@okta/okta-auth-js 5.11.0 → 6.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (421) hide show
  1. package/CHANGELOG.md +74 -0
  2. package/README.md +63 -29
  3. package/cjs/AuthStateManager.js +15 -6
  4. package/cjs/AuthStateManager.js.map +1 -1
  5. package/cjs/OktaAuth.js +168 -108
  6. package/cjs/OktaAuth.js.map +1 -1
  7. package/cjs/OktaUserAgent.js +2 -2
  8. package/cjs/OktaUserAgent.js.map +1 -1
  9. package/cjs/PromiseQueue.js +11 -2
  10. package/cjs/PromiseQueue.js.map +1 -1
  11. package/cjs/SavedObject.js +4 -2
  12. package/cjs/SavedObject.js.map +1 -1
  13. package/cjs/ServiceManager.js +195 -0
  14. package/cjs/ServiceManager.js.map +1 -0
  15. package/cjs/StorageManager.js +16 -9
  16. package/cjs/StorageManager.js.map +1 -1
  17. package/cjs/TokenManager.js +42 -34
  18. package/cjs/TokenManager.js.map +1 -1
  19. package/cjs/TransactionManager.js +26 -7
  20. package/cjs/TransactionManager.js.map +1 -1
  21. package/cjs/browser/browserStorage.js +36 -20
  22. package/cjs/browser/browserStorage.js.map +1 -1
  23. package/cjs/browser/fingerprint.js +12 -4
  24. package/cjs/browser/fingerprint.js.map +1 -1
  25. package/cjs/builderUtil.js +7 -19
  26. package/cjs/builderUtil.js.map +1 -1
  27. package/cjs/clock.js +5 -1
  28. package/cjs/clock.js.map +1 -1
  29. package/cjs/crypto/base64.js +18 -0
  30. package/cjs/crypto/base64.js.map +1 -1
  31. package/cjs/crypto/index.js +6 -4
  32. package/cjs/crypto/index.js.map +1 -1
  33. package/cjs/crypto/node.js +19 -13
  34. package/cjs/crypto/node.js.map +1 -1
  35. package/cjs/crypto/oidcHash.js +5 -1
  36. package/cjs/crypto/oidcHash.js.map +1 -1
  37. package/cjs/crypto/webauthn.js +101 -0
  38. package/cjs/crypto/webauthn.js.map +1 -0
  39. package/cjs/crypto/webcrypto.js +3 -1
  40. package/cjs/crypto/webcrypto.js.map +1 -1
  41. package/cjs/errors/AuthApiError.js +1 -1
  42. package/cjs/errors/AuthPollStopError.js +1 -1
  43. package/cjs/errors/AuthSdkError.js +1 -1
  44. package/cjs/errors/CustomError.js +5 -1
  45. package/cjs/errors/CustomError.js.map +1 -1
  46. package/cjs/errors/OAuthError.js +1 -1
  47. package/cjs/errors/index.js +1 -1
  48. package/cjs/features.js +9 -3
  49. package/cjs/features.js.map +1 -1
  50. package/cjs/fetch/fetchRequest.js +19 -6
  51. package/cjs/fetch/fetchRequest.js.map +1 -1
  52. package/cjs/http/headers.js.map +1 -1
  53. package/cjs/http/index.js +4 -2
  54. package/cjs/http/index.js.map +1 -1
  55. package/cjs/http/request.js +11 -5
  56. package/cjs/http/request.js.map +1 -1
  57. package/cjs/idx/authenticate.js +8 -5
  58. package/cjs/idx/authenticate.js.map +1 -1
  59. package/cjs/idx/authenticator/Authenticator.js.map +1 -1
  60. package/cjs/idx/authenticator/OktaPassword.js.map +1 -1
  61. package/cjs/idx/authenticator/SecurityQuestionEnrollment.js +1 -1
  62. package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map +1 -1
  63. package/cjs/idx/authenticator/SecurityQuestionVerification.js +2 -1
  64. package/cjs/idx/authenticator/SecurityQuestionVerification.js.map +1 -1
  65. package/cjs/idx/authenticator/VerificationCodeAuthenticator.js +2 -2
  66. package/cjs/idx/authenticator/VerificationCodeAuthenticator.js.map +1 -1
  67. package/cjs/idx/authenticator/WebauthnEnrollment.js +46 -0
  68. package/cjs/idx/authenticator/WebauthnEnrollment.js.map +1 -0
  69. package/cjs/idx/authenticator/WebauthnVerification.js +55 -0
  70. package/cjs/idx/authenticator/WebauthnVerification.js.map +1 -0
  71. package/cjs/idx/authenticator/getAuthenticator.js +17 -6
  72. package/cjs/idx/authenticator/getAuthenticator.js.map +1 -1
  73. package/cjs/idx/authenticator/index.js +34 -6
  74. package/cjs/idx/authenticator/index.js.map +1 -1
  75. package/cjs/idx/cancel.js.map +1 -1
  76. package/cjs/idx/emailVerify.js +73 -0
  77. package/cjs/idx/emailVerify.js.map +1 -0
  78. package/cjs/idx/flow/AccountUnlockFlow.js +30 -0
  79. package/cjs/idx/flow/AccountUnlockFlow.js.map +1 -0
  80. package/cjs/idx/flow/FlowSpecification.js +24 -4
  81. package/cjs/idx/flow/FlowSpecification.js.map +1 -1
  82. package/cjs/idx/flow/PasswordRecoveryFlow.js +4 -1
  83. package/cjs/idx/flow/PasswordRecoveryFlow.js.map +1 -1
  84. package/cjs/idx/flow/RegistrationFlow.js +2 -0
  85. package/cjs/idx/flow/RegistrationFlow.js.map +1 -1
  86. package/cjs/idx/flow/index.js +20 -5
  87. package/cjs/idx/flow/index.js.map +1 -1
  88. package/cjs/idx/handleInteractionCodeRedirect.js +6 -1
  89. package/cjs/idx/handleInteractionCodeRedirect.js.map +1 -1
  90. package/cjs/idx/headers.js +21 -5
  91. package/cjs/idx/headers.js.map +1 -1
  92. package/cjs/idx/idx-js/client.js +91 -0
  93. package/cjs/idx/idx-js/client.js.map +1 -0
  94. package/cjs/idx/idx-js/index.js +162 -0
  95. package/cjs/idx/idx-js/index.js.map +1 -0
  96. package/cjs/idx/idx-js/interact.js +83 -0
  97. package/cjs/idx/idx-js/interact.js.map +1 -0
  98. package/cjs/idx/idx-js/introspect.js +58 -0
  99. package/cjs/idx/idx-js/introspect.js.map +1 -0
  100. package/cjs/idx/idx-js/parsers.js +41 -0
  101. package/cjs/idx/idx-js/parsers.js.map +1 -0
  102. package/cjs/idx/idx-js/util.js +34 -0
  103. package/cjs/idx/idx-js/util.js.map +1 -0
  104. package/cjs/idx/idx-js/v1/actionParser.js +90 -0
  105. package/cjs/idx/idx-js/v1/actionParser.js.map +1 -0
  106. package/cjs/idx/idx-js/v1/generateIdxAction.js +117 -0
  107. package/cjs/idx/idx-js/v1/generateIdxAction.js.map +1 -0
  108. package/cjs/idx/idx-js/v1/idxResponseParser.js +137 -0
  109. package/cjs/idx/idx-js/v1/idxResponseParser.js.map +1 -0
  110. package/cjs/idx/idx-js/v1/makeIdxState.js +64 -0
  111. package/cjs/idx/idx-js/v1/makeIdxState.js.map +1 -0
  112. package/cjs/idx/idx-js/v1/parsers.js +24 -0
  113. package/cjs/idx/idx-js/v1/parsers.js.map +1 -0
  114. package/cjs/idx/idx-js/v1/remediationParser.js +32 -0
  115. package/cjs/idx/idx-js/v1/remediationParser.js.map +1 -0
  116. package/cjs/idx/index.js +121 -109
  117. package/cjs/idx/index.js.map +1 -1
  118. package/cjs/idx/interact.js +53 -36
  119. package/cjs/idx/interact.js.map +1 -1
  120. package/cjs/idx/introspect.js +17 -19
  121. package/cjs/idx/introspect.js.map +1 -1
  122. package/cjs/idx/poll.js +13 -3
  123. package/cjs/idx/poll.js.map +1 -1
  124. package/cjs/idx/proceed.js +4 -7
  125. package/cjs/idx/proceed.js.map +1 -1
  126. package/cjs/idx/recoverPassword.js +1 -1
  127. package/cjs/idx/recoverPassword.js.map +1 -1
  128. package/cjs/idx/register.js +11 -16
  129. package/cjs/idx/register.js.map +1 -1
  130. package/cjs/idx/remediate.js +74 -27
  131. package/cjs/idx/remediate.js.map +1 -1
  132. package/cjs/idx/remediators/AuthenticatorEnrollmentData.js +12 -4
  133. package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
  134. package/cjs/idx/remediators/AuthenticatorVerificationData.js +52 -9
  135. package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
  136. package/cjs/idx/remediators/Base/AuthenticatorData.js +31 -13
  137. package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
  138. package/cjs/idx/remediators/Base/Remediator.js +67 -31
  139. package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
  140. package/cjs/idx/remediators/Base/SelectAuthenticator.js +46 -30
  141. package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  142. package/cjs/idx/remediators/Base/VerifyAuthenticator.js +16 -4
  143. package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  144. package/cjs/idx/remediators/ChallengeAuthenticator.js +2 -2
  145. package/cjs/idx/remediators/ChallengeAuthenticator.js.map +1 -1
  146. package/cjs/idx/remediators/ChallengePoll.js +2 -2
  147. package/cjs/idx/remediators/EnrollAuthenticator.js +2 -2
  148. package/cjs/idx/remediators/EnrollAuthenticator.js.map +1 -1
  149. package/cjs/idx/remediators/EnrollPoll.js +18 -9
  150. package/cjs/idx/remediators/EnrollPoll.js.map +1 -1
  151. package/cjs/idx/remediators/EnrollProfile.js +24 -9
  152. package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
  153. package/cjs/idx/remediators/EnrollmentChannelData.js +96 -0
  154. package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -0
  155. package/cjs/idx/remediators/Identify.js +5 -3
  156. package/cjs/idx/remediators/Identify.js.map +1 -1
  157. package/cjs/idx/remediators/ReEnrollAuthenticator.js +6 -3
  158. package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
  159. package/cjs/idx/remediators/RedirectIdp.js +2 -2
  160. package/cjs/idx/remediators/ResetAuthenticator.js +2 -2
  161. package/cjs/idx/remediators/ResetAuthenticator.js.map +1 -1
  162. package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js +7 -5
  163. package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
  164. package/cjs/idx/remediators/SelectAuthenticatorEnroll.js +2 -2
  165. package/cjs/idx/remediators/SelectAuthenticatorEnroll.js.map +1 -1
  166. package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js +72 -0
  167. package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js.map +1 -0
  168. package/cjs/idx/remediators/SelectEnrollProfile.js +2 -2
  169. package/cjs/idx/remediators/SelectEnrollProfile.js.map +1 -1
  170. package/cjs/idx/remediators/SelectEnrollmentChannel.js +86 -0
  171. package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -0
  172. package/cjs/idx/remediators/Skip.js +5 -3
  173. package/cjs/idx/remediators/Skip.js.map +1 -1
  174. package/cjs/idx/remediators/index.js +57 -16
  175. package/cjs/idx/remediators/index.js.map +1 -1
  176. package/cjs/idx/remediators/util.js +18 -3
  177. package/cjs/idx/remediators/util.js.map +1 -1
  178. package/cjs/idx/run.js +145 -49
  179. package/cjs/idx/run.js.map +1 -1
  180. package/cjs/idx/startTransaction.js +4 -2
  181. package/cjs/idx/startTransaction.js.map +1 -1
  182. package/cjs/idx/transactionMeta.js +82 -69
  183. package/cjs/idx/transactionMeta.js.map +1 -1
  184. package/cjs/idx/types/idx-js.js.map +1 -1
  185. package/cjs/idx/types/index.js +59 -7
  186. package/cjs/idx/types/index.js.map +1 -1
  187. package/cjs/idx/unlockAccount.js +48 -0
  188. package/cjs/idx/unlockAccount.js.map +1 -0
  189. package/cjs/index.js +33 -13
  190. package/cjs/index.js.map +1 -1
  191. package/cjs/oidc/endpoints/authorize.js +10 -2
  192. package/cjs/oidc/endpoints/authorize.js.map +1 -1
  193. package/cjs/oidc/endpoints/index.js +5 -3
  194. package/cjs/oidc/endpoints/index.js.map +1 -1
  195. package/cjs/oidc/endpoints/token.js +16 -3
  196. package/cjs/oidc/endpoints/token.js.map +1 -1
  197. package/cjs/oidc/endpoints/well-known.js +7 -3
  198. package/cjs/oidc/endpoints/well-known.js.map +1 -1
  199. package/cjs/oidc/exchangeCodeForTokens.js +12 -4
  200. package/cjs/oidc/exchangeCodeForTokens.js.map +1 -1
  201. package/cjs/oidc/getToken.js +12 -6
  202. package/cjs/oidc/getToken.js.map +1 -1
  203. package/cjs/oidc/getUserInfo.js +7 -3
  204. package/cjs/oidc/getUserInfo.js.map +1 -1
  205. package/cjs/oidc/getWithPopup.js +8 -2
  206. package/cjs/oidc/getWithPopup.js.map +1 -1
  207. package/cjs/oidc/getWithRedirect.js +15 -38
  208. package/cjs/oidc/getWithRedirect.js.map +1 -1
  209. package/cjs/oidc/getWithoutPrompt.js +8 -2
  210. package/cjs/oidc/getWithoutPrompt.js.map +1 -1
  211. package/cjs/oidc/handleOAuthResponse.js +87 -87
  212. package/cjs/oidc/handleOAuthResponse.js.map +1 -1
  213. package/cjs/oidc/index.js +4 -2
  214. package/cjs/oidc/index.js.map +1 -1
  215. package/cjs/oidc/parseFromUrl.js +9 -3
  216. package/cjs/oidc/parseFromUrl.js.map +1 -1
  217. package/cjs/oidc/renewToken.js.map +1 -1
  218. package/cjs/oidc/renewTokens.js +6 -2
  219. package/cjs/oidc/renewTokens.js.map +1 -1
  220. package/cjs/oidc/renewTokensWithRefresh.js +5 -1
  221. package/cjs/oidc/renewTokensWithRefresh.js.map +1 -1
  222. package/cjs/oidc/revokeToken.js +34 -31
  223. package/cjs/oidc/revokeToken.js.map +1 -1
  224. package/cjs/oidc/util/browser.js +5 -1
  225. package/cjs/oidc/util/browser.js.map +1 -1
  226. package/cjs/oidc/util/defaultTokenParams.js.map +1 -1
  227. package/cjs/oidc/util/errors.js.map +1 -1
  228. package/cjs/oidc/util/index.js +27 -11
  229. package/cjs/oidc/util/index.js.map +1 -1
  230. package/cjs/oidc/util/loginRedirect.js +10 -1
  231. package/cjs/oidc/util/loginRedirect.js.map +1 -1
  232. package/cjs/oidc/util/oauth.js +4 -2
  233. package/cjs/oidc/util/oauth.js.map +1 -1
  234. package/cjs/oidc/util/oauthMeta.js +36 -0
  235. package/cjs/oidc/util/oauthMeta.js.map +1 -0
  236. package/cjs/oidc/util/pkce.js +11 -3
  237. package/cjs/oidc/util/pkce.js.map +1 -1
  238. package/cjs/oidc/util/prepareTokenParams.js +62 -39
  239. package/cjs/oidc/util/prepareTokenParams.js.map +1 -1
  240. package/cjs/oidc/util/validateClaims.js +3 -1
  241. package/cjs/oidc/util/validateClaims.js.map +1 -1
  242. package/cjs/oidc/verifyToken.js +13 -4
  243. package/cjs/oidc/verifyToken.js.map +1 -1
  244. package/cjs/options/browser.js +81 -0
  245. package/cjs/options/browser.js.map +1 -0
  246. package/cjs/options/index.js +94 -0
  247. package/cjs/options/index.js.map +1 -0
  248. package/cjs/options/node.js +46 -0
  249. package/cjs/options/node.js.map +1 -0
  250. package/cjs/server/serverStorage.js +9 -5
  251. package/cjs/server/serverStorage.js.map +1 -1
  252. package/cjs/services/AutoRenewService.js +94 -0
  253. package/cjs/services/AutoRenewService.js.map +1 -0
  254. package/cjs/services/SyncStorageService.js +93 -0
  255. package/cjs/services/SyncStorageService.js.map +1 -0
  256. package/cjs/services/index.js +30 -0
  257. package/cjs/services/index.js.map +1 -0
  258. package/cjs/tx/AuthTransaction.js +18 -9
  259. package/cjs/tx/AuthTransaction.js.map +1 -1
  260. package/cjs/tx/TransactionState.js +0 -17
  261. package/cjs/tx/TransactionState.js.map +1 -1
  262. package/cjs/tx/api.js +11 -6
  263. package/cjs/tx/api.js.map +1 -1
  264. package/cjs/tx/index.js +7 -5
  265. package/cjs/tx/index.js.map +1 -1
  266. package/cjs/tx/poll.js +6 -4
  267. package/cjs/tx/poll.js.map +1 -1
  268. package/cjs/tx/util.js +5 -1
  269. package/cjs/tx/util.js.map +1 -1
  270. package/cjs/types/Service.js +2 -0
  271. package/cjs/types/Service.js.map +1 -0
  272. package/cjs/types/Transaction.js +10 -2
  273. package/cjs/types/Transaction.js.map +1 -1
  274. package/cjs/types/index.js +29 -14
  275. package/cjs/types/index.js.map +1 -1
  276. package/cjs/util/index.js +7 -18
  277. package/cjs/util/index.js.map +1 -1
  278. package/cjs/util/misc.js +5 -1
  279. package/cjs/util/misc.js.map +1 -1
  280. package/cjs/util/object.js +16 -6
  281. package/cjs/util/object.js.map +1 -1
  282. package/cjs/util/sharedStorage.js +5 -1
  283. package/cjs/util/sharedStorage.js.map +1 -1
  284. package/cjs/util/url.js.map +1 -1
  285. package/dist/okta-auth-js.min.js +1 -1
  286. package/dist/okta-auth-js.min.js.LICENSE.txt +0 -20
  287. package/dist/okta-auth-js.min.js.map +1 -1
  288. package/dist/okta-auth-js.polyfill.js +1 -1
  289. package/dist/okta-auth-js.polyfill.js.map +1 -1
  290. package/dist/okta-auth-js.umd.js +1 -1
  291. package/dist/okta-auth-js.umd.js.LICENSE.txt +1 -19
  292. package/dist/okta-auth-js.umd.js.map +1 -1
  293. package/esm/{index.js → esm.browser.js} +3283 -2698
  294. package/esm/esm.browser.js.map +1 -0
  295. package/esm/esm.node.mjs +9277 -0
  296. package/esm/esm.node.mjs.map +1 -0
  297. package/lib/AuthStateManager.d.ts +2 -5
  298. package/lib/OktaAuth.d.ts +14 -16
  299. package/lib/ServiceManager.d.ts +38 -0
  300. package/lib/StorageManager.d.ts +2 -2
  301. package/lib/TokenManager.d.ts +4 -5
  302. package/lib/TransactionManager.d.ts +4 -3
  303. package/lib/browser/fingerprint.d.ts +2 -3
  304. package/lib/builderUtil.d.ts +1 -2
  305. package/lib/crypto/base64.d.ts +2 -0
  306. package/lib/crypto/browser.d.ts +1 -1
  307. package/lib/crypto/webauthn.d.ts +25 -0
  308. package/lib/features.d.ts +1 -1
  309. package/lib/http/headers.d.ts +2 -2
  310. package/lib/http/request.d.ts +4 -4
  311. package/lib/idx/authenticate.d.ts +2 -2
  312. package/lib/idx/authenticator/Authenticator.d.ts +4 -5
  313. package/lib/idx/authenticator/OktaPassword.d.ts +7 -9
  314. package/lib/idx/authenticator/SecurityQuestionEnrollment.d.ts +9 -8
  315. package/lib/idx/authenticator/SecurityQuestionVerification.d.ts +7 -7
  316. package/lib/idx/authenticator/VerificationCodeAuthenticator.d.ts +6 -2
  317. package/lib/idx/authenticator/WebauthnEnrollment.d.ts +16 -0
  318. package/lib/idx/authenticator/WebauthnVerification.d.ts +17 -0
  319. package/lib/idx/authenticator/getAuthenticator.d.ts +1 -1
  320. package/lib/idx/authenticator/index.d.ts +9 -0
  321. package/lib/idx/cancel.d.ts +2 -2
  322. package/lib/idx/emailVerify.d.ts +26 -0
  323. package/lib/{util/emailVerify.d.ts → idx/flow/AccountUnlockFlow.d.ts} +2 -6
  324. package/lib/idx/flow/FlowSpecification.d.ts +3 -2
  325. package/lib/idx/flow/index.d.ts +1 -0
  326. package/lib/idx/headers.d.ts +3 -2
  327. package/lib/idx/idx-js/client.d.ts +36 -0
  328. package/lib/idx/idx-js/index.d.ts +51 -0
  329. package/lib/idx/idx-js/interact.d.ts +25 -0
  330. package/lib/idx/idx-js/introspect.d.ts +20 -0
  331. package/lib/idx/idx-js/parsers.d.ts +15 -0
  332. package/lib/idx/idx-js/util.d.ts +12 -0
  333. package/lib/idx/idx-js/v1/actionParser.d.ts +16 -0
  334. package/lib/idx/idx-js/v1/generateIdxAction.d.ts +13 -0
  335. package/lib/idx/idx-js/v1/idxResponseParser.d.ts +20 -0
  336. package/lib/idx/idx-js/v1/makeIdxState.d.ts +13 -0
  337. package/lib/idx/idx-js/v1/parsers.d.ts +16 -0
  338. package/lib/idx/idx-js/v1/remediationParser.d.ts +12 -0
