@okta/okta-auth-js 5.5.0 → 5.9.0

package/esm/oidc/index.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../lib/oidc/index.ts"],"names":["decodeToken","revokeToken","renewToken","renewTokensWithRefresh","renewTokens","verifyToken","getUserInfo","handleOAuthResponse","exchangeCodeForTokens","getToken","getWithoutPrompt","getWithPopup","getWithRedirect","parseFromUrl"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,cAAc,aAAd;AACA,cAAc,QAAd;AAEA,SAASA,WAAT,QAA4B,eAA5B;AACA,SAASC,WAAT,QAA4B,eAA5B;AACA,SAASC,UAAT,QAA2B,cAA3B;AACA,SAASC,sBAAT,QAAuC,0BAAvC;AACA,SAASC,WAAT,QAA4B,eAA5B;AACA,SAASC,WAAT,QAA4B,eAA5B;AACA,SAASC,WAAT,QAA4B,eAA5B;AACA,SAASC,mBAAT,QAAoC,uBAApC;AACA,SAASC,qBAAT,QAAsC,yBAAtC;AACA,SAASC,QAAT,QAAyB,YAAzB;AACA,SAASC,gBAAT,QAAiC,oBAAjC;AACA,SAASC,YAAT,QAA6B,gBAA7B;AACA,SAASC,eAAT,QAAgC,mBAAhC;AACA,SAASC,YAAT,QAA6B,gBAA7B","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nexport * from './endpoints';\nexport * from './util';\n\nexport { decodeToken } from './decodeToken';\nexport { revokeToken } from './revokeToken';\nexport { renewToken } from './renewToken';\nexport { renewTokensWithRefresh } from './renewTokensWithRefresh';\nexport { renewTokens } from './renewTokens';\nexport { verifyToken } from './verifyToken';\nexport { getUserInfo } from './getUserInfo';\nexport { handleOAuthResponse } from './handleOAuthResponse';\nexport { exchangeCodeForTokens } from './exchangeCodeForTokens';\nexport { getToken } from './getToken';\nexport { getWithoutPrompt } from './getWithoutPrompt';\nexport { getWithPopup } from './getWithPopup';\nexport { getWithRedirect } from './getWithRedirect';\nexport { parseFromUrl } from './parseFromUrl';\n"],"file":"index.js"}

package/esm/oidc/parseFromUrl.js

@@ -1,102 +0,0 @@
-/* eslint-disable complexity */
-
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { AuthSdkError } from '../errors';
-import { isInteractionRequiredError, urlParamsToObject } from './util';
-import { isString } from '../util';
-import { handleOAuthResponse } from './handleOAuthResponse';
-
-function removeHash(sdk) {
-  var nativeHistory = sdk.token.parseFromUrl._getHistory();
-
-  var nativeDoc = sdk.token.parseFromUrl._getDocument();
-
-  var nativeLoc = sdk.token.parseFromUrl._getLocation();
-
-  if (nativeHistory && nativeHistory.replaceState) {
-    nativeHistory.replaceState(null, nativeDoc.title, nativeLoc.pathname + nativeLoc.search);
-  } else {
-    nativeLoc.hash = '';
-  }
-}
-
-function removeSearch(sdk) {
-  var nativeHistory = sdk.token.parseFromUrl._getHistory();
-
-  var nativeDoc = sdk.token.parseFromUrl._getDocument();
-
-  var nativeLoc = sdk.token.parseFromUrl._getLocation();
-
-  if (nativeHistory && nativeHistory.replaceState) {
-    nativeHistory.replaceState(null, nativeDoc.title, nativeLoc.pathname + nativeLoc.hash);
-  } else {
-    nativeLoc.search = '';
-  }
-}
-
-export function parseFromUrl(sdk, options) {
-  options = options || {};
-
-  if (isString(options)) {
-    options = {
-      url: options
-    };
-  } else {
-    options = options;
-  } // https://openid.net/specs/openid-connect-core-1_0.html#Authentication
-
-
-  var defaultResponseMode = sdk.options.pkce ? 'query' : 'fragment';
-  var url = options.url;
-  var responseMode = options.responseMode || sdk.options.responseMode || defaultResponseMode;
-
-  var nativeLoc = sdk.token.parseFromUrl._getLocation();
-
-  var paramStr;
-
-  if (responseMode === 'query') {
-    paramStr = url ? url.substring(url.indexOf('?')) : nativeLoc.search;
-  } else {
-    paramStr = url ? url.substring(url.indexOf('#')) : nativeLoc.hash;
-  }
-
-  if (!paramStr) {
-    return Promise.reject(new AuthSdkError('Unable to parse a token from the url'));
-  }
-
-  var oauthParams = sdk.transactionManager.load({
-    oauth: true,
-    pkce: sdk.options.pkce
-  });
-  var urls = oauthParams.urls;
-  delete oauthParams.urls;
-  return Promise.resolve(urlParamsToObject(paramStr)).then(function (res) {
-    if (!url) {
-      // Clean hash or search from the url
-      responseMode === 'query' ? removeSearch(sdk) : removeHash(sdk);
-    }
-
-    return handleOAuthResponse(sdk, oauthParams, res, urls).catch(err => {
-      if (!isInteractionRequiredError(err)) {
-        sdk.transactionManager.clear();
-      }
-
-      throw err;
-    }).then(res => {
-      sdk.transactionManager.clear();
-      return res;
-    });
-  });
-}
-//# sourceMappingURL=parseFromUrl.js.map

