@okta/okta-auth-js 5.11.0 → 6.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +74 -0
- package/README.md +63 -29
- package/cjs/AuthStateManager.js +15 -6
- package/cjs/AuthStateManager.js.map +1 -1
- package/cjs/OktaAuth.js +168 -108
- package/cjs/OktaAuth.js.map +1 -1
- package/cjs/OktaUserAgent.js +2 -2
- package/cjs/OktaUserAgent.js.map +1 -1
- package/cjs/PromiseQueue.js +11 -2
- package/cjs/PromiseQueue.js.map +1 -1
- package/cjs/SavedObject.js +4 -2
- package/cjs/SavedObject.js.map +1 -1
- package/cjs/ServiceManager.js +195 -0
- package/cjs/ServiceManager.js.map +1 -0
- package/cjs/StorageManager.js +16 -9
- package/cjs/StorageManager.js.map +1 -1
- package/cjs/TokenManager.js +42 -34
- package/cjs/TokenManager.js.map +1 -1
- package/cjs/TransactionManager.js +26 -7
- package/cjs/TransactionManager.js.map +1 -1
- package/cjs/browser/browserStorage.js +36 -20
- package/cjs/browser/browserStorage.js.map +1 -1
- package/cjs/browser/fingerprint.js +12 -4
- package/cjs/browser/fingerprint.js.map +1 -1
- package/cjs/builderUtil.js +7 -19
- package/cjs/builderUtil.js.map +1 -1
- package/cjs/clock.js +5 -1
- package/cjs/clock.js.map +1 -1
- package/cjs/crypto/base64.js +18 -0
- package/cjs/crypto/base64.js.map +1 -1
- package/cjs/crypto/index.js +6 -4
- package/cjs/crypto/index.js.map +1 -1
- package/cjs/crypto/node.js +19 -13
- package/cjs/crypto/node.js.map +1 -1
- package/cjs/crypto/oidcHash.js +5 -1
- package/cjs/crypto/oidcHash.js.map +1 -1
- package/cjs/crypto/webauthn.js +101 -0
- package/cjs/crypto/webauthn.js.map +1 -0
- package/cjs/crypto/webcrypto.js +3 -1
- package/cjs/crypto/webcrypto.js.map +1 -1
- package/cjs/errors/AuthApiError.js +1 -1
- package/cjs/errors/AuthPollStopError.js +1 -1
- package/cjs/errors/AuthSdkError.js +1 -1
- package/cjs/errors/CustomError.js +5 -1
- package/cjs/errors/CustomError.js.map +1 -1
- package/cjs/errors/OAuthError.js +1 -1
- package/cjs/errors/index.js +1 -1
- package/cjs/features.js +9 -3
- package/cjs/features.js.map +1 -1
- package/cjs/fetch/fetchRequest.js +19 -6
- package/cjs/fetch/fetchRequest.js.map +1 -1
- package/cjs/http/headers.js.map +1 -1
- package/cjs/http/index.js +4 -2
- package/cjs/http/index.js.map +1 -1
- package/cjs/http/request.js +11 -5
- package/cjs/http/request.js.map +1 -1
- package/cjs/idx/authenticate.js +8 -5
- package/cjs/idx/authenticate.js.map +1 -1
- package/cjs/idx/authenticator/Authenticator.js.map +1 -1
- package/cjs/idx/authenticator/OktaPassword.js.map +1 -1
- package/cjs/idx/authenticator/SecurityQuestionEnrollment.js +1 -1
- package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map +1 -1
- package/cjs/idx/authenticator/SecurityQuestionVerification.js +2 -1
- package/cjs/idx/authenticator/SecurityQuestionVerification.js.map +1 -1
- package/cjs/idx/authenticator/VerificationCodeAuthenticator.js +2 -2
- package/cjs/idx/authenticator/VerificationCodeAuthenticator.js.map +1 -1
- package/cjs/idx/authenticator/WebauthnEnrollment.js +46 -0
- package/cjs/idx/authenticator/WebauthnEnrollment.js.map +1 -0
- package/cjs/idx/authenticator/WebauthnVerification.js +55 -0
- package/cjs/idx/authenticator/WebauthnVerification.js.map +1 -0
- package/cjs/idx/authenticator/getAuthenticator.js +17 -6
- package/cjs/idx/authenticator/getAuthenticator.js.map +1 -1
- package/cjs/idx/authenticator/index.js +34 -6
- package/cjs/idx/authenticator/index.js.map +1 -1
- package/cjs/idx/cancel.js.map +1 -1
- package/cjs/idx/emailVerify.js +73 -0
- package/cjs/idx/emailVerify.js.map +1 -0
- package/cjs/idx/flow/AccountUnlockFlow.js +30 -0
- package/cjs/idx/flow/AccountUnlockFlow.js.map +1 -0
- package/cjs/idx/flow/FlowSpecification.js +24 -4
- package/cjs/idx/flow/FlowSpecification.js.map +1 -1
- package/cjs/idx/flow/PasswordRecoveryFlow.js +4 -1
- package/cjs/idx/flow/PasswordRecoveryFlow.js.map +1 -1
- package/cjs/idx/flow/RegistrationFlow.js +2 -0
- package/cjs/idx/flow/RegistrationFlow.js.map +1 -1
- package/cjs/idx/flow/index.js +20 -5
- package/cjs/idx/flow/index.js.map +1 -1
- package/cjs/idx/handleInteractionCodeRedirect.js +6 -1
- package/cjs/idx/handleInteractionCodeRedirect.js.map +1 -1
- package/cjs/idx/headers.js +21 -5
- package/cjs/idx/headers.js.map +1 -1
- package/cjs/idx/idx-js/client.js +91 -0
- package/cjs/idx/idx-js/client.js.map +1 -0
- package/cjs/idx/idx-js/index.js +162 -0
- package/cjs/idx/idx-js/index.js.map +1 -0
- package/cjs/idx/idx-js/interact.js +83 -0
- package/cjs/idx/idx-js/interact.js.map +1 -0
- package/cjs/idx/idx-js/introspect.js +58 -0
- package/cjs/idx/idx-js/introspect.js.map +1 -0
- package/cjs/idx/idx-js/parsers.js +41 -0
- package/cjs/idx/idx-js/parsers.js.map +1 -0
- package/cjs/idx/idx-js/util.js +34 -0
- package/cjs/idx/idx-js/util.js.map +1 -0
- package/cjs/idx/idx-js/v1/actionParser.js +90 -0
- package/cjs/idx/idx-js/v1/actionParser.js.map +1 -0
- package/cjs/idx/idx-js/v1/generateIdxAction.js +117 -0
- package/cjs/idx/idx-js/v1/generateIdxAction.js.map +1 -0
- package/cjs/idx/idx-js/v1/idxResponseParser.js +137 -0
- package/cjs/idx/idx-js/v1/idxResponseParser.js.map +1 -0
- package/cjs/idx/idx-js/v1/makeIdxState.js +64 -0
- package/cjs/idx/idx-js/v1/makeIdxState.js.map +1 -0
- package/cjs/idx/idx-js/v1/parsers.js +24 -0
- package/cjs/idx/idx-js/v1/parsers.js.map +1 -0
- package/cjs/idx/idx-js/v1/remediationParser.js +32 -0
- package/cjs/idx/idx-js/v1/remediationParser.js.map +1 -0
- package/cjs/idx/index.js +121 -109
- package/cjs/idx/index.js.map +1 -1
- package/cjs/idx/interact.js +53 -36
- package/cjs/idx/interact.js.map +1 -1
- package/cjs/idx/introspect.js +17 -19
- package/cjs/idx/introspect.js.map +1 -1
- package/cjs/idx/poll.js +13 -3
- package/cjs/idx/poll.js.map +1 -1
- package/cjs/idx/proceed.js +4 -7
- package/cjs/idx/proceed.js.map +1 -1
- package/cjs/idx/recoverPassword.js +1 -1
- package/cjs/idx/recoverPassword.js.map +1 -1
- package/cjs/idx/register.js +11 -16
- package/cjs/idx/register.js.map +1 -1
- package/cjs/idx/remediate.js +74 -27
- package/cjs/idx/remediate.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorEnrollmentData.js +12 -4
- package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorVerificationData.js +52 -9
- package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
- package/cjs/idx/remediators/Base/AuthenticatorData.js +31 -13
- package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
- package/cjs/idx/remediators/Base/Remediator.js +67 -31
- package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
- package/cjs/idx/remediators/Base/SelectAuthenticator.js +46 -30
- package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js +16 -4
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/ChallengeAuthenticator.js +2 -2
- package/cjs/idx/remediators/ChallengeAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/ChallengePoll.js +2 -2
- package/cjs/idx/remediators/EnrollAuthenticator.js +2 -2
- package/cjs/idx/remediators/EnrollAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/EnrollPoll.js +18 -9
- package/cjs/idx/remediators/EnrollPoll.js.map +1 -1
- package/cjs/idx/remediators/EnrollProfile.js +24 -9
- package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
- package/cjs/idx/remediators/EnrollmentChannelData.js +96 -0
- package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -0
- package/cjs/idx/remediators/Identify.js +5 -3
- package/cjs/idx/remediators/Identify.js.map +1 -1
- package/cjs/idx/remediators/ReEnrollAuthenticator.js +6 -3
- package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/RedirectIdp.js +2 -2
