@okta/okta-auth-js 5.4.2 → 5.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (161) hide show
  1. package/CHANGELOG.md +60 -5
  2. package/README.md +66 -977
  3. package/cjs/AuthStateManager.js +5 -0
  4. package/cjs/AuthStateManager.js.map +1 -1
  5. package/cjs/OktaAuth.js +32 -11
  6. package/cjs/OktaAuth.js.map +1 -1
  7. package/cjs/OktaUserAgent.js +2 -2
  8. package/cjs/StorageManager.js +8 -0
  9. package/cjs/StorageManager.js.map +1 -1
  10. package/cjs/TransactionManager.js +32 -4
  11. package/cjs/TransactionManager.js.map +1 -1
  12. package/cjs/browser/browserStorage.js +5 -5
  13. package/cjs/browser/browserStorage.js.map +1 -1
  14. package/cjs/builderUtil.js +6 -0
  15. package/cjs/builderUtil.js.map +1 -1
  16. package/cjs/constants.js +3 -1
  17. package/cjs/constants.js.map +1 -1
  18. package/cjs/fetch/fetchRequest.js +10 -3
  19. package/cjs/fetch/fetchRequest.js.map +1 -1
  20. package/cjs/http/request.js +4 -0
  21. package/cjs/http/request.js.map +1 -1
  22. package/cjs/idx/remediate.js +33 -23
  23. package/cjs/idx/remediate.js.map +1 -1
  24. package/cjs/idx/remediators/Base/AuthenticatorData.js +7 -7
  25. package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
  26. package/cjs/idx/remediators/Base/Remediator.js +13 -7
  27. package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
  28. package/cjs/idx/remediators/Base/SelectAuthenticator.js +6 -6
  29. package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  30. package/cjs/idx/remediators/Base/VerifyAuthenticator.js +18 -14
  31. package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  32. package/cjs/idx/remediators/EnrollProfile.js +14 -0
  33. package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
  34. package/cjs/idx/remediators/Identify.js +5 -2
  35. package/cjs/idx/remediators/Identify.js.map +1 -1
  36. package/cjs/idx/remediators/ReEnrollAuthenticator.js +1 -1
  37. package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
  38. package/cjs/idx/transactionMeta.js +3 -1
  39. package/cjs/idx/transactionMeta.js.map +1 -1
  40. package/cjs/idx/types/idx-js.js.map +1 -1
  41. package/cjs/idx/types/index.js +17 -6
  42. package/cjs/idx/types/index.js.map +1 -1
  43. package/cjs/index.js +6 -6
  44. package/cjs/index.js.map +1 -1
  45. package/cjs/oidc/getToken.js +14 -9
  46. package/cjs/oidc/getToken.js.map +1 -1
  47. package/cjs/oidc/getWithPopup.js +9 -2
  48. package/cjs/oidc/getWithPopup.js.map +1 -1
  49. package/cjs/oidc/getWithRedirect.js +6 -2
  50. package/cjs/oidc/getWithRedirect.js.map +1 -1
  51. package/cjs/oidc/parseFromUrl.js +59 -20
  52. package/cjs/oidc/parseFromUrl.js.map +1 -1
  53. package/cjs/oidc/renewTokens.js +28 -5
  54. package/cjs/oidc/renewTokens.js.map +1 -1
  55. package/cjs/oidc/util/browser.js +1 -13
  56. package/cjs/oidc/util/browser.js.map +1 -1
  57. package/cjs/oidc/util/validateClaims.js +8 -6
  58. package/cjs/oidc/util/validateClaims.js.map +1 -1
  59. package/cjs/options.js +3 -0
  60. package/cjs/options.js.map +1 -1
  61. package/cjs/tx/AuthTransaction.js +1 -3
  62. package/cjs/tx/AuthTransaction.js.map +1 -1
  63. package/cjs/tx/api.js +3 -0
  64. package/cjs/tx/api.js.map +1 -1
  65. package/cjs/types/Transaction.js.map +1 -1
  66. package/cjs/util/sharedStorage.js +54 -0
  67. package/cjs/util/sharedStorage.js.map +1 -0
  68. package/dist/okta-auth-js.min.js +8 -8
  69. package/dist/okta-auth-js.min.js.map +1 -1
  70. package/dist/okta-auth-js.umd.js +8 -8
  71. package/dist/okta-auth-js.umd.js.map +1 -1
  72. package/esm/AuthStateManager.js +5 -0
  73. package/esm/AuthStateManager.js.map +1 -1
  74. package/esm/OktaAuth.js +32 -12
  75. package/esm/OktaAuth.js.map +1 -1
  76. package/esm/OktaUserAgent.js +2 -2
  77. package/esm/StorageManager.js +9 -1
  78. package/esm/StorageManager.js.map +1 -1
  79. package/esm/TransactionManager.js +31 -4
  80. package/esm/TransactionManager.js.map +1 -1
  81. package/esm/browser/browserStorage.js +5 -5
  82. package/esm/browser/browserStorage.js.map +1 -1
  83. package/esm/builderUtil.js +6 -0
  84. package/esm/builderUtil.js.map +1 -1
  85. package/esm/constants.js +1 -0
  86. package/esm/constants.js.map +1 -1
  87. package/esm/fetch/fetchRequest.js +10 -3
  88. package/esm/fetch/fetchRequest.js.map +1 -1
  89. package/esm/http/request.js +4 -0
  90. package/esm/http/request.js.map +1 -1
  91. package/esm/idx/remediate.js +41 -29
  92. package/esm/idx/remediate.js.map +1 -1
  93. package/esm/idx/remediators/Base/AuthenticatorData.js +7 -7
  94. package/esm/idx/remediators/Base/AuthenticatorData.js.map +1 -1
  95. package/esm/idx/remediators/Base/Remediator.js +13 -8
  96. package/esm/idx/remediators/Base/Remediator.js.map +1 -1
  97. package/esm/idx/remediators/Base/SelectAuthenticator.js +6 -6
  98. package/esm/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  99. package/esm/idx/remediators/Base/VerifyAuthenticator.js +18 -15
  100. package/esm/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  101. package/esm/idx/remediators/EnrollProfile.js +21 -4
  102. package/esm/idx/remediators/EnrollProfile.js.map +1 -1
  103. package/esm/idx/remediators/Identify.js +4 -2
  104. package/esm/idx/remediators/Identify.js.map +1 -1
  105. package/esm/idx/remediators/ReEnrollAuthenticator.js +1 -1
  106. package/esm/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
  107. package/esm/idx/transactionMeta.js +3 -1
  108. package/esm/idx/transactionMeta.js.map +1 -1
  109. package/esm/idx/types/idx-js.js.map +1 -1
  110. package/esm/idx/types/index.js +15 -5
  111. package/esm/idx/types/index.js.map +1 -1
  112. package/esm/index.js +2 -2
  113. package/esm/index.js.map +1 -1
  114. package/esm/oidc/getToken.js +15 -10
  115. package/esm/oidc/getToken.js.map +1 -1
  116. package/esm/oidc/getWithPopup.js +8 -2
  117. package/esm/oidc/getWithPopup.js.map +1 -1
  118. package/esm/oidc/getWithRedirect.js +6 -2
  119. package/esm/oidc/getWithRedirect.js.map +1 -1
  120. package/esm/oidc/parseFromUrl.js +59 -17
  121. package/esm/oidc/parseFromUrl.js.map +1 -1
  122. package/esm/oidc/renewTokens.js +27 -5
  123. package/esm/oidc/renewTokens.js.map +1 -1
  124. package/esm/oidc/util/browser.js +1 -12
  125. package/esm/oidc/util/browser.js.map +1 -1
  126. package/esm/oidc/util/validateClaims.js +8 -6
  127. package/esm/oidc/util/validateClaims.js.map +1 -1
  128. package/esm/options.js +3 -0
  129. package/esm/options.js.map +1 -1
  130. package/esm/tx/AuthTransaction.js +1 -3
  131. package/esm/tx/AuthTransaction.js.map +1 -1
  132. package/esm/tx/api.js +3 -0
  133. package/esm/tx/api.js.map +1 -1
  134. package/esm/types/Transaction.js.map +1 -1
  135. package/esm/util/sharedStorage.js +43 -0
  136. package/esm/util/sharedStorage.js.map +1 -0
  137. package/lib/AuthStateManager.d.ts +4 -2
  138. package/lib/OktaAuth.d.ts +3 -2
  139. package/lib/StorageManager.d.ts +1 -0
  140. package/lib/TransactionManager.d.ts +1 -0
  141. package/lib/constants.d.ts +1 -0
  142. package/lib/idx/remediators/Base/AuthenticatorData.d.ts +2 -5
  143. package/lib/idx/remediators/Base/Remediator.d.ts +3 -6
  144. package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +3 -6
  145. package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +1 -1
  146. package/lib/idx/remediators/EnrollProfile.d.ts +1 -0
  147. package/lib/idx/remediators/Identify.d.ts +1 -5
  148. package/lib/idx/types/idx-js.d.ts +1 -0
  149. package/lib/idx/types/index.d.ts +19 -9
  150. package/lib/index.d.ts +2 -1
  151. package/lib/oidc/getToken.d.ts +2 -2
  152. package/lib/oidc/parseFromUrl.d.ts +4 -1
  153. package/lib/oidc/renewTokens.d.ts +0 -12
  154. package/lib/types/AuthState.d.ts +1 -0
  155. package/lib/types/OktaAuthOptions.d.ts +2 -1
  156. package/lib/types/Storage.d.ts +3 -0
  157. package/lib/types/Transaction.d.ts +5 -1
  158. package/lib/types/api.d.ts +9 -4
  159. package/lib/types/http.d.ts +1 -0
  160. package/lib/util/sharedStorage.d.ts +6 -0
  161. package/package.json +5 -4
package/esm/TransactionManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["AuthSdkError","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_STATE_COOKIE_NAME","isTransactionMeta","isOAuthTransactionMeta","isRawIdxResponse","warn","TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","clear","transactionStorage","getTransactionStorage","clearStorage","idxStateStorage","getIdxResponseStorage","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","meta","storage","obj","getStorage","setStorage","cookieStorage","storageType","responseType","state","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","JSON","stringify","exists","load","loadLegacyOAuthParams","Object","assign","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","loadIdxResponse"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,SAASA,YAAT,QAA6B,UAA7B;AACA,SAASC,0BAAT,EAAqCC,0BAArC,EAAiEC,0BAAjE,QAAmG,aAAnG;AAEA,SAGEC,iBAHF,EAIEC,sBAJF,QAUO,SAVP;AAWA,SAAyBC,gBAAzB,QAAiD,oBAAjD;AACA,SAASC,IAAT,QAAqB,QAArB;AAEA,eAAe,MAAMC,kBAAN,CAAyB;AAQtCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKL,OAAL,GAAeA,OAAf;AACD;;AAEDM,EAAAA,KAAK,GAAuC;AAAA,QAAtCN,OAAsC,uEAAJ,EAAI;AAC1C,QAAMO,kBAAmC,GAAG,KAAKN,cAAL,CAAoBO,qBAApB,EAA5C;AACAD,IAAAA,kBAAkB,CAACE,YAAnB;AAEA,QAAMC,eAAgC,GAAG,KAAKT,cAAL,CAAoBU,qBAApB,EAAzC;AACAD,IAAAA,eAAe,SAAf,IAAAA,eAAe,WAAf,YAAAA,eAAe,CAAED,YAAjB;;AAEA,QAAI,CAAC,KAAKP,mBAAV,EAA+B;AAC7B;AACD,KATyC,CAW1C;;;AACA,QAAIF,OAAO,CAACY,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIb,OAAO,CAACc,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GApCqC,CAsCtC;;;AACAC,EAAAA,IAAI,CAACC,IAAD,EAA8D;AAAA,QAAtCjB,OAAsC,uEAAJ,EAAI;AAChE;AACA;AACA;AAEA,QAAIkB,OAAwB,GAAG,KAAKjB,cAAL,CAAoBO,qBAApB,EAA/B;AACA,QAAMW,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAZ;;AACA,QAAI1B,iBAAiB,CAACyB,GAAD,CAArB,EAA4B;AAC1B;AACAtB,MAAAA,IAAI,CAAC,yGAAD,CAAJ;AACD;;AAEDqB,IAAAA,OAAO,CAACG,UAAR,CAAmBJ,IAAnB;;AAEA,QAAI,CAACjB,OAAO,CAACY,KAAb,EAAoB;AAClB;AACD;;AAED,QAAI,KAAKT,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,UAAMiB,aAA4B,GAAG,KAAKrB,cAAL,CAAoBmB,UAApB,CAA+B;AAAEG,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKlB,gBAAT,EAA2B;AACzB,YAAM;AACJmB,UAAAA,YADI;AAEJC,UAAAA,KAFI;AAGJC,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFb,IARJ;AASA,YAAMc,WAAW,GAAG;AAClBP,UAAAA,YADkB;AAElBC,UAAAA,KAFkB;AAGlBC,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAR,QAAAA,aAAa,CAACU,OAAd,CAAsBxC,0BAAtB,EAAkDyC,IAAI,CAACC,SAAL,CAAeH,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK5B,eAAL,IAAwBc,IAAI,CAACS,KAAjC,EAAwC;AACtC;AACAJ,QAAAA,aAAa,CAACU,OAAd,CAAsBzC,0BAAtB,EAAkD0B,IAAI,CAACS,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKtB,eAAL,IAAwBa,IAAI,CAACQ,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACU,OAAd,CAAsBvC,0BAAtB,EAAkDwB,IAAI,CAACQ,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDU,EAAAA,MAAM,GAAgD;AAAA,QAA/CnC,OAA+C,uEAAb,EAAa;;AACpD,QAAI;AACF,UAAMiB,IAAqB,GAAG,KAAKmB,IAAL,CAAUpC,OAAV,CAA9B;AACA,aAAO,CAAC,CAACiB,IAAT;AACD,KAHD,CAGE,gBAAM;AACN,aAAO,KAAP;AACD;AACF,GArGqC,CAuGtC;;;AACAmB,EAAAA,IAAI,GAAwD;AAAA,QAAvDpC,OAAuD,uEAArB,EAAqB;AAC1D,QAAIkB,OAAwB,GAAG,KAAKjB,cAAL,CAAoBO,qBAApB,EAA/B;AACA,QAAIS,IAAI,GAAGC,OAAO,CAACE,UAAR,EAAX;;AACA,QAAI1B,iBAAiB,CAACuB,IAAD,CAArB,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKf,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAVyD,CAY1D;;;AACA,QAAIF,OAAO,CAACY,KAAZ,EAAmB;AACjB,UAAI;AACF,YAAMmB,WAAW,GAAG,KAAKM,qBAAL,EAApB;AACAC,QAAAA,MAAM,CAACC,MAAP,CAActB,IAAd,EAAoBc,WAApB;AACD,OAHD,SAGU;AACR,aAAKlB,sBAAL;AACD;AACF;;AAED,QAAIb,OAAO,CAACc,IAAZ,EAAkB;AAChB,UAAI;AACF,YAAM0B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACAH,QAAAA,MAAM,CAACC,MAAP,CAActB,IAAd,EAAoBuB,QAApB;AACD,OAHD,SAGU;AACR,aAAKzB,eAAL;AACD;AACF;;AAED,QAAIrB,iBAAiB,CAACuB,IAAD,CAArB,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GA3IqC,CA6ItC;;;AACAF,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIG,OAAJ;;AAEA,QAAI,KAAKjB,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB2C,oBAApB,CAAyC;AAAErB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKR,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB2C,oBAApB,CAAyC;AAAErB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAEDgC,EAAAA,cAAc,GAAwB;AACpC,QAAIvB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKlB,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB2C,oBAApB,CAAyC;AAAErB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAN;;AACA,UAAID,GAAG,IAAIA,GAAG,CAAC0B,YAAf,EAA6B;AAC3B,eAAO1B,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKlB,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB2C,oBAApB,CAAyC;AAAErB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAN;;AACA,UAAID,GAAG,IAAIA,GAAG,CAAC0B,YAAf,EAA6B;AAC3B,eAAO1B,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAI7B,YAAJ,CAAiB,yJAAjB,EAA4K,IAA5K,CAAN;AACD;;AAEDuB,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAIK,OAAJ;;AAEA,QAAI,KAAKjB,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB6C,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKR,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB6C,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED4B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAInB,OAAJ;AACA,QAAIa,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAK9B,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB6C,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAQ,MAAAA,WAAW,GAAGb,OAAO,CAACE,UAAR,EAAd;AACD;;AACD,QAAIzB,sBAAsB,CAACoC,WAAD,CAA1B,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAK9B,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB6C,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAQ,MAAAA,WAAW,GAAGb,OAAO,CAACE,UAAR,EAAd;AACD;;AAED,QAAIzB,sBAAsB,CAACoC,WAAD,CAA1B,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIzC,YAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDyD,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,QAAM9B,OAAwB,GAAG,KAAKjB,cAAL,CAAoBU,qBAApB,EAAjC;;AACA,QAAI,CAACO,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB2B,WAAnB;AACD;;AAEDC,EAAAA,eAAe,GAAmB;AAChC,QAAM/B,OAAwB,GAAG,KAAKjB,cAAL,CAAoBU,qBAApB,EAAjC;;AACA,QAAI,CAACO,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,QAAM8B,WAAW,GAAG9B,OAAO,CAACE,UAAR,EAApB;;AACA,QAAI,CAACxB,gBAAgB,CAACoD,WAAD,CAArB,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AAxPqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport StorageManager from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\n\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n\n constructor(options: TransactionManagerOptions) {\n this.storageManager = options.storageManager;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.options = options;\n }\n\n clear(options: TransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n transactionStorage.clearStorage();\n\n const idxStateStorage: StorageProvider = this.storageManager.getIdxResponseStorage();\n idxStateStorage?.clearStorage();\n\n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n if (isTransactionMeta(obj)) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n if (!options.oauth) {\n return;\n }\n \n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta: TransactionMeta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n load(options: TransactionMetaOptions = {}): TransactionMeta {\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n let meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse(idxResponse: RawIdxResponse): void {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(idxResponse);\n }\n\n loadIdxResponse(): RawIdxResponse {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const idxResponse = storage.getStorage();\n if (!isRawIdxResponse(idxResponse)) {\n return null;\n }\n return idxResponse;\n }\n}"],"file":"TransactionManager.js"}
1