  339. package/lib/idx/index.d.ts +12 -10
  340. package/lib/idx/interact.d.ts +7 -13
  341. package/lib/idx/introspect.d.ts +4 -3
  342. package/lib/idx/poll.d.ts +2 -2
  343. package/lib/idx/proceed.d.ts +8 -5
  344. package/lib/idx/recoverPassword.d.ts +2 -2
  345. package/lib/idx/register.d.ts +2 -2
  346. package/lib/idx/remediate.d.ts +10 -4
  347. package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +3 -3
  348. package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +5 -5
  349. package/lib/idx/remediators/Base/AuthenticatorData.d.ts +10 -10
  350. package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +10 -7
  351. package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +8 -12
  352. package/lib/idx/remediators/EnrollProfile.d.ts +1 -1
  353. package/lib/idx/remediators/EnrollmentChannelData.d.ts +54 -0
  354. package/lib/idx/remediators/Identify.d.ts +2 -2
  355. package/lib/idx/remediators/ReEnrollAuthenticator.d.ts +2 -2
  356. package/lib/idx/remediators/RedirectIdp.d.ts +3 -3
  357. package/lib/idx/remediators/SelectAuthenticatorUnlockAccount.d.ts +38 -0
  358. package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +40 -0
  359. package/lib/idx/remediators/index.d.ts +3 -0
  360. package/lib/idx/remediators/util.d.ts +2 -2
  361. package/lib/idx/run.d.ts +5 -3
  362. package/lib/idx/startTransaction.d.ts +3 -2
  363. package/lib/idx/transactionMeta.d.ts +10 -31
  364. package/lib/idx/types/FlowIdentifier.d.ts +1 -1
  365. package/lib/idx/types/idx-js.d.ts +44 -1
  366. package/lib/idx/types/index.d.ts +36 -9
  367. package/lib/idx/unlockAccount.d.ts +15 -0
  368. package/lib/index.d.ts +1 -0
  369. package/lib/oidc/endpoints/well-known.d.ts +3 -3
  370. package/lib/oidc/exchangeCodeForTokens.d.ts +14 -2
  371. package/lib/oidc/getToken.d.ts +2 -2
  372. package/lib/oidc/getWithPopup.d.ts +2 -2
  373. package/lib/oidc/getWithRedirect.d.ts +2 -2
  374. package/lib/oidc/getWithoutPrompt.d.ts +2 -2
  375. package/lib/oidc/handleOAuthResponse.d.ts +2 -2
  376. package/lib/oidc/parseFromUrl.d.ts +1 -1
  377. package/lib/oidc/renewToken.d.ts +2 -2
  378. package/lib/oidc/renewTokens.d.ts +1 -1
  379. package/lib/oidc/renewTokensWithRefresh.d.ts +2 -2
  380. package/lib/oidc/revokeToken.d.ts +2 -2
  381. package/lib/oidc/util/browser.d.ts +3 -3
  382. package/lib/oidc/util/defaultTokenParams.d.ts +2 -2
  383. package/lib/oidc/util/errors.d.ts +2 -2
  384. package/lib/oidc/util/index.d.ts +1 -0
  385. package/lib/oidc/util/loginRedirect.d.ts +4 -4
  386. package/lib/oidc/util/oauth.d.ts +4 -11
  387. package/lib/oidc/util/oauthMeta.d.ts +2 -0
  388. package/lib/oidc/util/prepareTokenParams.d.ts +5 -2
  389. package/lib/oidc/util/validateClaims.d.ts +2 -2
  390. package/lib/oidc/verifyToken.d.ts +2 -2
  391. package/lib/options/browser.d.ts +16 -0
  392. package/lib/{options.d.ts → options/index.d.ts} +1 -1
  393. package/lib/options/node.d.ts +16 -0
  394. package/lib/server/serverStorage.d.ts +1 -1
  395. package/lib/services/AutoRenewService.d.ts +27 -0
  396. package/lib/services/{TokenService.d.ts → SyncStorageService.d.ts} +8 -5
  397. package/lib/services/index.d.ts +13 -0
  398. package/lib/tx/AuthTransaction.d.ts +2 -2
  399. package/lib/tx/TransactionState.d.ts +11 -1
  400. package/lib/tx/api.d.ts +6 -6
  401. package/lib/types/OktaAuthOptions.d.ts +11 -8
  402. package/lib/types/Service.d.ts +23 -0
  403. package/lib/types/Storage.d.ts +3 -3
  404. package/lib/types/Transaction.d.ts +10 -7
  405. package/lib/types/UserClaims.d.ts +3 -3
  406. package/lib/types/api.d.ts +49 -22
  407. package/lib/types/index.d.ts +1 -1
  408. package/lib/util/console.d.ts +1 -1
  409. package/lib/util/index.d.ts +0 -1
  410. package/lib/util/sharedStorage.d.ts +1 -1
  411. package/lib/util/types.d.ts +1 -1
  412. package/lib/util/url.d.ts +2 -2
  413. package/package.json +30 -13
  414. package/polyfill/index.js +1 -0
  415. package/cjs/options.js +0 -154
  416. package/cjs/options.js.map +0 -1
  417. package/cjs/services/TokenService.js +0 -108
  418. package/cjs/services/TokenService.js.map +0 -1
  419. package/cjs/util/emailVerify.js +0 -28
  420. package/cjs/util/emailVerify.js.map +0 -1
  421. package/esm/index.js.map +0 -1
package/cjs/TransactionManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearIdxResponse","clearSharedStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","JSON","stringify","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","Object","assign","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","getIdxResponseStorage","loadIdxResponse"],"mappings":";;;;AAaA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6Be,MAAMA,kBAAN,CAAyB;AAStCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKN,OAAL,GAAeA,OAAf;AACD,GAjBqC,CAmBtC;;;AACAO,EAAAA,KAAK,CAACP,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMQ,kBAAmC,GAAG,KAAKP,cAAL,CAAoBQ,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,SAAKC,gBAAL,GAR+C,CAU/C;AACA;;AACA,QAAI,KAAKP,mBAAL,IAA4BN,OAAO,CAACc,kBAAxC,EAA4D;AAC1D,YAAMC,KAAK,GAAGf,OAAO,CAACe,KAAR,KAAiBL,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEK,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKd,cAAvC,EAAuDc,KAAvD;AACD;AACF;;AAED,QAAI,CAAC,KAAKb,mBAAV,EAA+B;AAC7B;AACD,KArB8C,CAuB/C;;;AACA,QAAIF,OAAO,CAACgB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIjB,OAAO,CAACkB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GAnDqC,CAqDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBV,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIqB,OAAwB,GAAG,KAAKpB,cAAL,CAAoBQ,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACtB,OAAO,CAACuB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKJ,mBAAL,IAA4BI,IAAI,CAACK,KAArC,EAA4C;AAC1C,yDAA+B,KAAKd,cAApC,EAAoDS,IAAI,CAACK,KAAzD,EAAgEL,IAAhE;AACD;;AAED,QAAI,CAACV,OAAO,CAACgB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKb,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMoB,aAA4B,GAAG,KAAKxB,cAAL,CAAoBU,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKrB,gBAAT,EAA2B;AACzB,cAAM;AACJsB,UAAAA,YADI;AAEJZ,UAAAA,KAFI;AAGJa,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBZ,UAAAA,KAFkB;AAGlBa,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkDC,IAAI,CAACC,SAAL,CAAeJ,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK9B,eAAL,IAAwBO,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBI,qCAAtB,EAAkD5B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKxB,eAAL,IAAwBM,IAAI,CAACK,KAAjC,EAAwC;AACtC;AACAU,QAAAA,aAAa,CAACS,OAAd,CAAsBK,qCAAtB,EAAkD7B,IAAI,CAACK,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDyB,EAAAA,MAAM,CAACxC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMU,IAAqB,GAAG,KAAK+B,IAAL,CAAUzC,OAAV,CAA9B;AACA,aAAO,CAAC,CAACU,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GA7HqC,CA+HtC;AACA;;;AACA+B,EAAAA,IAAI,CAACzC,OAA+B,GAAG,EAAnC,EAAwD;AAE1D,QAAIU,IAAJ,CAF0D,CAI1D;;AACA,QAAI,KAAKJ,mBAAL,IAA4BN,OAAO,CAACe,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKd,cAAxB,EAD6C,CACJ;;AACzCS,MAAAA,IAAI,GAAG,qDAAiC,KAAKT,cAAtC,EAAsDD,OAAO,CAACe,KAA9D,CAAP;;AACA,UAAI,8BAAkBL,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKpB,cAAL,CAAoBQ,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKR,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtByD,CAwB1D;;;AACA,QAAIF,OAAO,CAACgB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKS,qBAAL,EAApB;AACAC,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIjB,OAAO,CAACkB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAM2B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACAH,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBmC,QAApB;AACD,OAHD,SAGU;AACR,aAAK1B,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAhLqC,CAkLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKX,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAEDkC,EAAAA,cAAc,GAAwB;AACpC,QAAIzB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKrB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKrB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAI6B,oBAAJ,CAAiB,yJAAjB,EAA4K,IAA5K,CAAN;AACD;;AAEDlC,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKX,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAIrB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIkB,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDE,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,UAAMjC,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;;AACA,QAAI,CAAClC,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB8B,WAAnB;AACD;;AAEDE,EAAAA,eAAe,GAAmB;AAChC,UAAMnC,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;;AACA,QAAI,CAAClC,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMiC,WAAW,GAAGjC,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC,6BAAiB2C,WAAjB,CAAL,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AAEDzC,EAAAA,gBAAgB,GAAS;AACvB,UAAMQ,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;AACAlC,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AAlSqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport StorageManager from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n clearSharedStorage?: boolean;\n}\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n enableSharedStorage: boolean;\n\n constructor(options: TransactionManagerOptions) {\n this.storageManager = options.storageManager;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.options = options;\n }\n\n // eslint-disable-next-line complexity\n clear(options: ClearTransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n const meta = transactionStorage.getStorage();\n\n // Clear primary storage (by default, sessionStorage on browser)\n transactionStorage.clearStorage();\n\n // clear IDX response storage\n this.clearIdxResponse();\n\n // Usually we do NOT want to clear shared storage because another tab may need it to continue/complete a flow\n // It can be cleared after a user succcesfully signs in and receives tokens\n if (this.enableSharedStorage && options.clearSharedStorage) {\n const state = options.state || meta?.state;\n if (state) {\n clearTransactionFromSharedStorage(this.storageManager, state);\n }\n }\n \n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n\n if (!options.oauth) {\n return;\n }\n \n // Legacy cookie storage\n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta: TransactionMeta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse(idxResponse: RawIdxResponse): void {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(idxResponse);\n }\n\n loadIdxResponse(): RawIdxResponse {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const idxResponse = storage.getStorage();\n if (!isRawIdxResponse(idxResponse)) {\n return null;\n }\n return idxResponse;\n }\n\n clearIdxResponse(): void {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n storage?.clearStorage();\n }\n}"],"file":"TransactionManager.js"}
1
+ {"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","saveLastResponse","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearIdxResponse","clearSharedStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","undefined","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","getIdxResponseStorage","loadIdxResponse"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6Be,MAAMA,kBAAN,CAAyB;AAUtCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C;AACA,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,gBAAL,GAAwBP,OAAO,CAACO,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKP,OAAL,GAAeA,OAAf;AACD,GApBqC,CAsBtC;;;AACAQ,EAAAA,KAAK,CAACR,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMS,kBAAmC,GAAG,KAAKR,cAAL,CAAoBS,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,SAAKC,gBAAL,GAR+C,CAU/C;;AACA,QAAI,KAAKR,mBAAL,IAA4BN,OAAO,CAACe,kBAAR,KAA+B,KAA/D,EAAsE;AACpE,YAAMC,KAAK,GAAGhB,OAAO,CAACgB,KAAR,KAAiBL,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEK,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKf,cAAvC,EAAuDe,KAAvD;AACD;AACF;;AAED,QAAI,CAAC,KAAKd,mBAAV,EAA+B;AAC7B;AACD,KApB8C,CAsB/C;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GArDqC,CAuDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBX,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIsB,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACvB,OAAO,CAACwB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKL,mBAAL,IAA4BK,IAAI,CAACK,KAArC,EAA4C;AAC1C,yDAA+B,KAAKf,cAApC,EAAoDU,IAAI,CAACK,KAAzD,EAAgEL,IAAhE;AACD;;AAED,QAAI,CAACX,OAAO,CAACiB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKd,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMqB,aAA4B,GAAG,KAAKzB,cAAL,CAAoBW,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKtB,gBAAT,EAA2B;AACzB,cAAM;AACJuB,UAAAA,YADI;AAEJZ,UAAAA,KAFI;AAGJa,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBZ,UAAAA,KAFkB;AAGlBa,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkD,wBAAeF,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK/B,eAAL,IAAwBQ,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBE,qCAAtB,EAAkD1B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKzB,eAAL,IAAwBO,IAAI,CAACK,KAAjC,EAAwC;AACtC;AACAU,QAAAA,aAAa,CAACS,OAAd,CAAsBG,qCAAtB,EAAkD3B,IAAI,CAACK,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDuB,EAAAA,MAAM,CAACvC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMW,IAAI,GAAG,KAAK6B,IAAL,CAAUxC,OAAV,CAAb;AACA,aAAO,CAAC,CAACW,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GA/HqC,CAiItC;AACA;;;AACA6B,EAAAA,IAAI,CAACxC,OAA+B,GAAG,EAAnC,EAA+D;AAEjE,QAAIW,IAAJ,CAFiE,CAIjE;;AACA,QAAI,KAAKL,mBAAL,IAA4BN,OAAO,CAACgB,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKf,cAAxB,EAD6C,CACJ;;AACzCU,MAAAA,IAAI,GAAG,qDAAiC,KAAKV,cAAtC,EAAsDD,OAAO,CAACgB,KAA9D,CAAP;;AACA,UAAI,8BAAkBL,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKT,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtBgE,CAwBjE;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKO,qBAAL,EAApB;AACA,6BAAc9B,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAMuB,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACA,6BAAchC,IAAd,EAAoB+B,QAApB;AACD,OAHD,SAGU;AACR,aAAKtB,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAlLqC,CAoLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,cAAc,GAAwB;AACpC,QAAIrB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;AAC3B,eAAOxB,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;AAC3B,eAAOxB,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAIyB,oBAAJ,CAAiB,yJAAjB,EAA4KC,SAA5K,CAAN;AACD;;AAED/B,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED4B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAInB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIc,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDG,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,QAAI,CAAC,KAAK7C,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBoD,qBAApB,EAAhB;;AACA,QAAI,CAAC/B,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB2B,WAAnB;AACD;;AAEDE,EAAAA,eAAe,GAA0B;AACvC,QAAI,CAAC,KAAK/C,gBAAV,EAA4B;AAC1B,aAAO,IAAP;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBoD,qBAApB,EAAhB;;AACA,QAAI,CAAC/B,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAM8B,WAAW,GAAG9B,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC,6BAAiBwC,WAAjB,CAAL,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AAEDtC,EAAAA,gBAAgB,GAAS;AACvB,QAAI,CAAC,KAAKP,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBoD,qBAApB,EAAhB;AACA/B,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AA7SqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport { StorageManager } from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n clearSharedStorage?: boolean;\n}\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n enableSharedStorage: boolean;\n saveLastResponse: boolean;\n\n constructor(options: TransactionManagerOptions) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.storageManager = options.storageManager!;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.saveLastResponse = options.saveLastResponse === false ? false : true;\n this.options = options;\n }\n\n // eslint-disable-next-line complexity\n clear(options: ClearTransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n const meta = transactionStorage.getStorage();\n\n // Clear primary storage (by default, sessionStorage on browser)\n transactionStorage.clearStorage();\n\n // clear IDX response storage\n this.clearIdxResponse();\n\n // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow\n if (this.enableSharedStorage && options.clearSharedStorage !== false) {\n const state = options.state || meta?.state;\n if (state) {\n clearTransactionFromSharedStorage(this.storageManager, state);\n }\n }\n \n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n\n if (!options.oauth) {\n return;\n }\n \n // Legacy cookie storage\n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta | null {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n \n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse(idxResponse: RawIdxResponse): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(idxResponse);\n }\n\n loadIdxResponse(): RawIdxResponse | null {\n if (!this.saveLastResponse) {\n return null;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const idxResponse = storage.getStorage();\n if (!isRawIdxResponse(idxResponse)) {\n return null;\n }\n return idxResponse;\n }\n\n clearIdxResponse(): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n storage?.clearStorage();\n }\n}"],"file":"TransactionManager.js"}
package/cjs/browser/browserStorage.js CHANGED
@@ -1,13 +1,25 @@
1
1
  "use strict";
2
2
 