- package/cjs/idx/remediators/ResetAuthenticator.js +2 -2
- package/cjs/idx/remediators/ResetAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js +7 -5
- package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorEnroll.js +2 -2
- package/cjs/idx/remediators/SelectAuthenticatorEnroll.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js +72 -0
- package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js.map +1 -0
- package/cjs/idx/remediators/SelectEnrollProfile.js +2 -2
- package/cjs/idx/remediators/SelectEnrollProfile.js.map +1 -1
- package/cjs/idx/remediators/SelectEnrollmentChannel.js +86 -0
- package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -0
- package/cjs/idx/remediators/Skip.js +5 -3
- package/cjs/idx/remediators/Skip.js.map +1 -1
- package/cjs/idx/remediators/index.js +57 -16
- package/cjs/idx/remediators/index.js.map +1 -1
- package/cjs/idx/remediators/util.js +18 -3
- package/cjs/idx/remediators/util.js.map +1 -1
- package/cjs/idx/run.js +145 -49
- package/cjs/idx/run.js.map +1 -1
- package/cjs/idx/startTransaction.js +4 -2
- package/cjs/idx/startTransaction.js.map +1 -1
- package/cjs/idx/transactionMeta.js +82 -69
- package/cjs/idx/transactionMeta.js.map +1 -1
- package/cjs/idx/types/idx-js.js.map +1 -1
- package/cjs/idx/types/index.js +59 -7
- package/cjs/idx/types/index.js.map +1 -1
- package/cjs/idx/unlockAccount.js +48 -0
- package/cjs/idx/unlockAccount.js.map +1 -0
- package/cjs/index.js +33 -13
- package/cjs/index.js.map +1 -1
- package/cjs/oidc/endpoints/authorize.js +10 -2
- package/cjs/oidc/endpoints/authorize.js.map +1 -1
- package/cjs/oidc/endpoints/index.js +5 -3
- package/cjs/oidc/endpoints/index.js.map +1 -1
- package/cjs/oidc/endpoints/token.js +16 -3
- package/cjs/oidc/endpoints/token.js.map +1 -1
- package/cjs/oidc/endpoints/well-known.js +7 -3
- package/cjs/oidc/endpoints/well-known.js.map +1 -1
- package/cjs/oidc/exchangeCodeForTokens.js +12 -4
- package/cjs/oidc/exchangeCodeForTokens.js.map +1 -1
- package/cjs/oidc/getToken.js +12 -6
- package/cjs/oidc/getToken.js.map +1 -1
- package/cjs/oidc/getUserInfo.js +7 -3
- package/cjs/oidc/getUserInfo.js.map +1 -1
- package/cjs/oidc/getWithPopup.js +8 -2
- package/cjs/oidc/getWithPopup.js.map +1 -1
- package/cjs/oidc/getWithRedirect.js +15 -38
- package/cjs/oidc/getWithRedirect.js.map +1 -1
- package/cjs/oidc/getWithoutPrompt.js +8 -2
- package/cjs/oidc/getWithoutPrompt.js.map +1 -1
- package/cjs/oidc/handleOAuthResponse.js +87 -87
- package/cjs/oidc/handleOAuthResponse.js.map +1 -1
- package/cjs/oidc/index.js +4 -2
- package/cjs/oidc/index.js.map +1 -1
- package/cjs/oidc/parseFromUrl.js +9 -3
- package/cjs/oidc/parseFromUrl.js.map +1 -1
- package/cjs/oidc/renewToken.js.map +1 -1
- package/cjs/oidc/renewTokens.js +6 -2
- package/cjs/oidc/renewTokens.js.map +1 -1
- package/cjs/oidc/renewTokensWithRefresh.js +5 -1
- package/cjs/oidc/renewTokensWithRefresh.js.map +1 -1
- package/cjs/oidc/revokeToken.js +34 -31
- package/cjs/oidc/revokeToken.js.map +1 -1
- package/cjs/oidc/util/browser.js +5 -1
- package/cjs/oidc/util/browser.js.map +1 -1
- package/cjs/oidc/util/defaultTokenParams.js.map +1 -1
- package/cjs/oidc/util/errors.js.map +1 -1
- package/cjs/oidc/util/index.js +27 -11
- package/cjs/oidc/util/index.js.map +1 -1
- package/cjs/oidc/util/loginRedirect.js +10 -1
- package/cjs/oidc/util/loginRedirect.js.map +1 -1
- package/cjs/oidc/util/oauth.js +4 -2
- package/cjs/oidc/util/oauth.js.map +1 -1
- package/cjs/oidc/util/oauthMeta.js +36 -0
- package/cjs/oidc/util/oauthMeta.js.map +1 -0
- package/cjs/oidc/util/pkce.js +11 -3
- package/cjs/oidc/util/pkce.js.map +1 -1
- package/cjs/oidc/util/prepareTokenParams.js +62 -39
- package/cjs/oidc/util/prepareTokenParams.js.map +1 -1
- package/cjs/oidc/util/validateClaims.js +3 -1
- package/cjs/oidc/util/validateClaims.js.map +1 -1
- package/cjs/oidc/verifyToken.js +13 -4
- package/cjs/oidc/verifyToken.js.map +1 -1
- package/cjs/options/browser.js +81 -0
- package/cjs/options/browser.js.map +1 -0
- package/cjs/options/index.js +94 -0
- package/cjs/options/index.js.map +1 -0
- package/cjs/options/node.js +46 -0
- package/cjs/options/node.js.map +1 -0
- package/cjs/server/serverStorage.js +9 -5
- package/cjs/server/serverStorage.js.map +1 -1
- package/cjs/services/AutoRenewService.js +94 -0
- package/cjs/services/AutoRenewService.js.map +1 -0
- package/cjs/services/SyncStorageService.js +93 -0
- package/cjs/services/SyncStorageService.js.map +1 -0
- package/cjs/services/index.js +30 -0
- package/cjs/services/index.js.map +1 -0
- package/cjs/tx/AuthTransaction.js +18 -9
- package/cjs/tx/AuthTransaction.js.map +1 -1
- package/cjs/tx/TransactionState.js +0 -17
- package/cjs/tx/TransactionState.js.map +1 -1
- package/cjs/tx/api.js +11 -6
- package/cjs/tx/api.js.map +1 -1
- package/cjs/tx/index.js +7 -5
- package/cjs/tx/index.js.map +1 -1
- package/cjs/tx/poll.js +6 -4
- package/cjs/tx/poll.js.map +1 -1
- package/cjs/tx/util.js +5 -1
- package/cjs/tx/util.js.map +1 -1
- package/cjs/types/Service.js +2 -0
- package/cjs/types/Service.js.map +1 -0
- package/cjs/types/Transaction.js +10 -2
- package/cjs/types/Transaction.js.map +1 -1
- package/cjs/types/index.js +29 -14
- package/cjs/types/index.js.map +1 -1
- package/cjs/util/index.js +7 -18
- package/cjs/util/index.js.map +1 -1
- package/cjs/util/misc.js +5 -1
- package/cjs/util/misc.js.map +1 -1
- package/cjs/util/object.js +16 -6
- package/cjs/util/object.js.map +1 -1
- package/cjs/util/sharedStorage.js +5 -1
- package/cjs/util/sharedStorage.js.map +1 -1
- package/cjs/util/url.js.map +1 -1
- package/dist/okta-auth-js.min.js +1 -1
- package/dist/okta-auth-js.min.js.LICENSE.txt +0 -20
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.polyfill.js +1 -1
- package/dist/okta-auth-js.polyfill.js.map +1 -1
- package/dist/okta-auth-js.umd.js +1 -1
- package/dist/okta-auth-js.umd.js.LICENSE.txt +1 -19
- package/dist/okta-auth-js.umd.js.map +1 -1
- package/esm/{index.js → esm.browser.js} +3283 -2698
- package/esm/esm.browser.js.map +1 -0
- package/esm/esm.node.mjs +9277 -0
- package/esm/esm.node.mjs.map +1 -0
- package/lib/AuthStateManager.d.ts +2 -5
- package/lib/OktaAuth.d.ts +14 -16
- package/lib/ServiceManager.d.ts +38 -0
- package/lib/StorageManager.d.ts +2 -2
- package/lib/TokenManager.d.ts +4 -5
- package/lib/TransactionManager.d.ts +4 -3
- package/lib/browser/fingerprint.d.ts +2 -3
- package/lib/builderUtil.d.ts +1 -2
- package/lib/crypto/base64.d.ts +2 -0
- package/lib/crypto/browser.d.ts +1 -1
- package/lib/crypto/webauthn.d.ts +25 -0
- package/lib/features.d.ts +1 -1
- package/lib/http/headers.d.ts +2 -2
- package/lib/http/request.d.ts +4 -4
- package/lib/idx/authenticate.d.ts +2 -2
- package/lib/idx/authenticator/Authenticator.d.ts +4 -5
- package/lib/idx/authenticator/OktaPassword.d.ts +7 -9
- package/lib/idx/authenticator/SecurityQuestionEnrollment.d.ts +9 -8
- package/lib/idx/authenticator/SecurityQuestionVerification.d.ts +7 -7
- package/lib/idx/authenticator/VerificationCodeAuthenticator.d.ts +6 -2
- package/lib/idx/authenticator/WebauthnEnrollment.d.ts +16 -0
- package/lib/idx/authenticator/WebauthnVerification.d.ts +17 -0
- package/lib/idx/authenticator/getAuthenticator.d.ts +1 -1
- package/lib/idx/authenticator/index.d.ts +9 -0
- package/lib/idx/cancel.d.ts +2 -2
- package/lib/idx/emailVerify.d.ts +26 -0
- package/lib/{util/emailVerify.d.ts → idx/flow/AccountUnlockFlow.d.ts} +2 -6
- package/lib/idx/flow/FlowSpecification.d.ts +3 -2