package/esm/oidc/parseFromUrl.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../lib/oidc/parseFromUrl.ts"],"names":["AuthSdkError","isInteractionRequiredError","urlParamsToObject","isString","handleOAuthResponse","removeHash","sdk","nativeHistory","token","parseFromUrl","_getHistory","nativeDoc","_getDocument","nativeLoc","_getLocation","replaceState","title","pathname","search","hash","removeSearch","options","url","defaultResponseMode","pkce","responseMode","paramStr","substring","indexOf","Promise","reject","oauthParams","transactionManager","load","oauth","urls","resolve","then","res","catch","err","clear"],"mappings":"AAAA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,YAAT,QAA6B,WAA7B;AACA,SAASC,0BAAT,EAAqCC,iBAArC,QAA8D,QAA9D;AAEA,SAASC,QAAT,QAAyB,SAAzB;AACA,SAASC,mBAAT,QAAoC,uBAApC;;AAEA,SAASC,UAAT,CAAoBC,GAApB,EAAyB;AACvB,MAAIC,aAAa,GAAGD,GAAG,CAACE,KAAJ,CAAUC,YAAV,CAAuBC,WAAvB,EAApB;;AACA,MAAIC,SAAS,GAAGL,GAAG,CAACE,KAAJ,CAAUC,YAAV,CAAuBG,YAAvB,EAAhB;;AACA,MAAIC,SAAS,GAAGP,GAAG,CAACE,KAAJ,CAAUC,YAAV,CAAuBK,YAAvB,EAAhB;;AACA,MAAIP,aAAa,IAAIA,aAAa,CAACQ,YAAnC,EAAiD;AAC/CR,IAAAA,aAAa,CAACQ,YAAd,CAA2B,IAA3B,EAAiCJ,SAAS,CAACK,KAA3C,EAAkDH,SAAS,CAACI,QAAV,GAAqBJ,SAAS,CAACK,MAAjF;AACD,GAFD,MAEO;AACLL,IAAAA,SAAS,CAACM,IAAV,GAAiB,EAAjB;AACD;AACF;;AAED,SAASC,YAAT,CAAsBd,GAAtB,EAA2B;AACzB,MAAIC,aAAa,GAAGD,GAAG,CAACE,KAAJ,CAAUC,YAAV,CAAuBC,WAAvB,EAApB;;AACA,MAAIC,SAAS,GAAGL,GAAG,CAACE,KAAJ,CAAUC,YAAV,CAAuBG,YAAvB,EAAhB;;AACA,MAAIC,SAAS,GAAGP,GAAG,CAACE,KAAJ,CAAUC,YAAV,CAAuBK,YAAvB,EAAhB;;AACA,MAAIP,aAAa,IAAIA,aAAa,CAACQ,YAAnC,EAAiD;AAC/CR,IAAAA,aAAa,CAACQ,YAAd,CAA2B,IAA3B,EAAiCJ,SAAS,CAACK,KAA3C,EAAkDH,SAAS,CAACI,QAAV,GAAqBJ,SAAS,CAACM,IAAjF;AACD,GAFD,MAEO;AACLN,IAAAA,SAAS,CAACK,MAAV,GAAmB,EAAnB;AACD;AACF;;AAGD,OAAO,SAAST,YAAT,CAAsBH,GAAtB,EAA2Be,OAA3B,EAA0F;AAC/FA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;;AACA,MAAIlB,QAAQ,CAACkB,OAAD,CAAZ,EAAuB;AACrBA,IAAAA,OAAO,GAAG;AAAEC,MAAAA,GAAG,EAAED;AAAP,KAAV;AACD,GAFD,MAEO;AACLA,IAAAA,OAAO,GAAGA,OAAV;AACD,GAN8F,CAO/F;;;AACA,MAAIE,mBAAmB,GAAGjB,GAAG,CAACe,OAAJ,CAAYG,IAAZ,GAAmB,OAAnB,GAA6B,UAAvD;AAEA,MAAIF,GAAG,GAAGD,OAAO,CAACC,GAAlB;AACA,MAAIG,YAAY,GAAGJ,OAAO,CAACI,YAAR,IAAwBnB,GAAG,CAACe,OAAJ,CAAYI,YAApC,IAAoDF,mBAAvE;;AACA,MAAIV,SAAS,GAAGP,GAAG,CAACE,KAAJ,CAAUC,YAAV,CAAuBK,YAAvB,EAAhB;;AACA,MAAIY,QAAJ;;AAEA,MAAID,YAAY,KAAK,OAArB,EAA8B;AAC5BC,IAAAA,QAAQ,GAAGJ,GAAG,GAAGA,GAAG,CAACK,SAAJ,CAAcL,GAAG,CAACM,OAAJ,CAAY,GAAZ,CAAd,CAAH,GAAqCf,SAAS,CAACK,MAA7D;AACD,GAFD,MAEO;AACLQ,IAAAA,QAAQ,GAAGJ,GAAG,GAAGA,GAAG,CAACK,SAAJ,CAAcL,GAAG,CAACM,OAAJ,CAAY,GAAZ,CAAd,CAAH,GAAqCf,SAAS,CAACM,IAA7D;AACD;;AAED,MAAI,CAACO,QAAL,EAAe;AACb,WAAOG,OAAO,CAACC,MAAR,CAAe,IAAI9B,YAAJ,CAAiB,sCAAjB,CAAf,CAAP;AACD;;AAED,MAAM+B,WAA4B,GAAGzB,GAAG,CAAC0B,kBAAJ,CAAuBC,IAAvB,CAA4B;AAC/DC,IAAAA,KAAK,EAAE,IADwD;AAE/DV,IAAAA,IAAI,EAAElB,GAAG,CAACe,OAAJ,CAAYG;AAF6C,GAA5B,CAArC;AAIA,MAAMW,IAAgB,GAAGJ,WAAW,CAACI,IAArC;AACA,SAAOJ,WAAW,CAACI,IAAnB;AAEA,SAAON,OAAO,CAACO,OAAR,CAAgBlC,iBAAiB,CAACwB,QAAD,CAAjC,EACJW,IADI,CACC,UAAUC,GAAV,EAAe;AACnB,QAAI,CAAChB,GAAL,EAAU;AACR;AACAG,MAAAA,YAAY,KAAK,OAAjB,GAA2BL,YAAY,CAACd,GAAD,CAAvC,GAA+CD,UAAU,CAACC,GAAD,CAAzD;AACD;;AACD,WAAOF,mBAAmB,CAACE,GAAD,EAAMyB,WAAN,EAAmBO,GAAnB,EAAwBH,IAAxB,CAAnB,CACJI,KADI,CACEC,GAAG,IAAI;AACZ,UAAI,CAACvC,0BAA0B,CAACuC,GAAD,CAA/B,EAAsC;AACpClC,QAAAA,GAAG,CAAC0B,kBAAJ,CAAuBS,KAAvB;AACD;;AACD,YAAMD,GAAN;AACD,KANI,EAOJH,IAPI,CAOCC,GAAG,IAAI;AACXhC,MAAAA,GAAG,CAAC0B,kBAAJ,CAAuBS,KAAvB;AACA,aAAOH,GAAP;AACD,KAVI,CAAP;AAWD,GAjBI,CAAP;AAkBD","sourcesContent":["/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { isInteractionRequiredError, urlParamsToObject } from './util';\nimport { ParseFromUrlOptions, TokenResponse, CustomUrls, TransactionMeta } from '../types';\nimport { isString } from '../util';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n\nfunction removeHash(sdk) {\n  var nativeHistory = sdk.token.parseFromUrl._getHistory();\n  var nativeDoc = sdk.token.parseFromUrl._getDocument();\n  var nativeLoc = sdk.token.parseFromUrl._getLocation();\n  if (nativeHistory && nativeHistory.replaceState) {\n    nativeHistory.replaceState(null, nativeDoc.title, nativeLoc.pathname + nativeLoc.search);\n  } else {\n    nativeLoc.hash = '';\n  }\n}\n\nfunction removeSearch(sdk) {\n  var nativeHistory = sdk.token.parseFromUrl._getHistory();\n  var nativeDoc = sdk.token.parseFromUrl._getDocument();\n  var nativeLoc = sdk.token.parseFromUrl._getLocation();\n  if (nativeHistory && nativeHistory.replaceState) {\n    nativeHistory.replaceState(null, nativeDoc.title, nativeLoc.pathname + nativeLoc.hash);\n  } else {\n    nativeLoc.search = '';\n  }\n}\n\n\nexport function parseFromUrl(sdk, options: string | ParseFromUrlOptions): Promise<TokenResponse> {\n  options = options || {};\n  if (isString(options)) {\n    options = { url: options } as ParseFromUrlOptions;\n  } else {\n    options = options as ParseFromUrlOptions;\n  }\n  // https://openid.net/specs/openid-connect-core-1_0.html#Authentication\n  var defaultResponseMode = sdk.options.pkce ? 'query' : 'fragment';\n\n  var url = options.url;\n  var responseMode = options.responseMode || sdk.options.responseMode || defaultResponseMode;\n  var nativeLoc = sdk.token.parseFromUrl._getLocation();\n  var paramStr;\n\n  if (responseMode === 'query') {\n    paramStr = url ? url.substring(url.indexOf('?')) : nativeLoc.search;\n  } else {\n    paramStr = url ? url.substring(url.indexOf('#')) : nativeLoc.hash;\n  }\n\n  if (!paramStr) {\n    return Promise.reject(new AuthSdkError('Unable to parse a token from the url'));\n  }\n\n  const oauthParams: TransactionMeta = sdk.transactionManager.load({\n    oauth: true,\n    pkce: sdk.options.pkce\n  });\n  const urls: CustomUrls = oauthParams.urls as CustomUrls;\n  delete oauthParams.urls;\n\n  return Promise.resolve(urlParamsToObject(paramStr))\n    .then(function (res) {\n      if (!url) {\n        // Clean hash or search from the url\n        responseMode === 'query' ? removeSearch(sdk) : removeHash(sdk);\n      }\n      return handleOAuthResponse(sdk, oauthParams, res, urls)\n        .catch(err => {\n          if (!isInteractionRequiredError(err)) {\n            sdk.transactionManager.clear();\n          }\n          throw err;\n        })\n        .then(res => {\n          sdk.transactionManager.clear();\n          return res;\n        });\n    });\n}\n"],"file":"parseFromUrl.js"}