+ {"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["AuthSdkError","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_STATE_COOKIE_NAME","isTransactionMeta","isOAuthTransactionMeta","isRawIdxResponse","warn","clearTransactionFromSharedStorage","loadTransactionFromSharedStorage","pruneSharedStorage","saveTransactionToSharedStorage","TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","clear","transactionStorage","getTransactionStorage","clearStorage","idxStateStorage","getIdxResponseStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","meta","storage","obj","getStorage","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","JSON","stringify","exists","load","loadLegacyOAuthParams","Object","assign","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","loadIdxResponse"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,SAASA,YAAT,QAA6B,UAA7B;AACA,SAASC,0BAAT,EAAqCC,0BAArC,EAAiEC,0BAAjE,QAAmG,aAAnG;AAEA,SAGEC,iBAHF,EAIEC,sBAJF,QAUO,SAVP;AAWA,SAAyBC,gBAAzB,QAAiD,oBAAjD;AACA,SAASC,IAAT,QAAqB,QAArB;AACA,SACEC,iCADF,EAEEC,gCAFF,EAGEC,kBAHF,EAIEC,8BAJF,QAKO,sBALP;AAMA,eAAe,MAAMC,kBAAN,CAAyB;AAStCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKN,OAAL,GAAeA,OAAf;AACD;;AAEDO,EAAAA,KAAK,GAAuC;AAAA,QAAtCP,OAAsC,uEAAJ,EAAI;AAC1C,QAAMQ,kBAAmC,GAAG,KAAKP,cAAL,CAAoBQ,qBAApB,EAA5C;AACAD,IAAAA,kBAAkB,CAACE,YAAnB;AAEA,QAAMC,eAAgC,GAAG,KAAKV,cAAL,CAAoBW,qBAApB,EAAzC;AACAD,IAAAA,eAAe,SAAf,IAAAA,eAAe,WAAf,YAAAA,eAAe,CAAED,YAAjB;;AAEA,QAAI,KAAKJ,mBAAL,IAA4BN,OAAO,CAACa,KAAxC,EAA+C;AAC7CnB,MAAAA,iCAAiC,CAAC,KAAKO,cAAN,EAAsBD,OAAO,CAACa,KAA9B,CAAjC;AACD;;AAED,QAAI,CAAC,KAAKX,mBAAV,EAA+B;AAC7B;AACD,KAbyC,CAe1C;;;AACA,QAAIF,OAAO,CAACc,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIf,OAAO,CAACgB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GA1CqC,CA4CtC;;;AACAC,EAAAA,IAAI,CAACC,IAAD,EAA8D;AAAA,QAAtCnB,OAAsC,uEAAJ,EAAI;AAChE;AACA;AACA;AAEA,QAAIoB,OAAwB,GAAG,KAAKnB,cAAL,CAAoBQ,qBAApB,EAA/B;AACA,QAAMY,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAIhC,iBAAiB,CAAC+B,GAAD,CAAjB,IAA0B,CAACrB,OAAO,CAACuB,WAAvC,EAAoD;AAClD;AACA9B,MAAAA,IAAI,CAAC,yGAAD,CAAJ;AACD;;AAED2B,IAAAA,OAAO,CAACI,UAAR,CAAmBL,IAAnB;;AAEA,QAAI,CAACnB,OAAO,CAACc,KAAb,EAAoB;AAClB;AACD,KAnB+D,CAqBhE;;;AACA,QAAI,KAAKX,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,UAAMoB,aAA4B,GAAG,KAAKxB,cAAL,CAAoBqB,UAApB,CAA+B;AAAEI,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKrB,gBAAT,EAA2B;AACzB,YAAM;AACJsB,UAAAA,YADI;AAEJd,UAAAA,KAFI;AAGJe,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFb,IARJ;AASA,YAAMc,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBd,UAAAA,KAFkB;AAGlBe,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsB9C,0BAAtB,EAAkD+C,IAAI,CAACC,SAAL,CAAeH,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK9B,eAAL,IAAwBgB,IAAI,CAACS,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsB/C,0BAAtB,EAAkDgC,IAAI,CAACS,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKxB,eAAL,IAAwBe,IAAI,CAACN,KAAjC,EAAwC;AACtC;AACAY,QAAAA,aAAa,CAACS,OAAd,CAAsB7C,0BAAtB,EAAkD8B,IAAI,CAACN,KAAvD,EAA8D,IAA9D;AACD;AACF,KAxD+D,CA0DhE;;;AACA,QAAI,KAAKP,mBAAL,IAA4Ba,IAAI,CAACN,KAArC,EAA4C;AAC1ChB,MAAAA,8BAA8B,CAAC,KAAKI,cAAN,EAAsBkB,IAAI,CAACN,KAA3B,EAAkCM,IAAlC,CAA9B;AACD;AACF;;AAEDkB,EAAAA,MAAM,GAAgD;AAAA,QAA/CrC,OAA+C,uEAAb,EAAa;;AACpD,QAAI;AACF,UAAMmB,IAAqB,GAAG,KAAKmB,IAAL,CAAUtC,OAAV,CAA9B;AACA,aAAO,CAAC,CAACmB,IAAT;AACD,KAHD,CAGE,gBAAM;AACN,aAAO,KAAP;AACD;AACF,GApHqC,CAsHtC;AACA;;;AACAmB,EAAAA,IAAI,GAAwD;AAAA,QAAvDtC,OAAuD,uEAArB,EAAqB;AAE1D,QAAImB,IAAJ,CAF0D,CAI1D;;AACA,QAAI,KAAKb,mBAAL,IAA4BN,OAAO,CAACa,KAAxC,EAA+C;AAC7CjB,MAAAA,kBAAkB,CAAC,KAAKK,cAAN,CAAlB,CAD6C,CACJ;;AACzCkB,MAAAA,IAAI,GAAGxB,gCAAgC,CAAC,KAAKM,cAAN,EAAsBD,OAAO,CAACa,KAA9B,CAAvC;;AACA,UAAIvB,iBAAiB,CAAC6B,IAAD,CAArB,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIC,OAAwB,GAAG,KAAKnB,cAAL,CAAoBQ,qBAApB,EAA/B;AACAU,IAAAA,IAAI,GAAGC,OAAO,CAACE,UAAR,EAAP;;AACA,QAAIhC,iBAAiB,CAAC6B,IAAD,CAArB,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKjB,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtByD,CAwB1D;;;AACA,QAAIF,OAAO,CAACc,KAAZ,EAAmB;AACjB,UAAI;AACF,YAAMmB,WAAW,GAAG,KAAKM,qBAAL,EAApB;AACAC,QAAAA,MAAM,CAACC,MAAP,CAActB,IAAd,EAAoBc,WAApB;AACD,OAHD,SAGU;AACR,aAAKlB,sBAAL;AACD;AACF;;AAED,QAAIf,OAAO,CAACgB,IAAZ,EAAkB;AAChB,UAAI;AACF,YAAM0B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACAH,QAAAA,MAAM,CAACC,MAAP,CAActB,IAAd,EAAoBuB,QAApB;AACD,OAHD,SAGU;AACR,aAAKzB,eAAL;AACD;AACF;;AAED,QAAI3B,iBAAiB,CAAC6B,IAAD,CAArB,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAvKqC,CAyKtC;;;AACAF,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIG,OAAJ;;AAEA,QAAI,KAAKnB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEzB,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEpB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAN,MAAAA,OAAO,CAACV,YAAR;AACD;;AAED,QAAI,KAAKT,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEzB,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEpB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAN,MAAAA,OAAO,CAACV,YAAR;AACD;AACF;;AAEDiC,EAAAA,cAAc,GAAwB;AACpC,QAAIvB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKpB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEzB,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEpB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAN;;AACA,UAAID,GAAG,IAAIA,GAAG,CAAC0B,YAAf,EAA6B;AAC3B,eAAO1B,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKpB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEzB,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEpB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAN;;AACA,UAAID,GAAG,IAAIA,GAAG,CAAC0B,YAAf,EAA6B;AAC3B,eAAO1B,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAInC,YAAJ,CAAiB,yJAAjB,EAA4K,IAA5K,CAAN;AACD;;AAED6B,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAIK,OAAJ;;AAEA,QAAI,KAAKnB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEzB,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoB+C,2BAApB,CAAgD;AAAEtB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAN,MAAAA,OAAO,CAACV,YAAR;AACD;;AAED,QAAI,KAAKT,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DzB,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoB+C,2BAApB,CAAgD;AAAEtB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAN,MAAAA,OAAO,CAACV,YAAR;AACD;AACF;;AAED6B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAInB,OAAJ;AACA,QAAIa,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKhC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEzB,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoB+C,2BAApB,CAAgD;AAAEtB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGb,OAAO,CAACE,UAAR,EAAd;AACD;;AACD,QAAI/B,sBAAsB,CAAC0C,WAAD,CAA1B,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKhC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DzB,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoB+C,2BAApB,CAAgD;AAAEtB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGb,OAAO,CAACE,UAAR,EAAd;AACD;;AAED,QAAI/B,sBAAsB,CAAC0C,WAAD,CAA1B,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAI/C,YAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAED+D,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,QAAM9B,OAAwB,GAAG,KAAKnB,cAAL,CAAoBW,qBAApB,EAAjC;;AACA,QAAI,CAACQ,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACI,UAAR,CAAmB0B,WAAnB;AACD;;AAEDC,EAAAA,eAAe,GAAmB;AAChC,QAAM/B,OAAwB,GAAG,KAAKnB,cAAL,CAAoBW,qBAApB,EAAjC;;AACA,QAAI,CAACQ,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,QAAM8B,WAAW,GAAG9B,OAAO,CAACE,UAAR,EAApB;;AACA,QAAI,CAAC9B,gBAAgB,CAAC0D,WAAD,CAArB,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AApRqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport StorageManager from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n enableSharedStorage: boolean;\n\n constructor(options: TransactionManagerOptions) {\n this.storageManager = options.storageManager;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.options = options;\n }\n\n clear(options: TransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n transactionStorage.clearStorage();\n\n const idxStateStorage: StorageProvider = this.storageManager.getIdxResponseStorage();\n idxStateStorage?.clearStorage();\n\n if (this.enableSharedStorage && options.state) {\n clearTransactionFromSharedStorage(this.storageManager, options.state);\n }\n \n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n if (!options.oauth) {\n return;\n }\n \n // Legacy cookie storage\n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta: TransactionMeta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse(idxResponse: RawIdxResponse): void {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(idxResponse);\n }\n\n loadIdxResponse(): RawIdxResponse {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const idxResponse = storage.getStorage();\n if (!isRawIdxResponse(idxResponse)) {\n return null;\n }\n return idxResponse;\n }\n}"],"file":"TransactionManager.js"}
package/esm/browser/browserStorage.js CHANGED
@@ -192,14 +192,14 @@ var storageUtil = {
192
192
  };
193
193
  },
194
194
  // Provides an in-memory solution
195
+ inMemoryStore: {},
195
196
  getInMemoryStorage: function getInMemoryStorage() {
196
- var store = {};
197
197
  return {
198
- getItem: function getItem(key) {
199
- return store[key];
198
+ getItem: key => {
199
+ return this.inMemoryStore[key];
200
200
  },
201
- setItem: function setItem(key, value) {
202
- store[key] = value;
201
+ setItem: (key, value) => {
202
+ this.inMemoryStore[key] = value;
203
203
  }
204
204
  };
205
205
  },
package/esm/browser/browserStorage.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/browser/browserStorage.ts"],"names":["AuthSdkError","warn","Cookies","require","storageUtil","getHttpCache","getPKCEStorage","browserHasLocalStorage","storage","getLocalStorage","testStorage","e","browserHasSessionStorage","getSessionStorage","testStorageType","storageType","supported","getStorageByType","options","storageProvider","getCookieStorage","getInMemoryStorage","findStorageType","types","curType","nextType","slice","shift","length","localStorage","sessionStorage","secure","sameSite","sessionCookie","getItem","get","setItem","key","value","expiresAt","set","removeItem","delete","useMultipleCookies","data","Object","keys","forEach","k","indexOf","replace","JSON","parse","stringify","existingValues","storageKey","valueToStore","store","name","cookieOptions","path","Date","expires","remove"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA,OAAOA,YAAP,MAAyB,wBAAzB;AAWA,SAASC,IAAT,QAAqB,SAArB;;AAEA,IAAMC,OAAO,GAAGC,OAAO,CAAC,WAAD,CAAvB,C,CAEA;;;AACA,IAAIC,WAA+B,GAAG;AAEpC;AACAC,EAAAA,YAAY,GAAoB;AAC9B,WAAO,IAAP;AACD,GALmC;;AAOpCC,EAAAA,cAAc,GAAgB;AAC5B,WAAO,IAAP;AACD,GATmC;;AAWpC;AACA;AACAC,EAAAA,sBAAsB,EAAE,kCAAW;AACjC,QAAI;AACF,UAAIC,OAAO,GAAGJ,WAAW,CAACK,eAAZ,EAAd;AACA,aAAOL,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GApBmC;AAsBpCC,EAAAA,wBAAwB,EAAE,oCAAW;AACnC,QAAI;AACF,UAAIJ,OAAO,GAAGJ,WAAW,CAACS,iBAAZ,EAAd;AACA,aAAOT,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA7BmC;AA+BpCG,EAAAA,eAAe,EAAE,yBAASC,WAAT,EAA4C;AAC3D,QAAIC,SAAS,GAAG,KAAhB;;AACA,YAAQD,WAAR;AACE,WAAK,gBAAL;AACEC,QAAAA,SAAS,GAAGZ,WAAW,CAACQ,wBAAZ,EAAZ;AACA;;AACF,WAAK,cAAL;AACEI,QAAAA,SAAS,GAAGZ,WAAW,CAACG,sBAAZ,EAAZ;AACA;;AACF,WAAK,QAAL;AACA,WAAK,QAAL;AACES,QAAAA,SAAS,GAAG,IAAZ;AACA;;AACF;AACEA,QAAAA,SAAS,GAAG,KAAZ;AACA;AAbJ;;AAeA,WAAOA,SAAP;AACD,GAjDmC;AAmDpCC,EAAAA,gBAAgB,EAAE,0BAASF,WAAT,EAAmCG,OAAnC,EAA2E;AAC3F,QAAIC,eAAe,GAAG,IAAtB;;AACA,YAAQJ,WAAR;AACE,WAAK,gBAAL;AACEI,QAAAA,eAAe,GAAGf,WAAW,CAACS,iBAAZ,EAAlB;AACA;;AACF,WAAK,cAAL;AACEM,QAAAA,eAAe,GAAGf,WAAW,CAACK,eAAZ,EAAlB;AACA;;AACF,WAAK,QAAL;AACEU,QAAAA,eAAe,GAAGf,WAAW,CAACgB,gBAAZ,CAA6BF,OAA7B,CAAlB;AACA;;AACF,WAAK,QAAL;AACEC,QAAAA,eAAe,GAAGf,WAAW,CAACiB,kBAAZ,EAAlB;AACA;;AACF;AACE,cAAM,IAAIrB,YAAJ,wCAAiDe,WAAjD,EAAN;AACA;AAfJ;;AAiBA,WAAOI,eAAP;AACD,GAvEmC;AAyEpCG,EAAAA,eAAe,EAAE,yBAASC,KAAT,EAA+B;AAC9C,QAAIC,OAAJ;AACA,QAAIC,QAAJ;AAEAF,IAAAA,KAAK,GAAGA,KAAK,CAACG,KAAN,EAAR,CAJ8C,CAIvB;;AACvBF,IAAAA,OAAO,GAAGD,KAAK,CAACI,KAAN,EAAV;AACAF,IAAAA,QAAQ,GAAGF,KAAK,CAACK,MAAN,GAAeL,KAAK,CAAC,CAAD,CAApB,GAA0B,IAArC;;AACA,QAAI,CAACE,QAAL,EAAe;AACb,aAAOD,OAAP;AACD;;AAED,QAAIpB,WAAW,CAACU,eAAZ,CAA4BU,OAA5B,CAAJ,EAA0C;AACxC,aAAOA,OAAP;AACD,KAb6C,CAe9C;;;AACAvB,IAAAA,IAAI,wCAAiCuB,OAAjC,4BAA0DC,QAA1D,OAAJ,CAhB8C,CAkB9C;;AACA,WAAOrB,WAAW,CAACkB,eAAZ,CAA4BC,KAA5B,CAAP;AACD,GA7FmC;AA+FpCd,EAAAA,eAAe,EAAE,2BAAW;AAC1B,WAAOoB,YAAP;AACD,GAjGmC;AAmGpChB,EAAAA,iBAAiB,EAAE,6BAAW;AAC5B,WAAOiB,cAAP;AACD,GArGmC;AAuGpC;AACAV,EAAAA,gBAAgB,EAAE,0BAASF,OAAT,EAAiC;AACjD,QAAMa,MAAM,GAAGb,OAAO,CAACa,MAAvB;AACA,QAAMC,QAAQ,GAAGd,OAAO,CAACc,QAAzB;AACA,QAAMC,aAAa,GAAGf,OAAO,CAACe,aAA9B;;AACA,QAAI,OAAOF,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,YAAM,IAAIhC,YAAJ,CAAiB,oEAAjB,CAAN;AACD;;AACD,QAAMQ,OAAsB,GAAG;AAC7B0B,MAAAA,OAAO,EAAE9B,WAAW,CAACI,OAAZ,CAAoB2B,GADA;AAE7BC,MAAAA,OAAO,EAAE,iBAASC,GAAT,EAAcC,KAAd,EAA6D;AAAA,YAAxCC,SAAwC,uEAA5B,0BAA4B;AACpE;AACAA,QAAAA,SAAS,GAAGN,aAAa,GAAG,IAAH,GAAUM,SAAnC;AACAnC,QAAAA,WAAW,CAACI,OAAZ,CAAoBgC,GAApB,CAAwBH,GAAxB,EAA6BC,KAA7B,EAAoCC,SAApC,EAA+C;AAC7CR,UAAAA,MAAM,EAAEA,MADqC;AAE7CC,UAAAA,QAAQ,EAAEA;AAFmC,SAA/C;AAID,OAT4B;AAU7BS,MAAAA,UAAU,EAAE,oBAASJ,GAAT,EAAc;AACxBjC,QAAAA,WAAW,CAACI,OAAZ,CAAoBkC,MAApB,CAA2BL,GAA3B;AACD;AAZ4B,KAA/B;;AAeA,QAAI,CAACnB,OAAO,CAACyB,kBAAb,EAAiC;AAC/B,aAAOnC,OAAP;AACD,KAxBgD,CA0BjD;AACA;AACA;;;AACA,WAAO;AACL0B,MAAAA,OAAO,EAAE,iBAASG,GAAT,EAAc;AACrB,YAAIO,IAAI,GAAGpC,OAAO,CAAC0B,OAAR,EAAX,CADqB,CACS;;AAC9B,YAAII,KAAK,GAAG,EAAZ;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYF,IAAZ,EAAkBG,OAAlB,CAA0BC,CAAC,IAAI;AAC7B,cAAIA,CAAC,CAACC,OAAF,CAAUZ,GAAV,MAAmB,CAAvB,EAA0B;AAAE;AAC1BC,YAAAA,KAAK,CAACU,CAAC,CAACE,OAAF,WAAab,GAAb,QAAqB,EAArB,CAAD,CAAL,GAAkCc,IAAI,CAACC,KAAL,CAAWR,IAAI,CAACI,CAAD,CAAf,CAAlC,CADwB,CAC+B;AACxD;AACF,SAJD;AAKA,eAAOG,IAAI,CAACE,SAAL,CAAef,KAAf,CAAP;AACD,OAVI;AAWLF,MAAAA,OAAO,EAAE,iBAASC,GAAT,EAAcC,KAAd,EAAqB;AAC5B,YAAIgB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAC,QAAAA,KAAK,GAAGa,IAAI,CAACC,KAAL,CAAWd,KAAX,CAAR,CAF4B,CAG5B;;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYR,KAAZ,EAAmBS,OAAnB,CAA2BC,CAAC,IAAI;AAC9B,cAAIO,UAAU,GAAGlB,GAAG,GAAG,GAAN,GAAYW,CAA7B;AACA,cAAIQ,YAAY,GAAGL,IAAI,CAACE,SAAL,CAAef,KAAK,CAACU,CAAD,CAApB,CAAnB;AACAxC,UAAAA,OAAO,CAAC4B,OAAR,CAAgBmB,UAAhB,EAA4BC,YAA5B;AACA,iBAAOF,cAAc,CAACN,CAAD,CAArB;AACD,SALD,EAJ4B,CAU5B;;AACAH,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCxC,UAAAA,OAAO,CAACiC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD,OAzBI;AA0BLP,MAAAA,UAAU,EAAE,oBAASJ,GAAT,EAAc;AACxB,YAAIiB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAQ,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCxC,UAAAA,OAAO,CAACiC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD;AA/BI,KAAP;AAiCD,GAtKmC;AAwKpC;AACA3B,EAAAA,kBAAkB,EAAE,8BAAW;AAC7B,QAAIoC,KAAK,GAAG,EAAZ;AACA,WAAO;AACLvB,MAAAA,OAAO,EAAE,iBAASG,GAAT,EAAc;AACrB,eAAOoB,KAAK,CAACpB,GAAD,CAAZ;AACD,OAHI;AAILD,MAAAA,OAAO,EAAE,iBAASC,GAAT,EAAcC,KAAd,EAAqB;AAC5BmB,QAAAA,KAAK,CAACpB,GAAD,CAAL,GAAaC,KAAb;AACD;AANI,KAAP;AAQD,GAnLmC;AAqLpC5B,EAAAA,WAAW,EAAE,qBAASF,OAAT,EAAkB;AAC7B,QAAI6B,GAAG,GAAG,mBAAV;;AACA,QAAI;AACF7B,MAAAA,OAAO,CAAC4B,OAAR,CAAgBC,GAAhB,EAAqBA,GAArB;AACA7B,MAAAA,OAAO,CAACiC,UAAR,CAAmBJ,GAAnB;AACA,aAAO,IAAP;AACD,KAJD,CAIE,OAAO1B,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA9LmC;AAgMpCH,EAAAA,OAAO,EAAE;AACPgC,IAAAA,GAAG,EAAE,aAASkB,IAAT,EAAuBpB,KAAvB,EAAsCC,SAAtC,EAAyDrB,OAAzD,EAAyF;AAC5F,UAAM;AAAEc,QAAAA,QAAF;AAAYD,QAAAA;AAAZ,UAAuBb,OAA7B;;AACA,UAAI,OAAOa,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,cAAM,IAAIhC,YAAJ,CAAiB,+DAAjB,CAAN;AACD;;AACD,UAAI2D,aAA4B,GAAG;AACjCC,QAAAA,IAAI,EAAE1C,OAAO,CAAC0C,IAAR,IAAgB,GADW;AAEjC7B,QAAAA,MAFiC;AAGjCC,QAAAA;AAHiC,OAAnC,CAL4F,CAW5F;;AACA,UAAI,CAAC,CAAE6B,IAAI,CAACT,KAAL,CAAWb,SAAX,CAAP,EAA+B;AAC7B;AACA;AACA;AACA;AACAoB,QAAAA,aAAa,CAACG,OAAd,GAAwB,IAAID,IAAJ,CAAStB,SAAT,CAAxB;AACD;;AAEDrC,MAAAA,OAAO,CAACsC,GAAR,CAAYkB,IAAZ,EAAkBpB,KAAlB,EAAyBqB,aAAzB;AACA,aAAOvD,WAAW,CAACI,OAAZ,CAAoB2B,GAApB,CAAwBuB,IAAxB,CAAP;AACD,KAvBM;AAyBPvB,IAAAA,GAAG,EAAE,aAASuB,IAAT,EAA+B;AAClC,aAAOxD,OAAO,CAACiC,GAAR,CAAYuB,IAAZ,CAAP;AACD,KA3BM;AA6BPhB,IAAAA,MAAM,EAAE,iBAASgB,IAAT,EAA+B;AACrC,aAAOxD,OAAO,CAAC6D,MAAR,CAAeL,IAAf,EAAqB;AAAEE,QAAAA,IAAI,EAAE;AAAR,OAArB,CAAP;AACD;AA/BM;AAhM2B,CAAtC;AAmOA,eAAexD,WAAf","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n SimpleStorage,\n StorageType,\n BrowserStorageUtil,\n CookieStorage\n} from '../types';\nimport { warn } from '../util';\n\nconst Cookies = require('js-cookie');\n\n// Building this as an object allows us to mock the functions in our tests\nvar storageUtil: BrowserStorageUtil = {\n\n // These are shimmed in `OktaAuthBase.ts`\n getHttpCache(): StorageProvider {\n return null;\n },\n\n getPKCEStorage(): PKCEStorage {\n return null;\n },\n\n // IE11 bug that Microsoft doesn't plan to fix\n // https://connect.microsoft.com/IE/Feedback/Details/1496040\n browserHasLocalStorage: function() {\n try {\n var storage = storageUtil.getLocalStorage();\n return storageUtil.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n browserHasSessionStorage: function() {\n try {\n var storage = storageUtil.getSessionStorage();\n return storageUtil.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n testStorageType: function(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'sessionStorage':\n supported = storageUtil.browserHasSessionStorage();\n break;\n case 'localStorage':\n supported = storageUtil.browserHasLocalStorage();\n break;\n case 'cookie':\n case 'memory':\n supported = true;\n break;\n default:\n supported = false;\n break;\n }\n return supported;\n },\n\n getStorageByType: function(storageType: StorageType, options: StorageOptions): SimpleStorage {\n let storageProvider = null;\n switch (storageType) {\n case 'sessionStorage':\n storageProvider = storageUtil.getSessionStorage();\n break;\n case 'localStorage':\n storageProvider = storageUtil.getLocalStorage();\n break;\n case 'cookie':\n storageProvider = storageUtil.getCookieStorage(options);\n break;\n case 'memory':\n storageProvider = storageUtil.getInMemoryStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n },\n\n findStorageType: function(types: StorageType[]) {\n let curType;\n let nextType;\n \n types = types.slice(); // copy array\n curType = types.shift();\n nextType = types.length ? types[0] : null;\n if (!nextType) {\n return curType;\n }\n\n if (storageUtil.testStorageType(curType)) {\n return curType;\n }\n\n // preferred type was unsupported.