@okta/okta-auth-js 5.5.0 → 5.9.0

package/esm/TransactionManager.js

@@ -1,289 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * 
- * See the License for the specific language governing permissions and limitations under the License.
- */
-import { AuthSdkError } from './errors';
-import { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';
-import { isTransactionMeta, isOAuthTransactionMeta } from './types';
-import { isRawIdxResponse } from './idx/types/idx-js';
-import { warn } from './util';
-export default class TransactionManager {
-  constructor(options) {
-    this.storageManager = options.storageManager;
-    this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;
-    this.saveNonceCookie = options.saveNonceCookie === false ? false : true;
-    this.saveStateCookie = options.saveStateCookie === false ? false : true;
-    this.saveParamsCookie = options.saveParamsCookie === false ? false : true;
-    this.options = options;
-  }
-
-  clear() {
-    var options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-    var transactionStorage = this.storageManager.getTransactionStorage();
-    transactionStorage.clearStorage();
-    var idxStateStorage = this.storageManager.getIdxResponseStorage();
-    idxStateStorage === null || idxStateStorage === void 0 ? void 0 : idxStateStorage.clearStorage();
-
-    if (!this.legacyWidgetSupport) {
-      return;
-    } // This is for compatibility with older versions of the signin widget. OKTA-304806
-
-
-    if (options.oauth) {
-      this.clearLegacyOAuthParams();
-    }
-
-    if (options.pkce) {
-      this.clearLegacyPKCE();
-    }
-  } // eslint-disable-next-line complexity
-
-
-  save(meta) {
-    var options = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
-    // There must be only one transaction executing at a time.
-    // Before saving, check to see if a transaction is already stored.
-    // An existing transaction indicates a concurrency/race/overlap condition
-    var storage = this.storageManager.getTransactionStorage();
-    var obj = storage.getStorage();
-
-    if (isTransactionMeta(obj)) {
-      // eslint-disable-next-line max-len
-      warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');
-    }
-
-    storage.setStorage(meta);
-
-    if (!options.oauth) {
-      return;
-    }
-
-    if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {
-      var cookieStorage = this.storageManager.getStorage({
-        storageType: 'cookie'
-      });
-
-      if (this.saveParamsCookie) {
-        var {
-          responseType,
-          state,
-          nonce,
-          scopes,
-          clientId,
-          urls,
-          ignoreSignature
-        } = meta;
-        var oauthParams = {
-          responseType,
-          state,
-          nonce,
-          scopes,
-          clientId,
-          urls,
-          ignoreSignature
-        };
-        cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);
-      }
-
-      if (this.saveNonceCookie && meta.nonce) {
-        // Set nonce cookie for servers to validate nonce in id_token
-        cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);
-      }
-
-      if (this.saveStateCookie && meta.state) {
-        // Set state cookie for servers to validate state
-        cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);
-      }
-    }
-  }
-
-  exists() {
-    var options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-
-    try {
-      var meta = this.load(options);
-      return !!meta;
-    } catch (_unused) {
-      return false;
-    }
-  } // load transaction meta from storage
-
-
-  load() {
-    var options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-    var storage = this.storageManager.getTransactionStorage();
-    var meta = storage.getStorage();
-
-    if (isTransactionMeta(meta)) {
-      // if we have meta in the new location, there is no need to go further
-      return meta;
-    }
-
-    if (!this.legacyWidgetSupport) {
-      return null;
-    } // This is for compatibility with older versions of the signin widget. OKTA-304806
-
-
-    if (options.oauth) {
-      try {
-        var oauthParams = this.loadLegacyOAuthParams();
-        Object.assign(meta, oauthParams);
-      } finally {
-        this.clearLegacyOAuthParams();
-      }
-    }
-
-    if (options.pkce) {
-      try {
-        var pkceMeta = this.loadLegacyPKCE();
-        Object.assign(meta, pkceMeta);
-      } finally {
-        this.clearLegacyPKCE();
-      }
-    }
-
-    if (isTransactionMeta(meta)) {
-      return meta;
-    }
-
-    return null;
-  } // This is for compatibility with older versions of the signin widget. OKTA-304806
-
-
-  clearLegacyPKCE() {
-    // clear storages
-    var storage;
-
-    if (this.storageManager.storageUtil.testStorageType('localStorage')) {
-      storage = this.storageManager.getLegacyPKCEStorage({
-        storageType: 'localStorage'
-      });
-      storage.clearStorage();
-    }
-
-    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {
-      storage = this.storageManager.getLegacyPKCEStorage({
-        storageType: 'sessionStorage'
-      });
-      storage.clearStorage();
-    }
-  }
-
-  loadLegacyPKCE() {
-    var storage;
-    var obj; // Try reading from localStorage first.
-
-    if (this.storageManager.storageUtil.testStorageType('localStorage')) {
-      storage = this.storageManager.getLegacyPKCEStorage({
-        storageType: 'localStorage'
-      });
-      obj = storage.getStorage();
-
-      if (obj && obj.codeVerifier) {
-        return obj;
-      }
-    } // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.
