,QAAhB,KAA6B,WAAnD;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable node/no-unsupported-features/node-builtins */\n/* global document, window, TextEncoder, navigator */\n\nimport { webcrypto } from './crypto';\n\nconst isWindowsPhone = /windows phone|iemobile|wpdesktop/i;\t\n\nexport function isBrowser() {\n  return typeof document !== 'undefined' && typeof window !== 'undefined';\n}\n\nexport function isIE11OrLess() {\n  if (!isBrowser()) {\n    return false;\n  }\n  const documentMode = (document as any).documentMode;\n  return !!documentMode && documentMode <= 11;\n}\n\nexport function getUserAgent() {\n  return navigator.userAgent;\n}\n\nexport function isFingerprintSupported() {\n  const agent = getUserAgent();\n  return agent && !isWindowsPhone.test(agent);\t\n}\n\nexport function isPopupPostMessageSupported() {\n  if (!isBrowser()) {\n    return false;\n  }\n  const documentMode = (document as any).documentMode;\n  var isIE8or9 = documentMode && documentMode < 10;\n  if (typeof window.postMessage !== 'undefined' && !isIE8or9) {\n    return true;\n  }\n  return false;\n}\n\nexport function isTokenVerifySupported() {\n  return typeof webcrypto !== 'undefined'\n    && webcrypto !== null\n    && typeof webcrypto.subtle !== 'undefined'\n    && typeof Uint8Array !== 'undefined';\n}\n\nexport function hasTextEncoder() {\n  return typeof TextEncoder !== 'undefined';\n}\n\nexport function isPKCESupported() {\n  return isTokenVerifySupported() && hasTextEncoder();\n}\n\nexport function isHTTPS() {\n  if (!isBrowser()) {\n    return false;\n  }\n  return window.location.protocol === 'https:';\n}\n\nexport function isLocalhost() {\n  // eslint-disable-next-line compat/compat\n  return isBrowser() && window.location.hostname === 'localhost';\n}\n\n"],"file":"features.js"}

package/cjs/fetch/fetchRequest.js

@@ -18,7 +18,8 @@ var _crossFetch = _interopRequireDefault(require("cross-fetch"));
  * See the License for the specific language governing permissions and limitations under the License.
  */
 function readData(response) {
-  if (response.headers.get('Content-Type') && response.headers.get('Content-Type').toLowerCase().indexOf('application/json') >= 0) {
+  if (response.headers.get('Content-Type') && // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+  response.headers.get('Content-Type').toLowerCase().indexOf('application/json') >= 0) {
     return response.json() // JSON parse can fail if response is not a valid object
     .catch(e => {
       return {

package/cjs/fetch/fetchRequest.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/fetch/fetchRequest.ts"],"names":["readData","response","headers","get","toLowerCase","indexOf","json","catch","e","error","errorSummary","text","formatResult","status","data","isObject","pair","entries","result","responseText","JSON","stringify","responseType","responseJSON","fetchRequest","method","url","args","body","contentType","fetch","global","crossFetch","fetchPromise","credentials","withCredentials","finally","Promise","resolve","then","ok"],"mappings":";;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA,SAASA,QAAT,CAAkBC,QAAlB,EAAqE;AACnE,MAAIA,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,KACFF,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,EAAqCC,WAArC,GAAmDC,OAAnD,CAA2D,kBAA3D,KAAkF,CADpF,EACuF;AACvF,WAAOJ,QAAQ,CAACK,IAAT,GACL;AADK,KAEJC,KAFI,CAEEC,CAAC,IAAI;AACV,aAAO;AACLC,QAAAA,KAAK,EAAED,CADF;AAELE,QAAAA,YAAY,EAAE;AAFT,OAAP;AAID,KAPI,CAAP;AAQC,GAVD,MAUO;AACL,WAAOT,QAAQ,CAACU,IAAT,EAAP;AACD;AACF;;AAED,SAASC,YAAT,CAAsBC,MAAtB,EAAsCC,IAAtC,EAA6Db,QAA7D,EAAiF;AAC/E,QAAMc,QAAQ,GAAG,OAAOD,IAAP,KAAgB,QAAjC;AACA,QAAMZ,OAAO,GAAG,EAAhB;;AACA,OAAK,MAAMc,IAAX,IAAmBf,QAAQ,CAACC,OAAT,CAAiBe,OAAjB,EAAnB,EAA+C;AAC7Cf,IAAAA,OAAO,CAACc,IAAI,CAAC,CAAD,CAAL,CAAP,GAAmBA,IAAI,CAAC,CAAD,CAAvB;AACD;;AACD,QAAME,MAAoB,GAAG;AAC3BC,IAAAA,YAAY,EAAEJ,QAAQ,GAAGK,IAAI,CAACC,SAAL,CAAeP,IAAf,CAAH,GAA0BA,IADrB;AAE3BD,IAAAA,MAAM,EAAEA,MAFmB;AAG3BX,IAAAA;AAH2B,GAA7B;;AAKA,MAAIa,QAAJ,EAAc;AACZG,IAAAA,MAAM,CAACI,YAAP,GAAsB,MAAtB;AACAJ,IAAAA,MAAM,CAACK,YAAP,GAAsBT,IAAtB;AACD;;AACD,SAAOI,MAAP;AACD;AAED;;;AACA,SAASM,YAAT,CAAsBC,MAAtB,EAAsCC,GAAtC,EAAmDC,IAAnD,EAAuE;AACrE,MAAIC,IAAI,GAAGD,IAAI,CAACb,IAAhB;AACA,MAAIZ,OAAO,GAAGyB,IAAI,CAACzB,OAAL,IAAgB,EAA9B;AACA,MAAI2B,WAAW,GAAI3B,OAAO,CAAC,cAAD,CAAP,IAA2BA,OAAO,CAAC,cAAD,CAAlC,IAAsD,EAAzE,CAHqE,CAKrE;;AACA,MAAI2B,WAAW,KAAK,kBAAhB,IAAsCD,IAAtC