@okta/okta-auth-js 5.6.0 → 5.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (60) hide show
  1. package/CHANGELOG.md +18 -0
  2. package/README.md +28 -1
  3. package/cjs/OktaAuth.js +6 -4
  4. package/cjs/OktaAuth.js.map +1 -1
  5. package/cjs/OktaUserAgent.js +2 -2
  6. package/cjs/builderUtil.js +6 -0
  7. package/cjs/builderUtil.js.map +1 -1
  8. package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
  9. package/cjs/idx/remediators/Base/VerifyAuthenticator.js +3 -1
  10. package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  11. package/cjs/idx/remediators/Identify.js +2 -1
  12. package/cjs/idx/remediators/Identify.js.map +1 -1
  13. package/cjs/idx/types/index.js.map +1 -1
  14. package/cjs/oidc/getToken.js +14 -9
  15. package/cjs/oidc/getToken.js.map +1 -1
  16. package/cjs/oidc/getWithPopup.js +9 -2
  17. package/cjs/oidc/getWithPopup.js.map +1 -1
  18. package/cjs/oidc/renewTokens.js +28 -5
  19. package/cjs/oidc/renewTokens.js.map +1 -1
  20. package/cjs/oidc/util/browser.js +1 -13
  21. package/cjs/oidc/util/browser.js.map +1 -1
  22. package/cjs/tx/AuthTransaction.js +1 -3
  23. package/cjs/tx/AuthTransaction.js.map +1 -1
  24. package/cjs/tx/api.js +3 -0
  25. package/cjs/tx/api.js.map +1 -1
  26. package/dist/okta-auth-js.min.js +7 -7
  27. package/dist/okta-auth-js.min.js.map +1 -1
  28. package/dist/okta-auth-js.umd.js +5 -5
  29. package/dist/okta-auth-js.umd.js.map +1 -1
  30. package/esm/OktaAuth.js +6 -4
  31. package/esm/OktaAuth.js.map +1 -1
  32. package/esm/OktaUserAgent.js +2 -2
  33. package/esm/builderUtil.js +6 -0
  34. package/esm/builderUtil.js.map +1 -1
  35. package/esm/idx/remediators/Base/Remediator.js.map +1 -1
  36. package/esm/idx/remediators/Base/VerifyAuthenticator.js +3 -1
  37. package/esm/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  38. package/esm/idx/remediators/Identify.js +2 -1
  39. package/esm/idx/remediators/Identify.js.map +1 -1
  40. package/esm/idx/types/index.js.map +1 -1
  41. package/esm/oidc/getToken.js +15 -10
  42. package/esm/oidc/getToken.js.map +1 -1
  43. package/esm/oidc/getWithPopup.js +8 -2
  44. package/esm/oidc/getWithPopup.js.map +1 -1
  45. package/esm/oidc/renewTokens.js +27 -5
  46. package/esm/oidc/renewTokens.js.map +1 -1
  47. package/esm/oidc/util/browser.js +1 -12
  48. package/esm/oidc/util/browser.js.map +1 -1
  49. package/esm/tx/AuthTransaction.js +1 -3
  50. package/esm/tx/AuthTransaction.js.map +1 -1
  51. package/esm/tx/api.js +3 -0
  52. package/esm/tx/api.js.map +1 -1
  53. package/lib/OktaAuth.d.ts +1 -0
  54. package/lib/idx/remediators/Base/AuthenticatorData.d.ts +1 -4
  55. package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +1 -4
  56. package/lib/idx/types/index.d.ts +4 -1
  57. package/lib/oidc/getToken.d.ts +2 -2
  58. package/lib/oidc/renewTokens.d.ts +0 -12
  59. package/lib/types/api.d.ts +8 -4
  60. package/package.json +5 -4
package/CHANGELOG.md CHANGED
@@ -1,5 +1,23 @@
1
1
  # Changelog
2
2
 
3
+ ## 5.7.0
4
+
5
+ ### Features
6
+
7
+ - [#983](https://github.com/okta/okta-auth-js/pull/983) Adds new method `setHeaders`
8
+
9
+ ### Fixes
10
+
11
+ - [#988](https://github.com/okta/okta-auth-js/pull/988) Fixes Safari & Firefox browsers block `getWithPopup` issue
12
+ - [#995](https://github.com/okta/okta-auth-js/pull/995) Sends cookie for `authn` related requests
13
+
14
+ ### Other
15
+
16
+ - [#981](https://github.com/okta/okta-auth-js/pull/981) TypeScript: Allows optional paramters for IDX methods
17
+ - [#986](https://github.com/okta/okta-auth-js/pull/986) TypeScript: Interface `SignInWithRedirectOptions` should extend `TokenParams`
18
+ - [#992](https://github.com/okta/okta-auth-js/pull/992) TypeScript: Adds fields for `Input` type in NextStep object
19
+ - [#997](https://github.com/okta/okta-auth-js/pull/997) Validates `scopes` config param is an `array`
20
+
3
21
  ## 5.6.0
4
22
 
5
23
  ### Features
package/README.md CHANGED
@@ -827,6 +827,7 @@ Defaults to `none` if the `secure` option is `true`, or `lax` if the `secure` op
827
827
  * [removeOriginalUri](#removeoriginaluri)
828
828
  * [isLoginRedirect](#isloginredirect)
829
829
  * [handleLoginRedirect](#handleloginredirecttokens)
830
+ * [setHeaders](#setheaders)
830
831
  * [tx.resume](#txresume)
831
832
  * [tx.exists](#txexists)
832
833
  * [transaction.status](#transactionstatus)
@@ -887,6 +888,7 @@ See [authn API](docs/authn.md#signinwithcredentials).
887
888
  ### `signInWithRedirect(options)`
888
889
 
889
890
  > :link: web browser only <br>
891
+ > :hourglass: async
890
892
 
891
893
  Starts the full-page redirect to Okta with [optional request parameters](#authorize-options). In this flow, there is a originalUri parameter in options to track the route before the user signIn, and the addtional params are mapped to the [Authorize options](#authorize-options).
892
894
  You can use [storeTokensFromRedirect](#storetokensfromredirect) to store tokens and [getOriginalUri](#getoriginaluristate) to clear the intermediate state (the originalUri) after successful authentication.
@@ -1110,6 +1112,31 @@ Stores passed in tokens or tokens from redirect url into storage, then redirect
1110
1112
 
1111
1113
  > **Note:** `handleLoginRedirect` throws `OAuthError` or `AuthSdkError` in case there are errors during token retrieval.
1112
1114
 
1115
+ ### `setHeaders()`
1116
+
1117
+ Can set (or unset) request headers after construction.
1118
+
1119
+ ```javascript
1120
+ const authClient = new OktaAuth({
1121
+ issuer: 'https://{yourOktaDomain}',
1122
+
1123
+ // headers can be set during construction
1124
+ headers: {
1125
+ foo: 'bar'
1126
+ }
1127
+ });
1128
+
1129
+ // Headers can be set (or modified) after construction
1130
+ authClient.setHeaders({
1131
+ foo: 'baz'
1132
+ });
1133
+
1134
+ // Headers can be removed
1135
+ authClient.setHeaders({
1136
+ foo: undefined
1137
+ })
1138
+ ```
1139
+
1113
1140
  ### `tx.resume()`
1114
1141
 
1115
1142
  See [authn API](docs/authn.md#txresume).
@@ -1853,4 +1880,4 @@ const OktaAuth = require('@okta/okta-auth-js').OktaAuth;
1853
1880
 
1854
1881
  ## Contributing
1855
1882
 
1856
- We're happy to accept contributions and PRs! Please see the [contribution guide](contributing.md) to understand how to structure a contribution.
1883
+ We're happy to accept contributions and PRs! Please see the [contribution guide](CONTRIBUTING.md) to understand how to structure a contribution.
package/cjs/OktaAuth.js CHANGED
@@ -117,9 +117,9 @@ class OktaAuth {
117
117
  redirectUri: (0, _util.toAbsoluteUrl)(args.redirectUri, window.location.origin) // allow relative URIs
118
118
 
119
119
  });
120
- this.userAgent = (0, _builderUtil.getUserAgent)(args, `okta-auth-js/${"5.6.0"}`);
120
+ this.userAgent = (0, _builderUtil.getUserAgent)(args, `okta-auth-js/${"5.7.0"}`);
121
121
  } else {
122
- this.userAgent = (0, _builderUtil.getUserAgent)(args, `okta-auth-js-server/${"5.6.0"}`);
122
+ this.userAgent = (0, _builderUtil.getUserAgent)(args, `okta-auth-js-server/${"5.7.0"}`);
123
123
  } // Digital clocks will drift over time, so the server
124
124
  // can misalign with the time reported by the browser.
125
125
  // The maxClockSkew allows relaxing the time-based
@@ -230,6 +230,10 @@ class OktaAuth {
230
230
 
231
231
  stop() {
232
232
  this.tokenManager.stop();
233
+ }
234
+
235
+ setHeaders(headers) {
236
+ this.options.headers = Object.assign({}, this.options.headers, headers);
233
237
  } // ES6 module users can use named exports to access all symbols
234
238
  // CommonJS module users (CDN) need all exports on this object
235
239
  // Utility methods for interaction code flow
@@ -253,8 +257,6 @@ class OktaAuth {
253
257
  opts = (0, _util.clone)(opts || {});
254
258
 