-
-
-    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {
-      storage = this.storageManager.getLegacyPKCEStorage({
-        storageType: 'sessionStorage'
-      });
-      obj = storage.getStorage();
-
-      if (obj && obj.codeVerifier) {
-        return obj;
-      }
-    } // If meta is not valid, throw an exception to avoid misleading server-side error
-    // The most likely cause of this error is trying to handle a callback twice
-    // eslint-disable-next-line max-len
-
-
-    throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);
-  }
-
-  clearLegacyOAuthParams() {
-    // clear storages
-    var storage;
-
-    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {
-      storage = this.storageManager.getLegacyOAuthParamsStorage({
-        storageType: 'sessionStorage'
-      });
-      storage.clearStorage();
-    }
-
-    if (this.storageManager.storageUtil.testStorageType('cookie')) {
-      storage = this.storageManager.getLegacyOAuthParamsStorage({
-        storageType: 'cookie'
-      });
-      storage.clearStorage();
-    }
-  }
-
-  loadLegacyOAuthParams() {
-    var storage;
-    var oauthParams; // load first from session storage
-
-    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {
-      storage = this.storageManager.getLegacyOAuthParamsStorage({
-        storageType: 'sessionStorage'
-      });
-      oauthParams = storage.getStorage();
-    }
-
-    if (isOAuthTransactionMeta(oauthParams)) {
-      return oauthParams;
-    } // try to load from cookie
-
-
-    if (this.storageManager.storageUtil.testStorageType('cookie')) {
-      storage = this.storageManager.getLegacyOAuthParamsStorage({
-        storageType: 'cookie'
-      });
-      oauthParams = storage.getStorage();
-    }
-
-    if (isOAuthTransactionMeta(oauthParams)) {
-      return oauthParams;
-    }
-
-    throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage'); // Something is there but we don't recognize it
-    // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');
-  }
-
-  saveIdxResponse(idxResponse) {
-    var storage = this.storageManager.getIdxResponseStorage();
-
-    if (!storage) {
-      return;
-    }
-
-    storage.setStorage(idxResponse);
-  }
-
-  loadIdxResponse() {
-    var storage = this.storageManager.getIdxResponseStorage();
-
-    if (!storage) {
-      return null;
-    }
-
-    var idxResponse = storage.getStorage();
-
-    if (!isRawIdxResponse(idxResponse)) {
-      return null;
-    }
-
-    return idxResponse;
-  }
-
-}
-//# sourceMappingURL=TransactionManager.js.map

package/esm/TransactionManager.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["AuthSdkError","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_STATE_COOKIE_NAME","isTransactionMeta","isOAuthTransactionMeta","isRawIdxResponse","warn","TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","clear","transactionStorage","getTransactionStorage","clearStorage","idxStateStorage","getIdxResponseStorage","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","meta","storage","obj","getStorage","setStorage","cookieStorage","storageType","responseType","state","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","JSON","stringify","exists","load","loadLegacyOAuthParams","Object","assign","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","loadIdxResponse"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,SAASA,YAAT,QAA6B,UAA7B;AACA,SAASC,0BAAT,EAAqCC,0BAArC,EAAiEC,0BAAjE,QAAmG,aAAnG;AAEA,SAGEC,iBAHF,EAIEC,sBAJF,QAUO,SAVP;AAWA,SAAyBC,gBAAzB,QAAiD,oBAAjD;AACA,SAASC,IAAT,QAAqB,QAArB;AAEA,eAAe,MAAMC,kBAAN,CAAyB;AAQtCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKL,OAAL,GAAeA,OAAf;AACD;;AAEDM,EAAAA,KAAK,GAAuC;AAAA,QAAtCN,OAAsC,uEAAJ,EAAI;AAC1C,QAAMO,kBAAmC,GAAG,KAAKN,cAAL,CAAoBO,qBAApB,EAA5C;AACAD,IAAAA,kBAAkB,CAACE,YAAnB;AAEA,QAAMC,eAAgC,GAAG,KAAKT,cAAL,CAAoBU,qBAApB,EAAzC;AACAD,IAAAA,eAAe,SAAf,IAAAA,eAAe,WAAf,YAAAA,eAAe,CAAED,YAAjB;;AAEA,QAAI,CAAC,KAAKP,mBAAV,EAA+B;AAC7B;AACD,KATyC,CAW1C;;;AACA,QAAIF,OAAO,CAACY,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIb,OAAO,CAACc,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GApCqC,CAsCtC;;;AACAC,EAAAA,IAAI,CAACC,IAAD,EAA8D;AAAA,QAAtCjB,OAAsC,uEAAJ,EAAI;AAChE;AACA;AACA;AAEA,QAAIkB,OAAwB,GAAG,KAAKjB,cAAL,CAAoBO,qBAApB,EAA/B;AACA,QAAMW,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAZ;;AACA,QAAI1B,iBAAiB,CAACyB,GAAD,CAArB,EAA4B;AAC1B;AACAtB,MAAAA,IAAI,CAAC,yGAAD,CAAJ;AACD;;AAEDqB,IAAAA,OAAO,CAACG,UAAR,CAAmBJ,IAAnB;;AAEA,QAAI,CAACjB,OAAO,CAACY,KAAb,EAAoB;AAClB;AACD;;AAED,QAAI,KAAKT,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,UAAMiB,aAA4B,GAAG,KAAKrB,cAAL,CAAoBmB,UAApB,CAA+B;AAAEG,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKlB,gBAAT,EAA2B;AACzB,YAAM;AACJmB,UAAAA,YADI;AAEJC,UAAAA,KAFI;AAGJC,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFb,IARJ;AASA,YAAMc,WAAW,GAAG;AAClBP,UAAAA,YADkB;AAElBC,UAAAA,KAFkB;AAGlBC,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAR,QAAAA,aAAa,CAACU,OAAd,CAAsBxC,0BAAtB,EAAkDyC,IAAI,CAACC,SAAL,CAAeH,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK5B,eAAL,IAAwBc,IAAI,CAACS,KAAjC,EAAwC;AACtC;AACAJ,QAAAA,aAAa,CAACU,OAAd,CAAsBzC,0BAAtB,EAAkD0B,IAAI,CAACS,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKtB,eAAL,IAAwBa,IAAI,CAACQ,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACU,OAAd,CAAsBvC,0BAAtB,EAAkDwB,IAAI,CAACQ,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDU,EAAAA,MAAM,GAAgD;AAAA,QAA/CnC,OAA+C,uEAAb,EAAa;;AACpD,QAAI;AACF,UAAMiB,IAAqB,GAAG,KAAKmB,IAAL,CAAUpC,OAAV,CAA9B;AACA,aAAO,CAAC,CAACiB,IAAT;AACD,KAHD,CAGE,gBAAM;AACN,aAAO,KAAP;AACD;AACF,GArGqC,CAuGtC;;;AACAmB,EAAAA,IAAI,GAAwD;AAAA,QAAvDpC,OAAuD,uEAArB,EAAqB;AAC1D,QAAIkB,OAAwB,GAAG,KAAKjB,cAAL,CAAoBO,qBAApB,EAA/B;AACA,QAAIS,IAAI,GAAGC,OAAO,CAACE,UAAR,EAAX;;AACA,QAAI1B,iBAAiB,CAACuB,IAAD,CAArB,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKf,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAVyD,CAY1D;;;AACA,QAAIF,OAAO,CAACY,KAAZ,EAAmB;AACjB,UAAI;AACF,YAAMmB,WAAW,GAAG,KAAKM,qBAAL,EAApB;AACAC,QAAAA,MAAM,CAACC,MAAP,CAActB,IAAd,EAAoBc,WAApB;AACD,OAHD,SAGU;AACR,aAAKlB,sBAAL;AACD;AACF;;AAED,QAAIb,OAAO,CAACc,IAAZ,EAAkB;AAChB,UAAI;AACF,YAAM0B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACAH,QAAAA,MAAM,CAACC,MAAP,CAActB,IAAd,EAAoBuB,QAApB;AACD,OAHD,SAGU;AACR,aAAKzB,eAAL;AACD;AACF;;AAED,QAAIrB,iBAAiB,CAACuB,IAAD,CAArB,