\n warn(`This browser doesn't support ${curType}. Switching to ${nextType}.`);\n\n // fallback to the next type. this is a recursive call\n return storageUtil.findStorageType(types);\n },\n\n getLocalStorage: function() {\n return localStorage;\n },\n\n getSessionStorage: function() {\n return sessionStorage;\n },\n\n // Provides webStorage-like interface for cookies\n getCookieStorage: function(options): CookieStorage {\n const secure = options.secure;\n const sameSite = options.sameSite;\n const sessionCookie = options.sessionCookie;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('getCookieStorage: \"secure\" and \"sameSite\" options must be provided');\n }\n const storage: CookieStorage = {\n getItem: storageUtil.storage.get,\n setItem: function(key, value, expiresAt = '2200-01-01T00:00:00.000Z') {\n // By defauilt, cookie shouldn't expire\n expiresAt = sessionCookie ? null : expiresAt;\n storageUtil.storage.set(key, value, expiresAt, {\n secure: secure, \n sameSite: sameSite,\n });\n },\n removeItem: function(key) {\n storageUtil.storage.delete(key);\n }\n };\n\n if (!options.useMultipleCookies) {\n return storage;\n }\n\n // options.useMultipleCookies - because cookies have size limits.\n // Can only be used when storing an object value. Object properties will be saved to separate cookies.\n // Each property of the object must also be an object.\n return {\n getItem: function(key) {\n var data = storage.getItem(); // read all cookies\n var value = {};\n Object.keys(data).forEach(k => {\n if (k.indexOf(key) === 0) { // filter out unrelated cookies\n value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie dataa\n }\n });\n return JSON.stringify(value);\n },\n setItem: function(key, value) {\n var existingValues = JSON.parse(this.getItem(key));\n value = JSON.parse(value);\n // Set key-value pairs from input to cookies\n Object.keys(value).forEach(k => {\n var storageKey = key + '_' + k;\n var valueToStore = JSON.stringify(value[k]);\n storage.setItem(storageKey, valueToStore);\n delete existingValues[k];\n });\n // Delete unmatched keys from existing cookies\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n removeItem: function(key) {\n var existingValues = JSON.parse(this.getItem(key));\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n }\n };\n },\n\n // Provides an in-memory solution\n getInMemoryStorage: function() {\n var store = {};\n return {\n getItem: function(key) {\n return store[key];\n },\n setItem: function(key, value) {\n store[key] = value;\n }\n };\n },\n\n testStorage: function(storage) {\n var key = 'okta-test-storage';\n try {\n storage.setItem(key, key);\n storage.removeItem(key);\n return true;\n } catch (e) {\n return false;\n }\n },\n\n storage: {\n set: function(name: string, value: string, expiresAt: string, options: CookieOptions): string {\n const { sameSite, secure } = options;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('storage.set: \"secure\" and \"sameSite\" options must be provided');\n }\n var cookieOptions: CookieOptions = {\n path: options.path || '/',\n secure,\n sameSite\n };\n\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Expires value can be converted to a Date object.\n //\n // If the 'expiresAt' value is not provided, or the value cannot be\n // parsed as a Date object, the cookie will set as a session cookie.\n cookieOptions.expires = new Date(expiresAt);\n }\n\n Cookies.set(name, value, cookieOptions);\n return storageUtil.storage.get(name);\n },\n\n get: function(name: string): string {\n return Cookies.get(name);\n },\n\n delete: function(name: string): string {\n return Cookies.remove(name, { path: '/' });\n }\n }\n};\n\nexport default storageUtil;\n"],"file":"browserStorage.js"}
1
+ {"version":3,"sources":["../../../lib/browser/browserStorage.ts"],"names":["AuthSdkError","warn","Cookies","require","storageUtil","getHttpCache","getPKCEStorage","browserHasLocalStorage","storage","getLocalStorage","testStorage","e","browserHasSessionStorage","getSessionStorage","testStorageType","storageType","supported","getStorageByType","options","storageProvider","getCookieStorage","getInMemoryStorage","findStorageType","types","curType","nextType","slice","shift","length","localStorage","sessionStorage","secure","sameSite","sessionCookie","getItem","get","setItem","key","value","expiresAt","set","removeItem","delete","useMultipleCookies","data","Object","keys","forEach","k","indexOf","replace","JSON","parse","stringify","existingValues","storageKey","valueToStore","inMemoryStore","name","cookieOptions","path","Date","expires","remove"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA,OAAOA,YAAP,MAAyB,wBAAzB;AAWA,SAASC,IAAT,QAAqB,SAArB;;AAEA,IAAMC,OAAO,GAAGC,OAAO,CAAC,WAAD,CAAvB,C,CAEA;;;AACA,IAAIC,WAA+B,GAAG;AAEpC;AACAC,EAAAA,YAAY,GAAoB;AAC9B,WAAO,IAAP;AACD,GALmC;;AAOpCC,EAAAA,cAAc,GAAgB;AAC5B,WAAO,IAAP;AACD,GATmC;;AAWpC;AACA;AACAC,EAAAA,sBAAsB,EAAE,kCAAW;AACjC,QAAI;AACF,UAAIC,OAAO,GAAGJ,WAAW,CAACK,eAAZ,EAAd;AACA,aAAOL,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GApBmC;AAsBpCC,EAAAA,wBAAwB,EAAE,oCAAW;AACnC,QAAI;AACF,UAAIJ,OAAO,GAAGJ,WAAW,CAACS,iBAAZ,EAAd;AACA,aAAOT,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA7BmC;AA+BpCG,EAAAA,eAAe,EAAE,yBAASC,WAAT,EAA4C;AAC3D,QAAIC,SAAS,GAAG,KAAhB;;AACA,YAAQD,WAAR;AACE,WAAK,gBAAL;AACEC,QAAAA,SAAS,GAAGZ,WAAW,CAACQ,wBAAZ,EAAZ;AACA;;AACF,WAAK,cAAL;AACEI,QAAAA,SAAS,GAAGZ,WAAW,CAACG,sBAAZ,EAAZ;AACA;;AACF,WAAK,QAAL;AACA,WAAK,QAAL;AACES,QAAAA,SAAS,GAAG,IAAZ;AACA;;AACF;AACEA,QAAAA,SAAS,GAAG,KAAZ;AACA;AAbJ;;AAeA,WAAOA,SAAP;AACD,GAjDmC;AAmDpCC,EAAAA,gBAAgB,EAAE,0BAASF,WAAT,EAAmCG,OAAnC,EAA2E;AAC3F,QAAIC,eAAe,GAAG,IAAtB;;AACA,YAAQJ,WAAR;AACE,WAAK,gBAAL;AACEI,QAAAA,eAAe,GAAGf,WAAW,CAACS,iBAAZ,EAAlB;AACA;;AACF,WAAK,cAAL;AACEM,QAAAA,eAAe,GAAGf,WAAW,CAACK,eAAZ,EAAlB;AACA;;AACF,WAAK,QAAL;AACEU,QAAAA,eAAe,GAAGf,WAAW,CAACgB,gBAAZ,CAA6BF,OAA7B,CAAlB;AACA;;AACF,WAAK,QAAL;AACEC,QAAAA,eAAe,GAAGf,WAAW,CAACiB,kBAAZ,EAAlB;AACA;;AACF;AACE,cAAM,IAAIrB,YAAJ,wCAAiDe,WAAjD,EAAN;AACA;AAfJ;;AAiBA,WAAOI,eAAP;AACD,GAvEmC;AAyEpCG,EAAAA,eAAe,EAAE,yBAASC,KAAT,EAA+B;AAC9C,QAAIC,OAAJ;AACA,QAAIC,QAAJ;AAEAF,IAAAA,KAAK,GAAGA,KAAK,CAACG,KAAN,EAAR,CAJ8C,CAIvB;;AACvBF,IAAAA,OAAO,GAAGD,KAAK,CAACI,KAAN,EAAV;AACAF,IAAAA,QAAQ,GAAGF,KAAK,CAACK,MAAN,GAAeL,KAAK,CAAC,CAAD,CAApB,GAA0B,IAArC;;AACA,QAAI,CAACE,QAAL,EAAe;AACb,aAAOD,OAAP;AACD;;AAED,QAAIpB,WAAW,CAACU,eAAZ,CAA4BU,OAA5B,CAAJ,EAA0C;AACxC,aAAOA,OAAP;AACD,KAb6C,CAe9C;;;AACAvB,IAAAA,IAAI,wCAAiCuB,OAAjC,4BAA0DC,QAA1D,OAAJ,CAhB8C,CAkB9C;;AACA,WAAOrB,WAAW,CAACkB,eAAZ,CAA4BC,KAA5B,CAAP;AACD,GA7FmC;AA+FpCd,EAAAA,eAAe,EAAE,2BAAW;AAC1B,WAAOoB,YAAP;AACD,GAjGmC;AAmGpChB,EAAAA,iBAAiB,EAAE,6BAAW;AAC5B,WAAOiB,cAAP;AACD,GArGmC;AAuGpC;AACAV,EAAAA,gBAAgB,EAAE,0BAASF,OAAT,EAAiC;AACjD,QAAMa,MAAM,GAAGb,OAAO,CAACa,MAAvB;AACA,QAAMC,QAAQ,GAAGd,OAAO,CAACc,QAAzB;AACA,QAAMC,aAAa,GAAGf,OAAO,CAACe,aAA9B;;AACA,QAAI,OAAOF,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,YAAM,IAAIhC,YAAJ,CAAiB,oEAAjB,CAAN;AACD;;AACD,QAAMQ,OAAsB,GAAG;AAC7B0B,MAAAA,OAAO,EAAE9B,WAAW,CAACI,OAAZ,CAAoB2B,GADA;AAE7BC,MAAAA,OAAO,EAAE,iBAASC,GAAT,EAAcC,KAAd,EAA6D;AAAA,YAAxCC,SAAwC,uEAA5B,0BAA4B;AACpE;AACAA,QAAAA,SAAS,GAAGN,aAAa,GAAG,IAAH,GAAUM,SAAnC;AACAnC,QAAAA,WAAW,CAACI,OAAZ,CAAoBgC,GAApB,CAAwBH,GAAxB,EAA6BC,KAA7B,EAAoCC,SAApC,EAA+C;AAC7CR,UAAAA,MAAM,EAAEA,MADqC;AAE7CC,UAAAA,QAAQ,EAAEA;AAFmC,SAA/C;AAID,OAT4B;AAU7BS,MAAAA,UAAU,EAAE,oBAASJ,GAAT,EAAc;AACxBjC,QAAAA,WAAW,CAACI,OAAZ,CAAoBkC,MAApB,CAA2BL,GAA3B;AACD;AAZ4B,KAA/B;;AAeA,QAAI,CAACnB,OAAO,CAACyB,kBAAb,EAAiC;AAC/B,aAAOnC,OAAP;AACD,KAxBgD,CA0BjD;AACA;AACA;;;AACA,WAAO;AACL0B,MAAAA,OAAO,EAAE,iBAASG,GAAT,EAAc;AACrB,YAAIO,IAAI,GAAGpC,OAAO,CAAC0B,OAAR,EAAX,CADqB,CACS;;AAC9B,YAAII,KAAK,GAAG,EAAZ;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYF,IAAZ,EAAkBG,OAAlB,CAA0BC,CAAC,IAAI;AAC7B,cAAIA,CAAC,CAACC,OAAF,CAAUZ,GAAV,MAAmB,CAAvB,EAA0B;AAAE;AAC1BC,YAAAA,KAAK,CAACU,CAAC,CAACE,OAAF,WAAab,GAAb,QAAqB,EAArB,CAAD,CAAL,GAAkCc,IAAI,CAACC,KAAL,CAAWR,IAAI,CAACI,CAAD,CAAf,CAAlC,CADwB,CAC+B;AACxD;AACF,SAJD;AAKA,eAAOG,IAAI,CAACE,SAAL,CAAef,KAAf,CAAP;AACD,OAVI;AAWLF,MAAAA,OAAO,EAAE,iBAASC,GAAT,EAAcC,KAAd,EAAqB;AAC5B,YAAIgB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAC,QAAAA,KAAK,GAAGa,IAAI,CAACC,KAAL,CAAWd,KAAX,CAAR,CAF4B,CAG5B;;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYR,KAAZ,EAAmBS,OAAnB,CAA2BC,CAAC,IAAI;AAC9B,cAAIO,UAAU,GAAGlB,GAAG,GAAG,GAAN,GAAYW,CAA7B;AACA,cAAIQ,YAAY,GAAGL,IAAI,CAACE,SAAL,CAAef,KAAK,CAACU,CAAD,CAApB,CAAnB;AACAxC,UAAAA,OAAO,CAAC4B,OAAR,CAAgBmB,UAAhB,EAA4BC,YAA5B;AACA,iBAAOF,cAAc,CAACN,CAAD,CAArB;AACD,SALD,EAJ4B,CAU5B;;AACAH,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCxC,UAAAA,OAAO,CAACiC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD,OAzBI;AA0BLP,MAAAA,UAAU,EAAE,oBAASJ,GAAT,EAAc;AACxB,YAAIiB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAQ,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCxC,UAAAA,OAAO,CAACiC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD;AA/BI,KAAP;AAiCD,GAtKmC;AAwKpC;AACAS,EAAAA,aAAa,EAAE,EAzKqB;AA0KpCpC,EAAAA,kBAAkB,EAAE,8BAAW;AAC7B,WAAO;AACLa,MAAAA,OAAO,EAAGG,GAAD,IAAS;AAChB,eAAO,KAAKoB,aAAL,CAAmBpB,GAAnB,CAAP;AACD,OAHI;AAILD,MAAAA,OAAO,EAAE,CAACC,GAAD,EAAMC,KAAN,KAAgB;AACvB,aAAKmB,aAAL,CAAmBpB,GAAnB,IAA0BC,KAA1B;AACD;AANI,KAAP;AAQD,GAnLmC;AAqLpC5B,EAAAA,WAAW,EAAE,qBAASF,OAAT,EAAkB;AAC7B,QAAI6B,GAAG,GAAG,mBAAV;;AACA,QAAI;AACF7B,MAAAA,OAAO,CAAC4B,OAAR,CAAgBC,GAAhB,EAAqBA,GAArB;AACA7B,MAAAA,OAAO,CAACiC,UAAR,CAAmBJ,GAAnB;AACA,aAAO,IAAP;AACD,KAJD,CAIE,OAAO1B,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA9LmC;AAgMpCH,EAAAA,OAAO,EAAE;AACPgC,IAAAA,GAAG,EAAE,aAASkB,IAAT,EAAuBpB,KAAvB,EAAsCC,SAAtC,EAAyDrB,OAAzD,EAAyF;AAC5F,UAAM;AAAEc,QAAAA,QAAF;AAAYD,QAAAA;AAAZ,UAAuBb,OAA7B;;AACA,UAAI,OAAOa,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,cAAM,IAAIhC,YAAJ,CAAiB,+DAAjB,CAAN;AACD;;AACD,UAAI2D,aAA4B,GAAG;AACjCC,QAAAA,IAAI,EAAE1C,OAAO,CAAC0C,IAAR,IAAgB,GADW;AAEjC7B,QAAAA,MAFiC;AAGjCC,QAAAA;AAHiC,OAAnC,CAL4F,CAW5F;;AACA,UAAI,CAAC,CAAE6B,IAAI,CAACT,KAAL,CAAWb,SAAX,CAAP,EAA+B;AAC7B;AACA;AACA;AACA;AACAoB,QAAAA,aAAa,CAACG,OAAd,GAAwB,IAAID,IAAJ,CAAStB,SAAT,CAAxB;AACD;;AAEDrC,MAAAA,OAAO,CAACsC,GAAR,CAAYkB,IAAZ,EAAkBpB,KAAlB,EAAyBqB,aAAzB;AACA,aAAOvD,WAAW,CAACI,OAAZ,CAAoB2B,GAApB,CAAwBuB,IAAxB,CAAP;AACD,KAvBM;AAyBPvB,IAAAA,GAAG,EAAE,aAASuB,IAAT,EAA+B;AAClC,aAAOxD,OAAO,CAACiC,GAAR,CAAYuB,IAAZ,CAAP;AACD,KA3BM;AA6BPhB,IAAAA,MAAM,EAAE,iBAASgB,IAAT,EAA+B;AACrC,aAAOxD,OAAO,CAAC6D,MAAR,CAAeL,IAAf,EAAqB;AAAEE,QAAAA,IAAI,EAAE;AAAR,OAArB,CAAP;AACD;AA/BM;AAhM2B,CAAtC;AAmOA,eAAexD,WAAf","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n SimpleStorage,\n StorageType,\n BrowserStorageUtil,\n CookieStorage\n} from '../types';\nimport { warn } from '../util';\n\nconst Cookies = require('js-cookie');\n\n// Building this as an object allows us to mock the functions in our tests\nvar storageUtil: BrowserStorageUtil = {\n\n // These are shimmed in `OktaAuthBase.ts`\n getHttpCache(): StorageProvider {\n return null;\n },\n\n getPKCEStorage(): PKCEStorage {\n return null;\n },\n\n // IE11 bug that Microsoft doesn't plan to fix\n // https://connect.microsoft.com/IE/Feedback/Details/1496040\n browserHasLocalStorage: function() {\n try {\n var storage = storageUtil.getLocalStorage();\n return storageUtil.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n browserHasSessionStorage: function() {\n try {\n var storage = storageUtil.getSessionStorage();\n return storageUtil.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n testStorageType: function(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'sessionStorage':\n supported = storageUtil.browserHasSessionStorage();\n break;\n case 'localStorage':\n supported = storageUtil.browserHasLocalStorage();\n break;\n case 'cookie':\n case 'memory':\n supported = true;\n break;\n default:\n supported = false;\n break;\n }\n return supported;\n },\n\n getStorageByType: function(storageType: StorageType, options: StorageOptions): SimpleStorage {\n let storageProvider = null;\n switch (storageType) {\n case 'sessionStorage':\n storageProvider = storageUtil.getSessionStorage();\n break;\n case 'localStorage':\n storageProvider = storageUtil.getLocalStorage();\n break;\n case 'cookie':\n storageProvider = storageUtil.getCookieStorage(options);\n break;\n case 'memory':\n storageProvider = storageUtil.getInMemoryStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n },\n\n findStorageType: function(types: StorageType[]) {\n let curType;\n let nextType;\n \n types = types.slice(); // copy array\n curType = types.shift();\n nextType = types.length ? types[0] : null;\n if (!nextType) {\n return curType;\n }\n\n if (storageUtil.testStorageType(curType)) {\n return curType;\n }\n\n // preferred type was unsupported.\n warn(`This browser doesn't support ${curType}. Switching to ${nextType}.`);\n\n // fallback to the next type. this is a recursive call\n return storageUtil.findStorageType(types);\n },\n\n getLocalStorage: function() {\n return localStorage;\n },\n\n getSessionStorage: function() {\n return sessionStorage;\n },\n\n // Provides webStorage-like interface for cookies\n getCookieStorage: function(options): CookieStorage {\n const secure = options.secure;\n const sameSite = options.sameSite;\n const sessionCookie = options.sessionCookie;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('getCookieStorage: \"secure\" and \"sameSite\" options must be provided');\n }\n const storage: CookieStorage = {\n getItem: storageUtil.storage.get,\n setItem: function(key, value, expiresAt = '2200-01-01T00:00:00.000Z') {\n // By defauilt, cookie shouldn't expire\n expiresAt = sessionCookie ? null : expiresAt;\n storageUtil.storage.set(key, value, expiresAt, {\n secure: secure, \n sameSite: sameSite,\n });\n },\n removeItem: function(key) {\n storageUtil.storage.delete(key);\n }\n };\n\n if (!options.useMultipleCookies) {\n return storage;\n }\n\n // options.useMultipleCookies - because cookies have size limits.\n // Can only be used when storing an object value. Object properties will be saved to separate cookies.\n // Each property of the object must also be an object.\n return {\n getItem: function(key) {\n var data = storage.getItem(); // read all cookies\n var value = {};\n Object.keys(data).forEach(k => {\n if (k.indexOf(key) === 0) { // filter out unrelated cookies\n value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie dataa\n }\n });\n return JSON.stringify(value);\n },\n setItem: function(key, value) {\n var existingValues = JSON.parse(this.getItem(key));\n value = JSON.parse(value);\n // Set key-value pairs from input to cookies\n Object.keys(value).forEach(k => {\n var storageKey = key + '_' + k;\n var valueToStore = JSON.stringify(value[k]);\n storage.setItem(storageKey, valueToStore);\n delete existingValues[k];\n });\n // Delete unmatched keys from existing cookies\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n removeItem: function(key) {\n var existingValues = JSON.parse(this.getItem(key));\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n }\n };\n },\n\n // Provides an in-memory solution\n inMemoryStore: {},\n getInMemoryStorage: function() {\n return {\n getItem: (key) => {\n return this.inMemoryStore[key];\n },\n setItem: (key, value) => {\n this.inMemoryStore[key] = value;\n }\n };\n },\n\n testStorage: function(storage) {\n var key = 'okta-test-storage';\n try {\n storage.setItem(key, key);\n storage.removeItem(key);\n return true;\n } catch (e) {\n return false;\n }\n },\n\n storage: {\n set: function(name: string, value: string, expiresAt: string, options: CookieOptions): string {\n const { sameSite, secure } = options;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('storage.set: \"secure\" and \"sameSite\" options must be provided');\n }\n var cookieOptions: CookieOptions = {\n path: options.path || '/',\n secure,\n sameSite\n };\n\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Expires value can be converted to a Date object.\n //\n // If the 'expiresAt' value is not provided, or the value cannot be\n // parsed as a Date object, the cookie will set as a session cookie.\n cookieOptions.expires = new Date(expiresAt);\n }\n\n Cookies.set(name, value, cookieOptions);\n return storageUtil.storage.get(name);\n },\n\n get: function(name: string): string {\n return Cookies.get(name);\n },\n\n delete: function(name: string): string {\n return Cookies.remove(name, { path: '/' });\n }\n }\n};\n\nexport default storageUtil;\n"],"file":"browserStorage.js"}
package/esm/builderUtil.js CHANGED
@@ -15,6 +15,12 @@ import AuthSdkError from './errors/AuthSdkError';
15
15
  // eslint-disable-next-line complexity
16
16
  function assertValidConfig(args) {
17
17
  args = args || {};
18
+ var scopes = args.scopes;
19
+
20
+ if (scopes && !Array.isArray(scopes)) {
21
+ throw new AuthSdkError('scopes must be a array of strings. ' + 'Required usage: new OktaAuth({scopes: ["openid", "email"]})');
22
+ }
23
+
18
24
  var issuer = args.issuer;
19
25
 
