@okta/okta-auth-js 5.4.2 → 5.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (161) hide show
  1. package/CHANGELOG.md +60 -5
  2. package/README.md +66 -977
  3. package/cjs/AuthStateManager.js +5 -0
  4. package/cjs/AuthStateManager.js.map +1 -1
  5. package/cjs/OktaAuth.js +32 -11
  6. package/cjs/OktaAuth.js.map +1 -1
  7. package/cjs/OktaUserAgent.js +2 -2
  8. package/cjs/StorageManager.js +8 -0
  9. package/cjs/StorageManager.js.map +1 -1
  10. package/cjs/TransactionManager.js +32 -4
  11. package/cjs/TransactionManager.js.map +1 -1
  12. package/cjs/browser/browserStorage.js +5 -5
  13. package/cjs/browser/browserStorage.js.map +1 -1
  14. package/cjs/builderUtil.js +6 -0
  15. package/cjs/builderUtil.js.map +1 -1
  16. package/cjs/constants.js +3 -1
  17. package/cjs/constants.js.map +1 -1
  18. package/cjs/fetch/fetchRequest.js +10 -3
  19. package/cjs/fetch/fetchRequest.js.map +1 -1
  20. package/cjs/http/request.js +4 -0
  21. package/cjs/http/request.js.map +1 -1
  22. package/cjs/idx/remediate.js +33 -23
  23. package/cjs/idx/remediate.js.map +1 -1
  24. package/cjs/idx/remediators/Base/AuthenticatorData.js +7 -7
  25. package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
  26. package/cjs/idx/remediators/Base/Remediator.js +13 -7
  27. package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
  28. package/cjs/idx/remediators/Base/SelectAuthenticator.js +6 -6
  29. package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  30. package/cjs/idx/remediators/Base/VerifyAuthenticator.js +18 -14
  31. package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  32. package/cjs/idx/remediators/EnrollProfile.js +14 -0
  33. package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
  34. package/cjs/idx/remediators/Identify.js +5 -2
  35. package/cjs/idx/remediators/Identify.js.map +1 -1
  36. package/cjs/idx/remediators/ReEnrollAuthenticator.js +1 -1
  37. package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
  38. package/cjs/idx/transactionMeta.js +3 -1
  39. package/cjs/idx/transactionMeta.js.map +1 -1
  40. package/cjs/idx/types/idx-js.js.map +1 -1
  41. package/cjs/idx/types/index.js +17 -6
  42. package/cjs/idx/types/index.js.map +1 -1
  43. package/cjs/index.js +6 -6
  44. package/cjs/index.js.map +1 -1
  45. package/cjs/oidc/getToken.js +14 -9
  46. package/cjs/oidc/getToken.js.map +1 -1
  47. package/cjs/oidc/getWithPopup.js +9 -2
  48. package/cjs/oidc/getWithPopup.js.map +1 -1
  49. package/cjs/oidc/getWithRedirect.js +6 -2
  50. package/cjs/oidc/getWithRedirect.js.map +1 -1
  51. package/cjs/oidc/parseFromUrl.js +59 -20
  52. package/cjs/oidc/parseFromUrl.js.map +1 -1
  53. package/cjs/oidc/renewTokens.js +28 -5
  54. package/cjs/oidc/renewTokens.js.map +1 -1
  55. package/cjs/oidc/util/browser.js +1 -13
  56. package/cjs/oidc/util/browser.js.map +1 -1
  57. package/cjs/oidc/util/validateClaims.js +8 -6
  58. package/cjs/oidc/util/validateClaims.js.map +1 -1
  59. package/cjs/options.js +3 -0
  60. package/cjs/options.js.map +1 -1
  61. package/cjs/tx/AuthTransaction.js +1 -3
  62. package/cjs/tx/AuthTransaction.js.map +1 -1
  63. package/cjs/tx/api.js +3 -0
  64. package/cjs/tx/api.js.map +1 -1
  65. package/cjs/types/Transaction.js.map +1 -1
  66. package/cjs/util/sharedStorage.js +54 -0
  67. package/cjs/util/sharedStorage.js.map +1 -0
  68. package/dist/okta-auth-js.min.js +8 -8
  69. package/dist/okta-auth-js.min.js.map +1 -1
  70. package/dist/okta-auth-js.umd.js +8 -8
  71. package/dist/okta-auth-js.umd.js.map +1 -1
  72. package/esm/AuthStateManager.js +5 -0
  73. package/esm/AuthStateManager.js.map +1 -1
  74. package/esm/OktaAuth.js +32 -12
  75. package/esm/OktaAuth.js.map +1 -1
  76. package/esm/OktaUserAgent.js +2 -2
  77. package/esm/StorageManager.js +9 -1
  78. package/esm/StorageManager.js.map +1 -1
  79. package/esm/TransactionManager.js +31 -4
  80. package/esm/TransactionManager.js.map +1 -1
  81. package/esm/browser/browserStorage.js +5 -5
  82. package/esm/browser/browserStorage.js.map +1 -1
  83. package/esm/builderUtil.js +6 -0
  84. package/esm/builderUtil.js.map +1 -1
  85. package/esm/constants.js +1 -0
  86. package/esm/constants.js.map +1 -1
  87. package/esm/fetch/fetchRequest.js +10 -3
  88. package/esm/fetch/fetchRequest.js.map +1 -1
  89. package/esm/http/request.js +4 -0
  90. package/esm/http/request.js.map +1 -1
  91. package/esm/idx/remediate.js +41 -29
  92. package/esm/idx/remediate.js.map +1 -1
  93. package/esm/idx/remediators/Base/AuthenticatorData.js +7 -7
  94. package/esm/idx/remediators/Base/AuthenticatorData.js.map +1 -1
  95. package/esm/idx/remediators/Base/Remediator.js +13 -8
  96. package/esm/idx/remediators/Base/Remediator.js.map +1 -1
  97. package/esm/idx/remediators/Base/SelectAuthenticator.js +6 -6
  98. package/esm/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  99. package/esm/idx/remediators/Base/VerifyAuthenticator.js +18 -15
  100. package/esm/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  101. package/esm/idx/remediators/EnrollProfile.js +21 -4
  102. package/esm/idx/remediators/EnrollProfile.js.map +1 -1
  103. package/esm/idx/remediators/Identify.js +4 -2
  104. package/esm/idx/remediators/Identify.js.map +1 -1
  105. package/esm/idx/remediators/ReEnrollAuthenticator.js +1 -1
  106. package/esm/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
  107. package/esm/idx/transactionMeta.js +3 -1
  108. package/esm/idx/transactionMeta.js.map +1 -1
  109. package/esm/idx/types/idx-js.js.map +1 -1
  110. package/esm/idx/types/index.js +15 -5
  111. package/esm/idx/types/index.js.map +1 -1
  112. package/esm/index.js +2 -2
  113. package/esm/index.js.map +1 -1
  114. package/esm/oidc/getToken.js +15 -10
  115. package/esm/oidc/getToken.js.map +1 -1
  116. package/esm/oidc/getWithPopup.js +8 -2
  117. package/esm/oidc/getWithPopup.js.map +1 -1
  118. package/esm/oidc/getWithRedirect.js +6 -2
  119. package/esm/oidc/getWithRedirect.js.map +1 -1
  120. package/esm/oidc/parseFromUrl.js +59 -17
  121. package/esm/oidc/parseFromUrl.js.map +1 -1
  122. package/esm/oidc/renewTokens.js +27 -5
  123. package/esm/oidc/renewTokens.js.map +1 -1
  124. package/esm/oidc/util/browser.js +1 -12
  125. package/esm/oidc/util/browser.js.map +1 -1
  126. package/esm/oidc/util/validateClaims.js +8 -6
  127. package/esm/oidc/util/validateClaims.js.map +1 -1
  128. package/esm/options.js +3 -0
  129. package/esm/options.js.map +1 -1
  130. package/esm/tx/AuthTransaction.js +1 -3
  131. package/esm/tx/AuthTransaction.js.map +1 -1
  132. package/esm/tx/api.js +3 -0
  133. package/esm/tx/api.js.map +1 -1
  134. package/esm/types/Transaction.js.map +1 -1
  135. package/esm/util/sharedStorage.js +43 -0
  136. package/esm/util/sharedStorage.js.map +1 -0
  137. package/lib/AuthStateManager.d.ts +4 -2
  138. package/lib/OktaAuth.d.ts +3 -2
  139. package/lib/StorageManager.d.ts +1 -0
  140. package/lib/TransactionManager.d.ts +1 -0
  141. package/lib/constants.d.ts +1 -0
  142. package/lib/idx/remediators/Base/AuthenticatorData.d.ts +2 -5
  143. package/lib/idx/remediators/Base/Remediator.d.ts +3 -6
  144. package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +3 -6
  145. package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +1 -1
  146. package/lib/idx/remediators/EnrollProfile.d.ts +1 -0
  147. package/lib/idx/remediators/Identify.d.ts +1 -5
  148. package/lib/idx/types/idx-js.d.ts +1 -0
  149. package/lib/idx/types/index.d.ts +19 -9
  150. package/lib/index.d.ts +2 -1
  151. package/lib/oidc/getToken.d.ts +2 -2
  152. package/lib/oidc/parseFromUrl.d.ts +4 -1
  153. package/lib/oidc/renewTokens.d.ts +0 -12
  154. package/lib/types/AuthState.d.ts +1 -0
  155. package/lib/types/OktaAuthOptions.d.ts +2 -1
  156. package/lib/types/Storage.d.ts +3 -0
  157. package/lib/types/Transaction.d.ts +5 -1
  158. package/lib/types/api.d.ts +9 -4
  159. package/lib/types/http.d.ts +1 -0
  160. package/lib/util/sharedStorage.d.ts +6 -0
  161. package/package.json +5 -4
package/esm/AuthStateManager.js CHANGED
@@ -80,6 +80,10 @@ export class AuthStateManager {
80
80
  return this._authState;
81
81
  }
82
82
 
83
+ getPreviousAuthState() {
84
+ return this._prevAuthState;
85
+ }
86
+
83
87
  updateAuthState() {
84
88
  var _this = this;
85
89
 
@@ -109,6 +113,7 @@ export class AuthStateManager {
109
113
  return;
110
114
  }
111
115
 
116
+ _this._prevAuthState = _this._authState;
112
117
  _this._authState = authState; // emit new authState object
113
118
 