package/esm/oidc/renewToken.js

@@ -1,85 +0,0 @@
-import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
-
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { AuthSdkError } from '../errors';
-import { isAccessToken, isIDToken } from '../types';
-import { getWithoutPrompt } from './getWithoutPrompt';
-import { renewTokensWithRefresh } from './renewTokensWithRefresh';
-
-function throwInvalidTokenError() {
-  throw new AuthSdkError('Renew must be passed a token with an array of scopes and an accessToken or idToken');
-} // Multiple tokens may have come back. Return only the token which was requested.
-
-
-function getSingleToken(originalToken, tokens) {
-  if (isIDToken(originalToken)) {
-    return tokens.idToken;
-  }
-
-  if (isAccessToken(originalToken)) {
-    return tokens.accessToken;
-  }
-
-  throwInvalidTokenError();
-} // If we have a refresh token, renew using that, otherwise getWithoutPrompt
-
-
-export function renewToken(_x, _x2) {
-  return _renewToken.apply(this, arguments);
-}
-
-function _renewToken() {
-  _renewToken = _asyncToGenerator(function* (sdk, token) {
-    if (!isIDToken(token) && !isAccessToken(token)) {
-      throwInvalidTokenError();
-    }
-
-    var tokens = sdk.tokenManager.getTokensSync();
-
-    if (tokens.refreshToken) {
-      tokens = yield renewTokensWithRefresh(sdk, {
-        scopes: token.scopes
-      }, tokens.refreshToken);
-      return getSingleToken(token, tokens);
-    }
-
-    var responseType;
-
-    if (sdk.options.pkce) {
-      responseType = 'code';
-    } else if (isAccessToken(token)) {
-      responseType = 'token';
-    } else {
-      responseType = 'id_token';
-    }
-
-    var {
-      scopes,
-      authorizeUrl,
-      userinfoUrl,
-      issuer
-    } = token;
-    return getWithoutPrompt(sdk, {
-      responseType,
-      scopes,
-      authorizeUrl,
-      userinfoUrl,
-      issuer
-    }).then(function (res) {
-      return getSingleToken(token, res.tokens);
-    });
-  });
-  return _renewToken.apply(this, arguments);
-}
-//# sourceMappingURL=renewToken.js.map

package/esm/oidc/renewToken.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../lib/oidc/renewToken.ts"],"names":["AuthSdkError","isAccessToken","isIDToken","getWithoutPrompt","renewTokensWithRefresh","throwInvalidTokenError","getSingleToken","originalToken","tokens","idToken","accessToken","renewToken","sdk","token","tokenManager","getTokensSync","refreshToken","scopes","responseType","options","pkce","authorizeUrl","userinfoUrl","issuer","then","res"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,YAAT,QAA6B,WAA7B;AACA,SAAkCC,aAAlC,EAAuEC,SAAvE,QAAwF,UAAxF;AACA,SAASC,gBAAT,QAAiC,oBAAjC;AACA,SAASC,sBAAT,QAAuC,0BAAvC;;AAEA,SAASC,sBAAT,GAAkC;AAChC,QAAM,IAAIL,YAAJ,CACJ,oFADI,CAAN;AAGD,C,CAED;;;AACA,SAASM,cAAT,CAAwBC,aAAxB,EAA8CC,MAA9C,EAA8D;AAC5D,MAAIN,SAAS,CAACK,aAAD,CAAb,EAA8B;AAC5B,WAAOC,MAAM,CAACC,OAAd;AACD;;AACD,MAAIR,aAAa,CAACM,aAAD,CAAjB,EAAkC;AAChC,WAAOC,MAAM,CAACE,WAAd;AACD;;AACDL,EAAAA,sBAAsB;AACvB,C,CAED;;;AACA,gBAAsBM,UAAtB;AAAA;AAAA;;;kCAAO,WAA0BC,GAA1B,EAAyCC,KAAzC,EAAuE;AAC5E,QAAI,CAACX,SAAS,CAACW,KAAD,CAAV,IAAqB,CAACZ,aAAa,CAACY,KAAD,CAAvC,EAAgD;AAC9CR,MAAAA,sBAAsB;AACvB;;AAED,QAAIG,MAAM,GAAGI,GAAG,CAACE,YAAJ,CAAiBC,aAAjB,EAAb;;AACA,QAAIP,MAAM,CAACQ,YAAX,EAAyB;AACvBR,MAAAA,MAAM,SAASJ,sBAAsB,CAACQ,GAAD,EAAM;AACzCK,QAAAA,MAAM,EAAEJ,KAAK,CAACI;AAD2B,OAAN,EAElCT,MAAM,CAACQ,YAF2B,CAArC;AAGA,aAAOV,cAAc,CAACO,KAAD,EAAQL,MAAR,CAArB;AACD;;AAED,QAAIU,YAAJ;;AACA,QAAIN,GAAG,CAACO,OAAJ,CAAYC,IAAhB,EAAsB;AACpBF,MAAAA,YAAY,GAAG,MAAf;AACD,KAFD,MAEO,IAAIjB,aAAa,CAACY,KAAD,CAAjB,EAA0B;AAC/BK,MAAAA,YAAY,GAAG,OAAf;AACD,KAFM,MAEA;AACLA,MAAAA,YAAY,GAAG,UAAf;AACD;;AAED,QAAM;AAAED,MAAAA,MAAF;AAAUI,MAAAA,YAAV;AAAwBC,MAAAA,WAAxB;AAAqCC,MAAAA;AAArC,QAAgDV,KAAtD;AACA,WAAOV,gBAAgB,CAACS,GAAD,EAAM;AAC3BM,MAAAA,YAD2B;AAE3BD,MAAAA,MAF2B;AAG3BI,MAAAA,YAH2B;AAI3BC,MAAAA,WAJ2B;AAK3BC,MAAAA;AAL2B,KAAN,CAAhB,CAOJC,IAPI,CAOC,UAAUC,GAAV,EAAe;AACnB,aAAOnB,cAAc,CAACO,KAAD,EAAQY,GAAG,CAACjB,MAAZ,CAArB;AACD,KATI,CAAP;AAUD,G","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { OktaAuth, Token, Tokens, isAccessToken, AccessToken, IDToken, isIDToken } from '../types';\nimport { getWithoutPrompt } from './getWithoutPrompt';\nimport { renewTokensWithRefresh } from './renewTokensWithRefresh';\n\nfunction throwInvalidTokenError() {\n  throw new AuthSdkError(\n    'Renew must be passed a token with an array of scopes and an accessToken or idToken'\n  );\n}\n\n// Multiple tokens may have come back. Return only the token which was requested.\nfunction getSingleToken(originalToken: Token, tokens: Tokens) {\n  if (isIDToken(originalToken)) {\n    return tokens.idToken;\n  }\n  if (isAccessToken(originalToken)) {\n    return tokens.accessToken;\n  }\n  throwInvalidTokenError();\n}\n\n// If we have a refresh token, renew using that, otherwise getWithoutPrompt\nexport async function renewToken(sdk: OktaAuth, token: Token): Promise<Token> {\n  if (!isIDToken(token) && !isAccessToken(token)) {\n    throwInvalidTokenError();\n  }\n\n  let tokens = sdk.tokenManager.getTokensSync();\n  if (tokens.refreshToken) {\n    tokens = await renewTokensWithRefresh(sdk, {\n      scopes: token.scopes,\n    }, tokens.refreshToken);\n    return getSingleToken(token, tokens);\n  }\n\n  var responseType;\n  if (sdk.options.pkce) {\n    responseType = 'code';\n  } else if (isAccessToken(token)) {\n    responseType = 'token';\n  } else {\n    responseType = 'id_token';\n  }\n\n  const { scopes, authorizeUrl, userinfoUrl, issuer } = token as (AccessToken & IDToken);\n  return getWithoutPrompt(sdk, {\n    responseType,\n    scopes,\n    authorizeUrl,\n    userinfoUrl,\n    issuer\n  })\n    .then(function (res) {\n      return getSingleToken(token, res.tokens);\n    });\n}\n"],"file":"renewToken.js"}