,IAA8C,OAAOA,IAAP,KAAgB,QAAlE,EAA4E;AAC1EA,IAAAA,IAAI,GAAGR,IAAI,CAACC,SAAL,CAAeO,IAAf,CAAP;AACD;;AACD,MAAIE,KAAK,GAAGC,MAAM,CAACD,KAAP,IAAgBE,mBAA5B;AACA,MAAIC,YAAY,GAAGH,KAAK,CAACJ,GAAD,EAAM;AAC5BD,IAAAA,MAAM,EAAEA,MADoB;AAE5BvB,IAAAA,OAAO,EAAEyB,IAAI,CAACzB,OAFc;AAG5B0B,IAAAA,IAAI,EAAEA,IAHsB;AAI5BM,IAAAA,WAAW,EAAEP,IAAI,CAACQ,eAAL,GAAuB,SAAvB,GAAmC;AAJpB,GAAN,CAAxB;;AAOA,MAAI,CAACF,YAAY,CAACG,OAAlB,EAA2B;AACzBH,IAAAA,YAAY,GAAGI,OAAO,CAACC,OAAR,CAAgBL,YAAhB,CAAf;AACD;;AAED,SAAOA,YAAY,CAACM,IAAb,CAAkB,UAAStC,QAAT,EAAmB;AAC1C,QAAIQ,KAAK,GAAG,CAACR,QAAQ,CAACuC,EAAtB;AACA,QAAI3B,MAAM,GAAGZ,QAAQ,CAACY,MAAtB;AACA,WAAOb,QAAQ,CAACC,QAAD,CAAR,CACJsC,IADI,CACCzB,IAAI,IAAI;AACZ,aAAOF,YAAY,CAACC,MAAD,EAASC,IAAT,EAAeb,QAAf,CAAnB;AACD,KAHI,EAIJsC,IAJI,CAICrB,MAAM,IAAI;AAAA;;AACd,UAAIT,KAAK,4BAAIS,MAAM,CAACK,YAAX,iDAAI,qBAAqBd,KAAlC,EAAyC;AACvC;AACA,cAAMS,MAAN;AACD;;AACD,aAAOA,MAAP;AACD,KAVI,CAAP;AAWD,GAdM,CAAP;AAeD;;eAEcM,Y","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport crossFetch from 'cross-fetch';\nimport { FetchOptions, FetchResponse, HttpResponse } from '../types';\n\nfunction readData(response: FetchResponse): Promise<object | string> {\n  if (response.headers.get('Content-Type') &&\n    response.headers.get('Content-Type').toLowerCase().indexOf('application/json') >= 0) {\n  return response.json()\n    // JSON parse can fail if response is not a valid object\n    .catch(e => {\n      return {\n        error: e,\n        errorSummary: 'Could not parse server response'\n      };\n    });\n  } else {\n    return response.text();\n  }\n}\n\nfunction formatResult(status: number, data: object | string, response: Response) {\n  const isObject = typeof data === 'object';\n  const headers = {};\n  for (const pair of response.headers.entries()) {\n    headers[pair[0]] = pair[1];\n  }\n  const result: HttpResponse = {\n    responseText: isObject ? JSON.stringify(data) : data as string,\n    status: status,\n    headers\n  };\n  if (isObject) {\n    result.responseType = 'json';\n    result.responseJSON = data as object;\n  }\n  return result;\n}\n\n/* eslint-disable complexity */\nfunction fetchRequest(method: string, url: string, args: FetchOptions) {\n  var body = args.data;\n  var headers = args.headers || {};\n  var contentType = (headers['Content-Type'] || headers['content-type'] || '');\n\n  // JSON encode body (if appropriate)\n  if (contentType === 'application/json' && body && typeof body !== 'string') {\n    body = JSON.stringify(body);\n  }\n  var fetch = global.fetch || crossFetch;\n  var fetchPromise = fetch(url, {\n    method: method,\n    headers: args.headers,\n    body: body as string,\n    credentials: args.withCredentials ? 'include' : 'omit'\n  });\n\n  if (!fetchPromise.finally) {\n    fetchPromise = Promise.resolve(fetchPromise);\n  }\n\n  return fetchPromise.then(function(response) {\n    var error = !response.ok;\n    var status = response.status;\n    return readData(response)\n      .then(data => {\n        return formatResult(status, data, response);\n      })\n      .then(result => {\n        if (error || result.responseJSON?.error) {\n          // Throwing result object since error handling is done in http.js\n          throw result;\n        }\n        return result;\n      });\n  });\n}\n\nexport default fetchRequest;\n"],"file":"fetchRequest.js"}
+{"version":3,"sources":["../../../lib/fetch/fetchRequest.ts"],"names":["readData","response","headers","get","toLowerCase","indexOf","json","catch","e","error","errorSummary","text","formatResult","status","data","isObject","pair","entries","result","responseText","JSON","stringify","responseType","responseJSON","fetchRequest","method","url","args","body","contentType","fetch","global","crossFetch","fetchPromise","credentials","withCredentials","finally","Promise","resolve","then","ok"],"mappings":";;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA,SAASA,QAAT,CAAkBC,QAAlB,EAAgE;AAC9D,MAAIA,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,KACF;AACAF,EAAAA,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,EAAsCC,WAAtC,GAAoDC,OAApD,CAA4D,kBAA5D,KAAmF,CAFrF,EAEwF;AACxF,WAAOJ,QAAQ,CAACK,IAAT,GACL;AADK,KAEJC,KAFI,CAEEC,CAAC,IAAI;AACV,aAAO;AACLC,QAAAA,KAAK,EAAED,CADF;AAELE,QAAAA,YAAY,EAAE;AAFT,OAAP;AAID,KAPI,CAAP;AAQC,GAXD,MAWO;AACL,WAAOT,QAAQ,CAACU,IAAT,EAAP;AACD;AACF;;AAED,SAASC,YAAT,CAAsBC,MAAtB,EAAsCC,IAAtC,EAA6Db,QAA7D,EAAiF;AAC/E,QAAMc,QAAQ,GAAG