114
119
  _this._sdk.emitter.emit(EVENT_AUTH_STATE_CHANGE, _objectSpread({}, authState));
package/esm/AuthStateManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/AuthStateManager.ts"],"names":["AuthSdkError","getConsole","EVENT_ADDED","EVENT_REMOVED","PCancelable","require","INITIAL_AUTH_STATE","DEFAULT_PENDING","updateAuthStatePromise","canceledTimes","EVENT_AUTH_STATE_CHANGE","MAX_PROMISE_CANCEL_TIMES","isSameAuthState","prevState","state","isAuthenticated","JSON","stringify","idToken","accessToken","error","AuthStateManager","constructor","sdk","emitter","_sdk","_pending","_authState","_logOptions","tokenManager","on","key","token","_setLogOptions","event","updateAuthState","options","getAuthState","transformAuthState","devMode","log","status","group","groupEnd","emitAuthStateChange","authState","emit","finalPromise","origPromise","then","curPromise","cancel","cancelablePromise","resolve","_","onCancel","shouldReject","emitAndResolve","isCanceled","refreshToken","getTokensSync","promise","Promise","catch","subscribe","handler","unsubscribe","off"],"mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,SAASA,YAAT,QAA6B,UAA7B;AAGA,SAASC,UAAT,QAA2B,QAA3B;AACA,SAASC,WAAT,EAAsBC,aAAtB,QAA2C,gBAA3C;;AACA,IAAMC,WAAW,GAAGC,OAAO,CAAC,cAAD,CAA3B;;AAEA,OAAO,IAAMC,kBAAkB,GAAG,IAA3B;AACP,IAAMC,eAAe,GAAG;AACtBC,EAAAA,sBAAsB,EAAE,IADF;AAEtBC,EAAAA,aAAa,EAAE;AAFO,CAAxB;AAIA,IAAMC,uBAAuB,GAAG,iBAAhC;AACA,IAAMC,wBAAwB,GAAG,EAAjC,C,CAEA;;AACA,IAAMC,eAAe,GAAG,CAACC,SAAD,EAAuBC,KAAvB,KAA4C;AAClE;AACA,MAAI,CAACD,SAAL,EAAgB;AACd,WAAO,KAAP;AACD;;AAED,SAAOA,SAAS,CAACE,eAAV,KAA8BD,KAAK,CAACC,eAApC,IACFC,IAAI,CAACC,SAAL,CAAeJ,SAAS,CAACK,OAAzB,MAAsCF,IAAI,CAACC,SAAL,CAAeH,KAAK,CAACI,OAArB,CADpC,IAEFF,IAAI,CAACC,SAAL,CAAeJ,SAAS,CAACM,WAAzB,MAA0CH,IAAI,CAACC,SAAL,CAAeH,KAAK,CAACK,WAArB,CAFxC,IAGFN,SAAS,CAACO,KAAV,KAAoBN,KAAK,CAACM,KAH/B;AAID,CAVD;;AAYA,OAAO,MAAMC,gBAAN,CAAuB;AAU5BC,EAAAA,WAAW,CAACC,GAAD,EAAgB;AACzB,QAAI,CAACA,GAAG,CAACC,OAAT,EAAkB;AAChB,YAAM,IAAIxB,YAAJ,CAAiB,uDAAjB,CAAN;AACD;;AAED,SAAKyB,IAAL,GAAYF,GAAZ;AACA,SAAKG,QAAL,qBAAqBnB,eAArB;AACA,SAAKoB,UAAL,GAAkBrB,kBAAlB;AACA,SAAKsB,WAAL,GAAmB,EAAnB,CARyB,CAUzB;AACA;AACA;;AACAL,IAAAA,GAAG,CAACM,YAAJ,CAAiBC,EAAjB,CAAoB5B,WAApB,EAAiC,CAAC6B,GAAD,EAAMC,KAAN,KAAgB;AAC/C,WAAKC,cAAL,CAAoB;AAAEC,QAAAA,KAAK,EAAEhC,WAAT;AAAsB6B,QAAAA,GAAtB;AAA2BC,QAAAA;AAA3B,OAApB;;AACA,WAAKG,eAAL;AACD,KAHD;AAIAZ,IAAAA,GAAG,CAACM,YAAJ,CAAiBC,EAAjB,CAAoB3B,aAApB,EAAmC,CAAC4B,GAAD,EAAMC,KAAN,KAAgB;AACjD,WAAKC,cAAL,CAAoB;AAAEC,QAAAA,KAAK,EAAE/B,aAAT;AAAwB4B,QAAAA,GAAxB;AAA6BC,QAAAA;AAA7B,OAApB;;AACA,WAAKG,eAAL;AACD,KAHD;AAID;;AAEDF,EAAAA,cAAc,CAACG,OAAD,EAAU;AACtB,SAAKR,WAAL,GAAmBQ,OAAnB;AACD;;AAEDC,EAAAA,YAAY,GAAc;AACxB,WAAO,KAAKV,UAAZ;AACD;;AAEKQ,EAAAA,eAAe,GAAuB;AAAA;;AAAA;AAC1C,UAAM;AAAEG,QAAAA,kBAAF;AAAsBC,QAAAA;AAAtB,UAAkC,KAAI,CAACd,IAAL,CAAUW,OAAlD;;AAEA,UAAMI,GAAG,GAAIC,MAAD,IAAY;AACtB,YAAM;AAAEP,UAAAA,KAAF;AAASH,UAAAA,GAAT;AAAcC,UAAAA;AAAd,YAAwB,KAAI,CAACJ,WAAnC;AACA3B,QAAAA,UAAU,GAAGyC,KAAb,+CAA0DR,KAA1D,qBAA0EO,MAA1E;AACAxC,QAAAA,UAAU,GAAGuC,GAAb,CAAiBT,GAAjB,EAAsBC,KAAtB;AACA/B,QAAAA,UAAU,GAAGuC,GAAb,CAAiB,mBAAjB,EAAsC,KAAI,CAACb,UAA3C;AACA1B,QAAAA,UAAU,GAAG0C,QAAb,GALsB,CAOtB;;AACA,QAAA,KAAI,CAACf,WAAL,GAAmB,EAAnB;AACD,OATD;;AAWA,UAAMgB,mBAAmB,GAAIC,SAAD,IAAe;AACzC,YAAIjC,eAAe,CAAC,KAAI,CAACe,UAAN,EAAkBkB,SAAlB,CAAnB,EAAiD;AAC/CN,UAAAA,OAAO,IAAIC,GAAG,CAAC,WAAD,CAAd;AACA;AACD;;AACD,QAAA,KAAI,CAACb,UAAL,GAAkBkB,SAAlB,CALyC,CAMzC;;AACA,QAAA,KAAI,CAACpB,IAAL,CAAUD,OAAV,CAAkBsB,IAAlB,CAAuBpC,uBAAvB,oBAAqDmC,SAArD;;AACAN,QAAAA,OAAO,IAAIC,GAAG,CAAC,SAAD,CAAd;AACD,OATD;;AAWA,UAAMO,YAAY,GAAIC,WAAD,IAAiB;AACpC,eAAO,KAAI,CAACtB,QAAL,CAAclB,sBAAd,CAAqCyC,IAArC,CAA0C,MAAM;AACrD,cAAMC,UAAU,GAAG,KAAI,CAACxB,QAAL,CAAclB,sBAAjC;;AACA,cAAI0C,UAAU,IAAIA,UAAU,KAAKF,WAAjC,EAA8C;AAC5C,mBAAOD,YAAY,CAACG,UAAD,CAAnB;AACD;;AACD,iBAAO,KAAI,CAACb,YAAL,EAAP;AACD,SANM,CAAP;AAOD,OARD;;AAUA,UAAI,KAAI,CAACX,QAAL,CAAclB,sBAAlB,EAA0C;AACxC,YAAI,KAAI,CAACkB,QAAL,CAAcjB,aAAd,IAA+BE,wBAAnC,EAA6D;AAC3D;AACA;AACA4B,UAAAA,OAAO,IAAIC,GAAG,CAAC,YAAD,CAAd;AACA,iBAAOO,YAAY,CAAC,KAAI,CAACrB,QAAL,CAAclB,sBAAf,CAAnB;AACD,SALD,MAKO;AACL,UAAA,KAAI,CAACkB,QAAL,CAAclB,sBAAd,CAAqC2C,MAArC;AACD;AACF;AAED;;;AACA,UAAMC,iBAAiB,GAAG,IAAIhD,WAAJ,CAAgB,CAACiD,OAAD,EAAUC,CAAV,EAAaC,QAAb,KAA0B;AAClEA,QAAAA,QAAQ,CAACC,YAAT,GAAwB,KAAxB;AACAD,QAAAA,QAAQ,CAAC,MAAM;AACb,UAAA,KAAI,CAAC7B,QAAL,CAAclB,sBAAd,GAAuC,IAAvC;AACA,UAAA,KAAI,CAACkB,QAAL,CAAcjB,aAAd,GAA8B,KAAI,CAACiB,QAAL,CAAcjB,aAAd,GAA8B,CAA5D;AACA8B,UAAAA,OAAO,IAAIC,GAAG,CAAC,UAAD,CAAd;AACD,SAJO,CAAR;;AAMA,YAAMiB,cAAc,GAAIZ,SAAD,IAAe;AACpC,cAAIO,iBAAiB,CAACM,UAAtB,EAAkC;AAChCL,YAAAA,OAAO;AACP;AACD,WAJmC,CAKpC;;;AACAT,UAAAA,mBAAmB,CAACC,SAAD,CAAnB;AACAQ,UAAAA,OAAO,GAP6B,CASpC;;AACA,UAAA,KAAI,CAAC3B,QAAL,qBAAqBnB,eAArB;AACD,SAXD;;AAaA,QAAA,KAAI,CAACkB,IAAL,CAAUV,eAAV,GACGkC,IADH,CACQ,MAAM;AACV,cAAIG,iBAAiB,CAACM,UAAtB,EAAkC;AAChCL,YAAAA,OAAO;AACP;AACD;;AAED,cAAM;AAAElC,YAAAA,WAAF;AAAeD,YAAAA,OAAf;AAAwByC,YAAAA;AAAxB,cAAyC,KAAI,CAAClC,IAAL,CAAUI,YAAV,CAAuB+B,aAAvB,EAA/C;;AACA,cAAMf,SAAS,GAAG;AAChB1B,YAAAA,WADgB;AAEhBD,YAAAA,OAFgB;AAGhByC,YAAAA,YAHgB;AAIhB5C,YAAAA,eAAe,EAAE,CAAC,EAAEI,WAAW,IAAID,OAAjB;AAJF,WAAlB;AAMA,cAAM2C,OAA2B,GAAGvB,kBAAkB,GAClDA,kBAAkB,CAAC,KAAI,CAACb,IAAN,EAAYoB,SAAZ,CADgC,GAElDiB,OAAO,CAACT,OAAR,CAAgBR,SAAhB,CAFJ;AAIAgB,UAAAA,OAAO,CACJZ,IADH,CACQJ,SAAS,IAAIY,cAAc,CAACZ,SAAD,CADnC,EAEGkB,KAFH,CAES3C,KAAK,IAAIqC,cAAc,CAAC;AAC7BtC,YAAAA,WAD6B;AAE7BD,YAAAA,OAF6B;AAG7ByC,YAAAA,YAH6B;AAI7B5C,YAAAA,eAAe,EAAE,KAJY;AAK7BK,YAAAA;AAL6B,WAAD,CAFhC;AASD,SA3BH;AA4BD,OAjDyB,CAA1B;AAkDA;;AACA,MAAA,KAAI,CAACM,QAAL,CAAclB,sBAAd,GAAuC4C,iBAAvC;AAEA,aAAOL,YAAY,CAACK,iBAAD,CAAnB;AApG0C;AAqG3C;;AAEDY,EAAAA,SAAS,CAACC,OAAD,EAAgB;AACvB,SAAKxC,IAAL,CAAUD,OAAV,CAAkBM,EAAlB,CAAqBpB,uBAArB,EAA8CuD,OAA9C;AACD;;AAEDC,EAAAA,WAAW,CAACD,OAAD,EAAiB;AAC1B,SAAKxC,IAAL,CAAUD,OAAV,CAAkB2C,GAAlB,CAAsBzD,uBAAtB,EAA+CuD,OAA/C;AACD;;AAtJ2B","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { AuthState, AuthStateLogOptions } from './types';\nimport { OktaAuth } from '.';\nimport { getConsole } from './util';\nimport { EVENT_ADDED, EVENT_REMOVED } from './TokenManager';\nconst PCancelable = require('p-cancelable');\n\nexport const INITIAL_AUTH_STATE = null;\nconst DEFAULT_PENDING = {\n updateAuthStatePromise: null,\n canceledTimes: 0\n};\nconst EVENT_AUTH_STATE_CHANGE = 'authStateChange';\nconst MAX_PROMISE_CANCEL_TIMES = 10;\n\n// only compare first level of authState\nconst isSameAuthState = (prevState: AuthState, state: AuthState) => {\n // initial state is null\n if (!prevState) {\n return false;\n }\n\n return prevState.isAuthenticated === state.isAuthenticated \n && JSON.stringify(prevState.idToken) === JSON.stringify(state.idToken)\n && JSON.stringify(prevState.accessToken) === JSON.stringify(state.accessToken)\n && prevState.error === state.error;\n};\n\nexport class AuthStateManager {\n _sdk: OktaAuth;\n _pending: { \n updateAuthStatePromise: typeof PCancelable;\n canceledTimes: number; \n };\n _authState: AuthState;\n _logOptions: AuthStateLogOptions;\n _lastEventTimestamp: number;\n\n constructor(sdk: OktaAuth) {\n if (!sdk.emitter) {\n throw new AuthSdkError('Emitter should be initialized before AuthStateManager');\n }\n\n this._sdk = sdk;\n this._pending = { ...DEFAULT_PENDING };\n this._authState = INITIAL_AUTH_STATE;\n this._logOptions = {};\n\n // Listen on tokenManager events to start updateState process\n // \"added\" event is emitted in both add and renew process\n // Only listen on \"added\" event to update auth state\n sdk.tokenManager.on(EVENT_ADDED, (key, token) => {\n this._setLogOptions({ event: EVENT_ADDED, key, token });\n this.updateAuthState();\n });\n sdk.tokenManager.on(EVENT_REMOVED, (key, token) => {\n this._setLogOptions({ event: EVENT_REMOVED, key, token });\n this.updateAuthState();\n });\n }\n\n _setLogOptions(options) {\n this._logOptions = options;\n }\n\n getAuthState(): AuthState {\n return this._authState;\n }\n\n async updateAuthState(): Promise<AuthState> {\n const { transformAuthState, devMode } = this._sdk.options;\n\n const log = (status) => {\n const { event, key, token } = this._logOptions;\n getConsole().group(`OKTA-AUTH-JS:updateAuthState: Event:${event} Status:${status}`);\n getConsole().log(key, token);\n getConsole().log('Current authState', this._authState);\n getConsole().groupEnd();\n \n // clear log options after logging\n this._logOptions = {};\n };\n\n const emitAuthStateChange = (authState) => {\n if (isSameAuthState(this._authState, authState)) {\n devMode && log('unchanged'); \n return;\n }\n this._authState = authState;\n // emit new authState object\n this._sdk.emitter.emit(EVENT_AUTH_STATE_CHANGE, { ...authState });\n devMode && log('emitted');\n };\n\n const finalPromise = (origPromise) => { \n return this._pending.updateAuthStatePromise.then(() => {\n const curPromise = this._pending.updateAuthStatePromise;\n if (curPromise && curPromise !== origPromise) {\n return finalPromise(curPromise);\n }\n return this.getAuthState();\n });\n };\n\n if (this._pending.updateAuthStatePromise) {\n if (this._pending.canceledTimes >= MAX_PROMISE_CANCEL_TIMES) {\n // stop canceling then starting a new promise\n // let existing promise finish to prevent running into loops\n devMode && log('terminated');\n return finalPromise(this._pending.updateAuthStatePromise);\n } else {\n this._pending.updateAuthStatePromise.cancel();\n }\n }\n\n /* eslint-disable complexity */\n const cancelablePromise = new PCancelable((resolve, _, onCancel) => {\n onCancel.shouldReject = false;\n onCancel(() => {\n this._pending.updateAuthStatePromise = null;\n this._pending.canceledTimes = this._pending.canceledTimes + 1;\n devMode && log('canceled');\n });\n\n const emitAndResolve = (authState) => {\n if (cancelablePromise.isCanceled) {\n resolve();\n return;\n }\n // emit event and resolve promise \n emitAuthStateChange(authState);\n resolve();\n\n // clear pending states after resolve\n this._pending = { ...DEFAULT_PENDING };\n };\n\n this._sdk.isAuthenticated()\n .then(() => {\n if (cancelablePromise.isCanceled) {\n resolve();\n return;\n }\n\n const { accessToken, idToken, refreshToken } = this._sdk.tokenManager.getTokensSync();\n const authState = {\n accessToken,\n idToken,\n refreshToken,\n isAuthenticated: !!(accessToken && idToken)\n };\n const promise: Promise<AuthState> = transformAuthState\n ? transformAuthState(this._sdk, authState)\n : Promise.resolve(authState);\n\n promise\n .then(authState => emitAndResolve(authState))\n .catch(error => emitAndResolve({\n accessToken, \n idToken, \n refreshToken,\n isAuthenticated: false, \n error\n }));\n });\n });\n /* eslint-enable complexity */\n this._pending.updateAuthStatePromise = cancelablePromise;\n\n return finalPromise(cancelablePromise);\n }\n\n subscribe(handler): void {\n this._sdk.emitter.on(EVENT_AUTH_STATE_CHANGE, handler);\n }\n\n unsubscribe(handler?): void {\n this._sdk.emitter.off(EVENT_AUTH_STATE_CHANGE, handler);\n }\n}\n"],"file":"AuthStateManager.js"}
1
+ {"version":3,"sources":["../../lib/AuthStateManager.ts"],"names":["AuthSdkError","getConsole","EVENT_ADDED","EVENT_REMOVED","PCancelable","require","INITIAL_AUTH_STATE","DEFAULT_PENDING","updateAuthStatePromise","canceledTimes","EVENT_AUTH_STATE_CHANGE","MAX_PROMISE_CANCEL_TIMES","isSameAuthState","prevState","state","isAuthenticated","JSON","stringify","idToken","accessToken","error","AuthStateManager","constructor","sdk","emitter","_sdk","_pending","_authState","_logOptions","tokenManager","on","key","token","_setLogOptions","event","updateAuthState","options","getAuthState","getPreviousAuthState","_prevAuthState","transformAuthState","devMode","log","status","group","groupEnd","emitAuthStateChange","authState","emit","finalPromise","origPromise","then","curPromise","cancel","cancelablePromise","resolve","_","onCancel","shouldReject","emitAndResolve","isCanceled","refreshToken","getTokensSync","promise","Promise","catch","subscribe","handler","unsubscribe","off"],"mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,SAASA,YAAT,QAA6B,UAA7B;AAGA,SAASC,UAAT,QAA2B,QAA3B;AACA,SAASC,WAAT,EAAsBC,aAAtB,QAA2C,gBAA3C;;AACA,IAAMC,WAAW,GAAGC,OAAO,CAAC,cAAD,CAA3B;;AAEA,OAAO,IAAMC,kBAAkB,GAAG,IAA3B;AACP,IAAMC,eAAe,GAAG;AACtBC,EAAAA,sBAAsB,EAAE,IADF;AAEtBC,EAAAA,aAAa,EAAE;AAFO,CAAxB;AAIA,IAAMC,uBAAuB,GAAG,iBAAhC;AACA,IAAMC,wBAAwB,GAAG,EAAjC,C,CAEA;;AACA,IAAMC,eAAe,GAAG,CAACC,SAAD,EAAuBC,KAAvB,KAA4C;AAClE;AACA,MAAI,CAACD,SAAL,EAAgB;AACd,WAAO,KAAP;AACD;;AAED,SAAOA,SAAS,CAACE,eAAV,KAA8BD,KAAK,CAACC,eAApC,IACFC,IAAI,CAACC,SAAL,CAAeJ,SAAS,CAACK,OAAzB,MAAsCF,IAAI,CAACC,SAAL,CAAeH,KAAK,CAACI,OAArB,CADpC,IAEFF,IAAI,CAACC,SAAL,CAAeJ,SAAS,CAACM,WAAzB,MAA0CH,IAAI,CAACC,SAAL,CAAeH,KAAK,CAACK,WAArB,CAFxC,IAGFN,SAAS,CAACO,KAAV,KAAoBN,KAAK,CAACM,KAH/B;AAID,CAVD;;AAYA,OAAO,MAAMC,gBAAN,CAAuB;AAW5BC,EAAAA,WAAW,CAACC,GAAD,EAAgB;AACzB,QAAI,CAACA,GAAG,CAACC,OAAT,EAAkB;AAChB,YAAM,IAAIxB,YAAJ,CAAiB,uDAAjB,CAAN;AACD;;AAED,SAAKyB,IAAL,GAAYF,GAAZ;AACA,SAAKG,QAAL,qBAAqBnB,eAArB;AACA,SAAKoB,UAAL,GAAkBrB,kBAAlB;AACA,SAAKsB,WAAL,GAAmB,EAAnB,CARyB,CAUzB;AACA;AACA;;AACAL,IAAAA,GAAG,CAACM,YAAJ,CAAiBC,EAAjB,CAAoB5B,WAApB,EAAiC,CAAC6B,GAAD,EAAMC,KAAN,KAAgB;AAC/C,WAAKC,cAAL,CAAoB;AAAEC,QAAAA,KAAK,EAAEhC,WAAT;AAAsB6B,QAAAA,GAAtB;AAA2BC,QAAAA;AAA3B,OAApB;;AACA,WAAKG,eAAL;AACD,KAHD;AAIAZ,IAAAA,GAAG,CAACM,YAAJ,CAAiBC,EAAjB,CAAoB3B,aAApB,EAAmC,CAAC4B,GAAD,EAAMC,KAAN,KAAgB;AACjD,WAAKC,cAAL,CAAoB;AAAEC,QAAAA,KAAK,EAAE/B,aAAT;AAAwB4B,QAAAA,GAAxB;AAA6BC,QAAAA;AAA7B,OAApB;;AACA,WAAKG,eAAL;AACD,KAHD;AAID;;AAEDF,EAAAA,cAAc,CAACG,OAAD,EAAU;AACtB,SAAKR,WAAL,GAAmBQ,OAAnB;AACD;;AAEDC,EAAAA,YAAY,GAAqB;AAC/B,WAAO,KAAKV,UAAZ;AACD;;AAEDW,EAAAA,oBAAoB,GAAqB;AACvC,WAAO,KAAKC,cAAZ;AACD;;AAEKJ,EAAAA,eAAe,GAAuB;AAAA;;AAAA;AAC1C,UAAM;AAAEK,QAAAA,kBAAF;AAAsBC,QAAAA;AAAtB,UAAkC,KAAI,CAAChB,IAAL,CAAUW,OAAlD;;AAEA,UAAMM,GAAG,GAAIC,MAAD,IAAY;AACtB,YAAM;AAAET,UAAAA,KAAF;AAASH,UAAAA,GAAT;AAAcC,UAAAA;AAAd,YAAwB,KAAI,CAACJ,WAAnC;AACA3B,QAAAA,UAAU,GAAG2C,KAAb,+CAA0DV,KAA1D,qBAA0ES,MAA1E;AACA1C,QAAAA,UAAU,GAAGyC,GAAb,CAAiBX,GAAjB,EAAsBC,KAAtB;AACA/B,QAAAA,UAAU,GAAGyC,GAAb,CAAiB,mBAAjB,EAAsC,KAAI,CAACf,UAA3C;AACA1B,QAAAA,UAAU,GAAG4C,QAAb,GALsB,CAOtB;;AACA,QAAA,KAAI,CAACjB,WAAL,GAAmB,EAAnB;AACD,OATD;;AAWA,UAAMkB,mBAAmB,GAAIC,SAAD,IAAe;AACzC,YAAInC,eAAe,CAAC,KAAI,CAACe,UAAN,EAAkBoB,SAAlB,CAAnB,EAAiD;AAC/CN,UAAAA,OAAO,IAAIC,GAAG,CAAC,WAAD,CAAd;AACA;AACD;;AACD,QAAA,KAAI,CAACH,cAAL,GAAsB,KAAI,CAACZ,UAA3B;AACA,QAAA,KAAI,CAACA,UAAL,GAAkBoB,SAAlB,CANyC,CAOzC;;AACA,QAAA,KAAI,CAACtB,IAAL,CAAUD,OAAV,CAAkBwB,IAAlB,CAAuBtC,uBAAvB,oBAAqDqC,SAArD;;AACAN,QAAAA,OAAO,IAAIC,GAAG,CAAC,SAAD,CAAd;AACD,OAVD;;AAYA,UAAMO,YAAY,GAAIC,WAAD,IAAiB;AACpC,eAAO,KAAI,CAACxB,QAAL,CAAclB,sBAAd,CAAqC2C,IAArC,CAA0C,MAAM;AACrD,cAAMC,UAAU,GAAG,KAAI,CAAC1B,QAAL,CAAclB,sBAAjC;;AACA,cAAI4C,UAAU,IAAIA,UAAU,KAAKF,WAAjC,EAA8C;AAC5C,mBAAOD,YAAY,CAACG,UAAD,CAAnB;AACD;;AACD,iBAAO,KAAI,CAACf,YAAL,EAAP;AACD,SANM,CAAP;AAOD,OARD;;AAUA,UAAI,KAAI,CAACX,QAAL,CAAclB,sBAAlB,EAA0C;AACxC,YAAI,KAAI,CAACkB,QAAL,CAAcjB,aAAd,IAA+BE,wBAAnC,EAA6D;AAC3D;AACA;AACA8B,UAAAA,OAAO,IAAIC,GAAG,CAAC,YAAD,CAAd;AACA,iBAAOO,YAAY,CAAC,KAAI,CAACvB,QAAL,CAAclB,sBAAf,CAAnB;AACD,SALD,MAKO;AACL,UAAA,KAAI,CAACkB,QAAL,CAAclB,sBAAd,CAAqC6C,MAArC;AACD;AACF;AAED;;;AACA,UAAMC,iBAAiB,GAAG,IAAIlD,WAAJ,CAAgB,CAACmD,OAAD,EAAUC,CAAV,EAAaC,QAAb,KAA0B;AAClEA,QAAAA,QAAQ,CAACC,YAAT,GAAwB,KAAxB;AACAD,QAAAA,QAAQ,CAAC,MAAM;AACb,UAAA,KAAI,CAAC/B,QAAL,CAAclB,sBAAd,GAAuC,IAAvC;AACA,UAAA,KAAI,CAACkB,QAAL,CAAcjB,aAAd,GAA8B,KAAI,CAACiB,QAAL,CAAcjB,aAAd,GAA8B,CAA5D;AACAgC,UAAAA,OAAO,IAAIC,GAAG,CAAC,UAAD,CAAd;AACD,SAJO,CAAR;;AAMA,YAAMiB,cAAc,GAAIZ,SAAD,IAAe;AACpC,cAAIO,iBAAiB,CAACM,UAAtB,EAAkC;AAChCL,YAAAA,OAAO;AACP;AACD,WAJmC,CAKpC;;;AACAT,UAAAA,mBAAmB,CAACC,SAAD,CAAnB;AACAQ,UAAAA,OAAO,GAP6B,CASpC;;AACA,UAAA,KAAI,CAAC7B,QAAL,qBAAqBnB,eAArB;AACD,SAXD;;AAaA,QAAA,KAAI,CAACkB,IAAL,CAAUV,eAAV,GACGoC,IADH,CACQ,MAAM;AACV,cAAIG,iBAAiB,CAACM,UAAtB,EAAkC;AAChCL,YAAAA,OAAO;AACP;AACD;;AAED,cAAM;AAAEpC,YAAAA,WAAF;AAAeD,YAAAA,OAAf;AAAwB2C,YAAAA;AAAxB,cAAyC,KAAI,CAACpC,IAAL,CAAUI,YAAV,CAAuBiC,aAAvB,EAA/C;;AACA,cAAMf,SAAS,GAAG;AAChB5B,YAAAA,WADgB;AAEhBD,YAAAA,OAFgB;AAGhB2C,YAAAA,YAHgB;AAIhB9C,YAAAA,eAAe,EAAE,CAAC,EAAEI,WAAW,IAAID,OAAjB;AAJF,WAAlB;AAMA,cAAM6C,OAA2B,GAAGvB,kBAAkB,GAClDA,kBAAkB,CAAC,KAAI,CAACf,IAAN,EAAYsB,SAAZ,CADgC,GAElDiB,OAAO,CAACT,OAAR,CAAgBR,SAAhB,CAFJ;AAIAgB,UAAAA,OAAO,CACJZ,IADH,CACQJ,SAAS,IAAIY,cAAc,CAACZ,SAAD,CADnC,EAEGkB,KAFH,CAES7C,KAAK,IAAIuC,cAAc,CAAC;AAC7BxC,YAAAA,WAD6B;AAE7BD,YAAAA,OAF6B;AAG7B2C,YAAAA,YAH6B;AAI7B9C,YAAAA,eAAe,EAAE,KAJY;AAK7BK,YAAAA;AAL6B,WAAD,CAFhC;AASD,SA3BH;AA4BD,OAjDyB,CAA1B;AAkDA;;AACA,MAAA,KAAI,CAACM,QAAL,CAAclB,sBAAd,GAAuC8C,iBAAvC;AAEA,aAAOL,YAAY,CAACK,iBAAD,CAAnB;AArG0C;AAsG3C;;AAEDY,EAAAA,SAAS,CAACC,OAAD,EAAgB;AACvB,SAAK1C,IAAL,CAAUD,OAAV,CAAkBM,EAAlB,CAAqBpB,uBAArB,EAA8CyD,OAA9C;AACD;;AAEDC,EAAAA,WAAW,CAACD,OAAD,EAAiB;AAC1B,SAAK1C,IAAL,CAAUD,OAAV,CAAkB6C,GAAlB,CAAsB3D,uBAAtB,EAA+CyD,OAA/C;AACD;;AA5J2B","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { AuthState, AuthStateLogOptions } from './types';\nimport { OktaAuth } from '.';\nimport { getConsole } from './util';\nimport { EVENT_ADDED, EVENT_REMOVED } from './TokenManager';\nconst PCancelable = require('p-cancelable');\n\nexport const INITIAL_AUTH_STATE = null;\nconst DEFAULT_PENDING = {\n updateAuthStatePromise: null,\n canceledTimes: 0\n};\nconst EVENT_AUTH_STATE_CHANGE = 'authStateChange';\nconst MAX_PROMISE_CANCEL_TIMES = 10;\n\n// only compare first level of authState\nconst isSameAuthState = (prevState: AuthState, state: AuthState) => {\n // initial state is null\n if (!prevState) {\n return false;\n }\n\n return prevState.isAuthenticated === state.isAuthenticated \n && JSON.stringify(prevState.idToken) === JSON.stringify(state.idToken)\n && JSON.stringify(prevState.accessToken) === JSON.stringify(state.accessToken)\n && prevState.error === state.error;\n};\n\nexport class AuthStateManager {\n _sdk: OktaAuth;\n _pending: { \n updateAuthStatePromise: typeof PCancelable;\n canceledTimes: number; \n };\n _authState: AuthState | null;\n _prevAuthState: AuthState | null;\n _logOptions: AuthStateLogOptions;\n _lastEventTimestamp: number;\n\n constructor(sdk: OktaAuth) {\n if (!sdk.emitter) {\n throw new AuthSdkError('Emitter should be initialized before AuthStateManager');\n }\n\n this._sdk = sdk;\n this._pending = { ...DEFAULT_PENDING };\n this._authState = INITIAL_AUTH_STATE;\n this._logOptions = {};\n\n // Listen on tokenManager events to start updateState process\n // \"added\" event is emitted in both add and renew process\n // Only listen on \"added\" event to update auth state\n sdk.tokenManager.on(EVENT_ADDED, (key, token) => {\n this._setLogOptions({ event: EVENT_ADDED, key, token });\n this.updateAuthState();\n });\n sdk.tokenManager.on(EVENT_REMOVED, (key, token) => {\n this._setLogOptions({ event: EVENT_REMOVED, key, token });\n this.updateAuthState();\n });\n }\n\n _setLogOptions(options) {\n this._logOptions = options;\n }\n\n getAuthState(): AuthState | null {\n return this._authState;\n }\n\n getPreviousAuthState(): AuthState | null {\n return this._prevAuthState;\n }\n\n async updateAuthState(): Promise<AuthState> {\n const { transformAuthState, devMode } = this._sdk.options;\n\n const log = (status) => {\n const { event, key, token } = this._logOptions;\n getConsole().group(`OKTA-AUTH-JS:updateAuthState: Event:${event} Status:${status}`);\n getConsole().log(key, token);\n getConsole().log('Current authState', this._authState);\n getConsole().groupEnd();\n \n // clear log options after logging\n this._logOptions = {};\n };\n\n const emitAuthStateChange = (authState) => {\n if (isSameAuthState(this._authState, authState)) {\n devMode && log('unchanged'); \n return;\n }\n this._prevAuthState = this._authState;\n this._authState = authState;\n // emit new authState object\n this._sdk.emitter.emit(EVENT_AUTH_STATE_CHANGE, { ...authState });\n devMode && log('emitted');\n };\n\n const finalPromise = (origPromise) => { \n return this._pending.updateAuthStatePromise.then(() => {\n const curPromise = this._pending.updateAuthStatePromise;\n if (curPromise && curPromise !== origPromise) {\n return finalPromise(curPromise);\n }\n return this.getAuthState();\n });\n };\n\n if (this._pending.updateAuthStatePromise) {\n if (this._pending.canceledTimes >= MAX_PROMISE_CANCEL_TIMES) {\n // stop canceling then starting a new promise\n // let existing promise finish to prevent running into loops\n devMode && log('terminated');\n return finalPromise(this._pending.updateAuthStatePromise);\n } else {\n this._pending.updateAuthStatePromise.cancel();\n }\n }\n\n /* eslint-disable complexity */\n const cancelablePromise = new PCancelable((resolve, _, onCancel) => {\n onCancel.shouldReject = false;\n onCancel(() => {\n this._pending.updateAuthStatePromise = null;\n this._pending.canceledTimes = this._pending.canceledTimes + 1;\n devMode && log('canceled');\n });\n\n const emitAndResolve = (authState) => {\n if (cancelablePromise.isCanceled) {\n resolve();\n return;\n }\n // emit event and resolve promise \n emitAuthStateChange(authState);\n resolve();\n\n // clear pending states after resolve\n this._pending = { ...DEFAULT_PENDING };\n };\n\n this._sdk.isAuthenticated()\n .then(() => {\n if (cancelablePromise.isCanceled) {\n resolve();\n return;\n }\n\n const { accessToken, idToken, refreshToken } = this._sdk.tokenManager.getTokensSync();\n const authState = {\n accessToken,\n idToken,\n refreshToken,\n isAuthenticated: !!(accessToken && idToken)\n };\n const promise: Promise<AuthState> = transformAuthState\n ? transformAuthState(this._sdk, authState)\n : Promise.resolve(authState);\n\n promise\n .then(authState => emitAndResolve(authState))\n .catch(error => emitAndResolve({\n accessToken, \n idToken, \n refreshToken,\n isAuthenticated: false, \n error\n }));\n });\n });\n /* eslint-enable complexity */\n this._pending.updateAuthStatePromise = cancelablePromise;\n\n return finalPromise(cancelablePromise);\n }\n\n subscribe(handler): void {\n this._sdk.emitter.on(EVENT_AUTH_STATE_CHANGE, handler);\n }\n\n unsubscribe(handler?): void {\n this._sdk.emitter.off(EVENT_AUTH_STATE_CHANGE, handler);\n }\n}\n"],"file":"AuthStateManager.js"}
package/esm/OktaAuth.js CHANGED
@@ -48,6 +48,7 @@ import { buildOptions } from './options';
48
48
  import { interact, introspect as introspectV2, authenticate, cancel, register, recoverPassword, startTransaction, handleInteractionCodeRedirect } from './idx';
49
49
  import { createGlobalRequestInterceptor, setGlobalRequestInterceptor } from './idx/headers';
50
50
  import { OktaUserAgent } from './OktaUserAgent';
51
+ import { parseOAuthResponseFromUrl } from './oidc/parseFromUrl';
51
52
 
52
53
  var Emitter = require('tiny-emitter');
53
54
 
@@ -97,9 +98,9 @@ class OktaAuth {
97
98
  redirectUri: toAbsoluteUrl(args.redirectUri, window.location.origin) // allow relative URIs
98
99
 
99
100
  });
100
- this.userAgent = getUserAgent(args, "okta-auth-js/".concat("5.4.2"));
101
+ this.userAgent = getUserAgent(args, "okta-auth-js/".concat("5.7.0"));
101
102
  } else {
102
- this.userAgent = getUserAgent(args, "okta-auth-js-server/".concat("5.4.2"));
103
+ this.userAgent = getUserAgent(args, "okta-auth-js-server/".concat("5.7.0"));
103
104
  } // Digital clocks will drift over time, so the server
104
105
  // can misalign with the time reported by the browser.
105
106
  // The maxClockSkew allows relaxing the time-based
@@ -113,8 +114,12 @@ class OktaAuth {
113
114
  this.options.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;
114
115
  } else {
115
116
  this.options.maxClockSkew = args.maxClockSkew;
116
- }
117
+ } // As some end user's devices can have their date
118
+ // and time incorrectly set, allow for the disabling
119
+ // of the jwt liftetime validation
120
+
117
121
 
122
+ this.options.ignoreLifetime = !!args.ignoreLifetime;
118
123
  this.session = {
119
124
  close: closeSession.bind(null, this),
120
125
  exists: sessionExists.bind(null, this),
@@ -206,6 +211,10 @@ class OktaAuth {
206
211
 