package/esm/oidc/renewTokens.js

@@ -1,52 +0,0 @@
-import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
-
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { getWithoutPrompt } from './getWithoutPrompt';
-import { renewTokensWithRefresh } from './renewTokensWithRefresh';
-import { getDefaultTokenParams } from './util'; // If we have a refresh token, renew using that, otherwise getWithoutPrompt
-
-export function renewTokens(_x, _x2) {
-  return _renewTokens.apply(this, arguments);
-}
-
-function _renewTokens() {
-  _renewTokens = _asyncToGenerator(function* (sdk, options) {
-    var tokens = sdk.tokenManager.getTokensSync();
-
-    if (tokens.refreshToken) {
-      return renewTokensWithRefresh(sdk, options, tokens.refreshToken);
-    } // Get tokens using the SSO cookie
-
-
-    options = Object.assign({
-      scopes: sdk.options.scopes,
-      authorizeUrl: sdk.options.authorizeUrl,
-      userinfoUrl: sdk.options.userinfoUrl,
-      issuer: sdk.options.issuer
-    }, options);
-
-    if (sdk.options.pkce) {
-      options.responseType = 'code';
-    } else {
-      var {
-        responseType
-      } = getDefaultTokenParams(sdk);
-      options.responseType = responseType;
-    }
-
-    return getWithoutPrompt(sdk, options).then(res => res.tokens);
-  });
-  return _renewTokens.apply(this, arguments);
-}
-//# sourceMappingURL=renewTokens.js.map

package/esm/oidc/renewTokens.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../lib/oidc/renewTokens.ts"],"names":["getWithoutPrompt","renewTokensWithRefresh","getDefaultTokenParams","renewTokens","sdk","options","tokens","tokenManager","getTokensSync","refreshToken","Object","assign","scopes","authorizeUrl","userinfoUrl","issuer","pkce","responseType","then","res"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA,SAASA,gBAAT,QAAiC,oBAAjC;AACA,SAASC,sBAAT,QAAuC,0BAAvC;AACA,SAASC,qBAAT,QAAsC,QAAtC,C,CAEA;;AACA,gBAAsBC,WAAtB;AAAA;AAAA;;;mCAAO,WAA2BC,GAA3B,EAAgCC,OAAhC,EAAuE;AAC5E,QAAMC,MAAM,GAAGF,GAAG,CAACG,YAAJ,CAAiBC,aAAjB,EAAf;;AACA,QAAIF,MAAM,CAACG,YAAX,EAAyB;AACvB,aAAOR,sBAAsB,CAACG,GAAD,EAAMC,OAAN,EAAeC,MAAM,CAACG,YAAtB,CAA7B;AACD,KAJ2E,CAM5E;;;AACAJ,IAAAA,OAAO,GAAGK,MAAM,CAACC,MAAP,CAAc;AACtBC,MAAAA,MAAM,EAAER,GAAG,CAACC,OAAJ,CAAYO,MADE;AAEtBC,MAAAA,YAAY,EAAET,GAAG,CAACC,OAAJ,CAAYQ,YAFJ;AAGtBC,MAAAA,WAAW,EAAEV,GAAG,CAACC,OAAJ,CAAYS,WAHH;AAItBC,MAAAA,MAAM,EAAEX,GAAG,CAACC,OAAJ,CAAYU;AAJE,KAAd,EAKPV,OALO,CAAV;;AAOA,QAAID,GAAG,CAACC,OAAJ,CAAYW,IAAhB,EAAsB;AACpBX,MAAAA,OAAO,CAACY,YAAR,GAAuB,MAAvB;AACD,KAFD,MAEO;AACL,UAAM;AAAEA,QAAAA;AAAF,UAAmBf,qBAAqB,CAACE,GAAD,CAA9C;AACAC,MAAAA,OAAO,CAACY,YAAR,GAAuBA,YAAvB;AACD;;AAED,WAAOjB,gBAAgB,CAACI,GAAD,EAAMC,OAAN,CAAhB,CACJa,IADI,CACCC,GAAG,IAAIA,GAAG,CAACb,MADZ,CAAP;AAGD,G","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { TokenParams, Tokens } from '../types';\nimport { getWithoutPrompt } from './getWithoutPrompt';\nimport { renewTokensWithRefresh } from './renewTokensWithRefresh';\nimport { getDefaultTokenParams } from './util';\n\n// If we have a refresh token, renew using that, otherwise getWithoutPrompt\nexport async function renewTokens(sdk, options: TokenParams): Promise<Tokens> {\n  const tokens = sdk.tokenManager.getTokensSync();\n  if (tokens.refreshToken) {\n    return renewTokensWithRefresh(sdk, options, tokens.refreshToken);\n  }\n\n  // Get tokens using the SSO cookie\n  options = Object.assign({\n    scopes: sdk.options.scopes,\n    authorizeUrl: sdk.options.authorizeUrl,\n    userinfoUrl: sdk.options.userinfoUrl,\n    issuer: sdk.options.issuer\n  }, options);\n\n  if (sdk.options.pkce) {\n    options.responseType = 'code';\n  } else {\n    const { responseType } = getDefaultTokenParams(sdk);\n    options.responseType = responseType;\n  }\n\n  return getWithoutPrompt(sdk, options)\n    .then(res => res.tokens);\n    \n}\n"],"file":"renewTokens.js"}

