@okta/okta-auth-js 5.6.0 → 5.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (405) hide show
  1. package/CHANGELOG.md +51 -0
  2. package/README.md +28 -1
  3. package/cjs/OktaAuth.js +69 -35
  4. package/cjs/OktaAuth.js.map +1 -1
  5. package/cjs/OktaUserAgent.js +2 -2
  6. package/cjs/StorageManager.js +8 -0
  7. package/cjs/StorageManager.js.map +1 -1
  8. package/cjs/TransactionManager.js +24 -12
  9. package/cjs/TransactionManager.js.map +1 -1
  10. package/cjs/builderUtil.js +6 -0
  11. package/cjs/builderUtil.js.map +1 -1
  12. package/cjs/constants.js +3 -1
  13. package/cjs/constants.js.map +1 -1
  14. package/cjs/features.js +1 -1
  15. package/cjs/features.js.map +1 -1
  16. package/cjs/idx/authenticate.js +3 -18
  17. package/cjs/idx/authenticate.js.map +1 -1
  18. package/cjs/idx/flow/AuthenticationFlow.js +30 -0
  19. package/cjs/idx/flow/AuthenticationFlow.js.map +1 -0
  20. package/cjs/idx/{flowMonitors → flow}/AuthenticationFlowMonitor.js +0 -0
  21. package/cjs/idx/flow/AuthenticationFlowMonitor.js.map +1 -0
  22. package/cjs/idx/{flowMonitors → flow}/FlowMonitor.js +0 -0
  23. package/cjs/idx/flow/FlowMonitor.js.map +1 -0
  24. package/cjs/idx/flow/FlowSpecification.js +49 -0
  25. package/cjs/idx/flow/FlowSpecification.js.map +1 -0
  26. package/cjs/idx/flow/PasswordRecoveryFlow.js +28 -0
  27. package/cjs/idx/flow/PasswordRecoveryFlow.js.map +1 -0
  28. package/cjs/idx/{flowMonitors → flow}/PasswordRecoveryFlowMonitor.js +0 -0
  29. package/cjs/idx/flow/PasswordRecoveryFlowMonitor.js.map +1 -0
  30. package/{esm/crypto/browser.js → cjs/idx/flow/RegistrationFlow.js} +15 -12
  31. package/cjs/idx/flow/RegistrationFlow.js.map +1 -0
  32. package/cjs/idx/{flowMonitors → flow}/RegistrationFlowMonitor.js +0 -0
  33. package/cjs/idx/flow/RegistrationFlowMonitor.js.map +1 -0
  34. package/cjs/idx/flow/RemediationFlow.js +2 -0
  35. package/{esm/types/Cookies.js.map → cjs/idx/flow/RemediationFlow.js.map} +1 -1
  36. package/cjs/idx/flow/index.js +119 -0
  37. package/cjs/idx/flow/index.js.map +1 -0
  38. package/cjs/idx/index.js +26 -0
  39. package/cjs/idx/index.js.map +1 -1
  40. package/cjs/idx/interact.js +5 -2
  41. package/cjs/idx/interact.js.map +1 -1
  42. package/cjs/idx/introspect.js +24 -7
  43. package/cjs/idx/introspect.js.map +1 -1
  44. package/cjs/idx/proceed.js +49 -0
  45. package/cjs/idx/proceed.js.map +1 -0
  46. package/cjs/idx/recoverPassword.js +3 -17
  47. package/cjs/idx/recoverPassword.js.map +1 -1
  48. package/cjs/idx/register.js +7 -16
  49. package/cjs/idx/register.js.map +1 -1
  50. package/cjs/idx/remediate.js +33 -37
  51. package/cjs/idx/remediate.js.map +1 -1
  52. package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
  53. package/cjs/idx/remediators/Base/VerifyAuthenticator.js +3 -1
  54. package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  55. package/cjs/idx/remediators/Identify.js +4 -2
  56. package/cjs/idx/remediators/Identify.js.map +1 -1
  57. package/cjs/idx/run.js +36 -8
  58. package/cjs/idx/run.js.map +1 -1
  59. package/cjs/idx/startTransaction.js +2 -0
  60. package/cjs/idx/startTransaction.js.map +1 -1
  61. package/cjs/idx/transactionMeta.js +77 -39
  62. package/cjs/idx/transactionMeta.js.map +1 -1
  63. package/cjs/idx/types/FlowIdentifier.js +2 -0