- package/lib/idx/flow/index.d.ts +1 -0
- package/lib/idx/headers.d.ts +3 -2
- package/lib/idx/idx-js/client.d.ts +36 -0
- package/lib/idx/idx-js/index.d.ts +51 -0
- package/lib/idx/idx-js/interact.d.ts +25 -0
- package/lib/idx/idx-js/introspect.d.ts +20 -0
- package/lib/idx/idx-js/parsers.d.ts +15 -0
- package/lib/idx/idx-js/util.d.ts +12 -0
- package/lib/idx/idx-js/v1/actionParser.d.ts +16 -0
- package/lib/idx/idx-js/v1/generateIdxAction.d.ts +13 -0
- package/lib/idx/idx-js/v1/idxResponseParser.d.ts +20 -0
- package/lib/idx/idx-js/v1/makeIdxState.d.ts +13 -0
- package/lib/idx/idx-js/v1/parsers.d.ts +16 -0
- package/lib/idx/idx-js/v1/remediationParser.d.ts +12 -0
- package/lib/idx/index.d.ts +12 -10
- package/lib/idx/interact.d.ts +7 -13
- package/lib/idx/introspect.d.ts +4 -3
- package/lib/idx/poll.d.ts +2 -2
- package/lib/idx/proceed.d.ts +8 -5
- package/lib/idx/recoverPassword.d.ts +2 -2
- package/lib/idx/register.d.ts +2 -2
- package/lib/idx/remediate.d.ts +10 -4
- package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +3 -3
- package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +5 -5
- package/lib/idx/remediators/Base/AuthenticatorData.d.ts +10 -10
- package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +10 -7
- package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +8 -12
- package/lib/idx/remediators/EnrollProfile.d.ts +1 -1
- package/lib/idx/remediators/EnrollmentChannelData.d.ts +54 -0
- package/lib/idx/remediators/Identify.d.ts +2 -2
- package/lib/idx/remediators/ReEnrollAuthenticator.d.ts +2 -2
- package/lib/idx/remediators/RedirectIdp.d.ts +3 -3
- package/lib/idx/remediators/SelectAuthenticatorUnlockAccount.d.ts +38 -0
- package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +40 -0
- package/lib/idx/remediators/index.d.ts +3 -0
- package/lib/idx/remediators/util.d.ts +2 -2
- package/lib/idx/run.d.ts +5 -3
- package/lib/idx/startTransaction.d.ts +3 -2
- package/lib/idx/transactionMeta.d.ts +10 -31
- package/lib/idx/types/FlowIdentifier.d.ts +1 -1
- package/lib/idx/types/idx-js.d.ts +44 -1
- package/lib/idx/types/index.d.ts +36 -9
- package/lib/idx/unlockAccount.d.ts +15 -0
- package/lib/index.d.ts +1 -0
- package/lib/oidc/endpoints/well-known.d.ts +3 -3
- package/lib/oidc/exchangeCodeForTokens.d.ts +14 -2
- package/lib/oidc/getToken.d.ts +2 -2
- package/lib/oidc/getWithPopup.d.ts +2 -2
- package/lib/oidc/getWithRedirect.d.ts +2 -2
- package/lib/oidc/getWithoutPrompt.d.ts +2 -2
- package/lib/oidc/handleOAuthResponse.d.ts +2 -2
- package/lib/oidc/parseFromUrl.d.ts +1 -1
- package/lib/oidc/renewToken.d.ts +2 -2
- package/lib/oidc/renewTokens.d.ts +1 -1
- package/lib/oidc/renewTokensWithRefresh.d.ts +2 -2
- package/lib/oidc/revokeToken.d.ts +2 -2
- package/lib/oidc/util/browser.d.ts +3 -3
- package/lib/oidc/util/defaultTokenParams.d.ts +2 -2
- package/lib/oidc/util/errors.d.ts +2 -2
- package/lib/oidc/util/index.d.ts +1 -0
- package/lib/oidc/util/loginRedirect.d.ts +4 -4
- package/lib/oidc/util/oauth.d.ts +4 -11
- package/lib/oidc/util/oauthMeta.d.ts +2 -0
- package/lib/oidc/util/prepareTokenParams.d.ts +5 -2
- package/lib/oidc/util/validateClaims.d.ts +2 -2
- package/lib/oidc/verifyToken.d.ts +2 -2
- package/lib/options/browser.d.ts +16 -0
- package/lib/{options.d.ts → options/index.d.ts} +1 -1
- package/lib/options/node.d.ts +16 -0
- package/lib/server/serverStorage.d.ts +1 -1
- package/lib/services/AutoRenewService.d.ts +27 -0
- package/lib/services/{TokenService.d.ts → SyncStorageService.d.ts} +8 -5
- package/lib/services/index.d.ts +13 -0
- package/lib/tx/AuthTransaction.d.ts +2 -2
- package/lib/tx/TransactionState.d.ts +11 -1
- package/lib/tx/api.d.ts +6 -6
- package/lib/types/OktaAuthOptions.d.ts +11 -8
- package/lib/types/Service.d.ts +23 -0
- package/lib/types/Storage.d.ts +3 -3
- package/lib/types/Transaction.d.ts +10 -7
- package/lib/types/UserClaims.d.ts +3 -3
- package/lib/types/api.d.ts +49 -22
- package/lib/types/index.d.ts +1 -1
- package/lib/util/console.d.ts +1 -1
- package/lib/util/index.d.ts +0 -1
- package/lib/util/sharedStorage.d.ts +1 -1
- package/lib/util/types.d.ts +1 -1
- package/lib/util/url.d.ts +2 -2
- package/package.json +30 -13
- package/polyfill/index.js +1 -0
- package/cjs/options.js +0 -154
- package/cjs/options.js.map +0 -1
- package/cjs/services/TokenService.js +0 -108
- package/cjs/services/TokenService.js.map +0 -1
- package/cjs/util/emailVerify.js +0 -28
- package/cjs/util/emailVerify.js.map +0 -1
- package/esm/index.js.map +0 -1
|
@@ -8,24 +8,43 @@ var _PasswordRecoveryFlow = require("./PasswordRecoveryFlow");
|
|
|
8
8
|
|
|
9
9
|
var _RegistrationFlow = require("./RegistrationFlow");
|
|
10
10
|
|
|
11
|
-
|
|
12
|
-
|
|
11
|
+
var _AccountUnlockFlow = require("./AccountUnlockFlow");
|
|
12
|
+
|
|
13
|
+
// eslint-disable-next-line complexity
|
|
14
|
+
function getFlowSpecification(oktaAuth, flow = 'default') {
|
|
15
|
+
let remediators,
|
|
16
|
+
actions,
|
|
17
|
+
withCredentials = true;
|
|
13
18
|
|
|
14
19
|
switch (flow) {
|
|
15
20
|
case 'register':
|
|
16
21
|
case 'signup':
|
|
17
22
|
case 'enrollProfile':
|
|
18
23
|
remediators = _RegistrationFlow.RegistrationFlow;
|
|
24
|
+
withCredentials = false;
|
|
19
25
|
break;
|
|
20
26
|
|
|
21
27
|
case 'recoverPassword':
|
|
22
28
|
case 'resetPassword':
|
|
23
29
|
remediators = _PasswordRecoveryFlow.PasswordRecoveryFlow;
|
|
24
30
|
actions = ['currentAuthenticator-recover', 'currentAuthenticatorEnrollment-recover'];
|
|
31
|
+
withCredentials = false;
|
|
32
|
+
break;
|
|
33
|
+
|
|
34
|
+
case 'unlockAccount':
|
|
35
|
+
remediators = _AccountUnlockFlow.AccountUnlockFlow;
|
|
36
|
+
withCredentials = false;
|
|
37
|
+
actions = ['unlock-account'];
|
|
38
|
+
break;
|
|
39
|
+
|
|
40
|
+
case 'authenticate':
|
|
41
|
+
case 'login':
|
|
42
|
+
case 'signin':
|
|
43
|
+
remediators = _AuthenticationFlow.AuthenticationFlow;
|
|
25
44
|
break;
|
|
26
45
|
|
|
27
46
|
default:
|
|
28
|
-
//
|
|
47
|
+
// default case has no flow monitor
|
|
29
48
|
remediators = _AuthenticationFlow.AuthenticationFlow;
|
|
30
49
|
break;
|
|
31
50
|
}
|
|
@@ -33,7 +52,8 @@ function getFlowSpecification(oktaAuth, flow = 'proceed') {
|
|
|
33
52
|
return {
|
|
34
53
|
flow,
|
|
35
54
|
remediators,
|
|
36
|
-
actions
|
|
55
|
+
actions,
|
|
56
|
+
withCredentials
|
|
37
57
|
};
|
|
38
58
|
}
|
|
39
59
|
//# sourceMappingURL=FlowSpecification.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/flow/FlowSpecification.ts"],"names":["getFlowSpecification","oktaAuth","flow","remediators","actions","RegistrationFlow","PasswordRecoveryFlow","AuthenticationFlow"],"mappings":";;;;AACA;;AACA;;AACA;;