20
26
  if (!issuer) {
package/esm/builderUtil.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/builderUtil.ts"],"names":["AuthSdkError","assertValidConfig","args","issuer","isUrlRegex","RegExp","test","indexOf","getUserAgent","sdkValue","userAgent","value","template","replace"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA,OAAOA,YAAP,MAAyB,uBAAzB;;AAGA;AACA;AACA,SAASC,iBAAT,CAA2BC,IAA3B,EAAkD;AAChDA,EAAAA,IAAI,GAAGA,IAAI,IAAI,EAAf;AAEA,MAAIC,MAAM,GAAGD,IAAI,CAACC,MAAlB;;AACA,MAAI,CAACA,MAAL,EAAa;AACX,UAAM,IAAIH,YAAJ,CAAiB,sCACrB,8FADI,CAAN;AAED;;AAED,MAAII,UAAU,GAAG,IAAIC,MAAJ,CAAW,eAAX,CAAjB;;AACA,MAAI,CAACD,UAAU,CAACE,IAAX,CAAgBJ,IAAI,CAACC,MAArB,CAAL,EAAmC;AACjC,UAAM,IAAIH,YAAJ,CAAiB,iCACrB,8FADI,CAAN;AAED;;AAED,MAAIG,MAAM,CAACI,OAAP,CAAe,SAAf,MAA8B,CAAC,CAAnC,EAAsC;AACpC,UAAM,IAAIP,YAAJ,CAAiB,sEACrB,uEADI,CAAN;AAED;AACF;;AAED,SAASQ,YAAT,CAAsBN,IAAtB,EAA6CO,QAA7C,EAAuE;AACrE,MAAIC,SAAS,GAAGR,IAAI,CAACQ,SAAL,IAAkB,EAAlC;;AAEA,MAAIA,SAAS,CAACC,KAAd,EAAqB;AACnB,WAAOD,SAAS,CAACC,KAAjB;AACD;;AAED,MAAID,SAAS,CAACE,QAAd,EAAwB;AACtB,WAAOF,SAAS,CAACE,QAAV,CAAmBC,OAAnB,CAA2B,eAA3B,EAA4CJ,QAA5C,CAAP;AACD;;AAED,SAAOA,QAAP;AACD;;AAED,SACER,iBADF,EAEEO,YAFF","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { OktaAuthOptions } from './types';\n\n// TODO: use @okta/configuration-validation (move module to this monorepo?)\n// eslint-disable-next-line complexity\nfunction assertValidConfig(args: OktaAuthOptions) {\n args = args || {};\n\n var issuer = args.issuer;\n if (!issuer) {\n throw new AuthSdkError('No issuer passed to constructor. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n var isUrlRegex = new RegExp('^http?s?://.+');\n if (!isUrlRegex.test(args.issuer)) {\n throw new AuthSdkError('Issuer must be a valid URL. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n if (issuer.indexOf('-admin.') !== -1) {\n throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n }\n}\n\nfunction getUserAgent(args: OktaAuthOptions, sdkValue: string): string {\n var userAgent = args.userAgent || {};\n\n if (userAgent.value) {\n return userAgent.value;\n }\n\n if (userAgent.template) {\n return userAgent.template.replace('$OKTA_AUTH_JS', sdkValue);\n }\n\n return sdkValue;\n}\n\nexport {\n assertValidConfig,\n getUserAgent\n};\n"],"file":"builderUtil.js"}
1
+ {"version":3,"sources":["../../lib/builderUtil.ts"],"names":["AuthSdkError","assertValidConfig","args","scopes","Array","isArray","issuer","isUrlRegex","RegExp","test","indexOf","getUserAgent","sdkValue","userAgent","value","template","replace"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA,OAAOA,YAAP,MAAyB,uBAAzB;;AAGA;AACA;AACA,SAASC,iBAAT,CAA2BC,IAA3B,EAAkD;AAChDA,EAAAA,IAAI,GAAGA,IAAI,IAAI,EAAf;AAEA,MAAIC,MAAM,GAAGD,IAAI,CAACC,MAAlB;;AACA,MAAIA,MAAM,IAAI,CAACC,KAAK,CAACC,OAAN,CAAcF,MAAd,CAAf,EAAsC;AACpC,UAAM,IAAIH,YAAJ,CAAiB,wCACrB,6DADI,CAAN;AAED;;AAED,MAAIM,MAAM,GAAGJ,IAAI,CAACI,MAAlB;;AACA,MAAI,CAACA,MAAL,EAAa;AACX,UAAM,IAAIN,YAAJ,CAAiB,sCACrB,8FADI,CAAN;AAED;;AAED,MAAIO,UAAU,GAAG,IAAIC,MAAJ,CAAW,eAAX,CAAjB;;AACA,MAAI,CAACD,UAAU,CAACE,IAAX,CAAgBP,IAAI,CAACI,MAArB,CAAL,EAAmC;AACjC,UAAM,IAAIN,YAAJ,CAAiB,iCACrB,8FADI,CAAN;AAED;;AAED,MAAIM,MAAM,CAACI,OAAP,CAAe,SAAf,MAA8B,CAAC,CAAnC,EAAsC;AACpC,UAAM,IAAIV,YAAJ,CAAiB,sEACrB,uEADI,CAAN;AAED;AACF;;AAED,SAASW,YAAT,CAAsBT,IAAtB,EAA6CU,QAA7C,EAAuE;AACrE,MAAIC,SAAS,GAAGX,IAAI,CAACW,SAAL,IAAkB,EAAlC;;AAEA,MAAIA,SAAS,CAACC,KAAd,EAAqB;AACnB,WAAOD,SAAS,CAACC,KAAjB;AACD;;AAED,MAAID,SAAS,CAACE,QAAd,EAAwB;AACtB,WAAOF,SAAS,CAACE,QAAV,CAAmBC,OAAnB,CAA2B,eAA3B,EAA4CJ,QAA5C,CAAP;AACD;;AAED,SAAOA,QAAP;AACD;;AAED,SACEX,iBADF,EAEEU,YAFF","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { OktaAuthOptions } from './types';\n\n// TODO: use @okta/configuration-validation (move module to this monorepo?)\n// eslint-disable-next-line complexity\nfunction assertValidConfig(args: OktaAuthOptions) {\n args = args || {};\n\n var scopes = args.scopes;\n if (scopes && !Array.isArray(scopes)) {\n throw new AuthSdkError('scopes must be a array of strings. ' +\n 'Required usage: new OktaAuth({scopes: [\"openid\", \"email\"]})');\n }\n\n var issuer = args.issuer;\n if (!issuer) {\n throw new AuthSdkError('No issuer passed to constructor. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n var isUrlRegex = new RegExp('^http?s?://.+');\n if (!isUrlRegex.test(args.issuer)) {\n throw new AuthSdkError('Issuer must be a valid URL. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n if (issuer.indexOf('-admin.') !== -1) {\n throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n }\n}\n\nfunction getUserAgent(args: OktaAuthOptions, sdkValue: string): string {\n var userAgent = args.userAgent || {};\n\n if (userAgent.value) {\n return userAgent.value;\n }\n\n if (userAgent.template) {\n return userAgent.template.replace('$OKTA_AUTH_JS', sdkValue);\n }\n\n return sdkValue;\n}\n\nexport {\n assertValidConfig,\n getUserAgent\n};\n"],"file":"builderUtil.js"}
package/esm/constants.js CHANGED
@@ -20,6 +20,7 @@ export var TOKEN_STORAGE_NAME = 'okta-token-storage';
20
20
  export var CACHE_STORAGE_NAME = 'okta-cache-storage';
21
21
  export var PKCE_STORAGE_NAME = 'okta-pkce-storage';
22
22
  export var TRANSACTION_STORAGE_NAME = 'okta-transaction-storage';
23
+ export var SHARED_TRANSACTION_STORAGE_NAME = 'okta-shared-transaction-storage';
23
24
  export var IDX_RESPONSE_STORAGE_NAME = 'okta-idx-response-storage';
24
25
  export var ACCESS_TOKEN_STORAGE_KEY = 'accessToken';
25
26
  export var ID_TOKEN_STORAGE_KEY = 'idToken';
package/esm/constants.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/constants.ts"],"names":["STATE_TOKEN_KEY_NAME","DEFAULT_POLLING_DELAY","DEFAULT_MAX_CLOCK_SKEW","DEFAULT_CACHE_DURATION","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_STATE_COOKIE_NAME","REDIRECT_NONCE_COOKIE_NAME","TOKEN_STORAGE_NAME","CACHE_STORAGE_NAME","PKCE_STORAGE_NAME","TRANSACTION_STORAGE_NAME","IDX_RESPONSE_STORAGE_NAME","ACCESS_TOKEN_STORAGE_KEY","ID_TOKEN_STORAGE_KEY","REFRESH_TOKEN_STORAGE_KEY","REFERRER_PATH_STORAGE_KEY","MIN_VERIFIER_LENGTH","MAX_VERIFIER_LENGTH","DEFAULT_CODE_CHALLENGE_METHOD","IDX_API_VERSION"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA,OAAO,IAAMA,oBAAoB,GAAG,gBAA7B;AACP,OAAO,IAAMC,qBAAqB,GAAG,GAA9B;AACP,OAAO,IAAMC,sBAAsB,GAAG,GAA/B;AACP,OAAO,IAAMC,sBAAsB,GAAG,KAA/B;AACP,OAAO,IAAMC,0BAA0B,GAAG,4BAAnC;AACP,OAAO,IAAMC,0BAA0B,GAAG,kBAAnC;AACP,OAAO,IAAMC,0BAA0B,GAAG,kBAAnC;AACP,OAAO,IAAMC,kBAAkB,GAAG,oBAA3B;AACP,OAAO,IAAMC,kBAAkB,GAAG,oBAA3B;AACP,OAAO,IAAMC,iBAAiB,GAAG,mBAA1B;AACP,OAAO,IAAMC,wBAAwB,GAAG,0BAAjC;AACP,OAAO,IAAMC,yBAAyB,GAAG,2BAAlC;AACP,OAAO,IAAMC,wBAAwB,GAAG,aAAjC;AACP,OAAO,IAAMC,oBAAoB,GAAI,SAA9B;AACP,OAAO,IAAMC,yBAAyB,GAAI,cAAnC;AACP,OAAO,IAAMC,yBAAyB,GAAG,cAAlC,C,CAEP;AACA;;AACA,OAAO,IAAMC,mBAAmB,GAAG,EAA5B;AACP,OAAO,IAAMC,mBAAmB,GAAG,GAA5B;AACP,OAAO,IAAMC,6BAA6B,GAAG,MAAtC;AAEP,OAAO,IAAMC,eAAe,GAAG,OAAxB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport const STATE_TOKEN_KEY_NAME = 'oktaStateToken';\nexport const DEFAULT_POLLING_DELAY = 500;\nexport const DEFAULT_MAX_CLOCK_SKEW = 300;\nexport const DEFAULT_CACHE_DURATION = 86400;\nexport const REDIRECT_OAUTH_PARAMS_NAME = 'okta-oauth-redirect-params';\nexport const REDIRECT_STATE_COOKIE_NAME = 'okta-oauth-state';\nexport const REDIRECT_NONCE_COOKIE_NAME = 'okta-oauth-nonce';\nexport const TOKEN_STORAGE_NAME = 'okta-token-storage';\nexport const CACHE_STORAGE_NAME = 'okta-cache-storage';\nexport const PKCE_STORAGE_NAME = 'okta-pkce-storage';\nexport const TRANSACTION_STORAGE_NAME = 'okta-transaction-storage';\nexport const IDX_RESPONSE_STORAGE_NAME = 'okta-idx-response-storage';\nexport const ACCESS_TOKEN_STORAGE_KEY = 'accessToken';\nexport const ID_TOKEN_STORAGE_KEY = 'idToken';\nexport const REFRESH_TOKEN_STORAGE_KEY = 'refreshToken';\nexport const REFERRER_PATH_STORAGE_KEY = 'referrerPath';\n\n// Code verifier: Random URL-safe string with a minimum length of 43 characters.\n// Code challenge: Base64 URL-encoded SHA-256 hash of the code verifier.\nexport const MIN_VERIFIER_LENGTH = 43;\nexport const MAX_VERIFIER_LENGTH = 128;\nexport const DEFAULT_CODE_CHALLENGE_METHOD = 'S256';\n\nexport const IDX_API_VERSION = '1.0.0';"],"file":"constants.js"}
1
+ {"version":3,"sources":["../../lib/constants.ts"],"names":["STATE_TOKEN_KEY_NAME","DEFAULT_POLLING_DELAY","DEFAULT_MAX_CLOCK_SKEW","DEFAULT_CACHE_DURATION","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_STATE_COOKIE_NAME","REDIRECT_NONCE_COOKIE_NAME","TOKEN_STORAGE_NAME","CACHE_STORAGE_NAME","PKCE_STORAGE_NAME","TRANSACTION_STORAGE_NAME","SHARED_TRANSACTION_STORAGE_NAME","IDX_RESPONSE_STORAGE_NAME","ACCESS_TOKEN_STORAGE_KEY","ID_TOKEN_STORAGE_KEY","REFRESH_TOKEN_STORAGE_KEY","REFERRER_PATH_STORAGE_KEY","MIN_VERIFIER_LENGTH","MAX_VERIFIER_LENGTH","DEFAULT_CODE_CHALLENGE_METHOD","IDX_API_VERSION"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA,OAAO,IAAMA,oBAAoB,GAAG,gBAA7B;AACP,OAAO,IAAMC,qBAAqB,GAAG,GAA9B;AACP,OAAO,IAAMC,sBAAsB,GAAG,GAA/B;AACP,OAAO,IAAMC,sBAAsB,GAAG,KAA/B;AACP,OAAO,IAAMC,0BAA0B,GAAG,4BAAnC;AACP,OAAO,IAAMC,0BAA0B,GAAG,kBAAnC;AACP,OAAO,IAAMC,0BAA0B,GAAG,kBAAnC;AACP,OAAO,IAAMC,kBAAkB,GAAG,oBAA3B;AACP,OAAO,IAAMC,kBAAkB,GAAG,oBAA3B;AACP,OAAO,IAAMC,iBAAiB,GAAG,mBAA1B;AACP,OAAO,IAAMC,wBAAwB,GAAG,0BAAjC;AACP,OAAO,IAAMC,+BAA+B,GAAG,iCAAxC;AACP,OAAO,IAAMC,yBAAyB,GAAG,2BAAlC;AACP,OAAO,IAAMC,wBAAwB,GAAG,aAAjC;AACP,OAAO,IAAMC,oBAAoB,GAAI,SAA9B;AACP,OAAO,IAAMC,yBAAyB,GAAI,cAAnC;AACP,OAAO,IAAMC,yBAAyB,GAAG,cAAlC,C,CAEP;AACA;;AACA,OAAO,IAAMC,mBAAmB,GAAG,EAA5B;AACP,OAAO,IAAMC,mBAAmB,GAAG,GAA5B;AACP,OAAO,IAAMC,6BAA6B,GAAG,MAAtC;AAEP,OAAO,IAAMC,eAAe,GAAG,OAAxB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport const STATE_TOKEN_KEY_NAME = 'oktaStateToken';\nexport const DEFAULT_POLLING_DELAY = 500;\nexport const DEFAULT_MAX_CLOCK_SKEW = 300;\nexport const DEFAULT_CACHE_DURATION = 86400;\nexport const REDIRECT_OAUTH_PARAMS_NAME = 'okta-oauth-redirect-params';\nexport const REDIRECT_STATE_COOKIE_NAME = 'okta-oauth-state';\nexport const REDIRECT_NONCE_COOKIE_NAME = 'okta-oauth-nonce';\nexport const TOKEN_STORAGE_NAME = 'okta-token-storage';\nexport const CACHE_STORAGE_NAME = 'okta-cache-storage';\nexport const PKCE_STORAGE_NAME = 'okta-pkce-storage';\nexport const TRANSACTION_STORAGE_NAME = 'okta-transaction-storage';\nexport const SHARED_TRANSACTION_STORAGE_NAME = 'okta-shared-transaction-storage';\nexport const IDX_RESPONSE_STORAGE_NAME = 'okta-idx-response-storage';\nexport const ACCESS_TOKEN_STORAGE_KEY = 'accessToken';\nexport const ID_TOKEN_STORAGE_KEY = 'idToken';\nexport const REFRESH_TOKEN_STORAGE_KEY = 'refreshToken';\nexport const REFERRER_PATH_STORAGE_KEY = 'referrerPath';\n\n// Code verifier: Random URL-safe string with a minimum length of 43 characters.\n// Code challenge: Base64 URL-encoded SHA-256 hash of the code verifier.\nexport const MIN_VERIFIER_LENGTH = 43;\nexport const MAX_VERIFIER_LENGTH = 128;\nexport const DEFAULT_CODE_CHALLENGE_METHOD = 'S256';\n\nexport const IDX_API_VERSION = '1.0.0';"],"file":"constants.js"}
package/esm/fetch/fetchRequest.js CHANGED
@@ -25,11 +25,18 @@ function readData(response) {
25
25
  }
26
26
  }
27
27
 