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GA3IqC,CA6ItC;;;AACAF,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIG,OAAJ;;AAEA,QAAI,KAAKjB,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB2C,oBAApB,CAAyC;AAAErB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKR,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB2C,oBAApB,CAAyC;AAAErB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAEDgC,EAAAA,cAAc,GAAwB;AACpC,QAAIvB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKlB,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB2C,oBAApB,CAAyC;AAAErB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAN;;AACA,UAAID,GAAG,IAAIA,GAAG,CAAC0B,YAAf,EAA6B;AAC3B,eAAO1B,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKlB,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB2C,oBAApB,CAAyC;AAAErB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAN;;AACA,UAAID,GAAG,IAAIA,GAAG,CAAC0B,YAAf,EAA6B;AAC3B,eAAO1B,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAI7B,YAAJ,CAAiB,yJAAjB,EAA4K,IAA5K,CAAN;AACD;;AAEDuB,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAIK,OAAJ;;AAEA,QAAI,KAAKjB,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB6C,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKR,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB6C,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED4B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAInB,OAAJ;AACA,QAAIa,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAK9B,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB6C,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAQ,MAAAA,WAAW,GAAGb,OAAO,CAACE,UAAR,EAAd;AACD;;AACD,QAAIzB,sBAAsB,CAACoC,WAAD,CAA1B,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAK9B,cAAL,CAAoByC,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DzB,MAAAA,OAAO,GAAG,KAAKjB,cAAL,CAAoB6C,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAQ,MAAAA,WAAW,GAAGb,OAAO,CAACE,UAAR,EAAd;AACD;;AAED,QAAIzB,sBAAsB,CAACoC,WAAD,CAA1B,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIzC,YAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDyD,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,QAAM9B,OAAwB,GAAG,KAAKjB,cAAL,CAAoBU,qBAApB,EAAjC;;AACA,QAAI,CAACO,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB2B,WAAnB;AACD;;AAEDC,EAAAA,eAAe,GAAmB;AAChC,QAAM/B,OAAwB,GAAG,KAAKjB,cAAL,CAAoBU,qBAApB,EAAjC;;AACA,QAAI,CAACO,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,QAAM8B,WAAW,GAAG9B,OAAO,CAACE,UAAR,EAApB;;AACA,QAAI,CAACxB,gBAAgB,CAACoD,WAAD,CAArB,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AAxPqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport StorageManager from './StorageManager';\nimport {\n  StorageProvider,\n  TransactionMeta,\n  isTransactionMeta,\n  isOAuthTransactionMeta,\n  PKCETransactionMeta,\n  OAuthTransactionMeta,\n  TransactionMetaOptions,\n  TransactionManagerOptions,\n  CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\n\nexport default class TransactionManager {\n  options: TransactionManagerOptions;\n  storageManager: StorageManager;\n  legacyWidgetSupport: boolean;\n  saveNonceCookie: boolean;\n  saveStateCookie: boolean;\n  saveParamsCookie: boolean;\n\n  constructor(options: TransactionManagerOptions) {\n    this.storageManager = options.storageManager;\n    this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n    this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n    this.saveStateCookie = options.saveStateCookie === false ? false : true;\n    this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n    this.options = options;\n  }\n\n  clear(options: TransactionMetaOptions = {}) {\n    const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n    transactionStorage.clearStorage();\n\n    const idxStateStorage: StorageProvider = this.storageManager.getIdxResponseStorage();\n    idxStateStorage?.clearStorage();\n\n    if (!this.legacyWidgetSupport) {\n      return;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      this.clearLegacyOAuthParams();\n    }\n\n    if (options.pkce) {\n      this.clearLegacyPKCE();\n    }\n  }\n\n  // eslint-disable-next-line complexity\n  save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n    // There must be only one transaction executing at a time.\n    // Before saving, check to see if a transaction is already stored.\n    // An existing transaction indicates a concurrency/race/overlap condition\n\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    const obj = storage.getStorage();\n    if (isTransactionMeta(obj)) {\n      // eslint-disable-next-line max-len\n      warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n    }\n\n    storage.setStorage(meta);\n\n    if (!options.oauth) {\n      return;\n    }\n  \n    if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n      const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n      if (this.saveParamsCookie) {\n        const { \n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        } = meta;\n        const oauthParams = {\n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        };\n        cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n      }\n\n      if (this.saveNonceCookie && meta.nonce) {\n        // Set nonce cookie for servers to validate nonce in id_token\n        cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n      }\n\n      if (this.saveStateCookie && meta.state) {\n        // Set state cookie for servers to validate state\n        cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n      }\n    }\n  }\n\n  exists(options: TransactionMetaOptions = {}): boolean {\n    try {\n      const meta: TransactionMeta = this.load(options);\n      return !!meta;\n    } catch {\n      return false;\n    }\n  }\n\n  // load transaction meta from storage\n  load(options: TransactionMetaOptions = {}): TransactionMeta {\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    let meta = storage.getStorage();\n    if (isTransactionMeta(meta)) {\n      // if we have meta in the new location, there is no need to go further\n      return meta;\n    }\n\n    if (!this.legacyWidgetSupport) {\n      return null;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      try {\n        const oauthParams = this.loadLegacyOAuthParams();\n        Object.assign(meta, oauthParams);\n      } finally {\n        this.clearLegacyOAuthParams();\n      }\n    }\n\n    if (options.pkce) {\n      try {\n        const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n        Object.assign(meta, pkceMeta);\n      } finally {\n        this.clearLegacyPKCE();\n      }\n    }\n\n    if (isTransactionMeta(meta)) {\n      return meta;\n    }\n    return null;\n  }\n\n  // This is for compatibility with older versions of the signin widget. OKTA-304806\n  clearLegacyPKCE(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyPKCE(): PKCETransactionMeta {\n    let storage: StorageProvider;\n    let obj;\n    \n    // Try reading from localStorage first.