255
259
  const _postToTransaction = options => {
256
- options = options || {};
257
- options.withCredentials = true;
258
260
  delete opts.sendFingerprint;
259
261
  return (0, _tx.postToTransaction)(this, '/api/v1/authn', opts, options);
260
262
  };
package/cjs/OktaAuth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/OktaAuth.ts"],"names":["Emitter","require","OktaAuth","constructor","args","options","storageManager","cookies","storageUtil","StorageManager","transactionManager","TransactionManager","Object","assign","_oktaUserAgent","OktaUserAgent","tx","status","transactionStatus","bind","resume","resumeTransaction","exists","transactionExists","_get","name","storage","get","introspect","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","getPKCEStorage","getLegacyPKCEStorage","getHttpCache","_pending","handleLogin","redirectUri","window","location","origin","userAgent","maxClockSkew","DEFAULT_MAX_CLOCK_SKEW","ignoreLifetime","session","close","closeSession","sessionExists","getSession","refresh","refreshSession","setCookieAndRedirect","_tokenQueue","PromiseQueue","token","prepareTokenParams","exchangeCodeForTokens","getWithoutPrompt","getWithPopup","getWithRedirect","parseFromUrl","decode","decodeToken","revoke","revokeToken","renew","renewToken","renewTokensWithRefresh","renewTokens","getUserInfo","verify","verifyToken","isLoginRedirect","syncMethods","keys","forEach","key","indexOf","method","prototype","push","_setLocation","url","_getHistory","history","_getLocation","_getDocument","document","idx","interact","introspectV2","authenticate","register","cancel","recoverPassword","handleInteractionCodeRedirect","startTransaction","http","setRequestHeader","fingerprint","emitter","tokenManager","TokenManager","authStateManager","AuthStateManager","start","updateAuthState","stop","isInteractionRequired","isInteractionRequiredError","error","signIn","opts","signInWithCredentials","_postToTransaction","withCredentials","sendFingerprint","then","headers","signInWithRedirect","originalUri","additionalParams","setOriginalUri","params","scopes","clear","catch","e","errorCode","revokeAccessToken","accessToken","getTokens","accessTokenKey","getStorageKeyByType","remove","Promise","resolve","revokeRefreshToken","refreshToken","refreshTokenKey","getSignOutRedirectUrl","idToken","postLogoutRedirectUri","state","getTokensSync","logoutUrl","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","currentUri","href","reload","webfinger","isAuthenticated","autoRenew","autoRemove","getOptions","hasExpired","getUser","getIdToken","undefined","getAccessToken","getRefreshToken","storeTokensFromRedirect","tokens","setTokens","browserStorage","getSessionStorage","setItem","REFERRER_PATH_STORAGE_KEY","getOriginalUri","meta","load","oauth","getItem","removeOriginalUri","removeItem","handleLoginRedirect","restoreOriginalUri","replace","isPKCE","hasResponseType","responseType","Array","isArray","length","isAuthorizationCodeFlow","getIssuerOrigin","issuer","split","forgotPassword","unlockAccount","verifyRecoveryToken","features","constants"],"mappings":";;;;;;AAgBA;;AAgCA;;AAQA;;AACA;;AAOA;;AAmBA;;AAEA;;AACA;;AAKA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAUA;;AACA;;AACA;;;;;;AAhHA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AACA;AAoGA,MAAMA,OAAO,GAAGC,OAAO,CAAC,cAAD,CAAvB;;AAEA,MAAMC,QAAN,CAA8D;AAM5D;AACA;AACA;AAeAC,EAAAA,WAAW,CAACC,IAAD,EAAwB;AACjC,SAAKC,OAAL,GAAe,2BAAaD,IAAb,CAAf;AACA,UAAM;AAAEE,MAAAA,cAAF;AAAkBC,MAAAA,OAAlB;AAA2BC,MAAAA;AAA3B,QAA2C,KAAKH,OAAtD;AACA,SAAKC,cAAL,GAAsB,IAAIG,uBAAJ,CAAmBH,cAAnB,EAAmCC,OAAnC,EAA4CC,WAA5C,CAAtB;AACA,SAAKE,kBAAL,GAA0B,IAAIC,2BAAJ,CAAuBC,MAAM,CAACC,MAAP,CAAc;AAC7DP,MAAAA,cAAc,EAAE,KAAKA;AADwC,KAAd,EAE9CF,IAAI,CAACM,kBAFyC,CAAvB,CAA1B;AAGA,SAAKI,cAAL,GAAsB,IAAIC,4BAAJ,EAAtB;AAEA,SAAKC,EAAL,GAAU;AACRC,MAAAA,MAAM,EAAEC,sBAAkBC,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CADA;AAERC,MAAAA,MAAM,EAAEC,sBAAkBF,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAFA;AAGRG,MAAAA,MAAM,EAAEV,MAAM,CAACC,MAAP,CAAcU,sBAAkBJ,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAAd,EAAkD;AACxDK,QAAAA,IAAI,EAAGC,IAAD,IAAU;AACd,gBAAMC,OAAO,GAAGlB,WAAW,CAACkB,OAA5B;AACA,iBAAOA,OAAO,CAACC,GAAR,CAAYF,IAAZ,CAAP;AACD;AAJuD,OAAlD,CAHA;AASRG,MAAAA,UAAU,EAAEA,eAAWT,IAAX,CAAgB,IAAhB,EAAsB,IAAtB;AATJ,KAAV;AAYA,SAAKU,IAAL,GAAY;AACVC,MAAAA,6BAA6B,EAAEC,cAAKD,6BAD1B;AAEVE,MAAAA,gBAAgB,EAAED,cAAKC,gBAFb;AAGVC,MAAAA,gBAAgB,EAAEF,cAAKE;AAHb,KAAZ,CArBiC,CA2BjC;;AACArB,IAAAA,MAAM,CAACC,MAAP,CAAc,KAAKR,OAAL,CAAaG,WAA3B,EAAwC;AACtC0B,MAAAA,cAAc,EAAE,KAAK5B,cAAL,CAAoB6B,oBAApB,CAAyChB,IAAzC,CAA8C,KAAKb,cAAnD,CADsB;AAEtC8B,MAAAA,YAAY,EAAE,KAAK9B,cAAL,CAAoB8B,YAApB,CAAiCjB,IAAjC,CAAsC,KAAKb,cAA3C;AAFwB,KAAxC;AAKA,SAAK+B,QAAL,GAAgB;AAAEC,MAAAA,WAAW,EAAE;AAAf,KAAhB;;AAEA,QAAI,yBAAJ,EAAiB;AACf,WAAKjC,OAAL,GAAeO,MAAM,CAACC,MAAP,CAAc,KAAKR,OAAnB,EAA4B;AACzCkC,QAAAA,WAAW,EAAE,yBAAcnC,IAAI,CAACmC,WAAnB,EAAgCC,MAAM,CAACC,QAAP,CAAgBC,MAAhD,CAD4B,CAC6B;;AAD7B,OAA5B,CAAf;AAGA,WAAKC,SAAL,GAAiB,+BAAavC,IAAb,EAAoB,gBAAD,OAA4B,EAA/C,CAAjB;AACD,KALD,MAKO;AACL,WAAKuC,SAAL,GAAiB,+BAAavC,IAAb,EAAoB,uBAAD,OAAmC,EAAtD,CAAjB;AACD,KA1CgC,CA4CjC;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,QAAI,CAACA,IAAI,CAACwC,YAAN,IAAsBxC,IAAI,CAACwC,YAAL,KAAsB,CAAhD,EAAmD;AACjD,WAAKvC,OAAL,CAAauC,YAAb,GAA4BC,gCAA5B;AACD,KAFD,MAEO;AACL,WAAKxC,OAAL,CAAauC,YAAb,GAA4BxC,IAAI,CAACwC,YAAjC;AACD,KAvDgC,CAyDjC;AACA;AACA;;;AACA,SAAKvC,OAAL,CAAayC,cAAb,GAA8B,CAAC,CAAC1C,IAAI,CAAC0C,cAArC;AAEA,SAAKC,OAAL,GAAe;AACbC,MAAAA,KAAK,EAAEC,sBAAa9B,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CADM;AAEbG,MAAAA,MAAM,EAAE4B,uBAAc/B,IAAd,CAAmB,IAAnB,EAAyB,IAAzB,CAFK;AAGbQ,MAAAA,GAAG,EAAEwB,oBAAWhC,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAHQ;AAIbiC,MAAAA,OAAO,EAAEC,wBAAelC,IAAf,CAAoB,IAApB,EAA0B,IAA1B,CAJI;AAKbmC,MAAAA,oBAAoB,EAAEA,8BAAqBnC,IAArB,CAA0B,IAA1B,EAAgC,IAAhC;AALT,KAAf;AAQA,SAAKoC,WAAL,GAAmB,IAAIC,qBAAJ,EAAnB;AACA,SAAKC,KAAL,GAAa;AACXC,MAAAA,kBAAkB,EAAEA,yBAAmBvC,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CADT;AAEXwC,MAAAA,qBAAqB,EAAEA,4BAAsBxC,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAFZ;AAGXyC,MAAAA,gBAAgB,EAAEA,uBAAiBzC,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAHP;AAIX0C,MAAAA,YAAY,EAAEA,mBAAa1C,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAJH;AAKX2C,MAAAA,eAAe,EAAEA,sBAAgB3C,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CALN;AAMX4C,MAAAA,YAAY,EAAEA,mBAAa5C,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CANH;AAOX6C,MAAAA,MAAM,EAAEC,iBAPG;AAQXC,MAAAA,MAAM,EAAEC,kBAAYhD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CARG;AASXiD,MAAAA,KAAK,EAAEC,iBAAWlD,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CATI;AAUXmD,MAAAA,sBAAsB,EAAEA,6BAAuBnD,IAAvB,CAA4B,IAA5B,EAAkC,IAAlC,CAVb;AAWXoD,MAAAA,WAAW,EAAEA,kBAAYpD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAXF;AAYXqD,MAAAA,WAAW,EAAEA,kBAAYrD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAZF;AAaXsD,MAAAA,MAAM,EAAEC,kBAAYvD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAbG;AAcXwD,MAAAA,eAAe,EAAEA,sBAAgBxD,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAdN,KAAb,CAvEiC,CAuFjC;;AACA,UAAMyD,WAAW,GAAG,CAAC,QAAD,EAAW,iBAAX,CAApB;AACAhE,IAAAA,MAAM,CAACiE,IAAP,CAAY,KAAKpB,KAAjB,EAAwBqB,OAAxB,CAAgCC,GAAG,IAAI;AACrC,UAAIH,WAAW,CAACI,OAAZ,CAAoBD,GAApB,KAA4B,CAAhC,EAAmC;AAAE;AACnC;AACD;;AACD,UAAIE,MAAM,GAAG,KAAKxB,KAAL,CAAWsB,GAAX,CAAb;AACA,WAAKtB,KAAL,CAAWsB,GAAX,IAAkBvB,sBAAa0B,SAAb,CAAuBC,IAAvB,CAA4BhE,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmD0B,MAAnD,EAA2D,IAA3D,CAAlB;AACD,KAND;AAQArE,IAAAA,MAAM,CAACC,MAAP,CAAc,KAAK4C,KAAL,CAAWK,eAAzB,EAA0C;AACxC;AACAsB,MAAAA,YAAY,EAAE,UAASC,GAAT,EAAc;AAC1B7C,QAAAA,MAAM,CAACC,QAAP,GAAkB4C,GAAlB;AACD;AAJuC,KAA1C;AAMAzE,IAAAA,MAAM,CAACC,MAAP,CAAc,KAAK4C,KAAL,CAAWM,YAAzB,EAAuC;AACrC;AACAuB,MAAAA,WAAW,EAAE,YAAW;AACtB,eAAO9C,MAAM,CAAC+C,OAAd;AACD,OAJoC;AAMrC;AACAC,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAOhD,MAAM,CAACC,QAAd;AACD,OAToC;AAWrC;AACAgD,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAOjD,MAAM,CAACkD,QAAd;AACD;AAdoC,KAAvC,EAvGiC,CAwHjC;;AACA,SAAKC,GAAL,GAAW;AACTC,MAAAA,QAAQ,EAAEA,cAASzE,IAAT,CAAc,IAAd,EAAoB,IAApB,CADD;AAETS,MAAAA,UAAU,EAAEiE,gBAAa1E,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAFH;AAGT2E,MAAAA,YAAY,EAAEA,kBAAa3E,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAHL;AAIT4E,MAAAA,QAAQ,EAAEA,cAAS5E,IAAT,CAAc,IAAd,EAAoB,IAApB,CAJD;AAKT6E,MAAAA,MAAM,EAAEA,YAAO7E,IAAP,CAAY,IAAZ,EAAkB,IAAlB,CALC;AAMT8E,MAAAA,eAAe,EAAEA,qBAAgB9E,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CANR;AAOT+E,MAAAA,6BAA6B,EAAEA,mCAA8B/E,IAA9B,CAAmC,IAAnC,EAAyC,IAAzC,CAPtB;AAQTgF,MAAAA,gBAAgB,EAAEA,sBAAiBhF,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AART,KAAX;AAUA,8CAA4B,6CAA+B,IAA/B,CAA5B,EAnIiC,CAmIkC;AAEnE;;AACA,SAAKiF,IAAL,GAAY;AACVC,MAAAA,gBAAgB,EAAEA,uBAAiBlF,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AADR,KAAZ,CAtIiC,CA0IjC;;AACA,SAAKmF,WAAL,GAAmBA,qBAAYnF,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAAnB;AAEA,SAAKoF,OAAL,GAAe,IAAIvG,OAAJ,EAAf,CA7IiC,CA+IjC;;AACA,SAAKwG,YAAL,GAAoB,IAAIC,0BAAJ,CAAiB,IAAjB,EAAuBrG,IAAI,CAACoG,YAA5B,CAApB,CAhJiC,CAkJjC;;AACA,SAAKE,gBAAL,GAAwB,IAAIC,kCAAJ,CAAqB,IAArB,CAAxB;AACD;;AAEDC,EAAAA,KAAK,GAAG;AACN,SAAKJ,YAAL,CAAkBI,KAAlB;;AACA,QAAI,CAAC,KAAKnD,KAAL,CAAWkB,eAAX,EAAL,EAAmC;AACjC,WAAK+B,gBAAL,CAAsBG,eAAtB;AACD;AACF;;AAEDC,EAAAA,IAAI,GAAG;AACL,SAAKN,YAAL,CAAkBM,IAAlB;AACD,GAtL2D,CAwL5D;AACA;AAEA;;;AACAC,EAAAA,qBAAqB,GAAY;AAC/B,WAAO,iCAAsB,IAAtB,CAAP;AACD;;AAEDC,EAAAA,0BAA0B,CAACC,KAAD,EAAwB;AAChD,WAAO,sCAA2BA,KAA3B,CAAP;AACD;;AAEW,QAANC,MAAM,CAACC,IAAD,EAAgD;AAC1D;AACA;AACA,WAAO,KAAKC,qBAAL,CAA2BD,IAA3B,CAAP;AACD;;AAE0B,QAArBC,qBAAqB,CAACD,IAAD,EAA+D;AACxFA,IAAAA,IAAI,GAAG,iBAAMA,IAAI,IAAI,EAAd,CAAP;;AACA,UAAME,kBAAkB,GAAIhH,OAAD,IAAc;AACvCA,MAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;AACAA,MAAAA,OAAO,CAACiH,eAAR,GAA0B,IAA1B;AACA,aAAOH,IAAI,CAACI,eAAZ;AACA,aAAO,2BAAkB,IAAlB,EAAwB,eAAxB,EAAyCJ,IAAzC,EAA+C9G,OAA/C,CAAP;AACD,KALD;;AAMA,QAAI,CAAC8G,IAAI,CAACI,eAAV,EAA2B;AACzB,aAAOF,kBAAkB,EAAzB;AACD;;AACD,WAAO,KAAKf,WAAL,GACNkB,IADM,CACD,UAASlB,WAAT,EAAsB;AAC1B,aAAOe,kBAAkB,CAAC;AACxBI,QAAAA,OAAO,EAAE;AACP,kCAAwBnB;AADjB;AADe,OAAD,CAAzB;AAKD,KAPM,CAAP;AAQD;;AAEuB,QAAlBoB,kBAAkB,CAACP,IAA+B,GAAG,EAAnC,EAAuC;AAC7D,UAAM;AAAEQ,MAAAA,WAAF;AAAe,SAAGC;AAAlB,QAAuCT,IAA7C;;AACA,QAAG,KAAK9E,QAAL,CAAcC,WAAjB,EAA8B;AAC5B;AACA;AACD;;AAED,SAAKD,QAAL,CAAcC,WAAd,GAA4B,IAA5B;;AACA,QAAI;AACF;AACA,UAAIqF,WAAJ,EAAiB;AACf,aAAKE,cAAL,CAAoBF,WAApB;AACD;;AACD,YAAMG,MAAM,GAAGlH,MAAM,CAACC,MAAP,CAAc;AAC3B;AACAkH,QAAAA,MAAM,EAAE,KAAK1H,OAAL,CAAa0H,MAAb,IAAuB,CAAC,QAAD,EAAW,OAAX,EAAoB,SAApB;AAFJ,OAAd,EAGZH,gBAHY,CAAf;AAIA,YAAM,KAAKnE,KAAL,CAAWK,eAAX,CAA2BgE,MAA3B,CAAN;AACD,KAVD,SAUU;AACR,WAAKzF,QAAL,CAAcC,WAAd,GAA4B,KAA5B;AACD;AACF,GApP2D,CAsP5D;;;AACAW,EAAAA,YAAY,GAAoB;AAC9B;AACA,SAAKuD,YAAL,CAAkBwB,KAAlB;AAEA,WAAO,KAAKjF,OAAL,CAAaC,KAAb,GAAqB;AAArB,KACNiF,KADM,CACA,UAASC,CAAT,EAAY;AACjB,UAAIA,CAAC,CAACzG,IAAF,KAAW,cAAX,IAA6ByG,CAAC,CAACC,SAAF,KAAgB,UAAjD,EAA6D;AAC3D;AACA,eAAO,IAAP;AACD;;AACD,YAAMD,CAAN;AACD,KAPM,CAAP;AAQD,GAnQ2D,CAqQ5D;;;AACuB,QAAjBE,iBAAiB,CAACC,WAAD,EAA6C;AAClE,QAAI,CAACA,WAAL,EAAkB;AAChBA,MAAAA,WAAW,GAAG,CAAC,MAAM,KAAK7B,YAAL,CAAkB8B,SAAlB,EAAP,EAAsCD,WAApD;AACA,YAAME,cAAc,GAAG,KAAK/B,YAAL,CAAkBgC,mBAAlB,CAAsC,aAAtC,CAAvB;AACA,WAAKhC,YAAL,CAAkBiC,MAAlB,CAAyBF,cAAzB;AACD,KALiE,CAMlE;;;AACA,QAAI,CAACF,WAAL,EAAkB;AAChB,aAAOK,OAAO,CAACC,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKlF,KAAL,CAAWS,MAAX,CAAkBmE,WAAlB,CAAP;AACD,GAjR2D,CAmR5D;;;AACwB,QAAlBO,kBAAkB,CAACC,YAAD,EAA+C;AACrE,QAAI,CAACA,YAAL,EAAmB;AACjBA,MAAAA,YAAY,GAAG,CAAC,MAAM,KAAKrC,YAAL,CAAkB8B,SAAlB,EAAP,EAAsCO,YAArD;AACA,YAAMC,eAAe,GAAG,KAAKtC,YAAL,CAAkBgC,mBAAlB,CAAsC,cAAtC,CAAxB;AACA,WAAKhC,YAAL,CAAkBiC,MAAlB,CAAyBK,eAAzB;AACD,KALoE,CAMrE;;;AACA,QAAI,CAACD,YAAL,EAAmB;AACjB,aAAOH,OAAO,CAACC,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKlF,KAAL,CAAWS,MAAX,CAAkB2E,YAAlB,CAAP;AACD;;AAEDE,EAAAA,qBAAqB,CAAC1I,OAAkC,GAAG,EAAtC,EAA0C;AAC7D,QAAI;AACF2I,MAAAA,OADE;AAEFC,MAAAA,qBAFE;AAGFC,MAAAA;AAHE,QAIA7I,OAJJ;;AAKA,QAAI,CAAC2I,OAAL,EAAc;AACZA,MAAAA,OAAO,GAAG,KAAKxC,YAAL,CAAkB2C,aAAlB,GAAkCH,OAA5C;AACD;;AACD,QAAI,CAACA,OAAL,EAAc;AACZ,aAAO,EAAP;AACD;;AACD,QAAI,CAACC,qBAAL,EAA4B;AAC1BA,MAAAA,qBAAqB,GAAG,KAAK5I,OAAL,CAAa4I,qBAArC;AACD;;AAED,UAAMG,SAAS,GAAG,wBAAa,IAAb,EAAmBA,SAArC;AACA,UAAMC,WAAW,GAAGL,OAAO,CAACA,OAA5B,CAjB6D,CAiBxB;;AACrC,QAAIM,SAAS,GAAGF,SAAS,GAAG,iBAAZ,GAAgCG,kBAAkB,CAACF,WAAD,CAAlE;;AACA,QAAIJ,qBAAJ,EAA2B;AACzBK,MAAAA,SAAS,IAAI,+BAA+BC,kBAAkB,CAACN,qBAAD,CAA9D;AACD,KArB4D,CAsB7D;;;AACA,QAAIC,KAAJ,EAAW;AACTI,MAAAA,SAAS,IAAI,YAAYC,kBAAkB,CAACL,KAAD,CAA3C;AACD;;AAED,WAAOI,SAAP;AACD,GA7T2D,CA+T5D;;;AACa,QAAPE,OAAO,CAACnJ,OAAD,EAA2B;AACtCA,IAAAA,OAAO,GAAGO,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBR,OAAlB,CAAV,CADsC,CAGtC;;AACA,QAAIoJ,UAAU,GAAGjH,MAAM,CAACC,QAAP,CAAgBC,MAAjC;AACA,QAAIgH,UAAU,GAAGlH,MAAM,CAACC,QAAP,CAAgBkH,IAAjC;AACA,QAAIV,qBAAqB,GAAG5I,OAAO,CAAC4I,qBAAR,IACvB,KAAK5I,OAAL,CAAa4I,qBADU,IAEvBQ,UAFL;AAIA,QAAIpB,WAAW,GAAGhI,OAAO,CAACgI,WAA1B;AACA,QAAIQ,YAAY,GAAGxI,OAAO,CAACwI,YAA3B;AACA,QAAIT,iBAAiB,GAAG/H,OAAO,CAAC+H,iBAAR,KAA8B,KAAtD;AACA,QAAIQ,kBAAkB,GAAGvI,OAAO,CAACuI,kBAAR,KAA+B,KAAxD;;AAEA,QAAIA,kBAAkB,IAAI,OAAOC,YAAP,KAAwB,WAAlD,EAA+D;AAC7DA,MAAAA,YAAY,GAAG,KAAKrC,YAAL,CAAkB2C,aAAlB,GAAkCN,YAAjD;AACD;;AAED,QAAIT,iBAAiB,IAAI,OAAOC,WAAP,KAAuB,WAAhD,EAA6D;AAC3DA,MAAAA,WAAW,GAAG,KAAK7B,YAAL,CAAkB2C,aAAlB,GAAkCd,WAAhD;AACD;;AAED,QAAI,CAAChI,OAAO,CAAC2I,OAAb,EAAsB;AACpB3I,MAAAA,OAAO,CAAC2I,OAAR,GAAkB,KAAKxC,YAAL,CAAkB2C,aAAlB,GAAkCH,OAApD;AACD,KAzBqC,CA2BtC;;;AACA,SAAKxC,YAAL,CAAkBwB,KAAlB;;AAEA,QAAIY,kBAAkB,IAAIC,YAA1B,EAAwC;AACtC,YAAM,KAAKD,kBAAL,CAAwBC,YAAxB,CAAN;AACD;;AAED,QAAIT,iBAAiB,IAAIC,WAAzB,EAAsC;AACpC,YAAM,KAAKD,iBAAL,CAAuBC,WAAvB,CAAN;AACD;;AAED,UAAMiB,SAAS,GAAG,KAAKP,qBAAL,CAA2B,EAAE,GAAG1I,OAAL;AAAc4I,MAAAA;AAAd,KAA3B,CAAlB,CAtCsC,CAuCtC;AACA;;AACA,QAAI,CAACK,SAAL,EAAgB;AACd,aAAO,KAAKrG,YAAL,GAAoB;AAApB,OACNuE,IADM,CACD,YAAW;AACf,YAAIyB,qBAAqB,KAAKS,UAA9B,EAA0C;AACxClH,UAAAA,MAAM,CAACC,QAAP,CAAgBmH,MAAhB,GADwC,CACd;AAC3B,SAFD,MAEO;AACLpH,UAAAA,MAAM,CAACC,QAAP,CAAgB5B,MAAhB,CAAuBoI,qBAAvB;AACD;AACF,OAPM,CAAP;AAQD,KATD,MASO;AACL;AACAzG,MAAAA,MAAM,CAACC,QAAP,CAAgB5B,MAAhB,CAAuByI,SAAvB;AACD;AACF;;AAEDO,EAAAA,SAAS,CAAC1C,IAAD,EAAwB;AAC/B,QAAI9B,GAAG,GAAG,2BAA2B,yBAAc8B,IAAd,CAArC;AACA,QAAI9G,OAAO,GAAG;AACZoH,MAAAA,OAAO,EAAE;AACP,kBAAU;AADH;AADG,KAAd;AAKA,WAAO,eAAI,IAAJ,EAAUpC,GAAV,EAAehF,OAAf,CAAP;AACD,GAhY2D,CAkY5D;AACA;AACA;AAEA;AACA;;;AACqB,QAAfyJ,eAAe,GAAqB;AAExC,QAAI;AAAEzB,MAAAA,WAAF;AAAeW,MAAAA;AAAf,QAA2B,KAAKxC,YAAL,CAAkB2C,aAAlB,EAA/B;AACA,UAAM;AAAEY,MAAAA,SAAF;AAAaC,MAAAA;AAAb,QAA4B,KAAKxD,YAAL,CAAkByD,UAAlB,EAAlC;;AAEA,QAAI5B,WAAW,IAAI,KAAK7B,YAAL,CAAkB0D,UAAlB,CAA6B7B,WAA7B,CAAnB,EAA8D;AAC5DA,MAAAA,WAAW,GAAG,IAAd;;AACA,UAAI0B,SAAJ,EAAe;AACb1B,QAAAA,WAAW,GAAG,MAAM,KAAK7B,YAAL,CAAkBpC,KAAlB,CAAwB,aAAxB,CAApB;AACD,OAFD,MAEO,IAAI4F,UAAJ,EAAgB;AACrB,aAAKxD,YAAL,CAAkBiC,MAAlB,CAAyB,aAAzB;AACD;AACF;;AAED,QAAIO,OAAO,IAAI,KAAKxC,YAAL,CAAkB0D,UAAlB,CAA6BlB,OAA7B,CAAf,EAAsD;AACpDA,MAAAA,OAAO,GAAG,IAAV;;AACA,UAAIe,SAAJ,EAAe;AACbf,QAAAA,OAAO,GAAG,MAAM,KAAKxC,YAAL,CAAkBpC,KAAlB,CAAwB,SAAxB,CAAhB;AACD,OAFD,MAEO,IAAI4F,UAAJ,EAAgB;AACrB,aAAKxD,YAAL,CAAkBiC,MAAlB,CAAyB,SAAzB;AACD;AACF;;AAED,WAAO,CAAC,EAAEJ,WAAW,IAAIW,OAAjB,CAAR;AACD;;AAEY,QAAPmB,OAAO,GAAwB;AACnC,UAAM;AAAEnB,MAAAA,OAAF;AAAWX,MAAAA;AAAX,QAA2B,KAAK7B,YAAL,CAAkB2C,aAAlB,EAAjC;AACA,WAAO,KAAK1F,KAAL,CAAWe,WAAX,CAAuB6D,WAAvB,EAAoCW,OAApC,CAAP;AACD;;AAEDoB,EAAAA,UAAU,GAAuB;AAC/B,UAAM;AAAEpB,MAAAA;AAAF,QAAc,KAAKxC,YAAL,CAAkB2C,aAAlB,EAApB;AACA,WAAOH,OAAO,GAAGA,OAAO,CAACA,OAAX,GAAqBqB,SAAnC;AACD;;AAEDC,EAAAA,cAAc,GAAuB;AACnC,UAAM;AAAEjC,MAAAA;AAAF,QAAkB,KAAK7B,YAAL,CAAkB2C,aAAlB,EAAxB;AACA,WAAOd,WAAW,GAAGA,WAAW,CAACA,WAAf,GAA6BgC,SAA/C;AACD;;AAEDE,EAAAA,eAAe,GAAuB;AACpC,UAAM;AAAE1B,MAAAA;AAAF,QAAmB,KAAKrC,YAAL,CAAkB2C,aAAlB,EAAzB;AACA,WAAON,YAAY,GAAGA,YAAY,CAACA,YAAhB,GAA+BwB,SAAlD;AACD;AAED;AACF;AACA;;;AAC+B,QAAvBG,uBAAuB,GAAkB;AAC7C,UAAM;AAAEC,MAAAA;AAAF,QAAa,MAAM,KAAKhH,KAAL,CAAWM,YAAX,EAAzB;AACA,SAAKyC,YAAL,CAAkBkE,SAAlB,CAA4BD,MAA5B;AACD;;AAED5C,EAAAA,cAAc,CAACF,WAAD,EAA4B;AACxC,UAAMjG,OAAO,GAAGiJ,wBAAeC,iBAAf,EAAhB;;AACAlJ,IAAAA,OAAO,CAACmJ,OAAR,CAAgBC,mCAAhB,EAA2CnD,WAA3C;AACD;;AAEDoD,EAAAA,cAAc,CAAC7B,KAAD,EAAyB;AACrC,QAAIA,KAAJ,EAAW;AACT,YAAM8B,IAAqB,GAAG,KAAKtK,kBAAL,CAAwBuK,IAAxB,CAA6B;AACzDC,QAAAA,KAAK,EAAE,IADkD;AAEzDhC,QAAAA;AAFyD,OAA7B,CAA9B;AAIA,aAAO8B,IAAI,CAACrD,WAAZ;AACD;;AACD,UAAMjG,OAAO,GAAGiJ,wBAAeC,iBAAf,EAAhB;;AACA,UAAMjD,WAAW,GAAGjG,OAAO,GAAGA,OAAO,CAACyJ,OAAR,CAAgBL,mCAAhB,CAAH,GAAgDT,SAA3E;AACA,WAAO1C,WAAP;AACD;;AAEDyD,EAAAA,iBAAiB,GAAS;AACxB,UAAM1J,OAAO,GAAGiJ,wBAAeC,iBAAf,EAAhB;;AACAlJ,IAAAA,OAAO,CAAC2J,UAAR,CAAmBP,mCAAnB;AACD;;AAEDnG,EAAAA,eAAe,GAAY;AACzB,WAAO,2BAAgB,IAAhB,CAAP;AACD;;AAEwB,QAAnB2G,mBAAmB,CAACb,MAAD,EAAkB9C,WAAlB,EAAuD;AAC9E;AACA,QAAI8C,MAAJ,EAAY;AACV,WAAKjE,YAAL,CAAkBkE,SAAlB,CAA4BD,MAA5B;AACA9C,MAAAA,WAAW,GAAGA,WAAW,IAAI,KAAKoD,cAAL,EAA7B;AACD,KAHD,MAGO,IAAI,KAAKpG,eAAL,EAAJ,EAA4B;AACjC;AACA,YAAM;AAAEuE,QAAAA;AAAF,UAAY,MAAM,6CAA0B,IAA1B,EAAgC,EAAhC,CAAxB;AACAvB,MAAAA,WAAW,GAAGA,WAAW,IAAI,KAAKoD,cAAL,CAAoB7B,KAApB,CAA7B;AACA,YAAM,KAAKsB,uBAAL,EAAN;AACD,KALM,MAKA;AACL,aADK,CACG;AACT,KAZ6E,CAc9E;;;AACA,UAAM,KAAK9D,gBAAL,CAAsBG,eAAtB,EAAN,CAf8E,CAiB9E;;AACA,SAAKuE,iBAAL,GAlB8E,CAoB9E;;AACA,UAAM;AAAEG,MAAAA;AAAF,QAAyB,KAAKlL,OAApC;;AACA,QAAIkL,kBAAJ,EAAwB;AACtB,YAAMA,kBAAkB,CAAC,IAAD,EAAO5D,WAAP,CAAxB;AACD,KAFD,MAEO;AACLnF,MAAAA,MAAM,CAACC,QAAP,CAAgB+I,OAAhB,CAAwB7D,WAAxB;AACD;AACF;;AAED8D,EAAAA,MAAM,GAAY;AAChB,WAAO,CAAC,CAAC,KAAKpL,OAAL,CAAawB,IAAtB;AACD;;AAED6J,EAAAA,eAAe,CAACC,YAAD,EAAgC;AAC7C,QAAID,eAAe,GAAG,KAAtB;;AACA,QAAIE,KAAK,CAACC,OAAN,CAAc,KAAKxL,OAAL,CAAasL,YAA3B,KAA4C,KAAKtL,OAAL,CAAasL,YAAb,CAA0BG,MAA1E,EAAkF;AAChFJ,MAAAA,eAAe,GAAG,KAAKrL,OAAL,CAAasL,YAAb,CAA0B3G,OAA1B,CAAkC2G,YAAlC,KAAmD,CAArE;AACD,KAFD,MAEO;AACLD,MAAAA,eAAe,GAAG,KAAKrL,OAAL,CAAasL,YAAb,KAA8BA,YAAhD;AACD;;AACD,WAAOD,eAAP;AACD;;AAEDK,EAAAA,uBAAuB,GAAY;AACjC,WAAO,KAAKL,eAAL,CAAqB,MAArB,CAAP;AACD,GAtgB2D,CAwgB5D;AACA;AACA;AACA;;;AAEAM,EAAAA,eAAe,GAAW;AACxB;AACA,WAAO,KAAK3L,OAAL,CAAa4L,MAAb,CAAoBC,KAApB,CAA0B,UAA1B,EAAsC,CAAtC,CAAP;AACD,GAhhB2D,CAkhB5D;;;AACAC,EAAAA,cAAc,CAAChF,IAAD,EAAiC;AAC7C,WAAO,2BAAkB,IAAlB,EAAwB,iCAAxB,EAA2DA,IAA3D,CAAP;AACD,GArhB2D,CAuhB5D;;;AACAiF,EAAAA,aAAa,CAACjF,IAAD,EAAwD;AACnE,WAAO,2BAAkB,IAAlB,EAAwB,+BAAxB,EAAyDA,IAAzD,CAAP;AACD,GA1hB2D,CA4hB5D;;;AACAkF,EAAAA,mBAAmB,CAAClF,IAAD,EAA6D;AAC9E,WAAO,2BAAkB,IAAlB,EAAwB,8BAAxB,EAAwDA,IAAxD,CAAP;AACD;;AA/hB2D,C,CAkiB9D;;;AACAjH,QAAQ,CAACoM,QAAT,GAAoBpM,QAAQ,CAACgF,SAAT,CAAmBoH,QAAnB,GAA8BA,QAAlD,C,CAEA;;AACA1L,MAAM,CAACC,MAAP,CAAcX,QAAd,EAAwB;AACtBqM,EAAAA,SADsB;AAEtBvF,EAAAA,0BAA0B,EAA1BA;AAFsB,CAAxB;eAKe9G,Q","sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* SDK_VERSION