207
212
  stop() {
208
213
  this.tokenManager.stop();
214
+ }
215
+
216
+ setHeaders(headers) {
217
+ this.options.headers = Object.assign({}, this.options.headers, headers);
209
218
  } // ES6 module users can use named exports to access all symbols
210
219
  // CommonJS module users (CDN) need all exports on this object
211
220
  // Utility methods for interaction code flow
@@ -236,8 +245,6 @@ class OktaAuth {
236
245
  opts = clone(opts || {});
237
246
 
238
247
  var _postToTransaction = options => {
239
- options = options || {};
240
- options.withCredentials = true;
241
248
  delete opts.sendFingerprint;
242
249
  return postToTransaction(_this2, '/api/v1/authn', opts, options);
243
250
  };
@@ -475,7 +482,7 @@ class OktaAuth {
475
482
  var {
476
483
  autoRenew,
477
484
  autoRemove
478
- } = _this7.options.tokenManager || {};
485
+ } = _this7.tokenManager.getOptions();
479
486
 
480
487
  if (accessToken && _this7.tokenManager.hasExpired(accessToken)) {
481
488
  accessToken = null;
@@ -556,9 +563,17 @@ class OktaAuth {
556
563
  storage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);
557
564
  }
558
565
 
559
- getOriginalUri() {
566
+ getOriginalUri(state) {
567
+ if (state) {
568
+ var meta = this.transactionManager.load({
569
+ oauth: true,
570
+ state
571
+ });
572
+ return meta.originalUri;
573
+ }
574
+
560
575
  var storage = browserStorage.getSessionStorage();
561
- var originalUri = storage.getItem(REFERRER_PATH_STORAGE_KEY);
576
+ var originalUri = storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) : undefined;
562
577
  return originalUri;
563
578
  }
564
579
 
@@ -571,23 +586,28 @@ class OktaAuth {
571
586
  return isLoginRedirect(this);
572
587
  }
573
588
 
574
- handleLoginRedirect(tokens) {
589
+ handleLoginRedirect(tokens, originalUri) {
575
590
  var _this10 = this;
576
591
 
577
592
  return _asyncToGenerator(function* () {
578
593
  // Store tokens and update AuthState by the emitted events
579
594
  if (tokens) {
580
595
  _this10.tokenManager.setTokens(tokens);
596
+
597
+ originalUri = originalUri || _this10.getOriginalUri();
581
598
  } else if (_this10.isLoginRedirect()) {
599
+ // For redirect flow, get state from the URL and use it to retrieve the originalUri
600
+ var {
601
+ state
602
+ } = yield parseOAuthResponseFromUrl(_this10, {});
603
+ originalUri = originalUri || _this10.getOriginalUri(state);
582
604
  yield _this10.storeTokensFromRedirect();
583
605
  } else {
584
606
  return; // nothing to do
585
607
  } // ensure auth state has been updated
586
608
 
587
609
 
588
- yield _this10.authStateManager.updateAuthState(); // Get and clear originalUri from storage
589
-
590
- var originalUri = _this10.getOriginalUri();
610
+ yield _this10.authStateManager.updateAuthState(); // clear originalUri from storage
591
611
 