3
- var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
4
 
5
5
  exports.default = void 0;
6
6
 
7
+ var _slice = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/slice"));
8
+
9
+ var _keys = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/keys"));
10
+
11
+ var _indexOf = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/index-of"));
12
+
13
+ var _stringify = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/json/stringify"));
14
+
15
+ var _jsCookie = _interopRequireDefault(require("js-cookie"));
16
+
7
17
  var _AuthSdkError = _interopRequireDefault(require("../errors/AuthSdkError"));
8
18
 
9
19
  var _util = require("../util");
10
20
 
21
+ /* eslint-disable @typescript-eslint/no-non-null-assertion */
22
+
11
23
  /*!
12
24
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
13
25
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -20,9 +32,7 @@ var _util = require("../util");
20
32
  * See the License for the specific language governing permissions and limitations under the License.
21
33
  *
22
34
  */
23
- const Cookies = require('js-cookie'); // Building this as an object allows us to mock the functions in our tests
24
-
25
-
35
+ // Building this as an object allows us to mock the functions in our tests
26
36
  var storageUtil = {
27
37
  // These are shimmed in `OktaAuthBase.ts`
28
38
  getHttpCache() {
@@ -76,7 +86,7 @@ var storageUtil = {
76
86
  return supported;
77
87
  },
78
88
  getStorageByType: function (storageType, options) {
79
- let storageProvider = null;
89
+ let storageProvider;
80
90
 
81
91
  switch (storageType) {
82
92
  case 'sessionStorage':
@@ -105,7 +115,7 @@ var storageUtil = {
105
115
  findStorageType: function (types) {
106
116
  let curType;
107
117
  let nextType;
108
- types = types.slice(); // copy array
118
+ types = (0, _slice.default)(types).call(types); // copy array
109
119
 
110
120
  curType = types.shift();
111
121
  nextType = types.length ? types[0] : null;
@@ -154,11 +164,11 @@ var storageUtil = {
154
164
  }
155
165
  };
156
166
 
157
- if (!options.useMultipleCookies) {
167
+ if (!options.useSeparateCookies) {
158
168
  return storage;
159
- } // options.useMultipleCookies - because cookies have size limits.
169
+ } // Tokens are stored separately because cookies have size limits.
160
170
  // Can only be used when storing an object value. Object properties will be saved to separate cookies.
161
- // Each property of the object must also be an object.
171
+ // Each property of the object must also be an object.
162
172
 
163
173
 
164
174
  return {
@@ -166,32 +176,32 @@ var storageUtil = {
166
176
  var data = storage.getItem(); // read all cookies
167
177
 
168
178
  var value = {};
169
- Object.keys(data).forEach(k => {
170
- if (k.indexOf(key) === 0) {
179
+ (0, _keys.default)(data).forEach(k => {
180
+ if ((0, _indexOf.default)(k).call(k, key) === 0) {
171
181
  // filter out unrelated cookies
172
- value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie dataa
182
+ value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie data
173
183
  }
174
184
  });
175
- return JSON.stringify(value);
185
+ return (0, _stringify.default)(value);
176
186
  },
177
187
  setItem: function (key, value) {
178
188
  var existingValues = JSON.parse(this.getItem(key));
179
189
  value = JSON.parse(value); // Set key-value pairs from input to cookies
180
190
 
181
- Object.keys(value).forEach(k => {
191
+ (0, _keys.default)(value).forEach(k => {
182
192
  var storageKey = key + '_' + k;
183
- var valueToStore = JSON.stringify(value[k]);
193
+ var valueToStore = (0, _stringify.default)(value[k]);
184
194
  storage.setItem(storageKey, valueToStore);
185
195
  delete existingValues[k];
186
196
  }); // Delete unmatched keys from existing cookies
187
197
 
188
- Object.keys(existingValues).forEach(k => {
198
+ (0, _keys.default)(existingValues).forEach(k => {
189
199
  storage.removeItem(key + '_' + k);
190
200
  });
191
201
  },
192
202
  removeItem: function (key) {
193
203
  var existingValues = JSON.parse(this.getItem(key));
194
- Object.keys(existingValues).forEach(k => {
204
+ (0, _keys.default)(existingValues).forEach(k => {
195
205
  storage.removeItem(key + '_' + k);
196
206
  });
197
207
  }
@@ -245,14 +255,20 @@ var storageUtil = {
245
255
  cookieOptions.expires = new Date(expiresAt);
246
256
  }
247
257
 