28
- function formatResult(status, data) {
28
+ function formatResult(status, data, response) {
29
29
  var isObject = typeof data === 'object';
30
+ var headers = {};
31
+
32
+ for (var pair of response.headers.entries()) {
33
+ headers[pair[0]] = pair[1];
34
+ }
35
+
30
36
  var result = {
31
37
  responseText: isObject ? JSON.stringify(data) : data,
32
- status: status
38
+ status: status,
39
+ headers
33
40
  };
34
41
 
35
42
  if (isObject) {
@@ -67,7 +74,7 @@ function fetchRequest(method, url, args) {
67
74
  var error = !response.ok;
68
75
  var status = response.status;
69
76
  return readData(response).then(data => {
70
- return formatResult(status, data);
77
+ return formatResult(status, data, response);
71
78
  }).then(result => {
72
79
  var _result$responseJSON;
73
80
 
package/esm/fetch/fetchRequest.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/fetch/fetchRequest.ts"],"names":["crossFetch","readData","response","headers","get","toLowerCase","indexOf","json","catch","e","error","errorSummary","text","formatResult","status","data","isObject","result","responseText","JSON","stringify","responseType","responseJSON","fetchRequest","method","url","args","body","contentType","fetch","global","fetchPromise","credentials","withCredentials","finally","Promise","resolve","then","ok"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA,OAAOA,UAAP,MAAuB,aAAvB;;AAGA,SAASC,QAAT,CAAkBC,QAAlB,EAAqE;AACnE,MAAIA,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,KACFF,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,EAAqCC,WAArC,GAAmDC,OAAnD,CAA2D,kBAA3D,KAAkF,CADpF,EACuF;AACvF,WAAOJ,QAAQ,CAACK,IAAT,GACL;AADK,KAEJC,KAFI,CAEEC,CAAC,IAAI;AACV,aAAO;AACLC,QAAAA,KAAK,EAAED,CADF;AAELE,QAAAA,YAAY,EAAE;AAFT,OAAP;AAID,KAPI,CAAP;AAQC,GAVD,MAUO;AACL,WAAOT,QAAQ,CAACU,IAAT,EAAP;AACD;AACF;;AAED,SAASC,YAAT,CAAsBC,MAAtB,EAAsCC,IAAtC,EAA6D;AAC3D,MAAMC,QAAQ,GAAG,OAAOD,IAAP,KAAgB,QAAjC;AACA,MAAME,MAAoB,GAAG;AAC3BC,IAAAA,YAAY,EAAEF,QAAQ,GAAGG,IAAI,CAACC,SAAL,CAAeL,IAAf,CAAH,GAA0BA,IADrB;AAE3BD,IAAAA,MAAM,EAAEA;AAFmB,GAA7B;;AAIA,MAAIE,QAAJ,EAAc;AACZC,IAAAA,MAAM,CAACI,YAAP,GAAsB,MAAtB;AACAJ,IAAAA,MAAM,CAACK,YAAP,GAAsBP,IAAtB;AACD;;AACD,SAAOE,MAAP;AACD;AAED;;;AACA,SAASM,YAAT,CAAsBC,MAAtB,EAAsCC,GAAtC,EAAmDC,IAAnD,EAAuE;AACrE,MAAIC,IAAI,GAAGD,IAAI,CAACX,IAAhB;AACA,MAAIZ,OAAO,GAAGuB,IAAI,CAACvB,OAAL,IAAgB,EAA9B;AACA,MAAIyB,WAAW,GAAIzB,OAAO,CAAC,cAAD,CAAP,IAA2BA,OAAO,CAAC,cAAD,CAAlC,IAAsD,EAAzE,CAHqE,CAKrE;;AACA,MAAIyB,WAAW,KAAK,kBAAhB,IAAsCD,IAAtC,IAA8C,OAAOA,IAAP,KAAgB,QAAlE,EAA4E;AAC1EA,IAAAA,IAAI,GAAGR,IAAI,CAACC,SAAL,CAAeO,IAAf,CAAP;AACD;;AACD,MAAIE,KAAK,GAAGC,MAAM,CAACD,KAAP,IAAgB7B,UAA5B;AACA,MAAI+B,YAAY,GAAGF,KAAK,CAACJ,GAAD,EAAM;AAC5BD,IAAAA,MAAM,EAAEA,MADoB;AAE5BrB,IAAAA,OAAO,EAAEuB,IAAI,CAACvB,OAFc;AAG5BwB,IAAAA,IAAI,EAAEA,IAHsB;AAI5BK,IAAAA,WAAW,EAAEN,IAAI,CAACO,eAAL,GAAuB,SAAvB,GAAmC;AAJpB,GAAN,CAAxB;;AAOA,MAAI,CAACF,YAAY,CAACG,OAAlB,EAA2B;AACzBH,IAAAA,YAAY,GAAGI,OAAO,CAACC,OAAR,CAAgBL,YAAhB,CAAf;AACD;;AAED,SAAOA,YAAY,CAACM,IAAb,CAAkB,UAASnC,QAAT,EAAmB;AAC1C,QAAIQ,KAAK,GAAG,CAACR,QAAQ,CAACoC,EAAtB;AACA,QAAIxB,MAAM,GAAGZ,QAAQ,CAACY,MAAtB;AACA,WAAOb,QAAQ,CAACC,QAAD,CAAR,CACJmC,IADI,CACCtB,IAAI,IAAI;AACZ,aAAOF,YAAY,CAACC,MAAD,EAASC,IAAT,CAAnB;AACD,KAHI,EAIJsB,IAJI,CAICpB,MAAM,IAAI;AAAA;;AACd,UAAIP,KAAK,4BAAIO,MAAM,CAACK,YAAX,iDAAI,qBAAqBZ,KAAlC,EAAyC;AACvC;AACA,cAAMO,MAAN;AACD;;AACD,aAAOA,MAAP;AACD,KAVI,CAAP;AAWD,GAdM,CAAP;AAeD;;AAED,eAAeM,YAAf","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport crossFetch from 'cross-fetch';\nimport { FetchOptions, FetchResponse, HttpResponse } from '../types';\n\nfunction readData(response: FetchResponse): Promise<object | string> {\n if (response.headers.get('Content-Type') &&\n response.headers.get('Content-Type').toLowerCase().indexOf('application/json') >= 0) {\n return response.json()\n // JSON parse can fail if response is not a valid object\n .catch(e => {\n return {\n error: e,\n errorSummary: 'Could not parse server response'\n };\n });\n } else {\n return response.text();\n }\n}\n\nfunction formatResult(status: number, data: object | string) {\n const isObject = typeof data === 'object';\n const result: HttpResponse = {\n responseText: isObject ? JSON.stringify(data) : data as string,\n status: status\n };\n if (isObject) {\n result.responseType = 'json';\n result.responseJSON = data as object;\n }\n return result;\n}\n\n/* eslint-disable complexity */\nfunction fetchRequest(method: string, url: string, args: FetchOptions) {\n var body = args.data;\n var headers = args.headers || {};\n var contentType = (headers['Content-Type'] || headers['content-type'] || '');\n\n // JSON encode body (if appropriate)\n if (contentType === 'application/json' && body && typeof body !== 'string') {\n body = JSON.stringify(body);\n }\n var fetch = global.fetch || crossFetch;\n var fetchPromise = fetch(url, {\n method: method,\n headers: args.headers,\n body: body as string,\n credentials: args.withCredentials ? 'include' : 'omit'\n });\n\n if (!fetchPromise.finally) {\n fetchPromise = Promise.resolve(fetchPromise);\n }\n\n return fetchPromise.then(function(response) {\n var error = !response.ok;\n var status = response.status;\n return readData(response)\n .then(data => {\n return formatResult(status, data);\n })\n .then(result => {\n if (error || result.responseJSON?.error) {\n // Throwing result object since error handling is done in http.js\n throw result;\n }\n return result;\n });\n });\n}\n\nexport default fetchRequest;\n"],"file":"fetchRequest.js"}
1
+ {"version":3,"sources":["../../../lib/fetch/fetchRequest.ts"],"names":["crossFetch","readData","response","headers","get","toLowerCase","indexOf","json","catch","e","error","errorSummary","text","formatResult","status","data","isObject","pair","entries","result","responseText","JSON","stringify","responseType","responseJSON","fetchRequest","method","url","args","body","contentType","fetch","global","fetchPromise","credentials","withCredentials","finally","Promise","resolve","then","ok"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA,OAAOA,UAAP,MAAuB,aAAvB;;AAGA,SAASC,QAAT,CAAkBC,QAAlB,EAAqE;AACnE,MAAIA,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,KACFF,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,EAAqCC,WAArC,GAAmDC,OAAnD,CAA2D,kBAA3D,KAAkF,CADpF,EACuF;AACvF,WAAOJ,QAAQ,CAACK,IAAT,GACL;AADK,KAEJC,KAFI,CAEEC,CAAC,IAAI;AACV,aAAO;AACLC,QAAAA,KAAK,EAAED,CADF;AAELE,QAAAA,YAAY,EAAE;AAFT,OAAP;AAID,KAPI,CAAP;AAQC,GAVD,MAUO;AACL,WAAOT,QAAQ,CAACU,IAAT,EAAP;AACD;AACF;;AAED,SAASC,YAAT,CAAsBC,MAAtB,EAAsCC,IAAtC,EAA6Db,QAA7D,EAAiF;AAC/E,MAAMc,QAAQ,GAAG,OAAOD,IAAP,KAAgB,QAAjC;AACA,MAAMZ,OAAO,GAAG,EAAhB;;AACA,OAAK,IAAMc,IAAX,IAAmBf,QAAQ,CAACC,OAAT,CAAiBe,OAAjB,EAAnB,EAA+C;AAC7Cf,IAAAA,OAAO,CAACc,IAAI,CAAC,CAAD,CAAL,CAAP,GAAmBA,IAAI,CAAC,CAAD,CAAvB;AACD;;AACD,MAAME,MAAoB,GAAG;AAC3BC,IAAAA,YAAY,EAAEJ,QAAQ,GAAGK,IAAI,CAACC,SAAL,CAAeP,IAAf,CAAH,GAA0BA,IADrB;AAE3BD,IAAAA,MAAM,EAAEA,MAFmB;AAG3BX,IAAAA;AAH2B,GAA7B;;AAKA,MAAIa,QAAJ,EAAc;AACZG,IAAAA,MAAM,CAACI,YAAP,GAAsB,MAAtB;AACAJ,IAAAA,MAAM,CAACK,YAAP,GAAsBT,IAAtB;AACD;;AACD,SAAOI,MAAP;AACD;AAED;;;AACA,SAASM,YAAT,CAAsBC,MAAtB,EAAsCC,GAAtC,EAAmDC,IAAnD,EAAuE;AACrE,MAAIC,IAAI,GAAGD,IAAI,CAACb,IAAhB;AACA,MAAIZ,OAAO,GAAGyB,IAAI,CAACzB,OAAL,IAAgB,EAA9B;AACA,MAAI2B,WAAW,GAAI3B,OAAO,CAAC,cAAD,CAAP,IAA2BA,OAAO,CAAC,cAAD,CAAlC,IAAsD,EAAzE,CAHqE,CAKrE;;AACA,MAAI2B,WAAW,KAAK,kBAAhB,IAAsCD,IAAtC,IAA8C,OAAOA,IAAP,KAAgB,QAAlE,EAA4E;AAC1EA,IAAAA,IAAI,GAAGR,IAAI,CAACC,SAAL,CAAeO,IAAf,CAAP;AACD;;AACD,MAAIE,KAAK,GAAGC,MAAM,CAACD,KAAP,IAAgB/B,UAA5B;AACA,MAAIiC,YAAY,GAAGF,KAAK,CAACJ,GAAD,EAAM;AAC5BD,IAAAA,MAAM,EAAEA,MADoB;AAE5BvB,IAAAA,OAAO,EAAEyB,IAAI,CAACzB,OAFc;AAG5B0B,IAAAA,IAAI,EAAEA,IAHsB;AAI5BK,IAAAA,WAAW,EAAEN,IAAI,CAACO,eAAL,GAAuB,SAAvB,GAAmC;AAJpB,GAAN,CAAxB;;AAOA,MAAI,CAACF,YAAY,CAACG,OAAlB,EAA2B;AACzBH,IAAAA,YAAY,GAAGI,OAAO,CAACC,OAAR,CAAgBL,YAAhB,CAAf;AACD;;AAED,SAAOA,YAAY,CAACM,IAAb,CAAkB,UAASrC,QAAT,EAAmB;AAC1C,QAAIQ,KAAK,GAAG,CAACR,QAAQ,CAACsC,EAAtB;AACA,QAAI1B,MAAM,GAAGZ,QAAQ,CAACY,MAAtB;AACA,WAAOb,QAAQ,CAACC,QAAD,CAAR,CACJqC,IADI,CACCxB,IAAI,IAAI;AACZ,aAAOF,YAAY,CAACC,MAAD,EAASC,IAAT,EAAeb,QAAf,CAAnB;AACD,KAHI,EAIJqC,IAJI,CAICpB,MAAM,IAAI;AAAA;;AACd,UAAIT,KAAK,4BAAIS,MAAM,CAACK,YAAX,iDAAI,qBAAqBd,KAAlC,EAAyC;AACvC;AACA,cAAMS,MAAN;AACD;;AACD,aAAOA,MAAP;AACD,KAVI,CAAP;AAWD,GAdM,CAAP;AAeD;;AAED,eAAeM,YAAf","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport crossFetch from 'cross-fetch';\nimport { FetchOptions, FetchResponse, HttpResponse } from '../types';\n\nfunction readData(response: FetchResponse): Promise<object | string> {\n if (response.headers.get('Content-Type') &&\n response.headers.get('Content-Type').toLowerCase().indexOf('application/json') >= 0) {\n return response.json()\n // JSON parse can fail if response is not a valid object\n .catch(e => {\n return {\n error: e,\n errorSummary: 'Could not parse server response'\n };\n });\n } else {\n return response.text();\n }\n}\n\nfunction formatResult(status: number, data: object | string, response: Response) {\n const isObject = typeof data === 'object';\n const headers = {};\n for (const pair of response.headers.entries()) {\n headers[pair[0]] = pair[1];\n }\n const result: HttpResponse = {\n responseText: isObject ? JSON.stringify(data) : data as string,\n status: status,\n headers\n };\n if (isObject) {\n result.responseType = 'json';\n result.responseJSON = data as object;\n }\n return result;\n}\n\n/* eslint-disable complexity */\nfunction fetchRequest(method: string, url: string, args: FetchOptions) {\n var body = args.data;\n var headers = args.headers || {};\n var contentType = (headers['Content-Type'] || headers['content-type'] || '');\n\n // JSON encode body (if appropriate)\n if (contentType === 'application/json' && body && typeof body !== 'string') {\n body = JSON.stringify(body);\n }\n var fetch = global.fetch || crossFetch;\n var fetchPromise = fetch(url, {\n method: method,\n headers: args.headers,\n body: body as string,\n credentials: args.withCredentials ? 'include' : 'omit'\n });\n\n if (!fetchPromise.finally) {\n fetchPromise = Promise.resolve(fetchPromise);\n }\n\n return fetchPromise.then(function(response) {\n var error = !response.ok;\n var status = response.status;\n return readData(response)\n .then(data => {\n return formatResult(status, data, response);\n })\n .then(result => {\n if (error || result.responseJSON?.error) {\n // Throwing result object since error handling is done in http.js\n throw result;\n }\n return result;\n });\n });\n}\n\nexport default fetchRequest;\n"],"file":"fetchRequest.js"}
package/esm/http/request.js CHANGED
@@ -68,6 +68,10 @@ export function httpRequest(sdk, options) {
68
68
 
69
69
  if (res && isString(res)) {
70
70
  res = JSON.parse(res);
71
+
72
+ if (res && typeof res === 'object' && !res.headers) {
73
+ res.headers = resp.headers;
74
+ }
71
75
  }
72
76
 
