@okta/okta-auth-js 5.5.0 → 5.9.0

package/esm/idx/startTransaction.js

@@ -1,27 +0,0 @@
-import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
-
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * 
- * See the License for the specific language governing permissions and limitations under the License.
- */
-import { run } from './run';
-// This method only resolves { status: IdxStatus.PENDING } if transaction has already started
-export function startTransaction(_x) {
-  return _startTransaction.apply(this, arguments);
-}
-
-function _startTransaction() {
-  _startTransaction = _asyncToGenerator(function* (authClient) {
-    var options = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
-    return run(authClient, options);
-  });
-  return _startTransaction.apply(this, arguments);
-}
-//# sourceMappingURL=startTransaction.js.map

package/esm/idx/startTransaction.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["run","startTransaction","authClient","options"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,SAASA,GAAT,QAAoB,OAApB;AAGA;AACA,gBAAsBC,gBAAtB;AAAA;AAAA;;;wCAAO,WACLC,UADK,EAGoB;AAAA,QADzBC,OACyB,uEADH,EACG;AACzB,WAAOH,GAAG,CAACE,UAAD,EAAaC,OAAb,CAAV;AACD,G","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { OktaAuth, IdxOptions, IdxTransaction } from '../types';\n\n// This method only resolves { status: IdxStatus.PENDING } if transaction has already started\nexport async function startTransaction(\n  authClient: OktaAuth, \n  options: IdxOptions = {}\n): Promise<IdxTransaction> {\n  return run(authClient, options);\n}\n"],"file":"startTransaction.js"}

package/esm/idx/transactionMeta.js

@@ -1,112 +0,0 @@
-import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
-
-/*!
- * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- */
-import { warn } from '../util';
-import { getOAuthUrls } from '../oidc'; // Calculate new values
-
-export function createTransactionMeta(_x) {
-  return _createTransactionMeta.apply(this, arguments);
-}
-
-function _createTransactionMeta() {
-  _createTransactionMeta = _asyncToGenerator(function* (authClient) {
-    return authClient.token.prepareTokenParams();
-  });
-  return _createTransactionMeta.apply(this, arguments);
-}
-
-export function transactionMetaExist(authClient) {
-  if (authClient.transactionManager.exists()) {
-    var existing = authClient.transactionManager.load();
-
-    if (isTransactionMetaValid(authClient, existing) && existing.interactionHandle) {
-      return true;
-    }
-  }
-
-  return false;
-}
-export function getTransactionMeta(_x2) {
-  return _getTransactionMeta.apply(this, arguments);
-}
-
-function _getTransactionMeta() {
-  _getTransactionMeta = _asyncToGenerator(function* (authClient) {
-    // Load existing transaction meta from storage
-    if (authClient.transactionManager.exists()) {
-      var existing = authClient.transactionManager.load();
-
-      if (isTransactionMetaValid(authClient, existing)) {
-        return existing;
-      } // existing meta is not valid for this configuration
-      // this is common when changing configuration in local development environment
-      // in a production environment, this may indicate that two apps are sharing a storage key
-
-
-      warn('Saved transaction meta does not match the current configuration. ' + 'This may indicate that two apps are sharing a storage key.');
-    } // Calculate new values
-
-
-    var tokenParams = yield authClient.token.prepareTokenParams();
-    var urls = getOAuthUrls(authClient, tokenParams);
-    var issuer = authClient.options.issuer;
-    var {
-      pkce,
-      clientId,
-      redirectUri,
-      responseType,
-      responseMode,
-      scopes,
-      state,
-      nonce,
-      ignoreSignature,
-      codeVerifier,
-      codeChallengeMethod,
-      codeChallenge
-    } = tokenParams;
-    var meta = {
-      issuer,
-      pkce,
-      clientId,
-      redirectUri,
-      responseType,
-      responseMode,
-      scopes,
-      state,
-      nonce,
-      urls,
-      ignoreSignature,
-      codeVerifier,
-      codeChallengeMethod,
-      codeChallenge
-    };
-    return meta;
-  });
-  return _getTransactionMeta.apply(this, arguments);
-}
-
-export function saveTransactionMeta(authClient, meta) {
-  authClient.transactionManager.save(meta);
-}
-export function clearTransactionMeta(authClient) {
-  authClient.transactionManager.clear();
-} // returns true if values in meta match current authClient options
-
-export function isTransactionMetaValid(authClient, meta) {
-  var keys = ['issuer', 'clientId', 'redirectUri'];
-  var mismatch = keys.find(key => {
-    return authClient.options[key] !== meta[key];
-  });
-  return !mismatch;
-}
-//# sourceMappingURL=transactionMeta.js.map