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/flow/FlowSpecification.ts"],"names":["getFlowSpecification","oktaAuth","flow","remediators","actions","withCredentials","RegistrationFlow","PasswordRecoveryFlow","AccountUnlockFlow","AuthenticationFlow"],"mappings":";;;;AACA;;AACA;;AACA;;AACA;;AAUA;AACO,SAASA,oBAAT,CAA8BC,QAA9B,EAA2DC,IAAoB,GAAG,SAAlF,EAAgH;AACrH,MAAIC,WAAJ;AAAA,MAAiBC,OAAjB;AAAA,MAA0BC,eAAe,GAAG,IAA5C;;AACA,UAAQH,IAAR;AACE,SAAK,UAAL;AACA,SAAK,QAAL;AACA,SAAK,eAAL;AACEC,MAAAA,WAAW,GAAGG,kCAAd;AACAD,MAAAA,eAAe,GAAG,KAAlB;AACA;;AACF,SAAK,iBAAL;AACA,SAAK,eAAL;AACEF,MAAAA,WAAW,GAAGI,0CAAd;AACAH,MAAAA,OAAO,GAAG,CACR,8BADQ,EAER,wCAFQ,CAAV;AAIAC,MAAAA,eAAe,GAAG,KAAlB;AACA;;AACF,SAAK,eAAL;AACEF,MAAAA,WAAW,GAAGK,oCAAd;AACAH,MAAAA,eAAe,GAAG,KAAlB;AACAD,MAAAA,OAAO,GAAG,CACR,gBADQ,CAAV;AAGA;;AACF,SAAK,cAAL;AACA,SAAK,OAAL;AACA,SAAK,QAAL;AACED,MAAAA,WAAW,GAAGM,sCAAd;AACA;;AACF;AACE;AACAN,MAAAA,WAAW,GAAGM,sCAAd;AACA;AA/BJ;;AAiCA,SAAO;AAAEP,IAAAA,IAAF;AAAQC,IAAAA,WAAR;AAAqBC,IAAAA,OAArB;AAA8BC,IAAAA;AAA9B,GAAP;AACD","sourcesContent":["import { OktaAuthInterface, FlowIdentifier } from '../../types';\nimport { AuthenticationFlow } from './AuthenticationFlow';\nimport { PasswordRecoveryFlow } from './PasswordRecoveryFlow';\nimport { RegistrationFlow } from './RegistrationFlow';\nimport { AccountUnlockFlow } from './AccountUnlockFlow';\nimport { RemediationFlow } from './RemediationFlow';\n\nexport interface FlowSpecification {\n flow: FlowIdentifier;\n remediators: RemediationFlow;\n actions?: string[];\n withCredentials?: boolean;\n}\n\n// eslint-disable-next-line complexity\nexport function getFlowSpecification(oktaAuth: OktaAuthInterface, flow: FlowIdentifier = 'default'): FlowSpecification {\n let remediators, actions, withCredentials = true;\n switch (flow) {\n case 'register':\n case 'signup':\n case 'enrollProfile':\n remediators = RegistrationFlow;\n withCredentials = false;\n break;\n case 'recoverPassword':\n case 'resetPassword':\n remediators = PasswordRecoveryFlow;\n actions = [\n 'currentAuthenticator-recover', \n 'currentAuthenticatorEnrollment-recover'\n ];\n withCredentials = false;\n break;\n case 'unlockAccount':\n remediators = AccountUnlockFlow;\n withCredentials = false;\n actions = [\n 'unlock-account'\n ];\n break;\n case 'authenticate':\n case 'login':\n case 'signin':\n remediators = AuthenticationFlow;\n break;\n default:\n // default case has no flow monitor\n remediators = AuthenticationFlow;\n break;\n }\n return { flow, remediators, actions, withCredentials };\n}\n"],"file":"FlowSpecification.js"}
|
|
@@ -19,10 +19,13 @@ const PasswordRecoveryFlow = {
|
|
|
19
19
|
'identify': _remediators.Identify,
|
|
20
20
|
'identify-recovery': _remediators.Identify,
|
|
21
21
|
'select-authenticator-authenticate': _remediators.SelectAuthenticatorAuthenticate,
|
|
22
|
+
'select-authenticator-enroll': _remediators.SelectAuthenticatorEnroll,
|
|
22
23
|
'challenge-authenticator': _remediators.ChallengeAuthenticator,
|
|
23
24
|
'authenticator-verification-data': _remediators.AuthenticatorVerificationData,
|
|
25
|
+
'authenticator-enrollment-data': _remediators.AuthenticatorEnrollmentData,
|
|
24
26
|
'reset-authenticator': _remediators.ResetAuthenticator,
|
|
25
|
-
'reenroll-authenticator': _remediators.ReEnrollAuthenticator
|
|
27
|
+
'reenroll-authenticator': _remediators.ReEnrollAuthenticator,
|
|
28
|
+
'enroll-poll': _remediators.EnrollPoll
|
|
26
29
|
};
|
|
27
30
|
exports.PasswordRecoveryFlow = PasswordRecoveryFlow;
|
|
28
31
|
//# sourceMappingURL=PasswordRecoveryFlow.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/flow/PasswordRecoveryFlow.ts"],"names":["PasswordRecoveryFlow","Identify","SelectAuthenticatorAuthenticate","ChallengeAuthenticator","AuthenticatorVerificationData","ResetAuthenticator","ReEnrollAuthenticator"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/flow/PasswordRecoveryFlow.ts"],"names":["PasswordRecoveryFlow","Identify","SelectAuthenticatorAuthenticate","SelectAuthenticatorEnroll","ChallengeAuthenticator","AuthenticatorVerificationData","AuthenticatorEnrollmentData","ResetAuthenticator","ReEnrollAuthenticator","EnrollPoll"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAgBO,MAAMA,oBAAqC,GAAG;AACnD,cAAYC,qBADuC;AAEnD,uBAAqBA,qBAF8B;AAGnD,uCAAqCC,4CAHc;AAInD,iCAA+BC,sCAJoB;AAKnD,6BAA2BC,mCALwB;AAMnD,qCAAmCC,0CANgB;AAOnD,mCAAiCC,wCAPkB;AAQnD,yBAAuBC,+BAR4B;AASnD,4BAA0BC,kCATyB;AAUnD,iBAAeC;AAVoC,CAA9C","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { RemediationFlow } from './RemediationFlow';\nimport {\n Identify,\n SelectAuthenticatorAuthenticate,\n ChallengeAuthenticator,\n AuthenticatorVerificationData,\n ResetAuthenticator,\n ReEnrollAuthenticator,\n SelectAuthenticatorEnroll,\n AuthenticatorEnrollmentData,\n EnrollPoll\n} from '../remediators';\n\nexport const PasswordRecoveryFlow: RemediationFlow = {\n 'identify': Identify,\n 'identify-recovery': Identify,\n 'select-authenticator-authenticate': SelectAuthenticatorAuthenticate,\n 'select-authenticator-enroll': SelectAuthenticatorEnroll,\n 'challenge-authenticator': ChallengeAuthenticator,\n 'authenticator-verification-data': AuthenticatorVerificationData,\n 'authenticator-enrollment-data': AuthenticatorEnrollmentData,\n 'reset-authenticator': ResetAuthenticator,\n 'reenroll-authenticator': ReEnrollAuthenticator,\n 'enroll-poll': EnrollPoll,\n};\n"],"file":"PasswordRecoveryFlow.js"}
|
|
@@ -21,6 +21,8 @@ const RegistrationFlow = {
|
|
|
21
21
|
'authenticator-enrollment-data': _remediators.AuthenticatorEnrollmentData,
|
|
22
22
|
'select-authenticator-enroll': _remediators.SelectAuthenticatorEnroll,
|
|
23
23
|
'enroll-poll': _remediators.EnrollPoll,
|
|
24
|
+
'select-enrollment-channel': _remediators.SelectEnrollmentChannel,
|
|
25
|
+
'enrollment-channel-data': _remediators.EnrollmentChannelData,
|
|
24
26
|
'enroll-authenticator': _remediators.EnrollAuthenticator,
|
|
25
27
|
'skip': _remediators.Skip
|
|
26
28
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/flow/RegistrationFlow.ts"],"names":["RegistrationFlow","SelectEnrollProfile","EnrollProfile","AuthenticatorEnrollmentData","SelectAuthenticatorEnroll","EnrollPoll","EnrollAuthenticator","Skip"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/flow/RegistrationFlow.ts"],"names":["RegistrationFlow","SelectEnrollProfile","EnrollProfile","AuthenticatorEnrollmentData","SelectAuthenticatorEnroll","EnrollPoll","SelectEnrollmentChannel","EnrollmentChannelData","EnrollAuthenticator","Skip"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAgBO,MAAMA,gBAAiC,GAAG;AAC/C,2BAAyBC,gCADsB;AAE/C,oBAAkBC,0BAF6B;AAG/C,mCAAiCC,wCAHc;AAI/C,iCAA+BC,sCAJgB;AAK/C,iBAAeC,uBALgC;AAM/C,+BAA6BC,oCANkB;AAO/C,6BAA2BC,kCAPoB;AAQ/C,0BAAwBC,gCARuB;AAS/C,UAAQC;AATuC,CAA1C","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { RemediationFlow } from './RemediationFlow';\nimport { \n SelectEnrollProfile,\n EnrollPoll,\n SelectEnrollmentChannel,\n EnrollmentChannelData,\n EnrollProfile,\n SelectAuthenticatorEnroll,\n EnrollAuthenticator,\n AuthenticatorEnrollmentData,\n Skip,\n} from '../remediators';\n\nexport const RegistrationFlow: RemediationFlow = {\n 'select-enroll-profile': SelectEnrollProfile,\n 'enroll-profile': EnrollProfile,\n 'authenticator-enrollment-data': AuthenticatorEnrollmentData,\n 'select-authenticator-enroll': SelectAuthenticatorEnroll,\n 'enroll-poll': EnrollPoll,\n 'select-enrollment-channel': SelectEnrollmentChannel,\n 'enrollment-channel-data': EnrollmentChannelData,\n 'enroll-authenticator': EnrollAuthenticator,\n 'skip': Skip,\n};\n"],"file":"RegistrationFlow.js"}
|
package/cjs/idx/flow/index.js
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
+
var _Object$keys = require("@babel/runtime-corejs3/core-js-stable/object/keys");
|
|
4
|
+
|
|
3
5
|
var _AuthenticationFlow = require("./AuthenticationFlow");
|
|
4
6
|
|
|
5
|
-
|
|
7
|
+
_Object$keys(_AuthenticationFlow).forEach(function (key) {
|
|
6
8
|
if (key === "default" || key === "__esModule") return;
|
|
7
9
|
if (key in exports && exports[key] === _AuthenticationFlow[key]) return;
|
|
8
10
|
Object.defineProperty(exports, key, {
|
|
@@ -15,7 +17,7 @@ Object.keys(_AuthenticationFlow).forEach(function (key) {
|
|
|
15
17
|
|
|
16
18
|
var _FlowSpecification = require("./FlowSpecification");
|
|
17
19
|
|
|
18
|
-
|
|
20
|
+
_Object$keys(_FlowSpecification).forEach(function (key) {
