@okta/okta-auth-js 5.11.0 → 6.2.0

package/cjs/idx/remediators/util.js

@@ -1,10 +1,18 @@
 "use strict";
 
+var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
+
 exports.getAllValues = getAllValues;
 exports.getRequiredValues = getRequiredValues;
 exports.titleCase = titleCase;
 exports.getAuthenticatorFromRemediation = getAuthenticatorFromRemediation;
 
+var _map = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/map"));
+
+var _reduce = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/reduce"));
+
+var _find = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/find"));
+
 /*!
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -17,11 +25,15 @@ exports.getAuthenticatorFromRemediation = getAuthenticatorFromRemediation;
  * See the License for the specific language governing permissions and limitations under the License.
  */
 function getAllValues(idxRemediation) {
-  return idxRemediation.value.map(r => r.name);
+  var _idxRemediation$value;
+
+  return (_idxRemediation$value = idxRemediation.value) === null || _idxRemediation$value === void 0 ? void 0 : (0, _map.default)(_idxRemediation$value).call(_idxRemediation$value, r => r.name);
 }
 
 function getRequiredValues(idxRemediation) {
-  return idxRemediation.value.reduce((required, cur) => {
+  var _idxRemediation$value2;
+
+  return (_idxRemediation$value2 = idxRemediation.value) === null || _idxRemediation$value2 === void 0 ? void 0 : (0, _reduce.default)(_idxRemediation$value2).call(_idxRemediation$value2, (required, cur) => {
     if (cur.required) {
       required.push(cur.name);
     }
@@ -35,7 +47,10 @@ function titleCase(str) {
 }
 
 function getAuthenticatorFromRemediation(remediation) {
-  return remediation.value.find(({
+  var _context;
+
+  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+  return (0, _find.default)(_context = remediation.value).call(_context, ({
     name
   }) => name === 'authenticator');
 }

package/cjs/idx/remediators/util.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/idx/remediators/util.ts"],"names":["getAllValues","idxRemediation","value","map","r","name","getRequiredValues","reduce","required","cur","push","titleCase","str","charAt","toUpperCase","substring","getAuthenticatorFromRemediation","remediation","find"],"mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKO,SAASA,YAAT,CAAsBC,cAAtB,EAAsD;AAC3D,SAAOA,cAAc,CAACC,KAAf,CAAqBC,GAArB,CAAyBC,CAAC,IAAIA,CAAC,CAACC,IAAhC,CAAP;AACD;;AAEM,SAASC,iBAAT,CAA2BL,cAA3B,EAA2D;AAChE,SAAOA,cAAc,CAACC,KAAf,CAAqBK,MAArB,CAA4B,CAACC,QAAD,EAAWC,GAAX,KAAmB;AACpD,QAAIA,GAAG,CAACD,QAAR,EAAkB;AAChBA,MAAAA,QAAQ,CAACE,IAAT,CAAcD,GAAG,CAACJ,IAAlB;AACD;;AACD,WAAOG,QAAP;AACD,GALM,EAKJ,EALI,CAAP;AAMD;;AAEM,SAASG,SAAT,CAAmBC,GAAnB,EAAgC;AACrC,SAAOA,GAAG,CAACC,MAAJ,CAAW,CAAX,EAAcC,WAAd,KAA8BF,GAAG,CAACG,SAAJ,CAAc,CAAd,CAArC;AACD;;AAEM,SAASC,+BAAT,CACLC,WADK,EAEgB;AACrB,SAAOA,WAAW,CAACf,KAAZ,CAAkBgB,IAAlB,CAAuB,CAAC;AAAEb,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,eAA9C,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { IdxRemediation, IdxRemediationValue } from '../types/idx-js';\n\nexport function getAllValues(idxRemediation: IdxRemediation) {\n  return idxRemediation.value.map(r => r.name);\n}\n\nexport function getRequiredValues(idxRemediation: IdxRemediation) {\n  return idxRemediation.value.reduce((required, cur) => {\n    if (cur.required) {\n      required.push(cur.name);\n    }\n    return required;\n  }, []);\n}\n\nexport function titleCase(str: string) {\n  return str.charAt(0).toUpperCase() + str.substring(1);\n}\n\nexport function getAuthenticatorFromRemediation(\n  remediation: IdxRemediation\n): IdxRemediationValue {\n  return remediation.value.find(({ name }) => name === 'authenticator');\n}\n"],"file":"util.js"}
+{"version":3,"sources":["../../../../lib/idx/remediators/util.ts"],"names":["getAllValues","idxRemediation","value","r","name","getRequiredValues","required","cur","push","titleCase","str","charAt","toUpperCase","substring","getAuthenticatorFromRemediation","remediation"],"mappings":";;;;;;;;;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKO,SAASA,YAAT,CAAsBC,cAAtB,EAAsD;AAAA;;AAC3D,kCAAOA,cAAc,CAACC,KAAtB,0DAAO,qEAA0BC,CAAC,IAAIA,CAAC,CAACC,IAAjC,CAAP;AACD;;AAEM,SAASC,iBAAT,CAA2BJ,cAA3B,EAA2D;AAAA;;AAChE,mCAAOA,cAAc,CAACC,KAAtB,2DAAO,0EAA6B,CAACI,QAAD,EAAWC,GAAX,KAAmB;AACrD,QAAIA,GAAG,CAACD,QAAR,EAAkB;AAChBA,MAAAA,QAAQ,CAACE,IAAT,CAAcD,GAAG,CAACH,IAAlB;AACD;;AACD,WAAOE,QAAP;AACD,GALM,EAKJ,EALI,CAAP;AAMD;;AAEM,SAASG,SAAT,CAAmBC,GAAnB,EAAgC;AACrC,SAAOA,GAAG,CAACC,MAAJ,CAAW,CAAX,EAAcC,WAAd,KAA8BF,GAAG,CAACG,SAAJ,CAAc,CAAd,CAArC;AACD;;AAEM,SAASC,+BAAT,CACLC,WADK,EAEgB;AAAA;;AACrB;AACA,SAAO,8BAAAA,WAAW,CAACb,KAAZ,iBAAwB,CAAC;AAAEE,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,eAA/C,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { IdxRemediation, IdxRemediationValue } from '../types/idx-js';\n\nexport function getAllValues(idxRemediation: IdxRemediation) {\n  return idxRemediation.value?.map(r => r.name);\n}\n\nexport function getRequiredValues(idxRemediation: IdxRemediation) {\n  return idxRemediation.value?.reduce((required, cur) => {\n    if (cur.required) {\n      required.push(cur.name as never);\n    }\n    return required;\n  }, []);\n}\n\nexport function titleCase(str: string) {\n  return str.charAt(0).toUpperCase() + str.substring(1);\n}\n\nexport function getAuthenticatorFromRemediation(\n  remediation: IdxRemediation\n): IdxRemediationValue {\n  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n  return remediation.value!.find(({ name }) => name === 'authenticator') as IdxRemediationValue;\n}\n"],"file":"util.js"}

package/cjs/idx/run.js

@@ -1,22 +1,36 @@
 "use strict";
 