package/esm/idx/transactionMeta.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["warn","getOAuthUrls","createTransactionMeta","authClient","token","prepareTokenParams","transactionMetaExist","transactionManager","exists","existing","load","isTransactionMetaValid","interactionHandle","getTransactionMeta","tokenParams","urls","issuer","options","pkce","clientId","redirectUri","responseType","responseMode","scopes","state","nonce","ignoreSignature","codeVerifier","codeChallengeMethod","codeChallenge","meta","saveTransactionMeta","save","clearTransactionMeta","clear","keys","mismatch","find","key"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,SAASA,IAAT,QAAqB,SAArB;AACA,SAASC,YAAT,QAA6B,SAA7B,C,CAEA;;AACA,gBAAsBC,qBAAtB;AAAA;AAAA;;;6CAAO,WAAqCC,UAArC,EAA2D;AAChE,WAAOA,UAAU,CAACC,KAAX,CAAiBC,kBAAjB,EAAP;AACD,G;;;;AAED,OAAO,SAASC,oBAAT,CAA8BH,UAA9B,EAA6D;AAClE,MAAIA,UAAU,CAACI,kBAAX,CAA8BC,MAA9B,EAAJ,EAA4C;AAC1C,QAAMC,QAAQ,GAAGN,UAAU,CAACI,kBAAX,CAA8BG,IAA9B,EAAjB;;AACA,QAAIC,sBAAsB,CAACR,UAAD,EAAaM,QAAb,CAAtB,IAAgDA,QAAQ,CAACG,iBAA7D,EAAgF;AAC9E,aAAO,IAAP;AACD;AACF;;AACD,SAAO,KAAP;AACD;AAED,gBAAsBC,kBAAtB;AAAA;AAAA;;;0CAAO,WAAkCV,UAAlC,EAAqF;AAC1F;AACA,QAAIA,UAAU,CAACI,kBAAX,CAA8BC,MAA9B,EAAJ,EAA4C;AAC1C,UAAMC,QAAQ,GAAGN,UAAU,CAACI,kBAAX,CAA8BG,IAA9B,EAAjB;;AACA,UAAIC,sBAAsB,CAACR,UAAD,EAAaM,QAAb,CAA1B,EAAkD;AAChD,eAAOA,QAAP;AACD,OAJyC,CAK1C;AACA;AACA;;;AACAT,MAAAA,IAAI,CAAC,sEACH,4DADE,CAAJ;AAED,KAZyF,CAc1F;;;AACA,QAAMc,WAAW,SAASX,UAAU,CAACC,KAAX,CAAiBC,kBAAjB,EAA1B;AACA,QAAMU,IAAI,GAAGd,YAAY,CAACE,UAAD,EAAaW,WAAb,CAAzB;AACA,QAAME,MAAM,GAAGb,UAAU,CAACc,OAAX,CAAmBD,MAAlC;AACA,QAAM;AACJE,MAAAA,IADI;AAEJC,MAAAA,QAFI;AAGJC,MAAAA,WAHI;AAIJC,MAAAA,YAJI;AAKJC,MAAAA,YALI;AAMJC,MAAAA,MANI;AAOJC,MAAAA,KAPI;AAQJC,MAAAA,KARI;AASJC,MAAAA,eATI;AAUJC,MAAAA,YAVI;AAWJC,MAAAA,mBAXI;AAYJC,MAAAA;AAZI,QAaFf,WAbJ;AAcA,QAAMgB,IAAI,GAAG;AACXd,MAAAA,MADW;AAEXE,MAAAA,IAFW;AAGXC,MAAAA,QAHW;AAIXC,MAAAA,WAJW;AAKXC,MAAAA,YALW;AAMXC,MAAAA,YANW;AAOXC,MAAAA,MAPW;AAQXC,MAAAA,KARW;AASXC,MAAAA,KATW;AAUXV,MAAAA,IAVW;AAWXW,MAAAA,eAXW;AAYXC,MAAAA,YAZW;AAaXC,MAAAA,mBAbW;AAcXC,MAAAA;AAdW,KAAb;AAgBA,WAAOC,IAAP;AACD,G;;;;AAED,OAAO,SAASC,mBAAT,CAA8B5B,UAA9B,EAAoD2B,IAApD,EAA0D;AAC/D3B,EAAAA,UAAU,CAACI,kBAAX,CAA8ByB,IAA9B,CAAmCF,IAAnC;AACD;AAED,OAAO,SAASG,oBAAT,CAA+B9B,UAA/B,EAAqD;AAC1DA,EAAAA,UAAU,CAACI,kBAAX,CAA8B2B,KAA9B;AACD,C,CAED;;AACA,OAAO,SAASvB,sBAAT,CAAiCR,UAAjC,EAAuD2B,IAAvD,EAA6D;AAClE,MAAMK,IAAI,GAAG,CAAC,QAAD,EAAW,UAAX,EAAuB,aAAvB,CAAb;AACA,MAAMC,QAAQ,GAAGD,IAAI,CAACE,IAAL,CAAUC,GAAG,IAAI;AAChC,WAAOnC,UAAU,CAACc,OAAX,CAAmBqB,GAAnB,MAA4BR,IAAI,CAACQ,GAAD,CAAvC;AACD,GAFgB,CAAjB;AAGA,SAAO,CAACF,QAAR;AACD","sourcesContent":["/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuth, IdxTransactionMeta } from '../types';\nimport { warn } from '../util';\nimport { getOAuthUrls } from '../oidc';\n\n// Calculate new values\nexport async function createTransactionMeta(authClient: OktaAuth) {\n  return authClient.token.prepareTokenParams();\n}\n\nexport function transactionMetaExist(authClient: OktaAuth): boolean {\n  if (authClient.transactionManager.exists()) {\n    const existing = authClient.transactionManager.load() as IdxTransactionMeta;\n    if (isTransactionMetaValid(authClient, existing) && existing.interactionHandle) {\n      return true;\n    }\n  }\n  return false;\n}\n\nexport async function getTransactionMeta(authClient: OktaAuth): Promise<IdxTransactionMeta> {\n  // Load existing transaction meta from storage\n  if (authClient.transactionManager.exists()) {\n    const existing = authClient.transactionManager.load();\n    if (isTransactionMetaValid(authClient, existing)) {\n      return existing as IdxTransactionMeta;\n    }\n    // existing meta is not valid for this configuration\n    // this is common when changing configuration in local development environment\n    // in a production environment, this may indicate that two apps are sharing a storage key\n    warn('Saved transaction meta does not match the current configuration. ' + \n      'This may indicate that two apps are sharing a storage key.');\n  }\n\n  // Calculate new values\n  const tokenParams = await authClient.token.prepareTokenParams();\n  const urls = getOAuthUrls(authClient, tokenParams);\n  const issuer = authClient.options.issuer;\n  const {\n    pkce,\n    clientId,\n    redirectUri,\n    responseType,\n    responseMode,\n    scopes,\n    state,\n    nonce,\n    ignoreSignature,\n    codeVerifier,\n    codeChallengeMethod,\n    codeChallenge,\n  } = tokenParams;\n  const meta = {\n    issuer,\n    pkce,\n    clientId,\n    redirectUri,\n    responseType,\n    responseMode,\n    scopes,\n    state,\n    nonce,\n    urls,\n    ignoreSignature,\n    codeVerifier,\n    codeChallengeMethod,\n    codeChallenge \n  };\n  return meta;\n}\n\nexport function saveTransactionMeta (authClient: OktaAuth, meta) {\n  authClient.transactionManager.save(meta);\n}\n\nexport function clearTransactionMeta (authClient: OktaAuth) {\n  authClient.transactionManager.clear();\n}\n\n// returns true if values in meta match current authClient options\nexport function isTransactionMetaValid (authClient: OktaAuth, meta) {\n  const keys = ['issuer', 'clientId', 'redirectUri'];\n  const mismatch = keys.find(key => {\n    return authClient.options[key] !== meta[key];\n  });\n  return !mismatch;\n}\n"],"file":"transactionMeta.js"}

package/esm/idx/types/idx-js.js

@@ -1,17 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * 
- * See the License for the specific language governing permissions and limitations under the License.
- */
-// TODO: remove when idx-js provides type information
-// JSON response from the server
-export function isRawIdxResponse(obj) {
-  return obj && obj.version;
-}
-//# sourceMappingURL=idx-js.js.map

package/esm/idx/types/idx-js.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../lib/idx/types/idx-js.ts"],"names":["isRawIdxResponse","obj","version"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA;AA0EA;AAaA,OAAO,SAASA,gBAAT,CAA0BC,GAA1B,EAA2D;AAChE,SAAOA,GAAG,IAAIA,GAAG,CAACC,OAAlB;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n// TODO: remove when idx-js provides type information\n\nexport interface IdxAuthenticatorMethod {\n  type: string;\n}\nexport interface IdxAuthenticator {\n  displayName: string;\n  id: string;\n  key: string;\n  methods: IdxAuthenticatorMethod[];\n  type: string;\n  settings?: {\n    complexity?: unknown;\n    age?: unknown;\n  };\n}\n\nexport interface IdxForm {\n  value: IdxRemediationValue[];\n}\n\nexport interface IdxOption {\n  value: string | { form: IdxForm };\n  label: string;\n  relatesTo?: IdxAuthenticator;\n}\n\nexport interface IdpConfig {\n  id: string;\n  name: string;\n}\n\nexport interface IdxRemediationValue {\n  name: string;\n  type?: string;\n  required?: boolean;\n  secret?: boolean;\n  value?: string;\n  label?: string;\n  form?: IdxForm;\n  options?: IdxOption[];\n  messages?: IdxMessages;\n  minLength?: number;\n  maxLength?: number;\n}\n\nexport interface IdxRemediation {\n  name: string;\n  label?: string;\n  value?: IdxRemediationValue[];\n  relatesTo?: {\n    type?: string;\n    value: IdxAuthenticator;\n  };\n  idp?: IdpConfig;\n  href?: string;\n  method?: string;\n  type?: string;\n}\n\nexport interface IdxMessage {\n  message: string;\n  class: string;\n  i18n: {\n    key: string;\n    params?: unknown[];\n  };\n}\n\nexport interface IdxMessages {\n  type: 'array';\n  value: IdxMessage[];\n}\n\n// JSON response from the server\nexport interface RawIdxResponse {\n  version: string;\n  stateHandle: string;\n  intent?: string;\n  expiresAt?: string;\n  remediation?: {\n    type: 'array';\n    value: IdxRemediation[];\n  };\n  messages?: IdxMessages;\n}\n\nexport function isRawIdxResponse(obj: any): obj is RawIdxResponse {\n  return obj && obj.version;\n}\n\n\nexport interface IdxActions {\n  [key: string]: Function;\n}\n\n// Object returned from idx-js\nexport interface IdxResponse {\n  proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n  neededToProceed: IdxRemediation[];\n  rawIdxState: RawIdxResponse;\n  interactionCode?: string;\n  actions: IdxActions;\n  toPersist: {\n    interactionHandle?: string;\n  };\n}\n"],"file":"idx-js.js"}