is defined in webpack config */ \n/* global window, SDK_VERSION */\n\nimport { \n DEFAULT_MAX_CLOCK_SKEW, \n REFERRER_PATH_STORAGE_KEY\n} from './constants';\nimport * as constants from './constants';\nimport {\n OktaAuth as SDKInterface,\n OktaAuthOptions, \n AccessToken, \n IDToken,\n RefreshToken,\n TokenAPI, \n FeaturesAPI, \n SignoutAPI, \n FingerprintAPI,\n UserClaims, \n SigninWithRedirectOptions,\n SigninWithCredentialsOptions,\n SignoutOptions,\n Tokens,\n ForgotPasswordOptions,\n VerifyRecoveryTokenOptions,\n TransactionAPI,\n SessionAPI,\n SigninAPI,\n PkceAPI,\n SigninOptions,\n IdxAPI,\n SignoutRedirectUrlOptions,\n HttpAPI,\n TransactionMeta,\n} from './types';\nimport {\n transactionStatus,\n resumeTransaction,\n transactionExists,\n introspect,\n postToTransaction,\n AuthTransaction\n} from './tx';\nimport PKCE from './oidc/util/pkce';\nimport {\n closeSession,\n sessionExists,\n getSession,\n refreshSession,\n setCookieAndRedirect\n} from './session';\nimport {\n getOAuthUrls,\n getWithoutPrompt,\n getWithPopup,\n getWithRedirect,\n isLoginRedirect,\n parseFromUrl,\n decodeToken,\n revokeToken,\n renewToken,\n renewTokens,\n renewTokensWithRefresh,\n getUserInfo,\n verifyToken,\n prepareTokenParams,\n exchangeCodeForTokens,\n isInteractionRequiredError,\n isInteractionRequired,\n} from './oidc';\nimport { isBrowser } from './features';\nimport * as features from './features';\nimport browserStorage from './browser/browserStorage';\nimport { \n toQueryString, \n toAbsoluteUrl,\n clone\n} from './util';\nimport { getUserAgent } from './builderUtil';\nimport { TokenManager } from './TokenManager';\nimport { get, setRequestHeader } from './http';\nimport PromiseQueue from './PromiseQueue';\nimport fingerprint from './browser/fingerprint';\nimport { AuthStateManager } from './AuthStateManager';\nimport StorageManager from './StorageManager';\nimport TransactionManager from './TransactionManager';\nimport { buildOptions } from './options';\nimport {\n interact,\n introspect as introspectV2,\n authenticate,\n cancel,\n register,\n recoverPassword,\n startTransaction,\n handleInteractionCodeRedirect,\n} from './idx';\nimport { createGlobalRequestInterceptor, setGlobalRequestInterceptor } from './idx/headers';\nimport { OktaUserAgent } from './OktaUserAgent';\nimport { parseOAuthResponseFromUrl } from './oidc/parseFromUrl';\n\nconst Emitter = require('tiny-emitter');\n\nclass OktaAuth implements SDKInterface, SigninAPI, SignoutAPI {\n options: OktaAuthOptions;\n storageManager: StorageManager;\n transactionManager: TransactionManager;\n tx: TransactionAPI;\n idx: IdxAPI;\n // keep this field to compatible with released downstream SDK versions\n // TODO: remove in version 6\n // JIRA: https://oktainc.atlassian.net/browse/OKTA-419417\n userAgent: string;\n session: SessionAPI;\n pkce: PkceAPI;\n static features: FeaturesAPI;\n features: FeaturesAPI;\n token: TokenAPI;\n _tokenQueue: PromiseQueue;\n emitter: typeof Emitter;\n tokenManager: TokenManager;\n authStateManager: AuthStateManager;\n http: HttpAPI;\n fingerprint: FingerprintAPI;\n _oktaUserAgent: OktaUserAgent;\n _pending: { handleLogin: boolean };\n constructor(args: OktaAuthOptions) {\n this.options = buildOptions(args);\n const { storageManager, cookies, storageUtil } = this.options;\n this.storageManager = new StorageManager(storageManager, cookies, storageUtil);\n this.transactionManager = new TransactionManager(Object.assign({\n storageManager: this.storageManager\n }, args.transactionManager));\n this._oktaUserAgent = new OktaUserAgent();\n \n this.tx = {\n status: transactionStatus.bind(null, this),\n resume: resumeTransaction.bind(null, this),\n exists: Object.assign(transactionExists.bind(null, this), {\n _get: (name) => {\n const storage = storageUtil.storage;\n return storage.get(name);\n }\n }),\n introspect: introspect.bind(null, this)\n };\n\n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n\n // Add shims for compatibility, these will be removed in next major version. OKTA-362589\n Object.assign(this.options.storageUtil, {\n getPKCEStorage: this.storageManager.getLegacyPKCEStorage.bind(this.storageManager),\n getHttpCache: this.storageManager.getHttpCache.bind(this.storageManager),\n });\n\n this._pending = { handleLogin: false };\n\n if (isBrowser()) {\n this.options = Object.assign(this.options, {\n redirectUri: toAbsoluteUrl(args.redirectUri, window.location.origin), // allow relative URIs\n });\n this.userAgent = getUserAgent(args, `okta-auth-js/${SDK_VERSION}`);\n } else {\n this.userAgent = getUserAgent(args, `okta-auth-js-server/${SDK_VERSION}`);\n }\n\n // Digital clocks will drift over time, so the server\n // can misalign with the time reported by the browser.\n // The maxClockSkew allows relaxing the time-based\n // validation of tokens (in seconds, not milliseconds).\n // It currently defaults to 300, because 5 min is the\n // default maximum tolerance allowed by Kerberos.\n // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n if (!args.maxClockSkew && args.maxClockSkew !== 0) {\n this.options.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n } else {\n this.options.maxClockSkew = args.maxClockSkew;\n }\n\n // As some end user's devices can have their date \n // and time incorrectly set, allow for the disabling\n // of the jwt liftetime validation\n this.options.ignoreLifetime = !!args.ignoreLifetime;\n\n this.session = {\n close: closeSession.bind(null, this),\n exists: sessionExists.bind(null, this),\n get: getSession.bind(null, this),\n refresh: refreshSession.bind(null, this),\n setCookieAndRedirect: setCookieAndRedirect.bind(null, this)\n };\n\n this._tokenQueue = new PromiseQueue();\n this.token = {\n prepareTokenParams: prepareTokenParams.bind(null, this),\n exchangeCodeForTokens: exchangeCodeForTokens.bind(null, this),\n getWithoutPrompt: getWithoutPrompt.bind(null, this),\n getWithPopup: getWithPopup.bind(null, this),\n getWithRedirect: getWithRedirect.bind(null, this),\n parseFromUrl: parseFromUrl.bind(null, this),\n decode: decodeToken,\n revoke: revokeToken.bind(null, this),\n renew: renewToken.bind(null, this),\n renewTokensWithRefresh: renewTokensWithRefresh.bind(null, this),\n renewTokens: renewTokens.bind(null, this),\n getUserInfo: getUserInfo.bind(null, this),\n verify: verifyToken.bind(null, this),\n isLoginRedirect: isLoginRedirect.bind(null, this)\n };\n // Wrap all async token API methods using MethodQueue to avoid issues with concurrency\n const syncMethods = ['decode', 'isLoginRedirect'];\n Object.keys(this.token).forEach(key => {\n if (syncMethods.indexOf(key) >= 0) { // sync methods should not be wrapped\n return;\n }\n var method = this.token[key];\n this.token[key] = PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n });\n \n Object.assign(this.token.getWithRedirect, {\n // This is exposed so we can set window.location in our tests\n _setLocation: function(url) {\n window.location = url;\n }\n });\n Object.assign(this.token.parseFromUrl, {\n // This is exposed so we can mock getting window.history in our tests\n _getHistory: function() {\n return window.history;\n },\n\n // This is exposed so we can mock getting window.location in our tests\n _getLocation: function() {\n return window.location;\n },\n\n // This is exposed so we can mock getting window.document in our tests\n _getDocument: function() {\n return window.document;\n }\n });\n\n // IDX\n this.idx = {\n interact: interact.bind(null, this),\n introspect: introspectV2.bind(null, this),\n authenticate: authenticate.bind(null, this),\n register: register.bind(null, this),\n cancel: cancel.bind(null, this),\n recoverPassword: recoverPassword.bind(null, this),\n handleInteractionCodeRedirect: handleInteractionCodeRedirect.bind(null, this),\n startTransaction: startTransaction.bind(null, this),\n };\n setGlobalRequestInterceptor(createGlobalRequestInterceptor(this)); // to pass custom headers to IDX endpoints\n\n // HTTP\n this.http = {\n setRequestHeader: setRequestHeader.bind(null, this)\n };\n\n // Fingerprint API\n this.fingerprint = fingerprint.bind(null, this);\n\n this.emitter = new Emitter();\n\n // TokenManager\n this.tokenManager = new TokenManager(this, args.tokenManager);\n\n // AuthStateManager\n this.authStateManager = new AuthStateManager(this);\n }\n\n start() {\n this.tokenManager.start();\n if (!this.token.isLoginRedirect()) {\n this.authStateManager.updateAuthState();\n }\n }\n\n stop() {\n this.tokenManager.stop();\n }\n\n // ES6 module users can use named exports to access all symbols\n // CommonJS module users (CDN) need all exports on this object\n\n // Utility methods for interaction code flow\n isInteractionRequired(): boolean {\n return isInteractionRequired(this);\n }\n\n isInteractionRequiredError(error: Error): boolean {\n return isInteractionRequiredError(error);\n }\n\n async signIn(opts: SigninOptions): Promise<AuthTransaction> {\n // TODO: support interaction code flow\n // Authn V1 flow\n return this.signInWithCredentials(opts as SigninWithCredentialsOptions);\n }\n\n async signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthTransaction> {\n opts = clone(opts || {});\n const _postToTransaction = (options?) => {\n options = options || {};\n options.withCredentials = true;\n delete opts.sendFingerprint;\n return postToTransaction(this, '/api/v1/authn', opts, options);\n };\n if (!opts.sendFingerprint) {\n return _postToTransaction();\n }\n return this.fingerprint()\n .then(function(fingerprint) {\n return _postToTransaction({\n headers: {\n 'X-Device-Fingerprint': fingerprint\n }\n });\n });\n }\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n \n // Ends the current Okta SSO session without redirecting to Okta.\n closeSession(): Promise<object> {\n // Clear all local tokens\n this.tokenManager.clear();\n \n return this.session.close() // DELETE /api/v1/sessions/me\n .catch(function(e) {\n if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n // Session does not exist or has already been closed\n return null;\n }\n throw e;\n });\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<object> {\n if (!accessToken) {\n accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<object> {\n if (!refreshToken) {\n refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (!postLogoutRedirectUri) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n async signOut(options?: SignoutOptions) {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n var defaultUri = window.location.origin;\n var currentUri = window.location.href;\n var postLogoutRedirectUri = options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri;\n \n var accessToken = options.accessToken;\n var refreshToken = options.refreshToken;\n var revokeAccessToken = options.revokeAccessToken !== false;\n var revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n // Clear all local tokens\n this.tokenManager.clear();\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n return this.closeSession() // can throw if the user cannot be signed out\n .then(function() {\n if (postLogoutRedirectUri === currentUri) {\n window.location.reload(); // force a hard reload if URI is not changing\n } else {\n window.location.assign(postLogoutRedirectUri);\n }\n });\n } else {\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n }\n }\n\n webfinger(opts): Promise<object> {\n var url = '/.well-known/webfinger' + toQueryString(opts);\n var options = {\n headers: {\n 'Accept': 'application/jrd+json'\n }\n };\n return get(this, url, options);\n }\n\n //\n // Common Methods from downstream SDKs\n //\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n async isAuthenticated(): Promise<boolean> {\n\n let { accessToken, idToken } = this.tokenManager.getTokensSync();\n const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = null;\n if (autoRenew) {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } else if (autoRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = null;\n if (autoRenew) {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } else if (autoRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n async getUser(): Promise<UserClaims> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n\n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n\n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n\n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n\n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens } = await this.token.parseFromUrl();\n this.tokenManager.setTokens(tokens);\n }\n\n setOriginalUri(originalUri: string): void {\n const storage = browserStorage.getSessionStorage();\n storage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n }\n\n getOriginalUri(state?: string): string {\n if (state) {\n const meta: TransactionMeta = this.transactionManager.load({\n oauth: true,\n state\n });\n return meta.originalUri;\n }\n const storage = browserStorage.getSessionStorage();\n const originalUri = storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) : undefined;\n return originalUri;\n }\n\n removeOriginalUri(): void {\n const storage = browserStorage.getSessionStorage();\n storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n }\n\n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n // Store tokens and update AuthState by the emitted events\n if (tokens) {\n this.tokenManager.setTokens(tokens);\n originalUri = originalUri || this.getOriginalUri();\n } else if (this.isLoginRedirect()) {\n // For redirect flow, get state from the URL and use it to retrieve the originalUri\n const { state } = await parseOAuthResponseFromUrl(this, {});\n originalUri = originalUri || this.getOriginalUri(state);\n await this.storeTokensFromRedirect();\n } else {\n return; // nothing to do\n }\n \n // ensure auth state has been updated\n await this.authStateManager.updateAuthState();\n\n // clear originalUri from storage\n this.removeOriginalUri();\n\n // Redirect to originalUri\n const { restoreOriginalUri } = this.options;\n if (restoreOriginalUri) {\n await restoreOriginalUri(this, originalUri);\n } else {\n window.location.replace(originalUri);\n }\n }\n\n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n\n hasResponseType(responseType: string): boolean {\n let hasResponseType = false;\n if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = this.options.responseType === responseType;\n }\n return hasResponseType;\n }\n\n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // { username, password, (relayState), (context) }\n // signIn(opts: SignInWithCredentialsOptions): Promise<AuthTransaction> {\n // return postToTransaction(this, '/api/v1/authn', opts);\n // }\n\n getIssuerOrigin(): string {\n // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n return this.options.issuer.split('/oauth2/')[0];\n }\n\n // { username, (relayState) }\n forgotPassword(opts): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/password', opts);\n }\n\n // { username, (relayState) }\n unlockAccount(opts: ForgotPasswordOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/unlock', opts);\n }\n\n // { recoveryToken }\n verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/token', opts);\n }\n}\n\n// Hoist feature detection functions to static type\nOktaAuth.features = OktaAuth.prototype.features = features;\n\n// Also hoist values and utility functions for CommonJS users\nObject.assign(OktaAuth, {\n constants,\n isInteractionRequiredError\n});\n\nexport default OktaAuth;"],"file":"OktaAuth.js"}
1