\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n\n    // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n\n    // If meta is not valid, throw an exception to avoid misleading server-side error\n    // The most likely cause of this error is trying to handle a callback twice\n    // eslint-disable-next-line max-len\n    throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);\n  }\n\n  clearLegacyOAuthParams(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyOAuthParams(): OAuthTransactionMeta {\n    let storage: StorageProvider;\n    let oauthParams;\n  \n    // load first from session storage\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      oauthParams = storage.getStorage();\n    }\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n    // try to load from cookie\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      oauthParams = storage.getStorage();\n    }\n\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n\n    throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n    // Something is there but we don't recognize it\n    // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n  }\n\n  saveIdxResponse(idxResponse: RawIdxResponse): void {\n    const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return;\n    }\n    storage.setStorage(idxResponse);\n  }\n\n  loadIdxResponse(): RawIdxResponse {\n    const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return null;\n    }\n    const idxResponse = storage.getStorage();\n    if (!isRawIdxResponse(idxResponse)) {\n      return null;\n    }\n    return idxResponse;\n  }\n}"],"file":"TransactionManager.js"}

package/esm/browser/browserStorage.js

@@ -1,256 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import AuthSdkError from '../errors/AuthSdkError';
-import { warn } from '../util';
-
-var Cookies = require('js-cookie'); // Building this as an object allows us to mock the functions in our tests
-
-
-var storageUtil = {
-  // These are shimmed in `OktaAuthBase.ts`
-  getHttpCache() {
-    return null;
-  },
-
-  getPKCEStorage() {
-    return null;
-  },
-
-  // IE11 bug that Microsoft doesn't plan to fix
-  // https://connect.microsoft.com/IE/Feedback/Details/1496040
-  browserHasLocalStorage: function browserHasLocalStorage() {
-    try {
-      var storage = storageUtil.getLocalStorage();
-      return storageUtil.testStorage(storage);
-    } catch (e) {
-      return false;
-    }
-  },
-  browserHasSessionStorage: function browserHasSessionStorage() {
-    try {
-      var storage = storageUtil.getSessionStorage();
-      return storageUtil.testStorage(storage);
-    } catch (e) {
-      return false;
-    }
-  },
-  testStorageType: function testStorageType(storageType) {
-    var supported = false;
-
-    switch (storageType) {
-      case 'sessionStorage':
-        supported = storageUtil.browserHasSessionStorage();
-        break;
-
-      case 'localStorage':
-        supported = storageUtil.browserHasLocalStorage();
-        break;
-
-      case 'cookie':
-      case 'memory':
-        supported = true;
-        break;
-
-      default:
-        supported = false;
-        break;
-    }
-
-    return supported;
-  },
-  getStorageByType: function getStorageByType(storageType, options) {
-    var storageProvider = null;
-
-    switch (storageType) {
-      case 'sessionStorage':
-        storageProvider = storageUtil.getSessionStorage();
-        break;
-
-      case 'localStorage':
-        storageProvider = storageUtil.getLocalStorage();
-        break;
-
-      case 'cookie':
-        storageProvider = storageUtil.getCookieStorage(options);
-        break;
-
-      case 'memory':
-        storageProvider = storageUtil.getInMemoryStorage();
-        break;
-
-      default:
-        throw new AuthSdkError("Unrecognized storage option: ".concat(storageType));
-        break;
-    }
-
-    return storageProvider;
-  },
-  findStorageType: function findStorageType(types) {
-    var curType;
-    var nextType;
-    types = types.slice(); // copy array
-
-    curType = types.shift();
-    nextType = types.length ? types[0] : null;
-
-    if (!nextType) {
-      return curType;
-    }
-
-    if (storageUtil.testStorageType(curType)) {
-      return curType;
-    } // preferred type was unsupported.
-
-
-    warn("This browser doesn't support ".concat(curType, ". Switching to ").concat(nextType, ".")); // fallback to the next type. this is a recursive call
-
-    return storageUtil.findStorageType(types);
-  },
-  getLocalStorage: function getLocalStorage() {
-    return localStorage;
-  },
-  getSessionStorage: function getSessionStorage() {
-    return sessionStorage;
-  },
-  // Provides webStorage-like interface for cookies
-  getCookieStorage: function getCookieStorage(options) {
-    var secure = options.secure;
-    var sameSite = options.sameSite;
-    var sessionCookie = options.sessionCookie;
-
-    if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {
-      throw new AuthSdkError('getCookieStorage: "secure" and "sameSite" options must be provided');
-    }
-
-    var storage = {
-      getItem: storageUtil.storage.get,
-      setItem: function setItem(key, value) {
-        var expiresAt = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : '2200-01-01T00:00:00.000Z';
-        // By defauilt, cookie shouldn't expire
-        expiresAt = sessionCookie ? null : expiresAt;
-        storageUtil.storage.set(key, value, expiresAt, {
-          secure: secure,
-          sameSite: sameSite
-        });
-      },
-      removeItem: function removeItem(key) {
-        storageUtil.storage.delete(key);
-      }
-    };
-
-    if (!options.useMultipleCookies) {
-      return storage;
-    } // options.useMultipleCookies - because cookies have size limits.