592
612
  _this10.removeOriginalUri(); // Redirect to originalUri
593
613
 
package/esm/OktaAuth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/OktaAuth.ts"],"names":["DEFAULT_MAX_CLOCK_SKEW","REFERRER_PATH_STORAGE_KEY","constants","transactionStatus","resumeTransaction","transactionExists","introspect","postToTransaction","PKCE","closeSession","sessionExists","getSession","refreshSession","setCookieAndRedirect","getOAuthUrls","getWithoutPrompt","getWithPopup","getWithRedirect","isLoginRedirect","parseFromUrl","decodeToken","revokeToken","renewToken","renewTokens","renewTokensWithRefresh","getUserInfo","verifyToken","prepareTokenParams","exchangeCodeForTokens","isInteractionRequiredError","isInteractionRequired","isBrowser","features","browserStorage","toQueryString","toAbsoluteUrl","clone","getUserAgent","TokenManager","get","setRequestHeader","PromiseQueue","fingerprint","AuthStateManager","StorageManager","TransactionManager","buildOptions","interact","introspectV2","authenticate","cancel","register","recoverPassword","startTransaction","handleInteractionCodeRedirect","createGlobalRequestInterceptor","setGlobalRequestInterceptor","OktaUserAgent","Emitter","require","OktaAuth","constructor","args","options","storageManager","cookies","storageUtil","transactionManager","Object","assign","_oktaUserAgent","tx","status","bind","resume","exists","_get","name","storage","pkce","DEFAULT_CODE_CHALLENGE_METHOD","generateVerifier","computeChallenge","getPKCEStorage","getLegacyPKCEStorage","getHttpCache","_pending","handleLogin","redirectUri","window","location","origin","userAgent","maxClockSkew","session","close","refresh","_tokenQueue","token","decode","revoke","renew","verify","syncMethods","keys","forEach","key","indexOf","method","prototype","push","_setLocation","url","_getHistory","history","_getLocation","_getDocument","document","idx","http","emitter","tokenManager","authStateManager","start","updateAuthState","stop","error","signIn","opts","signInWithCredentials","_postToTransaction","withCredentials","sendFingerprint","then","headers","signInWithRedirect","originalUri","additionalParams","setOriginalUri","params","scopes","clear","catch","e","errorCode","revokeAccessToken","accessToken","getTokens","accessTokenKey","getStorageKeyByType","remove","Promise","resolve","revokeRefreshToken","refreshToken","refreshTokenKey","getSignOutRedirectUrl","idToken","postLogoutRedirectUri","state","getTokensSync","logoutUrl","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","currentUri","href","reload","webfinger","isAuthenticated","autoRenew","autoRemove","hasExpired","getUser","getIdToken","undefined","getAccessToken","getRefreshToken","storeTokensFromRedirect","tokens","setTokens","getSessionStorage","setItem","getOriginalUri","getItem","removeOriginalUri","removeItem","handleLoginRedirect","restoreOriginalUri","replace","isPKCE","hasResponseType","responseType","Array","isArray","length","isAuthorizationCodeFlow","getIssuerOrigin","issuer","split","forgotPassword","unlockAccount","verifyRecoveryToken"],"mappings":";;;;;;;;;AAAA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AACA;AAEA,SACEA,sBADF,EAEEC,yBAFF,QAGO,aAHP;AAIA,OAAO,KAAKC,SAAZ,MAA2B,aAA3B;AA2BA,SACEC,iBADF,EAEEC,iBAFF,EAGEC,iBAHF,EAIEC,UAJF,EAKEC,iBALF,QAOO,MAPP;AAQA,OAAOC,IAAP,MAAiB,kBAAjB;AACA,SACEC,YADF,EAEEC,aAFF,EAGEC,UAHF,EAIEC,cAJF,EAKEC,oBALF,QAMO,WANP;AAOA,SACEC,YADF,EAEEC,gBAFF,EAGEC,YAHF,EAIEC,eAJF,EAKEC,eALF,EAMEC,YANF,EAOEC,WAPF,EAQEC,WARF,EASEC,UATF,EAUEC,WAVF,EAWEC,sBAXF,EAYEC,WAZF,EAaEC,WAbF,EAcEC,kBAdF,EAeEC,qBAfF,EAgBEC,0BAhBF,EAiBEC,qBAjBF,QAkBO,QAlBP;AAmBA,SAASC,SAAT,QAA0B,YAA1B;AACA,OAAO,KAAKC,QAAZ,MAA0B,YAA1B;AACA,OAAOC,cAAP,MAA2B,0BAA3B;AACA,SACEC,aADF,EAEEC,aAFF,EAGEC,KAHF,QAIO,QAJP;AAKA,SAASC,YAAT,QAA6B,eAA7B;AACA,SAASC,YAAT,QAA6B,gBAA7B;AACA,SAASC,GAAT,EAAcC,gBAAd,QAAsC,QAAtC;AACA,OAAOC,YAAP,MAAyB,gBAAzB;AACA,OAAOC,WAAP,MAAwB,uBAAxB;AACA,SAASC,gBAAT,QAAiC,oBAAjC;AACA,OAAOC,cAAP,MAA2B,kBAA3B;AACA,OAAOC,kBAAP,MAA+B,sBAA/B;AACA,SAASC,YAAT,QAA6B,WAA7B;AACA,SACEC,QADF,EAEEzC,UAAU,IAAI0C,YAFhB,EAGEC,YAHF,EAIEC,MAJF,EAKEC,QALF,EAMEC,eANF,EAOEC,gBAPF,EAQEC,6BARF,QASO,OATP;AAUA,SAASC,8BAAT,EAAyCC,2BAAzC,QAA4E,eAA5E;AACA,SAASC,aAAT,QAA8B,iBAA9B;;AAEA,IAAMC,OAAO,GAAGC,OAAO,CAAC,cAAD,CAAvB;;AAEA,MAAMC,QAAN,CAA8D;AAM5D;AACA;AACA;AAeAC,EAAAA,WAAW,CAACC,IAAD,EAAwB;AACjC,SAAKC,OAAL,GAAejB,YAAY,CAACgB,IAAD,CAA3B;AACA,QAAM;AAAEE,MAAAA,cAAF;AAAkBC,MAAAA,OAAlB;AAA2BC,MAAAA;AAA3B,QAA2C,KAAKH,OAAtD;AACA,SAAKC,cAAL,GAAsB,IAAIpB,cAAJ,CAAmBoB,cAAnB,EAAmCC,OAAnC,EAA4CC,WAA5C,CAAtB;AACA,SAAKC,kBAAL,GAA0B,IAAItB,kBAAJ,CAAuBuB,MAAM,CAACC,MAAP,CAAc;AAC7DL,MAAAA,cAAc,EAAE,KAAKA;AADwC,KAAd,EAE9CF,IAAI,CAACK,kBAFyC,CAAvB,CAA1B;AAGA,SAAKG,cAAL,GAAsB,IAAIb,aAAJ,EAAtB;AAEA,SAAKc,EAAL,GAAU;AACRC,MAAAA,MAAM,EAAErE,iBAAiB,CAACsE,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CADA;AAERC,MAAAA,MAAM,EAAEtE,iBAAiB,CAACqE,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAFA;AAGRE,MAAAA,MAAM,EAAEP,MAAM,CAACC,MAAP,CAAchE,iBAAiB,CAACoE,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAAd,EAAkD;AACxDG,QAAAA,IAAI,EAAGC,IAAD,IAAU;AACd,cAAMC,OAAO,GAAGZ,WAAW,CAACY,OAA5B;AACA,iBAAOA,OAAO,CAACvC,GAAR,CAAYsC,IAAZ,CAAP;AACD;AAJuD,OAAlD,CAHA;AASRvE,MAAAA,UAAU,EAAEA,UAAU,CAACmE,IAAX,CAAgB,IAAhB,EAAsB,IAAtB;AATJ,KAAV;AAYA,SAAKM,IAAL,GAAY;AACVC,MAAAA,6BAA6B,EAAExE,IAAI,CAACwE,6BAD1B;AAEVC,MAAAA,gBAAgB,EAAEzE,IAAI,CAACyE,gBAFb;AAGVC,MAAAA,gBAAgB,EAAE1E,IAAI,CAAC0E;AAHb,KAAZ,CArBiC,CA2BjC;;AACAd,IAAAA,MAAM,CAACC,MAAP,CAAc,KAAKN,OAAL,CAAaG,WAA3B,EAAwC;AACtCiB,MAAAA,cAAc,EAAE,KAAKnB,cAAL,CAAoBoB,oBAApB,CAAyCX,IAAzC,CAA8C,KAAKT,cAAnD,CADsB;AAEtCqB,MAAAA,YAAY,EAAE,KAAKrB,cAAL,CAAoBqB,YAApB,CAAiCZ,IAAjC,CAAsC,KAAKT,cAA3C;AAFwB,KAAxC;AAKA,SAAKsB,QAAL,GAAgB;AAAEC,MAAAA,WAAW,EAAE;AAAf,KAAhB;;AAEA,QAAIxD,SAAS,EAAb,EAAiB;AACf,WAAKgC,OAAL,GAAeK,MAAM,CAACC,MAAP,CAAc,KAAKN,OAAnB,EAA4B;AACzCyB,QAAAA,WAAW,EAAErD,aAAa,CAAC2B,IAAI,CAAC0B,WAAN,EAAmBC,MAAM,CAACC,QAAP,CAAgBC,MAAnC,CADe,CAC6B;;AAD7B,OAA5B,CAAf;AAGA,WAAKC,SAAL,GAAiBvD,YAAY,CAACyB,IAAD,kCAA7B;AACD,KALD,MAKO;AACL,WAAK8B,SAAL,GAAiBvD,YAAY,CAACyB,IAAD,yCAA7B;AACD,KA1CgC,CA4CjC;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,QAAI,CAACA,IAAI,CAAC+B,YAAN,IAAsB/B,IAAI,CAAC+B,YAAL,KAAsB,CAAhD,EAAmD;AACjD,WAAK9B,OAAL,CAAa8B,YAAb,GAA4B7F,sBAA5B;AACD,KAFD,MAEO;AACL,WAAK+D,OAAL,CAAa8B,YAAb,GAA4B/B,IAAI,CAAC+B,YAAjC;AACD;;AAED,SAAKC,OAAL,GAAe;AACbC,MAAAA,KAAK,EAAEtF,YAAY,CAACgE,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CADM;AAEbE,MAAAA,MAAM,EAAEjE,aAAa,CAAC+D,IAAd,CAAmB,IAAnB,EAAyB,IAAzB,CAFK;AAGblC,MAAAA,GAAG,EAAE5B,UAAU,CAAC8D,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAHQ;AAIbuB,MAAAA,OAAO,EAAEpF,cAAc,CAAC6D,IAAf,CAAoB,IAApB,EAA0B,IAA1B,CAJI;AAKb5D,MAAAA,oBAAoB,EAAEA,oBAAoB,CAAC4D,IAArB,CAA0B,IAA1B,EAAgC,IAAhC;AALT,KAAf;AAQA,SAAKwB,WAAL,GAAmB,IAAIxD,YAAJ,EAAnB;AACA,SAAKyD,KAAL,GAAa;AACXvE,MAAAA,kBAAkB,EAAEA,kBAAkB,CAAC8C,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CADT;AAEX7C,MAAAA,qBAAqB,EAAEA,qBAAqB,CAAC6C,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAFZ;AAGX1D,MAAAA,gBAAgB,EAAEA,gBAAgB,CAAC0D,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAHP;AAIXzD,MAAAA,YAAY,EAAEA,YAAY,CAACyD,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAJH;AAKXxD,MAAAA,eAAe,EAAEA,eAAe,CAACwD,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CALN;AAMXtD,MAAAA,YAAY,EAAEA,YAAY,CAACsD,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CANH;AAOX0B,MAAAA,MAAM,EAAE/E,WAPG;AAQXgF,MAAAA,MAAM,EAAE/E,WAAW,CAACoD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CARG;AASX4B,MAAAA,KAAK,EAAE/E,UAAU,CAACmD,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CATI;AAUXjD,MAAAA,sBAAsB,EAAEA,sBAAsB,CAACiD,IAAvB,CAA4B,IAA5B,EAAkC,IAAlC,CAVb;AAWXlD,MAAAA,WAAW,EAAEA,WAAW,CAACkD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAXF;AAYXhD,MAAAA,WAAW,EAAEA,WAAW,CAACgD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAZF;AAaX6B,MAAAA,MAAM,EAAE5E,WAAW,CAAC+C,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAbG;AAcXvD,MAAAA,eAAe,EAAEA,eAAe,CAACuD,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAdN,KAAb,CAlEiC,CAkFjC;;AACA,QAAM8B,WAAW,GAAG,CAAC,QAAD,EAAW,iBAAX,CAApB;AACAnC,IAAAA,MAAM,CAACoC,IAAP,CAAY,KAAKN,KAAjB,EAAwBO,OAAxB,CAAgCC,GAAG,IAAI;AACrC,UAAIH,WAAW,CAACI,OAAZ,CAAoBD,GAApB,KAA4B,CAAhC,EAAmC;AAAE;AACnC;AACD;;AACD,UAAIE,MAAM,GAAG,KAAKV,KAAL,CAAWQ,GAAX,CAAb;AACA,WAAKR,KAAL,CAAWQ,GAAX,IAAkBjE,YAAY,CAACoE,SAAb,CAAuBC,IAAvB,CAA4BrC,IAA5B,CAAiC,KAAKwB,WAAtC,EAAmDW,MAAnD,EAA2D,IAA3D,CAAlB;AACD,KAND;AAQAxC,IAAAA,MAAM,CAACC,MAAP,CAAc,KAAK6B,KAAL,CAAWjF,eAAzB,EAA0C;AACxC;AACA8F,MAAAA,YAAY,EAAE,sBAASC,GAAT,EAAc;AAC1BvB,QAAAA,MAAM,CAACC,QAAP,GAAkBsB,GAAlB;AACD;AAJuC,KAA1C;AAMA5C,IAAAA,MAAM,CAACC,MAAP,CAAc,KAAK6B,KAAL,CAAW/E,YAAzB,EAAuC;AACrC;AACA8F,MAAAA,WAAW,EAAE,uBAAW;AACtB,eAAOxB,MAAM,CAACyB,OAAd;AACD,OAJoC;AAMrC;AACAC,MAAAA,YAAY,EAAE,wBAAW;AACvB,eAAO1B,MAAM,CAACC,QAAd;AACD,OAToC;AAWrC;AACA0B,MAAAA,YAAY,EAAE,wBAAW;AACvB,eAAO3B,MAAM,CAAC4B,QAAd;AACD;AAdoC,KAAvC,EAlGiC,CAmHjC;;AACA,SAAKC,GAAL,GAAW;AACTvE,MAAAA,QAAQ,EAAEA,QAAQ,CAAC0B,IAAT,CAAc,IAAd,EAAoB,IAApB,CADD;AAETnE,MAAAA,UAAU,EAAE0C,YAAY,CAACyB,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAFH;AAGTxB,MAAAA,YAAY,EAAEA,YAAY,CAACwB,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAHL;AAITtB,MAAAA,QAAQ,EAAEA,QAAQ,CAACsB,IAAT,CAAc,IAAd,EAAoB,IAApB,CAJD;AAKTvB,MAAAA,MAAM,EAAEA,MAAM,CAACuB,IAAP,CAAY,IAAZ,EAAkB,IAAlB,CALC;AAMTrB,MAAAA,eAAe,EAAEA,eAAe,CAACqB,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CANR;AAOTnB,MAAAA,6BAA6B,EAAEA,6BAA6B,CAACmB,IAA9B,CAAmC,IAAnC,EAAyC,IAAzC,CAPtB;AAQTpB,MAAAA,gBAAgB,EAAEA,gBAAgB,CAACoB,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AART,KAAX;AAUAjB,IAAAA,2BAA2B,CAACD,8BAA8B,CAAC,IAAD,CAA/B,CAA3B,CA9HiC,CA8HkC;AAEnE;;AACA,SAAKgE,IAAL,GAAY;AACV/E,MAAAA,gBAAgB,EAAEA,gBAAgB,CAACiC,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AADR,KAAZ,CAjIiC,CAqIjC;;AACA,SAAK/B,WAAL,GAAmBA,WAAW,CAAC+B,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAAnB;AAEA,SAAK+C,OAAL,GAAe,IAAI9D,OAAJ,EAAf,CAxIiC,CA0IjC;;AACA,SAAK+D,YAAL,GAAoB,IAAInF,YAAJ,CAAiB,IAAjB,EAAuBwB,IAAI,CAAC2D,YAA5B,CAApB,CA3IiC,CA6IjC;;AACA,SAAKC,gBAAL,GAAwB,IAAI/E,gBAAJ,CAAqB,IAArB,CAAxB;AACD;;AAEDgF,EAAAA,KAAK,GAAG;AACN,SAAKF,YAAL,CAAkBE,KAAlB;;AACA,QAAI,CAAC,KAAKzB,KAAL,CAAWhF,eAAX,EAAL,EAAmC;AACjC,WAAKwG,gBAAL,CAAsBE,eAAtB;AACD;AACF;;AAEDC,EAAAA,IAAI,GAAG;AACL,SAAKJ,YAAL,CAAkBI,IAAlB;AACD,GAjL2D,CAmL5D;AACA;AAEA;;;AACA/F,EAAAA,qBAAqB,GAAY;AAC/B,WAAOA,qBAAqB,CAAC,IAAD,CAA5B;AACD;;AAEDD,EAAAA,0BAA0B,CAACiG,KAAD,EAAwB;AAChD,WAAOjG,0BAA0B,CAACiG,KAAD,CAAjC;AACD;;AAEKC,EAAAA,MAAM,CAACC,IAAD,EAAgD;AAAA;;AAAA;AAC1D;AACA;AACA,aAAO,KAAI,CAACC,qBAAL,CAA2BD,IAA3B,CAAP;AAH0D;AAI3D;;AAEKC,EAAAA,qBAAqB,CAACD,IAAD,EAA+D;AAAA;;AAAA;AACxFA,MAAAA,IAAI,GAAG5F,KAAK,CAAC4F,IAAI,IAAI,EAAT,CAAZ;;AACA,UAAME,kBAAkB,GAAInE,OAAD,IAAc;AACvCA,QAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;AACAA,QAAAA,OAAO,CAACoE,eAAR,GAA0B,IAA1B;AACA,eAAOH,IAAI,CAACI,eAAZ;AACA,eAAO7H,iBAAiB,CAAC,MAAD,EAAO,eAAP,EAAwByH,IAAxB,EAA8BjE,OAA9B,CAAxB;AACD,OALD;;AAMA,UAAI,CAACiE,IAAI,CAACI,eAAV,EAA2B;AACzB,eAAOF,kBAAkB,EAAzB;AACD;;AACD,aAAO,MAAI,CAACxF,WAAL,GACN2F,IADM,CACD,UAAS3F,WAAT,EAAsB;AAC1B,eAAOwF,kBAAkB,CAAC;AACxBI,UAAAA,OAAO,EAAE;AACP,oCAAwB5F;AADjB;AADe,SAAD,CAAzB;AAKD,OAPM,CAAP;AAXwF;AAmBzF;;AAEK6F,EAAAA,kBAAkB,GAAuC;AAAA;AAAA;;AAAA;AAAA,UAAtCP,IAAsC,0EAAJ,EAAI;;AAC7D,UAAM;AAAEQ,QAAAA;AAAF,UAAuCR,IAA7C;AAAA,UAAwBS,gBAAxB,4BAA6CT,IAA7C;;AACA,UAAG,MAAI,CAAC1C,QAAL,CAAcC,WAAjB,EAA8B;AAC5B;AACA;AACD;;AAED,MAAA,MAAI,CAACD,QAAL,CAAcC,WAAd,GAA4B,IAA5B;;AACA,UAAI;AACF;AACA,YAAIiD,WAAJ,EAAiB;AACf,UAAA,MAAI,CAACE,cAAL,CAAoBF,WAApB;AACD;;AACD,YAAMG,MAAM,GAAGvE,MAAM,CAACC,MAAP,CAAc;AAC3B;AACAuE,UAAAA,MAAM,EAAE,MAAI,CAAC7E,OAAL,CAAa6E,MAAb,IAAuB,CAAC,QAAD,EAAW,OAAX,EAAoB,SAApB;AAFJ,SAAd,EAGZH,gBAHY,CAAf;AAIA,cAAM,MAAI,CAACvC,KAAL,CAAWjF,eAAX,CAA2B0H,MAA3B,CAAN;AACD,OAVD,SAUU;AACR,QAAA,MAAI,CAACrD,QAAL,CAAcC,WAAd,GAA4B,KAA5B;AACD;AApB4D;AAqB9D,GA/O2D,CAiP5D;;;AACA9E,EAAAA,YAAY,GAAoB;AAC9B;AACA,SAAKgH,YAAL,CAAkBoB,KAAlB;AAEA,WAAO,KAAK/C,OAAL,CAAaC,KAAb,GAAqB;AAArB,KACN+C,KADM,CACA,UAASC,CAAT,EAAY;AACjB,UAAIA,CAAC,CAAClE,IAAF,KAAW,cAAX,IAA6BkE,CAAC,CAACC,SAAF,KAAgB,UAAjD,EAA6D;AAC3D;AACA,eAAO,IAAP;AACD;;AACD,YAAMD,CAAN;AACD,KAPM,CAAP;AAQD,GA9P2D,CAgQ5D;;;AACME,EAAAA,iBAAiB,CAACC,WAAD,EAA6C;AAAA;;AAAA;AAClE,UAAI,CAACA,WAAL,EAAkB;AAChBA,QAAAA,WAAW,GAAG,OAAO,MAAI,CAACzB,YAAL,CAAkB0B,SAAlB,EAAP,EAAsCD,WAApD;;AACA,YAAME,cAAc,GAAG,MAAI,CAAC3B,YAAL,CAAkB4B,mBAAlB,CAAsC,aAAtC,CAAvB;;AACA,QAAA,MAAI,CAAC5B,YAAL,CAAkB6B,MAAlB,CAAyBF,cAAzB;AACD,OALiE,CAMlE;;;AACA,UAAI,CAACF,WAAL,EAAkB;AAChB,eAAOK,OAAO,CAACC,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,aAAO,MAAI,CAACtD,KAAL,CAAWE,MAAX,CAAkB8C,WAAlB,CAAP;AAVkE;AAWnE,GA5Q2D,CA8Q5D;;;AACMO,EAAAA,kBAAkB,CAACC,YAAD,EAA+C;AAAA;;AAAA;AACrE,UAAI,CAACA,YAAL,EAAmB;AACjBA,QAAAA,YAAY,GAAG,OAAO,MAAI,CAACjC,YAAL,CAAkB0B,SAAlB,EAAP,EAAsCO,YAArD;;AACA,YAAMC,eAAe,GAAG,MAAI,CAAClC,YAAL,CAAkB4B,mBAAlB,CAAsC,cAAtC,CAAxB;;AACA,QAAA,MAAI,CAAC5B,YAAL,CAAkB6B,MAAlB,CAAyBK,eAAzB;AACD,OALoE,CAMrE;;;AACA,UAAI,CAACD,YAAL,EAAmB;AACjB,eAAOH,OAAO,CAACC,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,aAAO,MAAI,CAACtD,KAAL,CAAWE,MAAX,CAAkBsD,YAAlB,CAAP;AAVqE;AAWtE;;AAEDE,EAAAA,qBAAqB,GAA0C;AAAA,QAAzC7F,OAAyC,uEAAJ,EAAI;AAC7D,QAAI;AACF8F,MAAAA,OADE;AAEFC,MAAAA,qBAFE;AAGFC,MAAAA;AAHE,QAIAhG,OAJJ;;AAKA,QAAI,CAAC8F,OAAL,EAAc;AACZA,MAAAA,OAAO,GAAG,KAAKpC,YAAL,CAAkBuC,aAAlB,GAAkCH,OAA5C;AACD;;AACD,QAAI,CAACA,OAAL,EAAc;AACZ,aAAO,EAAP;AACD;;AACD,QAAI,CAACC,qBAAL,EAA4B;AAC1BA,MAAAA,qBAAqB,GAAG,KAAK/F,OAAL,CAAa+F,qBAArC;AACD;;AAED,QAAMG,SAAS,GAAGnJ,YAAY,CAAC,IAAD,CAAZ,CAAmBmJ,SAArC;AACA,QAAMC,WAAW,GAAGL,OAAO,CAACA,OAA5B,CAjB6D,CAiBxB;;AACrC,QAAIM,SAAS,GAAGF,SAAS,GAAG,iBAAZ,GAAgCG,kBAAkB,CAACF,WAAD,CAAlE;;AACA,QAAIJ,qBAAJ,EAA2B;AACzBK,MAAAA,SAAS,IAAI,+BAA+BC,kBAAkB,CAACN,qBAAD,CAA9D;AACD,KArB4D,CAsB7D;;;AACA,QAAIC,KAAJ,EAAW;AACTI,MAAAA,SAAS,IAAI,YAAYC,kBAAkB,CAACL,KAAD,CAA3C;AACD;;AAED,WAAOI,SAAP;AACD,GAxT2D,CA0T5D;;;AACME,EAAAA,OAAO,CAACtG,OAAD,EAA2B;AAAA;;AAAA;AACtCA,MAAAA,OAAO,GAAGK,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBN,OAAlB,CAAV,CADsC,CAGtC;;AACA,UAAIuG,UAAU,GAAG7E,MAAM,CAACC,QAAP,CAAgBC,MAAjC;AACA,UAAI4E,UAAU,GAAG9E,MAAM,CAACC,QAAP,CAAgB8E,IAAjC;AACA,UAAIV,qBAAqB,GAAG/F,OAAO,CAAC+F,qBAAR,IACvB,MAAI,CAAC/F,OAAL,CAAa+F,qBADU,IAEvBQ,UAFL;AAIA,UAAIpB,WAAW,GAAGnF,OAAO,CAACmF,WAA1B;AACA,UAAIQ,YAAY,GAAG3F,OAAO,CAAC2F,YAA3B;AACA,UAAIT,iBAAiB,GAAGlF,OAAO,CAACkF,iBAAR,KAA8B,KAAtD;AACA,UAAIQ,kBAAkB,GAAG1F,OAAO,CAAC0F,kBAAR,KAA+B,KAAxD;;AAEA,UAAIA,kBAAkB,IAAI,OAAOC,YAAP,KAAwB,WAAlD,EAA+D;AAC7DA,QAAAA,YAAY,GAAG,MAAI,CAACjC,YAAL,CAAkBuC,aAAlB,GAAkCN,YAAjD;AACD;;AAED,UAAIT,iBAAiB,IAAI,OAAOC,WAAP,KAAuB,WAAhD,EAA6D;AAC3DA,QAAAA,WAAW,GAAG,MAAI,CAACzB,YAAL,CAAkBuC,aAAlB,GAAkCd,WAAhD;AACD;;AAED,UAAI,CAACnF,OAAO,CAAC8F,OAAb,EAAsB;AACpB9F,QAAAA,OAAO,CAAC8F,OAAR,GAAkB,MAAI,CAACpC,YAAL,CAAkBuC,aAAlB,GAAkCH,OAApD;AACD,OAzBqC,CA2BtC;;;AACA,MAAA,MAAI,CAACpC,YAAL,CAAkBoB,KAAlB;;AAEA,UAAIY,kBAAkB,IAAIC,YAA1B,EAAwC;AACtC,cAAM,MAAI,CAACD,kBAAL,CAAwBC,YAAxB,CAAN;AACD;;AAED,UAAIT,iBAAiB,IAAIC,WAAzB,EAAsC;AACpC,cAAM,MAAI,CAACD,iBAAL,CAAuBC,WAAvB,CAAN;AACD;;AAED,UAAMiB,SAAS,GAAG,MAAI,CAACP,qBAAL,iCAAgC7F,OAAhC;AAAyC+F,QAAAA;AAAzC,SAAlB,CAtCsC,CAuCtC;AACA;;;AACA,UAAI,CAACK,SAAL,EAAgB;AACd,eAAO,MAAI,CAAC1J,YAAL,GAAoB;AAApB,SACN4H,IADM,CACD,YAAW;AACf,cAAIyB,qBAAqB,KAAKS,UAA9B,EAA0C;AACxC9E,YAAAA,MAAM,CAACC,QAAP,CAAgB+E,MAAhB,GADwC,CACd;AAC3B,WAFD,MAEO;AACLhF,YAAAA,MAAM,CAACC,QAAP,CAAgBrB,MAAhB,CAAuByF,qBAAvB;AACD;AACF,SAPM,CAAP;AAQD,OATD,MASO;AACL;AACArE,QAAAA,MAAM,CAACC,QAAP,CAAgBrB,MAAhB,CAAuB8F,SAAvB;AACD;AArDqC;AAsDvC;;AAEDO,EAAAA,SAAS,CAAC1C,IAAD,EAAwB;AAC/B,QAAIhB,GAAG,GAAG,2BAA2B9E,aAAa,CAAC8F,IAAD,CAAlD;AACA,QAAIjE,OAAO,GAAG;AACZuE,MAAAA,OAAO,EAAE;AACP,kBAAU;AADH;AADG,KAAd;AAKA,WAAO/F,GAAG,CAAC,IAAD,EAAOyE,GAAP,EAAYjD,OAAZ,CAAV;AACD,GA3X2D,CA6X5D;AACA;AACA;AAEA;AACA;;;AACM4G,EAAAA,eAAe,GAAqB;AAAA;;AAAA;AAExC,UAAI;AAAEzB,QAAAA,WAAF;AAAeW,QAAAA;AAAf,UAA2B,MAAI,CAACpC,YAAL,CAAkBuC,aAAlB,EAA/B;;AACA,UAAM;AAAEY,QAAAA,SAAF;AAAaC,QAAAA;AAAb,UAA4B,MAAI,CAAC9G,OAAL,CAAa0D,YAAb,IAA6B,EAA/D;;AAEA,UAAIyB,WAAW,IAAI,MAAI,CAACzB,YAAL,CAAkBqD,UAAlB,CAA6B5B,WAA7B,CAAnB,EAA8D;AAC5DA,QAAAA,WAAW,GAAG,IAAd;;AACA,YAAI0B,SAAJ,EAAe;AACb1B,UAAAA,WAAW,SAAS,MAAI,CAACzB,YAAL,CAAkBpB,KAAlB,CAAwB,aAAxB,CAApB;AACD,SAFD,MAEO,IAAIwE,UAAJ,EAAgB;AACrB,UAAA,MAAI,CAACpD,YAAL,CAAkB6B,MAAlB,CAAyB,aAAzB;AACD;AACF;;AAED,UAAIO,OAAO,IAAI,MAAI,CAACpC,YAAL,CAAkBqD,UAAlB,CAA6BjB,OAA7B,CAAf,EAAsD;AACpDA,QAAAA,OAAO,GAAG,IAAV;;AACA,YAAIe,SAAJ,EAAe;AACbf,UAAAA,OAAO,SAAS,MAAI,CAACpC,YAAL,CAAkBpB,KAAlB,CAAwB,SAAxB,CAAhB;AACD,SAFD,MAEO,IAAIwE,UAAJ,EAAgB;AACrB,UAAA,MAAI,CAACpD,YAAL,CAAkB6B,MAAlB,CAAyB,SAAzB;AACD;AACF;;AAED,aAAO,CAAC,EAAEJ,WAAW,IAAIW,OAAjB,CAAR;AAvBwC;AAwBzC;;AAEKkB,EAAAA,OAAO,GAAwB;AAAA;;AAAA;AACnC,UAAM;AAAElB,QAAAA,OAAF;AAAWX,QAAAA;AAAX,UAA2B,MAAI,CAACzB,YAAL,CAAkBuC,aAAlB,EAAjC;;AACA,aAAO,MAAI,CAAC9D,KAAL,CAAWzE,WAAX,CAAuByH,WAAvB,EAAoCW,OAApC,CAAP;AAFmC;AAGpC;;AAEDmB,EAAAA,UAAU,GAAuB;AAC/B,QAAM;AAAEnB,MAAAA;AAAF,QAAc,KAAKpC,YAAL,CAAkBuC,aAAlB,EAApB;AACA,WAAOH,OAAO,GAAGA,OAAO,CAACA,OAAX,GAAqBoB,SAAnC;AACD;;AAEDC,EAAAA,cAAc,GAAuB;AACnC,QAAM;AAAEhC,MAAAA;AAAF,QAAkB,KAAKzB,YAAL,CAAkBuC,aAAlB,EAAxB;AACA,WAAOd,WAAW,GAAGA,WAAW,CAACA,WAAf,GAA6B+B,SAA/C;AACD;;AAEDE,EAAAA,eAAe,GAAuB;AACpC,QAAM;AAAEzB,MAAAA;AAAF,QAAmB,KAAKjC,YAAL,CAAkBuC,aAAlB,EAAzB;AACA,WAAON,YAAY,GAAGA,YAAY,CAACA,YAAhB,GAA+BuB,SAAlD;AACD;AAED;AACF;AACA;;;AACQG,EAAAA,uBAAuB,GAAkB;AAAA;;AAAA;AAC7C,UAAM;AAAEC,QAAAA;AAAF,gBAAmB,MAAI,CAACnF,KAAL,CAAW/E,YAAX,EAAzB;;AACA,MAAA,MAAI,CAACsG,YAAL,CAAkB6D,SAAlB,CAA4BD,MAA5B;AAF6C;AAG9C;;AAED3C,EAAAA,cAAc,CAACF,WAAD,EAA4B;AACxC,QAAM1D,OAAO,GAAG7C,cAAc,CAACsJ,iBAAf,EAAhB;AACAzG,IAAAA,OAAO,CAAC0G,OAAR,CAAgBvL,yBAAhB,EAA2CuI,WAA3C;AACD;;AAEDiD,EAAAA,cAAc,GAAW;AACvB,QAAM3G,OAAO,GAAG7C,cAAc,CAACsJ,iBAAf,EAAhB;AACA,QAAM/C,WAAW,GAAG1D,OAAO,CAAC4G,OAAR,CAAgBzL,yBAAhB,CAApB;AACA,WAAOuI,WAAP;AACD;;AAEDmD,EAAAA,iBAAiB,GAAS;AACxB,QAAM7G,OAAO,GAAG7C,cAAc,CAACsJ,iBAAf,EAAhB;AACAzG,IAAAA,OAAO,CAAC8G,UAAR,CAAmB3L,yBAAnB;AACD;;AAEDiB,EAAAA,eAAe,GAAY;AACzB,WAAOA,eAAe,CAAC,IAAD,CAAtB;AACD;;AAEK2K,EAAAA,mBAAmB,CAACR,MAAD,EAAiC;AAAA;;AAAA;AACxD;AACA,UAAIA,MAAJ,EAAY;AACV,QAAA,OAAI,CAAC5D,YAAL,CAAkB6D,SAAlB,CAA4BD,MAA5B;AACD,OAFD,MAEO,IAAI,OAAI,CAACnK,eAAL,EAAJ,EAA4B;AACjC,cAAM,OAAI,CAACkK,uBAAL,EAAN;AACD,OAFM,MAEA;AACL,eADK,CACG;AACT,OARuD,CAUxD;;;AACA,YAAM,OAAI,CAAC1D,gBAAL,CAAsBE,eAAtB,EAAN,CAXwD,CAaxD;;AACA,UAAMY,WAAW,GAAG,OAAI,CAACiD,cAAL,EAApB;;AACA,MAAA,OAAI,CAACE,iBAAL,GAfwD,CAiBxD;;;AACA,UAAM;AAAEG,QAAAA;AAAF,UAAyB,OAAI,CAAC/H,OAApC;;AACA,UAAI+H,kBAAJ,EAAwB;AACtB,cAAMA,kBAAkB,CAAC,OAAD,EAAOtD,WAAP,CAAxB;AACD,OAFD,MAEO;AACL/C,QAAAA,MAAM,CAACC,QAAP,CAAgBqG,OAAhB,CAAwBvD,WAAxB;AACD;AAvBuD;AAwBzD;;AAEDwD,EAAAA,MAAM,GAAY;AAChB,WAAO,CAAC,CAAC,KAAKjI,OAAL,CAAagB,IAAtB;AACD;;AAEDkH,EAAAA,eAAe,CAACC,YAAD,EAAgC;AAC7C,QAAID,eAAe,GAAG,KAAtB;;AACA,QAAIE,KAAK,CAACC,OAAN,CAAc,KAAKrI,OAAL,CAAamI,YAA3B,KAA4C,KAAKnI,OAAL,CAAamI,YAAb,CAA0BG,MAA1E,EAAkF;AAChFJ,MAAAA,eAAe,GAAG,KAAKlI,OAAL,CAAamI,YAAb,CAA0BvF,OAA1B,CAAkCuF,YAAlC,KAAmD,CAArE;AACD,KAFD,MAEO;AACLD,MAAAA,eAAe,GAAG,KAAKlI,OAAL,CAAamI,YAAb,KAA8BA,YAAhD;AACD;;AACD,WAAOD,eAAP;AACD;;AAEDK,EAAAA,uBAAuB,GAAY;AACjC,WAAO,KAAKL,eAAL,CAAqB,MAArB,CAAP;AACD,GAvf2D,CAyf5D;AACA;AACA;AACA;;;AAEAM,EAAAA,eAAe,GAAW;AACxB;AACA,WAAO,KAAKxI,OAAL,CAAayI,MAAb,CAAoBC,KAApB,CAA0B,UAA1B,EAAsC,CAAtC,CAAP;AACD,GAjgB2D,CAmgB5D;;;AACAC,EAAAA,cAAc,CAAC1E,IAAD,EAAiC;AAC7C,WAAOzH,iBAAiB,CAAC,IAAD,EAAO,iCAAP,EAA0CyH,IAA1C,CAAxB;AACD,GAtgB2D,CAwgB5D;;;AACA2E,EAAAA,aAAa,CAAC3E,IAAD,EAAwD;AACnE,WAAOzH,iBAAiB,CAAC,IAAD,EAAO,+BAAP,EAAwCyH,IAAxC,CAAxB;AACD,GA3gB2D,CA6gB5D;;;AACA4E,EAAAA,mBAAmB,CAAC5E,IAAD,EAA6D;AAC9E,WAAOzH,iBAAiB,CAAC,IAAD,EAAO,8BAAP,EAAuCyH,IAAvC,CAAxB;AACD;;AAhhB2D,C,CAmhB9D;;;AACApE,QAAQ,CAAC5B,QAAT,GAAoB4B,QAAQ,CAACiD,SAAT,CAAmB7E,QAAnB,GAA8BA,QAAlD,C,CAEA;;AACAoC,MAAM,CAACC,MAAP,CAAcT,QAAd,EAAwB;AACtB1D,EAAAA,SADsB;AAEtB2B,EAAAA;AAFsB,CAAxB;AAKA,eAAe+B,QAAf","sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* SDK_VERSION