+ {"version":3,"sources":["../../lib/OktaAuth.ts"],"names":["Emitter","require","OktaAuth","constructor","args","options","storageManager","cookies","storageUtil","StorageManager","transactionManager","TransactionManager","Object","assign","_oktaUserAgent","OktaUserAgent","tx","status","transactionStatus","bind","resume","resumeTransaction","exists","transactionExists","_get","name","storage","get","introspect","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","getPKCEStorage","getLegacyPKCEStorage","getHttpCache","_pending","handleLogin","redirectUri","window","location","origin","userAgent","maxClockSkew","DEFAULT_MAX_CLOCK_SKEW","ignoreLifetime","session","close","closeSession","sessionExists","getSession","refresh","refreshSession","setCookieAndRedirect","_tokenQueue","PromiseQueue","token","prepareTokenParams","exchangeCodeForTokens","getWithoutPrompt","getWithPopup","getWithRedirect","parseFromUrl","decode","decodeToken","revoke","revokeToken","renew","renewToken","renewTokensWithRefresh","renewTokens","getUserInfo","verify","verifyToken","isLoginRedirect","syncMethods","keys","forEach","key","indexOf","method","prototype","push","_setLocation","url","_getHistory","history","_getLocation","_getDocument","document","idx","interact","introspectV2","authenticate","register","cancel","recoverPassword","handleInteractionCodeRedirect","startTransaction","http","setRequestHeader","fingerprint","emitter","tokenManager","TokenManager","authStateManager","AuthStateManager","start","updateAuthState","stop","setHeaders","headers","isInteractionRequired","isInteractionRequiredError","error","signIn","opts","signInWithCredentials","_postToTransaction","sendFingerprint","then","signInWithRedirect","originalUri","additionalParams","setOriginalUri","params","scopes","clear","catch","e","errorCode","revokeAccessToken","accessToken","getTokens","accessTokenKey","getStorageKeyByType","remove","Promise","resolve","revokeRefreshToken","refreshToken","refreshTokenKey","getSignOutRedirectUrl","idToken","postLogoutRedirectUri","state","getTokensSync","logoutUrl","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","currentUri","href","reload","webfinger","isAuthenticated","autoRenew","autoRemove","getOptions","hasExpired","getUser","getIdToken","undefined","getAccessToken","getRefreshToken","storeTokensFromRedirect","tokens","setTokens","browserStorage","getSessionStorage","setItem","REFERRER_PATH_STORAGE_KEY","getOriginalUri","meta","load","oauth","getItem","removeOriginalUri","removeItem","handleLoginRedirect","restoreOriginalUri","replace","isPKCE","hasResponseType","responseType","Array","isArray","length","isAuthorizationCodeFlow","getIssuerOrigin","issuer","split","forgotPassword","unlockAccount","verifyRecoveryToken","features","constants"],"mappings":";;;;;;AAgBA;;AAgCA;;AAQA;;AACA;;AAOA;;AAmBA;;AAEA;;AACA;;AAKA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAUA;;AACA;;AACA;;;;;;AAhHA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AACA;AAoGA,MAAMA,OAAO,GAAGC,OAAO,CAAC,cAAD,CAAvB;;AAEA,MAAMC,QAAN,CAA8D;AAM5D;AACA;AACA;AAeAC,EAAAA,WAAW,CAACC,IAAD,EAAwB;AACjC,SAAKC,OAAL,GAAe,2BAAaD,IAAb,CAAf;AACA,UAAM;AAAEE,MAAAA,cAAF;AAAkBC,MAAAA,OAAlB;AAA2BC,MAAAA;AAA3B,QAA2C,KAAKH,OAAtD;AACA,SAAKC,cAAL,GAAsB,IAAIG,uBAAJ,CAAmBH,cAAnB,EAAmCC,OAAnC,EAA4CC,WAA5C,CAAtB;AACA,SAAKE,kBAAL,GAA0B,IAAIC,2BAAJ,CAAuBC,MAAM,CAACC,MAAP,CAAc;AAC7DP,MAAAA,cAAc,EAAE,KAAKA;AADwC,KAAd,EAE9CF,IAAI,CAACM,kBAFyC,CAAvB,CAA1B;AAGA,SAAKI,cAAL,GAAsB,IAAIC,4BAAJ,EAAtB;AAEA,SAAKC,EAAL,GAAU;AACRC,MAAAA,MAAM,EAAEC,sBAAkBC,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CADA;AAERC,MAAAA,MAAM,EAAEC,sBAAkBF,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAFA;AAGRG,MAAAA,MAAM,EAAEV,MAAM,CAACC,MAAP,CAAcU,sBAAkBJ,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAAd,EAAkD;AACxDK,QAAAA,IAAI,EAAGC,IAAD,IAAU;AACd,gBAAMC,OAAO,GAAGlB,WAAW,CAACkB,OAA5B;AACA,iBAAOA,OAAO,CAACC,GAAR,CAAYF,IAAZ,CAAP;AACD;AAJuD,OAAlD,CAHA;AASRG,MAAAA,UAAU,EAAEA,eAAWT,IAAX,CAAgB,IAAhB,EAAsB,IAAtB;AATJ,KAAV;AAYA,SAAKU,IAAL,GAAY;AACVC,MAAAA,6BAA6B,EAAEC,cAAKD,6BAD1B;AAEVE,MAAAA,gBAAgB,EAAED,cAAKC,gBAFb;AAGVC,MAAAA,gBAAgB,EAAEF,cAAKE;AAHb,KAAZ,CArBiC,CA2BjC;;AACArB,IAAAA,MAAM,CAACC,MAAP,CAAc,KAAKR,OAAL,CAAaG,WAA3B,EAAwC;AACtC0B,MAAAA,cAAc,EAAE,KAAK5B,cAAL,CAAoB6B,oBAApB,CAAyChB,IAAzC,CAA8C,KAAKb,cAAnD,CADsB;AAEtC8B,MAAAA,YAAY,EAAE,KAAK9B,cAAL,CAAoB8B,YAApB,CAAiCjB,IAAjC,CAAsC,KAAKb,cAA3C;AAFwB,KAAxC;AAKA,SAAK+B,QAAL,GAAgB;AAAEC,MAAAA,WAAW,EAAE;AAAf,KAAhB;;AAEA,QAAI,yBAAJ,EAAiB;AACf,WAAKjC,OAAL,GAAeO,MAAM,CAACC,MAAP,CAAc,KAAKR,OAAnB,EAA4B;AACzCkC,QAAAA,WAAW,EAAE,yBAAcnC,IAAI,CAACmC,WAAnB,EAAgCC,MAAM,CAACC,QAAP,CAAgBC,MAAhD,CAD4B,CAC6B;;AAD7B,OAA5B,CAAf;AAGA,WAAKC,SAAL,GAAiB,+BAAavC,IAAb,EAAoB,gBAAD,OAA4B,EAA/C,CAAjB;AACD,KALD,MAKO;AACL,WAAKuC,SAAL,GAAiB,+BAAavC,IAAb,EAAoB,uBAAD,OAAmC,EAAtD,CAAjB;AACD,KA1CgC,CA4CjC;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,QAAI,CAACA,IAAI,CAACwC,YAAN,IAAsBxC,IAAI,CAACwC,YAAL,KAAsB,CAAhD,EAAmD;AACjD,WAAKvC,OAAL,CAAauC,YAAb,GAA4BC,gCAA5B;AACD,KAFD,MAEO;AACL,WAAKxC,OAAL,CAAauC,YAAb,GAA4BxC,IAAI,CAACwC,YAAjC;AACD,KAvDgC,CAyDjC;AACA;AACA;;;AACA,SAAKvC,OAAL,CAAayC,cAAb,GAA8B,CAAC,CAAC1C,IAAI,CAAC0C,cAArC;AAEA,SAAKC,OAAL,GAAe;AACbC,MAAAA,KAAK,EAAEC,sBAAa9B,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CADM;AAEbG,MAAAA,MAAM,EAAE4B,uBAAc/B,IAAd,CAAmB,IAAnB,EAAyB,IAAzB,CAFK;AAGbQ,MAAAA,GAAG,EAAEwB,oBAAWhC,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAHQ;AAIbiC,MAAAA,OAAO,EAAEC,wBAAelC,IAAf,CAAoB,IAApB,EAA0B,IAA1B,CAJI;AAKbmC,MAAAA,oBAAoB,EAAEA,8BAAqBnC,IAArB,CAA0B,IAA1B,EAAgC,IAAhC;AALT,KAAf;AAQA,SAAKoC,WAAL,GAAmB,IAAIC,qBAAJ,EAAnB;AACA,SAAKC,KAAL,GAAa;AACXC,MAAAA,kBAAkB,EAAEA,yBAAmBvC,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CADT;AAEXwC,MAAAA,qBAAqB,EAAEA,4BAAsBxC,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAFZ;AAGXyC,MAAAA,gBAAgB,EAAEA,uBAAiBzC,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAHP;AAIX0C,MAAAA,YAAY,EAAEA,mBAAa1C,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAJH;AAKX2C,MAAAA,eAAe,EAAEA,sBAAgB3C,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CALN;AAMX4C,MAAAA,YAAY,EAAEA,mBAAa5C,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CANH;AAOX6C,MAAAA,MAAM,EAAEC,iBAPG;AAQXC,MAAAA,MAAM,EAAEC,kBAAYhD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CARG;AASXiD,MAAAA,KAAK,EAAEC,iBAAWlD,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CATI;AAUXmD,MAAAA,sBAAsB,EAAEA,6BAAuBnD,IAAvB,CAA4B,IAA5B,EAAkC,IAAlC,CAVb;AAWXoD,MAAAA,WAAW,EAAEA,kBAAYpD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAXF;AAYXqD,MAAAA,WAAW,EAAEA,kBAAYrD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAZF;AAaXsD,MAAAA,MAAM,EAAEC,kBAAYvD,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAbG;AAcXwD,MAAAA,eAAe,EAAEA,sBAAgBxD,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAdN,KAAb,CAvEiC,CAuFjC;;AACA,UAAMyD,WAAW,GAAG,CAAC,QAAD,EAAW,iBAAX,CAApB;AACAhE,IAAAA,MAAM,CAACiE,IAAP,CAAY,KAAKpB,KAAjB,EAAwBqB,OAAxB,CAAgCC,GAAG,IAAI;AACrC,UAAIH,WAAW,CAACI,OAAZ,CAAoBD,GAApB,KAA4B,CAAhC,EAAmC;AAAE;AACnC;AACD;;AACD,UAAIE,MAAM,GAAG,KAAKxB,KAAL,CAAWsB,GAAX,CAAb;AACA,WAAKtB,KAAL,CAAWsB,GAAX,IAAkBvB,sBAAa0B,SAAb,CAAuBC,IAAvB,CAA4BhE,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmD0B,MAAnD,EAA2D,IAA3D,CAAlB;AACD,KAND;AAQArE,IAAAA,MAAM,CAACC,MAAP,CAAc,KAAK4C,KAAL,CAAWK,eAAzB,EAA0C;AACxC;AACAsB,MAAAA,YAAY,EAAE,UAASC,GAAT,EAAc;AAC1B7C,QAAAA,MAAM,CAACC,QAAP,GAAkB4C,GAAlB;AACD;AAJuC,KAA1C;AAMAzE,IAAAA,MAAM,CAACC,MAAP,CAAc,KAAK4C,KAAL,CAAWM,YAAzB,EAAuC;AACrC;AACAuB,MAAAA,WAAW,EAAE,YAAW;AACtB,eAAO9C,MAAM,CAAC+C,OAAd;AACD,OAJoC;AAMrC;AACAC,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAOhD,MAAM,CAACC,QAAd;AACD,OAToC;AAWrC;AACAgD,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAOjD,MAAM,CAACkD,QAAd;AACD;AAdoC,KAAvC,EAvGiC,CAwHjC;;AACA,SAAKC,GAAL,GAAW;AACTC,MAAAA,QAAQ,EAAEA,cAASzE,IAAT,CAAc,IAAd,EAAoB,IAApB,CADD;AAETS,MAAAA,UAAU,EAAEiE,gBAAa1E,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAFH;AAGT2E,MAAAA,YAAY,EAAEA,kBAAa3E,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAHL;AAIT4E,MAAAA,QAAQ,EAAEA,cAAS5E,IAAT,CAAc,IAAd,EAAoB,IAApB,CAJD;AAKT6E,MAAAA,MAAM,EAAEA,YAAO7E,IAAP,CAAY,IAAZ,EAAkB,IAAlB,CALC;AAMT8E,MAAAA,eAAe,EAAEA,qBAAgB9E,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CANR;AAOT+E,MAAAA,6BAA6B,EAAEA,mCAA8B/E,IAA9B,CAAmC,IAAnC,EAAyC,IAAzC,CAPtB;AAQTgF,MAAAA,gBAAgB,EAAEA,sBAAiBhF,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AART,KAAX;AAUA,8CAA4B,6CAA+B,IAA/B,CAA5B,EAnIiC,CAmIkC;AAEnE;;AACA,SAAKiF,IAAL,GAAY;AACVC,MAAAA,gBAAgB,EAAEA,uBAAiBlF,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AADR,KAAZ,CAtIiC,CA0IjC;;AACA,SAAKmF,WAAL,GAAmBA,qBAAYnF,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAAnB;AAEA,SAAKoF,OAAL,GAAe,IAAIvG,OAAJ,EAAf,CA7IiC,CA+IjC;;AACA,SAAKwG,YAAL,GAAoB,IAAIC,0BAAJ,CAAiB,IAAjB,EAAuBrG,IAAI,CAACoG,YAA5B,CAApB,CAhJiC,CAkJjC;;AACA,SAAKE,gBAAL,GAAwB,IAAIC,kCAAJ,CAAqB,IAArB,CAAxB;AACD;;AAEDC,EAAAA,KAAK,GAAG;AACN,SAAKJ,YAAL,CAAkBI,KAAlB;;AACA,QAAI,CAAC,KAAKnD,KAAL,CAAWkB,eAAX,EAAL,EAAmC;AACjC,WAAK+B,gBAAL,CAAsBG,eAAtB;AACD;AACF;;AAEDC,EAAAA,IAAI,GAAG;AACL,SAAKN,YAAL,CAAkBM,IAAlB;AACD;;AAEDC,EAAAA,UAAU,CAACC,OAAD,EAAU;AAClB,SAAK3G,OAAL,CAAa2G,OAAb,GAAuBpG,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,KAAKR,OAAL,CAAa2G,OAA/B,EAAwCA,OAAxC,CAAvB;AACD,GA1L2D,CA4L5D;AACA;AAEA;;;AACAC,EAAAA,qBAAqB,GAAY;AAC/B,WAAO,iCAAsB,IAAtB,CAAP;AACD;;AAEDC,EAAAA,0BAA0B,CAACC,KAAD,EAAwB;AAChD,WAAO,sCAA2BA,KAA3B,CAAP;AACD;;AAEW,QAANC,MAAM,CAACC,IAAD,EAAgD;AAC1D;AACA;AACA,WAAO,KAAKC,qBAAL,CAA2BD,IAA3B,CAAP;AACD;;AAE0B,QAArBC,qBAAqB,CAACD,IAAD,EAA+D;AACxFA,IAAAA,IAAI,GAAG,iBAAMA,IAAI,IAAI,EAAd,CAAP;;AACA,UAAME,kBAAkB,GAAIlH,OAAD,IAAc;AACvC,aAAOgH,IAAI,CAACG,eAAZ;AACA,aAAO,2BAAkB,IAAlB,EAAwB,eAAxB,EAAyCH,IAAzC,EAA+ChH,OAA/C,CAAP;AACD,KAHD;;AAIA,QAAI,CAACgH,IAAI,CAACG,eAAV,EAA2B;AACzB,aAAOD,kBAAkB,EAAzB;AACD;;AACD,WAAO,KAAKjB,WAAL,GACNmB,IADM,CACD,UAASnB,WAAT,EAAsB;AAC1B,aAAOiB,kBAAkB,CAAC;AACxBP,QAAAA,OAAO,EAAE;AACP,kCAAwBV;AADjB;AADe,OAAD,CAAzB;AAKD,KAPM,CAAP;AAQD;;AAEuB,QAAlBoB,kBAAkB,CAACL,IAA+B,GAAG,EAAnC,EAAuC;AAC7D,UAAM;AAAEM,MAAAA,WAAF;AAAe,SAAGC;AAAlB,QAAuCP,IAA7C;;AACA,QAAG,KAAKhF,QAAL,CAAcC,WAAjB,EAA8B;AAC5B;AACA;AACD;;AAED,SAAKD,QAAL,CAAcC,WAAd,GAA4B,IAA5B;;AACA,QAAI;AACF;AACA,UAAIqF,WAAJ,EAAiB;AACf,aAAKE,cAAL,CAAoBF,WAApB;AACD;;AACD,YAAMG,MAAM,GAAGlH,MAAM,CAACC,MAAP,CAAc;AAC3B;AACAkH,QAAAA,MAAM,EAAE,KAAK1H,OAAL,CAAa0H,MAAb,IAAuB,CAAC,QAAD,EAAW,OAAX,EAAoB,SAApB;AAFJ,OAAd,EAGZH,gBAHY,CAAf;AAIA,YAAM,KAAKnE,KAAL,CAAWK,eAAX,CAA2BgE,MAA3B,CAAN;AACD,KAVD,SAUU;AACR,WAAKzF,QAAL,CAAcC,WAAd,GAA4B,KAA5B;AACD;AACF,GAtP2D,CAwP5D;;;AACAW,EAAAA,YAAY,GAAoB;AAC9B;AACA,SAAKuD,YAAL,CAAkBwB,KAAlB;AAEA,WAAO,KAAKjF,OAAL,CAAaC,KAAb,GAAqB;AAArB,KACNiF,KADM,CACA,UAASC,CAAT,EAAY;AACjB,UAAIA,CAAC,CAACzG,IAAF,KAAW,cAAX,IAA6ByG,CAAC,CAACC,SAAF,KAAgB,UAAjD,EAA6D;AAC3D;AACA,eAAO,IAAP;AACD;;AACD,YAAMD,CAAN;AACD,KAPM,CAAP;AAQD,GArQ2D,CAuQ5D;;;AACuB,QAAjBE,iBAAiB,CAACC,WAAD,EAA6C;AAClE,QAAI,CAACA,WAAL,EAAkB;AAChBA,MAAAA,WAAW,GAAG,CAAC,MAAM,KAAK7B,YAAL,CAAkB8B,SAAlB,EAAP,EAAsCD,WAApD;AACA,YAAME,cAAc,GAAG,KAAK/B,YAAL,CAAkBgC,mBAAlB,CAAsC,aAAtC,CAAvB;AACA,WAAKhC,YAAL,CAAkBiC,MAAlB,CAAyBF,cAAzB;AACD,KALiE,CAMlE;;;AACA,QAAI,CAACF,WAAL,EAAkB;AAChB,aAAOK,OAAO,CAACC,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKlF,KAAL,CAAWS,MAAX,CAAkBmE,WAAlB,CAAP;AACD,GAnR2D,CAqR5D;;;AACwB,QAAlBO,kBAAkB,CAACC,YAAD,EAA+C;AACrE,QAAI,CAACA,YAAL,EAAmB;AACjBA,MAAAA,YAAY,GAAG,CAAC,MAAM,KAAKrC,YAAL,CAAkB8B,SAAlB,EAAP,EAAsCO,YAArD;AACA,YAAMC,eAAe,GAAG,KAAKtC,YAAL,CAAkBgC,mBAAlB,CAAsC,cAAtC,CAAxB;AACA,WAAKhC,YAAL,CAAkBiC,MAAlB,CAAyBK,eAAzB;AACD,KALoE,CAMrE;;;AACA,QAAI,CAACD,YAAL,EAAmB;AACjB,aAAOH,OAAO,CAACC,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKlF,KAAL,CAAWS,MAAX,CAAkB2E,YAAlB,CAAP;AACD;;AAEDE,EAAAA,qBAAqB,CAAC1I,OAAkC,GAAG,EAAtC,EAA0C;AAC7D,QAAI;AACF2I,MAAAA,OADE;AAEFC,MAAAA,qBAFE;AAGFC,MAAAA;AAHE,QAIA7I,OAJJ;;AAKA,QAAI,CAAC2I,OAAL,EAAc;AACZA,MAAAA,OAAO,GAAG,KAAKxC,YAAL,CAAkB2C,aAAlB,GAAkCH,OAA5C;AACD;;AACD,QAAI,CAACA,OAAL,EAAc;AACZ,aAAO,EAAP;AACD;;AACD,QAAI,CAACC,qBAAL,EAA4B;AAC1BA,MAAAA,qBAAqB,GAAG,KAAK5I,OAAL,CAAa4I,qBAArC;AACD;;AAED,UAAMG,SAAS,GAAG,wBAAa,IAAb,EAAmBA,SAArC;AACA,UAAMC,WAAW,GAAGL,OAAO,CAACA,OAA5B,CAjB6D,CAiBxB;;AACrC,QAAIM,SAAS,GAAGF,SAAS,GAAG,iBAAZ,GAAgCG,kBAAkB,CAACF,WAAD,CAAlE;;AACA,QAAIJ,qBAAJ,EAA2B;AACzBK,MAAAA,SAAS,IAAI,+BAA+BC,kBAAkB,CAACN,qBAAD,CAA9D;AACD,KArB4D,CAsB7D;;;AACA,QAAIC,KAAJ,EAAW;AACTI,MAAAA,SAAS,IAAI,YAAYC,kBAAkB,CAACL,KAAD,CAA3C;AACD;;AAED,WAAOI,SAAP;AACD,GA/T2D,CAiU5D;;;AACa,QAAPE,OAAO,CAACnJ,OAAD,EAA2B;AACtCA,IAAAA,OAAO,GAAGO,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBR,OAAlB,CAAV,CADsC,CAGtC;;AACA,QAAIoJ,UAAU,GAAGjH,MAAM,CAACC,QAAP,CAAgBC,MAAjC;AACA,QAAIgH,UAAU,GAAGlH,MAAM,CAACC,QAAP,CAAgBkH,IAAjC;AACA,QAAIV,qBAAqB,GAAG5I,OAAO,CAAC4I,qBAAR,IACvB,KAAK5I,OAAL,CAAa4I,qBADU,IAEvBQ,UAFL;AAIA,QAAIpB,WAAW,GAAGhI,OAAO,CAACgI,WAA1B;AACA,QAAIQ,YAAY,GAAGxI,OAAO,CAACwI,YAA3B;AACA,QAAIT,iBAAiB,GAAG/H,OAAO,CAAC+H,iBAAR,KAA8B,KAAtD;AACA,QAAIQ,kBAAkB,GAAGvI,OAAO,CAACuI,kBAAR,KAA+B,KAAxD;;AAEA,QAAIA,kBAAkB,IAAI,OAAOC,YAAP,KAAwB,WAAlD,EAA+D;AAC7DA,MAAAA,YAAY,GAAG,KAAKrC,YAAL,CAAkB2C,aAAlB,GAAkCN,YAAjD;AACD;;AAED,QAAIT,iBAAiB,IAAI,OAAOC,WAAP,KAAuB,WAAhD,EAA6D;AAC3DA,MAAAA,WAAW,GAAG,KAAK7B,YAAL,CAAkB2C,aAAlB,GAAkCd,WAAhD;AACD;;AAED,QAAI,CAAChI,OAAO,CAAC2I,OAAb,EAAsB;AACpB3I,MAAAA,OAAO,CAAC2I,OAAR,GAAkB,KAAKxC,YAAL,CAAkB2C,aAAlB,GAAkCH,OAApD;AACD,KAzBqC,CA2BtC;;;AACA,SAAKxC,YAAL,CAAkBwB,KAAlB;;AAEA,QAAIY,kBAAkB,IAAIC,YAA1B,EAAwC;AACtC,YAAM,KAAKD,kBAAL,CAAwBC,YAAxB,CAAN;AACD;;AAED,QAAIT,iBAAiB,IAAIC,WAAzB,EAAsC;AACpC,YAAM,KAAKD,iBAAL,CAAuBC,WAAvB,CAAN;AACD;;AAED,UAAMiB,SAAS,GAAG,KAAKP,qBAAL,CAA2B,EAAE,GAAG1I,OAAL;AAAc4I,MAAAA;AAAd,KAA3B,CAAlB,CAtCsC,CAuCtC;AACA;;AACA,QAAI,CAACK,SAAL,EAAgB;AACd,aAAO,KAAKrG,YAAL,GAAoB;AAApB,OACNwE,IADM,CACD,YAAW;AACf,YAAIwB,qBAAqB,KAAKS,UAA9B,EAA0C;AACxClH,UAAAA,MAAM,CAACC,QAAP,CAAgBmH,MAAhB,GADwC,CACd;AAC3B,SAFD,MAEO;AACLpH,UAAAA,MAAM,CAACC,QAAP,CAAgB5B,MAAhB,CAAuBoI,qBAAvB;AACD;AACF,OAPM,CAAP;AAQD,KATD,MASO;AACL;AACAzG,MAAAA,MAAM,CAACC,QAAP,CAAgB5B,MAAhB,CAAuByI,SAAvB;AACD;AACF;;AAEDO,EAAAA,SAAS,CAACxC,IAAD,EAAwB;AAC/B,QAAIhC,GAAG,GAAG,2BAA2B,yBAAcgC,IAAd,CAArC;AACA,QAAIhH,OAAO,GAAG;AACZ2G,MAAAA,OAAO,EAAE;AACP,kBAAU;AADH;AADG,KAAd;AAKA,WAAO,eAAI,IAAJ,EAAU3B,GAAV,EAAehF,OAAf,CAAP;AACD,GAlY2D,CAoY5D;AACA;AACA;AAEA;AACA;;;AACqB,QAAfyJ,eAAe,GAAqB;AAExC,QAAI;AAAEzB,MAAAA,WAAF;AAAeW,MAAAA;AAAf,QAA2B,KAAKxC,YAAL,CAAkB2C,aAAlB,EAA/B;AACA,UAAM;AAAEY,MAAAA,SAAF;AAAaC,MAAAA;AAAb,QAA4B,KAAKxD,YAAL,CAAkByD,UAAlB,EAAlC;;AAEA,QAAI5B,WAAW,IAAI,KAAK7B,YAAL,CAAkB0D,UAAlB,CAA6B7B,WAA7B,CAAnB,EAA8D;AAC5DA,MAAAA,WAAW,GAAG,IAAd;;AACA,UAAI0B,SAAJ,EAAe;AACb1B,QAAAA,WAAW,GAAG,MAAM,KAAK7B,YAAL,CAAkBpC,KAAlB,CAAwB,aAAxB,CAApB;AACD,OAFD,MAEO,IAAI4F,UAAJ,EAAgB;AACrB,aAAKxD,YAAL,CAAkBiC,MAAlB,CAAyB,aAAzB;AACD;AACF;;AAED,QAAIO,OAAO,IAAI,KAAKxC,YAAL,CAAkB0D,UAAlB,CAA6BlB,OAA7B,CAAf,EAAsD;AACpDA,MAAAA,OAAO,GAAG,IAAV;;AACA,UAAIe,SAAJ,EAAe;AACbf,QAAAA,OAAO,GAAG,MAAM,KAAKxC,YAAL,CAAkBpC,KAAlB,CAAwB,SAAxB,CAAhB;AACD,OAFD,MAEO,IAAI4F,UAAJ,EAAgB;AACrB,aAAKxD,YAAL,CAAkBiC,MAAlB,CAAyB,SAAzB;AACD;AACF;;AAED,WAAO,CAAC,EAAEJ,WAAW,IAAIW,OAAjB,CAAR;AACD;;AAEY,QAAPmB,OAAO,GAAwB;AACnC,UAAM;AAAEnB,MAAAA,OAAF;AAAWX,MAAAA;AAAX,QAA2B,KAAK7B,YAAL,CAAkB2C,aAAlB,EAAjC;AACA,WAAO,KAAK1F,KAAL,CAAWe,WAAX,CAAuB6D,WAAvB,EAAoCW,OAApC,CAAP;AACD;;AAEDoB,EAAAA,UAAU,GAAuB;AAC/B,UAAM;AAAEpB,MAAAA;AAAF,QAAc,KAAKxC,YAAL,CAAkB2C,aAAlB,EAApB;AACA,WAAOH,OAAO,GAAGA,OAAO,CAACA,OAAX,GAAqBqB,SAAnC;AACD;;AAEDC,EAAAA,cAAc,GAAuB;AACnC,UAAM;AAAEjC,MAAAA;AAAF,QAAkB,KAAK7B,YAAL,CAAkB2C,aAAlB,EAAxB;AACA,WAAOd,WAAW,GAAGA,WAAW,CAACA,WAAf,GAA6BgC,SAA/C;AACD;;AAEDE,EAAAA,eAAe,GAAuB;AACpC,UAAM;AAAE1B,MAAAA;AAAF,QAAmB,KAAKrC,YAAL,CAAkB2C,aAAlB,EAAzB;AACA,WAAON,YAAY,GAAGA,YAAY,CAACA,YAAhB,GAA+BwB,SAAlD;AACD;AAED;AACF;AACA;;;AAC+B,QAAvBG,uBAAuB,GAAkB;AAC7C,UAAM;AAAEC,MAAAA;AAAF,QAAa,MAAM,KAAKhH,KAAL,CAAWM,YAAX,EAAzB;AACA,SAAKyC,YAAL,CAAkBkE,SAAlB,CAA4BD,MAA5B;AACD;;AAED5C,EAAAA,cAAc,CAACF,WAAD,EAA4B;AACxC,UAAMjG,OAAO,GAAGiJ,wBAAeC,iBAAf,EAAhB;;AACAlJ,IAAAA,OAAO,CAACmJ,OAAR,CAAgBC,mCAAhB,EAA2CnD,WAA3C;AACD;;AAEDoD,EAAAA,cAAc,CAAC7B,KAAD,EAAyB;AACrC,QAAIA,KAAJ,EAAW;AACT,YAAM8B,IAAqB,GAAG,KAAKtK,kBAAL,CAAwBuK,IAAxB,CAA6B;AACzDC,QAAAA,KAAK,EAAE,IADkD;AAEzDhC,QAAAA;AAFyD,OAA7B,CAA9B;AAIA,aAAO8B,IAAI,CAACrD,WAAZ;AACD;;AACD,UAAMjG,OAAO,GAAGiJ,wBAAeC,iBAAf,EAAhB;;AACA,UAAMjD,WAAW,GAAGjG,OAAO,GAAGA,OAAO,CAACyJ,OAAR,CAAgBL,mCAAhB,CAAH,GAAgDT,SAA3E;AACA,WAAO1C,WAAP;AACD;;AAEDyD,EAAAA,iBAAiB,GAAS;AACxB,UAAM1J,OAAO,GAAGiJ,wBAAeC,iBAAf,EAAhB;;AACAlJ,IAAAA,OAAO,CAAC2J,UAAR,CAAmBP,mCAAnB;AACD;;AAEDnG,EAAAA,eAAe,GAAY;AACzB,WAAO,2BAAgB,IAAhB,CAAP;AACD;;AAEwB,QAAnB2G,mBAAmB,CAACb,MAAD,EAAkB9C,WAAlB,EAAuD;AAC9E;AACA,QAAI8C,MAAJ,EAAY;AACV,WAAKjE,YAAL,CAAkBkE,SAAlB,CAA4BD,MAA5B;AACA9C,MAAAA,WAAW,GAAGA,WAAW,IAAI,KAAKoD,cAAL,EAA7B;AACD,KAHD,MAGO,IAAI,KAAKpG,eAAL,EAAJ,EAA4B;AACjC;AACA,YAAM;AAAEuE,QAAAA;AAAF,UAAY,MAAM,6CAA0B,IAA1B,EAAgC,EAAhC,CAAxB;AACAvB,MAAAA,WAAW,GAAGA,WAAW,IAAI,KAAKoD,cAAL,CAAoB7B,KAApB,CAA7B;AACA,YAAM,KAAKsB,uBAAL,EAAN;AACD,KALM,MAKA;AACL,aADK,CACG;AACT,KAZ6E,CAc9E;;;AACA,UAAM,KAAK9D,gBAAL,CAAsBG,eAAtB,EAAN,CAf8E,CAiB9E;;AACA,SAAKuE,iBAAL,GAlB8E,CAoB9E;;AACA,UAAM;AAAEG,MAAAA;AAAF,QAAyB,KAAKlL,OAApC;;AACA,QAAIkL,kBAAJ,EAAwB;AACtB,YAAMA,kBAAkB,CAAC,IAAD,EAAO5D,WAAP,CAAxB;AACD,KAFD,MAEO;AACLnF,MAAAA,MAAM,CAACC,QAAP,CAAgB+I,OAAhB,CAAwB7D,WAAxB;AACD;AACF;;AAED8D,EAAAA,MAAM,GAAY;AAChB,WAAO,CAAC,CAAC,KAAKpL,OAAL,CAAawB,IAAtB;AACD;;AAED6J,EAAAA,eAAe,CAACC,YAAD,EAAgC;AAC7C,QAAID,eAAe,GAAG,KAAtB;;AACA,QAAIE,KAAK,CAACC,OAAN,CAAc,KAAKxL,OAAL,CAAasL,YAA3B,KAA4C,KAAKtL,OAAL,CAAasL,YAAb,CAA0BG,MAA1E,EAAkF;AAChFJ,MAAAA,eAAe,GAAG,KAAKrL,OAAL,CAAasL,YAAb,CAA0B3G,OAA1B,CAAkC2G,YAAlC,KAAmD,CAArE;AACD,KAFD,MAEO;AACLD,MAAAA,eAAe,GAAG,KAAKrL,OAAL,CAAasL,YAAb,KAA8BA,YAAhD;AACD;;AACD,WAAOD,eAAP;AACD;;AAEDK,EAAAA,uBAAuB,GAAY;AACjC,WAAO,KAAKL,eAAL,CAAqB,MAArB,CAAP;AACD,GAxgB2D,CA0gB5D;AACA;AACA;AACA;;;AAEAM,EAAAA,eAAe,GAAW;AACxB;AACA,WAAO,KAAK3L,OAAL,CAAa4L,MAAb,CAAoBC,KAApB,CAA0B,UAA1B,EAAsC,CAAtC,CAAP;AACD,GAlhB2D,CAohB5D;;;AACAC,EAAAA,cAAc,CAAC9E,IAAD,EAAiC;AAC7C,WAAO,2BAAkB,IAAlB,EAAwB,iCAAxB,EAA2DA,IAA3D,CAAP;AACD,GAvhB2D,CAyhB5D;;;AACA+E,EAAAA,aAAa,CAAC/E,IAAD,EAAwD;AACnE,WAAO,2BAAkB,IAAlB,EAAwB,+BAAxB,EAAyDA,IAAzD,CAAP;AACD,GA5hB2D,CA8hB5D;;;AACAgF,EAAAA,mBAAmB,CAAChF,IAAD,EAA6D;AAC9E,WAAO,2BAAkB,IAAlB,EAAwB,8BAAxB,EAAwDA,IAAxD,CAAP;AACD;;AAjiB2D,C,CAoiB9D;;;AACAnH,QAAQ,CAACoM,QAAT,GAAoBpM,QAAQ,CAACgF,SAAT,CAAmBoH,QAAnB,GAA8BA,QAAlD,C,CAEA;;AACA1L,MAAM,CAACC,MAAP,CAAcX,QAAd,EAAwB;AACtBqM,EAAAA,SADsB;AAEtBrF,EAAAA,0BAA0B,EAA1BA;AAFsB,CAAxB;eAKehH,Q","sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* SDK_VERSION