,OAAOD,IAAP,KAAgB,QAAjC;AACA,QAAMZ,OAAO,GAAG,EAAhB;;AACA,OAAK,MAAMc,IAAX,IAAoBf,QAAQ,CAACC,OAAV,CAA0Be,OAA1B,EAAnB,EAAwD;AACtDf,IAAAA,OAAO,CAACc,IAAI,CAAC,CAAD,CAAL,CAAP,GAAmBA,IAAI,CAAC,CAAD,CAAvB;AACD;;AACD,QAAME,MAAoB,GAAG;AAC3BC,IAAAA,YAAY,EAAEJ,QAAQ,GAAGK,IAAI,CAACC,SAAL,CAAeP,IAAf,CAAH,GAA0BA,IADrB;AAE3BD,IAAAA,MAAM,EAAEA,MAFmB;AAG3BX,IAAAA;AAH2B,GAA7B;;AAKA,MAAIa,QAAJ,EAAc;AACZG,IAAAA,MAAM,CAACI,YAAP,GAAsB,MAAtB;AACAJ,IAAAA,MAAM,CAACK,YAAP,GAAsBT,IAAtB;AACD;;AACD,SAAOI,MAAP;AACD;AAED;;;AACA,SAASM,YAAT,CAAsBC,MAAtB,EAAsCC,GAAtC,EAAmDC,IAAnD,EAAuE;AACrE,MAAIC,IAAI,GAAGD,IAAI,CAACb,IAAhB;AACA,MAAIZ,OAAO,GAAGyB,IAAI,CAACzB,OAAL,IAAgB,EAA9B;AACA,MAAI2B,WAAW,GAAI3B,OAAO,CAAC,cAAD,CAAP,IAA2BA,OAAO,CAAC,cAAD,CAAlC,IAAsD,EAAzE,CAHqE,CAKrE;;AACA,MAAI2B,WAAW,KAAK,kBAAhB,IAAsCD,IAAtC,IAA8C,OAAOA,IAAP,KAAgB,QAAlE,EAA4E;AAC1EA,IAAAA,IAAI,GAAGR,IAAI,CAACC,SAAL,CAAeO,IAAf,CAAP;AACD;;AACD,MAAIE,KAAK,GAAGC,MAAM,CAACD,KAAP,IAAgBE,mBAA5B;AACA,MAAIC,YAAY,GAAGH,KAAK,CAACJ,GAAD,EAAM;AAC5BD,IAAAA,MAAM,EAAEA,MADoB;AAE5BvB,IAAAA,OAAO,EAAEyB,IAAI,CAACzB,OAFc;AAG5B0B,IAAAA,IAAI,EAAEA,IAHsB;AAI5BM,IAAAA,WAAW,EAAEP,IAAI,CAACQ,eAAL,GAAuB,SAAvB,GAAmC;AAJpB,GAAN,CAAxB;;AAOA,MAAI,CAACF,YAAY,CAACG,OAAlB,EAA2B;AACzBH,IAAAA,YAAY,GAAGI,OAAO,CAACC,OAAR,CAAgBL,YAAhB,CAAf;AACD;;AAED,SAAOA,YAAY,CAACM,IAAb,CAAkB,UAAStC,QAAT,EAAmB;AAC1C,QAAIQ,KAAK,GAAG,CAACR,QAAQ,CAACuC,EAAtB;AACA,QAAI3B,MAAM,GAAGZ,QAAQ,CAACY,MAAtB;AACA,WAAOb,QAAQ,CAACC,QAAD,CAAR,CACJsC,IADI,CACCzB,IAAI,IAAI;AACZ,aAAOF,YAAY,CAACC,MAAD,EAASC,IAAT,EAAeb,QAAf,CAAnB;AACD,KAHI,EAIJsC,IAJI,CAICrB,MAAM,IAAI;AAAA;;AACd,UAAIT,KAAK,4BAAIS,MAAM,CAACK,YAAX,iDAAI,qBAAqBd,KAAlC,EAAyC;AACvC;AACA,cAAMS,MAAN;AACD;;AACD,aAAOA,MAAP;AACD,KAVI,CAAP;AAWD,GAdM,CAAP;AAeD;;eAEcM,Y","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport crossFetch from 'cross-fetch';\nimport { FetchOptions, HttpResponse } from '../types';\n\nfunction readData(response: Response): Promise<object | string> {\n  if (response.headers.get('Content-Type') &&\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    response.headers.get('Content-Type')!.toLowerCase().indexOf('application/json') >= 0) {\n  return response.json()\n    // JSON parse can fail if response is not a valid object\n    .catch(e => {\n      return {\n        error: e,\n        errorSummary: 'Could not parse server response'\n      };\n    });\n  } else {\n    return response.text();\n  }\n}\n\nfunction formatResult(status: number, data: object | string, response: Response) {\n  const isObject = typeof data === 'object';\n  const headers = {};\n  for (const pair of (response.headers as any).entries()) {\n    headers[pair[0]] = pair[1];\n  }\n  const result: HttpResponse = {\n    responseText: isObject ? JSON.stringify(data) : data as string,\n    status: status,\n    headers\n  };\n  if (isObject) {\n    result.responseType = 'json';\n    result.responseJSON = data as object;\n  }\n  return result;\n}\n\n/* eslint-disable complexity */\nfunction fetchRequest(method: string, url: string, args: FetchOptions) {\n  var body = args.data;\n  var headers = args.headers || {};\n  var contentType = (headers['Content-Type'] || headers['content-type'] || '');\n\n  // JSON encode body (if appropriate)\n  if (contentType === 'application/json' && body && typeof body !== 'string') {\n    body = JSON.stringify(body);\n  }\n  var fetch = global.fetch || crossFetch;\n  var fetchPromise = fetch(url, {\n    method: method,\n    headers: args.headers,\n    body: body as string,\n    credentials: args.withCredentials ? 'include' : 'omit'\n  });\n\n  if (!fetchPromise.finally) {\n    fetchPromise = Promise.resolve(fetchPromise);\n  }\n\n  return fetchPromise.then(function(response) {\n    var error = !response.ok;\n    var status = response.status;\n    return readData(response)\n      .then(data => {\n        return formatResult(status, data, response);\n      })\n      .then(result => {\n        if (error || result.responseJSON?.error) {\n          // Throwing result object since error handling is done in http.js\n          throw result;\n        }\n        return result;\n      });\n  });\n}\n\nexport default fetchRequest;\n"],"file":"fetchRequest.js"}

package/cjs/http/request.js

@@ -12,6 +12,8 @@ var _AuthApiError = _interopRequireDefault(require("../errors/AuthApiError"));
 
 var _constants = require("../constants");
 
+/* eslint-disable @typescript-eslint/no-non-null-assertion */
+
 /*!