is defined in webpack config */ \n/* global window, SDK_VERSION */\n\nimport { \n DEFAULT_MAX_CLOCK_SKEW, \n REFERRER_PATH_STORAGE_KEY\n} from './constants';\nimport * as constants from './constants';\nimport {\n OktaAuth as SDKInterface,\n OktaAuthOptions, \n AccessToken, \n IDToken,\n RefreshToken,\n TokenAPI, \n FeaturesAPI, \n SignoutAPI, \n FingerprintAPI,\n UserClaims, \n SigninWithRedirectOptions,\n SigninWithCredentialsOptions,\n SignoutOptions,\n Tokens,\n ForgotPasswordOptions,\n VerifyRecoveryTokenOptions,\n TransactionAPI,\n SessionAPI,\n SigninAPI,\n PkceAPI,\n SigninOptions,\n IdxAPI,\n SignoutRedirectUrlOptions,\n HttpAPI,\n} from './types';\nimport {\n transactionStatus,\n resumeTransaction,\n transactionExists,\n introspect,\n postToTransaction,\n AuthTransaction\n} from './tx';\nimport PKCE from './oidc/util/pkce';\nimport {\n closeSession,\n sessionExists,\n getSession,\n refreshSession,\n setCookieAndRedirect\n} from './session';\nimport {\n getOAuthUrls,\n getWithoutPrompt,\n getWithPopup,\n getWithRedirect,\n isLoginRedirect,\n parseFromUrl,\n decodeToken,\n revokeToken,\n renewToken,\n renewTokens,\n renewTokensWithRefresh,\n getUserInfo,\n verifyToken,\n prepareTokenParams,\n exchangeCodeForTokens,\n isInteractionRequiredError,\n isInteractionRequired,\n} from './oidc';\nimport { isBrowser } from './features';\nimport * as features from './features';\nimport browserStorage from './browser/browserStorage';\nimport { \n toQueryString, \n toAbsoluteUrl,\n clone\n} from './util';\nimport { getUserAgent } from './builderUtil';\nimport { TokenManager } from './TokenManager';\nimport { get, setRequestHeader } from './http';\nimport PromiseQueue from './PromiseQueue';\nimport fingerprint from './browser/fingerprint';\nimport { AuthStateManager } from './AuthStateManager';\nimport StorageManager from './StorageManager';\nimport TransactionManager from './TransactionManager';\nimport { buildOptions } from './options';\nimport {\n interact,\n introspect as introspectV2,\n authenticate,\n cancel,\n register,\n recoverPassword,\n startTransaction,\n handleInteractionCodeRedirect,\n} from './idx';\nimport { createGlobalRequestInterceptor, setGlobalRequestInterceptor } from './idx/headers';\nimport { OktaUserAgent } from './OktaUserAgent';\n\nconst Emitter = require('tiny-emitter');\n\nclass OktaAuth implements SDKInterface, SigninAPI, SignoutAPI {\n options: OktaAuthOptions;\n storageManager: StorageManager;\n transactionManager: TransactionManager;\n tx: TransactionAPI;\n idx: IdxAPI;\n // keep this field to compatible with released downstream SDK versions\n // TODO: remove in version 6\n // JIRA: https://oktainc.atlassian.net/browse/OKTA-419417\n userAgent: string;\n session: SessionAPI;\n pkce: PkceAPI;\n static features: FeaturesAPI;\n features: FeaturesAPI;\n token: TokenAPI;\n _tokenQueue: PromiseQueue;\n emitter: typeof Emitter;\n tokenManager: TokenManager;\n authStateManager: AuthStateManager;\n http: HttpAPI;\n fingerprint: FingerprintAPI;\n _oktaUserAgent: OktaUserAgent;\n _pending: { handleLogin: boolean };\n constructor(args: OktaAuthOptions) {\n this.options = buildOptions(args);\n const { storageManager, cookies, storageUtil } = this.options;\n this.storageManager = new StorageManager(storageManager, cookies, storageUtil);\n this.transactionManager = new TransactionManager(Object.assign({\n storageManager: this.storageManager\n }, args.transactionManager));\n this._oktaUserAgent = new OktaUserAgent();\n \n this.tx = {\n status: transactionStatus.bind(null, this),\n resume: resumeTransaction.bind(null, this),\n exists: Object.assign(transactionExists.bind(null, this), {\n _get: (name) => {\n const storage = storageUtil.storage;\n return storage.get(name);\n }\n }),\n introspect: introspect.bind(null, this)\n };\n\n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n\n // Add shims for compatibility, these will be removed in next major version. OKTA-362589\n Object.assign(this.options.storageUtil, {\n getPKCEStorage: this.storageManager.getLegacyPKCEStorage.bind(this.storageManager),\n getHttpCache: this.storageManager.getHttpCache.bind(this.storageManager),\n });\n\n this._pending = { handleLogin: false };\n\n if (isBrowser()) {\n this.options = Object.assign(this.options, {\n redirectUri: toAbsoluteUrl(args.redirectUri, window.location.origin), // allow relative URIs\n });\n this.userAgent = getUserAgent(args, `okta-auth-js/${SDK_VERSION}`);\n } else {\n this.userAgent = getUserAgent(args, `okta-auth-js-server/${SDK_VERSION}`);\n }\n\n // Digital clocks will drift over time, so the server\n // can misalign with the time reported by the browser.\n // The maxClockSkew allows relaxing the time-based\n // validation of tokens (in seconds, not milliseconds).\n // It currently defaults to 300, because 5 min is the\n // default maximum tolerance allowed by Kerberos.\n // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n if (!args.maxClockSkew && args.maxClockSkew !== 0) {\n this.options.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n } else {\n this.options.maxClockSkew = args.maxClockSkew;\n }\n\n this.session = {\n close: closeSession.bind(null, this),\n exists: sessionExists.bind(null, this),\n get: getSession.bind(null, this),\n refresh: refreshSession.bind(null, this),\n setCookieAndRedirect: setCookieAndRedirect.bind(null, this)\n };\n\n this._tokenQueue = new PromiseQueue();\n this.token = {\n prepareTokenParams: prepareTokenParams.bind(null, this),\n exchangeCodeForTokens: exchangeCodeForTokens.bind(null, this),\n getWithoutPrompt: getWithoutPrompt.bind(null, this),\n getWithPopup: getWithPopup.bind(null, this),\n getWithRedirect: getWithRedirect.bind(null, this),\n parseFromUrl: parseFromUrl.bind(null, this),\n decode: decodeToken,\n revoke: revokeToken.bind(null, this),\n renew: renewToken.bind(null, this),\n renewTokensWithRefresh: renewTokensWithRefresh.bind(null, this),\n renewTokens: renewTokens.bind(null, this),\n getUserInfo: getUserInfo.bind(null, this),\n verify: verifyToken.bind(null, this),\n isLoginRedirect: isLoginRedirect.bind(null, this)\n };\n // Wrap all async token API methods using MethodQueue to avoid issues with concurrency\n const syncMethods = ['decode', 'isLoginRedirect'];\n Object.keys(this.token).forEach(key => {\n if (syncMethods.indexOf(key) >= 0) { // sync methods should not be wrapped\n return;\n }\n var method = this.token[key];\n this.token[key] = PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n });\n \n Object.assign(this.token.getWithRedirect, {\n // This is exposed so we can set window.location in our tests\n _setLocation: function(url) {\n window.location = url;\n }\n });\n Object.assign(this.token.parseFromUrl, {\n // This is exposed so we can mock getting window.history in our tests\n _getHistory: function() {\n return window.history;\n },\n\n // This is exposed so we can mock getting window.location in our tests\n _getLocation: function() {\n return window.location;\n },\n\n // This is exposed so we can mock getting window.document in our tests\n _getDocument: function() {\n return window.document;\n }\n });\n\n // IDX\n this.idx = {\n interact: interact.bind(null, this),\n introspect: introspectV2.bind(null, this),\n authenticate: authenticate.bind(null, this),\n register: register.bind(null, this),\n cancel: cancel.bind(null, this),\n recoverPassword: recoverPassword.bind(null, this),\n handleInteractionCodeRedirect: handleInteractionCodeRedirect.bind(null, this),\n startTransaction: startTransaction.bind(null, this),\n };\n setGlobalRequestInterceptor(createGlobalRequestInterceptor(this)); // to pass custom headers to IDX endpoints\n\n // HTTP\n this.http = {\n setRequestHeader: setRequestHeader.bind(null, this)\n };\n\n // Fingerprint API\n this.fingerprint = fingerprint.bind(null, this);\n\n this.emitter = new Emitter();\n\n // TokenManager\n this.tokenManager = new TokenManager(this, args.tokenManager);\n\n // AuthStateManager\n this.authStateManager = new AuthStateManager(this);\n }\n\n start() {\n this.tokenManager.start();\n if (!this.token.isLoginRedirect()) {\n this.authStateManager.updateAuthState();\n }\n }\n\n stop() {\n this.tokenManager.stop();\n }\n\n // ES6 module users can use named exports to access all symbols\n // CommonJS module users (CDN) need all exports on this object\n\n // Utility methods for interaction code flow\n isInteractionRequired(): boolean {\n return isInteractionRequired(this);\n }\n\n isInteractionRequiredError(error: Error): boolean {\n return isInteractionRequiredError(error);\n }\n\n async signIn(opts: SigninOptions): Promise<AuthTransaction> {\n // TODO: support interaction code flow\n // Authn V1 flow\n return this.signInWithCredentials(opts as SigninWithCredentialsOptions);\n }\n\n async signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthTransaction> {\n opts = clone(opts || {});\n const _postToTransaction = (options?) => {\n options = options || {};\n options.withCredentials = true;\n delete opts.sendFingerprint;\n return postToTransaction(this, '/api/v1/authn', opts, options);\n };\n if (!opts.sendFingerprint) {\n return _postToTransaction();\n }\n return this.fingerprint()\n .then(function(fingerprint) {\n return _postToTransaction({\n headers: {\n 'X-Device-Fingerprint': fingerprint\n }\n });\n });\n }\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n \n // Ends the current Okta SSO session without redirecting to Okta.\n closeSession(): Promise<object> {\n // Clear all local tokens\n this.tokenManager.clear();\n \n return this.session.close() // DELETE /api/v1/sessions/me\n .catch(function(e) {\n if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n // Session does not exist or has already been closed\n return null;\n }\n throw e;\n });\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<object> {\n if (!accessToken) {\n accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<object> {\n if (!refreshToken) {\n refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (!postLogoutRedirectUri) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n async signOut(options?: SignoutOptions) {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n var defaultUri = window.location.origin;\n var currentUri = window.location.href;\n var postLogoutRedirectUri = options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri;\n \n var accessToken = options.accessToken;\n var refreshToken = options.refreshToken;\n var revokeAccessToken = options.revokeAccessToken !== false;\n var revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n // Clear all local tokens\n this.tokenManager.clear();\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n return this.closeSession() // can throw if the user cannot be signed out\n .then(function() {\n if (postLogoutRedirectUri === currentUri) {\n window.location.reload(); // force a hard reload if URI is not changing\n } else {\n window.location.assign(postLogoutRedirectUri);\n }\n });\n } else {\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n }\n }\n\n webfinger(opts): Promise<object> {\n var url = '/.well-known/webfinger' + toQueryString(opts);\n var options = {\n headers: {\n 'Accept': 'application/jrd+json'\n }\n };\n return get(this, url, options);\n }\n\n //\n // Common Methods from downstream SDKs\n //\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n async isAuthenticated(): Promise<boolean> {\n\n let { accessToken, idToken } = this.tokenManager.getTokensSync();\n const { autoRenew, autoRemove } = this.options.tokenManager || {};\n\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = null;\n if (autoRenew) {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } else if (autoRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = null;\n if (autoRenew) {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } else if (autoRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n async getUser(): Promise<UserClaims> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n\n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n\n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n\n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n\n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens } = await this.token.parseFromUrl();\n this.tokenManager.setTokens(tokens);\n }\n\n setOriginalUri(originalUri: string): void {\n const storage = browserStorage.getSessionStorage();\n storage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n }\n\n getOriginalUri(): string {\n const storage = browserStorage.getSessionStorage();\n const originalUri = storage.getItem(REFERRER_PATH_STORAGE_KEY);\n return originalUri;\n }\n\n removeOriginalUri(): void {\n const storage = browserStorage.getSessionStorage();\n storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n }\n\n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n async handleLoginRedirect(tokens?: Tokens): Promise<void> {\n // Store tokens and update AuthState by the emitted events\n if (tokens) {\n this.tokenManager.setTokens(tokens);\n } else if (this.isLoginRedirect()) {\n await this.storeTokensFromRedirect();\n } else {\n return; // nothing to do\n }\n \n // ensure auth state has been updated\n await this.authStateManager.updateAuthState();\n\n // Get and clear originalUri from storage\n const originalUri = this.getOriginalUri();\n this.removeOriginalUri();\n\n // Redirect to originalUri\n const { restoreOriginalUri } = this.options;\n if (restoreOriginalUri) {\n await restoreOriginalUri(this, originalUri);\n } else {\n window.location.replace(originalUri);\n }\n }\n\n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n\n hasResponseType(responseType: string): boolean {\n let hasResponseType = false;\n if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = this.options.responseType === responseType;\n }\n return hasResponseType;\n }\n\n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // { username, password, (relayState), (context) }\n // signIn(opts: SignInWithCredentialsOptions): Promise<AuthTransaction> {\n // return postToTransaction(this, '/api/v1/authn', opts);\n // }\n\n getIssuerOrigin(): string {\n // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n return this.options.issuer.split('/oauth2/')[0];\n }\n\n // { username, (relayState) }\n forgotPassword(opts): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/password', opts);\n }\n\n // { username, (relayState) }\n unlockAccount(opts: ForgotPasswordOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/unlock', opts);\n }\n\n // { recoveryToken }\n verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/token', opts);\n }\n}\n\n// Hoist feature detection functions to static type\nOktaAuth.features = OktaAuth.prototype.features = features;\n\n// Also hoist values and utility functions for CommonJS users\nObject.assign(OktaAuth, {\n constants,\n isInteractionRequiredError\n});\n\nexport default OktaAuth;"],"file":"OktaAuth.js"}
1