is defined in webpack config */ \n/* global window, SDK_VERSION */\n\nimport { \n DEFAULT_MAX_CLOCK_SKEW, \n REFERRER_PATH_STORAGE_KEY\n} from './constants';\nimport * as constants from './constants';\nimport {\n OktaAuth as SDKInterface,\n OktaAuthOptions, \n AccessToken, \n IDToken,\n RefreshToken,\n TokenAPI, \n FeaturesAPI, \n SignoutAPI, \n FingerprintAPI,\n UserClaims, \n SigninWithRedirectOptions,\n SigninWithCredentialsOptions,\n SignoutOptions,\n Tokens,\n ForgotPasswordOptions,\n VerifyRecoveryTokenOptions,\n TransactionAPI,\n SessionAPI,\n SigninAPI,\n PkceAPI,\n SigninOptions,\n IdxAPI,\n SignoutRedirectUrlOptions,\n HttpAPI,\n TransactionMeta,\n} from './types';\nimport {\n transactionStatus,\n resumeTransaction,\n transactionExists,\n introspect,\n postToTransaction,\n AuthTransaction\n} from './tx';\nimport PKCE from './oidc/util/pkce';\nimport {\n closeSession,\n sessionExists,\n getSession,\n refreshSession,\n setCookieAndRedirect\n} from './session';\nimport {\n getOAuthUrls,\n getWithoutPrompt,\n getWithPopup,\n getWithRedirect,\n isLoginRedirect,\n parseFromUrl,\n decodeToken,\n revokeToken,\n renewToken,\n renewTokens,\n renewTokensWithRefresh,\n getUserInfo,\n verifyToken,\n prepareTokenParams,\n exchangeCodeForTokens,\n isInteractionRequiredError,\n isInteractionRequired,\n} from './oidc';\nimport { isBrowser } from './features';\nimport * as features from './features';\nimport browserStorage from './browser/browserStorage';\nimport { \n toQueryString, \n toAbsoluteUrl,\n clone\n} from './util';\nimport { getUserAgent } from './builderUtil';\nimport { TokenManager } from './TokenManager';\nimport { get, setRequestHeader } from './http';\nimport PromiseQueue from './PromiseQueue';\nimport fingerprint from './browser/fingerprint';\nimport { AuthStateManager } from './AuthStateManager';\nimport StorageManager from './StorageManager';\nimport TransactionManager from './TransactionManager';\nimport { buildOptions } from './options';\nimport {\n interact,\n introspect as introspectV2,\n authenticate,\n cancel,\n register,\n recoverPassword,\n startTransaction,\n handleInteractionCodeRedirect,\n} from './idx';\nimport { createGlobalRequestInterceptor, setGlobalRequestInterceptor } from './idx/headers';\nimport { OktaUserAgent } from './OktaUserAgent';\nimport { parseOAuthResponseFromUrl } from './oidc/parseFromUrl';\n\nconst Emitter = require('tiny-emitter');\n\nclass OktaAuth implements SDKInterface, SigninAPI, SignoutAPI {\n options: OktaAuthOptions;\n storageManager: StorageManager;\n transactionManager: TransactionManager;\n tx: TransactionAPI;\n idx: IdxAPI;\n // keep this field to compatible with released downstream SDK versions\n // TODO: remove in version 6\n // JIRA: https://oktainc.atlassian.net/browse/OKTA-419417\n userAgent: string;\n session: SessionAPI;\n pkce: PkceAPI;\n static features: FeaturesAPI;\n features: FeaturesAPI;\n token: TokenAPI;\n _tokenQueue: PromiseQueue;\n emitter: typeof Emitter;\n tokenManager: TokenManager;\n authStateManager: AuthStateManager;\n http: HttpAPI;\n fingerprint: FingerprintAPI;\n _oktaUserAgent: OktaUserAgent;\n _pending: { handleLogin: boolean };\n constructor(args: OktaAuthOptions) {\n this.options = buildOptions(args);\n const { storageManager, cookies, storageUtil } = this.options;\n this.storageManager = new StorageManager(storageManager, cookies, storageUtil);\n this.transactionManager = new TransactionManager(Object.assign({\n storageManager: this.storageManager\n }, args.transactionManager));\n this._oktaUserAgent = new OktaUserAgent();\n \n this.tx = {\n status: transactionStatus.bind(null, this),\n resume: resumeTransaction.bind(null, this),\n exists: Object.assign(transactionExists.bind(null, this), {\n _get: (name) => {\n const storage = storageUtil.storage;\n return storage.get(name);\n }\n }),\n introspect: introspect.bind(null, this)\n };\n\n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n\n // Add shims for compatibility, these will be removed in next major version. OKTA-362589\n Object.assign(this.options.storageUtil, {\n getPKCEStorage: this.storageManager.getLegacyPKCEStorage.bind(this.storageManager),\n getHttpCache: this.storageManager.getHttpCache.bind(this.storageManager),\n });\n\n this._pending = { handleLogin: false };\n\n if (isBrowser()) {\n this.options = Object.assign(this.options, {\n redirectUri: toAbsoluteUrl(args.redirectUri, window.location.origin), // allow relative URIs\n });\n this.userAgent = getUserAgent(args, `okta-auth-js/${SDK_VERSION}`);\n } else {\n this.userAgent = getUserAgent(args, `okta-auth-js-server/${SDK_VERSION}`);\n }\n\n // Digital clocks will drift over time, so the server\n // can misalign with the time reported by the browser.\n // The maxClockSkew allows relaxing the time-based\n // validation of tokens (in seconds, not milliseconds).\n // It currently defaults to 300, because 5 min is the\n // default maximum tolerance allowed by Kerberos.\n // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n if (!args.maxClockSkew && args.maxClockSkew !== 0) {\n this.options.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n } else {\n this.options.maxClockSkew = args.maxClockSkew;\n }\n\n // As some end user's devices can have their date \n // and time incorrectly set, allow for the disabling\n // of the jwt liftetime validation\n this.options.ignoreLifetime = !!args.ignoreLifetime;\n\n this.session = {\n close: closeSession.bind(null, this),\n exists: sessionExists.bind(null, this),\n get: getSession.bind(null, this),\n refresh: refreshSession.bind(null, this),\n setCookieAndRedirect: setCookieAndRedirect.bind(null, this)\n };\n\n this._tokenQueue = new PromiseQueue();\n this.token = {\n prepareTokenParams: prepareTokenParams.bind(null, this),\n exchangeCodeForTokens: exchangeCodeForTokens.bind(null, this),\n getWithoutPrompt: getWithoutPrompt.bind(null, this),\n getWithPopup: getWithPopup.bind(null, this),\n getWithRedirect: getWithRedirect.bind(null, this),\n parseFromUrl: parseFromUrl.bind(null, this),\n decode: decodeToken,\n revoke: revokeToken.bind(null, this),\n renew: renewToken.bind(null, this),\n renewTokensWithRefresh: renewTokensWithRefresh.bind(null, this),\n renewTokens: renewTokens.bind(null, this),\n getUserInfo: getUserInfo.bind(null, this),\n verify: verifyToken.bind(null, this),\n isLoginRedirect: isLoginRedirect.bind(null, this)\n };\n // Wrap all async token API methods using MethodQueue to avoid issues with concurrency\n const syncMethods = ['decode', 'isLoginRedirect'];\n Object.keys(this.token).forEach(key => {\n if (syncMethods.indexOf(key) >= 0) { // sync methods should not be wrapped\n return;\n }\n var method = this.token[key];\n this.token[key] = PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n });\n \n Object.assign(this.token.getWithRedirect, {\n // This is exposed so we can set window.location in our tests\n _setLocation: function(url) {\n window.location = url;\n }\n });\n Object.assign(this.token.parseFromUrl, {\n // This is exposed so we can mock getting window.history in our tests\n _getHistory: function() {\n return window.history;\n },\n\n // This is exposed so we can mock getting window.location in our tests\n _getLocation: function() {\n return window.location;\n },\n\n // This is exposed so we can mock getting window.document in our tests\n _getDocument: function() {\n return window.document;\n }\n });\n\n // IDX\n this.idx = {\n interact: interact.bind(null, this),\n introspect: introspectV2.bind(null, this),\n authenticate: authenticate.bind(null, this),\n register: register.bind(null, this),\n cancel: cancel.bind(null, this),\n recoverPassword: recoverPassword.bind(null, this),\n handleInteractionCodeRedirect: handleInteractionCodeRedirect.bind(null, this),\n startTransaction: startTransaction.bind(null, this),\n };\n setGlobalRequestInterceptor(createGlobalRequestInterceptor(this)); // to pass custom headers to IDX endpoints\n\n // HTTP\n this.http = {\n setRequestHeader: setRequestHeader.bind(null, this)\n };\n\n // Fingerprint API\n this.fingerprint = fingerprint.bind(null, this);\n\n this.emitter = new Emitter();\n\n // TokenManager\n this.tokenManager = new TokenManager(this, args.tokenManager);\n\n // AuthStateManager\n this.authStateManager = new AuthStateManager(this);\n }\n\n start() {\n this.tokenManager.start();\n if (!this.token.isLoginRedirect()) {\n this.authStateManager.updateAuthState();\n }\n }\n\n stop() {\n this.tokenManager.stop();\n }\n\n setHeaders(headers) {\n this.options.headers = Object.assign({}, this.options.headers, headers);\n }\n\n // ES6 module users can use named exports to access all symbols\n // CommonJS module users (CDN) need all exports on this object\n\n // Utility methods for interaction code flow\n isInteractionRequired(): boolean {\n return isInteractionRequired(this);\n }\n\n isInteractionRequiredError(error: Error): boolean {\n return isInteractionRequiredError(error);\n }\n\n async signIn(opts: SigninOptions): Promise<AuthTransaction> {\n // TODO: support interaction code flow\n // Authn V1 flow\n return this.signInWithCredentials(opts as SigninWithCredentialsOptions);\n }\n\n async signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthTransaction> {\n opts = clone(opts || {});\n const _postToTransaction = (options?) => {\n delete opts.sendFingerprint;\n return postToTransaction(this, '/api/v1/authn', opts, options);\n };\n if (!opts.sendFingerprint) {\n return _postToTransaction();\n }\n return this.fingerprint()\n .then(function(fingerprint) {\n return _postToTransaction({\n headers: {\n 'X-Device-Fingerprint': fingerprint\n }\n });\n });\n }\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n \n // Ends the current Okta SSO session without redirecting to Okta.\n closeSession(): Promise<object> {\n // Clear all local tokens\n this.tokenManager.clear();\n \n return this.session.close() // DELETE /api/v1/sessions/me\n .catch(function(e) {\n if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n // Session does not exist or has already been closed\n return null;\n }\n throw e;\n });\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<object> {\n if (!accessToken) {\n accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<object> {\n if (!refreshToken) {\n refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (!postLogoutRedirectUri) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n async signOut(options?: SignoutOptions) {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n var defaultUri = window.location.origin;\n var currentUri = window.location.href;\n var postLogoutRedirectUri = options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri;\n \n var accessToken = options.accessToken;\n var refreshToken = options.refreshToken;\n var revokeAccessToken = options.revokeAccessToken !== false;\n var revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n // Clear all local tokens\n this.tokenManager.clear();\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n return this.closeSession() // can throw if the user cannot be signed out\n .then(function() {\n if (postLogoutRedirectUri === currentUri) {\n window.location.reload(); // force a hard reload if URI is not changing\n } else {\n window.location.assign(postLogoutRedirectUri);\n }\n });\n } else {\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n }\n }\n\n webfinger(opts): Promise<object> {\n var url = '/.well-known/webfinger' + toQueryString(opts);\n var options = {\n headers: {\n 'Accept': 'application/jrd+json'\n }\n };\n return get(this, url, options);\n }\n\n //\n // Common Methods from downstream SDKs\n //\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n async isAuthenticated(): Promise<boolean> {\n\n let { accessToken, idToken } = this.tokenManager.getTokensSync();\n const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = null;\n if (autoRenew) {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } else if (autoRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = null;\n if (autoRenew) {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } else if (autoRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n async getUser(): Promise<UserClaims> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n\n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n\n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n\n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n\n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens } = await this.token.parseFromUrl();\n this.tokenManager.setTokens(tokens);\n }\n\n setOriginalUri(originalUri: string): void {\n const storage = browserStorage.getSessionStorage();\n storage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n }\n\n getOriginalUri(state?: string): string {\n if (state) {\n const meta: TransactionMeta = this.transactionManager.load({\n oauth: true,\n state\n });\n return meta.originalUri;\n }\n const storage = browserStorage.getSessionStorage();\n const originalUri = storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) : undefined;\n return originalUri;\n }\n\n removeOriginalUri(): void {\n const storage = browserStorage.getSessionStorage();\n storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n }\n\n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n // Store tokens and update AuthState by the emitted events\n if (tokens) {\n this.tokenManager.setTokens(tokens);\n originalUri = originalUri || this.getOriginalUri();\n } else if (this.isLoginRedirect()) {\n // For redirect flow, get state from the URL and use it to retrieve the originalUri\n const { state } = await parseOAuthResponseFromUrl(this, {});\n originalUri = originalUri || this.getOriginalUri(state);\n await this.storeTokensFromRedirect();\n } else {\n return; // nothing to do\n }\n \n // ensure auth state has been updated\n await this.authStateManager.updateAuthState();\n\n // clear originalUri from storage\n this.removeOriginalUri();\n\n // Redirect to originalUri\n const { restoreOriginalUri } = this.options;\n if (restoreOriginalUri) {\n await restoreOriginalUri(this, originalUri);\n } else {\n window.location.replace(originalUri);\n }\n }\n\n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n\n hasResponseType(responseType: string): boolean {\n let hasResponseType = false;\n if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = this.options.responseType === responseType;\n }\n return hasResponseType;\n }\n\n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // { username, password, (relayState), (context) }\n // signIn(opts: SignInWithCredentialsOptions): Promise<AuthTransaction> {\n // return postToTransaction(this, '/api/v1/authn', opts);\n // }\n\n getIssuerOrigin(): string {\n // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n return this.options.issuer.split('/oauth2/')[0];\n }\n\n // { username, (relayState) }\n forgotPassword(opts): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/password', opts);\n }\n\n // { username, (relayState) }\n unlockAccount(opts: ForgotPasswordOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/unlock', opts);\n }\n\n // { recoveryToken }\n verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/token', opts);\n }\n}\n\n// Hoist feature detection functions to static type\nOktaAuth.features = OktaAuth.prototype.features = features;\n\n// Also hoist values and utility functions for CommonJS users\nObject.assign(OktaAuth, {\n constants,\n isInteractionRequiredError\n});\n\nexport default OktaAuth;"],"file":"OktaAuth.js"}
package/cjs/OktaUserAgent.js CHANGED
@@ -21,7 +21,7 @@ var _features = require("./features");
21
21
  class OktaUserAgent {
22
22
  constructor() {
23
23
  // add base sdk env
24
- this.environments = [`okta-auth-js/${"5.6.0"}`];
24
+ this.environments = [`okta-auth-js/${"5.7.0"}`];
25
25
  }
26
26
 