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")

package/cjs/http/request.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/http/request.ts"],"names":["httpRequest","sdk","options","url","method","args","saveAuthnState","accessToken","withCredentials","storageUtil","storage","httpCache","storageManager","getHttpCache","cookies","cacheResponse","cacheContents","getStorage","cachedResponse","Date","now","expiresAt","Promise","resolve","response","oktaUserAgentHeader","_oktaUserAgent","getHttpHeader","headers","Object","assign","ajaxOptions","data","undefined","err","res","httpRequestClient","then","resp","responseText","JSON","parse","stateToken","delete","STATE_TOKEN_KEY_NAME","set","updateStorage","Math","floor","DEFAULT_CACHE_DURATION","catch","serverErr","e","errorSummary","status","transformErrorXHR","AuthApiError","errorCode","get","getIssuerOrigin","getOptions","post","postOptions"],"mappings":";;;;;;;;AAcA;;AACA;;AACA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAMO,SAASA,WAAT,CAAqBC,GAArB,EAAoCC,OAApC,EAA2E;AAChFA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;AACA,MAAIC,GAAG,GAAGD,OAAO,CAACC,GAAlB;AAAA,MACIC,MAAM,GAAGF,OAAO,CAACE,MADrB;AAAA,MAEIC,IAAI,GAAGH,OAAO,CAACG,IAFnB;AAAA,MAGIC,cAAc,GAAGJ,OAAO,CAACI,cAH7B;AAAA,MAIIC,WAAW,GAAGL,OAAO,CAACK,WAJ1B;AAAA,MAKIC,eAAe,GAAGN,OAAO,CAACM,eAAR,KAA4B,IALlD;AAAA,MAKwD;AACpDC,EAAAA,WAAW,GAAGR,GAAG,CAACC,OAAJ,CAAYO,WAN9B;AAAA,MAOIC,OAAO,GAAGD,WAAW,CAACC,OAP1B;AAAA,MAQIC,SAAS,GAAGV,GAAG,CAACW,cAAJ,CAAmBC,YAAnB,CAAgCZ,GAAG,CAACC,OAAJ,CAAYY,OAA5C,CARhB;;AAUA,MAAIZ,OAAO,CAACa,aAAZ,EAA2B;AACzB,QAAIC,aAAa,GAAGL,SAAS,CAACM,UAAV,EAApB;AACA,QAAIC,cAAc,GAAGF,aAAa,CAACb,GAAD,CAAlC;;AACA,QAAIe,cAAc,IAAIC,IAAI,CAACC,GAAL,KAAW,IAAX,GAAkBF,cAAc,CAACG,SAAvD,EAAkE;AAChE,aAAOC,OAAO,CAACC,OAAR,CAAgBL,cAAc,CAACM,QAA/B,CAAP;AACD;AACF;;AAED,MAAIC,mBAAmB,GAAGxB,GAAG,CAACyB,cAAJ,CAAmBC,aAAnB,EAA1B;;AACA,MAAIC,OAAoB,GAAG;AACzB,cAAU,kBADe;AAEzB,oBAAgB,kBAFS;AAGzB,OAAGH;AAHsB,GAA3B;AAKAI,EAAAA,MAAM,CAACC,MAAP,CAAcF,OAAd,EAAuB3B,GAAG,CAACC,OAAJ,CAAY0B,OAAnC,EAA4C1B,OAAO,CAAC0B,OAApD;AACAA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;;AAEA,MAAIrB,WAAW,IAAI,oBAASA,WAAT,CAAnB,EAA0C;AACxCqB,IAAAA,OAAO,CAAC,eAAD,CAAP,GAA2B,YAAYrB,WAAvC;AACD;;AAED,MAAIwB,WAAyB,GAAG;AAC9BH,IAAAA,OAD8B;AAE9BI,IAAAA,IAAI,EAAE3B,IAAI,IAAI4B,SAFgB;AAG9BzB,IAAAA;AAH8B,GAAhC;AAMA,MAAI0B,GAAJ,EAASC,GAAT;AACA,SAAOlC,GAAG,CAACC,OAAJ,CAAYkC,iBAAZ,CAA8BhC,MAA9B,EAAsCD,GAAtC,EAA2C4B,WAA3C,EACJM,IADI,CACC,UAASC,IAAT,EAAe;AACnBH,IAAAA,GAAG,GAAGG,IAAI,CAACC,YAAX;;AACA,QAAIJ,GAAG,IAAI,oBAASA,GAAT,CAAX,EAA0B;AACxBA,MAAAA,GAAG,GAAGK,IAAI,CAACC,KAAL,CAAWN,GAAX,CAAN;;AACA,UAAIA,GAAG,IAAI,OAAOA,GAAP,KAAe,QAAtB,IAAkC,CAACA,GAAG,CAACP,OAA3C,EAAoD;AAClDO,QAAAA,GAAG,CAACP,OAAJ,GAAcU,IAAI,CAACV,OAAnB;AACD;AACF;;AAED,QAAItB,cAAJ,EAAoB;AAClB,UAAI,CAAC6B,GAAG,CAACO,UAAT,EAAqB;AACnBhC,QAAAA,OAAO,CAACiC,MAAR,CAAeC,+BAAf;AACD;AACF;;AAED,QAAIT,GAAG,IAAIA,GAAG,CAACO,UAAX,IAAyBP,GAAG,CAACd,SAAjC,EAA4C;AAC1CX,MAAAA,OAAO,CAACmC,GAAR,CAAYD,+BAAZ,EAAkCT,GAAG,CAACO,UAAtC,EAAkDP,GAAG,CAACd,SAAtD,EAAiEpB,GAAG,CAACC,OAAJ,CAAYY,OAA7E;AACD;;AAED,QAAIqB,GAAG,IAAIjC,OAAO,CAACa,aAAnB,EAAkC;AAChCJ,MAAAA,SAAS,CAACmC,aAAV,CAAwB3C,GAAxB,EAA6B;AAC3BkB,QAAAA,SAAS,EAAE0B,IAAI,CAACC,KAAL,CAAW7B,IAAI,CAACC,GAAL,KAAW,IAAtB,IAA8B6B,iCADd;AAE3BzB,QAAAA,QAAQ,EAAEW;AAFiB,OAA7B;AAID;;AAED,WAAOA,GAAP;AACD,GA5BI,EA6BJe,KA7BI,CA6BE,UAASZ,IAAT,EAAe;AACpB,QAAIa,SAAS,GAAGb,IAAI,CAACC,YAAL,IAAqB,EAArC;;AACA,QAAI,oBAASY,SAAT,CAAJ,EAAyB;AACvB,UAAI;AACFA,QAAAA,SAAS,GAAGX,IAAI,CAACC,KAAL,CAAWU,SAAX,CAAZ;AACD,OAFD,CAEE,OAAOC,CAAP,EAAU;AACVD,QAAAA,SAAS,GAAG;AACVE,UAAAA,YAAY,EAAE;AADJ,SAAZ;AAGD;AACF;;AAED,QAAIf,IAAI,CAACgB,MAAL,IAAe,GAAnB,EAAwB;AACtBH,MAAAA,SAAS,CAACE,YAAV,GAAyB,eAAzB;AACD;;AAED,QAAIpD,GAAG,CAACC,OAAJ,CAAYqD,iBAAhB,EAAmC;AACjCjB,MAAAA,IAAI,GAAGrC,GAAG,CAACC,OAAJ,CAAYqD,iBAAZ,CAA8B,iBAAMjB,IAAN,CAA9B,CAAP;AACD;;AAEDJ,IAAAA,GAAG,GAAG,IAAIsB,qBAAJ,CAAiBL,SAAjB,EAA4Bb,IAA5B,CAAN;;AAEA,QAAIJ,GAAG,CAACuB,SAAJ,KAAkB,UAAtB,EAAkC;AAChC/C,MAAAA,OAAO,CAACiC,MAAR,CAAeC,+BAAf;AACD;;AAED,UAAMV,GAAN;AACD,GAxDI,CAAP;AAyDD;;AAEM,SAASwB,GAAT,CAAazD,GAAb,EAA4BE,GAA5B,EAAyCD,OAAzC,EAAmE;AACxEC,EAAAA,GAAG,GAAG,yBAAcA,GAAd,IAAqBA,GAArB,GAA2BF,GAAG,CAAC0D,eAAJ,KAAwBxD,GAAzD;AACA,MAAIyD,UAAU,GAAG;AACfzD,IAAAA,GAAG,EAAEA,GADU;AAEfC,IAAAA,MAAM,EAAE;AAFO,GAAjB;AAIAyB,EAAAA,MAAM,CAACC,MAAP,CAAc8B,UAAd,EAA0B1D,OAA1B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAM2D,UAAN,CAAlB;AACD;;AAEM,SAASC,IAAT,CAAc5D,GAAd,EAA6BE,GAA7B,EAA0CE,IAA1C,EAA8DH,OAA9D,EAAwF;AAC7FC,EAAAA,GAAG,GAAG,yBAAcA,GAAd,IAAqBA,GAArB,GAA2BF,GAAG,CAAC0D,eAAJ,KAAwBxD,GAAzD;AACA,MAAI2D,WAAW,GAAG;AAChB3D,IAAAA,GAAG,EAAEA,GADW;AAEhBC,IAAAA,MAAM,EAAE,MAFQ;AAGhBC,IAAAA,IAAI,EAAEA,IAHU;AAIhBC,IAAAA,cAAc,EAAE;AAJA,GAAlB;AAMAuB,EAAAA,MAAM,CAACC,MAAP,CAAcgC,WAAd,EAA2B5D,OAA3B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAM6D,WAAN,CAAlB;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* eslint-disable complexity */\nimport { isString, clone, isAbsoluteUrl, removeNils } from '../util';\nimport AuthApiError from '../errors/AuthApiError';\nimport { STATE_TOKEN_KEY_NAME, DEFAULT_CACHE_DURATION } from '../constants';\nimport { OktaAuth, RequestOptions, FetchOptions, RequestData } from '../types';\n\nexport function httpRequest(sdk: OktaAuth, options: RequestOptions): Promise<any> {\n  options = options || {};\n  var url = options.url,\n      method = options.method,\n      args = options.args,\n      saveAuthnState = options.saveAuthnState,\n      accessToken = options.accessToken,\n      withCredentials = options.withCredentials === true, // default value is false\n      storageUtil = sdk.options.storageUtil,\n      storage = storageUtil.storage,\n      httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);\n\n  if (options.cacheResponse) {\n    var cacheContents = httpCache.getStorage();\n    var cachedResponse = cacheContents[url];\n    if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n      return Promise.resolve(cachedResponse.response);\n    }\n  }\n\n  var oktaUserAgentHeader = sdk._oktaUserAgent.getHttpHeader();\n  var headers: HeadersInit = {\n    'Accept': 'application/json',\n    'Content-Type': 'application/json',\n    ...oktaUserAgentHeader\n  };\n  Object.assign(headers, sdk.options.headers, options.headers);\n  headers = removeNils(headers) as HeadersInit;\n\n  if (accessToken && isString(accessToken)) {\n    headers['Authorization'] = 'Bearer ' + accessToken;\n  }\n\n  var ajaxOptions: FetchOptions = {\n    headers,\n    data: args || undefined,\n    withCredentials\n  };\n\n  var err, res;\n  return sdk.options.httpRequestClient(method, url, ajaxOptions)\n    .then(function(resp) {\n      res = resp.responseText;\n      if (res && isString(res)) {\n        res = JSON.parse(res);\n        if (res && typeof res === 'object' && !res.headers) {\n          res.headers = resp.headers;\n        }\n      }\n\n      if (saveAuthnState) {\n        if (!res.stateToken) {\n          storage.delete(STATE_TOKEN_KEY_NAME);\n        }\n      }\n\n      if (res && res.stateToken && res.expiresAt) {\n        storage.set(STATE_TOKEN_KEY_NAME, res.stateToken, res.expiresAt, sdk.options.cookies);\n      }\n\n      if (res && options.cacheResponse) {\n        httpCache.updateStorage(url, {\n          expiresAt: Math.floor(Date.now()/1000) + DEFAULT_CACHE_DURATION,\n          