73
77
  if (saveAuthnState) {
package/esm/http/request.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/http/request.ts"],"names":["isString","clone","isAbsoluteUrl","removeNils","AuthApiError","STATE_TOKEN_KEY_NAME","DEFAULT_CACHE_DURATION","httpRequest","sdk","options","url","method","args","saveAuthnState","accessToken","withCredentials","storageUtil","storage","httpCache","storageManager","getHttpCache","cookies","cacheResponse","cacheContents","getStorage","cachedResponse","Date","now","expiresAt","Promise","resolve","response","oktaUserAgentHeader","_oktaUserAgent","getHttpHeader","headers","Object","assign","ajaxOptions","data","undefined","err","res","httpRequestClient","then","resp","responseText","JSON","parse","stateToken","delete","set","updateStorage","Math","floor","catch","serverErr","e","errorSummary","status","transformErrorXHR","errorCode","get","getIssuerOrigin","getOptions","post","postOptions"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA,SAASA,QAAT,EAAmBC,KAAnB,EAA0BC,aAA1B,EAAyCC,UAAzC,QAA2D,SAA3D;AACA,OAAOC,YAAP,MAAyB,wBAAzB;AACA,SAASC,oBAAT,EAA+BC,sBAA/B,QAA6D,cAA7D;AAGA,OAAO,SAASC,WAAT,CAAqBC,GAArB,EAAoCC,OAApC,EAA2E;AAChFA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;AACA,MAAIC,GAAG,GAAGD,OAAO,CAACC,GAAlB;AAAA,MACIC,MAAM,GAAGF,OAAO,CAACE,MADrB;AAAA,MAEIC,IAAI,GAAGH,OAAO,CAACG,IAFnB;AAAA,MAGIC,cAAc,GAAGJ,OAAO,CAACI,cAH7B;AAAA,MAIIC,WAAW,GAAGL,OAAO,CAACK,WAJ1B;AAAA,MAKIC,eAAe,GAAGN,OAAO,CAACM,eAAR,KAA4B,IALlD;AAAA,MAKwD;AACpDC,EAAAA,WAAW,GAAGR,GAAG,CAACC,OAAJ,CAAYO,WAN9B;AAAA,MAOIC,OAAO,GAAGD,WAAW,CAACC,OAP1B;AAAA,MAQIC,SAAS,GAAGV,GAAG,CAACW,cAAJ,CAAmBC,YAAnB,CAAgCZ,GAAG,CAACC,OAAJ,CAAYY,OAA5C,CARhB;;AAUA,MAAIZ,OAAO,CAACa,aAAZ,EAA2B;AACzB,QAAIC,aAAa,GAAGL,SAAS,CAACM,UAAV,EAApB;AACA,QAAIC,cAAc,GAAGF,aAAa,CAACb,GAAD,CAAlC;;AACA,QAAIe,cAAc,IAAIC,IAAI,CAACC,GAAL,KAAW,IAAX,GAAkBF,cAAc,CAACG,SAAvD,EAAkE;AAChE,aAAOC,OAAO,CAACC,OAAR,CAAgBL,cAAc,CAACM,QAA/B,CAAP;AACD;AACF;;AAED,MAAIC,mBAAmB,GAAGxB,GAAG,CAACyB,cAAJ,CAAmBC,aAAnB,EAA1B;;AACA,MAAIC,OAAoB;AACtB,cAAU,kBADY;AAEtB,oBAAgB;AAFM,KAGnBH,mBAHmB,CAAxB;;AAKAI,EAAAA,MAAM,CAACC,MAAP,CAAcF,OAAd,EAAuB3B,GAAG,CAACC,OAAJ,CAAY0B,OAAnC,EAA4C1B,OAAO,CAAC0B,OAApD;AACAA,EAAAA,OAAO,GAAGhC,UAAU,CAACgC,OAAD,CAApB;;AAEA,MAAIrB,WAAW,IAAId,QAAQ,CAACc,WAAD,CAA3B,EAA0C;AACxCqB,IAAAA,OAAO,CAAC,eAAD,CAAP,GAA2B,YAAYrB,WAAvC;AACD;;AAED,MAAIwB,WAAyB,GAAG;AAC9BH,IAAAA,OAD8B;AAE9BI,IAAAA,IAAI,EAAE3B,IAAI,IAAI4B,SAFgB;AAG9BzB,IAAAA;AAH8B,GAAhC;AAMA,MAAI0B,GAAJ,EAASC,GAAT;AACA,SAAOlC,GAAG,CAACC,OAAJ,CAAYkC,iBAAZ,CAA8BhC,MAA9B,EAAsCD,GAAtC,EAA2C4B,WAA3C,EACJM,IADI,CACC,UAASC,IAAT,EAAe;AACnBH,IAAAA,GAAG,GAAGG,IAAI,CAACC,YAAX;;AACA,QAAIJ,GAAG,IAAI1C,QAAQ,CAAC0C,GAAD,CAAnB,EAA0B;AACxBA,MAAAA,GAAG,GAAGK,IAAI,CAACC,KAAL,CAAWN,GAAX,CAAN;AACD;;AAED,QAAI7B,cAAJ,EAAoB;AAClB,UAAI,CAAC6B,GAAG,CAACO,UAAT,EAAqB;AACnBhC,QAAAA,OAAO,CAACiC,MAAR,CAAe7C,oBAAf;AACD;AACF;;AAED,QAAIqC,GAAG,IAAIA,GAAG,CAACO,UAAX,IAAyBP,GAAG,CAACd,SAAjC,EAA4C;AAC1CX,MAAAA,OAAO,CAACkC,GAAR,CAAY9C,oBAAZ,EAAkCqC,GAAG,CAACO,UAAtC,EAAkDP,GAAG,CAACd,SAAtD,EAAiEpB,GAAG,CAACC,OAAJ,CAAYY,OAA7E;AACD;;AAED,QAAIqB,GAAG,IAAIjC,OAAO,CAACa,aAAnB,EAAkC;AAChCJ,MAAAA,SAAS,CAACkC,aAAV,CAAwB1C,GAAxB,EAA6B;AAC3BkB,QAAAA,SAAS,EAAEyB,IAAI,CAACC,KAAL,CAAW5B,IAAI,CAACC,GAAL,KAAW,IAAtB,IAA8BrB,sBADd;AAE3ByB,QAAAA,QAAQ,EAAEW;AAFiB,OAA7B;AAID;;AAED,WAAOA,GAAP;AACD,GAzBI,EA0BJa,KA1BI,CA0BE,UAASV,IAAT,EAAe;AACpB,QAAIW,SAAS,GAAGX,IAAI,CAACC,YAAL,IAAqB,EAArC;;AACA,QAAI9C,QAAQ,CAACwD,SAAD,CAAZ,EAAyB;AACvB,UAAI;AACFA,QAAAA,SAAS,GAAGT,IAAI,CAACC,KAAL,CAAWQ,SAAX,CAAZ;AACD,OAFD,CAEE,OAAOC,CAAP,EAAU;AACVD,QAAAA,SAAS,GAAG;AACVE,UAAAA,YAAY,EAAE;AADJ,SAAZ;AAGD;AACF;;AAED,QAAIb,IAAI,CAACc,MAAL,IAAe,GAAnB,EAAwB;AACtBH,MAAAA,SAAS,CAACE,YAAV,GAAyB,eAAzB;AACD;;AAED,QAAIlD,GAAG,CAACC,OAAJ,CAAYmD,iBAAhB,EAAmC;AACjCf,MAAAA,IAAI,GAAGrC,GAAG,CAACC,OAAJ,CAAYmD,iBAAZ,CAA8B3D,KAAK,CAAC4C,IAAD,CAAnC,CAAP;AACD;;AAEDJ,IAAAA,GAAG,GAAG,IAAIrC,YAAJ,CAAiBoD,SAAjB,EAA4BX,IAA5B,CAAN;;AAEA,QAAIJ,GAAG,CAACoB,SAAJ,KAAkB,UAAtB,EAAkC;AAChC5C,MAAAA,OAAO,CAACiC,MAAR,CAAe7C,oBAAf;AACD;;AAED,UAAMoC,GAAN;AACD,GArDI,CAAP;AAsDD;AAED,OAAO,SAASqB,GAAT,CAAatD,GAAb,EAA4BE,GAA5B,EAAyCD,OAAzC,EAAmE;AACxEC,EAAAA,GAAG,GAAGR,aAAa,CAACQ,GAAD,CAAb,GAAqBA,GAArB,GAA2BF,GAAG,CAACuD,eAAJ,KAAwBrD,GAAzD;AACA,MAAIsD,UAAU,GAAG;AACftD,IAAAA,GAAG,EAAEA,GADU;AAEfC,IAAAA,MAAM,EAAE;AAFO,GAAjB;AAIAyB,EAAAA,MAAM,CAACC,MAAP,CAAc2B,UAAd,EAA0BvD,OAA1B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAMwD,UAAN,CAAlB;AACD;AAED,OAAO,SAASC,IAAT,CAAczD,GAAd,EAA6BE,GAA7B,EAA0CE,IAA1C,EAA8DH,OAA9D,EAAwF;AAC7FC,EAAAA,GAAG,GAAGR,aAAa,CAACQ,GAAD,CAAb,GAAqBA,GAArB,GAA2BF,GAAG,CAACuD,eAAJ,KAAwBrD,GAAzD;AACA,MAAIwD,WAAW,GAAG;AAChBxD,IAAAA,GAAG,EAAEA,GADW;AAEhBC,IAAAA,MAAM,EAAE,MAFQ;AAGhBC,IAAAA,IAAI,EAAEA,IAHU;AAIhBC,IAAAA,cAAc,EAAE;AAJA,GAAlB;AAMAuB,EAAAA,MAAM,CAACC,MAAP,CAAc6B,WAAd,EAA2BzD,OAA3B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAM0D,WAAN,CAAlB;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* eslint-disable complexity */\nimport { isString, clone, isAbsoluteUrl, removeNils } from '../util';\nimport AuthApiError from '../errors/AuthApiError';\nimport { STATE_TOKEN_KEY_NAME, DEFAULT_CACHE_DURATION } from '../constants';\nimport { OktaAuth, RequestOptions, FetchOptions, RequestData } from '../types';\n\nexport function httpRequest(sdk: OktaAuth, options: RequestOptions): Promise<any> {\n options = options || {};\n var url = options.url,\n method = options.method,\n args = options.args,\n saveAuthnState = options.saveAuthnState,\n accessToken = options.accessToken,\n withCredentials = options.withCredentials === true, // default value is false\n storageUtil = sdk.options.storageUtil,\n storage = storageUtil.storage,\n httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);\n\n if (options.cacheResponse) {\n var cacheContents = httpCache.getStorage();\n var cachedResponse = cacheContents[url];\n if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n return Promise.resolve(cachedResponse.response);\n }\n }\n\n var oktaUserAgentHeader = sdk._oktaUserAgent.getHttpHeader();\n var headers: HeadersInit = {\n 'Accept': 'application/json',\n 'Content-Type': 'application/json',\n ...oktaUserAgentHeader\n };\n Object.assign(headers, sdk.options.headers, options.headers);\n headers = removeNils(headers) as HeadersInit;\n\n if (accessToken && isString(accessToken)) {\n headers['Authorization'] = 'Bearer ' + accessToken;\n }\n\n var ajaxOptions: FetchOptions = {\n headers,\n data: args || undefined,\n withCredentials\n };\n\n var err, res;\n return sdk.options.httpRequestClient(method, url, ajaxOptions)\n .then(function(resp) {\n res = resp.responseText;\n if (res && isString(res)) {\n res = JSON.parse(res);\n }\n\n if (saveAuthnState) {\n if (!res.stateToken) {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n }\n\n if (res && res.stateToken && res.expiresAt) {\n storage.set(STATE_TOKEN_KEY_NAME, res.stateToken, res.expiresAt, sdk.options.cookies);\n }\n\n if (res && options.cacheResponse) {\n httpCache.updateStorage(url, {\n expiresAt: Math.floor(Date.now()/1000) + DEFAULT_CACHE_DURATION,\n response: res\n });\n }\n\n return res;\n })\n .catch(function(resp) {\n var serverErr = resp.responseText || {};\n if (isString(serverErr)) {\n try {\n serverErr = JSON.parse(serverErr);\n } catch (e) {\n serverErr = {\n errorSummary: 'Unknown error'\n };\n }\n }\n\n if (resp.status >= 500) {\n serverErr.errorSummary = 'Unknown error';\n }\n\n if (sdk.options.transformErrorXHR) {\n resp = sdk.options.transformErrorXHR(clone(resp));\n }\n\n err = new AuthApiError(serverErr, resp);\n\n if (err.errorCode === 'E0000011') {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n\n throw err;\n });\n}\n\nexport function get(sdk: OktaAuth, url: string, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var getOptions = {\n url: url,\n method: 'GET'\n };\n Object.assign(getOptions, options);\n return httpRequest(sdk, getOptions);\n}\n\nexport function post(sdk: OktaAuth, url: string, args?: RequestData, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var postOptions = {\n url: url,\n method: 'POST',\n args: args,\n saveAuthnState: true\n };\n Object.assign(postOptions, options);\n return httpRequest(sdk, postOptions);\n}\n"],"file":"request.js"}
1
+ {"version":3,"sources":["../../../lib/http/request.ts"],"names":["isString","clone","isAbsoluteUrl","removeNils","AuthApiError","STATE_TOKEN_KEY_NAME","DEFAULT_CACHE_DURATION","httpRequest","sdk","options","url","method","args","saveAuthnState","accessToken","withCredentials","storageUtil","storage","httpCache","storageManager","getHttpCache","cookies","cacheResponse","cacheContents","getStorage","cachedResponse","Date","now","expiresAt","Promise","resolve","response","oktaUserAgentHeader","_oktaUserAgent","getHttpHeader","headers","Object","assign","ajaxOptions","data","undefined","err","res","httpRequestClient","then","resp","responseText","JSON","parse","stateToken","delete","set","updateStorage","Math","floor","catch","serverErr","e","errorSummary","status","transformErrorXHR","errorCode","get","getIssuerOrigin","getOptions","post","postOptions"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA,SAASA,QAAT,EAAmBC,KAAnB,EAA0BC,aAA1B,EAAyCC,UAAzC,QAA2D,SAA3D;AACA,OAAOC,YAAP,MAAyB,wBAAzB;AACA,SAASC,oBAAT,EAA+BC,sBAA/B,QAA6D,cAA7D;AAGA,OAAO,SAASC,WAAT,CAAqBC,GAArB,EAAoCC,OAApC,EAA2E;AAChFA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;AACA,MAAIC,GAAG,GAAGD,OAAO,CAACC,GAAlB;AAAA,MACIC,MAAM,GAAGF,OAAO,CAACE,MADrB;AAAA,MAEIC,IAAI,GAAGH,OAAO,CAACG,IAFnB;AAAA,MAGIC,cAAc,GAAGJ,OAAO,CAACI,cAH7B;AAAA,MAIIC,WAAW,GAAGL,OAAO,CAACK,WAJ1B;AAAA,MAKIC,eAAe,GAAGN,OAAO,CAACM,eAAR,KAA4B,IALlD;AAAA,MAKwD;AACpDC,EAAAA,WAAW,GAAGR,GAAG,CAACC,OAAJ,CAAYO,WAN9B;AAAA,MAOIC,OAAO,GAAGD,WAAW,CAACC,OAP1B;AAAA,MAQIC,SAAS,GAAGV,GAAG,CAACW,cAAJ,CAAmBC,YAAnB,CAAgCZ,GAAG,CAACC,OAAJ,CAAYY,OAA5C,CARhB;;AAUA,MAAIZ,OAAO,CAACa,aAAZ,EAA2B;AACzB,QAAIC,aAAa,GAAGL,SAAS,CAACM,UAAV,EAApB;AACA,QAAIC,cAAc,GAAGF,aAAa,CAACb,GAAD,CAAlC;;AACA,QAAIe,cAAc,IAAIC,IAAI,CAACC,GAAL,KAAW,IAAX,GAAkBF,cAAc,CAACG,SAAvD,EAAkE;AAChE,aAAOC,OAAO,CAACC,OAAR,CAAgBL,cAAc,CAACM,QAA/B,CAAP;AACD;AACF;;AAED,MAAIC,mBAAmB,GAAGxB,GAAG,CAACyB,cAAJ,CAAmBC,aAAnB,EAA1B;;AACA,MAAIC,OAAoB;AACtB,cAAU,kBADY;AAEtB,oBAAgB;AAFM,KAGnBH,mBAHmB,CAAxB;;AAKAI,EAAAA,MAAM,CAACC,MAAP,CAAcF,OAAd,EAAuB3B,GAAG,CAACC,OAAJ,CAAY0B,OAAnC,EAA4C1B,OAAO,CAAC0B,OAApD;AACAA,EAAAA,OAAO,GAAGhC,UAAU,CAACgC,OAAD,CAApB;;AAEA,MAAIrB,WAAW,IAAId,QAAQ,CAACc,WAAD,CAA3B,EAA0C;AACxCqB,IAAAA,OAAO,CAAC,eAAD,CAAP,GAA2B,YAAYrB,WAAvC;AACD;;AAED,MAAIwB,WAAyB,GAAG;AAC9BH,IAAAA,OAD8B;AAE9BI,IAAAA,IAAI,EAAE3B,IAAI,IAAI4B,SAFgB;AAG9BzB,IAAAA;AAH8B,GAAhC;AAMA,MAAI0B,GAAJ,EAASC,GAAT;AACA,SAAOlC,GAAG,CAACC,OAAJ,CAAYkC,iBAAZ,CAA8BhC,MAA9B,EAAsCD,GAAtC,EAA2C4B,WAA3C,EACJM,IADI,CACC,UAASC,IAAT,EAAe;AACnBH,IAAAA,GAAG,GAAGG,IAAI,CAACC,YAAX;;AACA,QAAIJ,GAAG,IAAI1C,QAAQ,CAAC0C,GAAD,CAAnB,EAA0B;AACxBA,MAAAA,GAAG,GAAGK,IAAI,CAACC,KAAL,CAAWN,GAAX,CAAN;;AACA,UAAIA,GAAG,IAAI,OAAOA,GAAP,KAAe,QAAtB,IAAkC,CAACA,GAAG,CAACP,OAA3C,EAAoD;AAClDO,QAAAA,GAAG,CAACP,OAAJ,GAAcU,IAAI,CAACV,OAAnB;AACD;AACF;;AAED,QAAItB,cAAJ,EAAoB;AAClB,UAAI,CAAC6B,GAAG,CAACO,UAAT,EAAqB;AACnBhC,QAAAA,OAAO,CAACiC,MAAR,CAAe7C,oBAAf;AACD;AACF;;AAED,QAAIqC,GAAG,IAAIA,GAAG,CAACO,UAAX,IAAyBP,GAAG,CAACd,SAAjC,EAA4C;AAC1CX,MAAAA,OAAO,CAACkC,GAAR,CAAY9C,oBAAZ,EAAkCqC,GAAG,CAACO,UAAtC,EAAkDP,GAAG,CAACd,SAAtD,EAAiEpB,GAAG,CAACC,OAAJ,CAAYY,OAA7E;AACD;;AAED,QAAIqB,GAAG,IAAIjC,OAAO,CAACa,aAAnB,EAAkC;AAChCJ,MAAAA,SAAS,CAACkC,aAAV,CAAwB1C,GAAxB,EAA6B;AAC3BkB,QAAAA,SAAS,EAAEyB,IAAI,CAACC,KAAL,CAAW5B,IAAI,CAACC,GAAL,KAAW,IAAtB,IAA8BrB,sBADd;AAE3ByB,QAAAA,QAAQ,EAAEW;AAFiB,OAA7B;AAID;;AAED,WAAOA,GAAP;AACD,GA5BI,EA6BJa,KA7BI,CA6BE,UAASV,IAAT,EAAe;AACpB,QAAIW,SAAS,GAAGX,IAAI,CAACC,YAAL,IAAqB,EAArC;;AACA,QAAI9C,QAAQ,CAACwD,SAAD,CAAZ,EAAyB;AACvB,UAAI;AACFA,QAAAA,SAAS,GAAGT,IAAI,CAACC,KAAL,CAAWQ,SAAX,CAAZ;AACD,OAFD,CAEE,OAAOC,CAAP,EAAU;AACVD,QAAAA,SAAS,GAAG;AACVE,UAAAA,YAAY,EAAE;AADJ,SAAZ;AAGD;AACF;;AAED,QAAIb,IAAI,CAACc,MAAL,IAAe,GAAnB,EAAwB;AACtBH,MAAAA,SAAS,CAACE,YAAV,GAAyB,eAAzB;AACD;;AAED,QAAIlD,GAAG,CAACC,OAAJ,CAAYmD,iBAAhB,EAAmC;AACjCf,MAAAA,IAAI,GAAGrC,GAAG,CAACC,OAAJ,CAAYmD,iBAAZ,CAA8B3D,KAAK,CAAC4C,IAAD,CAAnC,CAAP;AACD;;AAEDJ,IAAAA,GAAG,GAAG,IAAIrC,YAAJ,CAAiBoD,SAAjB,EAA4BX,IAA5B,CAAN;;AAEA,QAAIJ,GAAG,CAACoB,SAAJ,KAAkB,UAAtB,EAAkC;AAChC5C,MAAAA,OAAO,CAACiC,MAAR,CAAe7C,oBAAf;AACD;;AAED,UAAMoC,GAAN;AACD,GAxDI,CAAP;AAyDD;AAED,OAAO,SAASqB,GAAT,CAAatD,GAAb,EAA4BE,GAA5B,EAAyCD,OAAzC,EAAmE;AACxEC,EAAAA,GAAG,GAAGR,aAAa,CAACQ,GAAD,CAAb,GAAqBA,GAArB,GAA2BF,GAAG,CAACuD,eAAJ,KAAwBrD,GAAzD;AACA,MAAIsD,UAAU,GAAG;AACftD,IAAAA,GAAG,EAAEA,GADU;AAEfC,IAAAA,MAAM,EAAE;AAFO,GAAjB;AAIAyB,EAAAA,MAAM,CAACC,MAAP,CAAc2B,UAAd,EAA0BvD,OAA1B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAMwD,UAAN,CAAlB;AACD;AAED,OAAO,SAASC,IAAT,CAAczD,GAAd,EAA6BE,GAA7B,EAA0CE,IAA1C,EAA8DH,OAA9D,EAAwF;AAC7FC,EAAAA,GAAG,GAAGR,aAAa,CAACQ,GAAD,CAAb,GAAqBA,GAArB,GAA2BF,GAAG,CAACuD,eAAJ,KAAwBrD,GAAzD;AACA,MAAIwD,WAAW,GAAG;AAChBxD,IAAAA,GAAG,EAAEA,GADW;AAEhBC,IAAAA,MAAM,EAAE,MAFQ;AAGhBC,IAAAA,IAAI,EAAEA,IAHU;AAIhBC,IAAAA,cAAc,EAAE;AAJA,GAAlB;AAMAuB,EAAAA,MAAM,CAACC,MAAP,CAAc6B,WAAd,EAA2BzD,OAA3B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAM0D,WAAN,CAAlB;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* eslint-disable complexity */\nimport { isString, clone, isAbsoluteUrl, removeNils } from '../util';\nimport AuthApiError from '../errors/AuthApiError';\nimport { STATE_TOKEN_KEY_NAME, DEFAULT_CACHE_DURATION } from '../constants';\nimport { OktaAuth, RequestOptions, FetchOptions, RequestData } from '../types';\n\nexport function httpRequest(sdk: OktaAuth, options: RequestOptions): Promise<any> {\n options = options || {};\n var url = options.url,\n method = options.method,\n args = options.args,\n saveAuthnState = options.saveAuthnState,\n accessToken = options.accessToken,\n withCredentials = options.withCredentials === true, // default value is false\n storageUtil = sdk.options.storageUtil,\n storage = storageUtil.storage,\n httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);\n\n if (options.cacheResponse) {\n var cacheContents = httpCache.getStorage();\n var cachedResponse = cacheContents[url];\n if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n return Promise.resolve(cachedResponse.response);\n }\n }\n\n var oktaUserAgentHeader = sdk._oktaUserAgent.getHttpHeader();\n var headers: HeadersInit = {\n 'Accept': 'application/json',\n 'Content-Type': 'application/json',\n ...oktaUserAgentHeader\n };\n Object.assign(headers, sdk.options.headers, options.headers);\n headers = removeNils(headers) as HeadersInit;\n\n if (accessToken && isString(accessToken)) {\n headers['Authorization'] = 'Bearer ' + accessToken;\n }\n\n var ajaxOptions: FetchOptions = {\n headers,\n data: args || undefined,\n withCredentials\n };\n\n var err, res;\n return sdk.options.httpRequestClient(method, url, ajaxOptions)\n .then(function(resp) {\n res = resp.responseText;\n if (res && isString(res)) {\n res = JSON.parse(res);\n if (res && typeof res === 'object' && !res.headers) {\n res.headers = resp.headers;\n }\n }\n\n if (saveAuthnState) {\n if (!res.stateToken) {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n }\n\n if (res && res.stateToken && res.expiresAt) {\n storage.set(STATE_TOKEN_KEY_NAME, res.stateToken, res.expiresAt, sdk.options.cookies);\n }\n\n if (res && options.cacheResponse) {\n httpCache.updateStorage(url, {\n expiresAt: Math.floor(Date.now()/1000) + DEFAULT_CACHE_DURATION,\n response: res\n });\n }\n\n return res;\n })\n .catch(function(resp) {\n var serverErr = resp.responseText || {};\n if (isString(serverErr)) {\n try {\n serverErr = JSON.parse(serverErr);\n } catch (e) {\n serverErr = {\n errorSummary: 'Unknown error'\n };\n }\n }\n\n if (resp.status >= 500) {\n serverErr.errorSummary = 'Unknown error';\n }\n\n if (sdk.options.transformErrorXHR) {\n resp = sdk.options.transformErrorXHR(clone(resp));\n }\n\n err = new AuthApiError(serverErr, resp);\n\n if (err.errorCode === 'E0000011') {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n\n throw err;\n });\n}\n\nexport function get(sdk: OktaAuth, url: string, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var getOptions = {\n url: url,\n method: 'GET'\n };\n Object.assign(getOptions, options);\n return httpRequest(sdk, getOptions);\n}\n\nexport function post(sdk: OktaAuth, url: string, args?: RequestData, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var postOptions = {\n url: url,\n method: 'POST',\n args: args,\n saveAuthnState: true\n };\n Object.assign(postOptions, options);\n return httpRequest(sdk, postOptions);\n}\n"],"file":"request.js"}
package/esm/idx/remediate.js CHANGED
@@ -21,10 +21,6 @@ function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { va
21
21
  import idx from '@okta/okta-idx-js';
22
22
  import { AuthSdkError } from '../errors';
23
23
  import { isRawIdxResponse } from './types/idx-js';
24
- var actionsTriggeredByValues = {
25
- resend: 'currentAuthenticatorEnrollment-resend' // assuming only one '-resend' action is present in response
26
-
27
- };
28
24
  // Return first match idxRemediation in allowed remediators
29
25
  export function getRemediator(idxRemediations, values, options) {
30
26
  var {
@@ -95,6 +91,11 @@ function getIdxMessages(idxResponse, flow) {
95
91
  var _rawIdxState$messages;
96
92
 
97
93
  var messages = [];
94
+
95
+ if (!flow) {
96
+ return messages;
97
+ }
98
+
98
99
  var {
99
100
  rawIdxState,
100
101
  neededToProceed
@@ -162,17 +163,15 @@ function handleIdxError(e, flow, remediator) {
162
163
  throw e;
163
164
  }
164
165
 
165
- function getActionFromValues(values) {
166
- var valueName = Object.keys(values).find(valueName => actionsTriggeredByValues[valueName]);
167
- return actionsTriggeredByValues[valueName];
166
+ function getActionFromValues(values, idxResponse) {
167
+ // Currently support resend actions only
168
+ return Object.keys(idxResponse.actions).find(action => !!values.resend && action.includes('-resend'));
168
169
  }
169
170
 
170
- function removeActionFromValues(values, action) {
171
- var executedActionValue = Object.keys(actionsTriggeredByValues).find(valueName => actionsTriggeredByValues[valueName] === action);
172
- return Object.keys(values).filter(valueName => valueName !== executedActionValue).reduce((newValues, valueName) => {
173
- newValues[valueName] = values[valueName];
174
- return newValues;
175
- }, {});
171
+ function removeActionFromValues(values) {
172
+ // Currently support resend actions only
173
+ values.resend = undefined;
174
+ return values;
176
175
  } // This function is called recursively until it reaches success or cannot be remediated
177
176
 
178
177
 
@@ -185,24 +184,36 @@ function _remediate() {
185
184
  var {
186
185
  neededToProceed,
187
186
  interactionCode
188
- } = idxResponse; // If the response contains an interaction code, there is no need to remediate
187
+ } = idxResponse;
188
+ var {
189
+ flow,
190
+ flowMonitor
191
+ } = options; // If the response contains an interaction code, there is no need to remediate
189
192
 
190
193
  if (interactionCode) {
191
194
  return {
192
195
  idxResponse
193
196
  };
194
- }
197
+ } // Reach to terminal state
195
198
 
196
- var {
197
- flow,
198
- flowMonitor
199
- } = options;
200
- var actionFromValues = getActionFromValues(values);
201
- var actions = [...(options.actions || []), ...(actionFromValues && [actionFromValues] || [])]; // Try actions in idxResponse first
199
+
200
+ var terminal = isTerminalResponse(idxResponse);
201
+ var messages = getIdxMessages(idxResponse, flow);
202
+
203
+ if (terminal) {
204
+ return {
205
+ terminal,
206
+ messages
207
+ };
208
+ } // Try actions in idxResponse first
209
+
210
+
211
+ var actionFromValues = getActionFromValues(values, idxResponse);
212
+ var actions = [...(options.actions || []), ...(actionFromValues && [actionFromValues] || [])];
202
213
 
203
214
  if (actions) {
204
215
  for (var action of actions) {
205
- var valuesWithoutExecutedAction = removeActionFromValues(values, action);
216
+ var valuesWithoutExecutedAction = removeActionFromValues(values);
206
217
 
207
218
  if (typeof idxResponse.actions[action] === 'function') {
208
219
  try {
@@ -257,23 +268,24 @@ function _remediate() {
257
268
  } // Reach to terminal state
258
269
 
259
270
 
260
- var terminal = isTerminalResponse(idxResponse);
261
- var messages = getIdxMessages(idxResponse, flow);
271
+ var _terminal = isTerminalResponse(idxResponse);
272
+
273
+ var _messages = getIdxMessages(idxResponse, flow);
262
274
 
263
- if (terminal) {
275
+ if (_terminal) {
264
276
  return {
265
- terminal,
266
- messages
277
+ terminal: _terminal,
278
+ messages: _messages
267
279
  };
268
280
  } // Handle idx message in nextStep
269
281
 
270
282
 
271
- if (messages.length) {
283
+ if (_messages.length) {
272
284
  var _nextStep = getNextStep(remediator, idxResponse);
273
285
 