+var _WeakMap = require("@babel/runtime-corejs3/core-js-stable/weak-map");
+
+var _Object$getOwnPropertyDescriptor = require("@babel/runtime-corejs3/core-js-stable/object/get-own-property-descriptor");
+
+var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
+
 exports.run = run;
 
+var _reduce = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/reduce"));
+
+var _values = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/values"));
+
 var _interact = require("./interact");
 
 var _introspect = require("./introspect");
 
 var _remediate = require("./remediate");
 
+var _flow = require("./flow");
+
 var remediators = _interopRequireWildcard(require("./remediators"));
 
 var _types = require("../types");
 
+var _idxJs = require("./types/idx-js");
+
 var _transactionMeta = require("./transactionMeta");
 
-function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _getRequireWildcardCache(nodeInterop) { if (typeof _WeakMap !== "function") return null; var cacheBabelInterop = new _WeakMap(); var cacheNodeInterop = new _WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
 
-function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && _Object$getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? _Object$getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
 
 /*!
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
@@ -54,12 +68,20 @@ function getEnabledFeatures(idxResponse) {
     res.push(_types.IdxFeature.SOCIAL_IDP);
   }
 
+  if (neededToProceed.some(({
+    name
+  }) => name === 'unlock-account')) {
+    res.push(_types.IdxFeature.ACCOUNT_UNLOCK);
+  }
+
   return res;
 }
 
-function getAvailableSteps(remediations) {
+function getAvailableSteps(idxResponse) {
+  var _context;
+
   const res = [];
-  const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {
+  const remediatorMap = (0, _reduce.default)(_context = (0, _values.default)(remediators)).call(_context, (map, remediatorClass) => {
     // Only add concrete subclasses to the map
     if (remediatorClass.remediationName) {
       map[remediatorClass.remediationName] = remediatorClass;
@@ -68,12 +90,12 @@ function getAvailableSteps(remediations) {
     return map;
   }, {});
 
-  for (let remediation of remediations) {
+  for (let remediation of idxResponse.neededToProceed) {
     const T = remediatorMap[remediation.name];
 
     if (T) {
       const remediator = new T(remediation);
-      res.push(remediator.getNextStep());
+      res.push(remediator.getNextStep(idxResponse.context));
     }
   }
 
@@ -81,6 +103,8 @@ function getAvailableSteps(remediations) {
 }
 
 async function run(authClient, options = {}) {
+  var _meta;
+
   let tokens;
   let nextStep;
   let messages;
@@ -90,49 +114,78 @@ async function run(authClient, options = {}) {
   let availableSteps;
   let status = _types.IdxStatus.PENDING;
   let shouldClearTransaction = false;
+  let clearSharedStorage = true;
   let idxResponse;
   let interactionHandle;
   let metaFromResp;
+  let interactionCode;
 
   try {
     var _metaFromResp;
 
-    const {
+    let {
       flow,
-      stateTokenExternalId,
-      state
+      state,
+      scopes,
+      version,
+      remediators,
+      actions,
+      withCredentials,
+      exchangeCodeForTokens,
+      autoRemediate,
+      step,
+      recoveryToken,
+      activationToken
     } = options; // Only one flow can be operating at a time
 
+    flow = flow || authClient.idx.getFlow() || 'default';
+
     if (flow) {
       authClient.idx.setFlow(flow);
+      const flowSpec = (0, _flow.getFlowSpecification)(authClient, flow); // Favor option values over flow spec
+
+      withCredentials = typeof withCredentials !== 'undefined' ? withCredentials : flowSpec.withCredentials;
+      remediators = remediators || flowSpec.remediators;
+      actions = actions || flowSpec.actions;
     } // Try to resume saved transaction
 
 
     metaFromResp = (0, _transactionMeta.getSavedTransactionMeta)(authClient, {
-      state
+      state,
+      recoveryToken,
+      activationToken
     });
     interactionHandle = (_metaFromResp = metaFromResp) === null || _metaFromResp === void 0 ? void 0 : _metaFromResp.interactionHandle; // may be undefined
 
-    if (!interactionHandle && !stateTokenExternalId) {
+    if (!interactionHandle) {
       // start a new transaction
       authClient.transactionManager.clear();
-      const interactResponse = await (0, _interact.interact)(authClient, options);
+      const interactResponse = await (0, _interact.interact)(authClient, {
+        withCredentials,
+        state,
+        scopes,
+        activationToken,
+        recoveryToken
+      });
       interactionHandle = interactResponse.interactionHandle;
       metaFromResp = interactResponse.meta;
+      withCredentials = metaFromResp.withCredentials;
     } // Introspect to get idx response
 
 
     idxResponse = await (0, _introspect.introspect)(authClient, {
-      interactionHandle,
-      stateTokenExternalId
+      withCredentials,
+      version,
+      interactionHandle
     });
+    enabledFeatures = getEnabledFeatures(idxResponse);
+    availableSteps = getAvailableSteps(idxResponse); // Include meta in the transaction response
+
+    meta = metaFromResp;
+
+    if (autoRemediate !== false && (remediators || actions)) {
+      var _idxResponse;
 