response: res\n        });\n      }\n\n      return res;\n    })\n    .catch(function(resp) {\n      var serverErr = resp.responseText || {};\n      if (isString(serverErr)) {\n        try {\n          serverErr = JSON.parse(serverErr);\n        } catch (e) {\n          serverErr = {\n            errorSummary: 'Unknown error'\n          };\n        }\n      }\n\n      if (resp.status >= 500) {\n        serverErr.errorSummary = 'Unknown error';\n      }\n\n      if (sdk.options.transformErrorXHR) {\n        resp = sdk.options.transformErrorXHR(clone(resp));\n      }\n\n      err = new AuthApiError(serverErr, resp);\n\n      if (err.errorCode === 'E0000011') {\n        storage.delete(STATE_TOKEN_KEY_NAME);\n      }\n\n      throw err;\n    });\n}\n\nexport function get(sdk: OktaAuth, url: string, options?: RequestOptions) {\n  url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n  var getOptions = {\n    url: url,\n    method: 'GET'\n  };\n  Object.assign(getOptions, options);\n  return httpRequest(sdk, getOptions);\n}\n\nexport function post(sdk: OktaAuth, url: string, args?: RequestData, options?: RequestOptions) {\n  url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n  var postOptions = {\n    url: url,\n    method: 'POST',\n    args: args,\n    saveAuthnState: true\n  };\n  Object.assign(postOptions, options);\n  return httpRequest(sdk, postOptions);\n}\n"],"file":"request.js"}
+{"version":3,"sources":["../../../lib/http/request.ts"],"names":["httpRequest","sdk","options","url","method","args","saveAuthnState","accessToken","withCredentials","storageUtil","storage","httpCache","storageManager","getHttpCache","cookies","cacheResponse","cacheContents","getStorage","cachedResponse","Date","now","expiresAt","Promise","resolve","response","oktaUserAgentHeader","_oktaUserAgent","getHttpHeader","headers","Object","assign","ajaxOptions","data","undefined","err","res","httpRequestClient","then","resp","responseText","JSON","parse","stateToken","delete","STATE_TOKEN_KEY_NAME","set","updateStorage","Math","floor","DEFAULT_CACHE_DURATION","catch","serverErr","e","errorSummary","status","transformErrorXHR","AuthApiError","errorCode","get","getIssuerOrigin","getOptions","post","postOptions"],"mappings":";;;;;;;;AAeA;;AACA;;AACA;;AAjBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAMO,SAASA,WAAT,CAAqBC,GAArB,EAAoCC,OAApC,EAA2E;AAChFA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;AACA,MAAIC,GAAG,GAAGD,OAAO,CAACC,GAAlB;AAAA,MACIC,MAAM,GAAGF,OAAO,CAACE,MADrB;AAAA,MAEIC,IAAI,GAAGH,OAAO,CAACG,IAFnB;AAAA,MAGIC,cAAc,GAAGJ,OAAO,CAACI,cAH7B;AAAA,MAIIC,WAAW,GAAGL,OAAO,CAACK,WAJ1B;AAAA,MAKIC,eAAe,GAAGN,OAAO,CAACM,eAAR,KAA4B,IALlD;AAAA,MAKwD;AACpDC,EAAAA,WAAW,GAAGR,GAAG,CAACC,OAAJ,CAAYO,WAN9B;AAAA,MAOIC,OAAO,GAAGD,WAAW,CAAEC,OAP3B;AAAA,MAQIC,SAAS,GAAGV,GAAG,CAACW,cAAJ,CAAmBC,YAAnB,CAAgCZ,GAAG,CAACC,OAAJ,CAAYY,OAA5C,CARhB;;AAUA,MAAIZ,OAAO,CAACa,aAAZ,EAA2B;AACzB,QAAIC,aAAa,GAAGL,SAAS,CAACM,UAAV,EAApB;AACA,QAAIC,cAAc,GAAGF,aAAa,CAACb,GAAD,CAAlC;;AACA,QAAIe,cAAc,IAAIC,IAAI,CAACC,GAAL,KAAW,IAAX,GAAkBF,cAAc,CAACG,SAAvD,EAAkE;AAChE,aAAOC,OAAO,CAACC,OAAR,CAAgBL,cAAc,CAACM,QAA/B,CAAP;AACD;AACF;;AAED,MAAIC,mBAAmB,GAAGxB,GAAG,CAACyB,cAAJ,CAAmBC,aAAnB,EAA1B;;AACA,MAAIC,OAAoB,GAAG;AACzB,cAAU,kBADe;AAEzB,oBAAgB,kBAFS;AAGzB,OAAGH;AAHsB,GAA3B;AAKAI,EAAAA,MAAM,CAACC,MAAP,CAAcF,OAAd,EAAuB3B,GAAG,CAACC,OAAJ,CAAY0B,OAAnC,EAA4C1B,OAAO,CAAC0B,OAApD;AACAA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;;AAEA,MAAIrB,WAAW,IAAI,oBAASA,WAAT,CAAnB,EAA0C;AACxCqB,IAAAA,OAAO,CAAC,eAAD,CAAP,GAA2B,YAAYrB,WAAvC;AACD;;AAED,MAAIwB,WAAyB,GAAG;AAC9BH,IAAAA,OAD8B;AAE9BI,IAAAA,IAAI,EAAE3B,IAAI,IAAI4B,SAFgB;AAG9BzB,IAAAA;AAH8B,GAAhC