package/esm/idx/types/index.js

@@ -1,34 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * 
- * See the License for the specific language governing permissions and limitations under the License.
- */
-export { IdxMessage } from './idx-js';
-export { AuthenticationOptions } from '../authenticate';
-export { RegistrationOptions } from '../register';
-export { PasswordRecoveryOptions } from '../recoverPassword';
-export { CancelOptions } from '../cancel';
-export var IdxStatus;
-
-(function (IdxStatus) {
-  IdxStatus[IdxStatus["SUCCESS"] = 0] = "SUCCESS";
-  IdxStatus[IdxStatus["PENDING"] = 1] = "PENDING";
-  IdxStatus[IdxStatus["FAILURE"] = 2] = "FAILURE";
-  IdxStatus[IdxStatus["TERMINAL"] = 3] = "TERMINAL";
-  IdxStatus[IdxStatus["CANCELED"] = 4] = "CANCELED";
-})(IdxStatus || (IdxStatus = {}));
-
-export var IdxFeature;
-
-(function (IdxFeature) {
-  IdxFeature[IdxFeature["PASSWORD_RECOVERY"] = 0] = "PASSWORD_RECOVERY";
-  IdxFeature[IdxFeature["REGISTRATION"] = 1] = "REGISTRATION";
-  IdxFeature[IdxFeature["SOCIAL_IDP"] = 2] = "SOCIAL_IDP";
-})(IdxFeature || (IdxFeature = {}));
-//# sourceMappingURL=index.js.map

package/esm/idx/types/index.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../lib/idx/types/index.ts"],"names":["IdxMessage","AuthenticationOptions","RegistrationOptions","PasswordRecoveryOptions","CancelOptions","IdxStatus","IdxFeature"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAQA,SAASA,UAAT,QAA2B,UAA3B;AACA,SAASC,qBAAT,QAAsC,iBAAtC;AACA,SAASC,mBAAT,QAAoC,aAApC;AACA,SAASC,uBAAT,QAAwC,oBAAxC;AACA,SAASC,aAAT,QAA8B,WAA9B;AAEA,WAAYC,SAAZ;;WAAYA,S;AAAAA,EAAAA,S,CAAAA,S;AAAAA,EAAAA,S,CAAAA,S;AAAAA,EAAAA,S,CAAAA,S;AAAAA,EAAAA,S,CAAAA,S;AAAAA,EAAAA,S,CAAAA,S;GAAAA,S,KAAAA,S;;AAsBZ,WAAYC,UAAZ;;WAAYA,U;AAAAA,EAAAA,U,CAAAA,U;AAAAA,EAAAA,U,CAAAA,U;AAAAA,EAAAA,U,CAAAA,U;GAAAA,U,KAAAA,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { InteractOptions } from '../interact';\nimport { APIError, Tokens } from '../../types';\nimport { IdxTransactionMeta } from '../../types/Transaction';\nimport { IdxMessage, IdxOption } from './idx-js';\n\nexport { IdxMessage } from './idx-js';\nexport { AuthenticationOptions } from '../authenticate';\nexport { RegistrationOptions } from '../register';\nexport { PasswordRecoveryOptions } from '../recoverPassword';\nexport { CancelOptions } from '../cancel';\n\nexport enum IdxStatus {\n  SUCCESS,\n  PENDING,\n  FAILURE,\n  TERMINAL,\n  CANCELED,\n}\n\ntype Input = {\n  name: string;\n  required?: boolean;\n}\n\nexport type NextStep = {\n  name: string;\n  type?: string;\n  canSkip?: boolean;\n  canResend?: boolean;\n  inputs?: Input[];\n  options?: IdxOption[];\n}\n\nexport enum IdxFeature {\n  PASSWORD_RECOVERY,\n  REGISTRATION,\n  SOCIAL_IDP,\n}\n\nexport interface IdxTransaction {\n  status: IdxStatus;\n  tokens?: Tokens;\n  nextStep?: NextStep;\n  messages?: IdxMessage[];\n  error?: APIError;\n  meta?: IdxTransactionMeta;\n  enabledFeatures?: IdxFeature[];\n  availableSteps?: NextStep[];\n}\n\nexport type IdxOptions = InteractOptions;\n\nexport type Authenticator = {\n  type: string;\n  methodType?: string;\n  phoneNumber?: string;\n};\n"],"file":"index.js"}

package/esm/oidc/decodeToken.js

@@ -1,31 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { AuthSdkError } from '../errors';
-import { base64UrlToString } from '../crypto';
-export function decodeToken(token) {
-  var jwt = token.split('.');
-  var decodedToken;
-
-  try {
-    decodedToken = {
-      header: JSON.parse(base64UrlToString(jwt[0])),
-      payload: JSON.parse(base64UrlToString(jwt[1])),
-      signature: jwt[2]
-    };
-  } catch (e) {
-    throw new AuthSdkError('Malformed token');
-  }
-
-  return decodedToken;
-}
-//# sourceMappingURL=decodeToken.js.map

package/esm/oidc/decodeToken.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../lib/oidc/decodeToken.ts"],"names":["AuthSdkError","base64UrlToString","decodeToken","token","jwt","split","decodedToken","header","JSON","parse","payload","signature","e"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,YAAT,QAA6B,WAA7B;AAEA,SAASC,iBAAT,QAAkC,WAAlC;AAEA,OAAO,SAASC,WAAT,CAAqBC,KAArB,EAA+C;AACpD,MAAIC,GAAG,GAAGD,KAAK,CAACE,KAAN,CAAY,GAAZ,CAAV;AACA,MAAIC,YAAJ;;AAEA,MAAI;AACFA,IAAAA,YAAY,GAAG;AACbC,MAAAA,MAAM,EAAEC,IAAI,CAACC,KAAL,CAAWR,iBAAiB,CAACG,GAAG,CAAC,CAAD,CAAJ,CAA5B,CADK;AAEbM,MAAAA,OAAO,EAAEF,IAAI,CAACC,KAAL,CAAWR,iBAAiB,CAACG,GAAG,CAAC,CAAD,CAAJ,CAA5B,CAFI;AAGbO,MAAAA,SAAS,EAAEP,GAAG,CAAC,CAAD;AAHD,KAAf;AAKD,GAND,CAME,OAAOQ,CAAP,EAAU;AACV,UAAM,IAAIZ,YAAJ,CAAiB,iBAAjB,CAAN;AACD;;AAED,SAAOM,YAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { JWTObject } from '../types';\nimport { base64UrlToString } from '../crypto';\n\nexport function decodeToken(token: string): JWTObject {\n  var jwt = token.split('.');\n  var decodedToken: JWTObject;\n\n  try {\n    decodedToken = {\n      header: JSON.parse(base64UrlToString(jwt[0])),\n      payload: JSON.parse(base64UrlToString(jwt[1])),\n      signature: jwt[2]\n    };\n  } catch (e) {\n    throw new AuthSdkError('Malformed token');\n  }\n\n  return decodedToken;\n}\n"],"file":"decodeToken.js"}