248
- Cookies.set(name, value, cookieOptions);
258
+ _jsCookie.default.set(name, value, cookieOptions);
259
+
249
260
  return storageUtil.storage.get(name);
250
261
  },
251
262
  get: function (name) {
252
- return Cookies.get(name);
263
+ // return all cookies when no args is provided
264
+ if (!arguments.length) {
265
+ return _jsCookie.default.get();
266
+ }
267
+
268
+ return _jsCookie.default.get(name);
253
269
  },
254
270
  delete: function (name) {
255
- return Cookies.remove(name, {
271
+ return _jsCookie.default.remove(name, {
256
272
  path: '/'
257
273
  });
258
274
  }
package/cjs/browser/browserStorage.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/browser/browserStorage.ts"],"names":["Cookies","require","storageUtil","getHttpCache","getPKCEStorage","browserHasLocalStorage","storage","getLocalStorage","testStorage","e","browserHasSessionStorage","getSessionStorage","testStorageType","storageType","supported","getStorageByType","options","storageProvider","getCookieStorage","getInMemoryStorage","AuthSdkError","findStorageType","types","curType","nextType","slice","shift","length","localStorage","sessionStorage","secure","sameSite","sessionCookie","getItem","get","setItem","key","value","expiresAt","set","removeItem","delete","useMultipleCookies","data","Object","keys","forEach","k","indexOf","replace","JSON","parse","stringify","existingValues","storageKey","valueToStore","inMemoryStore","name","cookieOptions","path","Date","expires","remove"],"mappings":";;;;;;AAaA;;AAWA;;AAxBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAeA,MAAMA,OAAO,GAAGC,OAAO,CAAC,WAAD,CAAvB,C,CAEA;;;AACA,IAAIC,WAA+B,GAAG;AAEpC;AACAC,EAAAA,YAAY,GAAoB;AAC9B,WAAO,IAAP;AACD,GALmC;;AAOpCC,EAAAA,cAAc,GAAgB;AAC5B,WAAO,IAAP;AACD,GATmC;;AAWpC;AACA;AACAC,EAAAA,sBAAsB,EAAE,YAAW;AACjC,QAAI;AACF,UAAIC,OAAO,GAAGJ,WAAW,CAACK,eAAZ,EAAd;AACA,aAAOL,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GApBmC;AAsBpCC,EAAAA,wBAAwB,EAAE,YAAW;AACnC,QAAI;AACF,UAAIJ,OAAO,GAAGJ,WAAW,CAACS,iBAAZ,EAAd;AACA,aAAOT,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA7BmC;AA+BpCG,EAAAA,eAAe,EAAE,UAASC,WAAT,EAA4C;AAC3D,QAAIC,SAAS,GAAG,KAAhB;;AACA,YAAQD,WAAR;AACE,WAAK,gBAAL;AACEC,QAAAA,SAAS,GAAGZ,WAAW,CAACQ,wBAAZ,EAAZ;AACA;;AACF,WAAK,cAAL;AACEI,QAAAA,SAAS,GAAGZ,WAAW,CAACG,sBAAZ,EAAZ;AACA;;AACF,WAAK,QAAL;AACA,WAAK,QAAL;AACES,QAAAA,SAAS,GAAG,IAAZ;AACA;;AACF;AACEA,QAAAA,SAAS,GAAG,KAAZ;AACA;AAbJ;;AAeA,WAAOA,SAAP;AACD,GAjDmC;AAmDpCC,EAAAA,gBAAgB,EAAE,UAASF,WAAT,EAAmCG,OAAnC,EAA2E;AAC3F,QAAIC,eAAe,GAAG,IAAtB;;AACA,YAAQJ,WAAR;AACE,WAAK,gBAAL;AACEI,QAAAA,eAAe,GAAGf,WAAW,CAACS,iBAAZ,EAAlB;AACA;;AACF,WAAK,cAAL;AACEM,QAAAA,eAAe,GAAGf,WAAW,CAACK,eAAZ,EAAlB;AACA;;AACF,WAAK,QAAL;AACEU,QAAAA,eAAe,GAAGf,WAAW,CAACgB,gBAAZ,CAA6BF,OAA7B,CAAlB;AACA;;AACF,WAAK,QAAL;AACEC,QAAAA,eAAe,GAAGf,WAAW,CAACiB,kBAAZ,EAAlB;AACA;;AACF;AACE,cAAM,IAAIC,qBAAJ,CAAkB,gCAA+BP,WAAY,EAA7D,CAAN;AACA;AAfJ;;AAiBA,WAAOI,eAAP;AACD,GAvEmC;AAyEpCI,EAAAA,eAAe,EAAE,UAASC,KAAT,EAA+B;AAC9C,QAAIC,OAAJ;AACA,QAAIC,QAAJ;AAEAF,IAAAA,KAAK,GAAGA,KAAK,CAACG,KAAN,EAAR,CAJ8C,CAIvB;;AACvBF,IAAAA,OAAO,GAAGD,KAAK,CAACI,KAAN,EAAV;AACAF,IAAAA,QAAQ,GAAGF,KAAK,CAACK,MAAN,GAAeL,KAAK,CAAC,CAAD,CAApB,GAA0B,IAArC;;AACA,QAAI,CAACE,QAAL,EAAe;AACb,aAAOD,OAAP;AACD;;AAED,QAAIrB,WAAW,CAACU,eAAZ,CAA4BW,OAA5B,CAAJ,EAA0C;AACxC,aAAOA,OAAP;AACD,KAb6C,CAe9C;;;AACA,oBAAM,gCAA+BA,OAAQ,kBAAiBC,QAAS,GAAvE,EAhB8C,CAkB9C;;AACA,WAAOtB,WAAW,CAACmB,eAAZ,CAA4BC,KAA5B,CAAP;AACD,GA7FmC;AA+FpCf,EAAAA,eAAe,EAAE,YAAW;AAC1B,WAAOqB,YAAP;AACD,GAjGmC;AAmGpCjB,EAAAA,iBAAiB,EAAE,YAAW;AAC5B,WAAOkB,cAAP;AACD,GArGmC;AAuGpC;AACAX,EAAAA,gBAAgB,EAAE,UAASF,OAAT,EAAiC;AACjD,UAAMc,MAAM,GAAGd,OAAO,CAACc,MAAvB;AACA,UAAMC,QAAQ,GAAGf,OAAO,CAACe,QAAzB;AACA,UAAMC,aAAa,GAAGhB,OAAO,CAACgB,aAA9B;;AACA,QAAI,OAAOF,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,YAAM,IAAIX,qBAAJ,CAAiB,oEAAjB,CAAN;AACD;;AACD,UAAMd,OAAsB,GAAG;AAC7B2B,MAAAA,OAAO,EAAE/B,WAAW,CAACI,OAAZ,CAAoB4B,GADA;AAE7BC,MAAAA,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqBC,SAAS,GAAG,0BAAjC,EAA6D;AACpE;AACAA,QAAAA,SAAS,GAAGN,aAAa,GAAG,IAAH,GAAUM,SAAnC;AACApC,QAAAA,WAAW,CAACI,OAAZ,CAAoBiC,GAApB,CAAwBH,GAAxB,EAA6BC,KAA7B,EAAoCC,SAApC,EAA+C;AAC7CR,UAAAA,MAAM,EAAEA,MADqC;AAE7CC,UAAAA,QAAQ,EAAEA;AAFmC,SAA/C;AAID,OAT4B;AAU7BS,MAAAA,UAAU,EAAE,UAASJ,GAAT,EAAc;AACxBlC,QAAAA,WAAW,CAACI,OAAZ,CAAoBmC,MAApB,CAA2BL,GAA3B;AACD;AAZ4B,KAA/B;;AAeA,QAAI,CAACpB,OAAO,CAAC0B,kBAAb,EAAiC;AAC/B,aAAOpC,OAAP;AACD,KAxBgD,CA0BjD;AACA;AACA;;;AACA,WAAO;AACL2B,MAAAA,OAAO,EAAE,UAASG,GAAT,EAAc;AACrB,YAAIO,IAAI,GAAGrC,OAAO,CAAC2B,OAAR,EAAX,CADqB,CACS;;AAC9B,YAAII,KAAK,GAAG,EAAZ;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYF,IAAZ,EAAkBG,OAAlB,CAA0BC,CAAC,IAAI;AAC7B,cAAIA,CAAC,CAACC,OAAF,CAAUZ,GAAV,MAAmB,CAAvB,EAA0B;AAAE;AAC1BC,YAAAA,KAAK,CAACU,CAAC,CAACE,OAAF,CAAW,GAAEb,GAAI,GAAjB,EAAqB,EAArB,CAAD,CAAL,GAAkCc,IAAI,CAACC,KAAL,CAAWR,IAAI,CAACI,CAAD,CAAf,CAAlC,CADwB,CAC+B;AACxD;AACF,SAJD;AAKA,eAAOG,IAAI,CAACE,SAAL,CAAef,KAAf,CAAP;AACD,OAVI;AAWLF,MAAAA,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqB;AAC5B,YAAIgB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAC,QAAAA,KAAK,GAAGa,IAAI,CAACC,KAAL,CAAWd,KAAX,CAAR,CAF4B,CAG5B;;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYR,KAAZ,EAAmBS,OAAnB,CAA2BC,CAAC,IAAI;AAC9B,cAAIO,UAAU,GAAGlB,GAAG,GAAG,GAAN,GAAYW,CAA7B;AACA,cAAIQ,YAAY,GAAGL,IAAI,CAACE,SAAL,CAAef,KAAK,CAACU,CAAD,CAApB,CAAnB;AACAzC,UAAAA,OAAO,CAAC6B,OAAR,CAAgBmB,UAAhB,EAA4BC,YAA5B;AACA,iBAAOF,cAAc,CAACN,CAAD,CAArB;AACD,SALD,EAJ4B,CAU5B;;AACAH,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCzC,UAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD,OAzBI;AA0BLP,MAAAA,UAAU,EAAE,UAASJ,GAAT,EAAc;AACxB,YAAIiB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAQ,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCzC,UAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD;AA/BI,KAAP;AAiCD,GAtKmC;AAwKpC;AACAS,EAAAA,aAAa,EAAE,EAzKqB;AA0KpCrC,EAAAA,kBAAkB,EAAE,YAAW;AAC7B,WAAO;AACLc,MAAAA,OAAO,EAAGG,GAAD,IAAS;AAChB,eAAO,KAAKoB,aAAL,CAAmBpB,GAAnB,CAAP;AACD,OAHI;AAILD,MAAAA,OAAO,EAAE,CAACC,GAAD,EAAMC,KAAN,KAAgB;AACvB,aAAKmB,aAAL,CAAmBpB,GAAnB,IAA0BC,KAA1B;AACD;AANI,KAAP;AAQD,GAnLmC;AAqLpC7B,EAAAA,WAAW,EAAE,UAASF,OAAT,EAAkB;AAC7B,QAAI8B,GAAG,GAAG,mBAAV;;AACA,QAAI;AACF9B,MAAAA,OAAO,CAAC6B,OAAR,CAAgBC,GAAhB,EAAqBA,GAArB;AACA9B,MAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAnB;AACA,aAAO,IAAP;AACD,KAJD,CAIE,OAAO3B,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA9LmC;AAgMpCH,EAAAA,OAAO,EAAE;AACPiC,IAAAA,GAAG,EAAE,UAASkB,IAAT,EAAuBpB,KAAvB,EAAsCC,SAAtC,EAAyDtB,OAAzD,EAAyF;AAC5F,YAAM;AAAEe,QAAAA,QAAF;AAAYD,QAAAA;AAAZ,UAAuBd,OAA7B;;AACA,UAAI,OAAOc,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,cAAM,IAAIX,qBAAJ,CAAiB,+DAAjB,CAAN;AACD;;AACD,UAAIsC,aAA4B,GAAG;AACjCC,QAAAA,IAAI,EAAE3C,OAAO,CAAC2C,IAAR,IAAgB,GADW;AAEjC7B,QAAAA,MAFiC;AAGjCC,QAAAA;AAHiC,OAAnC,CAL4F,CAW5F;;AACA,UAAI,CAAC,CAAE6B,IAAI,CAACT,KAAL,CAAWb,SAAX,CAAP,EAA+B;AAC7B;AACA;AACA;AACA;AACAoB,QAAAA,aAAa,CAACG,OAAd,GAAwB,IAAID,IAAJ,CAAStB,SAAT,CAAxB;AACD;;AAEDtC,MAAAA,OAAO,CAACuC,GAAR,CAAYkB,IAAZ,EAAkBpB,KAAlB,EAAyBqB,aAAzB;AACA,aAAOxD,WAAW,CAACI,OAAZ,CAAoB4B,GAApB,CAAwBuB,IAAxB,CAAP;AACD,KAvBM;AAyBPvB,IAAAA,GAAG,EAAE,UAASuB,IAAT,EAA+B;AAClC,aAAOzD,OAAO,CAACkC,GAAR,CAAYuB,IAAZ,CAAP;AACD,KA3BM;AA6BPhB,IAAAA,MAAM,EAAE,UAASgB,IAAT,EAA+B;AACrC,aAAOzD,OAAO,CAAC8D,MAAR,CAAeL,IAAf,EAAqB;AAAEE,QAAAA,IAAI,EAAE;AAAR,OAArB,CAAP;AACD;AA/BM;AAhM2B,CAAtC;eAmOezD,W","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n SimpleStorage,\n StorageType,\n BrowserStorageUtil,\n CookieStorage\n} from '../types';\nimport { warn } from '../util';\n\nconst Cookies = require('js-cookie');\n\n// Building this as an object allows us to mock the functions in our tests\nvar storageUtil: BrowserStorageUtil = {\n\n // These are shimmed in `OktaAuthBase.ts`\n getHttpCache(): StorageProvider {\n return null;\n },\n\n getPKCEStorage(): PKCEStorage {\n return null;\n },\n\n // IE11 bug that Microsoft doesn't plan to fix\n // https://connect.microsoft.com/IE/Feedback/Details/1496040\n browserHasLocalStorage: function() {\n try {\n var storage = storageUtil.getLocalStorage();\n return storageUtil.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n browserHasSessionStorage: function() {\n try {\n var storage = storageUtil.getSessionStorage();\n return storageUtil.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n testStorageType: function(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'sessionStorage':\n supported = storageUtil.browserHasSessionStorage();\n break;\n case 'localStorage':\n supported = storageUtil.browserHasLocalStorage();\n break;\n case 'cookie':\n case 'memory':\n supported = true;\n break;\n default:\n supported = false;\n break;\n }\n return supported;\n },\n\n getStorageByType: function(storageType: StorageType, options: StorageOptions): SimpleStorage {\n let storageProvider = null;\n switch (storageType) {\n case 'sessionStorage':\n storageProvider = storageUtil.getSessionStorage();\n break;\n case 'localStorage':\n storageProvider = storageUtil.getLocalStorage();\n break;\n case 'cookie':\n storageProvider = storageUtil.getCookieStorage(options);\n break;\n case 'memory':\n storageProvider = storageUtil.getInMemoryStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n },\n\n findStorageType: function(types: StorageType[]) {\n let curType;\n let nextType;\n \n types = types.slice(); // copy array\n curType = types.shift();\n nextType = types.length ? types[0] : null;\n if (!nextType) {\n return curType;\n }\n\n if (storageUtil.testStorageType(curType)) {\n return curType;\n }\n\n // preferred type was unsupported.\n warn(`This browser doesn't support ${curType}. Switching to ${nextType}.`);\n\n // fallback to the next type. this is a recursive call\n return storageUtil.findStorageType(types);\n },\n\n getLocalStorage: function() {\n return localStorage;\n },\n\n getSessionStorage: function() {\n return sessionStorage;\n },\n\n // Provides webStorage-like interface for cookies\n getCookieStorage: function(options): CookieStorage {\n const secure = options.secure;\n const sameSite = options.sameSite;\n const sessionCookie = options.sessionCookie;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('getCookieStorage: \"secure\" and \"sameSite\" options must be provided');\n }\n const storage: CookieStorage = {\n getItem: storageUtil.storage.get,\n setItem: function(key, value, expiresAt = '2200-01-01T00:00:00.000Z') {\n // By defauilt, cookie shouldn't expire\n expiresAt = sessionCookie ? null : expiresAt;\n storageUtil.storage.set(key, value, expiresAt, {\n secure: secure, \n sameSite: sameSite,\n });\n },\n removeItem: function(key) {\n storageUtil.storage.delete(key);\n }\n };\n\n if (!options.useMultipleCookies) {\n return storage;\n }\n\n // options.useMultipleCookies - because cookies have size limits.\n // Can only be used when storing an object value. Object properties will be saved to separate cookies.\n // Each property of the object must also be an object.\n return {\n getItem: function(key) {\n var data = storage.getItem(); // read all cookies\n var value = {};\n Object.keys(data).forEach(k => {\n if (k.indexOf(key) === 0) { // filter out unrelated cookies\n value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie dataa\n }\n });\n return JSON.stringify(value);\n },\n setItem: function(key, value) {\n var existingValues = JSON.parse(this.getItem(key));\n value = JSON.parse(value);\n // Set key-value pairs from input to cookies\n Object.keys(value).forEach(k => {\n var storageKey = key + '_' + k;\n var valueToStore = JSON.stringify(value[k]);\n storage.setItem(storageKey, valueToStore);\n delete existingValues[k];\n });\n // Delete unmatched keys from existing cookies\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n removeItem: function(key) {\n var existingValues = JSON.parse(this.getItem(key));\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n }\n };\n },\n\n // Provides an in-memory solution\n inMemoryStore: {},\n getInMemoryStorage: function() {\n return {\n getItem: (key) => {\n return this.inMemoryStore[key];\n },\n setItem: (key, value) => {\n this.inMemoryStore[key] = value;\n }\n };\n },\n\n testStorage: function(storage) {\n var key = 'okta-test-storage';\n try {\n storage.setItem(key, key);\n storage.removeItem(key);\n return true;\n } catch (e) {\n return false;\n }\n },\n\n storage: {\n set: function(name: string, value: string, expiresAt: string, options: CookieOptions): string {\n const { sameSite, secure } = options;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('storage.set: \"secure\" and \"sameSite\" options must be provided');\n }\n var cookieOptions: CookieOptions = {\n path: options.path || '/',\n secure,\n sameSite\n };\n\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Expires value can be converted to a Date object.\n //\n // If the 'expiresAt' value is not provided, or the value cannot be\n // parsed as a Date object, the cookie will set as a session cookie.\n cookieOptions.expires = new Date(expiresAt);\n }\n\n Cookies.set(name, value, cookieOptions);\n return storageUtil.storage.get(name);\n },\n\n get: function(name: string): string {\n return Cookies.get(name);\n },\n\n delete: function(name: string): string {\n return Cookies.remove(name, { path: '/' });\n }\n }\n};\n\nexport default storageUtil;\n"],"file":"browserStorage.js"}