-    if (!options.remediators && !options.actions) {
-      // handle start transaction
-      meta = metaFromResp;
-      enabledFeatures = getEnabledFeatures(idxResponse);
-      availableSteps = getAvailableSteps(idxResponse.neededToProceed);
-    } else {
       const values = { ...options,
         stateHandle: idxResponse.rawIdxState.stateHandle
       }; // Can we handle the remediations?
@@ -143,56 +196,91 @@ async function run(authClient, options = {}) {
         terminal,
         canceled,
         messages: messagesFromResp
-      } = await (0, _remediate.remediate)(idxResponse, values, options); // Track fields from remediation response
+      } = await (0, _remediate.remediate)(idxResponse, values, {
+        remediators,
+        actions,
+        flow,
+        step
+      });
+      idxResponse = idxResponseFromResp || idxResponse; // Track fields from remediation response
 
       nextStep = nextStepFromResp;
       messages = messagesFromResp; // Save intermediate idx response in storage to reduce introspect call
 
-      if (nextStep && idxResponseFromResp) {
-        authClient.transactionManager.saveIdxResponse(idxResponseFromResp.rawIdxState);
+      if (nextStep) {
+        authClient.transactionManager.saveIdxResponse(idxResponse.rawIdxState);
+        availableSteps = getAvailableSteps(idxResponse);
       }
 
       if (terminal) {
         status = _types.IdxStatus.TERMINAL;
         shouldClearTransaction = true;
+        clearSharedStorage = false; // transaction may be continued in another tab
       }
 
       if (canceled) {
         status = _types.IdxStatus.CANCELED;
         shouldClearTransaction = true;
-      } else if (idxResponseFromResp !== null && idxResponseFromResp !== void 0 && idxResponseFromResp.interactionCode) {
-        const {
-          clientId,
-          codeVerifier,
-          ignoreSignature,
-          redirectUri,
-          urls,
-          scopes
-        } = metaFromResp;
-        tokens = await authClient.token.exchangeCodeForTokens({
-          interactionCode: idxResponseFromResp.interactionCode,
-          clientId,
-          codeVerifier,
-          ignoreSignature,
-          redirectUri,
-          scopes
-        }, urls);
-        status = _types.IdxStatus.SUCCESS;
-        shouldClearTransaction = true;
+      } else if ((_idxResponse = idxResponse) !== null && _idxResponse !== void 0 && _idxResponse.interactionCode) {
+        interactionCode = idxResponse.interactionCode;
+
+        if (exchangeCodeForTokens === false) {
+          status = _types.IdxStatus.SUCCESS;
+          shouldClearTransaction = false;
+        } else {
+          // exchange the interaction code for tokens
+          const {
+            clientId,
+            codeVerifier,
+            ignoreSignature,
+            redirectUri,
+            urls,
+            scopes
+          } = metaFromResp;
+          tokens = await authClient.token.exchangeCodeForTokens({
+            interactionCode,
+            clientId,
+            codeVerifier,
+            ignoreSignature,
+            redirectUri,
+            scopes
+          }, urls);
+          status = _types.IdxStatus.SUCCESS;
+          shouldClearTransaction = true;
+        }
       }
     }
   } catch (err) {
-    error = err;
-    status = _types.IdxStatus.FAILURE;
-    shouldClearTransaction = true;
+    // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors
+    if ((0, _idxJs.isIdxResponse)(err)) {
+      error = err;
+      status = _types.IdxStatus.FAILURE;
+      shouldClearTransaction = true;
+    } else {
+      // error is not an IDX response, throw it like a regular error
+      throw err;
+    }
   }
 
   if (shouldClearTransaction) {
-    authClient.transactionManager.clear();
-  }
+    authClient.transactionManager.clear({
+      clearSharedStorage
+    });
+  } else if ((_meta = meta) !== null && _meta !== void 0 && _meta.state) {
+    // ensures state is saved to sessionStorage
+    (0, _transactionMeta.saveTransactionMeta)(authClient, { ...meta
+    });
+  } // from idx-js, used by the widget
 
+
+  const {
+    actions,
+    context,
+    neededToProceed,
+    proceed,
+    rawIdxState
+  } = idxResponse || {};
   return {
-    _idxResponse: idxResponse,
     status,
     ...(meta && {
       meta
@@ -214,7 +302,15 @@ async function run(authClient, options = {}) {
     }),
     ...(error && {
       error
-    })
+    }),
+    interactionCode,
+    // if options.exchangeCodeForTokens is false
+    // from idx-js
+    actions,
+    context,
+    neededToProceed,
+    proceed,
+    rawIdxState
   };
 }
 //# sourceMappingURL=run.js.map