package/esm/oidc/endpoints/authorize.js

@@ -1,61 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * 
- * See the License for the specific language governing permissions and limitations under the License.
- */
-import { isString, removeNils, toQueryString } from '../../util';
-import { AuthSdkError } from '../../errors';
-export function convertTokenParamsToOAuthParams(tokenParams) {
-  // Quick validation
-  if (!tokenParams.clientId) {
-    throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');
-  }
-
-  if (isString(tokenParams.responseType) && tokenParams.responseType.indexOf(' ') !== -1) {
-    throw new AuthSdkError('Multiple OAuth responseTypes must be defined as an array');
-  } // Convert our params to their actual OAuth equivalents
-
-
-  var oauthParams = {
-    'client_id': tokenParams.clientId,
-    'code_challenge': tokenParams.codeChallenge,
-    'code_challenge_method': tokenParams.codeChallengeMethod,
-    'display': tokenParams.display,
-    'idp': tokenParams.idp,
-    'idp_scope': tokenParams.idpScope,
-    'login_hint': tokenParams.loginHint,
-    'max_age': tokenParams.maxAge,
-    'nonce': tokenParams.nonce,
-    'prompt': tokenParams.prompt,
-    'redirect_uri': tokenParams.redirectUri,
-    'response_mode': tokenParams.responseMode,
-    'response_type': tokenParams.responseType,
-    'sessionToken': tokenParams.sessionToken,
-    'state': tokenParams.state
-  };
-  oauthParams = removeNils(oauthParams);
-  ['idp_scope', 'response_type'].forEach(function (mayBeArray) {
-    if (Array.isArray(oauthParams[mayBeArray])) {
-      oauthParams[mayBeArray] = oauthParams[mayBeArray].join(' ');
-    }
-  });
-
-  if (tokenParams.responseType.indexOf('id_token') !== -1 && tokenParams.scopes.indexOf('openid') === -1) {
-    throw new AuthSdkError('openid scope must be specified in the scopes argument when requesting an id_token');
-  } else {
-    oauthParams.scope = tokenParams.scopes.join(' ');
-  }
-
-  return oauthParams;
-}
-export function buildAuthorizeParams(tokenParams) {
-  var oauthQueryParams = convertTokenParamsToOAuthParams(tokenParams);
-  return toQueryString(oauthQueryParams);
-}
-//# sourceMappingURL=authorize.js.map

package/esm/oidc/endpoints/authorize.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../lib/oidc/endpoints/authorize.ts"],"names":["isString","removeNils","toQueryString","AuthSdkError","convertTokenParamsToOAuthParams","tokenParams","clientId","responseType","indexOf","oauthParams","codeChallenge","codeChallengeMethod","display","idp","idpScope","loginHint","maxAge","nonce","prompt","redirectUri","responseMode","sessionToken","state","forEach","mayBeArray","Array","isArray","join","scopes","scope","buildAuthorizeParams","oauthQueryParams"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,SAASA,QAAT,EAAmBC,UAAnB,EAA+BC,aAA/B,QAAoD,YAApD;AACA,SAASC,YAAT,QAA6B,cAA7B;AAGA,OAAO,SAASC,+BAAT,CAAyCC,WAAzC,EAAmE;AACxE;AACA,MAAI,CAACA,WAAW,CAACC,QAAjB,EAA2B;AACzB,UAAM,IAAIH,YAAJ,CAAiB,yEAAjB,CAAN;AACD;;AAED,MAAIH,QAAQ,CAACK,WAAW,CAACE,YAAb,CAAR,IAAsCF,WAAW,CAACE,YAAZ,CAAyBC,OAAzB,CAAiC,GAAjC,MAA0C,CAAC,CAArF,EAAwF;AACtF,UAAM,IAAIL,YAAJ,CAAiB,0DAAjB,CAAN;AACD,GARuE,CAUxE;;;AACA,MAAIM,WAAwB,GAAG;AAC7B,iBAAaJ,WAAW,CAACC,QADI;AAE7B,sBAAkBD,WAAW,CAACK,aAFD;AAG7B,6BAAyBL,WAAW,CAACM,mBAHR;AAI7B,eAAWN,WAAW,CAACO,OAJM;AAK7B,WAAOP,WAAW,CAACQ,GALU;AAM7B,iBAAaR,WAAW,CAACS,QANI;AAO7B,kBAAcT,WAAW,CAACU,SAPG;AAQ7B,eAAWV,WAAW,CAACW,MARM;AAS7B,aAASX,WAAW,CAACY,KATQ;AAU7B,cAAUZ,WAAW,CAACa,MAVO;AAW7B,oBAAgBb,WAAW,CAACc,WAXC;AAY7B,qBAAiBd,WAAW,CAACe,YAZA;AAa7B,qBAAiBf,WAAW,CAACE,YAbA;AAc7B,oBAAgBF,WAAW,CAACgB,YAdC;AAe7B,aAAShB,WAAW,CAACiB;AAfQ,GAA/B;AAiBAb,EAAAA,WAAW,GAAGR,UAAU,CAACQ,WAAD,CAAxB;AAEA,GAAC,WAAD,EAAc,eAAd,EAA+Bc,OAA/B,CAAuC,UAAUC,UAAV,EAAsB;AAC3D,QAAIC,KAAK,CAACC,OAAN,CAAcjB,WAAW,CAACe,UAAD,CAAzB,CAAJ,EAA4C;AAC1Cf,MAAAA,WAAW,CAACe,UAAD,CAAX,GAA0Bf,WAAW,CAACe,UAAD,CAAX,CAAwBG,IAAxB,CAA6B,GAA7B,CAA1B;AACD;AACF,GAJD;;AAMA,MAAItB,WAAW,CAACE,YAAZ,CAAyBC,OAAzB,CAAiC,UAAjC,MAAiD,CAAC,CAAlD,IACFH,WAAW,CAACuB,MAAZ,CAAmBpB,OAAnB,CAA2B,QAA3B,MAAyC,CAAC,CAD5C,EAC+C;AAC7C,UAAM,IAAIL,YAAJ,CAAiB,mFAAjB,CAAN;AACD,GAHD,MAGO;AACLM,IAAAA,WAAW,CAACoB,KAAZ,GAAoBxB,WAAW,CAACuB,MAAZ,CAAmBD,IAAnB,CAAwB,GAAxB,CAApB;AACD;;AAED,SAAOlB,WAAP;AACD;AAED,OAAO,SAASqB,oBAAT,CAA8BzB,WAA9B,EAAwD;AAC7D,MAAI0B,gBAAgB,GAAG3B,+BAA+B,CAACC,WAAD,CAAtD;AACA,SAAOH,aAAa,CAAC6B,gBAAD,CAApB;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { isString, removeNils, toQueryString } from '../../util';\nimport { AuthSdkError } from '../../errors';\nimport { OAuthParams, TokenParams } from '../../types';\n\nexport function convertTokenParamsToOAuthParams(tokenParams: TokenParams) {\n  // Quick validation\n  if (!tokenParams.clientId) {\n    throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');\n  }\n\n  if (isString(tokenParams.responseType) && tokenParams.responseType.indexOf(' ') !== -1) {\n    throw new AuthSdkError('Multiple OAuth responseTypes must be defined as an array');\n  }\n\n  // Convert our params to their actual OAuth equivalents\n  var oauthParams: OAuthParams = {\n    'client_id': tokenParams.clientId,\n    'code_challenge': tokenParams.codeChallenge,\n    'code_challenge_method': tokenParams.codeChallengeMethod,\n    'display': tokenParams.display,\n    'idp': tokenParams.idp,\n    'idp_scope': tokenParams.idpScope,\n    'login_hint': tokenParams.loginHint,\n    'max_age': tokenParams.maxAge,\n    'nonce': tokenParams.nonce,\n    'prompt': tokenParams.prompt,\n    'redirect_uri': tokenParams.redirectUri,\n    'response_mode': tokenParams.responseMode,\n    'response_type': tokenParams.responseType,\n    'sessionToken': tokenParams.sessionToken,\n    'state': tokenParams.state,\n  };\n  oauthParams = removeNils(oauthParams) as OAuthParams;\n\n  ['idp_scope', 'response_type'].forEach(function (mayBeArray) {\n    if (Array.isArray(oauthParams[mayBeArray])) {\n      oauthParams[mayBeArray] = oauthParams[mayBeArray].join(' ');\n    }\n  });\n\n  if (tokenParams.responseType.indexOf('id_token') !== -1 &&\n    tokenParams.scopes.indexOf('openid') === -1) {\n    throw new AuthSdkError('openid scope must be specified in the scopes argument when requesting an id_token');\n  } else {\n    oauthParams.scope = tokenParams.scopes.join(' ');\n  }\n\n  return oauthParams;\n}\n\nexport function buildAuthorizeParams(tokenParams: TokenParams) {\n  var oauthQueryParams = convertTokenParamsToOAuthParams(tokenParams);\n  return toQueryString(oauthQueryParams);\n}\n"],"file":"authorize.js"}