+ {"version":3,"sources":["../../lib/OktaAuth.ts"],"names":["DEFAULT_MAX_CLOCK_SKEW","REFERRER_PATH_STORAGE_KEY","constants","transactionStatus","resumeTransaction","transactionExists","introspect","postToTransaction","PKCE","closeSession","sessionExists","getSession","refreshSession","setCookieAndRedirect","getOAuthUrls","getWithoutPrompt","getWithPopup","getWithRedirect","isLoginRedirect","parseFromUrl","decodeToken","revokeToken","renewToken","renewTokens","renewTokensWithRefresh","getUserInfo","verifyToken","prepareTokenParams","exchangeCodeForTokens","isInteractionRequiredError","isInteractionRequired","isBrowser","features","browserStorage","toQueryString","toAbsoluteUrl","clone","getUserAgent","TokenManager","get","setRequestHeader","PromiseQueue","fingerprint","AuthStateManager","StorageManager","TransactionManager","buildOptions","interact","introspectV2","authenticate","cancel","register","recoverPassword","startTransaction","handleInteractionCodeRedirect","createGlobalRequestInterceptor","setGlobalRequestInterceptor","OktaUserAgent","parseOAuthResponseFromUrl","Emitter","require","OktaAuth","constructor","args","options","storageManager","cookies","storageUtil","transactionManager","Object","assign","_oktaUserAgent","tx","status","bind","resume","exists","_get","name","storage","pkce","DEFAULT_CODE_CHALLENGE_METHOD","generateVerifier","computeChallenge","getPKCEStorage","getLegacyPKCEStorage","getHttpCache","_pending","handleLogin","redirectUri","window","location","origin","userAgent","maxClockSkew","ignoreLifetime","session","close","refresh","_tokenQueue","token","decode","revoke","renew","verify","syncMethods","keys","forEach","key","indexOf","method","prototype","push","_setLocation","url","_getHistory","history","_getLocation","_getDocument","document","idx","http","emitter","tokenManager","authStateManager","start","updateAuthState","stop","setHeaders","headers","error","signIn","opts","signInWithCredentials","_postToTransaction","sendFingerprint","then","signInWithRedirect","originalUri","additionalParams","setOriginalUri","params","scopes","clear","catch","e","errorCode","revokeAccessToken","accessToken","getTokens","accessTokenKey","getStorageKeyByType","remove","Promise","resolve","revokeRefreshToken","refreshToken","refreshTokenKey","getSignOutRedirectUrl","idToken","postLogoutRedirectUri","state","getTokensSync","logoutUrl","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","currentUri","href","reload","webfinger","isAuthenticated","autoRenew","autoRemove","getOptions","hasExpired","getUser","getIdToken","undefined","getAccessToken","getRefreshToken","storeTokensFromRedirect","tokens","setTokens","getSessionStorage","setItem","getOriginalUri","meta","load","oauth","getItem","removeOriginalUri","removeItem","handleLoginRedirect","restoreOriginalUri","replace","isPKCE","hasResponseType","responseType","Array","isArray","length","isAuthorizationCodeFlow","getIssuerOrigin","issuer","split","forgotPassword","unlockAccount","verifyRecoveryToken"],"mappings":";;;;;;;;;AAAA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AACA;AAEA,SACEA,sBADF,EAEEC,yBAFF,QAGO,aAHP;AAIA,OAAO,KAAKC,SAAZ,MAA2B,aAA3B;AA4BA,SACEC,iBADF,EAEEC,iBAFF,EAGEC,iBAHF,EAIEC,UAJF,EAKEC,iBALF,QAOO,MAPP;AAQA,OAAOC,IAAP,MAAiB,kBAAjB;AACA,SACEC,YADF,EAEEC,aAFF,EAGEC,UAHF,EAIEC,cAJF,EAKEC,oBALF,QAMO,WANP;AAOA,SACEC,YADF,EAEEC,gBAFF,EAGEC,YAHF,EAIEC,eAJF,EAKEC,eALF,EAMEC,YANF,EAOEC,WAPF,EAQEC,WARF,EASEC,UATF,EAUEC,WAVF,EAWEC,sBAXF,EAYEC,WAZF,EAaEC,WAbF,EAcEC,kBAdF,EAeEC,qBAfF,EAgBEC,0BAhBF,EAiBEC,qBAjBF,QAkBO,QAlBP;AAmBA,SAASC,SAAT,QAA0B,YAA1B;AACA,OAAO,KAAKC,QAAZ,MAA0B,YAA1B;AACA,OAAOC,cAAP,MAA2B,0BAA3B;AACA,SACEC,aADF,EAEEC,aAFF,EAGEC,KAHF,QAIO,QAJP;AAKA,SAASC,YAAT,QAA6B,eAA7B;AACA,SAASC,YAAT,QAA6B,gBAA7B;AACA,SAASC,GAAT,EAAcC,gBAAd,QAAsC,QAAtC;AACA,OAAOC,YAAP,MAAyB,gBAAzB;AACA,OAAOC,WAAP,MAAwB,uBAAxB;AACA,SAASC,gBAAT,QAAiC,oBAAjC;AACA,OAAOC,cAAP,MAA2B,kBAA3B;AACA,OAAOC,kBAAP,MAA+B,sBAA/B;AACA,SAASC,YAAT,QAA6B,WAA7B;AACA,SACEC,QADF,EAEEzC,UAAU,IAAI0C,YAFhB,EAGEC,YAHF,EAIEC,MAJF,EAKEC,QALF,EAMEC,eANF,EAOEC,gBAPF,EAQEC,6BARF,QASO,OATP;AAUA,SAASC,8BAAT,EAAyCC,2BAAzC,QAA4E,eAA5E;AACA,SAASC,aAAT,QAA8B,iBAA9B;AACA,SAASC,yBAAT,QAA0C,qBAA1C;;AAEA,IAAMC,OAAO,GAAGC,OAAO,CAAC,cAAD,CAAvB;;AAEA,MAAMC,QAAN,CAA8D;AAM5D;AACA;AACA;AAeAC,EAAAA,WAAW,CAACC,IAAD,EAAwB;AACjC,SAAKC,OAAL,GAAelB,YAAY,CAACiB,IAAD,CAA3B;AACA,QAAM;AAAEE,MAAAA,cAAF;AAAkBC,MAAAA,OAAlB;AAA2BC,MAAAA;AAA3B,QAA2C,KAAKH,OAAtD;AACA,SAAKC,cAAL,GAAsB,IAAIrB,cAAJ,CAAmBqB,cAAnB,EAAmCC,OAAnC,EAA4CC,WAA5C,CAAtB;AACA,SAAKC,kBAAL,GAA0B,IAAIvB,kBAAJ,CAAuBwB,MAAM,CAACC,MAAP,CAAc;AAC7DL,MAAAA,cAAc,EAAE,KAAKA;AADwC,KAAd,EAE9CF,IAAI,CAACK,kBAFyC,CAAvB,CAA1B;AAGA,SAAKG,cAAL,GAAsB,IAAId,aAAJ,EAAtB;AAEA,SAAKe,EAAL,GAAU;AACRC,MAAAA,MAAM,EAAEtE,iBAAiB,CAACuE,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CADA;AAERC,MAAAA,MAAM,EAAEvE,iBAAiB,CAACsE,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAFA;AAGRE,MAAAA,MAAM,EAAEP,MAAM,CAACC,MAAP,CAAcjE,iBAAiB,CAACqE,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAAd,EAAkD;AACxDG,QAAAA,IAAI,EAAGC,IAAD,IAAU;AACd,cAAMC,OAAO,GAAGZ,WAAW,CAACY,OAA5B;AACA,iBAAOA,OAAO,CAACxC,GAAR,CAAYuC,IAAZ,CAAP;AACD;AAJuD,OAAlD,CAHA;AASRxE,MAAAA,UAAU,EAAEA,UAAU,CAACoE,IAAX,CAAgB,IAAhB,EAAsB,IAAtB;AATJ,KAAV;AAYA,SAAKM,IAAL,GAAY;AACVC,MAAAA,6BAA6B,EAAEzE,IAAI,CAACyE,6BAD1B;AAEVC,MAAAA,gBAAgB,EAAE1E,IAAI,CAAC0E,gBAFb;AAGVC,MAAAA,gBAAgB,EAAE3E,IAAI,CAAC2E;AAHb,KAAZ,CArBiC,CA2BjC;;AACAd,IAAAA,MAAM,CAACC,MAAP,CAAc,KAAKN,OAAL,CAAaG,WAA3B,EAAwC;AACtCiB,MAAAA,cAAc,EAAE,KAAKnB,cAAL,CAAoBoB,oBAApB,CAAyCX,IAAzC,CAA8C,KAAKT,cAAnD,CADsB;AAEtCqB,MAAAA,YAAY,EAAE,KAAKrB,cAAL,CAAoBqB,YAApB,CAAiCZ,IAAjC,CAAsC,KAAKT,cAA3C;AAFwB,KAAxC;AAKA,SAAKsB,QAAL,GAAgB;AAAEC,MAAAA,WAAW,EAAE;AAAf,KAAhB;;AAEA,QAAIzD,SAAS,EAAb,EAAiB;AACf,WAAKiC,OAAL,GAAeK,MAAM,CAACC,MAAP,CAAc,KAAKN,OAAnB,EAA4B;AACzCyB,QAAAA,WAAW,EAAEtD,aAAa,CAAC4B,IAAI,CAAC0B,WAAN,EAAmBC,MAAM,CAACC,QAAP,CAAgBC,MAAnC,CADe,CAC6B;;AAD7B,OAA5B,CAAf;AAGA,WAAKC,SAAL,GAAiBxD,YAAY,CAAC0B,IAAD,kCAA7B;AACD,KALD,MAKO;AACL,WAAK8B,SAAL,GAAiBxD,YAAY,CAAC0B,IAAD,yCAA7B;AACD,KA1CgC,CA4CjC;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,QAAI,CAACA,IAAI,CAAC+B,YAAN,IAAsB/B,IAAI,CAAC+B,YAAL,KAAsB,CAAhD,EAAmD;AACjD,WAAK9B,OAAL,CAAa8B,YAAb,GAA4B9F,sBAA5B;AACD,KAFD,MAEO;AACL,WAAKgE,OAAL,CAAa8B,YAAb,GAA4B/B,IAAI,CAAC+B,YAAjC;AACD,KAvDgC,CAyDjC;AACA;AACA;;;AACA,SAAK9B,OAAL,CAAa+B,cAAb,GAA8B,CAAC,CAAChC,IAAI,CAACgC,cAArC;AAEA,SAAKC,OAAL,GAAe;AACbC,MAAAA,KAAK,EAAExF,YAAY,CAACiE,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CADM;AAEbE,MAAAA,MAAM,EAAElE,aAAa,CAACgE,IAAd,CAAmB,IAAnB,EAAyB,IAAzB,CAFK;AAGbnC,MAAAA,GAAG,EAAE5B,UAAU,CAAC+D,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAHQ;AAIbwB,MAAAA,OAAO,EAAEtF,cAAc,CAAC8D,IAAf,CAAoB,IAApB,EAA0B,IAA1B,CAJI;AAKb7D,MAAAA,oBAAoB,EAAEA,oBAAoB,CAAC6D,IAArB,CAA0B,IAA1B,EAAgC,IAAhC;AALT,KAAf;AAQA,SAAKyB,WAAL,GAAmB,IAAI1D,YAAJ,EAAnB;AACA,SAAK2D,KAAL,GAAa;AACXzE,MAAAA,kBAAkB,EAAEA,kBAAkB,CAAC+C,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CADT;AAEX9C,MAAAA,qBAAqB,EAAEA,qBAAqB,CAAC8C,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAFZ;AAGX3D,MAAAA,gBAAgB,EAAEA,gBAAgB,CAAC2D,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAHP;AAIX1D,MAAAA,YAAY,EAAEA,YAAY,CAAC0D,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAJH;AAKXzD,MAAAA,eAAe,EAAEA,eAAe,CAACyD,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CALN;AAMXvD,MAAAA,YAAY,EAAEA,YAAY,CAACuD,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CANH;AAOX2B,MAAAA,MAAM,EAAEjF,WAPG;AAQXkF,MAAAA,MAAM,EAAEjF,WAAW,CAACqD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CARG;AASX6B,MAAAA,KAAK,EAAEjF,UAAU,CAACoD,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CATI;AAUXlD,MAAAA,sBAAsB,EAAEA,sBAAsB,CAACkD,IAAvB,CAA4B,IAA5B,EAAkC,IAAlC,CAVb;AAWXnD,MAAAA,WAAW,EAAEA,WAAW,CAACmD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAXF;AAYXjD,MAAAA,WAAW,EAAEA,WAAW,CAACiD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAZF;AAaX8B,MAAAA,MAAM,EAAE9E,WAAW,CAACgD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAbG;AAcXxD,MAAAA,eAAe,EAAEA,eAAe,CAACwD,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAdN,KAAb,CAvEiC,CAuFjC;;AACA,QAAM+B,WAAW,GAAG,CAAC,QAAD,EAAW,iBAAX,CAApB;AACApC,IAAAA,MAAM,CAACqC,IAAP,CAAY,KAAKN,KAAjB,EAAwBO,OAAxB,CAAgCC,GAAG,IAAI;AACrC,UAAIH,WAAW,CAACI,OAAZ,CAAoBD,GAApB,KAA4B,CAAhC,EAAmC;AAAE;AACnC;AACD;;AACD,UAAIE,MAAM,GAAG,KAAKV,KAAL,CAAWQ,GAAX,CAAb;AACA,WAAKR,KAAL,CAAWQ,GAAX,IAAkBnE,YAAY,CAACsE,SAAb,CAAuBC,IAAvB,CAA4BtC,IAA5B,CAAiC,KAAKyB,WAAtC,EAAmDW,MAAnD,EAA2D,IAA3D,CAAlB;AACD,KAND;AAQAzC,IAAAA,MAAM,CAACC,MAAP,CAAc,KAAK8B,KAAL,CAAWnF,eAAzB,EAA0C;AACxC;AACAgG,MAAAA,YAAY,EAAE,sBAASC,GAAT,EAAc;AAC1BxB,QAAAA,MAAM,CAACC,QAAP,GAAkBuB,GAAlB;AACD;AAJuC,KAA1C;AAMA7C,IAAAA,MAAM,CAACC,MAAP,CAAc,KAAK8B,KAAL,CAAWjF,YAAzB,EAAuC;AACrC;AACAgG,MAAAA,WAAW,EAAE,uBAAW;AACtB,eAAOzB,MAAM,CAAC0B,OAAd;AACD,OAJoC;AAMrC;AACAC,MAAAA,YAAY,EAAE,wBAAW;AACvB,eAAO3B,MAAM,CAACC,QAAd;AACD,OAToC;AAWrC;AACA2B,MAAAA,YAAY,EAAE,wBAAW;AACvB,eAAO5B,MAAM,CAAC6B,QAAd;AACD;AAdoC,KAAvC,EAvGiC,CAwHjC;;AACA,SAAKC,GAAL,GAAW;AACTzE,MAAAA,QAAQ,EAAEA,QAAQ,CAAC2B,IAAT,CAAc,IAAd,EAAoB,IAApB,CADD;AAETpE,MAAAA,UAAU,EAAE0C,YAAY,CAAC0B,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAFH;AAGTzB,MAAAA,YAAY,EAAEA,YAAY,CAACyB,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAHL;AAITvB,MAAAA,QAAQ,EAAEA,QAAQ,CAACuB,IAAT,CAAc,IAAd,EAAoB,IAApB,CAJD;AAKTxB,MAAAA,MAAM,EAAEA,MAAM,CAACwB,IAAP,CAAY,IAAZ,EAAkB,IAAlB,CALC;AAMTtB,MAAAA,eAAe,EAAEA,eAAe,CAACsB,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CANR;AAOTpB,MAAAA,6BAA6B,EAAEA,6BAA6B,CAACoB,IAA9B,CAAmC,IAAnC,EAAyC,IAAzC,CAPtB;AAQTrB,MAAAA,gBAAgB,EAAEA,gBAAgB,CAACqB,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AART,KAAX;AAUAlB,IAAAA,2BAA2B,CAACD,8BAA8B,CAAC,IAAD,CAA/B,CAA3B,CAnIiC,CAmIkC;AAEnE;;AACA,SAAKkE,IAAL,GAAY;AACVjF,MAAAA,gBAAgB,EAAEA,gBAAgB,CAACkC,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AADR,KAAZ,CAtIiC,CA0IjC;;AACA,SAAKhC,WAAL,GAAmBA,WAAW,CAACgC,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAAnB;AAEA,SAAKgD,OAAL,GAAe,IAAI/D,OAAJ,EAAf,CA7IiC,CA+IjC;;AACA,SAAKgE,YAAL,GAAoB,IAAIrF,YAAJ,CAAiB,IAAjB,EAAuByB,IAAI,CAAC4D,YAA5B,CAApB,CAhJiC,CAkJjC;;AACA,SAAKC,gBAAL,GAAwB,IAAIjF,gBAAJ,CAAqB,IAArB,CAAxB;AACD;;AAEDkF,EAAAA,KAAK,GAAG;AACN,SAAKF,YAAL,CAAkBE,KAAlB;;AACA,QAAI,CAAC,KAAKzB,KAAL,CAAWlF,eAAX,EAAL,EAAmC;AACjC,WAAK0G,gBAAL,CAAsBE,eAAtB;AACD;AACF;;AAEDC,EAAAA,IAAI,GAAG;AACL,SAAKJ,YAAL,CAAkBI,IAAlB;AACD;;AAEDC,EAAAA,UAAU,CAACC,OAAD,EAAU;AAClB,SAAKjE,OAAL,CAAaiE,OAAb,GAAuB5D,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,KAAKN,OAAL,CAAaiE,OAA/B,EAAwCA,OAAxC,CAAvB;AACD,GA1L2D,CA4L5D;AACA;AAEA;;;AACAnG,EAAAA,qBAAqB,GAAY;AAC/B,WAAOA,qBAAqB,CAAC,IAAD,CAA5B;AACD;;AAEDD,EAAAA,0BAA0B,CAACqG,KAAD,EAAwB;AAChD,WAAOrG,0BAA0B,CAACqG,KAAD,CAAjC;AACD;;AAEKC,EAAAA,MAAM,CAACC,IAAD,EAAgD;AAAA;;AAAA;AAC1D;AACA;AACA,aAAO,KAAI,CAACC,qBAAL,CAA2BD,IAA3B,CAAP;AAH0D;AAI3D;;AAEKC,EAAAA,qBAAqB,CAACD,IAAD,EAA+D;AAAA;;AAAA;AACxFA,MAAAA,IAAI,GAAGhG,KAAK,CAACgG,IAAI,IAAI,EAAT,CAAZ;;AACA,UAAME,kBAAkB,GAAItE,OAAD,IAAc;AACvC,eAAOoE,IAAI,CAACG,eAAZ;AACA,eAAOhI,iBAAiB,CAAC,MAAD,EAAO,eAAP,EAAwB6H,IAAxB,EAA8BpE,OAA9B,CAAxB;AACD,OAHD;;AAIA,UAAI,CAACoE,IAAI,CAACG,eAAV,EAA2B;AACzB,eAAOD,kBAAkB,EAAzB;AACD;;AACD,aAAO,MAAI,CAAC5F,WAAL,GACN8F,IADM,CACD,UAAS9F,WAAT,EAAsB;AAC1B,eAAO4F,kBAAkB,CAAC;AACxBL,UAAAA,OAAO,EAAE;AACP,oCAAwBvF;AADjB;AADe,SAAD,CAAzB;AAKD,OAPM,CAAP;AATwF;AAiBzF;;AAEK+F,EAAAA,kBAAkB,GAAuC;AAAA;AAAA;;AAAA;AAAA,UAAtCL,IAAsC,0EAAJ,EAAI;;AAC7D,UAAM;AAAEM,QAAAA;AAAF,UAAuCN,IAA7C;AAAA,UAAwBO,gBAAxB,4BAA6CP,IAA7C;;AACA,UAAG,MAAI,CAAC7C,QAAL,CAAcC,WAAjB,EAA8B;AAC5B;AACA;AACD;;AAED,MAAA,MAAI,CAACD,QAAL,CAAcC,WAAd,GAA4B,IAA5B;;AACA,UAAI;AACF;AACA,YAAIkD,WAAJ,EAAiB;AACf,UAAA,MAAI,CAACE,cAAL,CAAoBF,WAApB;AACD;;AACD,YAAMG,MAAM,GAAGxE,MAAM,CAACC,MAAP,CAAc;AAC3B;AACAwE,UAAAA,MAAM,EAAE,MAAI,CAAC9E,OAAL,CAAa8E,MAAb,IAAuB,CAAC,QAAD,EAAW,OAAX,EAAoB,SAApB;AAFJ,SAAd,EAGZH,gBAHY,CAAf;AAIA,cAAM,MAAI,CAACvC,KAAL,CAAWnF,eAAX,CAA2B4H,MAA3B,CAAN;AACD,OAVD,SAUU;AACR,QAAA,MAAI,CAACtD,QAAL,CAAcC,WAAd,GAA4B,KAA5B;AACD;AApB4D;AAqB9D,GAtP2D,CAwP5D;;;AACA/E,EAAAA,YAAY,GAAoB;AAC9B;AACA,SAAKkH,YAAL,CAAkBoB,KAAlB;AAEA,WAAO,KAAK/C,OAAL,CAAaC,KAAb,GAAqB;AAArB,KACN+C,KADM,CACA,UAASC,CAAT,EAAY;AACjB,UAAIA,CAAC,CAACnE,IAAF,KAAW,cAAX,IAA6BmE,CAAC,CAACC,SAAF,KAAgB,UAAjD,EAA6D;AAC3D;AACA,eAAO,IAAP;AACD;;AACD,YAAMD,CAAN;AACD,KAPM,CAAP;AAQD,GArQ2D,CAuQ5D;;;AACME,EAAAA,iBAAiB,CAACC,WAAD,EAA6C;AAAA;;AAAA;AAClE,UAAI,CAACA,WAAL,EAAkB;AAChBA,QAAAA,WAAW,GAAG,OAAO,MAAI,CAACzB,YAAL,CAAkB0B,SAAlB,EAAP,EAAsCD,WAApD;;AACA,YAAME,cAAc,GAAG,MAAI,CAAC3B,YAAL,CAAkB4B,mBAAlB,CAAsC,aAAtC,CAAvB;;AACA,QAAA,MAAI,CAAC5B,YAAL,CAAkB6B,MAAlB,CAAyBF,cAAzB;AACD,OALiE,CAMlE;;;AACA,UAAI,CAACF,WAAL,EAAkB;AAChB,eAAOK,OAAO,CAACC,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,aAAO,MAAI,CAACtD,KAAL,CAAWE,MAAX,CAAkB8C,WAAlB,CAAP;AAVkE;AAWnE,GAnR2D,CAqR5D;;;AACMO,EAAAA,kBAAkB,CAACC,YAAD,EAA+C;AAAA;;AAAA;AACrE,UAAI,CAACA,YAAL,EAAmB;AACjBA,QAAAA,YAAY,GAAG,OAAO,MAAI,CAACjC,YAAL,CAAkB0B,SAAlB,EAAP,EAAsCO,YAArD;;AACA,YAAMC,eAAe,GAAG,MAAI,CAAClC,YAAL,CAAkB4B,mBAAlB,CAAsC,cAAtC,CAAxB;;AACA,QAAA,MAAI,CAAC5B,YAAL,CAAkB6B,MAAlB,CAAyBK,eAAzB;AACD,OALoE,CAMrE;;;AACA,UAAI,CAACD,YAAL,EAAmB;AACjB,eAAOH,OAAO,CAACC,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,aAAO,MAAI,CAACtD,KAAL,CAAWE,MAAX,CAAkBsD,YAAlB,CAAP;AAVqE;AAWtE;;AAEDE,EAAAA,qBAAqB,GAA0C;AAAA,QAAzC9F,OAAyC,uEAAJ,EAAI;AAC7D,QAAI;AACF+F,MAAAA,OADE;AAEFC,MAAAA,qBAFE;AAGFC,MAAAA;AAHE,QAIAjG,OAJJ;;AAKA,QAAI,CAAC+F,OAAL,EAAc;AACZA,MAAAA,OAAO,GAAG,KAAKpC,YAAL,CAAkBuC,aAAlB,GAAkCH,OAA5C;AACD;;AACD,QAAI,CAACA,OAAL,EAAc;AACZ,aAAO,EAAP;AACD;;AACD,QAAI,CAACC,qBAAL,EAA4B;AAC1BA,MAAAA,qBAAqB,GAAG,KAAKhG,OAAL,CAAagG,qBAArC;AACD;;AAED,QAAMG,SAAS,GAAGrJ,YAAY,CAAC,IAAD,CAAZ,CAAmBqJ,SAArC;AACA,QAAMC,WAAW,GAAGL,OAAO,CAACA,OAA5B,CAjB6D,CAiBxB;;AACrC,QAAIM,SAAS,GAAGF,SAAS,GAAG,iBAAZ,GAAgCG,kBAAkB,CAACF,WAAD,CAAlE;;AACA,QAAIJ,qBAAJ,EAA2B;AACzBK,MAAAA,SAAS,IAAI,+BAA+BC,kBAAkB,CAACN,qBAAD,CAA9D;AACD,KArB4D,CAsB7D;;;AACA,QAAIC,KAAJ,EAAW;AACTI,MAAAA,SAAS,IAAI,YAAYC,kBAAkB,CAACL,KAAD,CAA3C;AACD;;AAED,WAAOI,SAAP;AACD,GA/T2D,CAiU5D;;;AACME,EAAAA,OAAO,CAACvG,OAAD,EAA2B;AAAA;;AAAA;AACtCA,MAAAA,OAAO,GAAGK,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBN,OAAlB,CAAV,CADsC,CAGtC;;AACA,UAAIwG,UAAU,GAAG9E,MAAM,CAACC,QAAP,CAAgBC,MAAjC;AACA,UAAI6E,UAAU,GAAG/E,MAAM,CAACC,QAAP,CAAgB+E,IAAjC;AACA,UAAIV,qBAAqB,GAAGhG,OAAO,CAACgG,qBAAR,IACvB,MAAI,CAAChG,OAAL,CAAagG,qBADU,IAEvBQ,UAFL;AAIA,UAAIpB,WAAW,GAAGpF,OAAO,CAACoF,WAA1B;AACA,UAAIQ,YAAY,GAAG5F,OAAO,CAAC4F,YAA3B;AACA,UAAIT,iBAAiB,GAAGnF,OAAO,CAACmF,iBAAR,KAA8B,KAAtD;AACA,UAAIQ,kBAAkB,GAAG3F,OAAO,CAAC2F,kBAAR,KAA+B,KAAxD;;AAEA,UAAIA,kBAAkB,IAAI,OAAOC,YAAP,KAAwB,WAAlD,EAA+D;AAC7DA,QAAAA,YAAY,GAAG,MAAI,CAACjC,YAAL,CAAkBuC,aAAlB,GAAkCN,YAAjD;AACD;;AAED,UAAIT,iBAAiB,IAAI,OAAOC,WAAP,KAAuB,WAAhD,EAA6D;AAC3DA,QAAAA,WAAW,GAAG,MAAI,CAACzB,YAAL,CAAkBuC,aAAlB,GAAkCd,WAAhD;AACD;;AAED,UAAI,CAACpF,OAAO,CAAC+F,OAAb,EAAsB;AACpB/F,QAAAA,OAAO,CAAC+F,OAAR,GAAkB,MAAI,CAACpC,YAAL,CAAkBuC,aAAlB,GAAkCH,OAApD;AACD,OAzBqC,CA2BtC;;;AACA,MAAA,MAAI,CAACpC,YAAL,CAAkBoB,KAAlB;;AAEA,UAAIY,kBAAkB,IAAIC,YAA1B,EAAwC;AACtC,cAAM,MAAI,CAACD,kBAAL,CAAwBC,YAAxB,CAAN;AACD;;AAED,UAAIT,iBAAiB,IAAIC,WAAzB,EAAsC;AACpC,cAAM,MAAI,CAACD,iBAAL,CAAuBC,WAAvB,CAAN;AACD;;AAED,UAAMiB,SAAS,GAAG,MAAI,CAACP,qBAAL,iCAAgC9F,OAAhC;AAAyCgG,QAAAA;AAAzC,SAAlB,CAtCsC,CAuCtC;AACA;;;AACA,UAAI,CAACK,SAAL,EAAgB;AACd,eAAO,MAAI,CAAC5J,YAAL,GAAoB;AAApB,SACN+H,IADM,CACD,YAAW;AACf,cAAIwB,qBAAqB,KAAKS,UAA9B,EAA0C;AACxC/E,YAAAA,MAAM,CAACC,QAAP,CAAgBgF,MAAhB,GADwC,CACd;AAC3B,WAFD,MAEO;AACLjF,YAAAA,MAAM,CAACC,QAAP,CAAgBrB,MAAhB,CAAuB0F,qBAAvB;AACD;AACF,SAPM,CAAP;AAQD,OATD,MASO;AACL;AACAtE,QAAAA,MAAM,CAACC,QAAP,CAAgBrB,MAAhB,CAAuB+F,SAAvB;AACD;AArDqC;AAsDvC;;AAEDO,EAAAA,SAAS,CAACxC,IAAD,EAAwB;AAC/B,QAAIlB,GAAG,GAAG,2BAA2BhF,aAAa,CAACkG,IAAD,CAAlD;AACA,QAAIpE,OAAO,GAAG;AACZiE,MAAAA,OAAO,EAAE;AACP,kBAAU;AADH;AADG,KAAd;AAKA,WAAO1F,GAAG,CAAC,IAAD,EAAO2E,GAAP,EAAYlD,OAAZ,CAAV;AACD,GAlY2D,CAoY5D;AACA;AACA;AAEA;AACA;;;AACM6G,EAAAA,eAAe,GAAqB;AAAA;;AAAA;AAExC,UAAI;AAAEzB,QAAAA,WAAF;AAAeW,QAAAA;AAAf,UAA2B,MAAI,CAACpC,YAAL,CAAkBuC,aAAlB,EAA/B;;AACA,UAAM;AAAEY,QAAAA,SAAF;AAAaC,QAAAA;AAAb,UAA4B,MAAI,CAACpD,YAAL,CAAkBqD,UAAlB,EAAlC;;AAEA,UAAI5B,WAAW,IAAI,MAAI,CAACzB,YAAL,CAAkBsD,UAAlB,CAA6B7B,WAA7B,CAAnB,EAA8D;AAC5DA,QAAAA,WAAW,GAAG,IAAd;;AACA,YAAI0B,SAAJ,EAAe;AACb1B,UAAAA,WAAW,SAAS,MAAI,CAACzB,YAAL,CAAkBpB,KAAlB,CAAwB,aAAxB,CAApB;AACD,SAFD,MAEO,IAAIwE,UAAJ,EAAgB;AACrB,UAAA,MAAI,CAACpD,YAAL,CAAkB6B,MAAlB,CAAyB,aAAzB;AACD;AACF;;AAED,UAAIO,OAAO,IAAI,MAAI,CAACpC,YAAL,CAAkBsD,UAAlB,CAA6BlB,OAA7B,CAAf,EAAsD;AACpDA,QAAAA,OAAO,GAAG,IAAV;;AACA,YAAIe,SAAJ,EAAe;AACbf,UAAAA,OAAO,SAAS,MAAI,CAACpC,YAAL,CAAkBpB,KAAlB,CAAwB,SAAxB,CAAhB;AACD,SAFD,MAEO,IAAIwE,UAAJ,EAAgB;AACrB,UAAA,MAAI,CAACpD,YAAL,CAAkB6B,MAAlB,CAAyB,SAAzB;AACD;AACF;;AAED,aAAO,CAAC,EAAEJ,WAAW,IAAIW,OAAjB,CAAR;AAvBwC;AAwBzC;;AAEKmB,EAAAA,OAAO,GAAwB;AAAA;;AAAA;AACnC,UAAM;AAAEnB,QAAAA,OAAF;AAAWX,QAAAA;AAAX,UAA2B,MAAI,CAACzB,YAAL,CAAkBuC,aAAlB,EAAjC;;AACA,aAAO,MAAI,CAAC9D,KAAL,CAAW3E,WAAX,CAAuB2H,WAAvB,EAAoCW,OAApC,CAAP;AAFmC;AAGpC;;AAEDoB,EAAAA,UAAU,GAAuB;AAC/B,QAAM;AAAEpB,MAAAA;AAAF,QAAc,KAAKpC,YAAL,CAAkBuC,aAAlB,EAApB;AACA,WAAOH,OAAO,GAAGA,OAAO,CAACA,OAAX,GAAqBqB,SAAnC;AACD;;AAEDC,EAAAA,cAAc,GAAuB;AACnC,QAAM;AAAEjC,MAAAA;AAAF,QAAkB,KAAKzB,YAAL,CAAkBuC,aAAlB,EAAxB;AACA,WAAOd,WAAW,GAAGA,WAAW,CAACA,WAAf,GAA6BgC,SAA/C;AACD;;AAEDE,EAAAA,eAAe,GAAuB;AACpC,QAAM;AAAE1B,MAAAA;AAAF,QAAmB,KAAKjC,YAAL,CAAkBuC,aAAlB,EAAzB;AACA,WAAON,YAAY,GAAGA,YAAY,CAACA,YAAhB,GAA+BwB,SAAlD;AACD;AAED;AACF;AACA;;;AACQG,EAAAA,uBAAuB,GAAkB;AAAA;;AAAA;AAC7C,UAAM;AAAEC,QAAAA;AAAF,gBAAmB,MAAI,CAACpF,KAAL,CAAWjF,YAAX,EAAzB;;AACA,MAAA,MAAI,CAACwG,YAAL,CAAkB8D,SAAlB,CAA4BD,MAA5B;AAF6C;AAG9C;;AAED5C,EAAAA,cAAc,CAACF,WAAD,EAA4B;AACxC,QAAM3D,OAAO,GAAG9C,cAAc,CAACyJ,iBAAf,EAAhB;AACA3G,IAAAA,OAAO,CAAC4G,OAAR,CAAgB1L,yBAAhB,EAA2CyI,WAA3C;AACD;;AAEDkD,EAAAA,cAAc,CAAC3B,KAAD,EAAyB;AACrC,QAAIA,KAAJ,EAAW;AACT,UAAM4B,IAAqB,GAAG,KAAKzH,kBAAL,CAAwB0H,IAAxB,CAA6B;AACzDC,QAAAA,KAAK,EAAE,IADkD;AAEzD9B,QAAAA;AAFyD,OAA7B,CAA9B;AAIA,aAAO4B,IAAI,CAACnD,WAAZ;AACD;;AACD,QAAM3D,OAAO,GAAG9C,cAAc,CAACyJ,iBAAf,EAAhB;AACA,QAAMhD,WAAW,GAAG3D,OAAO,GAAGA,OAAO,CAACiH,OAAR,CAAgB/L,yBAAhB,CAAH,GAAgDmL,SAA3E;AACA,WAAO1C,WAAP;AACD;;AAEDuD,EAAAA,iBAAiB,GAAS;AACxB,QAAMlH,OAAO,GAAG9C,cAAc,CAACyJ,iBAAf,EAAhB;AACA3G,IAAAA,OAAO,CAACmH,UAAR,CAAmBjM,yBAAnB;AACD;;AAEDiB,EAAAA,eAAe,GAAY;AACzB,WAAOA,eAAe,CAAC,IAAD,CAAtB;AACD;;AAEKiL,EAAAA,mBAAmB,CAACX,MAAD,EAAkB9C,WAAlB,EAAuD;AAAA;;AAAA;AAC9E;AACA,UAAI8C,MAAJ,EAAY;AACV,QAAA,OAAI,CAAC7D,YAAL,CAAkB8D,SAAlB,CAA4BD,MAA5B;;AACA9C,QAAAA,WAAW,GAAGA,WAAW,IAAI,OAAI,CAACkD,cAAL,EAA7B;AACD,OAHD,MAGO,IAAI,OAAI,CAAC1K,eAAL,EAAJ,EAA4B;AACjC;AACA,YAAM;AAAE+I,UAAAA;AAAF,kBAAkBvG,yBAAyB,CAAC,OAAD,EAAO,EAAP,CAAjD;AACAgF,QAAAA,WAAW,GAAGA,WAAW,IAAI,OAAI,CAACkD,cAAL,CAAoB3B,KAApB,CAA7B;AACA,cAAM,OAAI,CAACsB,uBAAL,EAAN;AACD,OALM,MAKA;AACL,eADK,CACG;AACT,OAZ6E,CAc9E;;;AACA,YAAM,OAAI,CAAC3D,gBAAL,CAAsBE,eAAtB,EAAN,CAf8E,CAiB9E;;AACA,MAAA,OAAI,CAACmE,iBAAL,GAlB8E,CAoB9E;;;AACA,UAAM;AAAEG,QAAAA;AAAF,UAAyB,OAAI,CAACpI,OAApC;;AACA,UAAIoI,kBAAJ,EAAwB;AACtB,cAAMA,kBAAkB,CAAC,OAAD,EAAO1D,WAAP,CAAxB;AACD,OAFD,MAEO;AACLhD,QAAAA,MAAM,CAACC,QAAP,CAAgB0G,OAAhB,CAAwB3D,WAAxB;AACD;AA1B6E;AA2B/E;;AAED4D,EAAAA,MAAM,GAAY;AAChB,WAAO,CAAC,CAAC,KAAKtI,OAAL,CAAagB,IAAtB;AACD;;AAEDuH,EAAAA,eAAe,CAACC,YAAD,EAAgC;AAC7C,QAAID,eAAe,GAAG,KAAtB;;AACA,QAAIE,KAAK,CAACC,OAAN,CAAc,KAAK1I,OAAL,CAAawI,YAA3B,KAA4C,KAAKxI,OAAL,CAAawI,YAAb,CAA0BG,MAA1E,EAAkF;AAChFJ,MAAAA,eAAe,GAAG,KAAKvI,OAAL,CAAawI,YAAb,CAA0B3F,OAA1B,CAAkC2F,YAAlC,KAAmD,CAArE;AACD,KAFD,MAEO;AACLD,MAAAA,eAAe,GAAG,KAAKvI,OAAL,CAAawI,YAAb,KAA8BA,YAAhD;AACD;;AACD,WAAOD,eAAP;AACD;;AAEDK,EAAAA,uBAAuB,GAAY;AACjC,WAAO,KAAKL,eAAL,CAAqB,MAArB,CAAP;AACD,GAxgB2D,CA0gB5D;AACA;AACA;AACA;;;AAEAM,EAAAA,eAAe,GAAW;AACxB;AACA,WAAO,KAAK7I,OAAL,CAAa8I,MAAb,CAAoBC,KAApB,CAA0B,UAA1B,EAAsC,CAAtC,CAAP;AACD,GAlhB2D,CAohB5D;;;AACAC,EAAAA,cAAc,CAAC5E,IAAD,EAAiC;AAC7C,WAAO7H,iBAAiB,CAAC,IAAD,EAAO,iCAAP,EAA0C6H,IAA1C,CAAxB;AACD,GAvhB2D,CAyhB5D;;;AACA6E,EAAAA,aAAa,CAAC7E,IAAD,EAAwD;AACnE,WAAO7H,iBAAiB,CAAC,IAAD,EAAO,+BAAP,EAAwC6H,IAAxC,CAAxB;AACD,GA5hB2D,CA8hB5D;;;AACA8E,EAAAA,mBAAmB,CAAC9E,IAAD,EAA6D;AAC9E,WAAO7H,iBAAiB,CAAC,IAAD,EAAO,8BAAP,EAAuC6H,IAAvC,CAAxB;AACD;;AAjiB2D,C,CAoiB9D;;;AACAvE,QAAQ,CAAC7B,QAAT,GAAoB6B,QAAQ,CAACkD,SAAT,CAAmB/E,QAAnB,GAA8BA,QAAlD,C,CAEA;;AACAqC,MAAM,CAACC,MAAP,CAAcT,QAAd,EAAwB;AACtB3D,EAAAA,SADsB;AAEtB2B,EAAAA;AAFsB,CAAxB;AAKA,eAAegC,QAAf","sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* SDK_VERSION