|
|
19
21
|
if (key === "default" || key === "__esModule") return;
|
|
20
22
|
if (key in exports && exports[key] === _FlowSpecification[key]) return;
|
|
21
23
|
Object.defineProperty(exports, key, {
|
|
@@ -28,7 +30,7 @@ Object.keys(_FlowSpecification).forEach(function (key) {
|
|
|
28
30
|
|
|
29
31
|
var _PasswordRecoveryFlow = require("./PasswordRecoveryFlow");
|
|
30
32
|
|
|
31
|
-
|
|
33
|
+
_Object$keys(_PasswordRecoveryFlow).forEach(function (key) {
|
|
32
34
|
if (key === "default" || key === "__esModule") return;
|
|
33
35
|
if (key in exports && exports[key] === _PasswordRecoveryFlow[key]) return;
|
|
34
36
|
Object.defineProperty(exports, key, {
|
|
@@ -41,7 +43,7 @@ Object.keys(_PasswordRecoveryFlow).forEach(function (key) {
|
|
|
41
43
|
|
|
42
44
|
var _RegistrationFlow = require("./RegistrationFlow");
|
|
43
45
|
|
|
44
|
-
|
|
46
|
+
_Object$keys(_RegistrationFlow).forEach(function (key) {
|
|
45
47
|
if (key === "default" || key === "__esModule") return;
|
|
46
48
|
if (key in exports && exports[key] === _RegistrationFlow[key]) return;
|
|
47
49
|
Object.defineProperty(exports, key, {
|
|
@@ -52,9 +54,22 @@ Object.keys(_RegistrationFlow).forEach(function (key) {
|
|
|
52
54
|
});
|
|
53
55
|
});
|
|
54
56
|
|
|
57
|
+
var _AccountUnlockFlow = require("./AccountUnlockFlow");
|
|
58
|
+
|
|
59
|
+
_Object$keys(_AccountUnlockFlow).forEach(function (key) {
|
|
60
|
+
if (key === "default" || key === "__esModule") return;
|
|
61
|
+
if (key in exports && exports[key] === _AccountUnlockFlow[key]) return;
|
|
62
|
+
Object.defineProperty(exports, key, {
|
|
63
|
+
enumerable: true,
|
|
64
|
+
get: function () {
|
|
65
|
+
return _AccountUnlockFlow[key];
|
|
66
|
+
}
|
|
67
|
+
});
|
|
68
|
+
});
|
|
69
|
+
|
|
55
70
|
var _RemediationFlow = require("./RemediationFlow");
|
|
56
71
|
|
|
57
|
-
|
|
72
|
+
_Object$keys(_RemediationFlow).forEach(function (key) {
|
|
58
73
|
if (key === "default" || key === "__esModule") return;
|
|
59
74
|
if (key in exports && exports[key] === _RemediationFlow[key]) return;
|
|
60
75
|
Object.defineProperty(exports, key, {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/flow/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/flow/index.ts"],"names":[],"mappings":";;;;AAYA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport * from './AuthenticationFlow';\nexport * from './FlowSpecification';\nexport * from './PasswordRecoveryFlow';\nexport * from './RegistrationFlow';\nexport * from './AccountUnlockFlow';\nexport * from './RemediationFlow';\n"],"file":"index.js"}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
+
var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
|
|
4
|
+
|
|
3
5
|
exports.handleInteractionCodeRedirect = handleInteractionCodeRedirect;
|
|
4
6
|
|
|
7
|
+
var _url = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/url"));
|
|
8
|
+
|
|
5
9
|
var _errors = require("../errors");
|
|
6
10
|
|
|
7
11
|
/*!
|
|
@@ -30,13 +34,14 @@ async function handleInteractionCodeRedirect(authClient, url) {
|
|
|
30
34
|
searchParams // URL API has been added to the polyfill
|
|
31
35
|
// eslint-disable-next-line compat/compat
|
|
32
36
|
|
|
33
|
-
} = new
|
|
37
|
+
} = new _url.default(url);
|
|
34
38
|
const state = searchParams.get('state');
|
|
35
39
|
const interactionCode = searchParams.get('interaction_code'); // Error handling
|
|
36
40
|
|
|
37
41
|
const error = searchParams.get('error');
|
|
38
42
|
|
|
39
43
|
if (error) {
|
|
44
|
+
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
|
|
40
45
|
throw new _errors.OAuthError(error, searchParams.get('error_description'));
|
|
41
46
|
}
|
|
42
47
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/handleInteractionCodeRedirect.ts"],"names":["handleInteractionCodeRedirect","authClient","url","meta","transactionManager","load","AuthSdkError","codeVerifier","state","savedState","searchParams","
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/handleInteractionCodeRedirect.ts"],"names":["handleInteractionCodeRedirect","authClient","url","meta","transactionManager","load","AuthSdkError","codeVerifier","state","savedState","searchParams","get","interactionCode","error","OAuthError","tokens","token","exchangeCodeForTokens","tokenManager","setTokens"],"mappings":";;;;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAOO,eAAeA,6BAAf,CACLC,UADK,EAELC,GAFK,EAGU;AACf,QAAMC,IAAI,GAAGF,UAAU,CAACG,kBAAX,CAA8BC,IAA9B,EAAb;;AACA,MAAI,CAACF,IAAL,EAAW;AACT,UAAM,IAAIG,oBAAJ,CAAiB,0CAAjB,CAAN;AACD;;AAED,QAAM;AACJC,IAAAA,YADI;AAEJC,IAAAA,KAAK,EAAEC;AAFH,MAGFN,IAHJ;AAIA,QAAM;AACJO,IAAAA,YADI,CAEN;AACA;;AAHM,MAIF,iBAAQR,GAAR,CAJJ;AAKA,QAAMM,KAAK,GAAGE,YAAY,CAACC,GAAb,CAAiB,OAAjB,CAAd;AACA,QAAMC,eAAe,GAAGF,YAAY,CAACC,GAAb,CAAiB,kBAAjB,CAAxB,CAhBe,CAkBf;;AACA,QAAME,KAAK,GAAGH,YAAY,CAACC,GAAb,CAAiB,OAAjB,CAAd;;AACA,MAAIE,KAAJ,EAAW;AACT;AACA,UAAM,IAAIC,kBAAJ,CAAeD,KAAf,EAAsBH,YAAY,CAACC,GAAb,CAAiB,mBAAjB,CAAtB,CAAN;AACD;;AACD,MAAIH,KAAK,KAAKC,UAAd,EAA0B;AACxB,UAAM,IAAIH,oBAAJ,CAAiB,6DAAjB,CAAN;AACD;;AACD,MAAI,CAACM,eAAL,EAAsB;AACpB,UAAM,IAAIN,oBAAJ,CAAiB,+CAAjB,CAAN;AACD,GA7Bc,CA+Bf;;;AACA,QAAM;AAAES,IAAAA;AAAF,MAAa,MAAMd,UAAU,CAACe,KAAX,CAAiBC,qBAAjB,CAAuC;AAAEL,IAAAA,eAAF;AAAmBL,IAAAA;AAAnB,GAAvC,CAAzB;AACAN,EAAAA,UAAU,CAACiB,YAAX,CAAwBC,SAAxB,CAAkCJ,MAAlC;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError, OAuthError } from '../errors';\nimport { OktaAuth } from '..';\nimport {IdxTransactionMeta} from '../types';\n\nexport async function handleInteractionCodeRedirect(\n authClient: OktaAuth, \n url: string\n): Promise<void> {\n const meta = authClient.transactionManager.load() as IdxTransactionMeta;\n if (!meta) {\n throw new AuthSdkError('No transaction data was found in storage');\n }\n\n const { \n codeVerifier,\n state: savedState \n } = meta;\n const { \n searchParams\n // URL API has been added to the polyfill\n // eslint-disable-next-line compat/compat\n } = new URL(url); \n const state = searchParams.get('state');\n const interactionCode = searchParams.get('interaction_code');\n\n // Error handling\n const error = searchParams.get('error');\n if (error) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n throw new OAuthError(error, searchParams.get('error_description')!);\n }\n if (state !== savedState) {\n throw new AuthSdkError('State in redirect uri does not match with transaction state');\n }\n if (!interactionCode) {\n throw new AuthSdkError('Unable to parse interaction_code from the url');\n }\n \n // Save tokens to storage\n const { tokens } = await authClient.token.exchangeCodeForTokens({ interactionCode, codeVerifier });\n authClient.tokenManager.setTokens(tokens);\n}"],"file":"handleInteractionCodeRedirect.js"}
|
package/cjs/idx/headers.js
CHANGED
|
@@ -1,11 +1,16 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
-
var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
|
|
3
|
+
var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
|
|
4
4
|
|
|
5
5
|
exports.setGlobalRequestInterceptor = setGlobalRequestInterceptor;
|
|
6
|
+
exports.clearGlobalRequestInterceptor = clearGlobalRequestInterceptor;
|
|
6
7
|
exports.createGlobalRequestInterceptor = createGlobalRequestInterceptor;
|
|
7
8
|
|
|
8
|
-
var
|
|
9
|
+
var _assign = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/assign"));
|
|
10
|
+
|
|
11
|
+
var _keys = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/keys"));
|
|
12
|
+
|
|
13
|
+
var _idxJs = _interopRequireDefault(require("./idx-js"));
|
|
9
14
|
|
|
10
15
|
/*!