package/esm/oidc/endpoints/index.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../lib/oidc/endpoints/index.ts"],"names":[],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,cAAc,aAAd;AACA,cAAc,SAAd;AACA,cAAc,cAAd","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './authorize';\nexport * from './token';\nexport * from './well-known';\n"],"file":"index.js"}

package/esm/oidc/endpoints/token.js

@@ -1,97 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * 
- * See the License for the specific language governing permissions and limitations under the License.
- */
-import { AuthSdkError } from '../../errors';
-import { removeNils, toQueryString } from '../../util';
-import { httpRequest } from '../../http';
-
-function validateOptions(options) {
-  // Quick validation
-  if (!options.clientId) {
-    throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');
-  }
-
-  if (!options.redirectUri) {
-    throw new AuthSdkError('The redirectUri passed to /authorize must also be passed to /token');
-  }
-
-  if (!options.authorizationCode && !options.interactionCode) {
-    throw new AuthSdkError('An authorization code (returned from /authorize) must be passed to /token');
-  }
-
-  if (!options.codeVerifier) {
-    throw new AuthSdkError('The "codeVerifier" (generated and saved by your app) must be passed to /token');
-  }
-}
-
-function getPostData(sdk, options) {
-  // Convert Token params to OAuth params, sent to the /token endpoint
-  var params = removeNils({
-    'client_id': options.clientId,
-    'redirect_uri': options.redirectUri,
-    'grant_type': options.interactionCode ? 'interaction_code' : 'authorization_code',
-    'code_verifier': options.codeVerifier
-  });
-
-  if (options.interactionCode) {
-    params['interaction_code'] = options.interactionCode;
-  } else if (options.authorizationCode) {
-    params.code = options.authorizationCode;
-  }
-
-  var {
-    clientSecret
-  } = sdk.options;
-
-  if (clientSecret) {
-    params['client_secret'] = clientSecret;
-  } // Encode as URL string
-
-
-  return toQueryString(params).slice(1);
-} // exchange authorization code for an access token
-
-
-export function postToTokenEndpoint(sdk, options, urls) {
-  validateOptions(options);
-  var data = getPostData(sdk, options);
-  var headers = {
-    'Content-Type': 'application/x-www-form-urlencoded'
-  };
-  return httpRequest(sdk, {
-    url: urls.tokenUrl,
-    method: 'POST',
-    args: data,
-    headers
-  });
-}
-export function postRefreshToken(sdk, options, refreshToken) {
-  return httpRequest(sdk, {
-    url: refreshToken.tokenUrl,
-    method: 'POST',
-    headers: {
-      'Content-Type': 'application/x-www-form-urlencoded'
-    },
-    args: Object.entries({
-      client_id: options.clientId,
-      // eslint-disable-line camelcase
-      grant_type: 'refresh_token',
-      // eslint-disable-line camelcase
-      scope: refreshToken.scopes.join(' '),
-      refresh_token: refreshToken.refreshToken // eslint-disable-line camelcase
-
-    }).map(function (_ref) {
-      var [name, value] = _ref;
-      return name + '=' + encodeURIComponent(value);
-    }).join('&')
-  });
-}
-//# sourceMappingURL=token.js.map