package/cjs/idx/run.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","getAvailableSteps","remediations","remediatorMap","Object","values","remediators","reduce","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","interactionHandle","metaFromResp","flow","stateTokenExternalId","state","idx","setFlow","transactionManager","clear","interactResponse","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","saveIdxResponse","TERMINAL","CANCELED","interactionCode","clientId","codeVerifier","ignoreSignature","redirectUri","urls","scopes","token","exchangeCodeForTokens","SUCCESS","err","FAILURE","_idxResponse"],"mappings":";;;;AAcA;;AACA;;AACA;;AAEA;;AACA;;AASA;;;;;;AA5BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAwBA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,SAAOT,GAAP;AACD;;AAED,SAASU,iBAAT,CAA2BC,YAA3B,EAAuE;AACrE,QAAMX,GAAG,GAAG,EAAZ;AAEA,QAAMY,aAAa,GAAGC,MAAM,CAACC,MAAP,CAAcC,WAAd,EAA2BC,MAA3B,CAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBT,YAAxB,EAAsC;AACpC,UAAMU,CAAC,GAAGT,aAAa,CAACQ,WAAW,CAACb,IAAb,CAAvB;;AACA,QAAIc,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACApB,MAAAA,GAAG,CAACG,IAAJ,CAAUmB,UAAU,CAACC,WAAX,EAAV;AACD;AACF;;AAED,SAAOvB,GAAP;AACD;;AAEM,eAAewB,GAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAItC,WAAJ;AACA,MAAIuC,iBAAJ;AACA,MAAIC,YAAJ;;AAEA,MAAI;AAAA;;AAEF,UAAM;AAAEC,MAAAA,IAAF;AAAQC,MAAAA,oBAAR;AAA8BC,MAAAA;AAA9B,QAAwChB,OAA9C,CAFE,CAIF;;AACA,QAAIc,IAAJ,EAAU;AACRf,MAAAA,UAAU,CAACkB,GAAX,CAAeC,OAAf,CAAuBJ,IAAvB;AACD,KAPC,CASF;;;AACAD,IAAAA,YAAY,GAAG,8CAAwBd,UAAxB,EAAoC;AAAEiB,MAAAA;AAAF,KAApC,CAAf;AACAJ,IAAAA,iBAAiB,oBAAGC,YAAH,kDAAG,cAAcD,iBAAlC,CAXE,CAWmD;;AAErD,QAAI,CAACA,iBAAD,IAAsB,CAACG,oBAA3B,EAAiD;AAC/C;AACAhB,MAAAA,UAAU,CAACoB,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAAStB,UAAT,EAAqBC,OAArB,CAA/B;AACAY,MAAAA,iBAAiB,GAAGS,gBAAgB,CAACT,iBAArC;AACAC,MAAAA,YAAY,GAAGQ,gBAAgB,CAAChB,IAAhC;AACD,KAnBC,CAqBF;;;AACAhC,IAAAA,WAAW,GAAG,MAAM,4BAAW0B,UAAX,EAAuB;AAAEa,MAAAA,iBAAF;AAAqBG,MAAAA;AAArB,KAAvB,CAApB;;AAEA,QAAI,CAACf,OAAO,CAACX,WAAT,IAAwB,CAACW,OAAO,CAACzB,OAArC,EAA8C;AAC5C;AACA8B,MAAAA,IAAI,GAAGQ,YAAP;AACAP,MAAAA,eAAe,GAAGlC,kBAAkB,CAACC,WAAD,CAApC;AACAkC,MAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAW,CAACG,eAAb,CAAlC;AACD,KALD,MAKO;AACL,YAAMY,MAAqC,GAAG,EAC5C,GAAGY,OADyC;AAE5CsB,QAAAA,WAAW,EAAEjD,WAAW,CAACkD,WAAZ,CAAwBD;AAFO,OAA9C,CADK,CAML;;AACA,YAAM;AACJjD,QAAAA,WAAW,EAAEmD,mBADT;AAEJtB,QAAAA,QAAQ,EAAEuB,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJxB,QAAAA,QAAQ,EAAEyB;AALN,UAMF,MAAM,0BAAUvD,WAAV,EAAuBe,MAAvB,EAA+BY,OAA/B,CANV,CAPK,CAeL;;AACAE,MAAAA,QAAQ,GAAGuB,gBAAX;AACAtB,MAAAA,QAAQ,GAAGyB,gBAAX,CAjBK,CAmBL;;AACA,UAAI1B,QAAQ,IAAIsB,mBAAhB,EAAqC;AACnCzB,QAAAA,UAAU,CAACoB,kBAAX,CAA8BU,eAA9B,CAA8CL,mBAAmB,CAACD,WAAlE;AACD;;AAED,UAAIG,QAAJ,EAAc;AACZlB,QAAAA,MAAM,GAAGC,iBAAUqB,QAAnB;AACAnB,QAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAAC,UAAIgB,QAAJ,EAAc;AACdnB,QAAAA,MAAM,GAAGC,iBAAUsB,QAAnB;AACApB,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,IAAIa,mBAAJ,aAAIA,mBAAJ,eAAIA,mBAAmB,CAAEQ,eAAzB,EAA0C;AAC/C,cAAM;AACJC,UAAAA,QADI;AAEJC,UAAAA,YAFI;AAGJC,UAAAA,eAHI;AAIJC,UAAAA,WAJI;AAKJC,UAAAA,IALI;AAMJC,UAAAA;AANI,YAOFzB,YAPJ;AAQAZ,QAAAA,MAAM,GAAG,MAAMF,UAAU,CAACwC,KAAX,CAAiBC,qBAAjB,CAAuC;AACpDR,UAAAA,eAAe,EAAER,mBAAmB,CAACQ,eADe;AAEpDC,UAAAA,QAFoD;AAGpDC,UAAAA,YAHoD;AAIpDC,UAAAA,eAJoD;AAKpDC,UAAAA,WALoD;AAMpDE,UAAAA;AANoD,SAAvC,EAOZD,IAPY,CAAf;AASA7B,QAAAA,MAAM,GAAGC,iBAAUgC,OAAnB;AACA9B,QAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF,GAjFD,CAiFE,OAAO+B,GAAP,EAAY;AACZtC,IAAAA,KAAK,GAAGsC,GAAR;AACAlC,IAAAA,MAAM,GAAGC,iBAAUkC,OAAnB;AACAhC,IAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAED,MAAIA,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAACoB,kBAAX,CAA8BC,KAA9B;AACD;;AAED,SAAO;AACLwB,IAAAA,YAAY,EAAEvE,WADT;AAELmC,IAAAA,MAFK;AAGL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAHK;AAIL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAJK;AAKL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CALK;AAML,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CARK;AASL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb;AATK,GAAP;AAWD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate } from './remediate';\nimport { RemediationFlow } from './flow';\nimport * as remediators from './remediators';\nimport { \n  OktaAuth,\n  IdxStatus,\n  IdxTransaction,\n  IdxFeature,\n  NextStep,\n  FlowIdentifier,\n} from '../types';\nimport { IdxResponse, IdxRemediation } from './types/idx-js';\nimport { getSavedTransactionMeta } from './transactionMeta';\nimport { ProceedOptions } from './proceed';\n\nexport type RunOptions = ProceedOptions & {\n  flow?: FlowIdentifier;\n  remediators?: RemediationFlow;\n  actions?: string[];\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n  const res = [];\n  const { actions, neededToProceed } = idxResponse;\n\n  if (actions['currentAuthenticator-recover']) {\n    res.push(IdxFeature.PASSWORD_RECOVERY);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n    res.push(IdxFeature.REGISTRATION);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n    res.push(IdxFeature.SOCIAL_IDP);\n  }\n\n  return res;\n}\n\nfunction getAvailableSteps(remediations: IdxRemediation[]): NextStep[] {\n  const res = [];\n\n  const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n    // Only add concrete subclasses to the map\n    if (remediatorClass.remediationName) {\n      map[remediatorClass.remediationName] = remediatorClass;\n    }\n    return map;\n  }, {});\n\n  for (let remediation of remediations) {\n    const T = remediatorMap[remediation.name];\n    if (T) {\n      const remediator = new T(remediation);\n      