package/esm/oidc/renewTokensWithRefresh.js

@@ -1,55 +0,0 @@
-import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
-
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { AuthSdkError } from '../errors';
-import { getOAuthUrls } from './util/oauth';
-import { isSameRefreshToken } from './util/refreshToken';
-import { handleOAuthResponse } from './handleOAuthResponse';
-import { postRefreshToken } from './endpoints/token';
-export function renewTokensWithRefresh(_x, _x2, _x3) {
-  return _renewTokensWithRefresh.apply(this, arguments);
-}
-
-function _renewTokensWithRefresh() {
-  _renewTokensWithRefresh = _asyncToGenerator(function* (sdk, tokenParams, refreshTokenObject) {
-    var {
-      clientId
-    } = sdk.options;
-
-    if (!clientId) {
-      throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to renew tokens');
-    }
-
-    var renewTokenParams = Object.assign({}, tokenParams, {
-      clientId
-    });
-    var tokenResponse = yield postRefreshToken(sdk, renewTokenParams, refreshTokenObject);
-    var urls = getOAuthUrls(sdk, tokenParams);
-    var {
-      tokens
-    } = yield handleOAuthResponse(sdk, renewTokenParams, tokenResponse, urls); // Support rotating refresh tokens
-
-    var {
-      refreshToken
-    } = tokens;
-
-    if (refreshToken && !isSameRefreshToken(refreshToken, refreshTokenObject)) {
-      sdk.tokenManager.updateRefreshToken(refreshToken);
-    }
-
-    return tokens;
-  });
-  return _renewTokensWithRefresh.apply(this, arguments);
-}
-//# sourceMappingURL=renewTokensWithRefresh.js.map

package/esm/oidc/renewTokensWithRefresh.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../lib/oidc/renewTokensWithRefresh.ts"],"names":["AuthSdkError","getOAuthUrls","isSameRefreshToken","handleOAuthResponse","postRefreshToken","renewTokensWithRefresh","sdk","tokenParams","refreshTokenObject","clientId","options","renewTokenParams","Object","assign","tokenResponse","urls","tokens","refreshToken","tokenManager","updateRefreshToken"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,YAAT,QAA6B,WAA7B;AACA,SAASC,YAAT,QAA6B,cAA7B;AACA,SAASC,kBAAT,QAAmC,qBAAnC;AAEA,SAASC,mBAAT,QAAoC,uBAApC;AACA,SAASC,gBAAT,QAAiC,mBAAjC;AAEA,gBAAsBC,sBAAtB;AAAA;AAAA;;;8CAAO,WACLC,GADK,EAELC,WAFK,EAGLC,kBAHK,EAIY;AACjB,QAAM;AAAEC,MAAAA;AAAF,QAAeH,GAAG,CAACI,OAAzB;;AACA,QAAI,CAACD,QAAL,EAAe;AACb,YAAM,IAAIT,YAAJ,CAAiB,0EAAjB,CAAN;AACD;;AAED,QAAMW,gBAA6B,GAAGC,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBN,WAAlB,EAA+B;AACnEE,MAAAA;AADmE,KAA/B,CAAtC;AAGA,QAAMK,aAAa,SAASV,gBAAgB,CAACE,GAAD,EAAMK,gBAAN,EAAwBH,kBAAxB,CAA5C;AACA,QAAMO,IAAI,GAAGd,YAAY,CAACK,GAAD,EAAMC,WAAN,CAAzB;AACA,QAAM;AAAES,MAAAA;AAAF,cAAmBb,mBAAmB,CAACG,GAAD,EAAMK,gBAAN,EAAwBG,aAAxB,EAAuCC,IAAvC,CAA5C,CAXiB,CAajB;;AACA,QAAM;AAAEE,MAAAA;AAAF,QAAmBD,MAAzB;;AACA,QAAIC,YAAY,IAAI,CAACf,kBAAkB,CAACe,YAAD,EAAeT,kBAAf,CAAvC,EAA2E;AACzEF,MAAAA,GAAG,CAACY,YAAJ,CAAiBC,kBAAjB,CAAoCF,YAApC;AACD;;AAED,WAAOD,MAAP;AACD,G","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { getOAuthUrls } from './util/oauth';\nimport { isSameRefreshToken } from './util/refreshToken';\nimport { OktaAuth, TokenParams, RefreshToken, Tokens } from '../types';\nimport { handleOAuthResponse } from './handleOAuthResponse';\nimport { postRefreshToken } from './endpoints/token';\n\nexport async function renewTokensWithRefresh(\n  sdk: OktaAuth,\n  tokenParams: TokenParams,\n  refreshTokenObject: RefreshToken\n): Promise<Tokens> {\n  const { clientId } = sdk.options;\n  if (!clientId) {\n    throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to renew tokens');\n  }\n\n  const renewTokenParams: TokenParams = Object.assign({}, tokenParams, {\n    clientId,\n  });\n  const tokenResponse = await postRefreshToken(sdk, renewTokenParams, refreshTokenObject);\n  const urls = getOAuthUrls(sdk, tokenParams);\n  const { tokens } = await handleOAuthResponse(sdk, renewTokenParams, tokenResponse, urls);\n\n  // Support rotating refresh tokens\n  const { refreshToken } = tokens;\n  if (refreshToken && !isSameRefreshToken(refreshToken, refreshTokenObject)) {\n    sdk.tokenManager.updateRefreshToken(refreshToken);\n  }\n\n  return tokens;\n}\n"],"file":"renewTokensWithRefresh.js"}

package/esm/oidc/revokeToken.js

@@ -1,57 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-
-/* eslint complexity:[0,8] */
-import { post } from '../http';
-import { toQueryString } from '../util';
-import { getOAuthUrls } from './util/oauth';
-import { btoa } from '../crypto';
-import AuthSdkError from '../errors/AuthSdkError';
-// refresh tokens have precedence to be revoked if no token is specified
-export function revokeToken(sdk, token) {
-  return Promise.resolve().then(function () {
-    var accessToken;
-    var refreshToken;
-
-    if (token) {
-      accessToken = token.accessToken;
-      refreshToken = token.refreshToken;
-    }
-
-    if (!accessToken && !refreshToken) {
-      throw new AuthSdkError('A valid access or refresh token object is required');
-    }
-
-    var clientId = sdk.options.clientId;
-    var clientSecret = sdk.options.clientSecret;
-
-    if (!clientId) {
-      throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to revoke a token');
-    }
-
-    var revokeUrl = getOAuthUrls(sdk).revokeUrl;
-    var args = toQueryString({
-      // eslint-disable-next-line camelcase
-      token_type_hint: refreshToken ? 'refresh_token' : 'access_token',
-      token: refreshToken || accessToken
-    }).slice(1);
-    var creds = clientSecret ? btoa("".concat(clientId, ":").concat(clientSecret)) : btoa(clientId);
-    return post(sdk, revokeUrl, args, {
-      headers: {
-        'Content-Type': 'application/x-www-form-urlencoded',
-        'Authorization': 'Basic ' + creds
-      }
-    });
-  });
-}
-//# sourceMappingURL=revokeToken.js.map