274
286
  return {
275
287
  nextStep: _nextStep,
276
- messages
288
+ messages: _messages
277
289
  };
278
290
  } // We may want to trim the values bag for the next remediation
279
291
  // Let the remediator decide what the values should be (default to current values)
package/esm/idx/remediate.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/idx/remediate.ts"],"names":["idx","AuthSdkError","isRawIdxResponse","actionsTriggeredByValues","resend","getRemediator","idxRemediations","values","options","flow","flowMonitor","remediator","remediatorCandidates","remediation","isRemeditionInFlow","Object","keys","includes","name","T","isRemediatorCandidate","canRemediate","push","isTerminalResponse","idxResponse","neededToProceed","interactionCode","length","canSkipFn","some","canResendFn","actions","actionName","getIdxMessages","messages","rawIdxState","globalMessages","value","map","message","fieldMessages","getMessages","getNextStep","nextStep","canSkip","canResend","handleIdxError","e","idxState","makeIdxState","terminal","getActionFromValues","valueName","find","removeActionFromValues","action","executedActionValue","filter","reduce","newValues","remediate","actionFromValues","valuesWithoutExecutedAction","canceled","acc","curr","loopDetected","getName","data","getData","proceed","trackRemediations","getValuesAfterProceed"],"mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AACA,OAAOA,GAAP,MAAgB,mBAAhB;AACA,SAASC,YAAT,QAA6B,WAA7B;AAIA,SAEEC,gBAFF,QAIO,gBAJP;AAMA,IAAMC,wBAAwB,GAAG;AAC/BC,EAAAA,MAAM,EAAE,uCADuB,CACiB;;AADjB,CAAjC;AAWA;AACA,OAAO,SAASC,aAAT,CACLC,eADK,EAELC,MAFK,EAGLC,OAHK,EAIO;AACZ,MAAM;AAAEC,IAAAA,IAAF;AAAQC,IAAAA;AAAR,MAAwBF,OAA9B;AAEA,MAAIG,UAAJ;AACA,MAAMC,oBAAoB,GAAG,EAA7B;;AACA,OAAK,IAAIC,WAAT,IAAwBP,eAAxB,EAAyC;AACvC,QAAMQ,kBAAkB,GAAGC,MAAM,CAACC,IAAP,CAAYP,IAAZ,EAAkBQ,QAAlB,CAA2BJ,WAAW,CAACK,IAAvC,CAA3B;;AACA,QAAI,CAACJ,kBAAL,EAAyB;AACvB;AACD;;AAED,QAAMK,CAAC,GAAGV,IAAI,CAACI,WAAW,CAACK,IAAb,CAAd;AACAP,IAAAA,UAAU,GAAG,IAAIQ,CAAJ,CAAMN,WAAN,EAAmBN,MAAnB,CAAb;;AACA,QAAIG,WAAW,CAACU,qBAAZ,CAAkCT,UAAlC,EAA8CL,eAA9C,EAA+DC,MAA/D,CAAJ,EAA4E;AAC1E,UAAII,UAAU,CAACU,YAAX,EAAJ,EAA+B;AAC7B;AACA,eAAOV,UAAP;AACD,OAJyE,CAK1E;AACA;;;AACAC,MAAAA,oBAAoB,CAACU,IAArB,CAA0BX,UAA1B;AACD;AACF,GAtBW,CAwBZ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AAEA,SAAOC,oBAAoB,CAAC,CAAD,CAA3B;AACD;;AAED,SAASW,kBAAT,CAA4BC,WAA5B,EAAsD;AACpD,MAAM;AAAEC,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA7C;AACA,SAAO,CAACC,eAAe,CAACE,MAAjB,IAA2B,CAACD,eAAnC;AACD;;AAED,SAASE,SAAT,CAAmBJ,WAAnB,EAA6C;AAC3C,SAAOA,WAAW,CAACC,eAAZ,CAA4BI,IAA5B,CAAiC;AAAA,QAAC;AAAEX,MAAAA;AAAF,KAAD;AAAA,WAAcA,IAAI,KAAK,MAAvB;AAAA,GAAjC,CAAP;AACD;;AAED,SAASY,WAAT,CAAqBN,WAArB,EAA+C;AAC7C,SAAOT,MAAM,CAACC,IAAP,CAAYQ,WAAW,CAACO,OAAxB,EAAiCF,IAAjC,CAAsCG,UAAU,IAAIA,UAAU,CAACf,QAAX,CAAoB,QAApB,CAApD,CAAP;AACD;;AAED,SAASgB,cAAT,CACET,WADF,EAC4Bf,IAD5B,EAEgB;AAAA;;AACd,MAAIyB,QAAQ,GAAG,EAAf;AACA,MAAM;AAAEC,IAAAA,WAAF;AAAeV,IAAAA;AAAf,MAAmCD,WAAzC,CAFc,CAId;;AACA,MAAMY,cAAc,4BAAGD,WAAW,CAACD,QAAf,0DAAG,sBAAsBG,KAAtB,CAA4BC,GAA5B,CAAgCC,OAAO,IAAIA,OAA3C,CAAvB;;AACA,MAAIH,cAAJ,EAAoB;AAClBF,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGE,cAAjB,CAAX;AACD,GARa,CAUd;;;AACA,OAAK,IAAIvB,WAAT,IAAwBY,eAAxB,EAAyC;AACvC,QAAMN,CAAC,GAAGV,IAAI,CAACI,WAAW,CAACK,IAAb,CAAd;;AACA,QAAI,CAACC,CAAL,EAAQ;AACN;AACD;;AACD,QAAMR,UAAU,GAAG,IAAIQ,CAAJ,CAAMN,WAAN,CAAnB;AACA,QAAM2B,aAAa,GAAG7B,UAAU,CAAC8B,WAAX,EAAtB;;AACA,QAAID,aAAJ,EAAmB;AACjBN,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGM,aAAjB,CAAX;AACD;AACF;;AAED,SAAON,QAAP;AACD;;AAED,SAASQ,WAAT,CACE/B,UADF,EAC0Ba,WAD1B,EAEY;AACV,MAAMmB,QAAQ,GAAGhC,UAAU,CAAC+B,WAAX,EAAjB;AACA,MAAME,OAAO,GAAGhB,SAAS,CAACJ,WAAD,CAAzB;AACA,MAAMqB,SAAS,GAAGf,WAAW,CAACN,WAAD,CAA7B;AACA,uDACKmB,QADL,GAEMC,OAAO,IAAI;AAACA,IAAAA;AAAD,GAFjB,GAGMC,SAAS,IAAI;AAACA,IAAAA;AAAD,GAHnB;AAKD;;AAED,SAASC,cAAT,CAAwBC,CAAxB,EAA2BtC,IAA3B,EAAiCE,UAAjC,EAA8C;AAC5C;AACA,MAAIT,gBAAgB,CAAC6C,CAAD,CAApB,EAAyB;AACvB,QAAMC,QAAQ,GAAGhD,GAAG,CAACiD,YAAJ,CAAiBF,CAAjB,CAAjB;AACA,QAAMG,QAAQ,GAAG3B,kBAAkB,CAACyB,QAAD,CAAnC;AACA,QAAMd,QAAQ,GAAGD,cAAc,CAACe,QAAD,EAAWvC,IAAX,CAA/B;;AACA,QAAIyC,QAAJ,EAAc;AACZ,aAAO;AAAEA,QAAAA,QAAF;AAAYhB,QAAAA;AAAZ,OAAP;AACD,KAFD,MAEO;AACL,UAAMS,QAAQ,GAAGhC,UAAU,IAAI+B,WAAW,CAAC/B,UAAD,EAAaqC,QAAb,CAA1C;AACA;AACEd,QAAAA;AADF,SAEMS,QAAQ,IAAI;AAAEA,QAAAA;AAAF,OAFlB;AAID;AACF,GAf2C,CAgB5C;;;AACA,QAAMI,CAAN;AACD;;AAED,SAASI,mBAAT,CAA6B5C,MAA7B,EAAwD;AACtD,MAAM6C,SAAS,GAAGrC,MAAM,CAACC,IAAP,CAAYT,MAAZ,EAAoB8C,IAApB,CAAyBD,SAAS,IAAIjD,wBAAwB,CAACiD,SAAD,CAA9D,CAAlB;AACA,SAAOjD,wBAAwB,CAACiD,SAAD,CAA/B;AACD;;AAED,SAASE,sBAAT,CAAgC/C,MAAhC,EAAwCgD,MAAxC,EAAgD;AAC9C,MAAMC,mBAAmB,GAAGzC,MAAM,CAACC,IAAP,CAAYb,wBAAZ,EAAsCkD,IAAtC,CAC1BD,SAAS,IAAIjD,wBAAwB,CAACiD,SAAD,CAAxB,KAAwCG,MAD3B,CAA5B;AAEA,SAAOxC,MAAM,CAACC,IAAP,CAAYT,MAAZ,EAAoBkD,MAApB,CAA2BL,SAAS,IAAIA,SAAS,KAAKI,mBAAtD,EACNE,MADM,CACC,CAACC,SAAD,EAAYP,SAAZ,KAA0B;AAChCO,IAAAA,SAAS,CAACP,SAAD,CAAT,GAAuB7C,MAAM,CAAC6C,SAAD,CAA7B;AACA,WAAOO,SAAP;AACD,GAJM,EAIJ,EAJI,CAAP;AAKD,C,CAED;;;AACA,gBAAsBC,SAAtB;AAAA;AAAA;;;iCAAO,WACLpC,WADK,EAELjB,MAFK,EAGLC,OAHK,EAIyB;AAC9B,QAAI;AAAEiB,MAAAA,eAAF;AAAmBC,MAAAA;AAAnB,QAAuCF,WAA3C,CAD8B,CAE9B;;AACA,QAAIE,eAAJ,EAAqB;AACnB,aAAO;AAAEF,QAAAA;AAAF,OAAP;AACD;;AACD,QAAM;AAAEf,MAAAA,IAAF;AAAQC,MAAAA;AAAR,QAAwBF,OAA9B;AACA,QAAMqD,gBAAgB,GAAGV,mBAAmB,CAAC5C,MAAD,CAA5C;AACA,QAAMwB,OAAO,GAAG,CACd,IAAGvB,OAAO,CAACuB,OAAR,IAAmB,EAAtB,CADc,EAEd,IAAI8B,gBAAgB,IAAI,CAACA,gBAAD,CAApB,IAA0C,EAA9C,CAFc,CAAhB,CAR8B,CAa9B;;AACA,QAAI9B,OAAJ,EAAa;AACX,WAAK,IAAIwB,MAAT,IAAmBxB,OAAnB,EAA4B;AAC1B,YAAI+B,2BAA2B,GAAGR,sBAAsB,CAAC/C,MAAD,EAASgD,MAAT,CAAxD;;AACA,YAAI,OAAO/B,WAAW,CAACO,OAAZ,CAAoBwB,MAApB,CAAP,KAAuC,UAA3C,EAAuD;AACrD,cAAI;AACF/B,YAAAA,WAAW,SAASA,WAAW,CAACO,OAAZ,CAAoBwB,MAApB,GAApB;AACD,WAFD,CAEE,OAAOR,CAAP,EAAU;AACV,mBAAOD,cAAc,CAACC,CAAD,EAAItC,IAAJ,CAArB;AACD;;AACD,cAAI8C,MAAM,KAAK,QAAf,EAAyB;AACvB,mBAAO;AAAEQ,cAAAA,QAAQ,EAAE;AAAZ,aAAP;AACD;;AACD,iBAAOH,SAAS,CAACpC,WAAD,EAAcsC,2BAAd,EAA2CtD,OAA3C,CAAhB,CATqD,CASgB;AACtE;AACF;AACF;;AAED,QAAMG,UAAU,GAAGN,aAAa,CAACoB,eAAD,EAAkBlB,MAAlB,EAA0BC,OAA1B,CAAhC;;AAEA,QAAI,CAACG,UAAL,EAAiB;AACf,YAAM,IAAIV,YAAJ,mHAEawB,eAAe,CAACiC,MAAhB,CAAuB,CAACM,GAAD,EAAMC,IAAN,KAAeD,GAAG,GAAGA,GAAG,GAAG,IAAN,GAAaC,IAAI,CAAC/C,IAArB,GAA4B+C,IAAI,CAAC/C,IAA1E,EAAgF,EAAhF,CAFb,aAAN;AAID;;AAED,QAAIR,WAAW,CAACwD,YAAZ,CAAyBvD,UAAzB,CAAJ,EAA0C;AACxC,YAAM,IAAIV,YAAJ,oEAC+CU,UAAU,CAACwD,OAAX,EAD/C,YAAN;AAGD,KA5C6B,CA8C9B;AACA;;;AACA,QAAI,CAACxD,UAAU,CAACU,YAAX,EAAL,EAAgC;AAC9B,UAAMsB,QAAQ,GAAGD,WAAW,CAAC/B,UAAD,EAAaa,WAAb,CAA5B;AACA,aAAO;AAAEA,QAAAA,WAAF;AAAemB,QAAAA;AAAf,OAAP;AACD;;AAED,QAAMzB,IAAI,GAAGP,UAAU,CAACwD,OAAX,EAAb;AACA,QAAMC,IAAI,GAAGzD,UAAU,CAAC0D,OAAX,EAAb;;AACA,QAAI;AACF7C,MAAAA,WAAW,SAASA,WAAW,CAAC8C,OAAZ,CAAoBpD,IAApB,EAA0BkD,IAA1B,CAApB,CADE,CAGF;;AACA,YAAM1D,WAAW,CAAC6D,iBAAZ,CAA8BrD,IAA9B,CAAN,CAJE,CAMF;;AACA,UAAIM,WAAW,CAACE,eAAhB,EAAiC;AAC/B,eAAO;AAAEF,UAAAA;AAAF,SAAP;AACD,OATC,CAWF;;;AACA,UAAM0B,QAAQ,GAAG3B,kBAAkB,CAACC,WAAD,CAAnC;AACA,UAAMU,QAAQ,GAAGD,cAAc,CAACT,WAAD,EAAcf,IAAd,CAA/B;;AACA,UAAIyC,QAAJ,EAAc;AACZ,eAAO;AAAEA,UAAAA,QAAF;AAAYhB,UAAAA;AAAZ,SAAP;AACD,OAhBC,CAkBF;;;AACA,UAAIA,QAAQ,CAACP,MAAb,EAAqB;AACnB,YAAMgB,SAAQ,GAAGD,WAAW,CAAC/B,UAAD,EAAaa,WAAb,CAA5B;;AACA,eAAO;AAAEmB,UAAAA,QAAQ,EAARA,SAAF;AAAYT,UAAAA;AAAZ,SAAP;AACD,OAtBC,CAwBF;AACA;;;AACA3B,MAAAA,MAAM,GAAGI,UAAU,CAAC6D,qBAAX,EAAT;AACA,aAAOZ,SAAS,CAACpC,WAAD,EAAcjB,MAAd,EAAsBC,OAAtB,CAAhB,CA3BE,CA2B8C;AACjD,KA5BD,CA4BE,OAAOuC,CAAP,EAAU;AACV,aAAOD,cAAc,CAACC,CAAD,EAAItC,IAAJ,EAAUE,UAAV,CAArB;AACD;AACF,G","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, max-depth, complexity */\nimport idx from '@okta/okta-idx-js';\nimport { AuthSdkError } from '../errors';\nimport { Remediator, RemediationValues } from './remediators';\nimport { RunOptions, RemediationFlow } from './run';\nimport { NextStep, IdxMessage } from './types';\nimport { \n IdxResponse, \n isRawIdxResponse, \n IdxRemediation, \n} from './types/idx-js';\n\nconst actionsTriggeredByValues = {\n resend: 'currentAuthenticatorEnrollment-resend' // assuming only one '-resend' action is present in response\n};\n\ninterface RemediationResponse {\n idxResponse?: IdxResponse;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n terminal?: boolean;\n canceled?: boolean;\n}\n// Return first match idxRemediation in allowed remediators\nexport function getRemediator(\n idxRemediations: IdxRemediation[],\n values: RemediationValues,\n options: RunOptions,\n): Remediator {\n const { flow, flowMonitor } = options;\n\n let remediator;\n const remediatorCandidates = [];\n for (let remediation of idxRemediations) {\n const isRemeditionInFlow = Object.keys(flow).includes(remediation.name);\n if (!isRemeditionInFlow) {\n continue;\n }\n \n const T = flow[remediation.name];\n remediator = new T(remediation, values);\n if (flowMonitor.isRemediatorCandidate(remediator, idxRemediations, values)) {\n if (remediator.canRemediate()) {\n // found the remediator\n return remediator;\n }\n // remediator cannot handle the current values\n // maybe return for next step\n remediatorCandidates.push(remediator); \n }\n }\n \n // TODO: why is it a problem to have multiple remediations? \n // JIRA: https://oktainc.atlassian.net/browse/OKTA-400758\n // if (remediatorCandidates.length > 1) {\n // const remediationNames = remediatorCandidates.reduce((acc, curr) => {\n // const name = curr.getName();\n // return acc ? `${acc}, ${name}` : name;\n // }, '');\n // throw new AuthSdkError(`\n // More than one remediation can match the current input, remediations: ${remediationNames}\n // `);\n // }\n\n return remediatorCandidates[0];\n}\n\nfunction isTerminalResponse(idxResponse: IdxResponse) {\n const { neededToProceed, interactionCode } = idxResponse;\n return !neededToProceed.length && !interactionCode;\n}\n\nfunction canSkipFn(idxResponse: IdxResponse) {\n return idxResponse.neededToProceed.some(({ name }) => name === 'skip');\n}\n\nfunction canResendFn(idxResponse: IdxResponse) {\n return Object.keys(idxResponse.actions).some(actionName => actionName.includes('resend'));\n}\n\nfunction getIdxMessages(\n idxResponse: IdxResponse, flow: RemediationFlow\n): IdxMessage[] {\n let messages = [];\n const { rawIdxState, neededToProceed } = idxResponse;\n\n // Handle global messages\n const globalMessages = rawIdxState.messages?.value.map(message => message);\n if (globalMessages) {\n messages = [...messages, ...globalMessages];\n }\n\n // Handle field messages for current flow\n for (let remediation of neededToProceed) {\n const T = flow[remediation.name];\n if (!T) {\n continue;\n }\n const remediator = new T(remediation);\n const fieldMessages = remediator.getMessages();\n if (fieldMessages) {\n messages = [...messages, ...fieldMessages];\n }\n }\n\n return messages;\n}\n\nfunction getNextStep(\n remediator: Remediator, idxResponse: IdxResponse\n): NextStep {\n const nextStep = remediator.getNextStep();\n const canSkip = canSkipFn(idxResponse);\n const canResend = canResendFn(idxResponse);\n return {\n ...nextStep,\n ...(canSkip && {canSkip}),\n ...(canResend && {canResend}),\n };\n}\n\nfunction handleIdxError(e, flow, remediator?) {\n // Handle idx messages\n if (isRawIdxResponse(e)) {\n const idxState = idx.makeIdxState(e);\n const terminal = isTerminalResponse(idxState);\n const messages = getIdxMessages(idxState, flow);\n if (terminal) {\n return { terminal, messages };\n } else {\n const nextStep = remediator && getNextStep(remediator, idxState);\n return { \n messages, \n ...(nextStep && { nextStep }) \n };\n }\n }\n // Thrown error terminates the interaction with idx\n throw e;\n}\n\nfunction getActionFromValues(values): string | undefined{\n const valueName = Object.keys(values).find(valueName => actionsTriggeredByValues[valueName]);\n return actionsTriggeredByValues[valueName];\n}\n\nfunction removeActionFromValues(values, action) {\n const executedActionValue = Object.keys(actionsTriggeredByValues).find(\n valueName => actionsTriggeredByValues[valueName] === action);\n return Object.keys(values).filter(valueName => valueName !== executedActionValue)\n .reduce((newValues, valueName) => {\n newValues[valueName] = values[valueName];\n return newValues;\n }, {});\n}\n\n// This function is called recursively until it reaches success or cannot be remediated\nexport async function remediate(\n idxResponse: IdxResponse,\n values: RemediationValues,\n options: RunOptions\n): Promise<RemediationResponse> {\n let { neededToProceed, interactionCode } = idxResponse;\n // If the response contains an interaction code, there is no need to remediate\n if (interactionCode) {\n return { idxResponse };\n }\n const { flow, flowMonitor } = options;\n const actionFromValues = getActionFromValues(values);\n const actions = [\n ...options.actions || [],\n ...(actionFromValues && [actionFromValues] || []),\n ];\n\n // Try actions in idxResponse first\n if (actions) {\n for (let action of actions) {\n let valuesWithoutExecutedAction = removeActionFromValues(values, action);\n if (typeof idxResponse.actions[action] === 'function') {\n try {\n idxResponse = await idxResponse.actions[action]();\n } catch (e) {\n return handleIdxError(e, flow);\n }\n if (action === 'cancel') {\n return { canceled: true };\n }\n return remediate(idxResponse, valuesWithoutExecutedAction, options); // recursive call\n }\n }\n }\n\n const remediator = getRemediator(neededToProceed, values, options);\n \n if (!remediator) {\n throw new AuthSdkError(`\n No remediation can match current flow, check policy settings in your org.\n Remediations: [${neededToProceed.reduce((acc, curr) => acc ? acc + ' ,' + curr.name : curr.name, '')}]\n `);\n }\n\n if (flowMonitor.loopDetected(remediator)) {\n throw new AuthSdkError(`\n Remediation run into loop, break!!! remediation: ${remediator.getName()}\n `);\n }\n\n // Recursive loop breaker\n // Return next step to the caller\n if (!remediator.canRemediate()) {\n const nextStep = getNextStep(remediator, idxResponse);\n return { idxResponse, nextStep };\n }\n\n const name = remediator.getName();\n const data = remediator.getData();\n try {\n idxResponse = await idxResponse.proceed(name, data);\n\n // Track succeed remediations in the current transaction\n await flowMonitor.trackRemediations(name);\n \n // Successfully get interaction code\n if (idxResponse.interactionCode) {\n return { idxResponse };\n }\n\n // Reach to terminal state\n const terminal = isTerminalResponse(idxResponse);\n const messages = getIdxMessages(idxResponse, flow);\n if (terminal) {\n return { terminal, messages };\n }\n\n // Handle idx message in nextStep\n if (messages.length) {\n const nextStep = getNextStep(remediator, idxResponse);\n return { nextStep, messages };\n }\n \n // We may want to trim the values bag for the next remediation\n // Let the remediator decide what the values should be (default to current values)\n values = remediator.getValuesAfterProceed();\n return remediate(idxResponse, values, options); // recursive call\n } catch (e) {\n return handleIdxError(e, flow, remediator);\n }\n}\n"],"file":"remediate.js"}