-    // Can only be used when storing an object value. Object properties will be saved to separate cookies.
-    //  Each property of the object must also be an object.
-
-
-    return {
-      getItem: function getItem(key) {
-        var data = storage.getItem(); // read all cookies
-
-        var value = {};
-        Object.keys(data).forEach(k => {
-          if (k.indexOf(key) === 0) {
-            // filter out unrelated cookies
-            value[k.replace("".concat(key, "_"), '')] = JSON.parse(data[k]); // populate with cookie dataa
-          }
-        });
-        return JSON.stringify(value);
-      },
-      setItem: function setItem(key, value) {
-        var existingValues = JSON.parse(this.getItem(key));
-        value = JSON.parse(value); // Set key-value pairs from input to cookies
-
-        Object.keys(value).forEach(k => {
-          var storageKey = key + '_' + k;
-          var valueToStore = JSON.stringify(value[k]);
-          storage.setItem(storageKey, valueToStore);
-          delete existingValues[k];
-        }); // Delete unmatched keys from existing cookies
-
-        Object.keys(existingValues).forEach(k => {
-          storage.removeItem(key + '_' + k);
-        });
-      },
-      removeItem: function removeItem(key) {
-        var existingValues = JSON.parse(this.getItem(key));
-        Object.keys(existingValues).forEach(k => {
-          storage.removeItem(key + '_' + k);
-        });
-      }
-    };
-  },
-  // Provides an in-memory solution
-  inMemoryStore: {},
-  getInMemoryStorage: function getInMemoryStorage() {
-    return {
-      getItem: key => {
-        return this.inMemoryStore[key];
-      },
-      setItem: (key, value) => {
-        this.inMemoryStore[key] = value;
-      }
-    };
-  },
-  testStorage: function testStorage(storage) {
-    var key = 'okta-test-storage';
-
-    try {
-      storage.setItem(key, key);
-      storage.removeItem(key);
-      return true;
-    } catch (e) {
-      return false;
-    }
-  },
-  storage: {
-    set: function set(name, value, expiresAt, options) {
-      var {
-        sameSite,
-        secure
-      } = options;
-
-      if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {
-        throw new AuthSdkError('storage.set: "secure" and "sameSite" options must be provided');
-      }
-
-      var cookieOptions = {
-        path: options.path || '/',
-        secure,
-        sameSite
-      }; // eslint-disable-next-line no-extra-boolean-cast
-
-      if (!!Date.parse(expiresAt)) {
-        // Expires value can be converted to a Date object.
-        //
-        // If the 'expiresAt' value is not provided, or the value cannot be
-        // parsed as a Date object, the cookie will set as a session cookie.
-        cookieOptions.expires = new Date(expiresAt);
-      }
-
-      Cookies.set(name, value, cookieOptions);
-      return storageUtil.storage.get(name);
-    },
-    get: function get(name) {
-      return Cookies.get(name);
-    },
-    delete: function _delete(name) {
-      return Cookies.remove(name, {
-        path: '/'
-      });
-    }
-  }
-};
-export default storageUtil;
-//# sourceMappingURL=browserStorage.js.map

package/esm/browser/browserStorage.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../lib/browser/browserStorage.ts"],"names":["AuthSdkError","warn","Cookies","require","storageUtil","getHttpCache","getPKCEStorage","browserHasLocalStorage","storage","getLocalStorage","testStorage","e","browserHasSessionStorage","getSessionStorage","testStorageType","storageType","supported","getStorageByType","options","storageProvider","getCookieStorage","getInMemoryStorage","findStorageType","types","curType","nextType","slice","shift","length","localStorage","sessionStorage","secure","sameSite","sessionCookie","getItem","get","setItem","key","value","expiresAt","set","removeItem","delete","useMultipleCookies","data","Object","keys","forEach","k","indexOf","replace","JSON","parse","stringify","existingValues","storageKey","valueToStore","inMemoryStore","name","cookieOptions","path","Date","expires","remove"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA,OAAOA,YAAP,MAAyB,wBAAzB;AAWA,SAASC,IAAT,QAAqB,SAArB;;AAEA,IAAMC,OAAO,GAAGC,OAAO,CAAC,WAAD,CAAvB,C,CAEA;;;AACA,IAAIC,WAA+B,GAAG;AAEpC;AACAC,EAAAA,YAAY,GAAoB;AAC9B,