package/esm/oidc/revokeToken.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../lib/oidc/revokeToken.ts"],"names":["post","toQueryString","getOAuthUrls","btoa","AuthSdkError","revokeToken","sdk","token","Promise","resolve","then","accessToken","refreshToken","clientId","options","clientSecret","revokeUrl","args","token_type_hint","slice","creds","headers"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA,SAASA,IAAT,QAAqB,SAArB;AACA,SAASC,aAAT,QAA8B,SAA9B;AACA,SACEC,YADF,QAEO,cAFP;AAGA,SAASC,IAAT,QAAqB,WAArB;AACA,OAAOC,YAAP,MAAyB,wBAAzB;AAQA;AACA,OAAO,SAASC,WAAT,CAAqBC,GAArB,EAAoCC,KAApC,EAAyE;AAC9E,SAAOC,OAAO,CAACC,OAAR,GACJC,IADI,CACC,YAAY;AAChB,QAAIC,WAAJ;AACA,QAAIC,YAAJ;;AACA,QAAIL,KAAJ,EAAW;AACPI,MAAAA,WAAW,GAAIJ,KAAD,CAAuBI,WAArC;AACAC,MAAAA,YAAY,GAAIL,KAAD,CAAwBK,YAAvC;AACH;;AAED,QAAG,CAACD,WAAD,IAAgB,CAACC,YAApB,EAAkC;AAChC,YAAM,IAAIR,YAAJ,CAAiB,oDAAjB,CAAN;AACD;;AACD,QAAIS,QAAQ,GAAGP,GAAG,CAACQ,OAAJ,CAAYD,QAA3B;AACA,QAAIE,YAAY,GAAGT,GAAG,CAACQ,OAAJ,CAAYC,YAA/B;;AACA,QAAI,CAACF,QAAL,EAAe;AACb,YAAM,IAAIT,YAAJ,CAAiB,4EAAjB,CAAN;AACD;;AACD,QAAIY,SAAS,GAAGd,YAAY,CAACI,GAAD,CAAZ,CAAkBU,SAAlC;AACA,QAAIC,IAAI,GAAGhB,aAAa,CAAC;AACvB;AACAiB,MAAAA,eAAe,EAAEN,YAAY,GAAG,eAAH,GAAqB,cAF3B;AAGvBL,MAAAA,KAAK,EAAEK,YAAY,IAAID;AAHA,KAAD,CAAb,CAIRQ,KAJQ,CAIF,CAJE,CAAX;AAKA,QAAIC,KAAK,GAAGL,YAAY,GAAGZ,IAAI,WAAIU,QAAJ,cAAgBE,YAAhB,EAAP,GAAyCZ,IAAI,CAACU,QAAD,CAArE;AACA,WAAOb,IAAI,CAACM,GAAD,EAAMU,SAAN,EAAiBC,IAAjB,EAAuB;AAChCI,MAAAA,OAAO,EAAE;AACP,wBAAgB,mCADT;AAEP,yBAAiB,WAAWD;AAFrB;AADuB,KAAvB,CAAX;AAMD,GA9BI,CAAP;AA+BD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* eslint complexity:[0,8] */\nimport { post } from '../http';\nimport { toQueryString } from '../util';\nimport {\n  getOAuthUrls,\n} from './util/oauth';\nimport { btoa } from '../crypto';\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n  OktaAuth,\n  RevocableToken,\n  AccessToken,\n  RefreshToken\n} from '../types';\n\n// refresh tokens have precedence to be revoked if no token is specified\nexport function revokeToken(sdk: OktaAuth, token: RevocableToken): Promise<any> {\n  return Promise.resolve()\n    .then(function () {\n      var accessToken: string;\n      var refreshToken: string;\n      if (token) { \n          accessToken = (token as AccessToken).accessToken;\n          refreshToken = (token as RefreshToken).refreshToken;  \n      }\n        \n      if(!accessToken && !refreshToken) { \n        throw new AuthSdkError('A valid access or refresh token object is required');\n      }\n      var clientId = sdk.options.clientId;\n      var clientSecret = sdk.options.clientSecret;\n      if (!clientId) {\n        throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to revoke a token');\n      }\n      var revokeUrl = getOAuthUrls(sdk).revokeUrl;\n      var args = toQueryString({\n        // eslint-disable-next-line camelcase\n        token_type_hint: refreshToken ? 'refresh_token' : 'access_token', \n        token: refreshToken || accessToken,\n      }).slice(1);\n      var creds = clientSecret ? btoa(`${clientId}:${clientSecret}`) : btoa(clientId);\n      return post(sdk, revokeUrl, args, {\n        headers: {\n          'Content-Type': 'application/x-www-form-urlencoded',\n          'Authorization': 'Basic ' + creds\n        }\n      });\n    });\n}"],"file":"revokeToken.js"}

package/esm/oidc/util/browser.js

@@ -1,85 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-
-/* global window, document */
-
-/* eslint-disable complexity, max-statements */
-import { AuthSdkError } from '../../errors';
-import { isIE11OrLess } from '../../features';
-export function addListener(eventTarget, name, fn) {
-  if (eventTarget.addEventListener) {
-    eventTarget.addEventListener(name, fn);
-  } else {
-    eventTarget.attachEvent('on' + name, fn);
-  }
-}
-export function removeListener(eventTarget, name, fn) {
-  if (eventTarget.removeEventListener) {
-    eventTarget.removeEventListener(name, fn);
-  } else {
-    eventTarget.detachEvent('on' + name, fn);
-  }
-}
-export function loadFrame(src) {
-  var iframe = document.createElement('iframe');
-  iframe.style.display = 'none';
-  iframe.src = src;
-  return document.body.appendChild(iframe);
-}
-export function loadPopup(src, options) {
-  var title = options.popupTitle || 'External Identity Provider User Authentication';
-  var appearance = 'toolbar=no, scrollbars=yes, resizable=yes, ' + 'top=100, left=500, width=600, height=600';
-
-  if (isIE11OrLess()) {
-    // IE<=11 doesn't fully support postMessage at time of writting.
-    // the following simple solution happened to solve the issue
-    // without adding another proxy layer which makes flow more complecated.
-    var winEl = window.open('/', title, appearance);
-    winEl.location.href = src;
-    return winEl;
-  } else {
-    return window.open(src, title, appearance);
-  }
-}
-export function addPostMessageListener(sdk, timeout, state) {
-  var responseHandler;
-  var timeoutId;
-  var msgReceivedOrTimeout = new Promise(function (resolve, reject) {
-    responseHandler = function responseHandler(e) {
-      if (!e.data || e.data.state !== state) {
-        // A message not meant for us
-        return;
-      } // Configuration mismatch between saved token and current app instance
-      // This may happen if apps with different issuers are running on the same host url
-      // If they share the same storage key, they may read and write tokens in the same location.
-      // Common when developing against http://localhost
-
-
-      if (e.origin !== sdk.getIssuerOrigin()) {
-        return reject(new AuthSdkError('The request does not match client configuration'));
-      }
-
-      resolve(e.data);
-    };
-
-    addListener(window, 'message', responseHandler);
-    timeoutId = setTimeout(function () {
-      reject(new AuthSdkError('OAuth flow timed out'));
-    }, timeout || 120000);
-  });
-  return msgReceivedOrTimeout.finally(function () {
-    clearTimeout(timeoutId);
-    removeListener(window, 'message', responseHandler);
-  });
-}
-//# sourceMappingURL=browser.js.map