1
+ {"version":3,"sources":["../../../lib/idx/remediate.ts"],"names":["idx","AuthSdkError","isRawIdxResponse","getRemediator","idxRemediations","values","options","flow","flowMonitor","remediator","remediatorCandidates","remediation","isRemeditionInFlow","Object","keys","includes","name","T","isRemediatorCandidate","canRemediate","push","isTerminalResponse","idxResponse","neededToProceed","interactionCode","length","canSkipFn","some","canResendFn","actions","actionName","getIdxMessages","messages","rawIdxState","globalMessages","value","map","message","fieldMessages","getMessages","getNextStep","nextStep","canSkip","canResend","handleIdxError","e","idxState","makeIdxState","terminal","getActionFromValues","find","action","resend","removeActionFromValues","undefined","remediate","actionFromValues","valuesWithoutExecutedAction","canceled","reduce","acc","curr","loopDetected","getName","data","getData","proceed","trackRemediations","getValuesAfterProceed"],"mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AACA,OAAOA,GAAP,MAAgB,mBAAhB;AACA,SAASC,YAAT,QAA6B,WAA7B;AAIA,SAEEC,gBAFF,QAIO,gBAJP;AAaA;AACA,OAAO,SAASC,aAAT,CACLC,eADK,EAELC,MAFK,EAGLC,OAHK,EAIO;AACZ,MAAM;AAAEC,IAAAA,IAAF;AAAQC,IAAAA;AAAR,MAAwBF,OAA9B;AAEA,MAAIG,UAAJ;AACA,MAAMC,oBAAoB,GAAG,EAA7B;;AACA,OAAK,IAAIC,WAAT,IAAwBP,eAAxB,EAAyC;AACvC,QAAMQ,kBAAkB,GAAGC,MAAM,CAACC,IAAP,CAAYP,IAAZ,EAAkBQ,QAAlB,CAA2BJ,WAAW,CAACK,IAAvC,CAA3B;;AACA,QAAI,CAACJ,kBAAL,EAAyB;AACvB;AACD;;AAED,QAAMK,CAAC,GAAGV,IAAI,CAACI,WAAW,CAACK,IAAb,CAAd;AACAP,IAAAA,UAAU,GAAG,IAAIQ,CAAJ,CAAMN,WAAN,EAAmBN,MAAnB,CAAb;;AACA,QAAIG,WAAW,CAACU,qBAAZ,CAAkCT,UAAlC,EAA8CL,eAA9C,EAA+DC,MAA/D,CAAJ,EAA4E;AAC1E,UAAII,UAAU,CAACU,YAAX,EAAJ,EAA+B;AAC7B;AACA,eAAOV,UAAP;AACD,OAJyE,CAK1E;AACA;;;AACAC,MAAAA,oBAAoB,CAACU,IAArB,CAA0BX,UAA1B;AACD;AACF,GAtBW,CAwBZ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AAEA,SAAOC,oBAAoB,CAAC,CAAD,CAA3B;AACD;;AAED,SAASW,kBAAT,CAA4BC,WAA5B,EAAsD;AACpD,MAAM;AAAEC,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA7C;AACA,SAAO,CAACC,eAAe,CAACE,MAAjB,IAA2B,CAACD,eAAnC;AACD;;AAED,SAASE,SAAT,CAAmBJ,WAAnB,EAA6C;AAC3C,SAAOA,WAAW,CAACC,eAAZ,CAA4BI,IAA5B,CAAiC;AAAA,QAAC;AAAEX,MAAAA;AAAF,KAAD;AAAA,WAAcA,IAAI,KAAK,MAAvB;AAAA,GAAjC,CAAP;AACD;;AAED,SAASY,WAAT,CAAqBN,WAArB,EAA+C;AAC7C,SAAOT,MAAM,CAACC,IAAP,CAAYQ,WAAW,CAACO,OAAxB,EAAiCF,IAAjC,CAAsCG,UAAU,IAAIA,UAAU,CAACf,QAAX,CAAoB,QAApB,CAApD,CAAP;AACD;;AAED,SAASgB,cAAT,CACET,WADF,EAC4Bf,IAD5B,EAEgB;AAAA;;AACd,MAAIyB,QAAQ,GAAG,EAAf;;AACA,MAAI,CAACzB,IAAL,EAAW;AACT,WAAOyB,QAAP;AACD;;AAED,MAAM;AAAEC,IAAAA,WAAF;AAAeV,IAAAA;AAAf,MAAmCD,WAAzC,CANc,CAQd;;AACA,MAAMY,cAAc,4BAAGD,WAAW,CAACD,QAAf,0DAAG,sBAAsBG,KAAtB,CAA4BC,GAA5B,CAAgCC,OAAO,IAAIA,OAA3C,CAAvB;;AACA,MAAIH,cAAJ,EAAoB;AAClBF,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGE,cAAjB,CAAX;AACD,GAZa,CAcd;;;AACA,OAAK,IAAIvB,WAAT,IAAwBY,eAAxB,EAAyC;AACvC,QAAMN,CAAC,GAAGV,IAAI,CAACI,WAAW,CAACK,IAAb,CAAd;;AACA,QAAI,CAACC,CAAL,EAAQ;AACN;AACD;;AACD,QAAMR,UAAU,GAAG,IAAIQ,CAAJ,CAAMN,WAAN,CAAnB;AACA,QAAM2B,aAAa,GAAG7B,UAAU,CAAC8B,WAAX,EAAtB;;AACA,QAAID,aAAJ,EAAmB;AACjBN,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGM,aAAjB,CAAX;AACD;AACF;;AAED,SAAON,QAAP;AACD;;AAED,SAASQ,WAAT,CACE/B,UADF,EAC0Ba,WAD1B,EAEY;AACV,MAAMmB,QAAQ,GAAGhC,UAAU,CAAC+B,WAAX,EAAjB;AACA,MAAME,OAAO,GAAGhB,SAAS,CAACJ,WAAD,CAAzB;AACA,MAAMqB,SAAS,GAAGf,WAAW,CAACN,WAAD,CAA7B;AACA,uDACKmB,QADL,GAEMC,OAAO,IAAI;AAACA,IAAAA;AAAD,GAFjB,GAGMC,SAAS,IAAI;AAACA,IAAAA;AAAD,GAHnB;AAKD;;AAED,SAASC,cAAT,CAAwBC,CAAxB,EAA2BtC,IAA3B,EAAiCE,UAAjC,EAA8C;AAC5C;AACA,MAAIP,gBAAgB,CAAC2C,CAAD,CAApB,EAAyB;AACvB,QAAMC,QAAQ,GAAG9C,GAAG,CAAC+C,YAAJ,CAAiBF,CAAjB,CAAjB;AACA,QAAMG,QAAQ,GAAG3B,kBAAkB,CAACyB,QAAD,CAAnC;AACA,QAAMd,QAAQ,GAAGD,cAAc,CAACe,QAAD,EAAWvC,IAAX,CAA/B;;AACA,QAAIyC,QAAJ,EAAc;AACZ,aAAO;AAAEA,QAAAA,QAAF;AAAYhB,QAAAA;AAAZ,OAAP;AACD,KAFD,MAEO;AACL,UAAMS,QAAQ,GAAGhC,UAAU,IAAI+B,WAAW,CAAC/B,UAAD,EAAaqC,QAAb,CAA1C;AACA;AACEd,QAAAA;AADF,SAEMS,QAAQ,IAAI;AAAEA,QAAAA;AAAF,OAFlB;AAID;AACF,GAf2C,CAgB5C;;;AACA,QAAMI,CAAN;AACD;;AAED,SAASI,mBAAT,CAA6B5C,MAA7B,EAAqCiB,WAArC,EAAmF;AACjF;AACA,SAAOT,MAAM,CAACC,IAAP,CAAYQ,WAAW,CAACO,OAAxB,EAAiCqB,IAAjC,CAAsCC,MAAM,IAAI,CAAC,CAAC9C,MAAM,CAAC+C,MAAT,IAAmBD,MAAM,CAACpC,QAAP,CAAgB,SAAhB,CAAnE,CAAP;AACD;;AAED,SAASsC,sBAAT,CAAgChD,MAAhC,EAAwC;AACtC;AACAA,EAAAA,MAAM,CAAC+C,MAAP,GAAgBE,SAAhB;AACA,SAAOjD,MAAP;AACD,C,CAED;;;AACA,gBAAsBkD,SAAtB;AAAA;AAAA;;;iCAAO,WACLjC,WADK,EAELjB,MAFK,EAGLC,OAHK,EAIyB;AAC9B,QAAI;AAAEiB,MAAAA,eAAF;AAAmBC,MAAAA;AAAnB,QAAuCF,WAA3C;AACA,QAAM;AAAEf,MAAAA,IAAF;AAAQC,MAAAA;AAAR,QAAwBF,OAA9B,CAF8B,CAI9B;;AACA,QAAIkB,eAAJ,EAAqB;AACnB,aAAO;AAAEF,QAAAA;AAAF,OAAP;AACD,KAP6B,CAS9B;;;AACA,QAAM0B,QAAQ,GAAG3B,kBAAkB,CAACC,WAAD,CAAnC;AACA,QAAMU,QAAQ,GAAGD,cAAc,CAACT,WAAD,EAAcf,IAAd,CAA/B;;AACA,QAAIyC,QAAJ,EAAc;AACZ,aAAO;AAAEA,QAAAA,QAAF;AAAYhB,QAAAA;AAAZ,OAAP;AACD,KAd6B,CAgB9B;;;AACA,QAAMwB,gBAAgB,GAAGP,mBAAmB,CAAC5C,MAAD,EAASiB,WAAT,CAA5C;AACA,QAAMO,OAAO,GAAG,CACd,IAAGvB,OAAO,CAACuB,OAAR,IAAmB,EAAtB,CADc,EAEd,IAAI2B,gBAAgB,IAAI,CAACA,gBAAD,CAApB,IAA0C,EAA9C,CAFc,CAAhB;;AAIA,QAAI3B,OAAJ,EAAa;AACX,WAAK,IAAIsB,MAAT,IAAmBtB,OAAnB,EAA4B;AAC1B,YAAI4B,2BAA2B,GAAGJ,sBAAsB,CAAChD,MAAD,CAAxD;;AACA,YAAI,OAAOiB,WAAW,CAACO,OAAZ,CAAoBsB,MAApB,CAAP,KAAuC,UAA3C,EAAuD;AACrD,cAAI;AACF7B,YAAAA,WAAW,SAASA,WAAW,CAACO,OAAZ,CAAoBsB,MAApB,GAApB;AACD,WAFD,CAEE,OAAON,CAAP,EAAU;AACV,mBAAOD,cAAc,CAACC,CAAD,EAAItC,IAAJ,CAArB;AACD;;AACD,cAAI4C,MAAM,KAAK,QAAf,EAAyB;AACvB,mBAAO;AAAEO,cAAAA,QAAQ,EAAE;AAAZ,aAAP;AACD;;AACD,iBAAOH,SAAS,CAACjC,WAAD,EAAcmC,2BAAd,EAA2CnD,OAA3C,CAAhB,CATqD,CASgB;AACtE;AACF;AACF;;AAED,QAAMG,UAAU,GAAGN,aAAa,CAACoB,eAAD,EAAkBlB,MAAlB,EAA0BC,OAA1B,CAAhC;;AAEA,QAAI,CAACG,UAAL,EAAiB;AACf,YAAM,IAAIR,YAAJ,mHAEasB,eAAe,CAACoC,MAAhB,CAAuB,CAACC,GAAD,EAAMC,IAAN,KAAeD,GAAG,GAAGA,GAAG,GAAG,IAAN,GAAaC,IAAI,CAAC7C,IAArB,GAA4B6C,IAAI,CAAC7C,IAA1E,EAAgF,EAAhF,CAFb,aAAN;AAID;;AAED,QAAIR,WAAW,CAACsD,YAAZ,CAAyBrD,UAAzB,CAAJ,EAA0C;AACxC,YAAM,IAAIR,YAAJ,oEAC+CQ,UAAU,CAACsD,OAAX,EAD/C,YAAN;AAGD,KApD6B,CAsD9B;AACA;;;AACA,QAAI,CAACtD,UAAU,CAACU,YAAX,EAAL,EAAgC;AAC9B,UAAMsB,QAAQ,GAAGD,WAAW,CAAC/B,UAAD,EAAaa,WAAb,CAA5B;AACA,aAAO;AAAEA,QAAAA,WAAF;AAAemB,QAAAA;AAAf,OAAP;AACD;;AAED,QAAMzB,IAAI,GAAGP,UAAU,CAACsD,OAAX,EAAb;AACA,QAAMC,IAAI,GAAGvD,UAAU,CAACwD,OAAX,EAAb;;AACA,QAAI;AACF3C,MAAAA,WAAW,SAASA,WAAW,CAAC4C,OAAZ,CAAoBlD,IAApB,EAA0BgD,IAA1B,CAApB,CADE,CAGF;;AACA,YAAMxD,WAAW,CAAC2D,iBAAZ,CAA8BnD,IAA9B,CAAN,CAJE,CAMF;;AACA,UAAIM,WAAW,CAACE,eAAhB,EAAiC;AAC/B,eAAO;AAAEF,UAAAA;AAAF,SAAP;AACD,OATC,CAWF;;;AACA,UAAM0B,SAAQ,GAAG3B,kBAAkB,CAACC,WAAD,CAAnC;;AACA,UAAMU,SAAQ,GAAGD,cAAc,CAACT,WAAD,EAAcf,IAAd,CAA/B;;AACA,UAAIyC,SAAJ,EAAc;AACZ,eAAO;AAAEA,UAAAA,QAAQ,EAARA,SAAF;AAAYhB,UAAAA,QAAQ,EAARA;AAAZ,SAAP;AACD,OAhBC,CAkBF;;;AACA,UAAIA,SAAQ,CAACP,MAAb,EAAqB;AACnB,YAAMgB,SAAQ,GAAGD,WAAW,CAAC/B,UAAD,EAAaa,WAAb,CAA5B;;AACA,eAAO;AAAEmB,UAAAA,QAAQ,EAARA,SAAF;AAAYT,UAAAA,QAAQ,EAARA;AAAZ,SAAP;AACD,OAtBC,CAwBF;AACA;;;AACA3B,MAAAA,MAAM,GAAGI,UAAU,CAAC2D,qBAAX,EAAT;AACA,aAAOb,SAAS,CAACjC,WAAD,EAAcjB,MAAd,EAAsBC,OAAtB,CAAhB,CA3BE,CA2B8C;AACjD,KA5BD,CA4BE,OAAOuC,CAAP,EAAU;AACV,aAAOD,cAAc,CAACC,CAAD,EAAItC,IAAJ,EAAUE,UAAV,CAArB;AACD;AACF,G","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, max-depth, complexity */\nimport idx from '@okta/okta-idx-js';\nimport { AuthSdkError } from '../errors';\nimport { Remediator, RemediationValues } from './remediators';\nimport { RunOptions, RemediationFlow } from './run';\nimport { NextStep, IdxMessage } from './types';\nimport { \n IdxResponse, \n isRawIdxResponse, \n IdxRemediation, \n} from './types/idx-js';\n\ninterface RemediationResponse {\n idxResponse?: IdxResponse;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n terminal?: boolean;\n canceled?: boolean;\n}\n// Return first match idxRemediation in allowed remediators\nexport function getRemediator(\n idxRemediations: IdxRemediation[],\n values: RemediationValues,\n options: RunOptions,\n): Remediator {\n const { flow, flowMonitor } = options;\n\n let remediator;\n const remediatorCandidates = [];\n for (let remediation of idxRemediations) {\n const isRemeditionInFlow = Object.keys(flow).includes(remediation.name);\n if (!isRemeditionInFlow) {\n continue;\n }\n \n const T = flow[remediation.name];\n remediator = new T(remediation, values);\n if (flowMonitor.isRemediatorCandidate(remediator, idxRemediations, values)) {\n if (remediator.canRemediate()) {\n // found the remediator\n return remediator;\n }\n // remediator cannot handle the current values\n // maybe return for next step\n remediatorCandidates.push(remediator); \n }\n }\n \n // TODO: why is it a problem to have multiple remediations? \n // JIRA: https://oktainc.atlassian.net/browse/OKTA-400758\n // if (remediatorCandidates.length > 1) {\n // const remediationNames = remediatorCandidates.reduce((acc, curr) => {\n // const name = curr.getName();\n // return acc ? `${acc}, ${name}` : name;\n // }, '');\n // throw new AuthSdkError(`\n // More than one remediation can match the current input, remediations: ${remediationNames}\n // `);\n // }\n\n return remediatorCandidates[0];\n}\n\nfunction isTerminalResponse(idxResponse: IdxResponse) {\n const { neededToProceed, interactionCode } = idxResponse;\n return !neededToProceed.length && !interactionCode;\n}\n\nfunction canSkipFn(idxResponse: IdxResponse) {\n return idxResponse.neededToProceed.some(({ name }) => name === 'skip');\n}\n\nfunction canResendFn(idxResponse: IdxResponse) {\n return Object.keys(idxResponse.actions).some(actionName => actionName.includes('resend'));\n}\n\nfunction getIdxMessages(\n idxResponse: IdxResponse, flow: RemediationFlow\n): IdxMessage[] {\n let messages = [];\n if (!flow) {\n return messages;\n }\n\n const { rawIdxState, neededToProceed } = idxResponse;\n\n // Handle global messages\n const globalMessages = rawIdxState.messages?.value.map(message => message);\n if (globalMessages) {\n messages = [...messages, ...globalMessages];\n }\n\n // Handle field messages for current flow\n for (let remediation of neededToProceed) {\n const T = flow[remediation.name];\n if (!T) {\n continue;\n }\n const remediator = new T(remediation);\n const fieldMessages = remediator.getMessages();\n if (fieldMessages) {\n messages = [...messages, ...fieldMessages];\n }\n }\n\n return messages;\n}\n\nfunction getNextStep(\n remediator: Remediator, idxResponse: IdxResponse\n): NextStep {\n const nextStep = remediator.getNextStep();\n const canSkip = canSkipFn(idxResponse);\n const canResend = canResendFn(idxResponse);\n return {\n ...nextStep,\n ...(canSkip && {canSkip}),\n ...(canResend && {canResend}),\n };\n}\n\nfunction handleIdxError(e, flow, remediator?) {\n // Handle idx messages\n if (isRawIdxResponse(e)) {\n const idxState = idx.makeIdxState(e);\n const terminal = isTerminalResponse(idxState);\n const messages = getIdxMessages(idxState, flow);\n if (terminal) {\n return { terminal, messages };\n } else {\n const nextStep = remediator && getNextStep(remediator, idxState);\n return { \n messages, \n ...(nextStep && { nextStep }) \n };\n }\n }\n // Thrown error terminates the interaction with idx\n throw e;\n}\n\nfunction getActionFromValues(values, idxResponse: IdxResponse): string | undefined {\n // Currently support resend actions only\n return Object.keys(idxResponse.actions).find(action => !!values.resend && action.includes('-resend'));\n}\n\nfunction removeActionFromValues(values) {\n // Currently support resend actions only\n values.resend = undefined;\n return values;\n}\n\n// This function is called recursively until it reaches success or cannot be remediated\nexport async function remediate(\n idxResponse: IdxResponse,\n values: RemediationValues,\n options: RunOptions\n): Promise<RemediationResponse> {\n let { neededToProceed, interactionCode } = idxResponse;\n const { flow, flowMonitor } = options;\n\n // If the response contains an interaction code, there is no need to remediate\n if (interactionCode) {\n return { idxResponse };\n }\n\n // Reach to terminal state\n const terminal = isTerminalResponse(idxResponse);\n const messages = getIdxMessages(idxResponse, flow);\n if (terminal) {\n return { terminal, messages };\n }\n \n // Try actions in idxResponse first\n const actionFromValues = getActionFromValues(values, idxResponse);\n const actions = [\n ...options.actions || [],\n ...(actionFromValues && [actionFromValues] || []),\n ];\n if (actions) {\n for (let action of actions) {\n let valuesWithoutExecutedAction = removeActionFromValues(values);\n if (typeof idxResponse.actions[action] === 'function') {\n try {\n idxResponse = await idxResponse.actions[action]();\n } catch (e) {\n return handleIdxError(e, flow);\n }\n if (action === 'cancel') {\n return { canceled: true };\n }\n return remediate(idxResponse, valuesWithoutExecutedAction, options); // recursive call\n }\n }\n }\n\n const remediator = getRemediator(neededToProceed, values, options);\n \n if (!remediator) {\n throw new AuthSdkError(`\n No remediation can match current flow, check policy settings in your org.\n Remediations: [${neededToProceed.reduce((acc, curr) => acc ? acc + ' ,' + curr.name : curr.name, '')}]\n `);\n }\n\n if (flowMonitor.loopDetected(remediator)) {\n throw new AuthSdkError(`\n Remediation run into loop, break!!! remediation: ${remediator.getName()}\n `);\n }\n\n // Recursive loop breaker\n // Return next step to the caller\n if (!remediator.canRemediate()) {\n const nextStep = getNextStep(remediator, idxResponse);\n return { idxResponse, nextStep };\n }\n\n const name = remediator.getName();\n const data = remediator.getData();\n try {\n idxResponse = await idxResponse.proceed(name, data);\n\n // Track succeed remediations in the current transaction\n await flowMonitor.trackRemediations(name);\n \n // Successfully get interaction code\n if (idxResponse.interactionCode) {\n return { idxResponse };\n }\n\n // Reach to terminal state\n const terminal = isTerminalResponse(idxResponse);\n const messages = getIdxMessages(idxResponse, flow);\n if (terminal) {\n return { terminal, messages };\n }\n\n // Handle idx message in nextStep\n if (messages.length) {\n const nextStep = getNextStep(remediator, idxResponse);\n return { nextStep, messages };\n }\n \n // We may want to trim the values bag for the next remediation\n // Let the remediator decide what the values should be (default to current values)\n values = remediator.getValuesAfterProceed();\n return remediate(idxResponse, values, options); // recursive call\n } catch (e) {\n return handleIdxError(e, flow, remediator);\n }\n}\n"],"file":"remediate.js"}