27
27
  addEnvironment(env) {
@@ -36,7 +36,7 @@ class OktaUserAgent {
36
36
  }
37
37
 
38
38
  getVersion() {
39
- return "5.6.0";
39
+ return "5.7.0";
40
40
  }
41
41
 
42
42
  maybeAddNodeEnvironment() {
package/cjs/builderUtil.js CHANGED
@@ -22,6 +22,12 @@ var _AuthSdkError = _interopRequireDefault(require("./errors/AuthSdkError"));
22
22
  // eslint-disable-next-line complexity
23
23
  function assertValidConfig(args) {
24
24
  args = args || {};
25
+ var scopes = args.scopes;
26
+
27
+ if (scopes && !Array.isArray(scopes)) {
28
+ throw new _AuthSdkError.default('scopes must be a array of strings. ' + 'Required usage: new OktaAuth({scopes: ["openid", "email"]})');
29
+ }
30
+
25
31
  var issuer = args.issuer;
26
32
 
27
33
  if (!issuer) {
package/cjs/builderUtil.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/builderUtil.ts"],"names":["assertValidConfig","args","issuer","AuthSdkError","isUrlRegex","RegExp","test","indexOf","getUserAgent","sdkValue","userAgent","value","template","replace"],"mappings":";;;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA;AACA,SAASA,iBAAT,CAA2BC,IAA3B,EAAkD;AAChDA,EAAAA,IAAI,GAAGA,IAAI,IAAI,EAAf;AAEA,MAAIC,MAAM,GAAGD,IAAI,CAACC,MAAlB;;AACA,MAAI,CAACA,MAAL,EAAa;AACX,UAAM,IAAIC,qBAAJ,CAAiB,sCACrB,8FADI,CAAN;AAED;;AAED,MAAIC,UAAU,GAAG,IAAIC,MAAJ,CAAW,eAAX,CAAjB;;AACA,MAAI,CAACD,UAAU,CAACE,IAAX,CAAgBL,IAAI,CAACC,MAArB,CAAL,EAAmC;AACjC,UAAM,IAAIC,qBAAJ,CAAiB,iCACrB,8FADI,CAAN;AAED;;AAED,MAAID,MAAM,CAACK,OAAP,CAAe,SAAf,MAA8B,CAAC,CAAnC,EAAsC;AACpC,UAAM,IAAIJ,qBAAJ,CAAiB,sEACrB,uEADI,CAAN;AAED;AACF;;AAED,SAASK,YAAT,CAAsBP,IAAtB,EAA6CQ,QAA7C,EAAuE;AACrE,MAAIC,SAAS,GAAGT,IAAI,CAACS,SAAL,IAAkB,EAAlC;;AAEA,MAAIA,SAAS,CAACC,KAAd,EAAqB;AACnB,WAAOD,SAAS,CAACC,KAAjB;AACD;;AAED,MAAID,SAAS,CAACE,QAAd,EAAwB;AACtB,WAAOF,SAAS,CAACE,QAAV,CAAmBC,OAAnB,CAA2B,eAA3B,EAA4CJ,QAA5C,CAAP;AACD;;AAED,SAAOA,QAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { OktaAuthOptions } from './types';\n\n// TODO: use @okta/configuration-validation (move module to this monorepo?)\n// eslint-disable-next-line complexity\nfunction assertValidConfig(args: OktaAuthOptions) {\n args = args || {};\n\n var issuer = args.issuer;\n if (!issuer) {\n throw new AuthSdkError('No issuer passed to constructor. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n var isUrlRegex = new RegExp('^http?s?://.+');\n if (!isUrlRegex.test(args.issuer)) {\n throw new AuthSdkError('Issuer must be a valid URL. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n if (issuer.indexOf('-admin.') !== -1) {\n throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n }\n}\n\nfunction getUserAgent(args: OktaAuthOptions, sdkValue: string): string {\n var userAgent = args.userAgent || {};\n\n if (userAgent.value) {\n return userAgent.value;\n }\n\n if (userAgent.template) {\n return userAgent.template.replace('$OKTA_AUTH_JS', sdkValue);\n }\n\n return sdkValue;\n}\n\nexport {\n assertValidConfig,\n getUserAgent\n};\n"],"file":"builderUtil.js"}
1
+ {"version":3,"sources":["../../lib/builderUtil.ts"],"names":["assertValidConfig","args","scopes","Array","isArray","AuthSdkError","issuer","isUrlRegex","RegExp","test","indexOf","getUserAgent","sdkValue","userAgent","value","template","replace"],"mappings":";;;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA;AACA,SAASA,iBAAT,CAA2BC,IAA3B,EAAkD;AAChDA,EAAAA,IAAI,GAAGA,IAAI,IAAI,EAAf;AAEA,MAAIC,MAAM,GAAGD,IAAI,CAACC,MAAlB;;AACA,MAAIA,MAAM,IAAI,CAACC,KAAK,CAACC,OAAN,CAAcF,MAAd,CAAf,EAAsC;AACpC,UAAM,IAAIG,qBAAJ,CAAiB,wCACrB,6DADI,CAAN;AAED;;AAED,MAAIC,MAAM,GAAGL,IAAI,CAACK,MAAlB;;AACA,MAAI,CAACA,MAAL,EAAa;AACX,UAAM,IAAID,qBAAJ,CAAiB,sCACrB,8FADI,CAAN;AAED;;AAED,MAAIE,UAAU,GAAG,IAAIC,MAAJ,CAAW,eAAX,CAAjB;;AACA,MAAI,CAACD,UAAU,CAACE,IAAX,CAAgBR,IAAI,CAACK,MAArB,CAAL,EAAmC;AACjC,UAAM,IAAID,qBAAJ,CAAiB,iCACrB,8FADI,CAAN;AAED;;AAED,MAAIC,MAAM,CAACI,OAAP,CAAe,SAAf,MAA8B,CAAC,CAAnC,EAAsC;AACpC,UAAM,IAAIL,qBAAJ,CAAiB,sEACrB,uEADI,CAAN;AAED;AACF;;AAED,SAASM,YAAT,CAAsBV,IAAtB,EAA6CW,QAA7C,EAAuE;AACrE,MAAIC,SAAS,GAAGZ,IAAI,CAACY,SAAL,IAAkB,EAAlC;;AAEA,MAAIA,SAAS,CAACC,KAAd,EAAqB;AACnB,WAAOD,SAAS,CAACC,KAAjB;AACD;;AAED,MAAID,SAAS,CAACE,QAAd,EAAwB;AACtB,WAAOF,SAAS,CAACE,QAAV,CAAmBC,OAAnB,CAA2B,eAA3B,EAA4CJ,QAA5C,CAAP;AACD;;AAED,SAAOA,QAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { OktaAuthOptions } from './types';\n\n// TODO: use @okta/configuration-validation (move module to this monorepo?)\n// eslint-disable-next-line complexity\nfunction assertValidConfig(args: OktaAuthOptions) {\n args = args || {};\n\n var scopes = args.scopes;\n if (scopes && !Array.isArray(scopes)) {\n throw new AuthSdkError('scopes must be a array of strings. ' +\n 'Required usage: new OktaAuth({scopes: [\"openid\", \"email\"]})');\n }\n\n var issuer = args.issuer;\n if (!issuer) {\n throw new AuthSdkError('No issuer passed to constructor. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n var isUrlRegex = new RegExp('^http?s?://.+');\n if (!isUrlRegex.test(args.issuer)) {\n throw new AuthSdkError('Issuer must be a valid URL. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n if (issuer.indexOf('-admin.') !== -1) {\n throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n }\n}\n\nfunction getUserAgent(args: OktaAuthOptions, sdkValue: string): string {\n var userAgent = args.userAgent || {};\n\n if (userAgent.value) {\n return userAgent.value;\n }\n\n if (userAgent.template) {\n return userAgent.template.replace('$OKTA_AUTH_JS', sdkValue);\n }\n\n return sdkValue;\n}\n\nexport {\n assertValidConfig,\n getUserAgent\n};\n"],"file":"builderUtil.js"}
package/cjs/idx/remediators/Base/Remediator.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../../lib/idx/remediators/Base/Remediator.ts"],"names":["Remediator","constructor","remediation","values","authenticators","map","authenticator","key","getName","name","canRemediate","required","needed","find","hasData","getData","allValues","res","reduce","data","value","entry","i","length","val","Object","keys","getNextStep","inputs","getInputs","getAuthenticator","type","inputFromRemediation","item","input","aliases","includes","AuthSdkError","Array","isArray","forEach","push","getMessages","form","messages","field","getValuesAfterProceed","authenticatorKey","filter","relatesTo"],"mappings":";;;;AAcA;;AAGA;;AAjBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAcA;AACO,MAAMA,UAAN,CAAiB;AAOtBC,EAAAA,WAAW,CAACC,WAAD,EAA8BC,MAAyB,GAAG,EAA1D,EAA8D;AAAA;;AACvE;AACAA,IAAAA,MAAM,CAACC,cAAP,GAAyB,0BAAAD,MAAM,CAACC,cAAP,gFAAuBC,GAAvB,CAA2BC,aAAa,IAAI;AACnE,aAAO,OAAOA,aAAP,KAAyB,QAAzB,GACH;AAAEC,QAAAA,GAAG,EAAED;AAAP,OADG,GACsBA,aAD7B;AAED,KAHwB,MAGnB,EAHN,CAFuE,CAOvE;;AACA,SAAKH,MAAL,GAAcA,MAAd;AACA,SAAKD,WAAL,GAAmBA,WAAnB;AACD;;AAEDM,EAAAA,OAAO,GAAW;AAChB,WAAO,KAAKN,WAAL,CAAiBO,IAAxB;AACD,GArBqB,CAuBtB;;;AACAC,EAAAA,YAAY,GAAY;AACtB,QAAI,CAAC,KAAKL,GAAV,EAAe;AACb,aAAO,KAAP;AACD;;AACD,UAAMM,QAAQ,GAAG,6BAAkB,KAAKT,WAAvB,CAAjB;AACA,UAAMU,MAAM,GAAGD,QAAQ,CAACE,IAAT,CAAeN,GAAD,IAAS,CAAC,KAAKO,OAAL,CAAaP,GAAb,CAAxB,CAAf;;AACA,QAAIK,MAAJ,EAAY;AACV,aAAO,KAAP,CADU,CACI;AACf;;AACD,WAAO,IAAP,CATsB,CAST;AACd,GAlCqB,CAoCtB;;;AACAG,EAAAA,OAAO,CAACR,GAAD,EAAe;AAEpB,QAAI,CAACA,GAAL,EAAU;AACR,UAAIS,SAAS,GAAG,wBAAa,KAAKd,WAAlB,CAAhB;AACA,UAAIe,GAAG,GAAGD,SAAS,CAACE,MAAV,CAAiB,CAACC,IAAD,EAAOZ,GAAP,KAAe;AACxCY,QAAAA,IAAI,CAACZ,GAAD,CAAJ,GAAY,KAAKQ,OAAL,CAAaR,GAAb,CAAZ,CADwC,CACT;;AAC/B,eAAOY,IAAP;AACD,OAHS,EAGP,EAHO,CAAV;AAIA,aAAOF,GAAP;AACD,KATmB,CAWpB;;;AACA,QAAI,OAAO,KAAM,MAAK,qBAAUV,GAAV,CAAe,EAA1B,CAAP,KAAwC,UAA5C,EAAwD;AACtD,aAAO,KAAM,MAAK,qBAAUA,GAAV,CAAe,EAA1B,EACL,KAAKL,WAAL,CAAiBkB,KAAjB,CAAuBP,IAAvB,CAA4B,CAAC;AAACJ,QAAAA;AAAD,OAAD,KAAYA,IAAI,KAAKF,GAAjD,CADK,CAAP;AAGD;;AAED,QAAI,CAAC,KAAKF,GAAV,EAAe;AACb,aAAO,KAAKF,MAAL,CAAYI,GAAZ,CAAP;AACD,KApBmB,CAsBpB;;;AACA,UAAMc,KAAK,GAAG,KAAKhB,GAAL,CAASE,GAAT,CAAd;;AACA,QAAI,CAACc,KAAL,EAAY;AACV,aAAO,KAAKlB,MAAL,CAAYI,GAAZ,CAAP;AACD,KA1BmB,CA4BpB;;;AACA,SAAK,IAAIe,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGD,KAAK,CAACE,MAA1B,EAAkCD,CAAC,EAAnC,EAAuC;AACrC,UAAIE,GAAG,GAAG,KAAKrB,MAAL,CAAYkB,KAAK,CAACC,CAAD,CAAjB,CAAV;;AACA,UAAIE,GAAJ,EAAS;AACP,eAAOA,GAAP;AACD;AACF;AACF;;AAEDV,EAAAA,OAAO,CACLP,GADK,EAGP;AACE;AAEA;AACA,UAAMY,IAAI,GAAG,KAAKJ,OAAL,CAAaR,GAAb,CAAb;;AACA,QAAI,OAAOY,IAAP,KAAgB,QAApB,EAA8B;AAC5B,aAAO,CAAC,CAACM,MAAM,CAACC,IAAP,CAAYP,IAAZ,EAAkBN,IAAlB,CAAuBN,GAAG,IAAI,CAAC,CAACY,IAAI,CAACZ,GAAD,CAApC,CAAT;AACD;;AACD,WAAO,CAAC,CAACY,IAAT;AACD;;AAEDQ,EAAAA,WAAW,GAAa;AACtB,UAAMlB,IAAI,GAAG,KAAKD,OAAL,EAAb;AACA,UAAMoB,MAAM,GAAG,KAAKC,SAAL,EAAf;AACA,UAAMvB,aAAa,GAAG,KAAKwB,gBAAL,EAAtB,CAHsB,CAItB;AACA;;AACA,UAAMC,IAAI,GAAGzB,aAAH,aAAGA,aAAH,uBAAGA,aAAa,CAAEyB,IAA5B;AACA,WAAO;AACLtB,MAAAA,IADK;AAELmB,MAAAA,MAFK;AAGL,UAAIG,IAAI,IAAI;AAAEA,QAAAA;AAAF,OAAZ,CAHK;AAIL,UAAIzB,aAAa,IAAI;AAAEA,QAAAA;AAAF,OAArB;AAJK,KAAP;AAMD,GArGqB,CAuGtB;;;AACQuB,EAAAA,SAAS,GAAG;AAClB,QAAI,CAAC,KAAKxB,GAAV,EAAe;AACb,aAAO,EAAP;AACD;;AAED,WAAOoB,MAAM,CAACC,IAAP,CAAY,KAAKrB,GAAjB,EAAsBa,MAAtB,CAA6B,CAACU,MAAD,EAASrB,GAAT,KAAiB;AACnD,YAAMyB,oBAAoB,GAAG,KAAK9B,WAAL,CAAiBkB,KAAjB,CAAuBP,IAAvB,CAA4BoB,IAAI,IAAIA,IAAI,CAACxB,IAAL,KAAcF,GAAlD,CAA7B;;AACA,UAAI,CAACyB,oBAAL,EAA2B;AACzB,eAAOJ,MAAP;AACD;;AAED,UAAIM,KAAJ;AACA,YAAMC,OAAO,GAAG,KAAK9B,GAAL,CAASE,GAAT,CAAhB;AACA,YAAM;AAAEwB,QAAAA;AAAF,UAAWC,oBAAjB;;AACA,UAAI,OAAO,KAAM,WAAU,qBAAUzB,GAAV,CAAe,EAA/B,CAAP,KAA6C,UAAjD,EAA6D;AAC3D2B,QAAAA,KAAK,GAAG,KAAM,WAAU,qBAAU3B,GAAV,CAAe,EAA/B,EAAkCyB,oBAAlC,CAAR;AACD,OAFD,MAEO,IAAID,IAAI,KAAK,QAAb,EAAuB;AAC5B;AACA,YAAItB,IAAJ;;AACA,YAAI0B,OAAO,CAACZ,MAAR,KAAmB,CAAvB,EAA0B;AACxBd,UAAAA,IAAI,GAAG0B,OAAO,CAAC,CAAD,CAAd;AACD,SAFD,MAEO;AACL;AACA1B,UAAAA,IAAI,GAAG0B,OAAO,CAACtB,IAAR,CAAaJ,IAAI,IAAIgB,MAAM,CAACC,IAAP,CAAY,KAAKvB,MAAjB,EAAyBiC,QAAzB,CAAkC3B,IAAlC,CAArB,CAAP;AACD;;AACD,YAAIA,IAAJ,EAAU;AACRyB,UAAAA,KAAK,GAAG,EAAE,GAAGF,oBAAL;AAA2BvB,YAAAA;AAA3B,WAAR;AACD;AACF;;AAED,UAAI,CAACyB,KAAL,EAAY;AACV,cAAM,IAAIG,oBAAJ,CAAkB,0BAAyB,qBAAU9B,GAAV,CAAe,0BAAyB,KAAKC,OAAL,EAAe,EAAlG,CAAN;AACD;;AAED,UAAI8B,KAAK,CAACC,OAAN,CAAcL,KAAd,CAAJ,EAA0B;AACxBA,QAAAA,KAAK,CAACM,OAAN,CAAclB,CAAC,IAAIM,MAAM,CAACa,IAAP,CAAYnB,CAAZ,CAAnB;AACD,OAFD,MAEO;AACLM,QAAAA,MAAM,CAACa,IAAP,CAAYP,KAAZ;AACD;;AACD,aAAON,MAAP;AACD,KAnCM,EAmCJ,EAnCI,CAAP;AAoCD,GAjJqB,CAmJtB;;;AACAc,EAAAA,WAAW,GAA6B;AAAA;;AACtC,QAAI,CAAC,KAAKxC,WAAL,CAAiBkB,KAAtB,EAA6B;AAC3B;AACD;;AACD,oCAAO,KAAKlB,WAAL,CAAiBkB,KAAjB,CAAuB,CAAvB,CAAP,oFAAO,sBAA2BuB,IAAlC,2DAAO,uBAAiCvB,KAAjC,CAAuCF,MAAvC,CAA8C,CAAC0B,QAAD,EAAWC,KAAX,KAAqB;AACxE,UAAIA,KAAK,CAACD,QAAV,EAAoB;AAClBA,QAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGC,KAAK,CAACD,QAAN,CAAexB,KAAhC,CAAX;AACD;;AACD,aAAOwB,QAAP;AACD,KALM,EAKJ,EALI,CAAP;AAMD,GA9JqB,CAgKtB;AACA;;;AACAE,EAAAA,qBAAqB,GAAY;AAAA;;AAC/B,UAAMC,gBAAgB,4BAAG,KAAKjB,gBAAL,EAAH,0DAAG,sBAAyBvB,GAAlD;AACA,UAAMH,cAAc,4BAAI,KAAKD,MAAL,CAAYC,cAAhB,0DAAG,sBACnB4C,MADmB,CACZ1C,aAAa,IAAIA,aAAa,CAACC,GAAd,KAAsBwC,gBAD3B,CAAvB;AAEA,WAAO,EAAE,GAAG,KAAK5C,MAAV;AAAkBC,MAAAA;AAAlB,KAAP;AACD;;AAES0B,EAAAA,gBAAgB,GAAiC;AAAA;;AACzD,oCAAO,KAAK5B,WAAL,CAAiB+C,SAAxB,0DAAO,sBAA4B7B,KAAnC;AACD;;AA3KqB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable complexity */\nimport { AuthSdkError } from '../../../errors';\nimport { NextStep, IdxMessage, Authenticator } from '../../types';\nimport { IdxAuthenticator, IdxRemediation } from '../../types/idx-js';\nimport { getAllValues, getRequiredValues, titleCase } from '../util';\n\n// A map from IDX data values (server spec) to RemediationValues (client spec)\nexport type IdxToRemediationValueMap = Record<string, string[]>;\n\nexport interface RemediationValues {\n stateHandle?: string;\n authenticators?: Authenticator[] | string[];\n}\n\n// Base class - DO NOT expose static remediationName\nexport class Remediator {\n static remediationName: string;\n\n remediation: IdxRemediation;\n values: RemediationValues;\n map?: IdxToRemediationValueMap;\n\n constructor(remediation: IdxRemediation, values: RemediationValues = {}) {\n // map authenticators to Authenticator[] type\n values.authenticators = (values.authenticators?.map(authenticator => {\n return typeof authenticator === 'string' \n ? { key: authenticator } : authenticator;\n }) || []) as Authenticator[];\n \n // assign fields to the instance\n this.values = values;\n this.remediation = remediation;\n }\n\n getName(): string {\n return this.remediation.name;\n }\n\n // Override this method to provide custom check\n canRemediate(): boolean {\n if (!this.map) {\n return false;\n }\n const required = getRequiredValues(this.remediation);\n const needed = required.find((key) => !this.hasData(key));\n if (needed) {\n return false; // missing data for a required field\n }\n return true; // all required fields have available data\n }\n\n // returns an object for the entire remediation form, or just a part\n getData(key?: string) {\n\n if (!key) {\n let allValues = getAllValues(this.remediation);\n let res = allValues.reduce((data, key) => {\n data[key] = this.getData(key); // recursive\n return data;\n }, {});\n return res;\n }\n\n // Map value by \"map${Property}\" function in each subClass\n if (typeof this[`map${titleCase(key)}`] === 'function') {\n return this[`map${titleCase(key)}`](\n this.remediation.value.find(({name}) => name === key)\n );\n }\n\n if (!this.map) {\n return this.values[key];\n }\n\n // Handle general primitive types\n const entry = this.map[key];\n if (!entry) {\n return this.values[key];\n }\n\n // find the first aliased property that returns a truthy value\n for (let i = 0; i < entry.length; i++) {\n let val = this.values[entry[i]];\n if (val) {\n return val;\n }\n }\n }\n\n hasData(\n key: string // idx name\n ): boolean \n {\n // no attempt to format, we want simple true/false\n\n // First see if the remediation has a mapping for this vale\n const data = this.getData(key);\n if (typeof data === 'object') {\n return !!Object.keys(data).find(key => !!data[key]);\n }\n return !!data;\n }\n\n getNextStep(): NextStep {\n const name = this.getName();\n const inputs = this.getInputs();\n const authenticator = this.getAuthenticator();\n // TODO: remove type field in the next major version change\n // https://oktainc.atlassian.net/browse/OKTA-431749\n const type = authenticator?.type;\n return { \n name, \n inputs, \n ...(type && { type }),\n ...(authenticator && { authenticator }),\n };\n }\n\n // Get inputs for the next step\n private getInputs() {\n if (!this.map) {\n return [];\n }\n\n return Object.keys(this.map).reduce((inputs, key) => {\n const inputFromRemediation = this.remediation.value.find(item => item.name === key);\n if (!inputFromRemediation) {\n return inputs;\n }\n\n let input;\n const aliases = this.map[key];\n const { type } = inputFromRemediation;\n if (typeof this[`getInput${titleCase(key)}`] === 'function') {\n input = this[`getInput${titleCase(key)}`](inputFromRemediation);\n } else if (type !== 'object') {\n // handle general primitive types\n let name;\n if (aliases.length === 1) {\n name = aliases[0];\n } else {\n // try find key from values\n name = aliases.find(name => Object.keys(this.values).includes(name));\n }\n if (name) {\n input = { ...inputFromRemediation, name };\n }\n } \n\n if (!input) {\n throw new AuthSdkError(`Missing custom getInput${titleCase(key)} method in Remediator: ${this.getName()}`);\n }\n\n if (Array.isArray(input)) {\n input.forEach(i => inputs.push(i));\n } else {\n inputs.push(input);\n }\n return inputs;\n }, []);\n }\n\n // Override this method to grab messages per remediation\n getMessages(): IdxMessage[] | undefined {\n if (!this.remediation.value) {\n return;\n }\n return this.remediation.value[0]?.form?.value.reduce((messages, field) => {\n if (field.messages) {\n messages = [...messages, ...field.messages.value];\n }\n return messages;\n }, []);\n }\n\n // Prepare values for the next remediation\n // In general, remove finished authenticator from list\n getValuesAfterProceed(): unknown {\n const authenticatorKey = this.getAuthenticator()?.key;\n const authenticators = (this.values.authenticators as Authenticator[])\n ?.filter(authenticator => authenticator.key !== authenticatorKey);\n return { ...this.values, authenticators };\n }\n\n protected getAuthenticator(): IdxAuthenticator | undefined {\n return this.remediation.relatesTo?.value;\n }\n\n}\n"],"file":"Remediator.js"}
1
+ {"version":3,"sources":["../../../../../lib/idx/remediators/Base/Remediator.ts"],"names":["Remediator","constructor","remediation","values","authenticators","map","authenticator","key","getName","name","canRemediate","required","needed","find","hasData","getData","allValues","res","reduce","data","value","entry","i","length","val","Object","keys","getNextStep","inputs","getInputs","getAuthenticator","type","inputFromRemediation","item","input","aliases","includes","AuthSdkError","Array","isArray","forEach","push","getMessages","form","messages","field","getValuesAfterProceed","authenticatorKey","filter","relatesTo"],"mappings":";;;;AAcA;;AAGA;;AAjBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAcA;AACO,MAAMA,UAAN,CAAiB;AAOtBC,EAAAA,WAAW,CAACC,WAAD,EAA8BC,MAAyB,GAAG,EAA1D,EAA8D;AAAA;;AACvE;AACAA,IAAAA,MAAM,CAACC,cAAP,GAAyB,0BAAAD,MAAM,CAACC,cAAP,gFAAuBC,GAAvB,CAA2BC,aAAa,IAAI;AACnE,aAAO,OAAOA,aAAP,KAAyB,QAAzB,GACH;AAAEC,QAAAA,GAAG,EAAED;AAAP,OADG,GACsBA,aAD7B;AAED,KAHwB,MAGnB,EAHN,CAFuE,CAOvE;;AACA,SAAKH,MAAL,GAAcA,MAAd;AACA,SAAKD,WAAL,GAAmBA,WAAnB;AACD;;AAEDM,EAAAA,OAAO,GAAW;AAChB,WAAO,KAAKN,WAAL,CAAiBO,IAAxB;AACD,GArBqB,CAuBtB;;;AACAC,EAAAA,YAAY,GAAY;AACtB,QAAI,CAAC,KAAKL,GAAV,EAAe;AACb,aAAO,KAAP;AACD;;AACD,UAAMM,QAAQ,GAAG,6BAAkB,KAAKT,WAAvB,CAAjB;AACA,UAAMU,MAAM,GAAGD,QAAQ,CAACE,IAAT,CAAeN,GAAD,IAAS,CAAC,KAAKO,OAAL,CAAaP,GAAb,CAAxB,CAAf;;AACA,QAAIK,MAAJ,EAAY;AACV,aAAO,KAAP,CADU,CACI;AACf;;AACD,WAAO,IAAP,CATsB,CAST;AACd,GAlCqB,CAoCtB;;;AACAG,EAAAA,OAAO,CAACR,GAAD,EAAe;AAEpB,QAAI,CAACA,GAAL,EAAU;AACR,UAAIS,SAAS,GAAG,wBAAa,KAAKd,WAAlB,CAAhB;AACA,UAAIe,GAAG,GAAGD,SAAS,CAACE,MAAV,CAAiB,CAACC,IAAD,EAAOZ,GAAP,KAAe;AACxCY,QAAAA,IAAI,CAACZ,GAAD,CAAJ,GAAY,KAAKQ,OAAL,CAAaR,GAAb,CAAZ,CADwC,CACT;;AAC/B,eAAOY,IAAP;AACD,OAHS,EAGP,EAHO,CAAV;AAIA,aAAOF,GAAP;AACD,KATmB,CAWpB;;;AACA,QAAI,OAAO,KAAM,MAAK,qBAAUV,GAAV,CAAe,EAA1B,CAAP,KAAwC,UAA5C,EAAwD;AACtD,aAAO,KAAM,MAAK,qBAAUA,GAAV,CAAe,EAA1B,EACL,KAAKL,WAAL,CAAiBkB,KAAjB,CAAuBP,IAAvB,CAA4B,CAAC;AAACJ,QAAAA;AAAD,OAAD,KAAYA,IAAI,KAAKF,GAAjD,CADK,CAAP;AAGD;;AAED,QAAI,CAAC,KAAKF,GAAV,EAAe;AACb,aAAO,KAAKF,MAAL,CAAYI,GAAZ,CAAP;AACD,KApBmB,CAsBpB;;;AACA,UAAMc,KAAK,GAAG,KAAKhB,GAAL,CAASE,GAAT,CAAd;;AACA,QAAI,CAACc,KAAL,EAAY;AACV,aAAO,KAAKlB,MAAL,CAAYI,GAAZ,CAAP;AACD,KA1BmB,CA4BpB;;;AACA,SAAK,IAAIe,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGD,KAAK,CAACE,MAA1B,EAAkCD,CAAC,EAAnC,EAAuC;AACrC,UAAIE,GAAG,GAAG,KAAKrB,MAAL,CAAYkB,KAAK,CAACC,CAAD,CAAjB,CAAV;;AACA,UAAIE,GAAJ,EAAS;AACP,eAAOA,GAAP;AACD;AACF;AACF;;AAEDV,EAAAA,OAAO,CACLP,GADK,EAGP;AACE;AAEA;AACA,UAAMY,IAAI,GAAG,KAAKJ,OAAL,CAAaR,GAAb,CAAb;;AACA,QAAI,OAAOY,IAAP,KAAgB,QAApB,EAA8B;AAC5B,aAAO,CAAC,CAACM,MAAM,CAACC,IAAP,CAAYP,IAAZ,EAAkBN,IAAlB,CAAuBN,GAAG,IAAI,CAAC,CAACY,IAAI,CAACZ,GAAD,CAApC,CAAT;AACD;;AACD,WAAO,CAAC,CAACY,IAAT;AACD;;AAEDQ,EAAAA,WAAW,GAAa;AACtB,UAAMlB,IAAI,GAAG,KAAKD,OAAL,EAAb;AACA,UAAMoB,MAAM,GAAG,KAAKC,SAAL,EAAf;AACA,UAAMvB,aAAa,GAAG,KAAKwB,gBAAL,EAAtB,CAHsB,CAItB;AACA;;AACA,UAAMC,IAAI,GAAGzB,aAAH,aAAGA,aAAH,uBAAGA,aAAa,CAAEyB,IAA5B;AACA,WAAO;AACLtB,MAAAA,IADK;AAELmB,MAAAA,MAFK;AAGL,UAAIG,IAAI,IAAI;AAAEA,QAAAA;AAAF,OAAZ,CAHK;AAIL,UAAIzB,aAAa,IAAI;AAAEA,QAAAA;AAAF,OAArB;AAJK,KAAP;AAMD,GArGqB,CAuGtB;;;AACQuB,EAAAA,SAAS,GAAY;AAC3B,QAAI,CAAC,KAAKxB,GAAV,EAAe;AACb,aAAO,EAAP;AACD;;AAED,WAAOoB,MAAM,CAACC,IAAP,CAAY,KAAKrB,GAAjB,EAAsBa,MAAtB,CAA6B,CAACU,MAAD,EAASrB,GAAT,KAAiB;AACnD,YAAMyB,oBAAoB,GAAG,KAAK9B,WAAL,CAAiBkB,KAAjB,CAAuBP,IAAvB,CAA4BoB,IAAI,IAAIA,IAAI,CAACxB,IAAL,KAAcF,GAAlD,CAA7B;;AACA,UAAI,CAACyB,oBAAL,EAA2B;AACzB,eAAOJ,MAAP;AACD;;AAED,UAAIM,KAAJ;AACA,YAAMC,OAAO,GAAG,KAAK9B,GAAL,CAASE,GAAT,CAAhB;AACA,YAAM;AAAEwB,QAAAA;AAAF,UAAWC,oBAAjB;;AACA,UAAI,OAAO,KAAM,WAAU,qBAAUzB,GAAV,CAAe,EAA/B,CAAP,KAA6C,UAAjD,EAA6D;AAC3D2B,QAAAA,KAAK,GAAG,KAAM,WAAU,qBAAU3B,GAAV,CAAe,EAA/B,EAAkCyB,oBAAlC,CAAR;AACD,OAFD,MAEO,IAAID,IAAI,KAAK,QAAb,EAAuB;AAC5B;AACA,YAAItB,IAAJ;;AACA,YAAI0B,OAAO,CAACZ,MAAR,KAAmB,CAAvB,EAA0B;AACxBd,UAAAA,IAAI,GAAG0B,OAAO,CAAC,CAAD,CAAd;AACD,SAFD,MAEO;AACL;AACA1B,UAAAA,IAAI,GAAG0B,OAAO,CAACtB,IAAR,CAAaJ,IAAI,IAAIgB,MAAM,CAACC,IAAP,CAAY,KAAKvB,MAAjB,EAAyBiC,QAAzB,CAAkC3B,IAAlC,CAArB,CAAP;AACD;;AACD,YAAIA,IAAJ,EAAU;AACRyB,UAAAA,KAAK,GAAG,EAAE,GAAGF,oBAAL;AAA2BvB,YAAAA;AAA3B,WAAR;AACD;AACF;;AAED,UAAI,CAACyB,KAAL,EAAY;AACV,cAAM,IAAIG,oBAAJ,CAAkB,0BAAyB,qBAAU9B,GAAV,CAAe,0BAAyB,KAAKC,OAAL,EAAe,EAAlG,CAAN;AACD;;AAED,UAAI8B,KAAK,CAACC,OAAN,CAAcL,KAAd,CAAJ,EAA0B;AACxBA,QAAAA,KAAK,CAACM,OAAN,CAAclB,CAAC,IAAIM,MAAM,CAACa,IAAP,CAAYnB,CAAZ,CAAnB;AACD,OAFD,MAEO;AACLM,QAAAA,MAAM,CAACa,IAAP,CAAYP,KAAZ;AACD;;AACD,aAAON,MAAP;AACD,KAnCM,EAmCJ,EAnCI,CAAP;AAoCD,GAjJqB,CAmJtB;;;AACAc,EAAAA,WAAW,GAA6B;AAAA;;AACtC,QAAI,CAAC,KAAKxC,WAAL,CAAiBkB,KAAtB,EAA6B;AAC3B;AACD;;AACD,oCAAO,KAAKlB,WAAL,CAAiBkB,KAAjB,CAAuB,CAAvB,CAAP,oFAAO,sBAA2BuB,IAAlC,2DAAO,uBAAiCvB,KAAjC,CAAuCF,MAAvC,CAA8C,CAAC0B,QAAD,EAAWC,KAAX,KAAqB;AACxE,UAAIA,KAAK,CAACD,QAAV,EAAoB;AAClBA,QAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGC,KAAK,CAACD,QAAN,CAAexB,KAAhC,CAAX;AACD;;AACD,aAAOwB,QAAP;AACD,KALM,EAKJ,EALI,CAAP;AAMD,GA9JqB,CAgKtB;AACA;;;AACAE,EAAAA,qBAAqB,GAAY;AAAA;;AAC/B,UAAMC,gBAAgB,4BAAG,KAAKjB,gBAAL,EAAH,0DAAG,sBAAyBvB,GAAlD;AACA,UAAMH,cAAc,4BAAI,KAAKD,MAAL,CAAYC,cAAhB,0DAAG,sBACnB4C,MADmB,CACZ1C,aAAa,IAAIA,aAAa,CAACC,GAAd,KAAsBwC,gBAD3B,CAAvB;AAEA,WAAO,EAAE,GAAG,KAAK5C,MAAV;AAAkBC,MAAAA;AAAlB,KAAP;AACD;;AAES0B,EAAAA,gBAAgB,GAAiC;AAAA;;AACzD,oCAAO,KAAK5B,WAAL,CAAiB+C,SAAxB,0DAAO,sBAA4B7B,KAAnC;AACD;;AA3KqB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable complexity */\nimport { AuthSdkError } from '../../../errors';\nimport { NextStep, IdxMessage, Authenticator, Input } from '../../types';\nimport { IdxAuthenticator, IdxRemediation } from '../../types/idx-js';\nimport { getAllValues, getRequiredValues, titleCase } from '../util';\n\n// A map from IDX data values (server spec) to RemediationValues (client spec)\nexport type IdxToRemediationValueMap = Record<string, string[]>;\n\nexport interface RemediationValues {\n stateHandle?: string;\n authenticators?: Authenticator[] | string[];\n}\n\n// Base class - DO NOT expose static remediationName\nexport class Remediator {\n static remediationName: string;\n\n remediation: IdxRemediation;\n values: RemediationValues;\n map?: IdxToRemediationValueMap;\n\n constructor(remediation: IdxRemediation, values: RemediationValues = {}) {\n // map authenticators to Authenticator[] type\n values.authenticators = (values.authenticators?.map(authenticator => {\n return typeof authenticator === 'string' \n ? { key: authenticator } : authenticator;\n }) || []) as Authenticator[];\n \n // assign fields to the instance\n this.values = values;\n this.remediation = remediation;\n }\n\n getName(): string {\n return this.remediation.name;\n }\n\n // Override this method to provide custom check\n canRemediate(): boolean {\n if (!this.map) {\n return false;\n }\n const required = getRequiredValues(this.remediation);\n const needed = required.find((key) => !this.hasData(key));\n if (needed) {\n return false; // missing data for a required field\n }\n return true; // all required fields have available data\n }\n\n // returns an object for the entire remediation form, or just a part\n getData(key?: string) {\n\n if (!key) {\n let allValues = getAllValues(this.remediation);\n let res = allValues.reduce((data, key) => {\n data[key] = this.getData(key); // recursive\n return data;\n }, {});\n return res;\n }\n\n // Map value by \"map${Property}\" function in each subClass\n if (typeof this[`map${titleCase(key)}`] === 'function') {\n return this[`map${titleCase(key)}`](\n this.remediation.value.find(({name}) => name === key)\n );\n }\n\n if (!this.map) {\n return this.values[key];\n }\n\n // Handle general primitive types\n const entry = this.map[key];\n if (!entry) {\n return this.values[key];\n }\n\n // find the first aliased property that returns a truthy value\n for (let i = 0; i < entry.length; i++) {\n let val = this.values[entry[i]];\n if (val) {\n return val;\n }\n }\n }\n\n hasData(\n key: string // idx name\n ): boolean \n {\n // no attempt to format, we want simple true/false\n\n // First see if the remediation has a mapping for this vale\n const data = this.getData(key);\n if (typeof data === 'object') {\n return !!Object.keys(data).find(key => !!data[key]);\n }\n return !!data;\n }\n\n getNextStep(): NextStep {\n const name = this.getName();\n const inputs = this.getInputs();\n const authenticator = this.getAuthenticator();\n // TODO: remove type field in the next major version change\n // https://oktainc.atlassian.net/browse/OKTA-431749\n const type = authenticator?.type;\n return { \n name, \n inputs, \n ...(type && { type }),\n ...(authenticator && { authenticator }),\n };\n }\n\n // Get inputs for the next step\n private getInputs(): Input[] {\n if (!this.map) {\n return [];\n }\n\n return Object.keys(this.map).reduce((inputs, key) => {\n const inputFromRemediation = this.remediation.value.find(item => item.name === key);\n if (!inputFromRemediation) {\n return inputs;\n }\n\n let input: Input;\n const aliases = this.map[key];\n const { type } = inputFromRemediation;\n if (typeof this[`getInput${titleCase(key)}`] === 'function') {\n input = this[`getInput${titleCase(key)}`](inputFromRemediation);\n } else if (type !== 'object') {\n // handle general primitive types\n let name;\n if (aliases.length === 1) {\n name = aliases[0];\n } else {\n // try find key from values\n name = aliases.find(name => Object.keys(this.values).includes(name));\n }\n if (name) {\n input = { ...inputFromRemediation, name };\n }\n } \n\n if (!input) {\n throw new AuthSdkError(`Missing custom getInput${titleCase(key)} method in Remediator: ${this.getName()}`);\n }\n\n if (Array.isArray(input)) {\n input.forEach(i => inputs.push(i));\n } else {\n inputs.push(input);\n }\n return inputs;\n }, []);\n }\n\n // Override this method to grab messages per remediation\n getMessages(): IdxMessage[] | undefined {\n if (!this.remediation.value) {\n return;\n }\n return this.remediation.value[0]?.form?.value.reduce((messages, field) => {\n if (field.messages) {\n messages = [...messages, ...field.messages.value];\n }\n return messages;\n }, []);\n }\n\n // Prepare values for the next remediation\n // In general, remove finished authenticator from list\n getValuesAfterProceed(): unknown {\n const authenticatorKey = this.getAuthenticator()?.key;\n const authenticators = (this.values.authenticators as Authenticator[])\n ?.filter(authenticator => authenticator.key !== authenticatorKey);\n return { ...this.values, authenticators };\n }\n\n protected getAuthenticator(): IdxAuthenticator | undefined {\n return this.remediation.relatesTo?.value;\n }\n\n}\n"],"file":"Remediator.js"}
package/cjs/idx/remediators/Base/VerifyAuthenticator.js CHANGED
@@ -39,9 +39,11 @@ class VerifyAuthenticator extends _Remediator.Remediator {
39
39
  }
40
40
 