;AAMA,MAAI0B,GAAJ,EAASC,GAAT;AACA,SAAOlC,GAAG,CAACC,OAAJ,CAAYkC,iBAAZ,CAA+BhC,MAA/B,EAAwCD,GAAxC,EAA8C4B,WAA9C,EACJM,IADI,CACC,UAASC,IAAT,EAAe;AACnBH,IAAAA,GAAG,GAAGG,IAAI,CAACC,YAAX;;AACA,QAAIJ,GAAG,IAAI,oBAASA,GAAT,CAAX,EAA0B;AACxBA,MAAAA,GAAG,GAAGK,IAAI,CAACC,KAAL,CAAWN,GAAX,CAAN;;AACA,UAAIA,GAAG,IAAI,OAAOA,GAAP,KAAe,QAAtB,IAAkC,CAACA,GAAG,CAACP,OAA3C,EAAoD;AAClDO,QAAAA,GAAG,CAACP,OAAJ,GAAcU,IAAI,CAACV,OAAnB;AACD;AACF;;AAED,QAAItB,cAAJ,EAAoB;AAClB,UAAI,CAAC6B,GAAG,CAACO,UAAT,EAAqB;AACnBhC,QAAAA,OAAO,CAACiC,MAAR,CAAeC,+BAAf;AACD;AACF;;AAED,QAAIT,GAAG,IAAIA,GAAG,CAACO,UAAX,IAAyBP,GAAG,CAACd,SAAjC,EAA4C;AAC1CX,MAAAA,OAAO,CAACmC,GAAR,CAAYD,+BAAZ,EAAkCT,GAAG,CAACO,UAAtC,EAAkDP,GAAG,CAACd,SAAtD,EAAiEpB,GAAG,CAACC,OAAJ,CAAYY,OAA7E;AACD;;AAED,QAAIqB,GAAG,IAAIjC,OAAO,CAACa,aAAnB,EAAkC;AAChCJ,MAAAA,SAAS,CAACmC,aAAV,CAAwB3C,GAAxB,EAA8B;AAC5BkB,QAAAA,SAAS,EAAE0B,IAAI,CAACC,KAAL,CAAW7B,IAAI,CAACC,GAAL,KAAW,IAAtB,IAA8B6B,iCADb;AAE5BzB,QAAAA,QAAQ,EAAEW;AAFkB,OAA9B;AAID;;AAED,WAAOA,GAAP;AACD,GA5BI,EA6BJe,KA7BI,CA6BE,UAASZ,IAAT,EAAe;AACpB,QAAIa,SAAS,GAAGb,IAAI,CAACC,YAAL,IAAqB,EAArC;;AACA,QAAI,oBAASY,SAAT,CAAJ,EAAyB;AACvB,UAAI;AACFA,QAAAA,SAAS,GAAGX,IAAI,CAACC,KAAL,CAAWU,SAAX,CAAZ;AACD,OAFD,CAEE,OAAOC,CAAP,EAAU;AACVD,QAAAA,SAAS,GAAG;AACVE,UAAAA,YAAY,EAAE;AADJ,SAAZ;AAGD;AACF;;AAED,QAAIf,IAAI,CAACgB,MAAL,IAAe,GAAnB,EAAwB;AACtBH,MAAAA,SAAS,CAACE,YAAV,GAAyB,eAAzB;AACD;;AAED,QAAIpD,GAAG,CAACC,OAAJ,CAAYqD,iBAAhB,EAAmC;AACjCjB,MAAAA,IAAI,GAAGrC,GAAG,CAACC,OAAJ,CAAYqD,iBAAZ,CAA8B,iBAAMjB,IAAN,CAA9B,CAAP;AACD;;AAEDJ,IAAAA,GAAG,GAAG,IAAIsB,qBAAJ,CAAiBL,SAAjB,EAA4Bb,IAA5B,CAAN;;AAEA,QAAIJ,GAAG,CAACuB,SAAJ,KAAkB,UAAtB,EAAkC;AAChC/C,MAAAA,OAAO,CAACiC,MAAR,CAAeC,+BAAf;AACD;;AAED,UAAMV,GAAN;AACD,GAxDI,CAAP;AAyDD;;AAEM,SAASwB,GAAT,CAAazD,GAAb,EAA4BE,GAA5B,EAAyCD,OAAzC,EAAmE;AACxEC,EAAAA,GAAG,GAAG,yBAAcA,GAAd,IAAqBA,GAArB,GAA2BF,GAAG,CAAC0D,eAAJ,KAAwBxD,GAAzD;AACA,MAAIyD,UAAU,GAAG;AACfzD,IAAAA,GAAG,EAAEA,GADU;AAEfC,IAAAA,MAAM,EAAE;AAFO,GAAjB;AAIAyB,EAAAA,MAAM,CAACC,MAAP,CAAc8B,UAAd,EAA0B1D,OAA1B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAM2D,UAAN,CAAlB;AACD;;AAEM,SAASC,IAAT,CAAc5D,GAAd,EAA6BE,GAA7B,EAA0CE,IAA1C,EAA8DH,OAA9D,EAAwF;AAC7FC,EAAAA,GAAG,GAAG,yBAAcA,GAAd,IAAqBA,GAArB,GAA2BF,GAAG,CAAC0D,eAAJ,KAAwBxD,GAAzD;AACA,MAAI2D,WAAW,GAAG;AAChB3D,IAAAA,GAAG,EAAEA,GADW;AAEhBC,IAAAA,MAAM,EAAE,MAFQ;AAGhBC,IAAAA,IAAI,EAAEA,IAHU;AAIhBC,IAAAA,cAAc,EAAE;AAJA,GAAlB;AAMAuB,EAAAA,MAAM,CAACC,MAAP,CAAcgC,WAAd,EAA2B5D,OAA3B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAM6D,WAAN,CAAlB;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* eslint-disable complexity */\nimport { isString, clone, isAbsoluteUrl, removeNils } from '../util';\nimport AuthApiError from '../errors/AuthApiError';\nimport { STATE_TOKEN_KEY_NAME, DEFAULT_CACHE_DURATION } from '../constants';\nimport { OktaAuth, RequestOptions, FetchOptions, RequestData } from '../types';\n\nexport function httpRequest(sdk: OktaAuth, options: RequestOptions): Promise<any> {\n  options = options || {};\n  var url = options.url,\n      method = options.method,\n      args = options.args,\n      saveAuthnState = options.saveAuthnState,\n      accessToken = options.accessToken,\n      withCredentials = options.withCredentials === true, // default value is false\n      storageUtil = sdk.options.storageUtil,\n      storage = storageUtil!.storage,\n      httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);\n\n  if (options.cacheResponse) {\n    var cacheContents = httpCache.getStorage();\n    var cachedResponse = cacheContents[url as string];\n    if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n      return Promise.resolve(cachedResponse.response);\n    }\n  }\n\n  