is defined in webpack config */ \n/* global window, SDK_VERSION */\n\nimport { \n DEFAULT_MAX_CLOCK_SKEW, \n REFERRER_PATH_STORAGE_KEY\n} from './constants';\nimport * as constants from './constants';\nimport {\n OktaAuth as SDKInterface,\n OktaAuthOptions, \n AccessToken, \n IDToken,\n RefreshToken,\n TokenAPI, \n FeaturesAPI, \n SignoutAPI, \n FingerprintAPI,\n UserClaims, \n SigninWithRedirectOptions,\n SigninWithCredentialsOptions,\n SignoutOptions,\n Tokens,\n ForgotPasswordOptions,\n VerifyRecoveryTokenOptions,\n TransactionAPI,\n SessionAPI,\n SigninAPI,\n PkceAPI,\n SigninOptions,\n IdxAPI,\n SignoutRedirectUrlOptions,\n HttpAPI,\n TransactionMeta,\n} from './types';\nimport {\n transactionStatus,\n resumeTransaction,\n transactionExists,\n introspect,\n postToTransaction,\n AuthTransaction\n} from './tx';\nimport PKCE from './oidc/util/pkce';\nimport {\n closeSession,\n sessionExists,\n getSession,\n refreshSession,\n setCookieAndRedirect\n} from './session';\nimport {\n getOAuthUrls,\n getWithoutPrompt,\n getWithPopup,\n getWithRedirect,\n isLoginRedirect,\n parseFromUrl,\n decodeToken,\n revokeToken,\n renewToken,\n renewTokens,\n renewTokensWithRefresh,\n getUserInfo,\n verifyToken,\n prepareTokenParams,\n exchangeCodeForTokens,\n isInteractionRequiredError,\n isInteractionRequired,\n} from './oidc';\nimport { isBrowser } from './features';\nimport * as features from './features';\nimport browserStorage from './browser/browserStorage';\nimport { \n toQueryString, \n toAbsoluteUrl,\n clone\n} from './util';\nimport { getUserAgent } from './builderUtil';\nimport { TokenManager } from './TokenManager';\nimport { get, setRequestHeader } from './http';\nimport PromiseQueue from './PromiseQueue';\nimport fingerprint from './browser/fingerprint';\nimport { AuthStateManager } from './AuthStateManager';\nimport StorageManager from './StorageManager';\nimport TransactionManager from './TransactionManager';\nimport { buildOptions } from './options';\nimport {\n interact,\n introspect as introspectV2,\n authenticate,\n cancel,\n register,\n recoverPassword,\n startTransaction,\n handleInteractionCodeRedirect,\n} from './idx';\nimport { createGlobalRequestInterceptor, setGlobalRequestInterceptor } from './idx/headers';\nimport { OktaUserAgent } from './OktaUserAgent';\nimport { parseOAuthResponseFromUrl } from './oidc/parseFromUrl';\n\nconst Emitter = require('tiny-emitter');\n\nclass OktaAuth implements SDKInterface, SigninAPI, SignoutAPI {\n options: OktaAuthOptions;\n storageManager: StorageManager;\n transactionManager: TransactionManager;\n tx: TransactionAPI;\n idx: IdxAPI;\n // keep this field to compatible with released downstream SDK versions\n // TODO: remove in version 6\n // JIRA: https://oktainc.atlassian.net/browse/OKTA-419417\n userAgent: string;\n session: SessionAPI;\n pkce: PkceAPI;\n static features: FeaturesAPI;\n features: FeaturesAPI;\n token: TokenAPI;\n _tokenQueue: PromiseQueue;\n emitter: typeof Emitter;\n tokenManager: TokenManager;\n authStateManager: AuthStateManager;\n http: HttpAPI;\n fingerprint: FingerprintAPI;\n _oktaUserAgent: OktaUserAgent;\n _pending: { handleLogin: boolean };\n constructor(args: OktaAuthOptions) {\n this.options = buildOptions(args);\n const { storageManager, cookies, storageUtil } = this.options;\n this.storageManager = new StorageManager(storageManager, cookies, storageUtil);\n this.transactionManager = new TransactionManager(Object.assign({\n storageManager: this.storageManager\n }, args.transactionManager));\n this._oktaUserAgent = new OktaUserAgent();\n \n this.tx = {\n status: transactionStatus.bind(null, this),\n resume: resumeTransaction.bind(null, this),\n exists: Object.assign(transactionExists.bind(null, this), {\n _get: (name) => {\n const storage = storageUtil.storage;\n return storage.get(name);\n }\n }),\n introspect: introspect.bind(null, this)\n };\n\n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n\n // Add shims for compatibility, these will be removed in next major version. OKTA-362589\n Object.assign(this.options.storageUtil, {\n getPKCEStorage: this.storageManager.getLegacyPKCEStorage.bind(this.storageManager),\n getHttpCache: this.storageManager.getHttpCache.bind(this.storageManager),\n });\n\n this._pending = { handleLogin: false };\n\n if (isBrowser()) {\n this.options = Object.assign(this.options, {\n redirectUri: toAbsoluteUrl(args.redirectUri, window.location.origin), // allow relative URIs\n });\n this.userAgent = getUserAgent(args, `okta-auth-js/${SDK_VERSION}`);\n } else {\n this.userAgent = getUserAgent(args, `okta-auth-js-server/${SDK_VERSION}`);\n }\n\n // Digital clocks will drift over time, so the server\n // can misalign with the time reported by the browser.\n // The maxClockSkew allows relaxing the time-based\n // validation of tokens (in seconds, not milliseconds).\n // It currently defaults to 300, because 5 min is the\n // default maximum tolerance allowed by Kerberos.\n // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n if (!args.maxClockSkew && args.maxClockSkew !== 0) {\n this.options.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n } else {\n this.options.maxClockSkew = args.maxClockSkew;\n }\n\n // As some end user's devices can have their date \n // and time incorrectly set, allow for the disabling\n // of the jwt liftetime validation\n this.options.ignoreLifetime = !!args.ignoreLifetime;\n\n this.session = {\n close: closeSession.bind(null, this),\n exists: sessionExists.bind(null, this),\n get: getSession.bind(null, this),\n refresh: refreshSession.bind(null, this),\n setCookieAndRedirect: setCookieAndRedirect.bind(null, this)\n };\n\n this._tokenQueue = new PromiseQueue();\n this.token = {\n prepareTokenParams: prepareTokenParams.bind(null, this),\n exchangeCodeForTokens: exchangeCodeForTokens.bind(null, this),\n getWithoutPrompt: getWithoutPrompt.bind(null, this),\n getWithPopup: getWithPopup.bind(null, this),\n getWithRedirect: getWithRedirect.bind(null, this),\n parseFromUrl: parseFromUrl.bind(null, this),\n decode: decodeToken,\n revoke: revokeToken.bind(null, this),\n renew: renewToken.bind(null, this),\n renewTokensWithRefresh: renewTokensWithRefresh.bind(null, this),\n renewTokens: renewTokens.bind(null, this),\n getUserInfo: getUserInfo.bind(null, this),\n verify: verifyToken.bind(null, this),\n isLoginRedirect: isLoginRedirect.bind(null, this)\n };\n // Wrap all async token API methods using MethodQueue to avoid issues with concurrency\n const syncMethods = ['decode', 'isLoginRedirect'];\n Object.keys(this.token).forEach(key => {\n if (syncMethods.indexOf(key) >= 0) { // sync methods should not be wrapped\n return;\n }\n var method = this.token[key];\n this.token[key] = PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n });\n \n Object.assign(this.token.getWithRedirect, {\n // This is exposed so we can set window.location in our tests\n _setLocation: function(url) {\n window.location = url;\n }\n });\n Object.assign(this.token.parseFromUrl, {\n // This is exposed so we can mock getting window.history in our tests\n _getHistory: function() {\n return window.history;\n },\n\n // This is exposed so we can mock getting window.location in our tests\n _getLocation: function() {\n return window.location;\n },\n\n // This is exposed so we can mock getting window.document in our tests\n _getDocument: function() {\n return window.document;\n }\n });\n\n // IDX\n this.idx = {\n interact: interact.bind(null, this),\n introspect: introspectV2.bind(null, this),\n authenticate: authenticate.bind(null, this),\n register: register.bind(null, this),\n cancel: cancel.bind(null, this),\n recoverPassword: recoverPassword.bind(null, this),\n handleInteractionCodeRedirect: handleInteractionCodeRedirect.bind(null, this),\n startTransaction: startTransaction.bind(null, this),\n };\n setGlobalRequestInterceptor(createGlobalRequestInterceptor(this)); // to pass custom headers to IDX endpoints\n\n // HTTP\n this.http = {\n setRequestHeader: setRequestHeader.bind(null, this)\n };\n\n // Fingerprint API\n this.fingerprint = fingerprint.bind(null, this);\n\n this.emitter = new Emitter();\n\n // TokenManager\n this.tokenManager = new TokenManager(this, args.tokenManager);\n\n // AuthStateManager\n this.authStateManager = new AuthStateManager(this);\n }\n\n start() {\n this.tokenManager.start();\n if (!this.token.isLoginRedirect()) {\n this.authStateManager.updateAuthState();\n }\n }\n\n stop() {\n this.tokenManager.stop();\n }\n\n setHeaders(headers) {\n this.options.headers = Object.assign({}, this.options.headers, headers);\n }\n\n // ES6 module users can use named exports to access all symbols\n // CommonJS module users (CDN) need all exports on this object\n\n // Utility methods for interaction code flow\n isInteractionRequired(): boolean {\n return isInteractionRequired(this);\n }\n\n isInteractionRequiredError(error: Error): boolean {\n return isInteractionRequiredError(error);\n }\n\n async signIn(opts: SigninOptions): Promise<AuthTransaction> {\n // TODO: support interaction code flow\n // Authn V1 flow\n return this.signInWithCredentials(opts as SigninWithCredentialsOptions);\n }\n\n async signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthTransaction> {\n opts = clone(opts || {});\n const _postToTransaction = (options?) => {\n delete opts.sendFingerprint;\n return postToTransaction(this, '/api/v1/authn', opts, options);\n };\n if (!opts.sendFingerprint) {\n return _postToTransaction();\n }\n return this.fingerprint()\n .then(function(fingerprint) {\n return _postToTransaction({\n headers: {\n 'X-Device-Fingerprint': fingerprint\n }\n });\n });\n }\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n \n // Ends the current Okta SSO session without redirecting to Okta.\n closeSession(): Promise<object> {\n // Clear all local tokens\n this.tokenManager.clear();\n \n return this.session.close() // DELETE /api/v1/sessions/me\n .catch(function(e) {\n if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n // Session does not exist or has already been closed\n return null;\n }\n throw e;\n });\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<object> {\n if (!accessToken) {\n accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<object> {\n if (!refreshToken) {\n refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (!postLogoutRedirectUri) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n async signOut(options?: SignoutOptions) {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n var defaultUri = window.location.origin;\n var currentUri = window.location.href;\n var postLogoutRedirectUri = options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri;\n \n var accessToken = options.accessToken;\n var refreshToken = options.refreshToken;\n var revokeAccessToken = options.revokeAccessToken !== false;\n var revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n // Clear all local tokens\n this.tokenManager.clear();\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n return this.closeSession() // can throw if the user cannot be signed out\n .then(function() {\n if (postLogoutRedirectUri === currentUri) {\n window.location.reload(); // force a hard reload if URI is not changing\n } else {\n window.location.assign(postLogoutRedirectUri);\n }\n });\n } else {\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n }\n }\n\n webfinger(opts): Promise<object> {\n var url = '/.well-known/webfinger' + toQueryString(opts);\n var options = {\n headers: {\n 'Accept': 'application/jrd+json'\n }\n };\n return get(this, url, options);\n }\n\n //\n // Common Methods from downstream SDKs\n //\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n async isAuthenticated(): Promise<boolean> {\n\n let { accessToken, idToken } = this.tokenManager.getTokensSync();\n const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = null;\n if (autoRenew) {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } else if (autoRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = null;\n if (autoRenew) {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } else if (autoRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n async getUser(): Promise<UserClaims> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n\n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n\n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n\n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n\n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens } = await this.token.parseFromUrl();\n this.tokenManager.setTokens(tokens);\n }\n\n setOriginalUri(originalUri: string): void {\n const storage = browserStorage.getSessionStorage();\n storage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n }\n\n getOriginalUri(state?: string): string {\n if (state) {\n const meta: TransactionMeta = this.transactionManager.load({\n oauth: true,\n state\n });\n return meta.originalUri;\n }\n const storage = browserStorage.getSessionStorage();\n const originalUri = storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) : undefined;\n return originalUri;\n }\n\n removeOriginalUri(): void {\n const storage = browserStorage.getSessionStorage();\n storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n }\n\n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n // Store tokens and update AuthState by the emitted events\n if (tokens) {\n this.tokenManager.setTokens(tokens);\n originalUri = originalUri || this.getOriginalUri();\n } else if (this.isLoginRedirect()) {\n // For redirect flow, get state from the URL and use it to retrieve the originalUri\n const { state } = await parseOAuthResponseFromUrl(this, {});\n originalUri = originalUri || this.getOriginalUri(state);\n await this.storeTokensFromRedirect();\n } else {\n return; // nothing to do\n }\n \n // ensure auth state has been updated\n await this.authStateManager.updateAuthState();\n\n // clear originalUri from storage\n this.removeOriginalUri();\n\n // Redirect to originalUri\n const { restoreOriginalUri } = this.options;\n if (restoreOriginalUri) {\n await restoreOriginalUri(this, originalUri);\n } else {\n window.location.replace(originalUri);\n }\n }\n\n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n\n hasResponseType(responseType: string): boolean {\n let hasResponseType = false;\n if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = this.options.responseType === responseType;\n }\n return hasResponseType;\n }\n\n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // { username, password, (relayState), (context) }\n // signIn(opts: SignInWithCredentialsOptions): Promise<AuthTransaction> {\n // return postToTransaction(this, '/api/v1/authn', opts);\n // }\n\n getIssuerOrigin(): string {\n // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n return this.options.issuer.split('/oauth2/')[0];\n }\n\n // { username, (relayState) }\n forgotPassword(opts): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/password', opts);\n }\n\n // { username, (relayState) }\n unlockAccount(opts: ForgotPasswordOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/unlock', opts);\n }\n\n // { recoveryToken }\n verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/token', opts);\n }\n}\n\n// Hoist feature detection functions to static type\nOktaAuth.features = OktaAuth.prototype.features = features;\n\n// Also hoist values and utility functions for CommonJS users\nObject.assign(OktaAuth, {\n constants,\n isInteractionRequiredError\n});\n\nexport default OktaAuth;"],"file":"OktaAuth.js"}
package/esm/OktaUserAgent.js CHANGED
@@ -16,7 +16,7 @@ import { isBrowser } from './features';
16
16
  export class OktaUserAgent {
17
17
  constructor() {
18
18
  // add base sdk env
19
- this.environments = ["okta-auth-js/".concat("5.4.2")];
19
+ this.environments = ["okta-auth-js/".concat("5.7.0")];
20
20
  }
21
21
 