res.push (remediator.getNextStep());\n    }\n  }\n\n  return res;\n}\n\nexport async function run(\n  authClient: OktaAuth, \n  options: RunOptions = {},\n): Promise<IdxTransaction> {\n  let tokens;\n  let nextStep;\n  let messages;\n  let error;\n  let meta;\n  let enabledFeatures;\n  let availableSteps;\n  let status = IdxStatus.PENDING;\n  let shouldClearTransaction = false;\n  let idxResponse;\n  let interactionHandle;\n  let metaFromResp;\n\n  try {\n\n    const { flow, stateTokenExternalId, state } = options;\n\n    // Only one flow can be operating at a time\n    if (flow) {\n      authClient.idx.setFlow(flow);\n    }\n\n    // Try to resume saved transaction\n    metaFromResp = getSavedTransactionMeta(authClient, { state });\n    interactionHandle = metaFromResp?.interactionHandle; // may be undefined\n\n    if (!interactionHandle && !stateTokenExternalId) {\n      // start a new transaction\n      authClient.transactionManager.clear();\n      const interactResponse = await interact(authClient, options); \n      interactionHandle = interactResponse.interactionHandle;\n      metaFromResp = interactResponse.meta;\n    }\n\n    // Introspect to get idx response\n    idxResponse = await introspect(authClient, { interactionHandle, stateTokenExternalId });\n\n    if (!options.remediators && !options.actions) {\n      // handle start transaction\n      meta = metaFromResp;\n      enabledFeatures = getEnabledFeatures(idxResponse);\n      availableSteps = getAvailableSteps(idxResponse.neededToProceed);\n    } else {\n      const values: remediators.RemediationValues = { \n        ...options, \n        stateHandle: idxResponse.rawIdxState.stateHandle \n      };\n\n      // Can we handle the remediations?\n      const { \n        idxResponse: idxResponseFromResp, \n        nextStep: nextStepFromResp,\n        terminal,\n        canceled,\n        messages: messagesFromResp,\n      } = await remediate(idxResponse, values, options);\n\n      // Track fields from remediation response\n      nextStep = nextStepFromResp;\n      messages = messagesFromResp;\n\n      // Save intermediate idx response in storage to reduce introspect call\n      if (nextStep && idxResponseFromResp) {\n        authClient.transactionManager.saveIdxResponse(idxResponseFromResp.rawIdxState);\n      }\n\n      if (terminal) {\n        status = IdxStatus.TERMINAL;\n        shouldClearTransaction = true;\n      } if (canceled) {\n        status = IdxStatus.CANCELED;\n        shouldClearTransaction = true;\n      } else if (idxResponseFromResp?.interactionCode) { \n        const {\n          clientId,\n          codeVerifier,\n          ignoreSignature,\n          redirectUri,\n          urls,\n          scopes,\n        } = metaFromResp;\n        tokens = await authClient.token.exchangeCodeForTokens({\n          interactionCode: idxResponseFromResp.interactionCode,\n          clientId,\n          codeVerifier,\n          ignoreSignature,\n          redirectUri,\n          scopes\n        }, urls);\n\n        status = IdxStatus.SUCCESS;\n        shouldClearTransaction = true;\n      }\n    }\n  } catch (err) {\n    error = err;\n    status = IdxStatus.FAILURE;\n    shouldClearTransaction = true;\n  }\n\n  if (shouldClearTransaction) {\n    authClient.transactionManager.clear();\n  }\n  \n  return {\n    _idxResponse: idxResponse, \n    status,\n    ...(meta && { meta }),\n    ...(enabledFeatures && { enabledFeatures }),\n    ...(availableSteps && { availableSteps }),\n    ...(tokens && { tokens: tokens.tokens }),\n    ...(nextStep && { nextStep }),\n    ...(messages && { messages }),\n    ...(error && { error }),\n  };\n}\n"],"file":"run.js"}
+{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","ACCOUNT_UNLOCK","getAvailableSteps","remediatorMap","remediators","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","context","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","clearSharedStorage","interactionHandle","metaFromResp","interactionCode","flow","state","scopes","version","withCredentials","exchangeCodeForTokens","autoRemediate","step","recoveryToken","activationToken","idx","getFlow","setFlow","flowSpec","transactionManager","clear","interactResponse","values","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","saveIdxResponse","TERMINAL","CANCELED","SUCCESS","clientId","codeVerifier","ignoreSignature","redirectUri","urls","token","err","FAILURE","proceed"],"mappings":";;;;;;;;;;;;;;AAcA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAQA;;AACA;;;;;;AA5BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAyBA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,MAAIP,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,gBAA5C,CAAJ,EAAmE;AACjEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWM,cAApB;AACD;;AAED,SAAOV,GAAP;AACD;;AAED,SAASW,iBAAT,CAA2BZ,WAA3B,EAAiE;AAAA;;AAC/D,QAAMC,GAAG,GAAG,EAAZ;AAEA,QAAMY,aAAa,GAAG,qDAAcC,WAAd,kBAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBlB,WAAW,CAACG,eAApC,EAAqD;AACnD,UAAMgB,CAAC,GAAGN,aAAa,CAACK,WAAW,CAACV,IAAb,CAAvB;;AACA,QAAIW,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACAjB,MAAAA,GAAG,CAACG,IAAJ,CAAUgB,UAAU,CAACC,WAAX,CAAuBrB,WAAW,CAACsB,OAAnC,CAAV;AACD;AACF;;AAED,SAAOrB,GAAP;AACD;;AAEM,eAAesB,GAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AAAA;;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAIC,kBAAkB,GAAG,IAAzB;AACA,MAAIrC,WAAJ;AACA,MAAIsC,iBAAJ;AACA,MAAIC,YAAJ;AACA,MAAIC,eAAJ;;AAEA,MAAI;AAAA;;AAEF,QAAI;AACFC,MAAAA,IADE;AAEFC,MAAAA,KAFE;AAGFC,MAAAA,MAHE;AAIFC,MAAAA,OAJE;AAKF9B,MAAAA,WALE;AAMFZ,MAAAA,OANE;AAOF2C,MAAAA,eAPE;AAQFC,MAAAA,qBARE;AASFC,MAAAA,aATE;AAUFC,MAAAA,IAVE;AAWFC,MAAAA,aAXE;AAYFC,MAAAA;AAZE