WAAO,IAAP;AACD,GALmC;;AAOpCC,EAAAA,cAAc,GAAgB;AAC5B,WAAO,IAAP;AACD,GATmC;;AAWpC;AACA;AACAC,EAAAA,sBAAsB,EAAE,kCAAW;AACjC,QAAI;AACF,UAAIC,OAAO,GAAGJ,WAAW,CAACK,eAAZ,EAAd;AACA,aAAOL,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GApBmC;AAsBpCC,EAAAA,wBAAwB,EAAE,oCAAW;AACnC,QAAI;AACF,UAAIJ,OAAO,GAAGJ,WAAW,CAACS,iBAAZ,EAAd;AACA,aAAOT,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA7BmC;AA+BpCG,EAAAA,eAAe,EAAE,yBAASC,WAAT,EAA4C;AAC3D,QAAIC,SAAS,GAAG,KAAhB;;AACA,YAAQD,WAAR;AACE,WAAK,gBAAL;AACEC,QAAAA,SAAS,GAAGZ,WAAW,CAACQ,wBAAZ,EAAZ;AACA;;AACF,WAAK,cAAL;AACEI,QAAAA,SAAS,GAAGZ,WAAW,CAACG,sBAAZ,EAAZ;AACA;;AACF,WAAK,QAAL;AACA,WAAK,QAAL;AACES,QAAAA,SAAS,GAAG,IAAZ;AACA;;AACF;AACEA,QAAAA,SAAS,GAAG,KAAZ;AACA;AAbJ;;AAeA,WAAOA,SAAP;AACD,GAjDmC;AAmDpCC,EAAAA,gBAAgB,EAAE,0BAASF,WAAT,EAAmCG,OAAnC,EAA2E;AAC3F,QAAIC,eAAe,GAAG,IAAtB;;AACA,YAAQJ,WAAR;AACE,WAAK,gBAAL;AACEI,QAAAA,eAAe,GAAGf,WAAW,CAACS,iBAAZ,EAAlB;AACA;;AACF,WAAK,cAAL;AACEM,QAAAA,eAAe,GAAGf,WAAW,CAACK,eAAZ,EAAlB;AACA;;AACF,WAAK,QAAL;AACEU,QAAAA,eAAe,GAAGf,WAAW,CAACgB,gBAAZ,CAA6BF,OAA7B,CAAlB;AACA;;AACF,WAAK,QAAL;AACEC,QAAAA,eAAe,GAAGf,WAAW,CAACiB,kBAAZ,EAAlB;AACA;;AACF;AACE,cAAM,IAAIrB,YAAJ,wCAAiDe,WAAjD,EAAN;AACA;AAfJ;;AAiBA,WAAOI,eAAP;AACD,GAvEmC;AAyEpCG,EAAAA,eAAe,EAAE,yBAASC,KAAT,EAA+B;AAC9C,QAAIC,OAAJ;AACA,QAAIC,QAAJ;AAEAF,IAAAA,KAAK,GAAGA,KAAK,CAACG,KAAN,EAAR,CAJ8C,CAIvB;;AACvBF,IAAAA,OAAO,GAAGD,KAAK,CAACI,KAAN,EAAV;AACAF,IAAAA,QAAQ,GAAGF,KAAK,CAACK,MAAN,GAAeL,KAAK,CAAC,CAAD,CAApB,GAA0B,IAArC;;AACA,QAAI,CAACE,QAAL,EAAe;AACb,aAAOD,OAAP;AACD;;AAED,QAAIpB,WAAW,CAACU,eAAZ,CAA4BU,OAA5B,CAAJ,EAA0C;AACxC,aAAOA,OAAP;AACD,KAb6C,CAe9C;;;AACAvB,IAAAA,IAAI,wCAAiCuB,OAAjC,4BAA0DC,QAA1D,OAAJ,CAhB8C,CAkB9C;;AACA,WAAOrB,WAAW,CAACkB,eAAZ,CAA4BC,KAA5B,CAAP;AACD,GA7FmC;AA+FpCd,EAAAA,eAAe,EAAE,2BAAW;AAC1B,WAAOoB,YAAP;AACD,GAjGmC;AAmGpChB,EAAAA,iBAAiB,EAAE,6BAAW;AAC5B,WAAOiB,cAAP;AACD,GArGmC;AAuGpC;AACAV,EAAAA,gBAAgB,EAAE,0BAASF,OAAT,EAAiC;AACjD,QAAMa,MAAM,GAAGb,OAAO,CAACa,MAAvB;AACA,QAAMC,QAAQ,GAAGd,OAAO,CAACc,QAAzB;AACA,QAAMC,aAAa,GAAGf,OAAO,CAACe,aAA9B;;AACA,QAAI,OAAOF,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,YAAM,IAAIhC,YAAJ,CAAiB,oEAAjB,CAAN;AACD;;AACD,QAAMQ,OAAsB,GAAG;AAC7B0B,MAAAA,OAAO,EAAE9B,WAAW,CAACI,OAAZ,CAAoB2B,GADA;AAE7BC,MAAAA,OAAO,EAAE,iBAASC,GAAT,EAAcC,KAAd,EAA6D;AAAA,YAAxCC,SAAwC,uEAA5B,0BAA4B;AACpE;AACAA,QAAAA,SAAS,GAAGN,aAAa,GAAG,IAAH,GAAUM,SAAnC;AACAnC,QAAAA,WAAW,CAACI,OAAZ,CAAoBgC,GAApB,CAAwBH,GAAxB,EAA6BC,KAA7B,EAAoCC,SAApC,EAA+C;AAC7CR,UAAAA,MAAM,EAAEA,MADqC;AAE7CC,UAAAA,QAAQ,EAAEA;AAFmC,SAA/C;AAID,OAT4B;AAU7BS,MAAAA,UAAU,EAAE,oBAASJ,GAAT,EAAc;AACxBjC,QAAAA,WAAW,CAACI,OAAZ,CAAoBkC,MAApB,CAA2BL,GAA3B;AACD;AAZ4B,KAA/B;;AAeA,QAAI,CAACnB,OAAO,CAACyB,kBAAb,EAAiC;AAC/B,aAAOnC,OAAP;AACD,KAxBgD,CA0BjD;AACA;AACA;;;AACA,WAAO;AACL0B,MAAAA,OAAO,EAAE,iBAASG,GAAT,EAAc;AACrB,YAAIO,IAAI,GAAGpC,OAAO,CAAC0B,OAAR,EAAX,CADqB,CACS;;AAC9B,YAAII,KAAK,GAAG,EAAZ;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYF,IAAZ,EAAkBG,OAAlB,CAA0BC,CAAC,IAAI;AAC7B,cAAIA,CAAC,CAACC,OAAF,CAAUZ,GAAV,MAAmB,CAAvB,EAA0B;AAAE;AAC1BC,YAAAA,KAAK,CAACU,CAAC,CAACE,OAAF,WAAab,GAAb,QAAqB,EAArB,CAAD,CAAL,GAAkCc,IAAI,CAACC,KAAL,CAAWR,IAAI,CAACI,CAAD,CAAf,CAAlC,CADwB,CAC+B;AACxD;AACF,SAJD;AAKA,eAAOG,IAAI,CAACE,SAAL,CAAef,KAAf,CAAP;AACD,OAVI;AAWLF,MAAAA,OAAO,EAAE,iBAASC,GAAT,EAAcC,KAAd,EAAqB;AAC5B,YAAIgB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAC,QAAAA,KAAK,GAAGa,IAAI,CAACC,KAAL,CAAWd,KAAX,CAAR,CAF4B,CAG5B;;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYR,KAAZ,EAAmBS,OAAnB,CAA2BC,CAAC,IAAI;AAC9B,cAAIO,UAAU,GAAGlB,GAAG,GAAG,GAAN,GAAYW,CAA7B;AACA,cAAIQ,YAAY,GAAGL,IAAI,CAACE,SAAL,CAAef,KAAK,CAACU,CAAD,CAApB,CAAnB;AACAxC,UAAAA,OAAO,CAAC4B,OAAR,CAAgBmB,UAAhB,EAA4BC,YAA5B;AACA,iBAAOF,cAAc,CAACN,CAAD,CAArB;AACD,SALD,EAJ4B,CAU5B;;AACAH,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCxC,UAAAA,OAAO,CAACiC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD,OAzBI;AA0BLP,MAAAA,UAAU,EAAE,oBAASJ,GAAT,EAAc;AACxB,YAAIiB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAQ,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCxC,UAAAA,OAAO,CAACiC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD;AA/BI,KAAP;AAiCD,GAtKmC;AAwKpC;AACAS,EAAAA,aAAa,EAAE,EAzKqB;AA0KpCpC,EAAAA,kBAAkB,EAAE,8BAAW;AAC7B,WAAO;AACLa,MAAAA,OAAO,EAAGG,GAAD,IAAS;AAChB,eAAO,KAAKoB,aAAL,CAAmBpB,GAAnB,CAAP;AACD,OAHI;AAILD,MAAAA,OAAO,EAAE,CAACC,GAAD,EAAMC,KAAN,KAAgB;AACvB,aAAKmB,aAAL,CAAmBpB,GAAnB,IAA0BC,KAA1B;AACD;AANI,KAAP;AAQD,GAnLmC;AAqLpC5B,EAAAA,WAAW,EAAE,qBAASF,OAAT,EAAkB;AAC7B,QAAI6B,GAAG,GAAG,mBAAV;;AACA,QAAI;AACF7B,MAAAA,OAAO,CAAC4B,OAAR,CAAgBC,GAAhB,EAAqBA,GAArB;AACA7B,MAAAA,OAAO,CAACiC,UAAR,CAAmBJ,GAAnB;AACA,aAAO,IAAP;AACD,KAJD,CAIE,OAAO1B,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA9LmC;AAgMpCH,EAAAA,OAAO,EAAE;AACPgC,IAAAA,GAAG,EAAE,aAASkB,IAAT,EAAuBpB,KAAvB,EAAsCC,SAAtC,EAAyDrB,OAAzD,EAAyF;AAC5F,UAAM;AAAEc,QAAAA,QAAF;AAAYD,QAAAA;AAAZ,UAAuBb,OAA7B;;AACA,UAAI,OAAOa,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,cAAM,IAAIhC,YAAJ,CAAiB,+DAAjB,CAAN;AACD;;AACD,UAAI2D,aAA4B,GAAG;AACjCC,QAAAA,IAAI,EAAE1C,OAAO,CAAC0C,IAAR,IAAgB,GADW;AAEjC7B,QAAAA,MAFiC;AAGjCC,QAAAA;AAHiC,OAAnC,CAL4F,CAW5F;;AACA,UAAI,CAAC,CAAE6B,IAAI,CAACT,KAAL,CAAWb,SAAX,CAAP,EAA+B;AAC7B;AACA;AACA;AACA;AACAoB,QAAAA,aAAa,CAACG,OAAd,GAAwB,IAAID,IAAJ,CAAStB,SAAT,CAAxB;AACD;;AAEDrC,MAAAA,OAAO,CAACsC,GAAR,CAAYkB,IAAZ,EAAkBpB,KAAlB,EAAyBqB,aAAzB;AACA,aAAOvD,WAAW,CAACI,OAAZ,CAAoB2B,GAApB,CAAwBuB,IAAxB,CAAP;AACD,KAvBM;AAyBPvB,IAAAA,GAAG,EAAE,aAASuB,IAAT,EAA+B;AAClC,aAAOxD,OAAO,CAACiC,GAAR,CAAYuB,IAAZ,CAAP;AACD,KA3BM;AA6BPhB,IAAAA,MAAM,EAAE,iBAASgB,IAAT,EAA+B;AACrC,aAAOxD,OAAO,CAAC6D,MAAR,CAAeL,IAAf,EAAqB;AAAEE,QAAAA,IAAI,EAAE;AAAR,OAArB,CAAP;AACD;AA/BM;AAhM2B,CAAtC;AAmOA,eAAexD,WAAf","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n  StorageProvider,\n  StorageOptions,\n  PKCEStorage,\n  CookieOptions,\n  SimpleStorage,\n  StorageType,\n  BrowserStorageUtil,\n  CookieStorage\n} from '../types';\nimport { warn } from '../util';\n\nconst Cookies = require('js-cookie');\n\n// Building this as an object allows us to mock the functions in our tests\nvar storageUtil: BrowserStorageUtil = {\n\n  // These are shimmed in `OktaAuthBase.ts`\n  getHttpCache(): StorageProvider {\n    return null;\n  },\n\n  getPKCEStorage(): PKCEStorage {\n    return null;\n  },\n\n  // IE11 bug that Microsoft doesn't plan to fix\n  // https://connect.microsoft.com/IE/Feedback/Details/1496040\n  browserHasLocalStorage: function() {\n    try {\n      var storage = storageUtil.getLocalStorage();\n      return storageUtil.testStorage(storage);\n    } catch (e) {\n      return false;\n    }\n  },\n\n  browserHasSessionStorage: function() {\n    try {\n      var storage = storageUtil.getSessionStorage();\n      return storageUtil.testStorage(storage);\n    } catch (e) {\n      return false;\n    }\n  },\n\n  testStorageType: function(storageType: StorageType): boolean {\n    var supported = false;\n    switch (storageType) {\n      case 'sessionStorage':\n        supported = storageUtil.browserHasSessionStorage();\n        break;\n      case 'localStorage':\n        supported = storageUtil.browserHasLocalStorage();\n        break;\n      case 'cookie':\n      case 'memory':\n        supported = true;\n        break;\n      default:\n        supported = false;\n        break;\n    }\n    return supported;\n  },\n\n  getStorageByType: function(storageType: StorageType, options: StorageOptions): SimpleStorage {\n    let storageProvider = null;\n    switch (storageType) {\n      case 'sessionStorage':\n        storageProvider = storageUtil.getSessionStorage();\n        break;\n      case 'localStorage':\n        storageProvider = storageUtil.getLocalStorage();\n        break;\n      case 'cookie':\n        storageProvider = storageUtil.getCookieStorage(options);\n        break;\n      case 'memory':\n        storageProvider = storageUtil.getInMemoryStorage();\n        break;\n      default:\n        throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n        break;\n    }\n    return storageProvider;\n  },\n\n  findStorageType: function(types: StorageType[]) {\n    let curType;\n    let nextType;\n    \n    types = types.slice(); // copy array\n    curType = types.shift();\n    nextType = types.length ? types[0] : null;\n    if (!nextType) {\n      return curType;\n    }\n\n    if (storageUtil.testStorageType(curType)) {\n      return curType;\n    }\n\n    // preferred type was unsupported.\n    warn(`This browser doesn't support ${curType}. Switching to ${nextType}.