|
|
11
16
|
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
@@ -24,7 +29,11 @@ var _oktaIdxJs = _interopRequireDefault(require("@okta/okta-idx-js"));
|
|
|
24
29
|
// This means that multiple instances of OktaAuth will see the same header modifications
|
|
25
30
|
// TODO: use AuthJS http agent for IDX API requests. OKTA-417473
|
|
26
31
|
function setGlobalRequestInterceptor(fn) {
|
|
27
|
-
|
|
32
|
+
_idxJs.default.client.interceptors.request.use(fn);
|
|
33
|
+
}
|
|
34
|
+
|
|
35
|
+
function clearGlobalRequestInterceptor() {
|
|
36
|
+
_idxJs.default.client.interceptors.request.clear();
|
|
28
37
|
} // A factory which returns a function that can be passed to `setGlobalRequestInterceptor`
|
|
29
38
|
|
|
30
39
|
|
|
@@ -33,9 +42,16 @@ function createGlobalRequestInterceptor(sdk) {
|
|
|
33
42
|
// Set user-agent and any other custom headers set in the options
|
|
34
43
|
var oktaUserAgentHeader = sdk._oktaUserAgent.getHttpHeader();
|
|
35
44
|
|
|
36
|
-
const headers =
|
|
45
|
+
const headers = (0, _assign.default)({ ...oktaUserAgentHeader
|
|
37
46
|
}, sdk.options.headers);
|
|
38
|
-
|
|
47
|
+
(0, _keys.default)(headers).forEach(name => {
|
|
48
|
+
// X-Device-Token may only be specified if the /interact request includes a `client_secret`
|
|
49
|
+
// which indicates a trusted client which is allowed to present this information on behalf of the end user.
|
|
50
|
+
// https://oktainc.atlassian.net/browse/OKTA-441021
|
|
51
|
+
if (!sdk.options.clientSecret && name === 'X-Device-Token') {
|
|
52
|
+
return;
|
|
53
|
+
}
|
|
54
|
+
|
|
39
55
|
requestConfig.headers[name] = headers[name];
|
|
40
56
|
});
|
|
41
57
|
};
|
package/cjs/idx/headers.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/headers.ts"],"names":["setGlobalRequestInterceptor","fn","idx","client","interceptors","request","use","createGlobalRequestInterceptor","sdk","requestConfig","oktaUserAgentHeader","_oktaUserAgent","getHttpHeader","headers","
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/headers.ts"],"names":["setGlobalRequestInterceptor","fn","idx","client","interceptors","request","use","clearGlobalRequestInterceptor","clear","createGlobalRequestInterceptor","sdk","requestConfig","oktaUserAgentHeader","_oktaUserAgent","getHttpHeader","headers","options","forEach","name","clientSecret"],"mappings":";;;;;;;;;;;;AAkBA;;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AAGO,SAASA,2BAAT,CAAqCC,EAArC,EAAyC;AAC9CC,iBAAIC,MAAJ,CAAWC,YAAX,CAAwBC,OAAxB,CAAgCC,GAAhC,CAAoCL,EAApC;AACD;;AAEM,SAASM,6BAAT,GAAyC;AAC9CL,iBAAIC,MAAJ,CAAWC,YAAX,CAAwBC,OAAxB,CAAgCG,KAAhC;AACD,C,CAED;;;AACO,SAASC,8BAAT,CAAwCC,GAAxC,EAAgE;AACrE,SAAO,UAAUC,aAAV,EAAyB;AAC9B;AACA,QAAIC,mBAAmB,GAAGF,GAAG,CAACG,cAAJ,CAAmBC,aAAnB,EAA1B;;AACA,UAAMC,OAAO,GAAG,qBAAc,EAC5B,GAAGH;AADyB,KAAd,EAEbF,GAAG,CAACM,OAAJ,CAAYD,OAFC,CAAhB;AAGA,uBAAYA,OAAZ,EAAqBE,OAArB,CAA6BC,IAAI,IAAI;AACnC;AACA;AACA;AACA,UAAI,CAACR,GAAG,CAACM,OAAJ,CAAYG,YAAb,IAA6BD,IAAI,KAAK,gBAA1C,EAA4D;AAC1D;AACD;;AACDP,MAAAA,aAAa,CAACI,OAAd,CAAsBG,IAAtB,IAA8BH,OAAO,CAACG,IAAD,CAArC;AACD,KARD;AASD,GAfD;AAgBD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n// BETA - SUBJECT TO CHANGE\n// Currently we must modify request headers using the single instance of `idx.client.interceptors` exported from IDX-JS\n// This means that multiple instances of OktaAuth will see the same header modifications\n// TODO: use AuthJS http agent for IDX API requests. OKTA-417473\nimport { OktaAuthInterface } from '../types';\nimport idx from './idx-js';\nexport function setGlobalRequestInterceptor(fn) {\n idx.client.interceptors.request.use(fn);\n}\n\nexport function clearGlobalRequestInterceptor() {\n idx.client.interceptors.request.clear();\n}\n\n// A factory which returns a function that can be passed to `setGlobalRequestInterceptor`\nexport function createGlobalRequestInterceptor(sdk: OktaAuthInterface) {\n return function (requestConfig) {\n // Set user-agent and any other custom headers set in the options\n var oktaUserAgentHeader = sdk._oktaUserAgent.getHttpHeader();\n const headers = Object.assign({\n ...oktaUserAgentHeader\n }, sdk.options.headers);\n Object.keys(headers).forEach(name => {\n // X-Device-Token may only be specified if the /interact request includes a `client_secret`\n // which indicates a trusted client which is allowed to present this information on behalf of the end user. \n // https://oktainc.atlassian.net/browse/OKTA-441021\n if (!sdk.options.clientSecret && name === 'X-Device-Token') {\n return;\n }\n requestConfig.headers[name] = headers[name];\n });\n };\n}\n"],"file":"headers.js"}
|
|
@@ -0,0 +1,91 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
|
|
4
|
+
|
|
5
|
+
exports.request = exports.HttpClient = exports.Interceptor = void 0;
|
|
6
|
+
|
|
7
|
+
var _defineProperty2 = _interopRequireDefault(require("@babel/runtime-corejs3/helpers/defineProperty"));
|
|
8
|
+
|
|
9
|
+
var _crossFetch = _interopRequireDefault(require("cross-fetch"));
|
|
10
|
+
|
|
11
|
+
/*!
|
|
12
|
+
* Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
13
|
+
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
14
|
+
*
|
|
15
|
+
* You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
|
|
16
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
17
|
+
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
18
|
+
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
19
|
+
*
|
|
20
|
+
* See the License for the specific language governing permissions and limitations under the License.
|
|
21
|
+
*/
|
|
22
|
+
// @ts-nocheck
|
|
23
|
+
|
|
24
|
+
/**
|
|
25
|
+
* Reusable interceptor interface
|
|
26
|
+
*/
|
|
27
|
+
class Interceptor {
|
|
28
|
+
constructor() {
|
|
29
|
+
(0, _defineProperty2.default)(this, "handlers", []);
|
|
30
|
+
}
|
|
31
|
+
|
|
32
|
+
// Adds a new interceptor to our HttpClient
|
|
33
|
+
use(before) {
|
|
34
|
+
this.handlers.push({
|
|
35
|
+
before
|
|
36
|
+
});
|
|
37
|
+
} // Clears all interceptors
|
|
38
|
+
|
|
39
|
+
|
|
40
|
+
clear() {
|
|
41
|
+
this.handlers = [];
|
|
42
|
+
}
|
|
43
|
+
|
|
44
|
+
}
|
|
45
|
+
/**
|
|
46
|
+
* Singleton instance of the IdX HTTP Client
|
|
47
|
+
*
|
|
48
|
+
* Invoke the `use` method to add a new interceptor:
|
|
49
|
+
* - client.interceptors.request.use((requestConfig) => { some logic });
|
|
50
|
+
*/
|
|
51
|
+
|
|
52
|
+
|
|
53
|
+
exports.Interceptor = Interceptor;
|
|
54
|
+
const HttpClient = {
|
|
55
|
+
interceptors: {
|
|
56
|
+
request: new Interceptor()
|
|
57
|
+
}
|
|
58
|
+
};
|
|
59
|
+
exports.HttpClient = HttpClient;
|
|
60
|
+
|
|
61
|
+
const request = async (target, {
|
|
62
|
+
method = 'POST',
|
|
63
|
+
headers = {},
|
|
64
|
+
credentials = 'include',
|
|
65
|
+
body
|
|
66
|
+
}) => {
|
|
67
|
+
const requestOptions = {
|
|
68
|
+
url: target,
|
|
69
|
+
method,
|
|
70
|
+
headers: { ...headers
|
|
71
|
+
},
|
|
72
|
+
credentials,
|
|
73
|
+
body
|
|
74
|
+
};
|
|
75
|
+
|
|
76
|
+
if (HttpClient.interceptors) {
|
|
77
|
+
HttpClient.interceptors.request.handlers.forEach(interceptor => {
|
|
78
|
+
interceptor.before(requestOptions);
|
|
79
|
+
});
|
|
80
|
+
} // Extract the URL to adhere to the fetch API
|
|
81
|
+
|
|
82
|
+
|
|
83
|
+
const {
|
|
84
|
+
url
|
|
85
|
+
} = requestOptions;
|
|
86
|
+
delete requestOptions.url;
|
|
87
|
+
return (0, _crossFetch.default)(url, requestOptions);
|
|
88
|
+
};
|
|