,QAaAzB,OAbJ,CAFE,CAiBF;;AACAgB,IAAAA,IAAI,GAAGA,IAAI,IAAIjB,UAAU,CAAC2B,GAAX,CAAeC,OAAf,EAAR,IAAoC,SAA3C;;AACA,QAAIX,IAAJ,EAAU;AACRjB,MAAAA,UAAU,CAAC2B,GAAX,CAAeE,OAAf,CAAuBZ,IAAvB;AACA,YAAMa,QAAQ,GAAG,gCAAqB9B,UAArB,EAAiCiB,IAAjC,CAAjB,CAFQ,CAGR;;AACAI,MAAAA,eAAe,GAAI,OAAOA,eAAP,KAA2B,WAA5B,GAA2CA,eAA3C,GAA6DS,QAAQ,CAACT,eAAxF;AACA/B,MAAAA,WAAW,GAAGA,WAAW,IAAIwC,QAAQ,CAACxC,WAAtC;AACAZ,MAAAA,OAAO,GAAGA,OAAO,IAAIoD,QAAQ,CAACpD,OAA9B;AACD,KA1BC,CA4BF;;;AACAqC,IAAAA,YAAY,GAAG,8CAAwBf,UAAxB,EAAoC;AAAEkB,MAAAA,KAAF;AAASO,MAAAA,aAAT;AAAwBC,MAAAA;AAAxB,KAApC,CAAf;AACAZ,IAAAA,iBAAiB,oBAAGC,YAAH,kDAAG,cAAcD,iBAAlC,CA9BE,CA8BmD;;AAErD,QAAI,CAACA,iBAAL,EAAwB;AACtB;AACAd,MAAAA,UAAU,CAAC+B,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAASjC,UAAT,EAAqB;AAClDqB,QAAAA,eADkD;AAElDH,QAAAA,KAFkD;AAGlDC,QAAAA,MAHkD;AAIlDO,QAAAA,eAJkD;AAKlDD,QAAAA;AALkD,OAArB,CAA/B;AAOAX,MAAAA,iBAAiB,GAAGmB,gBAAgB,CAACnB,iBAArC;AACAC,MAAAA,YAAY,GAAGkB,gBAAgB,CAAC3B,IAAhC;AACAe,MAAAA,eAAe,GAAGN,YAAY,CAACM,eAA/B;AACD,KA7CC,CA+CF;;;AACA7C,IAAAA,WAAW,GAAG,MAAM,4BAAWwB,UAAX,EAAuB;AAAEqB,MAAAA,eAAF;AAAmBD,MAAAA,OAAnB;AAA4BN,MAAAA;AAA5B,KAAvB,CAApB;AACAP,IAAAA,eAAe,GAAGhC,kBAAkB,CAACC,WAAD,CAApC;AACAgC,IAAAA,cAAc,GAAGpB,iBAAiB,CAACZ,WAAD,CAAlC,CAlDE,CAoDF;;AACA8B,IAAAA,IAAI,GAAGS,YAAP;;AAEA,QAAIQ,aAAa,KAAK,KAAlB,KAA4BjC,WAAW,IAAIZ,OAA3C,CAAJ,EAAyD;AAAA;;AACvD,YAAMwD,MAAqC,GAAG,EAC5C,GAAGjC,OADyC;AAE5CkC,QAAAA,WAAW,EAAE3D,WAAW,CAAC4D,WAAZ,CAAwBD;AAFO,OAA9C,CADuD,CAMvD;;AACA,YAAM;AACJ3D,QAAAA,WAAW,EAAE6D,mBADT;AAEJlC,QAAAA,QAAQ,EAAEmC,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJpC,QAAAA,QAAQ,EAAEqC;AALN,UAMF,MAAM,0BAAUjE,WAAV,EAAuB0D,MAAvB,EAA+B;AAAE5C,QAAAA,WAAF;AAAeZ,QAAAA,OAAf;AAAwBuC,QAAAA,IAAxB;AAA8BO,QAAAA;AAA9B,OAA/B,CANV;AAOAhD,MAAAA,WAAW,GAAG6D,mBAAmB,IAAI7D,WAArC,CAduD,CAgBvD;;AACA2B,MAAAA,QAAQ,GAAGmC,gBAAX;AACAlC,MAAAA,QAAQ,GAAGqC,gBAAX,CAlBuD,CAoBvD;;AACA,UAAItC,QAAJ,EAAc;AACZH,QAAAA,UAAU,CAAC+B,kBAAX,CAA8BW,eAA9B,CAA8ClE,WAAW,CAAC4D,WAA1D;AACA5B,QAAAA,cAAc,GAAGpB,iBAAiB,CAACZ,WAAD,CAAlC;AACD;;AAED,UAAI+D,QAAJ,EAAc;AACZ9B,QAAAA,MAAM,GAAGC,iBAAUiC,QAAnB;AACA/B,QAAAA,sBAAsB,GAAG,IAAzB;AACAC,QAAAA,kBAAkB,GAAG,KAArB,CAHY,CAGgB;AAC7B;;AAAC,UAAI2B,QAAJ,EAAc;AACd/B,QAAAA,MAAM,GAAGC,iBAAUkC,QAAnB;AACAhC,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,oBAAIpC,WAAJ,yCAAI,aAAawC,eAAjB,EAAkC;AACvCA,QAAAA,eAAe,GAAGxC,WAAW,CAACwC,eAA9B;;AAEA,YAAIM,qBAAqB,KAAK,KAA9B,EAAqC;AACnCb,UAAAA,MAAM,GAAGC,iBAAUmC,OAAnB;AACAjC,UAAAA,sBAAsB,GAAG,KAAzB;AACD,SAHD,MAGO;AACL;AACA,gBAAM;AACJkC,YAAAA,QADI;AAEJC,YAAAA,YAFI;AAGJC,YAAAA,eAHI;AAIJC,YAAAA,WAJI;AAKJC,YAAAA,IALI;AAMJ/B,YAAAA;AANI,cAOFJ,YAPJ;AAQAb,UAAAA,MAAM,GAAG,MAAMF,UAAU,CAACmD,KAAX,CAAiB7B,qBAAjB,CAAuC;AACpDN,YAAAA,eADoD;AAEpD8B,YAAAA,QAFoD;AAGpDC,YAAAA,YAHoD;AAIpDC,YAAAA,eAJoD;AAKpDC,YAAAA,WALoD;AAMpD9B,YAAAA;AANoD,WAAvC,EAOZ+B,IAPY,CAAf;AASAzC,UAAAA,MAAM,GAAGC,iBAAUmC,OAAnB;AACAjC,UAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF;AACF,GAtHD,CAsHE,OAAOwC,GAAP,EAAY;AACZ;AACA,QAAI,0BAAcA,GAAd,CAAJ,EAAwB;AACtB/C,MAAAA,KAAK,GAAG+C,GAAR;AACA3C,MAAAA,MAAM,GAAGC,iBAAU2C,OAAnB;AACAzC,MAAAA,sBAAsB,GAAG,IAAzB;AACD,KAJD,MAIO;AACL;AACA,YAAMwC,GAAN;AACD;AAEF;;AAED,MAAIxC,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAAC+B,kBAAX,CAA8BC,KAA9B,CAAoC;AAAEnB,MAAAA;AAAF,KAApC;AACD,GAFD,MAGK,aAAIP,IAAJ,kCAAI,MAAMY,KAAV,EAAiB;AACpB;AACA,8CAAoBlB,UAApB,EAAgC,EAAE,GAAGM;AAAL,KAAhC;AACD,GAzJwB,CA2JzB;;;AACA,QAAM;AAAE5B,IAAAA,OAAF;AAAWoB,IAAAA,OAAX;AAAoBnB,IAAAA,eAApB;AAAqC2E,IAAAA,OAArC;AAA8ClB,IAAAA;AAA9C,MAA8D5D,WAAW,IAAI,EAAnF;AACA,SAAO;AACLiC,IAAAA,MADK;AAEL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAFK;AAGL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAHK;AAIL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CAJK;AAKL,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CALK;AAML,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb,CARK;AASLW,IAAAA,eATK;AASY;AAEjB;AACAtC,IAAAA,OAZK;AAaLoB,IAAAA,OAbK;AAcLnB,IAAAA,eAdK;AAeL2E,IAAAA,OAfK;AAgBLlB,IAAAA;AAhBK,GAAP;AAkBD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate, RemediateOptions } from './remediate';\nimport { getFlowSpecification, RemediationFlow } from './flow';\nimport * as remediators from './remediators';\nimport { \n  OktaAuthInterface,\n  IdxStatus,\n  IdxTransaction,\n  IdxFeature,\n  NextStep,\n  FlowIdentifier,\n} from '../types';\nimport { IdxResponse, isIdxResponse } from './types/idx-js';\nimport { getSavedTransactionMeta, saveTransactionMeta } from './transactionMeta';\nimport { ProceedOptions } from './proceed';\n\nexport type RunOptions = ProceedOptions & RemediateOptions & {\n  flow?: FlowIdentifier;\n  remediators?: RemediationFlow;\n  actions?: string[];\n  withCredentials?: boolean;\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n  const res = [];\n  const { actions, neededToProceed } = idxResponse;\n\n  if (actions['currentAuthenticator-recover']) {\n    res.push(IdxFeature.PASSWORD_RECOVERY as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n    res.push(IdxFeature.REGISTRATION as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n    res.push(IdxFeature.SOCIAL_IDP as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'unlock-account')) {\n    res.push(IdxFeature.ACCOUNT_UNLOCK as never);\n  }\n\n  return res;\n}\n\nfunction getAvailableSteps(idxResponse: IdxResponse): NextStep[] {\n  const res = [];\n\n  const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n    // Only add concrete subclasses to the map\n    if (remediatorClass.remediationName) {\n      map[remediatorClass.remediationName] = remediatorClass;\n    }\n    return map;\n  }, {});\n\n  for (let remediation of idxResponse.neededToProceed) {\n    const T = remediatorMap[remediation.name];\n    