package/esm/oidc/util/browser.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../lib/oidc/util/browser.ts"],"names":["AuthSdkError","isIE11OrLess","addListener","eventTarget","name","fn","addEventListener","attachEvent","removeListener","removeEventListener","detachEvent","loadFrame","src","iframe","document","createElement","style","display","body","appendChild","loadPopup","options","title","popupTitle","appearance","winEl","window","open","location","href","addPostMessageListener","sdk","timeout","state","responseHandler","timeoutId","msgReceivedOrTimeout","Promise","resolve","reject","e","data","origin","getIssuerOrigin","setTimeout","finally","clearTimeout"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AACA;AACA,SAASA,YAAT,QAA6B,cAA7B;AAEA,SAASC,YAAT,QAA6B,gBAA7B;AAEA,OAAO,SAASC,WAAT,CAAqBC,WAArB,EAAkCC,IAAlC,EAAwCC,EAAxC,EAA4C;AACjD,MAAIF,WAAW,CAACG,gBAAhB,EAAkC;AAChCH,IAAAA,WAAW,CAACG,gBAAZ,CAA6BF,IAA7B,EAAmCC,EAAnC;AACD,GAFD,MAEO;AACLF,IAAAA,WAAW,CAACI,WAAZ,CAAwB,OAAOH,IAA/B,EAAqCC,EAArC;AACD;AACF;AAED,OAAO,SAASG,cAAT,CAAwBL,WAAxB,EAAqCC,IAArC,EAA2CC,EAA3C,EAA+C;AACpD,MAAIF,WAAW,CAACM,mBAAhB,EAAqC;AACnCN,IAAAA,WAAW,CAACM,mBAAZ,CAAgCL,IAAhC,EAAsCC,EAAtC;AACD,GAFD,MAEO;AACLF,IAAAA,WAAW,CAACO,WAAZ,CAAwB,OAAON,IAA/B,EAAqCC,EAArC;AACD;AACF;AAED,OAAO,SAASM,SAAT,CAAmBC,GAAnB,EAAwB;AAC7B,MAAIC,MAAM,GAAGC,QAAQ,CAACC,aAAT,CAAuB,QAAvB,CAAb;AACAF,EAAAA,MAAM,CAACG,KAAP,CAAaC,OAAb,GAAuB,MAAvB;AACAJ,EAAAA,MAAM,CAACD,GAAP,GAAaA,GAAb;AAEA,SAAOE,QAAQ,CAACI,IAAT,CAAcC,WAAd,CAA0BN,MAA1B,CAAP;AACD;AAED,OAAO,SAASO,SAAT,CAAmBR,GAAnB,EAAwBS,OAAxB,EAAiC;AACtC,MAAIC,KAAK,GAAGD,OAAO,CAACE,UAAR,IAAsB,gDAAlC;AACA,MAAIC,UAAU,GAAG,gDACf,0CADF;;AAGA,MAAIvB,YAAY,EAAhB,EAAoB;AAClB;AACA;AACA;AACA,QAAIwB,KAAK,GAAGC,MAAM,CAACC,IAAP,CAAY,GAAZ,EAAiBL,KAAjB,EAAwBE,UAAxB,CAAZ;AACAC,IAAAA,KAAK,CAACG,QAAN,CAAeC,IAAf,GAAsBjB,GAAtB;AACA,WAAOa,KAAP;AACD,GAPD,MAOO;AACL,WAAOC,MAAM,CAACC,IAAP,CAAYf,GAAZ,EAAiBU,KAAjB,EAAwBE,UAAxB,CAAP;AACD;AACF;AAED,OAAO,SAASM,sBAAT,CAAgCC,GAAhC,EAA+CC,OAA/C,EAAwDC,KAAxD,EAA+D;AACpE,MAAIC,eAAJ;AACA,MAAIC,SAAJ;AACA,MAAIC,oBAAoB,GAAG,IAAIC,OAAJ,CAAY,UAAUC,OAAV,EAAmBC,MAAnB,EAA2B;AAEhEL,IAAAA,eAAe,GAAG,SAASA,eAAT,CAAyBM,CAAzB,EAA4B;AAC5C,UAAI,CAACA,CAAC,CAACC,IAAH,IAAWD,CAAC,CAACC,IAAF,CAAOR,KAAP,KAAiBA,KAAhC,EAAuC;AACrC;AACA;AACD,OAJ2C,CAM5C;AACA;AACA;AACA;;;AACA,UAAIO,CAAC,CAACE,MAAF,KAAaX,GAAG,CAACY,eAAJ,EAAjB,EAAwC;AACtC,eAAOJ,MAAM,CAAC,IAAIvC,YAAJ,CAAiB,iDAAjB,CAAD,CAAb;AACD;;AACDsC,MAAAA,OAAO,CAACE,CAAC,CAACC,IAAH,CAAP;AACD,KAdD;;AAgBAvC,IAAAA,WAAW,CAACwB,MAAD,EAAS,SAAT,EAAoBQ,eAApB,CAAX;AAEAC,IAAAA,SAAS,GAAGS,UAAU,CAAC,YAAY;AACjCL,MAAAA,MAAM,CAAC,IAAIvC,YAAJ,CAAiB,sBAAjB,CAAD,CAAN;AACD,KAFqB,EAEnBgC,OAAO,IAAI,MAFQ,CAAtB;AAGD,GAvB0B,CAA3B;AAyBA,SAAOI,oBAAoB,CACxBS,OADI,CACI,YAAY;AACnBC,IAAAA,YAAY,CAACX,SAAD,CAAZ;AACA3B,IAAAA,cAAc,CAACkB,MAAD,EAAS,SAAT,EAAoBQ,eAApB,CAAd;AACD,GAJI,CAAP;AAKD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window, document */\n/* eslint-disable complexity, max-statements */\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuth } from '../../types';\nimport { isIE11OrLess } from '../../features';\n\nexport function addListener(eventTarget, name, fn) {\n  if (eventTarget.addEventListener) {\n    eventTarget.addEventListener(name, fn);\n  } else {\n    eventTarget.attachEvent('on' + name, fn);\n  }\n}\n\nexport function removeListener(eventTarget, name, fn) {\n  if (eventTarget.removeEventListener) {\n    eventTarget.removeEventListener(name, fn);\n  } else {\n    eventTarget.detachEvent('on' + name, fn);\n  }\n}\n\nexport function loadFrame(src) {\n  var iframe = document.createElement('iframe');\n  iframe.style.display = 'none';\n  iframe.src = src;\n\n  return document.body.appendChild(iframe);\n}\n\nexport function loadPopup(src, options) {\n  var title = options.popupTitle || 'External Identity Provider User Authentication';\n  var appearance = 'toolbar=no, scrollbars=yes, resizable=yes, ' +\n    'top=100, left=500, width=600, height=600';\n\n  if (isIE11OrLess()) {\n    // IE<=11 doesn't fully support postMessage at time of writting.\n    // the following simple solution happened to solve the issue\n    // without adding another proxy layer which makes flow more complecated.\n    var winEl = window.open('/', title, appearance);\n    winEl.location.href = src;\n    return winEl;\n  } else {\n    return window.open(src, title, appearance);\n  }\n}\n\nexport function addPostMessageListener(sdk: OktaAuth, timeout, state) {\n  var responseHandler;\n  var timeoutId;\n  var msgReceivedOrTimeout = new Promise(function (resolve, reject) {\n\n    responseHandler = function responseHandler(e) {\n      if (!e.data || e.data.state !== state) {\n        // A message not meant for us\n        return;\n      }\n\n      // Configuration mismatch between saved token and current app instance\n      // This may happen if apps with different issuers are running on the same host url\n      // If they share the same storage key, they may read and write tokens in the same location.\n      // Common when developing against http://localhost\n      if (e.origin !== sdk.getIssuerOrigin()) {\n        return reject(new AuthSdkError('The request does not match client configuration'));\n      }\n      resolve(e.data);\n    };\n\n    addListener(window, 'message', responseHandler);\n\n    timeoutId = setTimeout(function () {\n      reject(new AuthSdkError('OAuth flow timed out'));\n    }, timeout || 120000);\n  });\n\n  return msgReceivedOrTimeout\n    .finally(function () {\n      clearTimeout(timeoutId);\n      removeListener(window, 'message', responseHandler);\n    });\n}\n"],"file":"browser.js"}