`);\n\n    // fallback to the next type. this is a recursive call\n    return storageUtil.findStorageType(types);\n  },\n\n  getLocalStorage: function() {\n    return localStorage;\n  },\n\n  getSessionStorage: function() {\n    return sessionStorage;\n  },\n\n  // Provides webStorage-like interface for cookies\n  getCookieStorage: function(options): CookieStorage {\n    const secure = options.secure;\n    const sameSite = options.sameSite;\n    const sessionCookie = options.sessionCookie;\n    if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n      throw new AuthSdkError('getCookieStorage: \"secure\" and \"sameSite\" options must be provided');\n    }\n    const storage: CookieStorage = {\n      getItem: storageUtil.storage.get,\n      setItem: function(key, value, expiresAt = '2200-01-01T00:00:00.000Z') {\n        // By defauilt, cookie shouldn't expire\n        expiresAt = sessionCookie ? null : expiresAt;\n        storageUtil.storage.set(key, value, expiresAt, {\n          secure: secure, \n          sameSite: sameSite,\n        });\n      },\n      removeItem: function(key) {\n        storageUtil.storage.delete(key);\n      }\n    };\n\n    if (!options.useMultipleCookies) {\n      return storage;\n    }\n\n    // options.useMultipleCookies - because cookies have size limits.\n    // Can only be used when storing an object value. Object properties will be saved to separate cookies.\n    //  Each property of the object must also be an object.\n    return {\n      getItem: function(key) {\n        var data = storage.getItem(); // read all cookies\n        var value = {};\n        Object.keys(data).forEach(k => {\n          if (k.indexOf(key) === 0) { // filter out unrelated cookies\n            value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie dataa\n          }\n        });\n        return JSON.stringify(value);\n      },\n      setItem: function(key, value) {\n        var existingValues = JSON.parse(this.getItem(key));\n        value = JSON.parse(value);\n        // Set key-value pairs from input to cookies\n        Object.keys(value).forEach(k => {\n          var storageKey = key + '_' + k;\n          var valueToStore = JSON.stringify(value[k]);\n          storage.setItem(storageKey, valueToStore);\n          delete existingValues[k];\n        });\n        // Delete unmatched keys from existing cookies\n        Object.keys(existingValues).forEach(k => {\n          storage.removeItem(key + '_' + k);\n        });\n      },\n      removeItem: function(key) {\n        var existingValues = JSON.parse(this.getItem(key));\n        Object.keys(existingValues).forEach(k => {\n          storage.removeItem(key + '_' + k);\n        });\n      }\n    };\n  },\n\n  // Provides an in-memory solution\n  inMemoryStore: {},\n  getInMemoryStorage: function() {\n    return {\n      getItem: (key) => {\n        return this.inMemoryStore[key];\n      },\n      setItem: (key, value) => {\n        this.inMemoryStore[key] = value;\n      }\n    };\n  },\n\n  testStorage: function(storage) {\n    var key = 'okta-test-storage';\n    try {\n      storage.setItem(key, key);\n      storage.removeItem(key);\n      return true;\n    } catch (e) {\n      return false;\n    }\n  },\n\n  storage: {\n    set: function(name: string, value: string, expiresAt: string, options: CookieOptions): string {\n      const { sameSite, secure } = options;\n      if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n        throw new AuthSdkError('storage.set: \"secure\" and \"sameSite\" options must be provided');\n      }\n      var cookieOptions: CookieOptions = {\n        path: options.path || '/',\n        secure,\n        sameSite\n      };\n\n      // eslint-disable-next-line no-extra-boolean-cast\n      if (!!(Date.parse(expiresAt))) {\n        // Expires value can be converted to a Date object.\n        //\n        // If the 'expiresAt' value is not provided, or the value cannot be\n        // parsed as a Date object, the cookie will set as a session cookie.\n        cookieOptions.expires = new Date(expiresAt);\n      }\n\n      Cookies.set(name, value, cookieOptions);\n      return storageUtil.storage.get(name);\n    },\n\n    get: function(name: string): string {\n      return Cookies.get(name);\n    },\n\n    delete: function(name: string): string {\n      return Cookies.remove(name, { path: '/' });\n    }\n  }\n};\n\nexport default storageUtil;\n"],"file":"browserStorage.js"}