41
41
  getInputCredentials(input) {
42
+ var _input$form;
43
+
42
44
  const challengeType = this.getAuthenticator().type;
43
45
  const name = challengeType === 'password' ? 'password' : 'verificationCode';
44
- return { ...input.form.value[0],
46
+ return { ...((_input$form = input.form) === null || _input$form === void 0 ? void 0 : _input$form.value[0]),
45
47
  name,
46
48
  type: 'string',
47
49
  required: input.required
package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../../lib/idx/remediators/Base/VerifyAuthenticator.ts"],"names":["VerifyAuthenticator","Remediator","canRemediate","values","password","verificationCode","mapCredentials","passcode","getInputCredentials","input","challengeType","getAuthenticator","type","name","form","value","required","getValuesAfterProceed","authenticator"],"mappings":";;;;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAUA;AACO,MAAMA,mBAAN,SAAkCC,sBAAlC,CAA6C;AAAA;AAAA;AAAA,+CAI5C;AACJ,qBAAe;AADX,KAJ4C;AAAA;;AAQlDC,EAAAA,YAAY,GAAG;AACb,WAAO,CAAC,EAAE,KAAKC,MAAL,CAAYC,QAAZ,IAAwB,KAAKD,MAAL,CAAYE,gBAAtC,CAAR;AACD;;AAEDC,EAAAA,cAAc,GAAG;AACf,WAAO;AACLC,MAAAA,QAAQ,EAAE,KAAKJ,MAAL,CAAYE,gBAAZ,IAAgC,KAAKF,MAAL,CAAYC;AADjD,KAAP;AAGD;;AAEDI,EAAAA,mBAAmB,CAACC,KAAD,EAAQ;AACzB,UAAMC,aAAa,GAAG,KAAKC,gBAAL,GAAwBC,IAA9C;AACA,UAAMC,IAAI,GAAGH,aAAa,KAAK,UAAlB,GAA+B,UAA/B,GAA4C,kBAAzD;AACA,WAAO,EACL,GAAGD,KAAK,CAACK,IAAN,CAAWC,KAAX,CAAiB,CAAjB,CADE;AAELF,MAAAA,IAFK;AAGLD,MAAAA,IAAI,EAAE,QAHD;AAILI,MAAAA,QAAQ,EAAEP,KAAK,CAACO;AAJX,KAAP;AAMD;;AAEDC,EAAAA,qBAAqB,GAAG;AACtB,QAAId,MAAM,GAAG,MAAMc,qBAAN,EAAb;AACA,UAAMC,aAAa,GAAG,KAAKP,gBAAL,EAAtB;;AACA,QAAIO,aAAa,CAACN,IAAd,KAAuB,UAA3B,EAAuC;AACrC,aAAOT,MAAM,CAACC,QAAd;AACD,KAFD,MAEO;AACL,aAAOD,MAAM,CAACE,gBAAd;AACD;;AACD,WAAOF,MAAP;AACD;;AAtCiD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Remediator';\n\nexport interface VerifyAuthenticatorValues extends RemediationValues {\n verificationCode?: string;\n password?: string;\n}\n\n// Base class - DO NOT expose static remediationName\nexport class VerifyAuthenticator extends Remediator {\n\n values: VerifyAuthenticatorValues;\n\n map = {\n 'credentials': []\n };\n\n canRemediate() {\n return !!(this.values.password || this.values.verificationCode);\n }\n\n mapCredentials() {\n return { \n passcode: this.values.verificationCode || this.values.password\n };\n }\n\n getInputCredentials(input) {\n const challengeType = this.getAuthenticator().type;\n const name = challengeType === 'password' ? 'password' : 'verificationCode';\n return {\n ...input.form.value[0],\n name,\n type: 'string',\n required: input.required\n };\n }\n\n getValuesAfterProceed() {\n let values = super.getValuesAfterProceed() as VerifyAuthenticatorValues;\n const authenticator = this.getAuthenticator();\n if (authenticator.type === 'password') {\n delete values.password;\n } else {\n delete values.verificationCode;\n }\n return values;\n }\n\n}\n"],"file":"VerifyAuthenticator.js"}
1
+ {"version":3,"sources":["../../../../../lib/idx/remediators/Base/VerifyAuthenticator.ts"],"names":["VerifyAuthenticator","Remediator","canRemediate","values","password","verificationCode","mapCredentials","passcode","getInputCredentials","input","challengeType","getAuthenticator","type","name","form","value","required","getValuesAfterProceed","authenticator"],"mappings":";;;;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAUA;AACO,MAAMA,mBAAN,SAAkCC,sBAAlC,CAA6C;AAAA;AAAA;AAAA,+CAI5C;AACJ,qBAAe;AADX,KAJ4C;AAAA;;AAQlDC,EAAAA,YAAY,GAAG;AACb,WAAO,CAAC,EAAE,KAAKC,MAAL,CAAYC,QAAZ,IAAwB,KAAKD,MAAL,CAAYE,gBAAtC,CAAR;AACD;;AAEDC,EAAAA,cAAc,GAAG;AACf,WAAO;AACLC,MAAAA,QAAQ,EAAE,KAAKJ,MAAL,CAAYE,gBAAZ,IAAgC,KAAKF,MAAL,CAAYC;AADjD,KAAP;AAGD;;AAEDI,EAAAA,mBAAmB,CAACC,KAAD,EAAQ;AAAA;;AACzB,UAAMC,aAAa,GAAG,KAAKC,gBAAL,GAAwBC,IAA9C;AACA,UAAMC,IAAI,GAAGH,aAAa,KAAK,UAAlB,GAA+B,UAA/B,GAA4C,kBAAzD;AACA,WAAO,EACL,mBAAGD,KAAK,CAACK,IAAT,gDAAG,YAAYC,KAAZ,CAAkB,CAAlB,CAAH,CADK;AAELF,MAAAA,IAFK;AAGLD,MAAAA,IAAI,EAAE,QAHD;AAILI,MAAAA,QAAQ,EAAEP,KAAK,CAACO;AAJX,KAAP;AAMD;;AAEDC,EAAAA,qBAAqB,GAAG;AACtB,QAAId,MAAM,GAAG,MAAMc,qBAAN,EAAb;AACA,UAAMC,aAAa,GAAG,KAAKP,gBAAL,EAAtB;;AACA,QAAIO,aAAa,CAACN,IAAd,KAAuB,UAA3B,EAAuC;AACrC,aAAOT,MAAM,CAACC,QAAd;AACD,KAFD,MAEO;AACL,aAAOD,MAAM,CAACE,gBAAd;AACD;;AACD,WAAOF,MAAP;AACD;;AAtCiD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Remediator';\n\nexport interface VerifyAuthenticatorValues extends RemediationValues {\n verificationCode?: string;\n password?: string;\n}\n\n// Base class - DO NOT expose static remediationName\nexport class VerifyAuthenticator extends Remediator {\n\n values: VerifyAuthenticatorValues;\n\n map = {\n 'credentials': []\n };\n\n canRemediate() {\n return !!(this.values.password || this.values.verificationCode);\n }\n\n mapCredentials() {\n return { \n passcode: this.values.verificationCode || this.values.password\n };\n }\n\n getInputCredentials(input) {\n const challengeType = this.getAuthenticator().type;\n const name = challengeType === 'password' ? 'password' : 'verificationCode';\n return {\n ...input.form?.value[0],\n name,\n type: 'string',\n required: input.required\n };\n }\n\n getValuesAfterProceed() {\n let values = super.getValuesAfterProceed() as VerifyAuthenticatorValues;\n const authenticator = this.getAuthenticator();\n if (authenticator.type === 'password') {\n delete values.password;\n } else {\n delete values.verificationCode;\n }\n return values;\n }\n\n}\n"],"file":"VerifyAuthenticator.js"}
package/cjs/idx/remediators/Identify.js CHANGED
@@ -37,7 +37,8 @@ class Identify extends _Remediator.Remediator {
37
37
  if (password && !authenticators.some(authenticator => authenticator.type === 'password')) {
38
38
  this.values = { ...this.values,
39
39
  authenticators: [{
40
- type: 'password'
40
+ type: 'password',
41
+ key: _types.AuthenticatorKey.OKTA_PASSWORD
41
42
  }, ...authenticators]
42
43
  };
43
44
  }
package/cjs/idx/remediators/Identify.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../lib/idx/remediators/Identify.ts"],"names":["Identify","Remediator","constructor","remediation","values","password","authenticators","some","authenticator","type","canRemediate","identifier","getData","mapCredentials","passcode","getInputCredentials","input","form","value","name","required","getValuesAfterProceed","filter","key","AuthenticatorKey","OKTA_PASSWORD"],"mappings":";;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYO,MAAMA,QAAN,SAAuBC,sBAAvB,CAAkC;AAUvCC,EAAAA,WAAW,CAACC,WAAD,EAA8BC,MAA9B,EAAuD;AAChE,UAAMD,WAAN,EAAmBC,MAAnB,EADgE,CAGhE;;AAHgE,+CAL5D;AACJ,oBAAc,CAAC,UAAD,CADV;AAEJ,qBAAe;AAFX,KAK4D;AAIhE,UAAM;AAAEC,MAAAA,QAAF;AAAYC,MAAAA;AAAZ,QAA+B,KAAKF,MAA1C;;AACA,QAAIC,QAAQ,IAAI,CAACC,cAAc,CAACC,IAAf,CAAoBC,aAAa,IAAIA,aAAa,CAACC,IAAd,KAAuB,UAA5D,CAAjB,EAA0F;AACxF,WAAKL,MAAL,GAAc,EACZ,GAAG,KAAKA,MADI;AAEZE,QAAAA,cAAc,EAAE,CAAC;AAAEG,UAAAA,IAAI,EAAE;AAAR,SAAD,EAAuB,GAAGH,cAA1B;AAFJ,OAAd;AAID;AACF;;AAEDI,EAAAA,YAAY,GAAG;AACb,UAAM;AAAEC,MAAAA;AAAF,QAAiB,KAAKC,OAAL,EAAvB;AACA,WAAO,CAAC,CAACD,UAAT;AACD;;AAEDE,EAAAA,cAAc,GAAG;AACf,WAAO;AAAEC,MAAAA,QAAQ,EAAE,KAAKV,MAAL,CAAYC;AAAxB,KAAP;AACD;;AAEDU,EAAAA,mBAAmB,CAACC,KAAD,EAAQ;AACzB,WAAO,EACL,GAAGA,KAAK,CAACC,IAAN,CAAWC,KAAX,CAAiB,CAAjB,CADE;AAELC,MAAAA,IAAI,EAAE,UAFD;AAGLC,MAAAA,QAAQ,EAAEJ,KAAK,CAACI;AAHX,KAAP;AAKD;;AAEDC,EAAAA,qBAAqB,GAAG;AACtB;AACA;AACA,QAAI,KAAKlB,WAAL,CAAiBe,KAAjB,CAAuBX,IAAvB,CAA4B,CAAC;AAAEY,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAK,aAAnD,CAAJ,EAAuE;AAAA;;AACrE,YAAMb,cAAc,4BAAI,KAAKF,MAAL,CAAYE,cAAhB,0DAAG,sBACnBgB,MADmB,CACZd,aAAa,IAAIA,aAAa,CAACe,GAAd,KAAsBC,wBAAiBC,aAD5C,CAAvB;AAEA,aAAO,EAAE,GAAG,KAAKrB,MAAV;AAAkBE,QAAAA;AAAlB,OAAP;AACD;;AAED,WAAO,MAAMe,qBAAN,EAAP;AACD;;AAlDsC;;;8BAA5BrB,Q,qBACc,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Base/Remediator';\nimport { Authenticator, AuthenticatorKey } from '../types';\nimport { IdxRemediation } from '../types/idx-js';\n\nexport interface IdentifyValues extends RemediationValues {\n username?: string;\n password?: string;\n}\n\nexport class Identify extends Remediator {\n static remediationName = 'identify';\n\n values: IdentifyValues;\n\n map = {\n 'identifier': ['username'],\n 'credentials': []\n };\n\n constructor(remediation: IdxRemediation, values?: IdentifyValues) {\n super(remediation, values);\n\n // add password authenticator to authenticators list if password is provided\n const { password, authenticators } = this.values;\n if (password && !authenticators.some(authenticator => authenticator.type === 'password')) {\n this.values = {\n ...this.values,\n authenticators: [{ type: 'password' }, ...authenticators] as Authenticator[]\n };\n }\n }\n\n canRemediate() {\n const { identifier } = this.getData();\n return !!identifier;\n }\n\n mapCredentials() {\n return { passcode: this.values.password };\n }\n\n getInputCredentials(input) {\n return {\n ...input.form.value[0],\n name: 'password',\n required: input.required\n };\n }\n\n getValuesAfterProceed() {\n // Handle username + password scenario\n // remove \"password\" from authenticator array when remediation is finished\n if (this.remediation.value.some(({ name }) => name === 'credentials')) {\n const authenticators = (this.values.authenticators as Authenticator[])\n ?.filter(authenticator => authenticator.key !== AuthenticatorKey.OKTA_PASSWORD);\n return { ...this.values, authenticators };\n }\n\n return super.getValuesAfterProceed();\n }\n}\n"],"file":"Identify.js"}
1
+ {"version":3,"sources":["../../../../lib/idx/remediators/Identify.ts"],"names":["Identify","Remediator","constructor","remediation","values","password","authenticators","some","authenticator","type","key","AuthenticatorKey","OKTA_PASSWORD","canRemediate","identifier","getData","mapCredentials","passcode","getInputCredentials","input","form","value","name","required","getValuesAfterProceed","filter"],"mappings":";;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYO,MAAMA,QAAN,SAAuBC,sBAAvB,CAAkC;AAUvCC,EAAAA,WAAW,CAACC,WAAD,EAA8BC,MAA9B,EAAuD;AAChE,UAAMD,WAAN,EAAmBC,MAAnB,EADgE,CAGhE;;AAHgE,+CAL5D;AACJ,oBAAc,CAAC,UAAD,CADV;AAEJ,qBAAe;AAFX,KAK4D;AAIhE,UAAM;AAAEC,MAAAA,QAAF;AAAYC,MAAAA;AAAZ,QAA+B,KAAKF,MAA1C;;AACA,QAAIC,QAAQ,IAAI,CAACC,cAAc,CAACC,IAAf,CAAoBC,aAAa,IAAIA,aAAa,CAACC,IAAd,KAAuB,UAA5D,CAAjB,EAA0F;AACxF,WAAKL,MAAL,GAAc,EACZ,GAAG,KAAKA,MADI;AAEZE,QAAAA,cAAc,EAAE,CACd;AACEG,UAAAA,IAAI,EAAE,UADR;AAEEC,UAAAA,GAAG,EAAEC,wBAAiBC;AAFxB,SADc,EAKd,GAAGN,cALW;AAFJ,OAAd;AAUD;AACF;;AAEDO,EAAAA,YAAY,GAAG;AACb,UAAM;AAAEC,MAAAA;AAAF,QAAiB,KAAKC,OAAL,EAAvB;AACA,WAAO,CAAC,CAACD,UAAT;AACD;;AAEDE,EAAAA,cAAc,GAAG;AACf,WAAO;AAAEC,MAAAA,QAAQ,EAAE,KAAKb,MAAL,CAAYC;AAAxB,KAAP;AACD;;AAEDa,EAAAA,mBAAmB,CAACC,KAAD,EAAQ;AACzB,WAAO,EACL,GAAGA,KAAK,CAACC,IAAN,CAAWC,KAAX,CAAiB,CAAjB,CADE;AAELC,MAAAA,IAAI,EAAE,UAFD;AAGLC,MAAAA,QAAQ,EAAEJ,KAAK,CAACI;AAHX,KAAP;AAKD;;AAEDC,EAAAA,qBAAqB,GAAG;AACtB;AACA;AACA,QAAI,KAAKrB,WAAL,CAAiBkB,KAAjB,CAAuBd,IAAvB,CAA4B,CAAC;AAAEe,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAK,aAAnD,CAAJ,EAAuE;AAAA;;AACrE,YAAMhB,cAAc,4BAAI,KAAKF,MAAL,CAAYE,cAAhB,0DAAG,sBACnBmB,MADmB,CACZjB,aAAa,IAAIA,aAAa,CAACE,GAAd,KAAsBC,wBAAiBC,aAD5C,CAAvB;AAEA,aAAO,EAAE,GAAG,KAAKR,MAAV;AAAkBE,QAAAA;AAAlB,OAAP;AACD;;AAED,WAAO,MAAMkB,qBAAN,EAAP;AACD;;AAxDsC;;;8BAA5BxB,Q,qBACc,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Base/Remediator';\nimport { Authenticator, AuthenticatorKey } from '../types';\nimport { IdxRemediation } from '../types/idx-js';\n\nexport interface IdentifyValues extends RemediationValues {\n username?: string;\n password?: string;\n}\n\nexport class Identify extends Remediator {\n static remediationName = 'identify';\n\n values: IdentifyValues;\n\n map = {\n 'identifier': ['username'],\n 'credentials': []\n };\n\n constructor(remediation: IdxRemediation, values?: IdentifyValues) {\n super(remediation, values);\n\n // add password authenticator to authenticators list if password is provided\n const { password, authenticators } = this.values;\n if (password && !authenticators.some(authenticator => authenticator.type === 'password')) {\n this.values = {\n ...this.values,\n authenticators: [\n { \n type: 'password',\n key: AuthenticatorKey.OKTA_PASSWORD\n }, \n ...authenticators\n ] as Authenticator[]\n };\n }\n }\n\n canRemediate() {\n const { identifier } = this.getData();\n return !!identifier;\n }\n\n mapCredentials() {\n return { passcode: this.values.password };\n }\n\n getInputCredentials(input) {\n return {\n ...input.form.value[0],\n name: 'password',\n required: input.required\n };\n }\n\n getValuesAfterProceed() {\n // Handle username + password scenario\n // remove \"password\" from authenticator array when remediation is finished\n if (this.remediation.value.some(({ name }) => name === 'credentials')) {\n const authenticators = (this.values.authenticators as Authenticator[])\n ?.filter(authenticator => authenticator.key !== AuthenticatorKey.OKTA_PASSWORD);\n return { ...this.values, authenticators };\n }\n\n return super.getValuesAfterProceed();\n }\n}\n"],"file":"Identify.js"}
package/cjs/idx/types/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../lib/idx/types/index.ts"],"names":["IdxStatus","AuthenticatorKey","IdxFeature"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkBA;;AACA;;AACA;;AACA;;AACA;;AAtBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IAcYA,S;;;WAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;GAAAA,S,yBAAAA,S;;IAQAC,gB;;;WAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;GAAAA,gB,gCAAAA,gB;;IAsBAC,U;;;WAAAA,U;AAAAA,EAAAA,U,CAAAA,U;AAAAA,EAAAA,U,CAAAA,U;AAAAA,EAAAA,U,CAAAA,U;GAAAA,U,0BAAAA,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { InteractOptions } from '../interact';\nimport { APIError, Tokens } from '../../types';\nimport { IdxTransactionMeta } from '../../types/Transaction';\nimport { IdxAuthenticator, IdxMessage, IdxOption } from './idx-js';\n\nexport { IdxMessage } from './idx-js';\nexport { AuthenticationOptions } from '../authenticate';\nexport { RegistrationOptions } from '../register';\nexport { PasswordRecoveryOptions } from '../recoverPassword';\nexport { CancelOptions } from '../cancel';\n\nexport enum IdxStatus {\n SUCCESS = 'SUCCESS',\n PENDING = 'PENDING',\n FAILURE = 'FAILURE',\n TERMINAL = 'TERMINAL',\n CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n OKTA_PASSWORD = 'okta_password',\n OKTA_EMAIL = 'okta_email',\n OKTA_VERIFIER = 'okta_verifier',\n PHONE_NUMBER = 'phone_number',\n GOOGLE_AUTHENTICATOR = 'google_otp',\n}\n\ntype Input = {\n name: string;\n required?: boolean;\n}\n\nexport type NextStep = {\n name: string;\n authenticator?: IdxAuthenticator;\n canSkip?: boolean;\n canResend?: boolean;\n inputs?: Input[];\n options?: IdxOption[];\n}\n\nexport enum IdxFeature {\n PASSWORD_RECOVERY,\n REGISTRATION,\n SOCIAL_IDP,\n}\n\nexport interface IdxTransaction {\n status: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n}\n\nexport type IdxOptions = InteractOptions;\n\nexport type Authenticator = {\n key: string;\n methodType?: string;\n phoneNumber?: string;\n};\n"],"file":"index.js"}
1
+ {"version":3,"sources":["../../../../lib/idx/types/index.ts"],"names":["IdxStatus","AuthenticatorKey","IdxFeature"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkBA;;AACA;;AACA;;AACA;;AACA;;AAtBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IAcYA,S;;;WAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;GAAAA,S,yBAAAA,S;;IAQAC,gB;;;WAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;GAAAA,gB,gCAAAA,gB;;IAyBAC,U;;;WAAAA,U;AAAAA,EAAAA,U,CAAAA,U;AAAAA,EAAAA,U,CAAAA,U;AAAAA,EAAAA,U,CAAAA,U;GAAAA,U,0BAAAA,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { InteractOptions } from '../interact';\nimport { APIError, Tokens } from '../../types';\nimport { IdxTransactionMeta } from '../../types/Transaction';\nimport { IdxAuthenticator, IdxMessage, IdxOption } from './idx-js';\n\nexport { IdxMessage } from './idx-js';\nexport { AuthenticationOptions } from '../authenticate';\nexport { RegistrationOptions } from '../register';\nexport { PasswordRecoveryOptions } from '../recoverPassword';\nexport { CancelOptions } from '../cancel';\n\nexport enum IdxStatus {\n SUCCESS = 'SUCCESS',\n PENDING = 'PENDING',\n FAILURE = 'FAILURE',\n TERMINAL = 'TERMINAL',\n CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n OKTA_PASSWORD = 'okta_password',\n OKTA_EMAIL = 'okta_email',\n OKTA_VERIFIER = 'okta_verifier',\n PHONE_NUMBER = 'phone_number',\n GOOGLE_AUTHENTICATOR = 'google_otp',\n}\n\nexport type Input = {\n name: string;\n label?: string;\n value?: string;\n secret?: boolean;\n required?: boolean;\n}\n\nexport type NextStep = {\n name: string;\n authenticator?: IdxAuthenticator;\n canSkip?: boolean;\n canResend?: boolean;\n inputs?: Input[];\n options?: IdxOption[];\n}\n\nexport enum IdxFeature {\n PASSWORD_RECOVERY,\n REGISTRATION,\n SOCIAL_IDP,\n}\n\nexport interface IdxTransaction {\n status: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n}\n\nexport type IdxOptions = InteractOptions;\n\nexport type Authenticator = {\n key: string;\n methodType?: string;\n phoneNumber?: string;\n};\n"],"file":"index.js"}
package/cjs/oidc/getToken.js CHANGED
@@ -86,7 +86,11 @@ function getToken(sdk, options) {
86
86
  return Promise.reject(new _AuthSdkError.default('As of version 3.0, "getToken" takes only a single set of options'));
87
87
  }
88
88
 