var oktaUserAgentHeader = sdk._oktaUserAgent.getHttpHeader();\n  var headers: HeadersInit = {\n    'Accept': 'application/json',\n    'Content-Type': 'application/json',\n    ...oktaUserAgentHeader\n  };\n  Object.assign(headers, sdk.options.headers, options.headers);\n  headers = removeNils(headers) as HeadersInit;\n\n  if (accessToken && isString(accessToken)) {\n    headers['Authorization'] = 'Bearer ' + accessToken;\n  }\n\n  var ajaxOptions: FetchOptions = {\n    headers,\n    data: args || undefined,\n    withCredentials\n  };\n\n  var err, res;\n  return sdk.options.httpRequestClient!(method!, url!, ajaxOptions)\n    .then(function(resp) {\n      res = resp.responseText;\n      if (res && isString(res)) {\n        res = JSON.parse(res);\n        if (res && typeof res === 'object' && !res.headers) {\n          res.headers = resp.headers;\n        }\n      }\n\n      if (saveAuthnState) {\n        if (!res.stateToken) {\n          storage.delete(STATE_TOKEN_KEY_NAME);\n        }\n      }\n\n      if (res && res.stateToken && res.expiresAt) {\n        storage.set(STATE_TOKEN_KEY_NAME, res.stateToken, res.expiresAt, sdk.options.cookies!);\n      }\n\n      if (res && options.cacheResponse) {\n        httpCache.updateStorage(url!, {\n          expiresAt: Math.floor(Date.now()/1000) + DEFAULT_CACHE_DURATION,\n          response: res\n        });\n      }\n\n      return res;\n    })\n    .catch(function(resp) {\n      var serverErr = resp.responseText || {};\n      if (isString(serverErr)) {\n        try {\n          serverErr = JSON.parse(serverErr);\n        } catch (e) {\n          serverErr = {\n            errorSummary: 'Unknown error'\n          };\n        }\n      }\n\n      if (resp.status >= 500) {\n        serverErr.errorSummary = 'Unknown error';\n      }\n\n      if (sdk.options.transformErrorXHR) {\n        resp = sdk.options.transformErrorXHR(clone(resp));\n      }\n\n      err = new AuthApiError(serverErr, resp);\n\n      if (err.errorCode === 'E0000011') {\n        storage.delete(STATE_TOKEN_KEY_NAME);\n      }\n\n      throw err;\n    });\n}\n\nexport function get(sdk: OktaAuth, url: string, options?: RequestOptions) {\n  url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n  var getOptions = {\n    url: url,\n    method: 'GET'\n  };\n  Object.assign(getOptions, options);\n  return httpRequest(sdk, getOptions);\n}\n\nexport function post(sdk: OktaAuth, url: string, args?: RequestData, options?: RequestOptions) {\n  url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n  var postOptions = {\n    url: url,\n    method: 'POST',\n    args: args,\n    saveAuthnState: true\n  };\n  Object.assign(postOptions, options);\n  return httpRequest(sdk, postOptions);\n}\n"],"file":"request.js"}

package/cjs/idx/authenticate.js

@@ -2,9 +2,9 @@
 
 exports.authenticate = authenticate;
 
-var _run = require("./run");
+var _types = require("../types");
 
-var _flow = require("./flow");
+var _run = require("./run");
 
 /*!
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
@@ -17,10 +17,13 @@ var _flow = require("./flow");
  * 
  * See the License for the specific language governing permissions and limitations under the License.
  */
-async function authenticate(authClient, options) {
-  const flowSpec = (0, _flow.getFlowSpecification)(authClient, 'authenticate');
+async function authenticate(authClient, options = {}) {
+  if (options.password && !options.authenticator) {
+    options.authenticator = _types.AuthenticatorKey.OKTA_PASSWORD;
+  }
+
   return (0, _run.run)(authClient, { ...options,
-    ...flowSpec
+    flow: 'authenticate'
   });
 }
 //# sourceMappingURL=authenticate.js.map