1
+ {"version":3,"sources":["../../../lib/browser/browserStorage.ts"],"names":["storageUtil","getHttpCache","getPKCEStorage","browserHasLocalStorage","storage","getLocalStorage","testStorage","e","browserHasSessionStorage","getSessionStorage","testStorageType","storageType","supported","getStorageByType","options","storageProvider","getCookieStorage","getInMemoryStorage","AuthSdkError","findStorageType","types","curType","nextType","shift","length","localStorage","sessionStorage","secure","sameSite","sessionCookie","getItem","get","setItem","key","value","expiresAt","set","removeItem","delete","useSeparateCookies","data","forEach","k","replace","JSON","parse","existingValues","storageKey","valueToStore","inMemoryStore","name","cookieOptions","path","Date","expires","Cookies","arguments","remove"],"mappings":";;;;;;;;;;;;;;AAcA;;AACA;;AAWA;;AA1BA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAgBA;AACA,IAAIA,WAA+B,GAAG;AAEpC;AACAC,EAAAA,YAAY,GAAoB;AAC9B,WAAO,IAAP;AACD,GALmC;;AAOpCC,EAAAA,cAAc,GAAgB;AAC5B,WAAO,IAAP;AACD,GATmC;;AAWpC;AACA;AACAC,EAAAA,sBAAsB,EAAE,YAAW;AACjC,QAAI;AACF,UAAIC,OAAO,GAAGJ,WAAW,CAACK,eAAZ,EAAd;AACA,aAAOL,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GApBmC;AAsBpCC,EAAAA,wBAAwB,EAAE,YAAW;AACnC,QAAI;AACF,UAAIJ,OAAO,GAAGJ,WAAW,CAACS,iBAAZ,EAAd;AACA,aAAOT,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA7BmC;AA+BpCG,EAAAA,eAAe,EAAE,UAASC,WAAT,EAA4C;AAC3D,QAAIC,SAAS,GAAG,KAAhB;;AACA,YAAQD,WAAR;AACE,WAAK,gBAAL;AACEC,QAAAA,SAAS,GAAGZ,WAAW,CAACQ,wBAAZ,EAAZ;AACA;;AACF,WAAK,cAAL;AACEI,QAAAA,SAAS,GAAGZ,WAAW,CAACG,sBAAZ,EAAZ;AACA;;AACF,WAAK,QAAL;AACA,WAAK,QAAL;AACES,QAAAA,SAAS,GAAG,IAAZ;AACA;;AACF;AACEA,QAAAA,SAAS,GAAG,KAAZ;AACA;AAbJ;;AAeA,WAAOA,SAAP;AACD,GAjDmC;AAmDpCC,EAAAA,gBAAgB,EAAE,UAASF,WAAT,EAAmCG,OAAnC,EAA4E;AAC5F,QAAIC,eAAJ;;AACA,YAAQJ,WAAR;AACE,WAAK,gBAAL;AACEI,QAAAA,eAAe,GAAGf,WAAW,CAACS,iBAAZ,EAAlB;AACA;;AACF,WAAK,cAAL;AACEM,QAAAA,eAAe,GAAGf,WAAW,CAACK,eAAZ,EAAlB;AACA;;AACF,WAAK,QAAL;AACEU,QAAAA,eAAe,GAAGf,WAAW,CAACgB,gBAAZ,CAA6BF,OAA7B,CAAlB;AACA;;AACF,WAAK,QAAL;AACEC,QAAAA,eAAe,GAAGf,WAAW,CAACiB,kBAAZ,EAAlB;AACA;;AACF;AACE,cAAM,IAAIC,qBAAJ,CAAkB,gCAA+BP,WAAY,EAA7D,CAAN;AACA;AAfJ;;AAiBA,WAAOI,eAAP;AACD,GAvEmC;AAyEpCI,EAAAA,eAAe,EAAE,UAASC,KAAT,EAA+B;AAC9C,QAAIC,OAAJ;AACA,QAAIC,QAAJ;AAEAF,IAAAA,KAAK,GAAG,oBAAAA,KAAK,MAAL,CAAAA,KAAK,CAAb,CAJ8C,CAIvB;;AACvBC,IAAAA,OAAO,GAAGD,KAAK,CAACG,KAAN,EAAV;AACAD,IAAAA,QAAQ,GAAGF,KAAK,CAACI,MAAN,GAAeJ,KAAK,CAAC,CAAD,CAApB,GAA0B,IAArC;;AACA,QAAI,CAACE,QAAL,EAAe;AACb,aAAOD,OAAP;AACD;;AAED,QAAIrB,WAAW,CAACU,eAAZ,CAA4BW,OAA5B,CAAJ,EAA0C;AACxC,aAAOA,OAAP;AACD,KAb6C,CAe9C;;;AACA,oBAAM,gCAA+BA,OAAQ,kBAAiBC,QAAS,GAAvE,EAhB8C,CAkB9C;;AACA,WAAOtB,WAAW,CAACmB,eAAZ,CAA4BC,KAA5B,CAAP;AACD,GA7FmC;AA+FpCf,EAAAA,eAAe,EAAE,YAAW;AAC1B,WAAOoB,YAAP;AACD,GAjGmC;AAmGpChB,EAAAA,iBAAiB,EAAE,YAAW;AAC5B,WAAOiB,cAAP;AACD,GArGmC;AAuGpC;AACAV,EAAAA,gBAAgB,EAAE,UAASF,OAAT,EAAiC;AACjD,UAAMa,MAAM,GAAGb,OAAO,CAAEa,MAAxB;AACA,UAAMC,QAAQ,GAAGd,OAAO,CAAEc,QAA1B;AACA,UAAMC,aAAa,GAAGf,OAAO,CAAEe,aAA/B;;AACA,QAAI,OAAOF,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,YAAM,IAAIV,qBAAJ,CAAiB,oEAAjB,CAAN;AACD;;AACD,UAAMd,OAAsB,GAAG;AAC7B0B,MAAAA,OAAO,EAAE9B,WAAW,CAACI,OAAZ,CAAoB2B,GADA;AAE7BC,MAAAA,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqBC,SAAS,GAAG,0BAAjC,EAA6D;AACpE;AACAA,QAAAA,SAAS,GAAIN,aAAa,GAAG,IAAH,GAAUM,SAApC;AACAnC,QAAAA,WAAW,CAACI,OAAZ,CAAoBgC,GAApB,CAAwBH,GAAxB,EAA6BC,KAA7B,EAAoCC,SAApC,EAA+C;AAC7CR,UAAAA,MAAM,EAAEA,MADqC;AAE7CC,UAAAA,QAAQ,EAAEA;AAFmC,SAA/C;AAID,OAT4B;AAU7BS,MAAAA,UAAU,EAAE,UAASJ,GAAT,EAAc;AACxBjC,QAAAA,WAAW,CAACI,OAAZ,CAAoBkC,MAApB,CAA2BL,GAA3B;AACD;AAZ4B,KAA/B;;AAeA,QAAI,CAACnB,OAAO,CAAEyB,kBAAd,EAAkC;AAChC,aAAOnC,OAAP;AACD,KAxBgD,CA0BjD;AACA;AACA;;;AACA,WAAO;AACL0B,MAAAA,OAAO,EAAE,UAASG,GAAT,EAAc;AACrB,YAAIO,IAAI,GAAGpC,OAAO,CAAC0B,OAAR,EAAX,CADqB,CACS;;AAC9B,YAAII,KAAK,GAAG,EAAZ;AACA,2BAAYM,IAAZ,EAAkBC,OAAlB,CAA0BC,CAAC,IAAI;AAC7B,cAAI,sBAAAA,CAAC,MAAD,CAAAA,CAAC,EAAST,GAAT,CAAD,KAAoB,CAAxB,EAA2B;AAAE;AAC3BC,YAAAA,KAAK,CAACQ,CAAC,CAACC,OAAF,CAAW,GAAEV,GAAI,GAAjB,EAAqB,EAArB,CAAD,CAAL,GAAkCW,IAAI,CAACC,KAAL,CAAWL,IAAI,CAACE,CAAD,CAAf,CAAlC,CADyB,CAC8B;AACxD;AACF,SAJD;AAKA,eAAO,wBAAeR,KAAf,CAAP;AACD,OAVI;AAWLF,MAAAA,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqB;AAC5B,YAAIY,cAAc,GAAGF,IAAI,CAACC,KAAL,CAAW,KAAKf,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAC,QAAAA,KAAK,GAAGU,IAAI,CAACC,KAAL,CAAWX,KAAX,CAAR,CAF4B,CAG5B;;AACA,2BAAYA,KAAZ,EAAmBO,OAAnB,CAA2BC,CAAC,IAAI;AAC9B,cAAIK,UAAU,GAAGd,GAAG,GAAG,GAAN,GAAYS,CAA7B;AACA,cAAIM,YAAY,GAAG,wBAAed,KAAK,CAACQ,CAAD,CAApB,CAAnB;AACAtC,UAAAA,OAAO,CAAC4B,OAAR,CAAgBe,UAAhB,EAA4BC,YAA5B;AACA,iBAAOF,cAAc,CAACJ,CAAD,CAArB;AACD,SALD,EAJ4B,CAU5B;;AACA,2BAAYI,cAAZ,EAA4BL,OAA5B,CAAoCC,CAAC,IAAI;AACvCtC,UAAAA,OAAO,CAACiC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYS,CAA/B;AACD,SAFD;AAGD,OAzBI;AA0BLL,MAAAA,UAAU,EAAE,UAASJ,GAAT,EAAc;AACxB,YAAIa,cAAc,GAAGF,IAAI,CAACC,KAAL,CAAW,KAAKf,OAAL,CAAaG,GAAb,CAAX,CAArB;AACA,2BAAYa,cAAZ,EAA4BL,OAA5B,CAAoCC,CAAC,IAAI;AACvCtC,UAAAA,OAAO,CAACiC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYS,CAA/B;AACD,SAFD;AAGD;AA/BI,KAAP;AAiCD,GAtKmC;AAwKpC;AACAO,EAAAA,aAAa,EAAE,EAzKqB;AA0KpChC,EAAAA,kBAAkB,EAAE,YAAW;AAC7B,WAAO;AACLa,MAAAA,OAAO,EAAGG,GAAD,IAAS;AAChB,eAAO,KAAKgB,aAAL,CAAmBhB,GAAnB,CAAP;AACD,OAHI;AAILD,MAAAA,OAAO,EAAE,CAACC,GAAD,EAAMC,KAAN,KAAgB;AACvB,aAAKe,aAAL,CAAmBhB,GAAnB,IAA0BC,KAA1B;AACD;AANI,KAAP;AAQD,GAnLmC;AAqLpC5B,EAAAA,WAAW,EAAE,UAASF,OAAT,EAAkB;AAC7B,QAAI6B,GAAG,GAAG,mBAAV;;AACA,QAAI;AACF7B,MAAAA,OAAO,CAAC4B,OAAR,CAAgBC,GAAhB,EAAqBA,GAArB;AACA7B,MAAAA,OAAO,CAACiC,UAAR,CAAmBJ,GAAnB;AACA,aAAO,IAAP;AACD,KAJD,CAIE,OAAO1B,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA9LmC;AAgMpCH,EAAAA,OAAO,EAAE;AACPgC,IAAAA,GAAG,EAAE,UAASc,IAAT,EAAuBhB,KAAvB,EAAsCC,SAAtC,EAAyDrB,OAAzD,EAAyF;AAC5F,YAAM;AAAEc,QAAAA,QAAF;AAAYD,QAAAA;AAAZ,UAAuBb,OAA7B;;AACA,UAAI,OAAOa,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,cAAM,IAAIV,qBAAJ,CAAiB,+DAAjB,CAAN;AACD;;AACD,UAAIiC,aAA4B,GAAG;AACjCC,QAAAA,IAAI,EAAEtC,OAAO,CAACsC,IAAR,IAAgB,GADW;AAEjCzB,QAAAA,MAFiC;AAGjCC,QAAAA;AAHiC,OAAnC,CAL4F,CAW5F;;AACA,UAAI,CAAC,CAAEyB,IAAI,CAACR,KAAL,CAAWV,SAAX,CAAP,EAA+B;AAC7B;AACA;AACA;AACA;AACAgB,QAAAA,aAAa,CAACG,OAAd,GAAwB,IAAID,IAAJ,CAASlB,SAAT,CAAxB;AACD;;AAEDoB,wBAAQnB,GAAR,CAAYc,IAAZ,EAAkBhB,KAAlB,EAAyBiB,aAAzB;;AACA,aAAOnD,WAAW,CAACI,OAAZ,CAAoB2B,GAApB,CAAwBmB,IAAxB,CAAP;AACD,KAvBM;AAyBPnB,IAAAA,GAAG,EAAE,UAASmB,IAAT,EAAgC;AACnC;AACA,UAAI,CAACM,SAAS,CAAChC,MAAf,EAAuB;AACrB,eAAO+B,kBAAQxB,GAAR,EAAP;AACD;;AACD,aAAOwB,kBAAQxB,GAAR,CAAYmB,IAAZ,CAAP;AACD,KA/BM;AAiCPZ,IAAAA,MAAM,EAAE,UAASY,IAAT,EAA+B;AACrC,aAAOK,kBAAQE,MAAR,CAAeP,IAAf,EAAqB;AAAEE,QAAAA,IAAI,EAAE;AAAR,OAArB,CAAP;AACD;AAnCM;AAhM2B,CAAtC;eAuOepD,W","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport Cookies from 'js-cookie';\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n SimpleStorage,\n StorageType,\n BrowserStorageUtil,\n CookieStorage\n} from '../types';\nimport { warn } from '../util';\n\n// Building this as an object allows us to mock the functions in our tests\nvar storageUtil: BrowserStorageUtil = {\n\n // These are shimmed in `OktaAuthBase.ts`\n getHttpCache(): StorageProvider {\n return null as never as StorageProvider;\n },\n\n getPKCEStorage(): PKCEStorage {\n return null as never as PKCEStorage;\n },\n\n // IE11 bug that Microsoft doesn't plan to fix\n // https://connect.microsoft.com/IE/Feedback/Details/1496040\n browserHasLocalStorage: function() {\n try {\n var storage = storageUtil.getLocalStorage();\n return storageUtil.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n browserHasSessionStorage: function() {\n try {\n var storage = storageUtil.getSessionStorage();\n return storageUtil.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n testStorageType: function(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'sessionStorage':\n supported = storageUtil.browserHasSessionStorage();\n break;\n case 'localStorage':\n supported = storageUtil.browserHasLocalStorage();\n break;\n case 'cookie':\n case 'memory':\n supported = true;\n break;\n default:\n supported = false;\n break;\n }\n return supported;\n },\n\n getStorageByType: function(storageType: StorageType, options?: StorageOptions): SimpleStorage {\n let storageProvider;\n switch (storageType) {\n case 'sessionStorage':\n storageProvider = storageUtil.getSessionStorage();\n break;\n case 'localStorage':\n storageProvider = storageUtil.getLocalStorage();\n break;\n case 'cookie':\n storageProvider = storageUtil.getCookieStorage(options);\n break;\n case 'memory':\n storageProvider = storageUtil.getInMemoryStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n },\n\n findStorageType: function(types: StorageType[]) {\n let curType;\n let nextType;\n \n types = types.slice(); // copy array\n curType = types.shift();\n nextType = types.length ? types[0] : null;\n if (!nextType) {\n return curType;\n }\n\n if (storageUtil.testStorageType(curType)) {\n return curType;\n }\n\n // preferred type was unsupported.\n warn(`This browser doesn't support ${curType}. Switching to ${nextType}.`);\n\n // fallback to the next type. this is a recursive call\n return storageUtil.findStorageType(types);\n },\n\n getLocalStorage: function() {\n return localStorage;\n },\n\n getSessionStorage: function() {\n return sessionStorage;\n },\n\n // Provides webStorage-like interface for cookies\n getCookieStorage: function(options): CookieStorage {\n const secure = options!.secure;\n const sameSite = options!.sameSite;\n const sessionCookie = options!.sessionCookie;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('getCookieStorage: \"secure\" and \"sameSite\" options must be provided');\n }\n const storage: CookieStorage = {\n getItem: storageUtil.storage.get,\n setItem: function(key, value, expiresAt = '2200-01-01T00:00:00.000Z') {\n // By defauilt, cookie shouldn't expire\n expiresAt = (sessionCookie ? null : expiresAt) as string;\n storageUtil.storage.set(key, value, expiresAt, {\n secure: secure, \n sameSite: sameSite,\n });\n },\n removeItem: function(key) {\n storageUtil.storage.delete(key);\n }\n };\n\n if (!options!.useSeparateCookies) {\n return storage;\n }\n\n // Tokens are stored separately because cookies have size limits.\n // Can only be used when storing an object value. Object properties will be saved to separate cookies.\n // Each property of the object must also be an object.\n return {\n getItem: function(key) {\n var data = storage.getItem(); // read all cookies\n var value = {};\n Object.keys(data).forEach(k => {\n if (k.indexOf(key!) === 0) { // filter out unrelated cookies\n value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie data\n }\n });\n return JSON.stringify(value);\n },\n setItem: function(key, value) {\n var existingValues = JSON.parse(this.getItem(key));\n value = JSON.parse(value);\n // Set key-value pairs from input to cookies\n Object.keys(value).forEach(k => {\n var storageKey = key + '_' + k;\n var valueToStore = JSON.stringify(value[k]);\n storage.setItem(storageKey, valueToStore);\n delete existingValues[k];\n });\n // Delete unmatched keys from existing cookies\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n removeItem: function(key) {\n var existingValues = JSON.parse(this.getItem(key));\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n }\n };\n },\n\n // Provides an in-memory solution\n inMemoryStore: {},\n getInMemoryStorage: function() {\n return {\n getItem: (key) => {\n return this.inMemoryStore[key];\n },\n setItem: (key, value) => {\n this.inMemoryStore[key] = value;\n }\n };\n },\n\n testStorage: function(storage) {\n var key = 'okta-test-storage';\n try {\n storage.setItem(key, key);\n storage.removeItem(key);\n return true;\n } catch (e) {\n return false;\n }\n },\n\n storage: {\n set: function(name: string, value: string, expiresAt: string, options: CookieOptions): string {\n const { sameSite, secure } = options;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('storage.set: \"secure\" and \"sameSite\" options must be provided');\n }\n var cookieOptions: CookieOptions = {\n path: options.path || '/',\n secure,\n sameSite\n };\n\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Expires value can be converted to a Date object.\n //\n // If the 'expiresAt' value is not provided, or the value cannot be\n // parsed as a Date object, the cookie will set as a session cookie.\n cookieOptions.expires = new Date(expiresAt);\n }\n\n Cookies.set(name, value, cookieOptions);\n return storageUtil.storage.get(name);\n },\n\n get: function(name?: string): string {\n // return all cookies when no args is provided\n if (!arguments.length) {\n return Cookies.get();\n }\n return Cookies.get(name);\n },\n\n delete: function(name: string): string {\n return Cookies.remove(name, { path: '/' });\n }\n }\n};\n\nexport default storageUtil;\n"],"file":"browserStorage.js"}
package/cjs/browser/fingerprint.js CHANGED
@@ -1,7 +1,13 @@
1
1
  "use strict";
2
2
 