if (T) {\n      const remediator = new T(remediation);\n      res.push (remediator.getNextStep(idxResponse.context) as never);\n    }\n  }\n\n  return res;\n}\n\nexport async function run(\n  authClient: OktaAuthInterface, \n  options: RunOptions = {},\n): Promise<IdxTransaction> {\n  let tokens;\n  let nextStep;\n  let messages;\n  let error;\n  let meta;\n  let enabledFeatures;\n  let availableSteps;\n  let status = IdxStatus.PENDING;\n  let shouldClearTransaction = false;\n  let clearSharedStorage = true;\n  let idxResponse;\n  let interactionHandle;\n  let metaFromResp;\n  let interactionCode;\n\n  try {\n\n    let {\n      flow,\n      state,\n      scopes,\n      version,\n      remediators,\n      actions,\n      withCredentials,\n      exchangeCodeForTokens,\n      autoRemediate,\n      step,\n      recoveryToken,\n      activationToken\n    } = options;\n\n    // Only one flow can be operating at a time\n    flow = flow || authClient.idx.getFlow() || 'default';\n    if (flow) {\n      authClient.idx.setFlow(flow);\n      const flowSpec = getFlowSpecification(authClient, flow);\n      // Favor option values over flow spec\n      withCredentials = (typeof withCredentials !== 'undefined') ? withCredentials : flowSpec.withCredentials;\n      remediators = remediators || flowSpec.remediators;\n      actions = actions || flowSpec.actions;\n    }\n\n    // Try to resume saved transaction\n    metaFromResp = getSavedTransactionMeta(authClient, { state, recoveryToken, activationToken });\n    interactionHandle = metaFromResp?.interactionHandle; // may be undefined\n\n    if (!interactionHandle) {\n      // start a new transaction\n      authClient.transactionManager.clear();\n      const interactResponse = await interact(authClient, {\n        withCredentials,\n        state,\n        scopes,\n        activationToken,\n        recoveryToken\n      }); \n      interactionHandle = interactResponse.interactionHandle;\n      metaFromResp = interactResponse.meta;\n      withCredentials = metaFromResp.withCredentials;\n    }\n\n    // Introspect to get idx response\n    idxResponse = await introspect(authClient, { withCredentials, version, interactionHandle });\n    enabledFeatures = getEnabledFeatures(idxResponse);\n    availableSteps = getAvailableSteps(idxResponse);\n    \n    // Include meta in the transaction response\n    meta = metaFromResp;\n\n    if (autoRemediate !== false && (remediators || actions)) {\n      const values: remediators.RemediationValues = { \n        ...options, \n        stateHandle: idxResponse.rawIdxState.stateHandle \n      };\n\n      // Can we handle the remediations?\n      const { \n        idxResponse: idxResponseFromResp, \n        nextStep: nextStepFromResp,\n        terminal,\n        canceled,\n        messages: messagesFromResp,\n      } = await remediate(idxResponse, values, { remediators, actions, flow, step });\n      idxResponse = idxResponseFromResp || idxResponse;\n\n      // Track fields from remediation response\n      nextStep = nextStepFromResp;\n      messages = messagesFromResp;\n\n      // Save intermediate idx response in storage to reduce introspect call\n      if (nextStep) {\n        authClient.transactionManager.saveIdxResponse(idxResponse.rawIdxState);\n        availableSteps = getAvailableSteps(idxResponse);\n      }\n\n      if (terminal) {\n        status = IdxStatus.TERMINAL;\n        shouldClearTransaction = true;\n        clearSharedStorage = false; // transaction may be continued in another tab\n      } if (canceled) {\n        status = IdxStatus.CANCELED;\n        shouldClearTransaction = true;\n      } else if (idxResponse?.interactionCode) { \n        interactionCode = idxResponse.interactionCode;\n\n        if (exchangeCodeForTokens === false) {\n          status = IdxStatus.SUCCESS;\n          shouldClearTransaction = false;\n        } else {\n          // exchange the interaction code for tokens\n          const {\n            clientId,\n            codeVerifier,\n            ignoreSignature,\n            redirectUri,\n            urls,\n            scopes,\n          } = metaFromResp;\n          tokens = await authClient.token.exchangeCodeForTokens({\n            interactionCode,\n            clientId,\n            codeVerifier,\n            ignoreSignature,\n            redirectUri,\n            scopes\n          }, urls);\n\n          status = IdxStatus.SUCCESS;\n          shouldClearTransaction = true;\n        }\n      }\n    }\n  } catch (err) {\n    // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors\n    if (isIdxResponse(err)) {\n      error = err;\n      status = IdxStatus.FAILURE;\n      shouldClearTransaction = true;\n    } else {\n      // error is not an IDX response, throw it like a regular error\n      throw err;\n    }\n\n  }\n\n  if (shouldClearTransaction) {\n    authClient.transactionManager.clear({ clearSharedStorage });\n  }\n  else if (meta?.state) {\n    // ensures state is saved to sessionStorage\n    saveTransactionMeta(authClient, { ...meta });\n  }\n  \n  // from idx-js, used by the widget\n  const { actions, context, neededToProceed, proceed, rawIdxState } = idxResponse || {};\n  return {\n    status,\n    ...(meta && { meta }),\n    ...(enabledFeatures && { enabledFeatures }),\n    ...(availableSteps && { availableSteps }),\n    ...(tokens && { tokens: tokens.tokens }),\n    ...(nextStep && { nextStep }),\n    ...(messages && { messages }),\n    ...(error && { error }),\n    interactionCode, // if options.exchangeCodeForTokens is false\n\n    // from idx-js\n    actions,\n    context,\n    neededToProceed,\n    proceed,\n    rawIdxState,\n  };\n}\n"],"file":"run.js"}