package/esm/oidc/endpoints/token.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../lib/oidc/endpoints/token.ts"],"names":["AuthSdkError","removeNils","toQueryString","httpRequest","validateOptions","options","clientId","redirectUri","authorizationCode","interactionCode","codeVerifier","getPostData","sdk","params","code","clientSecret","slice","postToTokenEndpoint","urls","data","headers","url","tokenUrl","method","args","postRefreshToken","refreshToken","Object","entries","client_id","grant_type","scope","scopes","join","refresh_token","map","name","value","encodeURIComponent"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,SAASA,YAAT,QAA6B,cAA7B;AAEA,SAASC,UAAT,EAAqBC,aAArB,QAA0C,YAA1C;AACA,SAASC,WAAT,QAA4B,YAA5B;;AAEA,SAASC,eAAT,CAAyBC,OAAzB,EAA+C;AAC7C;AACA,MAAI,CAACA,OAAO,CAACC,QAAb,EAAuB;AACrB,UAAM,IAAIN,YAAJ,CAAiB,yEAAjB,CAAN;AACD;;AAED,MAAI,CAACK,OAAO,CAACE,WAAb,EAA0B;AACxB,UAAM,IAAIP,YAAJ,CAAiB,oEAAjB,CAAN;AACD;;AAED,MAAI,CAACK,OAAO,CAACG,iBAAT,IAA8B,CAACH,OAAO,CAACI,eAA3C,EAA4D;AAC1D,UAAM,IAAIT,YAAJ,CAAiB,2EAAjB,CAAN;AACD;;AAED,MAAI,CAACK,OAAO,CAACK,YAAb,EAA2B;AACzB,UAAM,IAAIV,YAAJ,CAAiB,+EAAjB,CAAN;AACD;AACF;;AAED,SAASW,WAAT,CAAqBC,GAArB,EAA0BP,OAA1B,EAAwD;AACtD;AACA,MAAIQ,MAAmB,GAAGZ,UAAU,CAAC;AACnC,iBAAaI,OAAO,CAACC,QADc;AAEnC,oBAAgBD,OAAO,CAACE,WAFW;AAGnC,kBAAcF,OAAO,CAACI,eAAR,GAA0B,kBAA1B,GAA+C,oBAH1B;AAInC,qBAAiBJ,OAAO,CAACK;AAJU,GAAD,CAApC;;AAOA,MAAIL,OAAO,CAACI,eAAZ,EAA6B;AAC3BI,IAAAA,MAAM,CAAC,kBAAD,CAAN,GAA6BR,OAAO,CAACI,eAArC;AACD,GAFD,MAEO,IAAIJ,OAAO,CAACG,iBAAZ,EAA+B;AACpCK,IAAAA,MAAM,CAACC,IAAP,GAAcT,OAAO,CAACG,iBAAtB;AACD;;AAED,MAAM;AAAEO,IAAAA;AAAF,MAAmBH,GAAG,CAACP,OAA7B;;AACA,MAAIU,YAAJ,EAAkB;AAChBF,IAAAA,MAAM,CAAC,eAAD,CAAN,GAA0BE,YAA1B;AACD,GAlBqD,CAoBtD;;;AACA,SAAOb,aAAa,CAACW,MAAD,CAAb,CAAsBG,KAAtB,CAA4B,CAA5B,CAAP;AACD,C,CAED;;;AACA,OAAO,SAASC,mBAAT,CAA6BL,GAA7B,EAAkCP,OAAlC,EAAwDa,IAAxD,EAAkG;AACvGd,EAAAA,eAAe,CAACC,OAAD,CAAf;AACA,MAAIc,IAAI,GAAGR,WAAW,CAACC,GAAD,EAAMP,OAAN,CAAtB;AAEA,MAAMe,OAAO,GAAG;AACd,oBAAgB;AADF,GAAhB;AAIA,SAAOjB,WAAW,CAACS,GAAD,EAAM;AACtBS,IAAAA,GAAG,EAAEH,IAAI,CAACI,QADY;AAEtBC,IAAAA,MAAM,EAAE,MAFc;AAGtBC,IAAAA,IAAI,EAAEL,IAHgB;AAItBC,IAAAA;AAJsB,GAAN,CAAlB;AAMD;AAED,OAAO,SAASK,gBAAT,CAA0Bb,GAA1B,EAA+BP,OAA/B,EAAqDqB,YAArD,EAAyG;AAC9G,SAAOvB,WAAW,CAACS,GAAD,EAAM;AACtBS,IAAAA,GAAG,EAAEK,YAAY,CAACJ,QADI;AAEtBC,IAAAA,MAAM,EAAE,MAFc;AAGtBH,IAAAA,OAAO,EAAE;AACP,sBAAgB;AADT,KAHa;AAOtBI,IAAAA,IAAI,EAAEG,MAAM,CAACC,OAAP,CAAe;AACnBC,MAAAA,SAAS,EAAExB,OAAO,CAACC,QADA;AACU;AAC7BwB,MAAAA,UAAU,EAAE,eAFO;AAEU;AAC7BC,MAAAA,KAAK,EAAEL,YAAY,CAACM,MAAb,CAAoBC,IAApB,CAAyB,GAAzB,CAHY;AAInBC,MAAAA,aAAa,EAAER,YAAY,CAACA,YAJT,CAIuB;;AAJvB,KAAf,EAKHS,GALG,CAKC,gBAAyB;AAAA,UAAf,CAACC,IAAD,EAAOC,KAAP,CAAe;AAC9B,aAAOD,IAAI,GAAG,GAAP,GAAaE,kBAAkB,CAACD,KAAD,CAAtC;AACD,KAPK,EAOHJ,IAPG,CAOE,GAPF;AAPgB,GAAN,CAAlB;AAgBD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../../errors';\nimport { CustomUrls, OAuthParams, OAuthResponse, RefreshToken, TokenParams } from '../../types';\nimport { removeNils, toQueryString } from '../../util';\nimport { httpRequest } from '../../http';\n\nfunction validateOptions(options: TokenParams) {\n  // Quick validation\n  if (!options.clientId) {\n    throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');\n  }\n\n  if (!options.redirectUri) {\n    throw new AuthSdkError('The redirectUri passed to /authorize must also be passed to /token');\n  }\n\n  if (!options.authorizationCode && !options.interactionCode) {\n    throw new AuthSdkError('An authorization code (returned from /authorize) must be passed to /token');\n  }\n\n  if (!options.codeVerifier) {\n    throw new AuthSdkError('The \"codeVerifier\" (generated and saved by your app) must be passed to /token');\n  }\n}\n\nfunction getPostData(sdk, options: TokenParams): string {\n  // Convert Token params to OAuth params, sent to the /token endpoint\n  var params: OAuthParams = removeNils({\n    'client_id': options.clientId,\n    'redirect_uri': options.redirectUri,\n    'grant_type': options.interactionCode ? 'interaction_code' : 'authorization_code',\n    'code_verifier': options.codeVerifier\n  });\n\n  if (options.interactionCode) {\n    params['interaction_code'] = options.interactionCode;\n  } else if (options.authorizationCode) {\n    params.code = options.authorizationCode;\n  }\n\n  const { clientSecret } = sdk.options;\n  if (clientSecret) {\n    params['client_secret'] = clientSecret;\n  }\n\n  // Encode as URL string\n  return toQueryString(params).slice(1);\n}\n\n// exchange authorization code for an access token\nexport function postToTokenEndpoint(sdk, options: TokenParams, urls: CustomUrls): Promise<OAuthResponse> {\n  validateOptions(options);\n  var data = getPostData(sdk, options);\n\n  const headers = {\n    'Content-Type': 'application/x-www-form-urlencoded'\n  };\n\n  return httpRequest(sdk, {\n    url: urls.tokenUrl,\n    method: 'POST',\n    args: data,\n    headers\n  });\n}\n\nexport function postRefreshToken(sdk, options: TokenParams, refreshToken: RefreshToken): Promise<OAuthResponse> {\n  return httpRequest(sdk, {\n    url: refreshToken.tokenUrl,\n    method: 'POST',\n    headers: {\n      'Content-Type': 'application/x-www-form-urlencoded',\n    },\n\n    args: Object.entries({\n      client_id: options.clientId, // eslint-disable-line camelcase\n      grant_type: 'refresh_token', // eslint-disable-line camelcase\n      scope: refreshToken.scopes.join(' '),\n      refresh_token: refreshToken.refreshToken, // eslint-disable-line camelcase\n    }).map(function ([name, value]) {\n      return name + '=' + encodeURIComponent(value);\n    }).join('&'),\n  });\n}"],"file":"token.js"}