22
22
  addEnvironment(env) {
@@ -31,7 +31,7 @@ export class OktaUserAgent {
31
31
  }
32
32
 
33
33
  getVersion() {
34
- return "5.4.2";
34
+ return "5.7.0";
35
35
  }
36
36
 
37
37
  maybeAddNodeEnvironment() {
package/esm/StorageManager.js CHANGED
@@ -9,7 +9,7 @@
9
9
  *
10
10
  * See the License for the specific language governing permissions and limitations under the License.
11
11
  */
12
- import { PKCE_STORAGE_NAME, TOKEN_STORAGE_NAME, TRANSACTION_STORAGE_NAME, IDX_RESPONSE_STORAGE_NAME, CACHE_STORAGE_NAME, REDIRECT_OAUTH_PARAMS_NAME } from './constants';
12
+ import { PKCE_STORAGE_NAME, TOKEN_STORAGE_NAME, TRANSACTION_STORAGE_NAME, SHARED_TRANSACTION_STORAGE_NAME, IDX_RESPONSE_STORAGE_NAME, CACHE_STORAGE_NAME, REDIRECT_OAUTH_PARAMS_NAME } from './constants';
13
13
  import SavedObject from './SavedObject';
14
14
  import { isBrowser } from './features';
15
15
  import { warn } from './util';
@@ -75,6 +75,14 @@ export default class StorageManager {
75
75
  var storage = this.getStorage(options);
76
76
  var storageKey = options.storageKey || TRANSACTION_STORAGE_NAME;
77
77
  return new SavedObject(storage, storageKey);
78
+ }
79
+
80
+ getSharedTansactionStorage(options) {
81
+ options = this.getOptionsForSection('shared-transaction', options);
82
+ logServerSideMemoryStorageWarning(options);
83
+ var storage = this.getStorage(options);
84
+ var storageKey = options.storageKey || SHARED_TRANSACTION_STORAGE_NAME;
85
+ return new SavedObject(storage, storageKey);
78
86
  } // intermediate idxResponse
79
87
  // store for network traffic optimazation purpose
80
88
  // TODO: revisit in auth-js 6.0 epic JIRA: OKTA-399791
package/esm/StorageManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/StorageManager.ts"],"names":["PKCE_STORAGE_NAME","TOKEN_STORAGE_NAME","TRANSACTION_STORAGE_NAME","IDX_RESPONSE_STORAGE_NAME","CACHE_STORAGE_NAME","REDIRECT_OAUTH_PARAMS_NAME","SavedObject","isBrowser","warn","AuthSdkError","logServerSideMemoryStorageWarning","options","storageProvider","StorageManager","constructor","storageManagerOptions","cookieOptions","storageUtil","getOptionsForSection","sectionName","overrideOptions","Object","assign","getStorage","storageType","storageTypes","sessionCookie","idx","indexOf","slice","findStorageType","getStorageByType","getTransactionStorage","storage","storageKey","getIdxResponseStorage","e","transactionStorage","getItem","key","transaction","setItem","val","setStorage","removeItem","getTokenStorage","getHttpCache","getLegacyPKCEStorage","getLegacyOAuthParamsStorage"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAIA,SACEA,iBADF,EAEEC,kBAFF,EAGEC,wBAHF,EAIEC,yBAJF,EAKEC,kBALF,EAMEC,0BANF,QAOO,aAPP;AAmBA,OAAOC,WAAP,MAAwB,eAAxB;AACA,SAASC,SAAT,QAA0B,YAA1B;AACA,SAASC,IAAT,QAAqB,QAArB;AACA,SAASC,YAAT,QAA6B,UAA7B;;AAEA,SAASC,iCAAT,CAA2CC,OAA3C,EAAoE;AAClE,MAAI,CAACJ,SAAS,EAAV,IAAgB,CAACI,OAAO,CAACC,eAAzB,IAA4C,CAACD,OAAO,CAACC,eAAzD,EAA0E;AACxE;AACAJ,IAAAA,IAAI,CAAC,6KAAD,CAAJ;AACD;AACF;;AAED,eAAe,MAAMK,cAAN,CAAqB;AAKlCC,EAAAA,WAAW,CAACC,qBAAD,EAA+CC,aAA/C,EAA6EC,WAA7E,EAAuG;AAChH,SAAKF,qBAAL,GAA6BA,qBAA7B;AACA,SAAKC,aAAL,GAAqBA,aAArB;AACA,SAAKC,WAAL,GAAmBA,WAAnB;AACD,GATiC,CAWlC;;;AACAC,EAAAA,oBAAoB,CAACC,WAAD,EAAsBC,eAAtB,EAAwD;AAC1E,WAAOC,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,KAAKP,qBAAL,CAA2BI,WAA3B,CAAlB,EAA2DC,eAA3D,CAAP;AACD,GAdiC,CAgBlC;;;AACAG,EAAAA,UAAU,CAACZ,OAAD,EAAyC;AACjDA,IAAAA,OAAO,GAAGU,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,KAAKN,aAAvB,EAAsCL,OAAtC,CAAV,CADiD,CACS;;AAE1D,QAAIA,OAAO,CAACC,eAAZ,EAA6B;AAC3B,aAAOD,OAAO,CAACC,eAAf;AACD;;AAED,QAAI;AAAEY,MAAAA,WAAF;AAAeC,MAAAA;AAAf,QAAgCd,OAApC;;AAEA,QAAGa,WAAW,KAAK,gBAAnB,EAAqC;AACnCb,MAAAA,OAAO,CAACe,aAAR,GAAwB,IAAxB;AACD,KAXgD,CAajD;;;AACA,QAAIF,WAAW,IAAIC,YAAnB,EAAiC;AAC/B,UAAME,GAAG,GAAGF,YAAY,CAACG,OAAb,CAAqBJ,WAArB,CAAZ;;AACA,UAAIG,GAAG,IAAI,CAAX,EAAc;AACZF,QAAAA,YAAY,GAAGA,YAAY,CAACI,KAAb,CAAmBF,GAAnB,CAAf;AACAH,QAAAA,WAAW,GAAG,IAAd;AACD;AACF;;AAED,QAAI,CAACA,WAAL,EAAkB;AAChBA,MAAAA,WAAW,GAAG,KAAKP,WAAL,CAAiBa,eAAjB,CAAiCL,YAAjC,CAAd;AACD;;AACD,WAAO,KAAKR,WAAL,CAAiBc,gBAAjB,CAAkCP,WAAlC,EAA+Cb,OAA/C,CAAP;AACD,GA3CiC,CA6ClC;;;AACAqB,EAAAA,qBAAqB,CAACrB,OAAD,EAA+C;AAClEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,aAA1B,EAAyCP,OAAzC,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,QAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,QAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBhC,wBAAzC;AACA,WAAO,IAAII,WAAJ,CAAgB2B,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GApDiC,CAsDlC;AACA;AACA;;;AACAC,EAAAA,qBAAqB,CAACxB,OAAD,EAA+C;AAClE,QAAIsB,OAAJ;;AACA,QAAI1B,SAAS,EAAb,EAAiB;AACf;AACA,UAAI;AACF0B,QAAAA,OAAO,GAAG,KAAKhB,WAAL,CAAiBc,gBAAjB,CAAkC,QAAlC,EAA4CpB,OAA5C,CAAV;AACD,OAFD,CAEE,OAAOyB,CAAP,EAAU;AACV;AACA;AACA5B,QAAAA,IAAI,CAAC,yIAAD,CAAJ;AACD;AACF,KATD,MASO;AACL;AACA,UAAM6B,kBAAkB,GAAG,KAAKL,qBAAL,CAA2BrB,OAA3B,CAA3B;;AACA,UAAI0B,kBAAJ,EAAwB;AACtBJ,QAAAA,OAAO,GAAG;AACRK,UAAAA,OAAO,EAAGC,GAAD,IAAS;AAChB,gBAAMC,WAAW,GAAGH,kBAAkB,CAACd,UAAnB,EAApB;;AACA,gBAAIiB,WAAW,IAAIA,WAAW,CAACD,GAAD,CAA9B,EAAqC;AACnC,qBAAOC,WAAW,CAACD,GAAD,CAAlB;AACD;;AACD,mBAAO,IAAP;AACD,WAPO;AAQRE,UAAAA,OAAO,EAAE,CAACF,GAAD,EAAMG,GAAN,KAAc;AACrB,gBAAMF,WAAW,GAAGH,kBAAkB,CAACd,UAAnB,EAApB;;AACA,gBAAI,CAACiB,WAAL,EAAkB;AAChB,oBAAM,IAAI/B,YAAJ,CAAiB,uDAAjB,CAAN;AACD;;AACD+B,YAAAA,WAAW,CAACD,GAAD,CAAX,GAAmBG,GAAnB;AACAL,YAAAA,kBAAkB,CAACM,UAAnB,CAA8BH,WAA9B;AACD,WAfO;AAgBRI,UAAAA,UAAU,EAAGL,GAAD,IAAS;AACnB,gBAAMC,WAAW,GAAGH,kBAAkB,CAACd,UAAnB,EAApB;;AACA,gBAAI,CAACiB,WAAL,EAAkB;AAChB;AACD;;AACD,mBAAOA,WAAW,CAACD,GAAD,CAAlB;AACAF,YAAAA,kBAAkB,CAACM,UAAnB,CAA8BH,WAA9B;AACD;AAvBO,SAAV;AAyBD;AACF;;AAED,QAAI,CAACP,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AAED,WAAO,IAAI3B,WAAJ,CAAgB2B,OAAhB,EAAyB9B,yBAAzB,CAAP;AACD,GAzGiC,CA2GlC;;;AACA0C,EAAAA,eAAe,CAAClC,OAAD,EAA4C;AACzDA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,OAA1B,EAAmCP,OAAnC,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,QAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,QAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBjC,kBAAzC;AACA,WAAO,IAAIK,WAAJ,CAAgB2B,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GAlHiC,CAoHlC;;;AACAY,EAAAA,YAAY,CAACnC,OAAD,EAA4C;AACtDA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,OAA1B,EAAmCP,OAAnC,CAAV;AACA,QAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,QAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsB9B,kBAAzC;AACA,WAAO,IAAIE,WAAJ,CAAgB2B,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GA1HiC,CA4HlC;;;AACAa,EAAAA,oBAAoB,CAACpC,OAAD,EAAwC;AAC1DA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,aAA1B,EAAyCP,OAAzC,CAAV;AACA,QAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,QAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBlC,iBAAzC;AACA,WAAO,IAAIM,WAAJ,CAAgB2B,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDc,EAAAA,2BAA2B,CAACrC,OAAD,EAA4C;AACrEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,qBAA1B,EAAiDP,OAAjD,CAAV;AACA,QAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,QAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsB7B,0BAAzC;AACA,WAAO,IAAIC,WAAJ,CAAgB2B,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAzIiC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n\nimport {\n PKCE_STORAGE_NAME,\n TOKEN_STORAGE_NAME,\n TRANSACTION_STORAGE_NAME,\n IDX_RESPONSE_STORAGE_NAME,\n CACHE_STORAGE_NAME,\n REDIRECT_OAUTH_PARAMS_NAME\n} from './constants';\nimport {\n StorageUtil,\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n TransactionStorage,\n IdxResponseStorage,\n StorageManagerOptions,\n SimpleStorage\n} from './types';\nimport SavedObject from './SavedObject';\nimport { isBrowser } from './features';\nimport { warn } from './util';\nimport { AuthSdkError } from './errors';\n\nfunction logServerSideMemoryStorageWarning(options: StorageOptions) {\n if (!isBrowser() && !options.storageProvider && !options.storageProvider) {\n // eslint-disable-next-line max-len\n warn('Memory storage can only support simple single user use case on server side, please provide custom storageProvider or storageKey if advanced scenarios need to be supported.');\n }\n}\n\nexport default class StorageManager {\n storageManagerOptions: StorageManagerOptions;\n cookieOptions: CookieOptions;\n storageUtil: StorageUtil;\n\n constructor(storageManagerOptions: StorageManagerOptions, cookieOptions: CookieOptions, storageUtil: StorageUtil) {\n this.storageManagerOptions = storageManagerOptions;\n this.cookieOptions = cookieOptions;\n this.storageUtil = storageUtil;\n }\n\n // combines defaults in order\n getOptionsForSection(sectionName: string, overrideOptions?: StorageOptions) {\n return Object.assign({}, this.storageManagerOptions[sectionName], overrideOptions);\n }\n \n // generic method to get any available storage provider\n getStorage(options: StorageOptions): SimpleStorage {\n options = Object.assign({}, this.cookieOptions, options); // set defaults\n\n if (options.storageProvider) {\n return options.storageProvider;\n }\n\n let { storageType, storageTypes } = options;\n\n if(storageType === 'sessionStorage') {\n options.sessionCookie = true;\n }\n\n // Maintain compatibility. Automatically fallback. May change in next major version. OKTA-362589\n if (storageType && storageTypes) {\n const idx = storageTypes.indexOf(storageType);\n if (idx >= 0) {\n storageTypes = storageTypes.slice(idx);\n storageType = null;\n }\n }\n\n if (!storageType) {\n storageType = this.storageUtil.findStorageType(storageTypes);\n }\n return this.storageUtil.getStorageByType(storageType, options);\n }\n\n // stateToken, interactionHandle\n getTransactionStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // intermediate idxResponse\n // store for network traffic optimazation purpose\n // TODO: revisit in auth-js 6.0 epic JIRA: OKTA-399791\n getIdxResponseStorage(options?: StorageOptions): IdxResponseStorage {\n let storage;\n if (isBrowser()) {\n // on browser side only use memory storage \n try {\n storage = this.storageUtil.getStorageByType('memory', options);\n } catch (e) {\n // it's ok to miss response storage\n // eslint-disable-next-line max-len\n warn('No response storage found, you may want to provide custom implementation for intermediate idx responses to optimize the network traffic');\n }\n } else {\n // on server side re-use transaction custom storage\n const transactionStorage = this.getTransactionStorage(options);\n if (transactionStorage) {\n storage = {\n getItem: (key) => {\n const transaction = transactionStorage.getStorage();\n if (transaction && transaction[key]) {\n return transaction[key];\n }\n return null;\n },\n setItem: (key, val) => {\n const transaction = transactionStorage.getStorage();\n if (!transaction) {\n throw new AuthSdkError('Transaction has been cleared, failed to save idxState');\n }\n transaction[key] = val;\n transactionStorage.setStorage(transaction);\n },\n removeItem: (key) => {\n const transaction = transactionStorage.getStorage();\n if (!transaction) {\n return;\n }\n delete transaction[key];\n transactionStorage.setStorage(transaction);\n }\n };\n }\n }\n\n if (!storage) {\n return null;\n }\n\n return new SavedObject(storage, IDX_RESPONSE_STORAGE_NAME);\n }\n\n // access_token, id_token, refresh_token\n getTokenStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('token', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TOKEN_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // caches well-known response, among others\n getHttpCache(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('cache', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || CACHE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // Will be removed in an upcoming major version. OKTA-362589\n getLegacyPKCEStorage(options?: StorageOptions): PKCEStorage {\n options = this.getOptionsForSection('legacy-pkce', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || PKCE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getLegacyOAuthParamsStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('legacy-oauth-params', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || REDIRECT_OAUTH_PARAMS_NAME;\n return new SavedObject(storage, storageKey);\n }\n}\n"],"file":"StorageManager.js"}
1
+ {"version":3,"sources":["../../lib/StorageManager.ts"],"names":["PKCE_STORAGE_NAME","TOKEN_STORAGE_NAME","TRANSACTION_STORAGE_NAME","SHARED_TRANSACTION_STORAGE_NAME","IDX_RESPONSE_STORAGE_NAME","CACHE_STORAGE_NAME","REDIRECT_OAUTH_PARAMS_NAME","SavedObject","isBrowser","warn","AuthSdkError","logServerSideMemoryStorageWarning","options","storageProvider","StorageManager","constructor","storageManagerOptions","cookieOptions","storageUtil","getOptionsForSection","sectionName","overrideOptions","Object","assign","getStorage","storageType","storageTypes","sessionCookie","idx","indexOf","slice","findStorageType","getStorageByType","getTransactionStorage","storage","storageKey","getSharedTansactionStorage","getIdxResponseStorage","e","transactionStorage","getItem","key","transaction","setItem","val","setStorage","removeItem","getTokenStorage","getHttpCache","getLegacyPKCEStorage","getLegacyOAuthParamsStorage"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAIA,SACEA,iBADF,EAEEC,kBAFF,EAGEC,wBAHF,EAIEC,+BAJF,EAKEC,yBALF,EAMEC,kBANF,EAOEC,0BAPF,QAQO,aARP;AAoBA,OAAOC,WAAP,MAAwB,eAAxB;AACA,SAASC,SAAT,QAA0B,YAA1B;AACA,SAASC,IAAT,QAAqB,QAArB;AACA,SAASC,YAAT,QAA6B,UAA7B;;AAEA,SAASC,iCAAT,CAA2CC,OAA3C,EAAoE;AAClE,MAAI,CAACJ,SAAS,EAAV,IAAgB,CAACI,OAAO,CAACC,eAAzB,IAA4C,CAACD,OAAO,CAACC,eAAzD,EAA0E;AACxE;AACAJ,IAAAA,IAAI,CAAC,6KAAD,CAAJ;AACD;AACF;;AAED,eAAe,MAAMK,cAAN,CAAqB;AAKlCC,EAAAA,WAAW,CAACC,qBAAD,EAA+CC,aAA/C,EAA6EC,WAA7E,EAAuG;AAChH,SAAKF,qBAAL,GAA6BA,qBAA7B;AACA,SAAKC,aAAL,GAAqBA,aAArB;AACA,SAAKC,WAAL,GAAmBA,WAAnB;AACD,GATiC,CAWlC;;;AACAC,EAAAA,oBAAoB,CAACC,WAAD,EAAsBC,eAAtB,EAAwD;AAC1E,WAAOC,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,KAAKP,qBAAL,CAA2BI,WAA3B,CAAlB,EAA2DC,eAA3D,CAAP;AACD,GAdiC,CAgBlC;;;AACAG,EAAAA,UAAU,CAACZ,OAAD,EAAyC;AACjDA,IAAAA,OAAO,GAAGU,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,KAAKN,aAAvB,EAAsCL,OAAtC,CAAV,CADiD,CACS;;AAE1D,QAAIA,OAAO,CAACC,eAAZ,EAA6B;AAC3B,aAAOD,OAAO,CAACC,eAAf;AACD;;AAED,QAAI;AAAEY,MAAAA,WAAF;AAAeC,MAAAA;AAAf,QAAgCd,OAApC;;AAEA,QAAGa,WAAW,KAAK,gBAAnB,EAAqC;AACnCb,MAAAA,OAAO,CAACe,aAAR,GAAwB,IAAxB;AACD,KAXgD,CAajD;;;AACA,QAAIF,WAAW,IAAIC,YAAnB,EAAiC;AAC/B,UAAME,GAAG,GAAGF,YAAY,CAACG,OAAb,CAAqBJ,WAArB,CAAZ;;AACA,UAAIG,GAAG,IAAI,CAAX,EAAc;AACZF,QAAAA,YAAY,GAAGA,YAAY,CAACI,KAAb,CAAmBF,GAAnB,CAAf;AACAH,QAAAA,WAAW,GAAG,IAAd;AACD;AACF;;AAED,QAAI,CAACA,WAAL,EAAkB;AAChBA,MAAAA,WAAW,GAAG,KAAKP,WAAL,CAAiBa,eAAjB,CAAiCL,YAAjC,CAAd;AACD;;AACD,WAAO,KAAKR,WAAL,CAAiBc,gBAAjB,CAAkCP,WAAlC,EAA+Cb,OAA/C,CAAP;AACD,GA3CiC,CA6ClC;;;AACAqB,EAAAA,qBAAqB,CAACrB,OAAD,EAA+C;AAClEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,aAA1B,EAAyCP,OAAzC,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,QAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,QAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBjC,wBAAzC;AACA,WAAO,IAAIK,WAAJ,CAAgB2B,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDC,EAAAA,0BAA0B,CAACxB,OAAD,EAA+C;AACvEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,oBAA1B,EAAgDP,OAAhD,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,QAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,QAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBhC,+BAAzC;AACA,WAAO,IAAII,WAAJ,CAAgB2B,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GA5DiC,CA8DlC;AACA;AACA;;;AACAE,EAAAA,qBAAqB,CAACzB,OAAD,EAA+C;AAClE,QAAIsB,OAAJ;;AACA,QAAI1B,SAAS,EAAb,EAAiB;AACf;AACA,UAAI;AACF0B,QAAAA,OAAO,GAAG,KAAKhB,WAAL,CAAiBc,gBAAjB,CAAkC,QAAlC,EAA4CpB,OAA5C,CAAV;AACD,OAFD,CAEE,OAAO0B,CAAP,EAAU;AACV;AACA;AACA7B,QAAAA,IAAI,CAAC,yIAAD,CAAJ;AACD;AACF,KATD,MASO;AACL;AACA,UAAM8B,kBAAkB,GAAG,KAAKN,qBAAL,CAA2BrB,OAA3B,CAA3B;;AACA,UAAI2B,kBAAJ,EAAwB;AACtBL,QAAAA,OAAO,GAAG;AACRM,UAAAA,OAAO,EAAGC,GAAD,IAAS;AAChB,gBAAMC,WAAW,GAAGH,kBAAkB,CAACf,UAAnB,EAApB;;AACA,gBAAIkB,WAAW,IAAIA,WAAW,CAACD,GAAD,CAA9B,EAAqC;AACnC,qBAAOC,WAAW,CAACD,GAAD,CAAlB;AACD;;AACD,mBAAO,IAAP;AACD,WAPO;AAQRE,UAAAA,OAAO,EAAE,CAACF,GAAD,EAAMG,GAAN,KAAc;AACrB,gBAAMF,WAAW,GAAGH,kBAAkB,CAACf,UAAnB,EAApB;;AACA,gBAAI,CAACkB,WAAL,EAAkB;AAChB,oBAAM,IAAIhC,YAAJ,CAAiB,uDAAjB,CAAN;AACD;;AACDgC,YAAAA,WAAW,CAACD,GAAD,CAAX,GAAmBG,GAAnB;AACAL,YAAAA,kBAAkB,CAACM,UAAnB,CAA8BH,WAA9B;AACD,WAfO;AAgBRI,UAAAA,UAAU,EAAGL,GAAD,IAAS;AACnB,gBAAMC,WAAW,GAAGH,kBAAkB,CAACf,UAAnB,EAApB;;AACA,gBAAI,CAACkB,WAAL,EAAkB;AAChB;AACD;;AACD,mBAAOA,WAAW,CAACD,GAAD,CAAlB;AACAF,YAAAA,kBAAkB,CAACM,UAAnB,CAA8BH,WAA9B;AACD;AAvBO,SAAV;AAyBD;AACF;;AAED,QAAI,CAACR,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AAED,WAAO,IAAI3B,WAAJ,CAAgB2B,OAAhB,EAAyB9B,yBAAzB,CAAP;AACD,GAjHiC,CAmHlC;;;AACA2C,EAAAA,eAAe,CAACnC,OAAD,EAA4C;AACzDA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,OAA1B,EAAmCP,OAAnC,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,QAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,QAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBlC,kBAAzC;AACA,WAAO,IAAIM,WAAJ,CAAgB2B,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GA1HiC,CA4HlC;;;AACAa,EAAAA,YAAY,CAACpC,OAAD,EAA4C;AACtDA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,OAA1B,EAAmCP,OAAnC,CAAV;AACA,QAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,QAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsB9B,kBAAzC;AACA,WAAO,IAAIE,WAAJ,CAAgB2B,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GAlIiC,CAoIlC;;;AACAc,EAAAA,oBAAoB,CAACrC,OAAD,EAAwC;AAC1DA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,aAA1B,EAAyCP,OAAzC,CAAV;AACA,QAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,QAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBnC,iBAAzC;AACA,WAAO,IAAIO,WAAJ,CAAgB2B,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDe,EAAAA,2BAA2B,CAACtC,OAAD,EAA4C;AACrEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,qBAA1B,EAAiDP,OAAjD,CAAV;AACA,QAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,QAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsB7B,0BAAzC;AACA,WAAO,IAAIC,WAAJ,CAAgB2B,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAjJiC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n\nimport {\n PKCE_STORAGE_NAME,\n TOKEN_STORAGE_NAME,\n TRANSACTION_STORAGE_NAME,\n SHARED_TRANSACTION_STORAGE_NAME,\n IDX_RESPONSE_STORAGE_NAME,\n CACHE_STORAGE_NAME,\n REDIRECT_OAUTH_PARAMS_NAME\n} from './constants';\nimport {\n StorageUtil,\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n TransactionStorage,\n IdxResponseStorage,\n StorageManagerOptions,\n SimpleStorage\n} from './types';\nimport SavedObject from './SavedObject';\nimport { isBrowser } from './features';\nimport { warn } from './util';\nimport { AuthSdkError } from './errors';\n\nfunction logServerSideMemoryStorageWarning(options: StorageOptions) {\n if (!isBrowser() && !options.storageProvider && !options.storageProvider) {\n // eslint-disable-next-line max-len\n warn('Memory storage can only support simple single user use case on server side, please provide custom storageProvider or storageKey if advanced scenarios need to be supported.');\n }\n}\n\nexport default class StorageManager {\n storageManagerOptions: StorageManagerOptions;\n cookieOptions: CookieOptions;\n storageUtil: StorageUtil;\n\n constructor(storageManagerOptions: StorageManagerOptions, cookieOptions: CookieOptions, storageUtil: StorageUtil) {\n this.storageManagerOptions = storageManagerOptions;\n this.cookieOptions = cookieOptions;\n this.storageUtil = storageUtil;\n }\n\n // combines defaults in order\n getOptionsForSection(sectionName: string, overrideOptions?: StorageOptions) {\n return Object.assign({}, this.storageManagerOptions[sectionName], overrideOptions);\n }\n \n // generic method to get any available storage provider\n getStorage(options: StorageOptions): SimpleStorage {\n options = Object.assign({}, this.cookieOptions, options); // set defaults\n\n if (options.storageProvider) {\n return options.storageProvider;\n }\n\n let { storageType, storageTypes } = options;\n\n if(storageType === 'sessionStorage') {\n options.sessionCookie = true;\n }\n\n // Maintain compatibility. Automatically fallback. May change in next major version. OKTA-362589\n if (storageType && storageTypes) {\n const idx = storageTypes.indexOf(storageType);\n if (idx >= 0) {\n storageTypes = storageTypes.slice(idx);\n storageType = null;\n }\n }\n\n if (!storageType) {\n storageType = this.storageUtil.findStorageType(storageTypes);\n }\n return this.storageUtil.getStorageByType(storageType, options);\n }\n\n // stateToken, interactionHandle\n getTransactionStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getSharedTansactionStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('shared-transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || SHARED_TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // intermediate idxResponse\n // store for network traffic optimazation purpose\n // TODO: revisit in auth-js 6.0 epic JIRA: OKTA-399791\n getIdxResponseStorage(options?: StorageOptions): IdxResponseStorage {\n let storage;\n if (isBrowser()) {\n // on browser side only use memory storage \n try {\n storage = this.storageUtil.getStorageByType('memory', options);\n } catch (e) {\n // it's ok to miss response storage\n // eslint-disable-next-line max-len\n warn('No response storage found, you may want to provide custom implementation for intermediate idx responses to optimize the network traffic');\n }\n } else {\n // on server side re-use transaction custom storage\n const transactionStorage = this.getTransactionStorage(options);\n if (transactionStorage) {\n storage = {\n getItem: (key) => {\n const transaction = transactionStorage.getStorage();\n if (transaction && transaction[key]) {\n return transaction[key];\n }\n return null;\n },\n setItem: (key, val) => {\n const transaction = transactionStorage.getStorage();\n if (!transaction) {\n throw new AuthSdkError('Transaction has been cleared, failed to save idxState');\n }\n transaction[key] = val;\n transactionStorage.setStorage(transaction);\n },\n removeItem: (key) => {\n const transaction = transactionStorage.getStorage();\n if (!transaction) {\n return;\n }\n delete transaction[key];\n transactionStorage.setStorage(transaction);\n }\n };\n }\n }\n\n if (!storage) {\n return null;\n }\n\n return new SavedObject(storage, IDX_RESPONSE_STORAGE_NAME);\n }\n\n // access_token, id_token, refresh_token\n getTokenStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('token', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TOKEN_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // caches well-known response, among others\n getHttpCache(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('cache', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || CACHE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // Will be removed in an upcoming major version. OKTA-362589\n getLegacyPKCEStorage(options?: StorageOptions): PKCEStorage {\n options = this.getOptionsForSection('legacy-pkce', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || PKCE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getLegacyOAuthParamsStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('legacy-oauth-params', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || REDIRECT_OAUTH_PARAMS_NAME;\n return new SavedObject(storage, storageKey);\n }\n}\n"],"file":"StorageManager.js"}
package/esm/TransactionManager.js CHANGED
@@ -14,6 +14,7 @@ import { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_
14
14
  import { isTransactionMeta, isOAuthTransactionMeta } from './types';
15
15
  import { isRawIdxResponse } from './idx/types/idx-js';
16
16
  import { warn } from './util';
17
+ import { clearTransactionFromSharedStorage, loadTransactionFromSharedStorage, pruneSharedStorage, saveTransactionToSharedStorage } from './util/sharedStorage';
17
18
  export default class TransactionManager {
18
19
  constructor(options) {
19
20
  this.storageManager = options.storageManager;
@@ -21,6 +22,7 @@ export default class TransactionManager {
21
22
  this.saveNonceCookie = options.saveNonceCookie === false ? false : true;
22
23
  this.saveStateCookie = options.saveStateCookie === false ? false : true;
23
24
  this.saveParamsCookie = options.saveParamsCookie === false ? false : true;
25
+ this.enableSharedStorage = options.enableSharedStorage === false ? false : true;
24
26
  this.options = options;
25
27
  }
26
28
 
@@ -31,6 +33,10 @@ export default class TransactionManager {
31
33
  var idxStateStorage = this.storageManager.getIdxResponseStorage();
32
34
  idxStateStorage === null || idxStateStorage === void 0 ? void 0 : idxStateStorage.clearStorage();
33
35
 
36
+ if (this.enableSharedStorage && options.state) {
37
+ clearTransactionFromSharedStorage(this.storageManager, options.state);
38
+ }
39
+
34
40
  if (!this.legacyWidgetSupport) {
35
41
  return;
36
42
  } // This is for compatibility with older versions of the signin widget. OKTA-304806
@@ -52,9 +58,11 @@ export default class TransactionManager {
52
58
  // Before saving, check to see if a transaction is already stored.
53
59
  // An existing transaction indicates a concurrency/race/overlap condition
54
60
  var storage = this.storageManager.getTransactionStorage();
55
- var obj = storage.getStorage();
61
+ var obj = storage.getStorage(); // oie process may need to update transaction in the middle of process for tracking purpose
62
+ // false alarm might be caused
63
+ // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919
56
64
 
57
- if (isTransactionMeta(obj)) {
65
+ if (isTransactionMeta(obj) && !options.muteWarning) {
58
66
  // eslint-disable-next-line max-len
59
67
  warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');
60
68
  }
@@ -63,7 +71,8 @@ export default class TransactionManager {
63
71
 
64
72
  if (!options.oauth) {
65
73
  return;
66
- }
74
+ } // Legacy cookie storage
75
+
67
76
 
68
77
  if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {
69
78
  var cookieStorage = this.storageManager.getStorage({
@@ -101,6 +110,11 @@ export default class TransactionManager {
101
110
  // Set state cookie for servers to validate state
102
111
  cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);
103
112
  }
113
+ } // Shared storage allows continuation of transaction in another tab
114
+
115
+
116
+ if (this.enableSharedStorage && meta.state) {
117
+ saveTransactionToSharedStorage(this.storageManager, meta.state, meta);
104
118
  }
105
119
  }
106
120
 
@@ -114,12 +128,25 @@ export default class TransactionManager {
114
128
  return false;
115
129
  }
116
130
  } // load transaction meta from storage
131
+ // eslint-disable-next-line complexity,max-statements
117
132
 
118
133
 
119
134
  load() {
120
135
  var options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
136
+ var meta; // If state was passed, try loading transaction data from shared storage
137
+
138
+ if (this.enableSharedStorage && options.state) {
139
+ pruneSharedStorage(this.storageManager); // prune before load
140
+
141
+ meta = loadTransactionFromSharedStorage(this.storageManager, options.state);
142
+
143
+ if (isTransactionMeta(meta)) {
144
+ return meta;
145
+ }
146
+ }
147
+
121
148
  var storage = this.storageManager.getTransactionStorage();
122
- var meta = storage.getStorage();
149
+ meta = storage.getStorage();
123
150
 
124
151
  if (isTransactionMeta(meta)) {
125
152
  // if we have meta in the new location, there is no need to go further