package/cjs/idx/startTransaction.js

@@ -15,10 +15,12 @@ var _run = require("./run");
  * 
  * See the License for the specific language governing permissions and limitations under the License.
  */
-// This method only resolves { status: IdxStatus.PENDING } if transaction has already started
 async function startTransaction(authClient, options = {}) {
   // Clear IDX response cache and saved transaction meta (if any)
   authClient.transactionManager.clear();
-  return (0, _run.run)(authClient, options);
+  return (0, _run.run)(authClient, {
+    exchangeCodeForTokens: false,
+    ...options
+  });
 }
 //# sourceMappingURL=startTransaction.js.map

package/cjs/idx/startTransaction.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB;AACAD,EAAAA,UAAU,CAACE,kBAAX,CAA8BC,KAA9B;AAEA,SAAO,cAAIH,UAAJ,EAAgBC,OAAhB,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { OktaAuth, IdxOptions, IdxTransaction } from '../types';\n\n// This method only resolves { status: IdxStatus.PENDING } if transaction has already started\nexport async function startTransaction(\n  authClient: OktaAuth, \n  options: IdxOptions = {}\n): Promise<IdxTransaction> {\n  // Clear IDX response cache and saved transaction meta (if any)\n  authClient.transactionManager.clear();\n\n  return run(authClient, options);\n}\n"],"file":"startTransaction.js"}
+{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear","exchangeCodeForTokens"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB;AACAD,EAAAA,UAAU,CAACE,kBAAX,CAA8BC,KAA9B;AAEA,SAAO,cAAIH,UAAJ,EAAgB;AACrBI,IAAAA,qBAAqB,EAAE,KADF;AAErB,OAAGH;AAFkB,GAAhB,CAAP;AAID","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run, RunOptions } from './run';\nimport { OktaAuthInterface, IdxTransaction } from '../types';\n\nexport async function startTransaction(\n  authClient: OktaAuthInterface, \n  options: RunOptions = {}\n): Promise<IdxTransaction> {\n  // Clear IDX response cache and saved transaction meta (if any)\n  authClient.transactionManager.clear();\n\n  return run(authClient, {\n    exchangeCodeForTokens: false,\n    ...options\n  });\n}\n"],"file":"startTransaction.js"}