89
|
+
|
|
90
|
+
exports.request = request;
|
|
91
|
+
//# sourceMappingURL=client.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/idx-js/client.ts"],"names":["Interceptor","use","before","handlers","push","clear","HttpClient","interceptors","request","target","method","headers","credentials","body","requestOptions","url","forEach","interceptor"],"mappings":";;;;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;;AAGA;AACA;AACA;AACO,MAAMA,WAAN,CAAkB;AAAA;AAAA,oDACZ,EADY;AAAA;;AAGvB;AACAC,EAAAA,GAAG,CAACC,MAAD,EAAS;AACV,SAAKC,QAAL,CAAcC,IAAd,CAAmB;AACjBF,MAAAA;AADiB,KAAnB;AAGD,GARsB,CAUvB;;;AACAG,EAAAA,KAAK,GAAG;AACN,SAAKF,QAAL,GAAgB,EAAhB;AACD;;AAbsB;AAgBzB;AACA;AACA;AACA;AACA;AACA;;;;AACO,MAAMG,UAAU,GAAG;AACxBC,EAAAA,YAAY,EAAE;AACZC,IAAAA,OAAO,EAAE,IAAIR,WAAJ;AADG;AADU,CAAnB;;;AAMA,MAAMQ,OAAO,GAAG,OACrBC,MADqB,EAErB;AACEC,EAAAA,MAAM,GAAG,MADX;AAEEC,EAAAA,OAAO,GAAG,EAFZ;AAGEC,EAAAA,WAAW,GAAG,SAHhB;AAIEC,EAAAA;AAJF,CAFqB,KAQlB;AACH,QAAMC,cAAc,GAAG;AACrBC,IAAAA,GAAG,EAAEN,MADgB;AAErBC,IAAAA,MAFqB;AAGrBC,IAAAA,OAAO,EAAE,EACP,GAAGA;AADI,KAHY;AAMrBC,IAAAA,WANqB;AAOrBC,IAAAA;AAPqB,GAAvB;;AAUA,MAAIP,UAAU,CAACC,YAAf,EAA6B;AAC3BD,IAAAA,UAAU,CAACC,YAAX,CAAwBC,OAAxB,CAAgCL,QAAhC,CAAyCa,OAAzC,CAAkDC,WAAW,IAAI;AAC/DA,MAAAA,WAAW,CAACf,MAAZ,CAAmBY,cAAnB;AACD,KAFD;AAGD,GAfE,CAiBH;;;AACA,QAAM;AAAEC,IAAAA;AAAF,MAAUD,cAAhB;AACA,SAAOA,cAAc,CAACC,GAAtB;AAEA,SAAO,yBAAOA,GAAP,EAAYD,cAAZ,CAAP;AACD,CA9BM","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n// @ts-nocheck\nimport fetch from 'cross-fetch';\n\n/**\n * Reusable interceptor interface\n */\nexport class Interceptor {\n handlers = [];\n\n // Adds a new interceptor to our HttpClient\n use(before) {\n this.handlers.push({\n before,\n });\n }\n\n // Clears all interceptors\n clear() {\n this.handlers = [];\n }\n}\n\n/**\n * Singleton instance of the IdX HTTP Client\n *\n * Invoke the `use` method to add a new interceptor:\n * - client.interceptors.request.use((requestConfig) => { some logic });\n */\nexport const HttpClient = {\n interceptors: {\n request: new Interceptor(),\n },\n};\n\nexport const request = async (\n target, \n { \n method = 'POST', \n headers = {}, \n credentials = 'include', \n body \n }\n) => {\n const requestOptions = {\n url: target,\n method,\n headers: {\n ...headers,\n },\n credentials,\n body,\n };\n\n if (HttpClient.interceptors) {\n HttpClient.interceptors.request.handlers.forEach( interceptor => {\n interceptor.before(requestOptions);\n });\n }\n\n // Extract the URL to adhere to the fetch API\n const { url } = requestOptions;\n delete requestOptions.url;\n\n return fetch( url, requestOptions );\n};\n"],"file":"client.js"}
|
|
@@ -0,0 +1,162 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
|
|
4
|
+
|
|
5
|
+
exports.default = void 0;
|
|
6
|
+
|
|
7
|
+
var _indexOf = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/index-of"));
|
|
8
|
+
|
|
9
|
+
var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));
|
|
10
|
+
|
|
11
|
+
var _url = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/url"));
|
|
12
|
+
|
|
13
|
+
var _introspect = _interopRequireDefault(require("./introspect"));
|
|
14
|
+
|
|
15
|
+
var _interact = _interopRequireDefault(require("./interact"));
|
|
16
|
+
|
|
17
|
+
var _parsers = _interopRequireDefault(require("./parsers"));
|
|
18
|
+
|
|
19
|
+
var _client = require("./client");
|
|
20
|
+
|
|
21
|
+
var _util = require("./util");
|
|
22
|
+
|
|
23
|
+
/*!
|
|
24
|
+
* Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
25
|
+
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
26
|
+
*
|
|
27
|
+
* You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
|
|
28
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
29
|
+
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
30
|
+
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
31
|
+
*
|
|
32
|
+
* See the License for the specific language governing permissions and limitations under the License.
|
|
33
|
+
*/
|
|
34
|
+
|
|
35
|
+
/* eslint-disable complexity, max-statements, max-len, camelcase */
|
|
36
|
+
// @ts-nocheck
|
|
37
|
+
const LATEST_SUPPORTED_IDX_API_VERSION = '1.0.0';
|
|
38
|
+
|
|
39
|
+
const start = async function start({
|
|
40
|
+
withCredentials,
|
|
41
|
+
clientId,
|
|
42
|
+
domain,
|
|
43
|
+
issuer,
|
|
44
|
+
stateHandle,
|
|
45
|
+
interactionHandle,
|
|
46
|
+
version,
|
|
47
|
+
redirectUri,
|
|
48
|
+
state,
|
|
49
|
+
scopes,
|
|
50
|
+
codeChallenge,
|
|
51
|
+
codeChallengeMethod,
|
|
52
|
+
activationToken,
|
|
53
|
+
recoveryToken
|
|
54
|
+
}) {
|
|
55
|
+
var _issuer, _issuer2;
|
|
56
|
+
|
|
57
|
+
issuer = (_issuer = issuer) === null || _issuer === void 0 ? void 0 : _issuer.replace(/\/+$/, '');
|
|
58
|
+
const baseUrl = ((_issuer2 = issuer) === null || _issuer2 === void 0 ? void 0 : (0, _indexOf.default)(_issuer2).call(_issuer2, '/oauth2')) > 0 ? issuer : issuer + '/oauth2'; // org AS uses domain as AS, but we need the base url for calls
|
|
59
|
+
|
|
60
|
+
const toPersist = {
|
|
61
|
+
baseUrl,
|
|
62
|
+
clientId,
|
|
63
|
+
state,
|
|
64
|
+
withCredentials
|
|
65
|
+
};
|
|
66
|
+
|
|
67
|
+
if (!domain && !issuer) {
|
|
68
|
+
return _promise.default.reject({
|
|
69
|
+
error: 'issuer is required'
|
|
70
|
+
});
|
|
71
|
+
}
|
|
72
|
+
|
|
73
|
+
if (!stateHandle && !clientId) {
|
|
74
|
+
// redirectUri is only required on self-hosted flow
|
|
75
|
+
return _promise.default.reject({
|
|
76
|
+
error: 'clientId is required'
|
|
77
|
+
});
|
|
78
|
+
}
|
|
79
|
+
|
|
80
|
+
if (!stateHandle && !redirectUri) {
|
|
81
|
+
// redirectUri is only required on self-hosted flow
|
|
82
|
+
return _promise.default.reject({
|
|
83
|
+
error: 'redirectUri is required'
|
|
84
|
+
});
|
|
85
|
+
}
|
|
86
|
+
|
|
87
|
+
if (!stateHandle && !(codeChallenge && codeChallengeMethod)) {
|
|
88
|
+
return _promise.default.reject({
|
|
89
|
+
error: 'PKCE params (codeChallenge, codeChallengeMethod) are required'
|
|
90
|
+
});
|
|
91
|
+
}
|
|
92
|
+
|
|
93
|
+
if (!domain) {
|
|
94
|
+
domain = new _url.default(issuer).origin;
|
|
95
|
+
}
|
|
96
|
+
|
|
97
|
+
(0, _util.validateVersionConfig)(version);
|
|
98
|
+
|
|
99
|
+
if (!stateHandle && !interactionHandle) {
|
|
100
|
+
// start a new transaction
|
|
101
|
+
try {
|
|
102
|
+
const interactParams = {
|
|
103
|
+
withCredentials,
|
|
104
|
+
clientId,
|
|
105
|
+
baseUrl,
|
|
106
|
+
scopes,
|
|
107
|
+
redirectUri,
|
|
108
|
+
codeChallenge,
|
|
109
|
+
codeChallengeMethod,
|
|
110
|
+
state,
|
|
111
|
+
activationToken,
|
|
112
|
+
recoveryToken
|
|
113
|
+
};
|
|
114
|
+
const interaction_handle = await (0, _interact.default)(interactParams);
|
|
115
|
+
interactionHandle = interaction_handle;
|
|
116
|
+
toPersist.interactionHandle = interactionHandle;
|
|
117
|
+
} catch (error) {
|
|
118
|
+
return _promise.default.reject({
|
|
119
|
+
error
|
|
120
|
+
});
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
|
|
124
|
+
try {
|
|
125
|
+
const {
|
|
126
|
+
makeIdxState
|
|
127
|
+
} = (0, _parsers.default)(version);
|
|
128
|
+
const idxResponse = await (0, _introspect.default)({
|
|
129
|
+
withCredentials,
|
|
130
|
+
domain,
|
|
131
|
+
interactionHandle,
|
|
132
|
+
stateHandle,
|
|
133
|
+
version
|
|
134
|
+
}).catch(err => _promise.default.reject({
|
|
135
|
+
error: 'introspect call failed',
|
|
136
|
+
// Transform all errors into an IdX State object.