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
+
3
5
  exports.default = fingerprint;
4
6
 
7
+ var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));
8
+
9
+ var _stringify = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/json/stringify"));
10
+
5
11
  var _errors = require("../errors");
6
12
 
7
13
  var _features = require("../features");
@@ -23,13 +29,15 @@ function fingerprint(sdk, options) {
23
29
  options = options || {};
24
30
 
25
31
  if (!(0, _features.isFingerprintSupported)()) {
26
- return Promise.reject(new _errors.AuthSdkError('Fingerprinting is not supported on this device'));
32
+ return _promise.default.reject(new _errors.AuthSdkError('Fingerprinting is not supported on this device'));
27
33
  }
28
34
 
29
35
  var timeout;
30
36
  var iframe;
31
37
  var listener;
32
- var promise = new Promise(function (resolve, reject) {
38
+ var promise = new _promise.default(function (resolve, reject) {
39
+ var _options;
40
+
33
41
  iframe = document.createElement('iframe');
34
42
  iframe.style.display = 'none'; // eslint-disable-next-line complexity
35
43
 
@@ -56,7 +64,7 @@ function fingerprint(sdk, options) {
56
64
  }
57
65
 
58
66
  if (msg.type === 'FingerprintServiceReady') {
59
- e.source.postMessage(JSON.stringify({
67
+ e.source.postMessage((0, _stringify.default)({
60
68
  type: 'GetFingerprint'
61
69
  }), e.origin);
62
70
  }
@@ -67,7 +75,7 @@ function fingerprint(sdk, options) {
67
75
  document.body.appendChild(iframe);
68
76
  timeout = setTimeout(function () {
69
77
  reject(new _errors.AuthSdkError('Fingerprinting timed out'));
70
- }, options.timeout || 15000);
78
+ }, ((_options = options) === null || _options === void 0 ? void 0 : _options.timeout) || 15000);
71
79
  });
72
80
  return promise.finally(function () {
73
81
  clearTimeout(timeout);
package/cjs/browser/fingerprint.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/browser/fingerprint.ts"],"names":["fingerprint","sdk","options","Promise","reject","AuthSdkError","timeout","iframe","listener","promise","resolve","document","createElement","style","display","e","data","origin","getIssuerOrigin","msg","JSON","parse","err","type","source","postMessage","stringify","window","src","body","appendChild","setTimeout","finally","clearTimeout","contains","parentElement","removeChild"],"mappings":";;;;AAcA;;AACA;;AACA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYe,SAASA,WAAT,CAAqBC,GAArB,EAAoCC,OAApC,EAAiE;AAC9EA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;;AAEA,MAAI,CAAC,uCAAL,EAA+B;AAC7B,WAAOC,OAAO,CAACC,MAAR,CAAe,IAAIC,oBAAJ,CAAiB,gDAAjB,CAAf,CAAP;AACD;;AAED,MAAIC,OAAJ;AACA,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,OAAO,GAAG,IAAIN,OAAJ,CAAY,UAAUO,OAAV,EAAmBN,MAAnB,EAA2B;AACnDG,IAAAA,MAAM,GAAGI,QAAQ,CAACC,aAAT,CAAuB,QAAvB,CAAT;AACAL,IAAAA,MAAM,CAACM,KAAP,CAAaC,OAAb,GAAuB,MAAvB,CAFmD,CAInD;;AACAN,IAAAA,QAAQ,GAAG,SAASA,QAAT,CAAkBO,CAAlB,EAAqB;AAC9B,UAAI,CAACA,CAAD,IAAM,CAACA,CAAC,CAACC,IAAT,IAAiBD,CAAC,CAACE,MAAF,KAAahB,GAAG,CAACiB,eAAJ,EAAlC,EAAyD;AACvD;AACD;;AAED,UAAI;AACF,YAAIC,GAAG,GAAGC,IAAI,CAACC,KAAL,CAAWN,CAAC,CAACC,IAAb,CAAV;AACD,OAFD,CAEE,OAAOM,GAAP,EAAY;AACZ;AACA;AACA;AACA;AACD;;AAED,UAAI,CAACH,GAAL,EAAU;AAAE;AAAS;;AACrB,UAAIA,GAAG,CAACI,IAAJ,KAAa,sBAAjB,EAAyC;AACvC,eAAOb,OAAO,CAACS,GAAG,CAACnB,WAAL,CAAd;AACD;;AACD,UAAImB,GAAG,CAACI,IAAJ,KAAa,yBAAjB,EAA4C;AAC1CR,QAAAA,CAAC,CAACS,MAAF,CAASC,WAAT,CAAqBL,IAAI,CAACM,SAAL,CAAe;AAClCH,UAAAA,IAAI,EAAE;AAD4B,SAAf,CAArB,EAEIR,CAAC,CAACE,MAFN;AAGD;AACF,KAvBD;;AAwBA,2BAAYU,MAAZ,EAAoB,SAApB,EAA+BnB,QAA/B;AAEAD,IAAAA,MAAM,CAACqB,GAAP,GAAa3B,GAAG,CAACiB,eAAJ,KAAwB,kCAArC;AACAP,IAAAA,QAAQ,CAACkB,IAAT,CAAcC,WAAd,CAA0BvB,MAA1B;AAEAD,IAAAA,OAAO,GAAGyB,UAAU,CAAC,YAAW;AAC9B3B,MAAAA,MAAM,CAAC,IAAIC,oBAAJ,CAAiB,0BAAjB,CAAD,CAAN;AACD,KAFmB,EAEjBH,OAAO,CAACI,OAAR,IAAmB,KAFF,CAApB;AAGD,GArCa,CAAd;AAuCA,SAAOG,OAAO,CAACuB,OAAR,CAAgB,YAAW;AAChCC,IAAAA,YAAY,CAAC3B,OAAD,CAAZ;AACA,8BAAeqB,MAAf,EAAuB,SAAvB,EAAkCnB,QAAlC;;AACA,QAAIG,QAAQ,CAACkB,IAAT,CAAcK,QAAd,CAAuB3B,MAAvB,CAAJ,EAAoC;AAClCA,MAAAA,MAAM,CAAC4B,aAAP,CAAqBC,WAArB,CAAiC7B,MAAjC;AACD;AACF,GANM,CAAP;AAOD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { OktaAuth } from '../types';\nimport { AuthSdkError } from '../errors';\nimport { isFingerprintSupported } from '../features';\nimport {\n addListener,\n removeListener\n} from '../oidc';\nimport { FingerprintOptions } from '../types';\n\nexport default function fingerprint(sdk: OktaAuth, options: FingerprintOptions) {\n options = options || {};\n\n if (!isFingerprintSupported()) {\n return Promise.reject(new AuthSdkError('Fingerprinting is not supported on this device'));\n }\n\n var timeout;\n var iframe;\n var listener;\n var promise = new Promise(function (resolve, reject) {\n iframe = document.createElement('iframe');\n iframe.style.display = 'none';\n\n // eslint-disable-next-line complexity\n listener = function listener(e) {\n if (!e || !e.data || e.origin !== sdk.getIssuerOrigin()) {\n return;\n }\n\n try {\n var msg = JSON.parse(e.data);\n } catch (err) {\n // iframe messages should all be parsable\n // skip not parsable messages come from other sources in same origin (browser extensions)\n // TODO: add namespace flag in okta-core to distinguish messages that come from other sources\n return;\n }\n\n if (!msg) { return; }\n if (msg.type === 'FingerprintAvailable') {\n return resolve(msg.fingerprint);\n }\n if (msg.type === 'FingerprintServiceReady') {\n e.source.postMessage(JSON.stringify({\n type: 'GetFingerprint'\n }), e.origin);\n }\n };\n addListener(window, 'message', listener);\n\n iframe.src = sdk.getIssuerOrigin() + '/auth/services/devicefingerprint';\n document.body.appendChild(iframe);\n\n timeout = setTimeout(function() {\n reject(new AuthSdkError('Fingerprinting timed out'));\n }, options.timeout || 15000);\n });\n\n return promise.finally(function() {\n clearTimeout(timeout);\n removeListener(window, 'message', listener);\n if (document.body.contains(iframe)) {\n iframe.parentElement.removeChild(iframe);\n }\n });\n}\n"],"file":"fingerprint.js"}
1
+ {"version":3,"sources":["../../../lib/browser/fingerprint.ts"],"names":["fingerprint","sdk","options","reject","AuthSdkError","timeout","iframe","listener","promise","resolve","document","createElement","style","display","e","data","origin","getIssuerOrigin","msg","JSON","parse","err","type","source","postMessage","window","src","body","appendChild","setTimeout","finally","clearTimeout","contains","parentElement","removeChild"],"mappings":";;;;;;;;;;AAaA;;AACA;;AACA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAWe,SAASA,WAAT,CAAqBC,GAArB,EAA6CC,OAA7C,EAA4F;AACzGA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;;AAEA,MAAI,CAAC,uCAAL,EAA+B;AAC7B,WAAO,iBAAQC,MAAR,CAAe,IAAIC,oBAAJ,CAAiB,gDAAjB,CAAf,CAAP;AACD;;AAED,MAAIC,OAAJ;AACA,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,OAAO,GAAG,qBAAY,UAAUC,OAAV,EAAmBN,MAAnB,EAA2B;AAAA;;AACnDG,IAAAA,MAAM,GAAGI,QAAQ,CAACC,aAAT,CAAuB,QAAvB,CAAT;AACAL,IAAAA,MAAM,CAACM,KAAP,CAAaC,OAAb,GAAuB,MAAvB,CAFmD,CAInD;;AACAN,IAAAA,QAAQ,GAAG,SAASA,QAAT,CAAkBO,CAAlB,EAAqB;AAC9B,UAAI,CAACA,CAAD,IAAM,CAACA,CAAC,CAACC,IAAT,IAAiBD,CAAC,CAACE,MAAF,KAAaf,GAAG,CAACgB,eAAJ,EAAlC,EAAyD;AACvD;AACD;;AAED,UAAI;AACF,YAAIC,GAAG,GAAGC,IAAI,CAACC,KAAL,CAAWN,CAAC,CAACC,IAAb,CAAV;AACD,OAFD,CAEE,OAAOM,GAAP,EAAY;AACZ;AACA;AACA;AACA;AACD;;AAED,UAAI,CAACH,GAAL,EAAU;AAAE;AAAS;;AACrB,UAAIA,GAAG,CAACI,IAAJ,KAAa,sBAAjB,EAAyC;AACvC,eAAOb,OAAO,CAACS,GAAG,CAAClB,WAAL,CAAd;AACD;;AACD,UAAIkB,GAAG,CAACI,IAAJ,KAAa,yBAAjB,EAA4C;AAC1CR,QAAAA,CAAC,CAACS,MAAF,CAASC,WAAT,CAAqB,wBAAe;AAClCF,UAAAA,IAAI,EAAE;AAD4B,SAAf,CAArB,EAEIR,CAAC,CAACE,MAFN;AAGD;AACF,KAvBD;;AAwBA,2BAAYS,MAAZ,EAAoB,SAApB,EAA+BlB,QAA/B;AAEAD,IAAAA,MAAM,CAACoB,GAAP,GAAazB,GAAG,CAACgB,eAAJ,KAAwB,kCAArC;AACAP,IAAAA,QAAQ,CAACiB,IAAT,CAAcC,WAAd,CAA0BtB,MAA1B;AAEAD,IAAAA,OAAO,GAAGwB,UAAU,CAAC,YAAW;AAC9B1B,MAAAA,MAAM,CAAC,IAAIC,oBAAJ,CAAiB,0BAAjB,CAAD,CAAN;AACD,KAFmB,EAEjB,aAAAF,OAAO,UAAP,4CAASG,OAAT,KAAoB,KAFH,CAApB;AAGD,GArCa,CAAd;AAuCA,SAAOG,OAAO,CAACsB,OAAR,CAAgB,YAAW;AAChCC,IAAAA,YAAY,CAAC1B,OAAD,CAAZ;AACA,8BAAeoB,MAAf,EAAuB,SAAvB,EAAkClB,QAAlC;;AACA,QAAIG,QAAQ,CAACiB,IAAT,CAAcK,QAAd,CAAuB1B,MAAvB,CAAJ,EAAoC;AAClCA,MAAAA,MAAM,CAAC2B,aAAP,CAAqBC,WAArB,CAAiC5B,MAAjC;AACD;AACF,GANM,CAAP;AAOD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../errors';\nimport { isFingerprintSupported } from '../features';\nimport {\n addListener,\n removeListener\n} from '../oidc';\nimport { FingerprintOptions, OktaAuthInterface } from '../types';\n\nexport default function fingerprint(sdk: OktaAuthInterface, options?: FingerprintOptions): Promise<string> {\n options = options || {};\n\n if (!isFingerprintSupported()) {\n return Promise.reject(new AuthSdkError('Fingerprinting is not supported on this device'));\n }\n\n var timeout;\n var iframe;\n var listener;\n var promise = new Promise(function (resolve, reject) {\n iframe = document.createElement('iframe');\n iframe.style.display = 'none';\n\n // eslint-disable-next-line complexity\n listener = function listener(e) {\n if (!e || !e.data || e.origin !== sdk.getIssuerOrigin()) {\n return;\n }\n\n try {\n var msg = JSON.parse(e.data);\n } catch (err) {\n // iframe messages should all be parsable\n // skip not parsable messages come from other sources in same origin (browser extensions)\n // TODO: add namespace flag in okta-core to distinguish messages that come from other sources\n return;\n }\n\n if (!msg) { return; }\n if (msg.type === 'FingerprintAvailable') {\n return resolve(msg.fingerprint as string);\n }\n if (msg.type === 'FingerprintServiceReady') {\n e.source.postMessage(JSON.stringify({\n type: 'GetFingerprint'\n }), e.origin);\n }\n };\n addListener(window, 'message', listener);\n\n iframe.src = sdk.getIssuerOrigin() + '/auth/services/devicefingerprint';\n document.body.appendChild(iframe);\n\n timeout = setTimeout(function() {\n reject(new AuthSdkError('Fingerprinting timed out'));\n }, options?.timeout || 15000);\n });\n\n return promise.finally(function() {\n clearTimeout(timeout);\n removeListener(window, 'message', listener);\n if (document.body.contains(iframe)) {\n iframe.parentElement.removeChild(iframe);\n }\n }) as Promise<string>;\n}\n"],"file":"fingerprint.js"}
package/cjs/builderUtil.js CHANGED
@@ -1,9 +1,10 @@
1
1
  "use strict";
2
2
 