package/esm/oidc/util/defaultTokenParams.js

@@ -1,42 +0,0 @@
-/* global window */
-
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { generateNonce, generateState } from './oauth';
-import { isBrowser } from '../../features';
-import { removeNils } from '../../util';
-export function getDefaultTokenParams(sdk) {
-  var {
-    pkce,
-    clientId,
-    redirectUri,
-    responseType,
-    responseMode,
-    scopes,
-    state,
-    ignoreSignature
-  } = sdk.options;
-  var defaultRedirectUri = isBrowser() ? window.location.href : undefined;
-  return removeNils({
-    pkce,
-    clientId,
-    redirectUri: redirectUri || defaultRedirectUri,
-    responseType: responseType || ['token', 'id_token'],
-    responseMode,
-    state: state || generateState(),
-    nonce: generateNonce(),
-    scopes: scopes || ['openid', 'email'],
-    ignoreSignature
-  });
-}
-//# sourceMappingURL=defaultTokenParams.js.map

package/esm/oidc/util/defaultTokenParams.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../lib/oidc/util/defaultTokenParams.ts"],"names":["generateNonce","generateState","isBrowser","removeNils","getDefaultTokenParams","sdk","pkce","clientId","redirectUri","responseType","responseMode","scopes","state","ignoreSignature","options","defaultRedirectUri","window","location","href","undefined","nonce"],"mappings":"AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,aAAT,EAAwBC,aAAxB,QAA6C,SAA7C;AAEA,SAASC,SAAT,QAA0B,gBAA1B;AACA,SAASC,UAAT,QAA2B,YAA3B;AAEA,OAAO,SAASC,qBAAT,CAA+BC,GAA/B,EAA2D;AAChE,MAAM;AACJC,IAAAA,IADI;AAEJC,IAAAA,QAFI;AAGJC,IAAAA,WAHI;AAIJC,IAAAA,YAJI;AAKJC,IAAAA,YALI;AAMJC,IAAAA,MANI;AAOJC,IAAAA,KAPI;AAQJC,IAAAA;AARI,MASFR,GAAG,CAACS,OATR;AAUA,MAAMC,kBAAkB,GAAGb,SAAS,KAAKc,MAAM,CAACC,QAAP,CAAgBC,IAArB,GAA4BC,SAAhE;AACA,SAAOhB,UAAU,CAAC;AAChBG,IAAAA,IADgB;AAEhBC,IAAAA,QAFgB;AAGhBC,IAAAA,WAAW,EAAEA,WAAW,IAAIO,kBAHZ;AAIhBN,IAAAA,YAAY,EAAEA,YAAY,IAAI,CAAC,OAAD,EAAU,UAAV,CAJd;AAKhBC,IAAAA,YALgB;AAMhBE,IAAAA,KAAK,EAAEA,KAAK,IAAIX,aAAa,EANb;AAOhBmB,IAAAA,KAAK,EAAEpB,aAAa,EAPJ;AAQhBW,IAAAA,MAAM,EAAEA,MAAM,IAAI,CAAC,QAAD,EAAW,OAAX,CARF;AAShBE,IAAAA;AATgB,GAAD,CAAjB;AAWD","sourcesContent":["\n/* global window */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { generateNonce, generateState } from './oauth';\nimport { OktaAuth, TokenParams } from '../../types';\nimport { isBrowser } from '../../features';\nimport { removeNils } from '../../util';\n\nexport function getDefaultTokenParams(sdk: OktaAuth): TokenParams {\n  const {\n    pkce,\n    clientId,\n    redirectUri,\n    responseType,\n    responseMode,\n    scopes,\n    state,\n    ignoreSignature\n  } = sdk.options;\n  const defaultRedirectUri = isBrowser() ? window.location.href : undefined;\n  return removeNils({\n    pkce,\n    clientId,\n    redirectUri: redirectUri || defaultRedirectUri,\n    responseType: responseType || ['token', 'id_token'],\n    responseMode,\n    state: state || generateState(),\n    nonce: generateNonce(),\n    scopes: scopes || ['openid', 'email'],\n    ignoreSignature\n  });\n}"],"file":"defaultTokenParams.js"}

package/esm/oidc/util/errors.js

@@ -1,31 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * 
- * See the License for the specific language governing permissions and limitations under the License.
- */
-export function isInteractionRequiredError(error) {
-  if (error.name !== 'OAuthError') {
-    return false;
-  }
-
-  var oauthError = error;
-  return oauthError.errorCode === 'interaction_required';
-}
-export function isAuthorizationCodeError(sdk, error) {
-  if (error.name !== 'AuthApiError') {
-    return false;
-  }
-
-  var authApiError = error; // xhr property doesn't seem to match XMLHttpRequest type
-
-  var errorResponse = authApiError.xhr;
-  var responseJSON = errorResponse === null || errorResponse === void 0 ? void 0 : errorResponse.responseJSON;
-  return sdk.options.pkce && (responseJSON === null || responseJSON === void 0 ? void 0 : responseJSON.error) === 'invalid_grant';
-}
-//# sourceMappingURL=errors.js.map

package/esm/oidc/util/errors.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../../lib/oidc/util/errors.ts"],"names":["isInteractionRequiredError","error","name","oauthError","errorCode","isAuthorizationCodeError","sdk","authApiError","errorResponse","xhr","responseJSON","options","pkce"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA,OAAO,SAASA,0BAAT,CAAoCC,KAApC,EAAkD;AACvD,MAAIA,KAAK,CAACC,IAAN,KAAe,YAAnB,EAAiC;AAC/B,WAAO,KAAP;AACD;;AACD,MAAMC,UAAU,GAAGF,KAAnB;AACA,SAAQE,UAAU,CAACC,SAAX,KAAyB,sBAAjC;AACD;AAED,OAAO,SAASC,wBAAT,CAAkCC,GAAlC,EAAiDL,KAAjD,EAA+D;AACpE,MAAIA,KAAK,CAACC,IAAN,KAAe,cAAnB,EAAmC;AACjC,WAAO,KAAP;AACD;;AACD,MAAMK,YAAY,GAAGN,KAArB,CAJoE,CAKpE;;AACA,MAAMO,aAAa,GAAGD,YAAY,CAACE,GAAnC;AACA,MAAMC,YAAY,GAAGF,aAAH,aAAGA,aAAH,uBAAGA,aAAa,CAAEE,YAApC;AACA,SAAOJ,GAAG,CAACK,OAAJ,CAAYC,IAAZ,IAAqB,CAAAF,YAAY,SAAZ,IAAAA,YAAY,WAAZ,YAAAA,YAAY,CAAET,KAAd,MAAkC,eAA9D;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { OktaAuth } from '../../types';\nimport { OAuthError, AuthApiError } from '../../errors';\n\nexport function isInteractionRequiredError(error: Error) {\n  if (error.name !== 'OAuthError') {\n    return false;\n  }\n  const oauthError = error as OAuthError;\n  return (oauthError.errorCode === 'interaction_required');\n}\n\nexport function isAuthorizationCodeError(sdk: OktaAuth, error: Error) {\n  if (error.name !== 'AuthApiError') {\n    return false;\n  }\n  const authApiError = error as AuthApiError;\n  // xhr property doesn't seem to match XMLHttpRequest type\n  const errorResponse = authApiError.xhr as unknown as Record<string, unknown>;\n  const responseJSON = errorResponse?.responseJSON as Record<string, unknown>;\n  return sdk.options.pkce && (responseJSON?.error as string === 'invalid_grant');\n}\n"],"file":"errors.js"}

package/esm/oidc/util/index.js

@@ -1,25 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-export * from './browser';
-export * from './defaultTokenParams';
-export * from './errors';
-export * from './loginRedirect';
-export * from './oauth';
-import pkce from './pkce';
-export { pkce };
-export * from './prepareTokenParams';
-export * from './refreshToken';
-export * from './urlParams';
-export * from './validateClaims';
-export * from './validateToken';
-//# sourceMappingURL=index.js.map