89
- options = options || {};
89
+ options = options || {}; // window object cannot be serialized, save for later use
90
+ // TODO: move popup related params into a separate options object
91
+
92
+ const popupWindow = options.popupWindow;
93
+ options.popupWindow = undefined;
90
94
  return (0, _prepareTokenParams.prepareTokenParams)(sdk, options).then(function (tokenParams) {
91
95
  // Start overriding any options that don't make sense
92
96
  var sessionTokenOverrides = {
@@ -145,17 +149,18 @@ function getToken(sdk, options) {
145
149
  }
146
150
 
147
151
  oauthPromise = (0, _util.addPostMessageListener)(sdk, options.timeout, tokenParams.state);
148
- } // Create the window
152
+ } // Redirect for authorization
153
+ // popupWindown can be null when popup is blocked
154
+
149
155
 
156
+ if (popupWindow) {
157
+ popupWindow.location.assign(requestUrl);
158
+ } // The popup may be closed without receiving an OAuth response. Setup a poller to monitor the window.
150
159
 
151
- var windowOptions = {
152
- popupTitle: options.popupTitle
153
- };
154
- var windowEl = (0, _util.loadPopup)(requestUrl, windowOptions); // The popup may be closed without receiving an OAuth response. Setup a poller to monitor the window.
155
160
 
156
161
  var popupPromise = new Promise(function (resolve, reject) {
157
162
  var closePoller = setInterval(function () {
158
- if (!windowEl || windowEl.closed) {
163
+ if (!popupWindow || popupWindow.closed) {
159
164
  clearInterval(closePoller);
160
165
  reject(new _AuthSdkError.default('Unable to parse OAuth flow response'));
161
166
  }
@@ -172,8 +177,8 @@ function getToken(sdk, options) {
172
177
  return popupPromise.then(function (res) {
173
178
  return (0, _handleOAuthResponse.handleOAuthResponse)(sdk, tokenParams, res, urls);
174
179
  }).finally(function () {
175
- if (windowEl && !windowEl.closed) {
176
- windowEl.close();
180
+ if (popupWindow && !popupWindow.closed) {
181
+ popupWindow.close();
177
182
  }
178
183
  });
179
184