3
- var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
4
 
5
5
  exports.assertValidConfig = assertValidConfig;
6
- exports.getUserAgent = getUserAgent;
6
+
7
+ var _indexOf = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/index-of"));
7
8
 
8
9
  var _AuthSdkError = _interopRequireDefault(require("./errors/AuthSdkError"));
9
10
 
@@ -26,7 +27,8 @@ function assertValidConfig(args) {
26
27
 
27
28
  if (scopes && !Array.isArray(scopes)) {
28
29
  throw new _AuthSdkError.default('scopes must be a array of strings. ' + 'Required usage: new OktaAuth({scopes: ["openid", "email"]})');
29
- }
30
+ } // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
31
+
30
32
 
31
33
  var issuer = args.issuer;
32
34
 
@@ -36,26 +38,12 @@ function assertValidConfig(args) {
36
38
 
37
39
  var isUrlRegex = new RegExp('^http?s?://.+');
38
40
 
39
- if (!isUrlRegex.test(args.issuer)) {
41
+ if (!isUrlRegex.test(issuer)) {
40
42
  throw new _AuthSdkError.default('Issuer must be a valid URL. ' + 'Required usage: new OktaAuth({issuer: "https://{yourOktaDomain}.com/oauth2/{authServerId}"})');
41
43
  }
42
44
 
43
- if (issuer.indexOf('-admin.') !== -1) {
45
+ if ((0, _indexOf.default)(issuer).call(issuer, '-admin.') !== -1) {
44
46
  throw new _AuthSdkError.default('Issuer URL passed to constructor contains "-admin" in subdomain. ' + 'Required usage: new OktaAuth({issuer: "https://{yourOktaDomain}.com})');
45
47
  }
46
48
  }
47
-
48
- function getUserAgent(args, sdkValue) {
49
- var userAgent = args.userAgent || {};
50
-
51
- if (userAgent.value) {
52
- return userAgent.value;
53
- }
54
-
55
- if (userAgent.template) {
56
- return userAgent.template.replace('$OKTA_AUTH_JS', sdkValue);
57
- }
58
-
59
- return sdkValue;
60
- }
61
49
  //# sourceMappingURL=builderUtil.js.map
package/cjs/builderUtil.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/builderUtil.ts"],"names":["assertValidConfig","args","scopes","Array","isArray","AuthSdkError","issuer","isUrlRegex","RegExp","test","indexOf","getUserAgent","sdkValue","userAgent","value","template","replace"],"mappings":";;;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA;AACA,SAASA,iBAAT,CAA2BC,IAA3B,EAAkD;AAChDA,EAAAA,IAAI,GAAGA,IAAI,IAAI,EAAf;AAEA,MAAIC,MAAM,GAAGD,IAAI,CAACC,MAAlB;;AACA,MAAIA,MAAM,IAAI,CAACC,KAAK,CAACC,OAAN,CAAcF,MAAd,CAAf,EAAsC;AACpC,UAAM,IAAIG,qBAAJ,CAAiB,wCACrB,6DADI,CAAN;AAED;;AAED,MAAIC,MAAM,GAAGL,IAAI,CAACK,MAAlB;;AACA,MAAI,CAACA,MAAL,EAAa;AACX,UAAM,IAAID,qBAAJ,CAAiB,sCACrB,8FADI,CAAN;AAED;;AAED,MAAIE,UAAU,GAAG,IAAIC,MAAJ,CAAW,eAAX,CAAjB;;AACA,MAAI,CAACD,UAAU,CAACE,IAAX,CAAgBR,IAAI,CAACK,MAArB,CAAL,EAAmC;AACjC,UAAM,IAAID,qBAAJ,CAAiB,iCACrB,8FADI,CAAN;AAED;;AAED,MAAIC,MAAM,CAACI,OAAP,CAAe,SAAf,MAA8B,CAAC,CAAnC,EAAsC;AACpC,UAAM,IAAIL,qBAAJ,CAAiB,sEACrB,uEADI,CAAN;AAED;AACF;;AAED,SAASM,YAAT,CAAsBV,IAAtB,EAA6CW,QAA7C,EAAuE;AACrE,MAAIC,SAAS,GAAGZ,IAAI,CAACY,SAAL,IAAkB,EAAlC;;AAEA,MAAIA,SAAS,CAACC,KAAd,EAAqB;AACnB,WAAOD,SAAS,CAACC,KAAjB;AACD;;AAED,MAAID,SAAS,CAACE,QAAd,EAAwB;AACtB,WAAOF,SAAS,CAACE,QAAV,CAAmBC,OAAnB,CAA2B,eAA3B,EAA4CJ,QAA5C,CAAP;AACD;;AAED,SAAOA,QAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { OktaAuthOptions } from './types';\n\n// TODO: use @okta/configuration-validation (move module to this monorepo?)\n// eslint-disable-next-line complexity\nfunction assertValidConfig(args: OktaAuthOptions) {\n args = args || {};\n\n var scopes = args.scopes;\n if (scopes && !Array.isArray(scopes)) {\n throw new AuthSdkError('scopes must be a array of strings. ' +\n 'Required usage: new OktaAuth({scopes: [\"openid\", \"email\"]})');\n }\n\n var issuer = args.issuer;\n if (!issuer) {\n throw new AuthSdkError('No issuer passed to constructor. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n var isUrlRegex = new RegExp('^http?s?://.+');\n if (!isUrlRegex.test(args.issuer)) {\n throw new AuthSdkError('Issuer must be a valid URL. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n if (issuer.indexOf('-admin.') !== -1) {\n throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n }\n}\n\nfunction getUserAgent(args: OktaAuthOptions, sdkValue: string): string {\n var userAgent = args.userAgent || {};\n\n if (userAgent.value) {\n return userAgent.value;\n }\n\n if (userAgent.template) {\n return userAgent.template.replace('$OKTA_AUTH_JS', sdkValue);\n }\n\n return sdkValue;\n}\n\nexport {\n assertValidConfig,\n getUserAgent\n};\n"],"file":"builderUtil.js"}
1
+ {"version":3,"sources":["../../lib/builderUtil.ts"],"names":["assertValidConfig","args","scopes","Array","isArray","AuthSdkError","issuer","isUrlRegex","RegExp","test"],"mappings":";;;;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA;AACA,SAASA,iBAAT,CAA2BC,IAA3B,EAAkD;AAChDA,EAAAA,IAAI,GAAGA,IAAI,IAAI,EAAf;AAEA,MAAIC,MAAM,GAAGD,IAAI,CAACC,MAAlB;;AACA,MAAIA,MAAM,IAAI,CAACC,KAAK,CAACC,OAAN,CAAcF,MAAd,CAAf,EAAsC;AACpC,UAAM,IAAIG,qBAAJ,CAAiB,wCACrB,6DADI,CAAN;AAED,GAP+C,CAShD;;;AACA,MAAIC,MAAM,GAAGL,IAAI,CAACK,MAAlB;;AACA,MAAI,CAACA,MAAL,EAAa;AACX,UAAM,IAAID,qBAAJ,CAAiB,sCACrB,8FADI,CAAN;AAED;;AAED,MAAIE,UAAU,GAAG,IAAIC,MAAJ,CAAW,eAAX,CAAjB;;AACA,MAAI,CAACD,UAAU,CAACE,IAAX,CAAgBH,MAAhB,CAAL,EAA8B;AAC5B,UAAM,IAAID,qBAAJ,CAAiB,iCACrB,8FADI,CAAN;AAED;;AAED,MAAI,sBAAAC,MAAM,MAAN,CAAAA,MAAM,EAAS,SAAT,CAAN,KAA8B,CAAC,CAAnC,EAAsC;AACpC,UAAM,IAAID,qBAAJ,CAAiB,sEACrB,uEADI,CAAN;AAED;AACF","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { OktaAuthOptions } from './types';\n\n// TODO: use @okta/configuration-validation (move module to this monorepo?)\n// eslint-disable-next-line complexity\nfunction assertValidConfig(args: OktaAuthOptions) {\n args = args || {};\n\n var scopes = args.scopes;\n if (scopes && !Array.isArray(scopes)) {\n throw new AuthSdkError('scopes must be a array of strings. ' +\n 'Required usage: new OktaAuth({scopes: [\"openid\", \"email\"]})');\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n var issuer = args.issuer!;\n if (!issuer) {\n throw new AuthSdkError('No issuer passed to constructor. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n var isUrlRegex = new RegExp('^http?s?://.+');\n if (!isUrlRegex.test(issuer)) {\n throw new AuthSdkError('Issuer must be a valid URL. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n if (issuer.indexOf('-admin.') !== -1) {\n throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n }\n}\n\nexport {\n assertValidConfig\n};\n"],"file":"builderUtil.js"}
package/cjs/clock.js CHANGED
@@ -1,7 +1,11 @@
1
1
  "use strict";
2
2
 
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
+
3
5
  exports.default = void 0;
4
6
 
7
+ var _parseInt2 = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/parse-int"));
8
+
5
9
  /*!
6
10
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
7
11
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -16,7 +20,7 @@ exports.default = void 0;
16
20
  class SdkClock {
17
21
  constructor(localOffset) {
18
22
  // Calculated local clock offset from server time (in milliseconds). Can be positive or negative.
19
- this.localOffset = parseInt(localOffset || 0);
23
+ this.localOffset = (0, _parseInt2.default)(localOffset || 0);
20
24
  } // factory method. Create an instance of a clock from current context.
21
25
 
22
26
 
package/cjs/clock.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/clock.ts"],"names":["SdkClock","constructor","localOffset","parseInt","create","now","Date"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEe,MAAMA,QAAN,CAAe;AAG5BC,EAAAA,WAAW,CAACC,WAAD,EAAc;AACvB;AACA,SAAKA,WAAL,GAAmBC,QAAQ,CAACD,WAAW,IAAI,CAAhB,CAA3B;AACD,GAN2B,CAQ5B;;;AACa,SAANE,MAAM,GAA+B;AAC1C;AACA,QAAIF,WAAW,GAAG,CAAlB;AACA,WAAO,IAAIF,QAAJ,CAAaE,WAAb,CAAP;AACD,GAb2B,CAe5B;;;AACAG,EAAAA,GAAG,GAAG;AACJ,QAAIA,GAAG,GAAG,CAACC,IAAI,CAACD,GAAL,KAAa,KAAKH,WAAnB,IAAkC,IAA5C;AACA,WAAOG,GAAP;AACD;;AAnB2B","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport default class SdkClock {\n localOffset: number;\n\n constructor(localOffset) {\n // Calculated local clock offset from server time (in milliseconds). Can be positive or negative.\n this.localOffset = parseInt(localOffset || 0);\n }\n\n // factory method. Create an instance of a clock from current context.\n static create(/* sdk, options */): SdkClock {\n // TODO: calculate localOffset\n var localOffset = 0;\n return new SdkClock(localOffset);\n }\n\n // Return the current time (in seconds)\n now() {\n var now = (Date.now() + this.localOffset) / 1000;\n return now;\n }\n}\n"],"file":"clock.js"}
1
+ {"version":3,"sources":["../../lib/clock.ts"],"names":["SdkClock","constructor","localOffset","create","now","Date"],"mappings":";;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEe,MAAMA,QAAN,CAAe;AAG5BC,EAAAA,WAAW,CAACC,WAAD,EAAc;AACvB;AACA,SAAKA,WAAL,GAAmB,wBAASA,WAAW,IAAI,CAAxB,CAAnB;AACD,GAN2B,CAQ5B;;;AACa,SAANC,MAAM,GAA+B;AAC1C;AACA,QAAID,WAAW,GAAG,CAAlB;AACA,WAAO,IAAIF,QAAJ,CAAaE,WAAb,CAAP;AACD,GAb2B,CAe5B;;;AACAE,EAAAA,GAAG,GAAG;AACJ,QAAIA,GAAG,GAAG,CAACC,IAAI,CAACD,GAAL,KAAa,KAAKF,WAAnB,IAAkC,IAA5C;AACA,WAAOE,GAAP;AACD;;AAnB2B","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport default class SdkClock {\n localOffset: number;\n\n constructor(localOffset) {\n // Calculated local clock offset from server time (in milliseconds). Can be positive or negative.\n this.localOffset = parseInt(localOffset || 0);\n }\n\n // factory method. Create an instance of a clock from current context.\n static create(/* sdk, options */): SdkClock {\n // TODO: calculate localOffset\n var localOffset = 0;\n return new SdkClock(localOffset);\n }\n\n // Return the current time (in seconds)\n now() {\n var now = (Date.now() + this.localOffset) / 1000;\n return now;\n }\n}\n"],"file":"clock.js"}
package/cjs/crypto/base64.js CHANGED
@@ -1,11 +1,17 @@
1
1
  "use strict";
2
2
 