package/esm/oidc/endpoints/well-known.js

@@ -1,58 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { get } from '../../http';
-import { find } from '../../util';
-import AuthSdkError from '../../errors/AuthSdkError';
-export function getWellKnown(sdk, issuer) {
-  var authServerUri = issuer || sdk.options.issuer;
-  return get(sdk, authServerUri + '/.well-known/openid-configuration', {
-    cacheResponse: true
-  });
-}
-export function getKey(sdk, issuer, kid) {
-  var httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);
-  return getWellKnown(sdk, issuer).then(function (wellKnown) {
-    var jwksUri = wellKnown['jwks_uri']; // Check our kid against the cached version (if it exists and isn't expired)
-
-    var cacheContents = httpCache.getStorage();
-    var cachedResponse = cacheContents[jwksUri];
-
-    if (cachedResponse && Date.now() / 1000 < cachedResponse.expiresAt) {
-      var cachedKey = find(cachedResponse.response.keys, {
-        kid: kid
-      });
-
-      if (cachedKey) {
-        return cachedKey;
-      }
-    } // Remove cache for the key
-
-
-    httpCache.clearStorage(jwksUri); // Pull the latest keys if the key wasn't in the cache
-
-    return get(sdk, jwksUri, {
-      cacheResponse: true
-    }).then(function (res) {
-      var key = find(res.keys, {
-        kid: kid
-      });
-
-      if (key) {
-        return key;
-      }
-
-      throw new AuthSdkError('The key id, ' + kid + ', was not found in the server\'s keys');
-    });
-  });
-}
-//# sourceMappingURL=well-known.js.map

package/esm/oidc/endpoints/well-known.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../lib/oidc/endpoints/well-known.ts"],"names":["get","find","AuthSdkError","getWellKnown","sdk","issuer","authServerUri","options","cacheResponse","getKey","kid","httpCache","storageManager","getHttpCache","cookies","then","wellKnown","jwksUri","cacheContents","getStorage","cachedResponse","Date","now","expiresAt","cachedKey","response","keys","clearStorage","res","key"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,GAAT,QAAoB,YAApB;AACA,SAASC,IAAT,QAAqB,YAArB;AAEA,OAAOC,YAAP,MAAyB,2BAAzB;AAEA,OAAO,SAASC,YAAT,CAAsBC,GAAtB,EAAqCC,MAArC,EAAkF;AACvF,MAAIC,aAAa,GAAID,MAAM,IAAID,GAAG,CAACG,OAAJ,CAAYF,MAA3C;AACA,SAAOL,GAAG,CAACI,GAAD,EAAME,aAAa,GAAG,mCAAtB,EAA2D;AACnEE,IAAAA,aAAa,EAAE;AADoD,GAA3D,CAAV;AAGD;AAED,OAAO,SAASC,MAAT,CAAgBL,GAAhB,EAA+BC,MAA/B,EAA+CK,GAA/C,EAA6E;AAClF,MAAIC,SAAS,GAAGP,GAAG,CAACQ,cAAJ,CAAmBC,YAAnB,CAAgCT,GAAG,CAACG,OAAJ,CAAYO,OAA5C,CAAhB;AAEA,SAAOX,YAAY,CAACC,GAAD,EAAMC,MAAN,CAAZ,CACNU,IADM,CACD,UAASC,SAAT,EAAoB;AACxB,QAAIC,OAAO,GAAGD,SAAS,CAAC,UAAD,CAAvB,CADwB,CAGxB;;AACA,QAAIE,aAAa,GAAGP,SAAS,CAACQ,UAAV,EAApB;AACA,QAAIC,cAAc,GAAGF,aAAa,CAACD,OAAD,CAAlC;;AACA,QAAIG,cAAc,IAAIC,IAAI,CAACC,GAAL,KAAW,IAAX,GAAkBF,cAAc,CAACG,SAAvD,EAAkE;AAChE,UAAIC,SAAS,GAAGvB,IAAI,CAACmB,cAAc,CAACK,QAAf,CAAwBC,IAAzB,EAA+B;AACjDhB,QAAAA,GAAG,EAAEA;AAD4C,OAA/B,CAApB;;AAIA,UAAIc,SAAJ,EAAe;AACb,eAAOA,SAAP;AACD;AACF,KAduB,CAgBxB;;;AACAb,IAAAA,SAAS,CAACgB,YAAV,CAAuBV,OAAvB,EAjBwB,CAmBxB;;AACA,WAAOjB,GAAG,CAACI,GAAD,EAAMa,OAAN,EAAe;AACvBT,MAAAA,aAAa,EAAE;AADQ,KAAf,CAAH,CAGNO,IAHM,CAGD,UAASa,GAAT,EAAc;AAClB,UAAIC,GAAG,GAAG5B,IAAI,CAAC2B,GAAG,CAACF,IAAL,EAAW;AACvBhB,QAAAA,GAAG,EAAEA;AADkB,OAAX,CAAd;;AAIA,UAAImB,GAAJ,EAAS;AACP,eAAOA,GAAP;AACD;;AAED,YAAM,IAAI3B,YAAJ,CAAiB,iBAAiBQ,GAAjB,GAAuB,uCAAxC,CAAN;AACD,KAbM,CAAP;AAcD,GAnCM,CAAP;AAoCD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { get } from '../../http';\nimport { find } from '../../util';\nimport { OktaAuth, WellKnownResponse } from '../../types';\nimport AuthSdkError from '../../errors/AuthSdkError';\n\nexport function getWellKnown(sdk: OktaAuth, issuer?: string): Promise<WellKnownResponse> {\n  var authServerUri = (issuer || sdk.options.issuer);\n  return get(sdk, authServerUri + '/.well-known/openid-configuration', {\n    cacheResponse: true\n  });\n}\n\nexport function getKey(sdk: OktaAuth, issuer: string, kid: string): Promise<string> {\n  var httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);\n\n  return getWellKnown(sdk, issuer)\n  .then(function(wellKnown) {\n    var jwksUri = wellKnown['jwks_uri'];\n\n    // Check our kid against the cached version (if it exists and isn't expired)\n    var cacheContents = httpCache.getStorage();\n    var cachedResponse = cacheContents[jwksUri];\n    if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n      var cachedKey = find(cachedResponse.response.keys, {\n        kid: kid\n      });\n\n      if (cachedKey) {\n        return cachedKey;\n      }\n    }\n\n    // Remove cache for the key\n    httpCache.clearStorage(jwksUri);\n\n    // Pull the latest keys if the key wasn't in the cache\n    return get(sdk, jwksUri, {\n      cacheResponse: true\n    })\n    .then(function(res) {\n      var key = find(res.keys, {\n        kid: kid\n      });\n\n      if (key) {\n        return key;\n      }\n\n      throw new AuthSdkError('The key id, ' + kid + ', was not found in the server\\'s keys');\n    });\n  });\n}\n"],"file":"well-known.js"}