|
|
137
|
+
// This allows IdX based errors (messages) to optionally proceed with remediation forms
|
|
138
|
+
details: makeIdxState(err, toPersist)
|
|
139
|
+
}));
|
|
140
|
+
const idxState = makeIdxState(idxResponse, toPersist);
|
|
141
|
+
return idxState;
|
|
142
|
+
} catch (error) {
|
|
143
|
+
return _promise.default.reject({
|
|
144
|
+
error
|
|
145
|
+
});
|
|
146
|
+
}
|
|
147
|
+
};
|
|
148
|
+
|
|
149
|
+
const {
|
|
150
|
+
makeIdxState
|
|
151
|
+
} = (0, _parsers.default)(LATEST_SUPPORTED_IDX_API_VERSION);
|
|
152
|
+
var _default = {
|
|
153
|
+
start,
|
|
154
|
+
introspect: _introspect.default,
|
|
155
|
+
interact: _interact.default,
|
|
156
|
+
makeIdxState,
|
|
157
|
+
client: _client.HttpClient,
|
|
158
|
+
LATEST_SUPPORTED_IDX_API_VERSION
|
|
159
|
+
};
|
|
160
|
+
exports.default = _default;
|
|
161
|
+
module.exports = exports.default;
|
|
162
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/idx-js/index.ts"],"names":["LATEST_SUPPORTED_IDX_API_VERSION","start","withCredentials","clientId","domain","issuer","stateHandle","interactionHandle","version","redirectUri","state","scopes","codeChallenge","codeChallengeMethod","activationToken","recoveryToken","replace","baseUrl","toPersist","reject","error","origin","interactParams","interaction_handle","makeIdxState","idxResponse","catch","err","details","idxState","introspect","interact","client","HttpClient"],"mappings":";;;;;;;;;;;;AAcA;;AACA;;AACA;;AACA;;AACA;;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AAOA,MAAMA,gCAAgC,GAAG,OAAzC;;AAEA,MAAMC,KAAK,GAAG,eAAeA,KAAf,CAAqB;AACjCC,EAAAA,eADiC;AAEjCC,EAAAA,QAFiC;AAGjCC,EAAAA,MAHiC;AAIjCC,EAAAA,MAJiC;AAKjCC,EAAAA,WALiC;AAMjCC,EAAAA,iBANiC;AAOjCC,EAAAA,OAPiC;AAQjCC,EAAAA,WARiC;AASjCC,EAAAA,KATiC;AAUjCC,EAAAA,MAViC;AAWjCC,EAAAA,aAXiC;AAYjCC,EAAAA,mBAZiC;AAajCC,EAAAA,eAbiC;AAcjCC,EAAAA;AAdiC,CAArB,EAeX;AAAA;;AAEDV,EAAAA,MAAM,cAAGA,MAAH,4CAAG,QAAQW,OAAR,CAAgB,MAAhB,EAAwB,EAAxB,CAAT;AACA,QAAMC,OAAO,GAAG,aAAAZ,MAAM,UAAN,kFAAgB,SAAhB,KAA6B,CAA7B,GAAiCA,MAAjC,GAA0CA,MAAM,GAAG,SAAnE,CAHC,CAG6E;;AAC9E,QAAMa,SAAS,GAAG;AAChBD,IAAAA,OADgB;AAEhBd,IAAAA,QAFgB;AAGhBO,IAAAA,KAHgB;AAIhBR,IAAAA;AAJgB,GAAlB;;AAOA,MAAK,CAACE,MAAD,IAAW,CAACC,MAAjB,EAAyB;AACvB,WAAO,iBAAQc,MAAR,CAAe;AAAEC,MAAAA,KAAK,EAAE;AAAT,KAAf,CAAP;AACD;;AAED,MAAK,CAACd,WAAD,IAAgB,CAACH,QAAtB,EAAiC;AAAE;AACjC,WAAO,iBAAQgB,MAAR,CAAe;AAAEC,MAAAA,KAAK,EAAE;AAAT,KAAf,CAAP;AACD;;AAED,MAAK,CAACd,WAAD,IAAgB,CAACG,WAAtB,EAAoC;AAAE;AACpC,WAAO,iBAAQU,MAAR,CAAe;AAAEC,MAAAA,KAAK,EAAE;AAAT,KAAf,CAAP;AACD;;AAED,MAAI,CAACd,WAAD,IAAgB,EAAEM,aAAa,IAAIC,mBAAnB,CAApB,EAA6D;AAC3D,WAAO,iBAAQM,MAAR,CAAe;AAAEC,MAAAA,KAAK,EAAE;AAAT,KAAf,CAAP;AACD;;AAED,MAAK,CAAChB,MAAN,EAAe;AACbA,IAAAA,MAAM,GAAG,iBAAQC,MAAR,EAAgBgB,MAAzB;AACD;;AAED,mCAAsBb,OAAtB;;AAEA,MAAK,CAACF,WAAD,IAAgB,CAACC,iBAAtB,EAA0C;AAAE;AAC1C,QAAI;AACF,YAAMe,cAAc,GAAG;AACrBpB,QAAAA,eADqB;AAErBC,QAAAA,QAFqB;AAGrBc,QAAAA,OAHqB;AAIrBN,QAAAA,MAJqB;AAKrBF,QAAAA,WALqB;AAMrBG,QAAAA,aANqB;AAOrBC,QAAAA,mBAPqB;AAQrBH,QAAAA,KARqB;AASrBI,QAAAA,eATqB;AAUrBC,QAAAA;AAVqB,OAAvB;AAaA,YAAMQ,kBAAkB,GAAG,MAAM,uBAAUD,cAAV,CAAjC;AACAf,MAAAA,iBAAiB,GAAGgB,kBAApB;AACAL,MAAAA,SAAS,CAACX,iBAAV,GAA8BA,iBAA9B;AACD,KAjBD,CAiBE,OAAOa,KAAP,EAAc;AACd,aAAO,iBAAQD,MAAR,CAAe;AAAEC,QAAAA;AAAF,OAAf,CAAP;AACD;AACF;;AAED,MAAI;AACF,UAAM;AAAEI,MAAAA;AAAF,QAAmB,sBAAkBhB,OAAlB,CAAzB;AACA,UAAMiB,WAAW,GAAG,MAAM,yBAAW;AAAEvB,MAAAA,eAAF;AAAmBE,MAAAA,MAAnB;AAA2BG,MAAAA,iBAA3B;AAA8CD,MAAAA,WAA9C;AAA2DE,MAAAA;AAA3D,KAAX,EACvBkB,KADuB,CAChBC,GAAG,IAAI,iBAAQR,MAAR,CAAe;AAC5BC,MAAAA,KAAK,EAAE,wBADqB;AAE5B;AACA;AACAQ,MAAAA,OAAO,EAAEJ,YAAY,CAAEG,GAAF,EAAOT,SAAP;AAJO,KAAf,CADS,CAA1B;AAOA,UAAMW,QAAQ,GAAGL,YAAY,CAAEC,WAAF,EAAeP,SAAf,CAA7B;AACA,WAAOW,QAAP;AACD,GAXD,CAWE,OAAOT,KAAP,EAAc;AACd,WAAO,iBAAQD,MAAR,CAAe;AAAEC,MAAAA;AAAF,KAAf,CAAP;AACD;AACF,CArFD;;AAsFA,MAAM;AAAEI,EAAAA;AAAF,IAAmB,sBAAkBxB,gCAAlB,CAAzB;eAEe;AACbC,EAAAA,KADa;AAEb6B,EAAAA,UAAU,EAAVA,mBAFa;AAGbC,EAAAA,QAAQ,EAARA,iBAHa;AAIbP,EAAAA,YAJa;AAKbQ,EAAAA,MAAM,EAAEC,kBALK;AAMbjC,EAAAA;AANa,C","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable complexity, max-statements, max-len, camelcase */\n// @ts-nocheck\nimport introspect from './introspect';\nimport interact from './interact';\nimport parsersForVersion from './parsers';\nimport { HttpClient } from './client';\nimport { validateVersionConfig } from './util';\n\nconst LATEST_SUPPORTED_IDX_API_VERSION = '1.0.0';\n\nconst start = async function start({\n withCredentials,\n clientId,\n domain,\n issuer,\n stateHandle,\n interactionHandle,\n version,\n redirectUri,\n state,\n scopes,\n codeChallenge,\n codeChallengeMethod,\n activationToken,\n recoveryToken\n}) {\n\n issuer = issuer?.replace(/\\/+$/, '');\n const baseUrl = issuer?.indexOf('/oauth2') > 0 ? issuer : issuer + '/oauth2'; // org AS uses domain as AS, but we need the base url for calls\n const toPersist = {\n baseUrl,\n clientId,\n state,\n withCredentials\n };\n\n if ( !domain && !issuer) {\n return Promise.reject({ error: 'issuer is required' });\n }\n\n if ( !stateHandle && !clientId ) { // redirectUri is only required on self-hosted flow\n return Promise.reject({ error: 'clientId is required' });\n }\n\n if ( !stateHandle && !redirectUri ) { // redirectUri is only required on self-hosted flow\n return Promise.reject({ error: 'redirectUri is required' });\n }\n\n if (!stateHandle && !(codeChallenge && codeChallengeMethod)) {\n return Promise.reject({ error: 'PKCE params (codeChallenge, codeChallengeMethod) are required' });\n }\n\n if ( !domain ) {\n domain = new URL(issuer).origin;\n }\n\n validateVersionConfig(version);\n\n if ( !stateHandle && !interactionHandle ) { // start a new transaction\n try {\n const interactParams = {\n withCredentials,\n clientId,\n baseUrl,\n scopes,\n redirectUri,\n codeChallenge,\n codeChallengeMethod,\n state,\n activationToken,\n recoveryToken\n };\n\n const interaction_handle = await interact( interactParams );\n interactionHandle = interaction_handle;\n toPersist.interactionHandle = interactionHandle;\n } catch (error) {\n return Promise.reject({ error });\n }\n }\n\n try {\n const { makeIdxState } = parsersForVersion(version);\n const idxResponse = await introspect({ withCredentials, domain, interactionHandle, stateHandle, version })\n .catch( err => Promise.reject({\n error: 'introspect call failed',\n // Transform all errors into an IdX State object.\n // This allows IdX based errors (messages) to optionally proceed with remediation forms\n details: makeIdxState( err, toPersist )\n }) );\n const idxState = makeIdxState( idxResponse, toPersist );\n return idxState;\n } catch (error) {\n return Promise.reject({ error });\n }\n};\nconst { makeIdxState } = parsersForVersion(LATEST_SUPPORTED_IDX_API_VERSION);\n\nexport default {\n start,\n introspect,\n interact,\n makeIdxState,\n client: HttpClient,\n LATEST_SUPPORTED_IDX_API_VERSION,\n};\n"],"file":"index.js"}
|