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
+
3
5
  exports.stringToBase64Url = stringToBase64Url;
4
6
  exports.base64ToBase64Url = base64ToBase64Url;
5
7
  exports.base64UrlToBase64 = base64UrlToBase64;
6
8
  exports.base64UrlToString = base64UrlToString;
7
9
  exports.stringToBuffer = stringToBuffer;
8
10
  exports.base64UrlDecode = base64UrlDecode;
11
+ exports.base64UrlToBuffer = base64UrlToBuffer;
12
+ exports.bufferToBase64Url = bufferToBase64Url;
13
+
14
+ var _reduce = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/reduce"));
9
15
 
10
16
  var _errors = require("../errors");
11
17
 
@@ -78,5 +84,17 @@ function stringToBuffer(str) {
78
84
 
79
85
  function base64UrlDecode(str) {
80
86
  return (0, _webcrypto.atob)(base64UrlToBase64(str));
87
+ } // Converts base64 string to binary data view
88
+
89
+
90
+ function base64UrlToBuffer(b64u) {
91
+ return Uint8Array.from(base64UrlDecode(b64u), c => c.charCodeAt(0));
92
+ } // Converts an ArrayBuffer object that contains binary data to base64 encoded string
93
+
94
+
95
+ function bufferToBase64Url(bin) {
96
+ var _context;
97
+
98
+ return (0, _webcrypto.btoa)((0, _reduce.default)(_context = new Uint8Array(bin)).call(_context, (s, byte) => s + String.fromCharCode(byte), ''));
81
99
  }
82
100
  //# sourceMappingURL=base64.js.map
package/cjs/crypto/base64.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/crypto/base64.ts"],"names":["stringToBase64Url","str","b64","base64ToBase64Url","replace","base64UrlToBase64","b64u","base64UrlToString","length","AuthSdkError","utf8","decodeURIComponent","escape","e","stringToBuffer","buffer","Uint8Array","i","charCodeAt","base64UrlDecode"],"mappings":";;;;;;;;;AAYA;;AACA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACO,SAASA,iBAAT,CAA2BC,GAA3B,EAAgC;AACrC,MAAIC,GAAG,GAAG,qBAAKD,GAAL,CAAV;AACA,SAAOE,iBAAiB,CAACD,GAAD,CAAxB;AACD,C,CAED;;;AACO,SAASC,iBAAT,CAA2BD,GAA3B,EAAgC;AACrC,SAAOA,GAAG,CAACE,OAAJ,CAAY,KAAZ,EAAmB,GAAnB,EAAwBA,OAAxB,CAAgC,KAAhC,EAAuC,GAAvC,EAA4CA,OAA5C,CAAoD,KAApD,EAA2D,EAA3D,CAAP;AACD,C,CAED;;;AACO,SAASC,iBAAT,CAA2BC,IAA3B,EAAiC;AACtC,SAAOA,IAAI,CAACF,OAAL,CAAa,IAAb,EAAmB,GAAnB,EAAwBA,OAAxB,CAAgC,IAAhC,EAAsC,GAAtC,CAAP;AACD;;AAEM,SAASG,iBAAT,CAA2BD,IAA3B,EAAiC;AACtC,MAAIJ,GAAG,GAAGG,iBAAiB,CAACC,IAAD,CAA3B;;AACA,UAAQJ,GAAG,CAACM,MAAJ,GAAa,CAArB;AACE,SAAK,CAAL;AACE;;AACF,SAAK,CAAL;AACEN,MAAAA,GAAG,IAAI,IAAP;AACA;;AACF,SAAK,CAAL;AACEA,MAAAA,GAAG,IAAI,GAAP;AACA;;AACF;AACE,YAAM,IAAIO,oBAAJ,CAAiB,uBAAjB,CAAN;AAVJ;;AAYA,MAAIC,IAAI,GAAG,qBAAKR,GAAL,CAAX;;AACA,MAAI;AACF,WAAOS,kBAAkB,CAACC,MAAM,CAACF,IAAD,CAAP,CAAzB;AACD,GAFD,CAEE,OAAOG,CAAP,EAAU;AACV,WAAOH,IAAP;AACD;AACF;;AAEM,SAASI,cAAT,CAAwBb,GAAxB,EAA6B;AAClC,MAAIc,MAAM,GAAG,IAAIC,UAAJ,CAAef,GAAG,CAACO,MAAnB,CAAb;;AACA,OAAK,IAAIS,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGhB,GAAG,CAACO,MAAxB,EAAgCS,CAAC,EAAjC,EAAqC;AACnCF,IAAAA,MAAM,CAACE,CAAD,CAAN,GAAYhB,GAAG,CAACiB,UAAJ,CAAeD,CAAf,CAAZ;AACD;;AACD,SAAOF,MAAP;AACD;;AAEM,SAASI,eAAT,CAAyBlB,GAAzB,EAA8B;AACnC,SAAO,qBAAKI,iBAAiB,CAACJ,GAAD,CAAtB,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { AuthSdkError } from '../errors';\nimport { atob, btoa } from './webcrypto';\n\n// converts a string to base64 (url/filename safe variant)\nexport function stringToBase64Url(str) {\n var b64 = btoa(str);\n return base64ToBase64Url(b64);\n}\n\n// converts a standard base64-encoded string to a \"url/filename safe\" variant\nexport function base64ToBase64Url(b64) {\n return b64.replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '');\n}\n\n// converts a \"url/filename safe\" base64 string to a \"standard\" base64 string\nexport function base64UrlToBase64(b64u) {\n return b64u.replace(/-/g, '+').replace(/_/g, '/');\n}\n\nexport function base64UrlToString(b64u) {\n var b64 = base64UrlToBase64(b64u);\n switch (b64.length % 4) {\n case 0:\n break;\n case 2:\n b64 += '==';\n break;\n case 3:\n b64 += '=';\n break;\n default:\n throw new AuthSdkError('Not a valid Base64Url');\n }\n var utf8 = atob(b64);\n try {\n return decodeURIComponent(escape(utf8));\n } catch (e) {\n return utf8;\n }\n}\n\nexport function stringToBuffer(str) {\n var buffer = new Uint8Array(str.length);\n for (var i = 0; i < str.length; i++) {\n buffer[i] = str.charCodeAt(i);\n }\n return buffer;\n}\n\nexport function base64UrlDecode(str) {\n return atob(base64UrlToBase64(str));\n}\n"],"file":"base64.js"}
1
+ {"version":3,"sources":["../../../lib/crypto/base64.ts"],"names":["stringToBase64Url","str","b64","base64ToBase64Url","replace","base64UrlToBase64","b64u","base64UrlToString","length","AuthSdkError","utf8","decodeURIComponent","escape","e","stringToBuffer","buffer","Uint8Array","i","charCodeAt","base64UrlDecode","base64UrlToBuffer","from","c","bufferToBase64Url","bin","s","byte","String","fromCharCode"],"mappings":";;;;;;;;;;;;;;;AAYA;;AACA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACO,SAASA,iBAAT,CAA2BC,GAA3B,EAAgC;AACrC,MAAIC,GAAG,GAAG,qBAAKD,GAAL,CAAV;AACA,SAAOE,iBAAiB,CAACD,GAAD,CAAxB;AACD,C,CAED;;;AACO,SAASC,iBAAT,CAA2BD,GAA3B,EAAgC;AACrC,SAAOA,GAAG,CAACE,OAAJ,CAAY,KAAZ,EAAmB,GAAnB,EAAwBA,OAAxB,CAAgC,KAAhC,EAAuC,GAAvC,EAA4CA,OAA5C,CAAoD,KAApD,EAA2D,EAA3D,CAAP;AACD,C,CAED;;;AACO,SAASC,iBAAT,CAA2BC,IAA3B,EAAiC;AACtC,SAAOA,IAAI,CAACF,OAAL,CAAa,IAAb,EAAmB,GAAnB,EAAwBA,OAAxB,CAAgC,IAAhC,EAAsC,GAAtC,CAAP;AACD;;AAEM,SAASG,iBAAT,CAA2BD,IAA3B,EAAiC;AACtC,MAAIJ,GAAG,GAAGG,iBAAiB,CAACC,IAAD,CAA3B;;AACA,UAAQJ,GAAG,CAACM,MAAJ,GAAa,CAArB;AACE,SAAK,CAAL;AACE;;AACF,SAAK,CAAL;AACEN,MAAAA,GAAG,IAAI,IAAP;AACA;;AACF,SAAK,CAAL;AACEA,MAAAA,GAAG,IAAI,GAAP;AACA;;AACF;AACE,YAAM,IAAIO,oBAAJ,CAAiB,uBAAjB,CAAN;AAVJ;;AAYA,MAAIC,IAAI,GAAG,qBAAKR,GAAL,CAAX;;AACA,MAAI;AACF,WAAOS,kBAAkB,CAACC,MAAM,CAACF,IAAD,CAAP,CAAzB;AACD,GAFD,CAEE,OAAOG,CAAP,EAAU;AACV,WAAOH,IAAP;AACD;AACF;;AAEM,SAASI,cAAT,CAAwBb,GAAxB,EAA6B;AAClC,MAAIc,MAAM,GAAG,IAAIC,UAAJ,CAAef,GAAG,CAACO,MAAnB,CAAb;;AACA,OAAK,IAAIS,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGhB,GAAG,CAACO,MAAxB,EAAgCS,CAAC,EAAjC,EAAqC;AACnCF,IAAAA,MAAM,CAACE,CAAD,CAAN,GAAYhB,GAAG,CAACiB,UAAJ,CAAeD,CAAf,CAAZ;AACD;;AACD,SAAOF,MAAP;AACD;;AAEM,SAASI,eAAT,CAAyBlB,GAAzB,EAA8B;AACnC,SAAO,qBAAKI,iBAAiB,CAACJ,GAAD,CAAtB,CAAP;AACD,C,CAED;;;AACO,SAASmB,iBAAT,CAA2Bd,IAA3B,EAAiC;AACtC,SAAOU,UAAU,CAACK,IAAX,CAAgBF,eAAe,CAACb,IAAD,CAA/B,EAAwCgB,CAAD,IAAeA,CAAC,CAACJ,UAAF,CAAa,CAAb,CAAtD,CAAP;AACD,C,CAED;;;AACO,SAASK,iBAAT,CAA2BC,GAA3B,EAAgC;AAAA;;AACrC,SAAO,qBAAK,oCAAIR,UAAJ,CAAeQ,GAAf,kBAA2B,CAACC,CAAD,EAAIC,IAAJ,KAAaD,CAAC,GAAGE,MAAM,CAACC,YAAP,CAAoBF,IAApB,CAA5C,EAAuE,EAAvE,CAAL,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { AuthSdkError } from '../errors';\nimport { atob, btoa } from './webcrypto';\n\n// converts a string to base64 (url/filename safe variant)\nexport function stringToBase64Url(str) {\n var b64 = btoa(str);\n return base64ToBase64Url(b64);\n}\n\n// converts a standard base64-encoded string to a \"url/filename safe\" variant\nexport function base64ToBase64Url(b64) {\n return b64.replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '');\n}\n\n// converts a \"url/filename safe\" base64 string to a \"standard\" base64 string\nexport function base64UrlToBase64(b64u) {\n return b64u.replace(/-/g, '+').replace(/_/g, '/');\n}\n\nexport function base64UrlToString(b64u) {\n var b64 = base64UrlToBase64(b64u);\n switch (b64.length % 4) {\n case 0:\n break;\n case 2:\n b64 += '==';\n break;\n case 3:\n b64 += '=';\n break;\n default:\n throw new AuthSdkError('Not a valid Base64Url');\n }\n var utf8 = atob(b64);\n try {\n return decodeURIComponent(escape(utf8));\n } catch (e) {\n return utf8;\n }\n}\n\nexport function stringToBuffer(str) {\n var buffer = new Uint8Array(str.length);\n for (var i = 0; i < str.length; i++) {\n buffer[i] = str.charCodeAt(i);\n }\n return buffer;\n}\n\nexport function base64UrlDecode(str) {\n return atob(base64UrlToBase64(str));\n}\n\n// Converts base64 string to binary data view\nexport function base64UrlToBuffer(b64u) {\n return Uint8Array.from(base64UrlDecode(b64u), (c: string) => c.charCodeAt(0));\n}\n\n// Converts an ArrayBuffer object that contains binary data to base64 encoded string\nexport function bufferToBase64Url(bin) {\n return btoa(new Uint8Array(bin).reduce((s, byte) => s + String.fromCharCode(byte), ''));\n}\n\n\n"],"file":"base64.js"}
package/cjs/crypto/index.js CHANGED
@@ -1,8 +1,10 @@
1
1
  "use strict";
2
2
 
3
+ var _Object$keys = require("@babel/runtime-corejs3/core-js-stable/object/keys");
4
+
3
5
  var _base = require("./base64");
4
6
 
5
- Object.keys(_base).forEach(function (key) {
7
+ _Object$keys(_base).forEach(function (key) {
6
8
  if (key === "default" || key === "__esModule") return;
7
9
  if (key in exports && exports[key] === _base[key]) return;
8
10
  Object.defineProperty(exports, key, {
@@ -15,7 +17,7 @@ Object.keys(_base).forEach(function (key) {
15
17
 
16
18
  var _oidcHash = require("./oidcHash");
17
19
 
18
- Object.keys(_oidcHash).forEach(function (key) {
20
+ _Object$keys(_oidcHash).forEach(function (key) {
19
21
  if (key === "default" || key === "__esModule") return;
20
22
  if (key in exports && exports[key] === _oidcHash[key]) return;
21
23
  Object.defineProperty(exports, key, {
@@ -28,7 +30,7 @@ Object.keys(_oidcHash).forEach(function (key) {
28
30
 
29
31
  var _verifyToken = require("./verifyToken");
30
32
 
31
- Object.keys(_verifyToken).forEach(function (key) {
33
+ _Object$keys(_verifyToken).forEach(function (key) {
32
34
  if (key === "default" || key === "__esModule") return;
33
35
  if (key in exports && exports[key] === _verifyToken[key]) return;
34
36
  Object.defineProperty(exports, key, {
@@ -41,7 +43,7 @@ Object.keys(_verifyToken).forEach(function (key) {
41
43
 
42
44
  var _webcrypto = require("./webcrypto");
43
45
 
44
- Object.keys(_webcrypto).forEach(function (key) {
46
+ _Object$keys(_webcrypto).forEach(function (key) {
45
47
  if (key === "default" || key === "__esModule") return;
46
48
  if (key in exports && exports[key] === _webcrypto[key]) return;
47
49
  Object.defineProperty(exports, key, {
package/cjs/crypto/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/crypto/index.ts"],"names":[],"mappings":";;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './base64';\nexport * from './oidcHash';\nexport * from './verifyToken';\nexport * from './webcrypto';\n"],"file":"index.js"}
1
+ {"version":3,"sources":["../../../lib/crypto/index.ts"],"names":[],"mappings":";;;;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './base64';\nexport * from './oidcHash';\nexport * from './verifyToken';\nexport * from './webcrypto';\n"],"file":"index.js"}