package/esm/oidc/exchangeCodeForTokens.js

@@ -1,69 +0,0 @@
-/* eslint-disable max-len */
-
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { getOAuthUrls } from '../oidc';
-import { getDefaultTokenParams } from './util';
-import { clone } from '../util';
-import { postToTokenEndpoint } from './endpoints/token';
-import { handleOAuthResponse } from './handleOAuthResponse'; // codeVerifier is required. May pass either an authorizationCode or interactionCode
-
-export function exchangeCodeForTokens(sdk, tokenParams, urls) {
-  urls = urls || getOAuthUrls(sdk, tokenParams); // build params using defaults + options
-
-  tokenParams = Object.assign({}, getDefaultTokenParams(sdk), clone(tokenParams));
-  var {
-    authorizationCode,
-    interactionCode,
-    codeVerifier,
-    clientId,
-    redirectUri,
-    scopes,
-    ignoreSignature,
-    state
-  } = tokenParams;
-  var getTokenOptions = {
-    clientId,
-    redirectUri,
-    authorizationCode,
-    interactionCode,
-    codeVerifier
-  };
-  return postToTokenEndpoint(sdk, getTokenOptions, urls).then(response => {
-    // `handleOAuthResponse` hanadles responses from both `/authorize` and `/token` endpoints
-    // Here we modify the response from `/token` so that it more closely matches a response from `/authorize`
-    // `responseType` is used to validate that the expected tokens were returned
-    var responseType = ['token']; // an accessToken will always be returned
-
-    if (scopes.indexOf('openid') !== -1) {
-      responseType.push('id_token'); // an idToken will be returned if "openid" is in the scopes
-    }
-
-    var handleResponseOptions = {
-      clientId,
-      redirectUri,
-      scopes,
-      responseType,
-      ignoreSignature
-    };
-    return handleOAuthResponse(sdk, handleResponseOptions, response, urls).then(response => {
-      // For compatibility, "code" is returned in the TokenResponse. OKTA-326091
-      response.code = authorizationCode;
-      response.state = state;
-      return response;
-    });
-  }).finally(() => {
-    sdk.transactionManager.clear();
-  });
-}
-//# sourceMappingURL=exchangeCodeForTokens.js.map

package/esm/oidc/exchangeCodeForTokens.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../lib/oidc/exchangeCodeForTokens.ts"],"names":["getOAuthUrls","getDefaultTokenParams","clone","postToTokenEndpoint","handleOAuthResponse","exchangeCodeForTokens","sdk","tokenParams","urls","Object","assign","authorizationCode","interactionCode","codeVerifier","clientId","redirectUri","scopes","ignoreSignature","state","getTokenOptions","then","response","responseType","indexOf","push","handleResponseOptions","code","finally","transactionManager","clear"],"mappings":"AAAA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,YAAT,QAA6B,SAA7B;AAEA,SAASC,qBAAT,QAAsC,QAAtC;AACA,SAASC,KAAT,QAAsB,SAAtB;AACA,SAASC,mBAAT,QAAoC,mBAApC;AACA,SAASC,mBAAT,QAAoC,uBAApC,C,CAEA;;AACA,OAAO,SAASC,qBAAT,CAA+BC,GAA/B,EAA8CC,WAA9C,EAAwEC,IAAxE,EAAmH;AACxHA,EAAAA,IAAI,GAAGA,IAAI,IAAIR,YAAY,CAACM,GAAD,EAAMC,WAAN,CAA3B,CADwH,CAExH;;AACAA,EAAAA,WAAW,GAAGE,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBT,qBAAqB,CAACK,GAAD,CAAvC,EAA8CJ,KAAK,CAACK,WAAD,CAAnD,CAAd;AAEA,MAAM;AACJI,IAAAA,iBADI;AAEJC,IAAAA,eAFI;AAGJC,IAAAA,YAHI;AAIJC,IAAAA,QAJI;AAKJC,IAAAA,WALI;AAMJC,IAAAA,MANI;AAOJC,IAAAA,eAPI;AAQJC,IAAAA;AARI,MASFX,WATJ;AAWA,MAAIY,eAAe,GAAG;AACpBL,IAAAA,QADoB;AAEpBC,IAAAA,WAFoB;AAGpBJ,IAAAA,iBAHoB;AAIpBC,IAAAA,eAJoB;AAKpBC,IAAAA;AALoB,GAAtB;AAQA,SAAOV,mBAAmB,CAACG,GAAD,EAAMa,eAAN,EAAuBX,IAAvB,CAAnB,CACJY,IADI,CACEC,QAAD,IAA6B;AAEjC;AACA;AACA;AACA,QAAMC,YAAY,GAAG,CAAC,OAAD,CAArB,CALiC,CAKD;;AAChC,QAAIN,MAAM,CAACO,OAAP,CAAe,QAAf,MAA6B,CAAC,CAAlC,EAAqC;AACnCD,MAAAA,YAAY,CAACE,IAAb,CAAkB,UAAlB,EADmC,CACJ;AAChC;;AACD,QAAMC,qBAAkC,GAAG;AACzCX,MAAAA,QADyC;AAEzCC,MAAAA,WAFyC;AAGzCC,MAAAA,MAHyC;AAIzCM,MAAAA,YAJyC;AAKzCL,MAAAA;AALyC,KAA3C;AAOA,WAAOb,mBAAmB,CAACE,GAAD,EAAMmB,qBAAN,EAA6BJ,QAA7B,EAAuCb,IAAvC,CAAnB,CACJY,IADI,CACEC,QAAD,IAA6B;AACjC;AACAA,MAAAA,QAAQ,CAACK,IAAT,GAAgBf,iBAAhB;AACAU,MAAAA,QAAQ,CAACH,KAAT,GAAiBA,KAAjB;AACA,aAAOG,QAAP;AACD,KANI,CAAP;AAOD,GAxBI,EAyBJM,OAzBI,CAyBI,MAAM;AACbrB,IAAAA,GAAG,CAACsB,kBAAJ,CAAuBC,KAAvB;AACD,GA3BI,CAAP;AA4BD","sourcesContent":["/* eslint-disable max-len */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getOAuthUrls } from '../oidc';\nimport { CustomUrls, OAuthResponse, OktaAuth, TokenParams, TokenResponse } from '../types';\nimport { getDefaultTokenParams } from './util';\nimport { clone } from '../util';\nimport { postToTokenEndpoint } from './endpoints/token';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n\n// codeVerifier is required. May pass either an authorizationCode or interactionCode\nexport function exchangeCodeForTokens(sdk: OktaAuth, tokenParams: TokenParams, urls?: CustomUrls): Promise<TokenResponse> {\n  urls = urls || getOAuthUrls(sdk, tokenParams);\n  // build params using defaults + options\n  tokenParams = Object.assign({}, getDefaultTokenParams(sdk), clone(tokenParams));\n\n  const {\n    authorizationCode,\n    interactionCode,\n    codeVerifier,\n    clientId,\n    redirectUri,\n    scopes,\n    ignoreSignature,\n    state\n  } = tokenParams;\n\n  var getTokenOptions = {\n    clientId,\n    redirectUri,\n    authorizationCode,\n    interactionCode,\n    codeVerifier,\n  };\n\n  return postToTokenEndpoint(sdk, getTokenOptions, urls)\n    .then((response: OAuthResponse) => {\n\n      // `handleOAuthResponse` hanadles responses from both `/authorize` and `/token` endpoints\n      // Here we modify the response from `/token` so that it more closely matches a response from `/authorize`\n      // `responseType` is used to validate that the expected tokens were returned\n      const responseType = ['token']; // an accessToken will always be returned\n      if (scopes.indexOf('openid') !== -1) {\n        responseType.push('id_token'); // an idToken will be returned if \"openid\" is in the scopes\n      }\n      const handleResponseOptions: TokenParams = {\n        clientId,\n        redirectUri,\n        scopes,\n        responseType,\n        ignoreSignature,\n      };\n      return handleOAuthResponse(sdk, handleResponseOptions, response, urls)\n        .then((response: TokenResponse) => {\n          // For compatibility, \"code\" is returned in the TokenResponse. OKTA-326091\n          response.code = authorizationCode;\n          response.state = state;\n          return response;\n        });\n    })\n    .finally(() => {\n      sdk.transactionManager.clear();\n    });\n}"],"file":"exchangeCodeForTokens.js"}