  64. package/{esm/types/AuthState.js.map → cjs/idx/types/FlowIdentifier.js.map} +1 -1
  65. package/cjs/idx/types/idx-js.js +5 -0
  66. package/cjs/idx/types/idx-js.js.map +1 -1
  67. package/cjs/idx/types/index.js +16 -0
  68. package/cjs/idx/types/index.js.map +1 -1
  69. package/cjs/oidc/endpoints/authorize.js +4 -1
  70. package/cjs/oidc/endpoints/authorize.js.map +1 -1
  71. package/cjs/oidc/getToken.js +14 -9
  72. package/cjs/oidc/getToken.js.map +1 -1
  73. package/cjs/oidc/getWithPopup.js +9 -2
  74. package/cjs/oidc/getWithPopup.js.map +1 -1
  75. package/cjs/oidc/getWithRedirect.js +2 -6
  76. package/cjs/oidc/getWithRedirect.js.map +1 -1
  77. package/cjs/oidc/renewTokens.js +28 -5
  78. package/cjs/oidc/renewTokens.js.map +1 -1
  79. package/cjs/oidc/util/browser.js +1 -13
  80. package/cjs/oidc/util/browser.js.map +1 -1
  81. package/cjs/oidc/util/loginRedirect.js +9 -5
  82. package/cjs/oidc/util/loginRedirect.js.map +1 -1
  83. package/cjs/oidc/util/urlParams.js +1 -1
  84. package/cjs/oidc/util/urlParams.js.map +1 -1
  85. package/cjs/options.js +12 -2
  86. package/cjs/options.js.map +1 -1
  87. package/cjs/server/serverStorage.js +2 -1
  88. package/cjs/server/serverStorage.js.map +1 -1
  89. package/cjs/tx/AuthTransaction.js +1 -3
  90. package/cjs/tx/AuthTransaction.js.map +1 -1
  91. package/cjs/tx/api.js +3 -0
  92. package/cjs/tx/api.js.map +1 -1
  93. package/cjs/types/Transaction.js.map +1 -1
  94. package/{esm/clock.js → cjs/util/emailVerify.js} +14 -18
  95. package/cjs/util/emailVerify.js.map +1 -0
  96. package/cjs/util/index.js +13 -0
  97. package/cjs/util/index.js.map +1 -1
  98. package/dist/okta-auth-js.min.js +2 -74
  99. package/dist/okta-auth-js.min.js.LICENSE.txt +32 -0
  100. package/dist/okta-auth-js.min.js.map +1 -1
  101. package/dist/okta-auth-js.polyfill.js +2 -18
  102. package/{esm/crypto/webcrypto.js → dist/okta-auth-js.polyfill.js.LICENSE.txt} +8 -4
  103. package/dist/okta-auth-js.polyfill.js.map +1 -1
  104. package/dist/okta-auth-js.umd.js +2 -74
  105. package/dist/okta-auth-js.umd.js.LICENSE.txt +32 -0
  106. package/dist/okta-auth-js.umd.js.map +1 -1
  107. package/esm/index.js +8368 -16
  108. package/esm/index.js.map +1 -1
  109. package/lib/OktaAuth.d.ts +7 -3
  110. package/lib/StorageManager.d.ts +1 -0
  111. package/lib/TransactionManager.d.ts +5 -1
  112. package/lib/constants.d.ts +1 -0
  113. package/lib/crypto/base64.d.ts +2 -2
  114. package/lib/crypto/oidcHash.d.ts +1 -1
  115. package/lib/crypto/verifyToken.d.ts +1 -1
  116. package/{esm/oidc/endpoints/index.js → lib/idx/flow/AuthenticationFlow.d.ts} +3 -5
  117. package/lib/idx/{flowMonitors → flow}/AuthenticationFlowMonitor.d.ts +0 -0
  118. package/lib/idx/{flowMonitors → flow}/FlowMonitor.d.ts +0 -0
  119. package/lib/idx/flow/FlowSpecification.d.ts +10 -0
  120. package/{esm/crypto/index.js → lib/idx/flow/PasswordRecoveryFlow.d.ts} +3 -6
  121. package/lib/idx/{flowMonitors → flow}/PasswordRecoveryFlowMonitor.d.ts +0 -0
  122. package/{esm/tx/TransactionState.js → lib/idx/flow/RegistrationFlow.d.ts} +3 -3
  123. package/lib/idx/{flowMonitors → flow}/RegistrationFlowMonitor.d.ts +0 -0
  124. package/lib/idx/flow/RemediationFlow.d.ts +13 -0
  125. package/lib/idx/{flowMonitors → flow}/index.d.ts +7 -2
  126. package/lib/idx/index.d.ts +2 -0
  127. package/lib/idx/introspect.d.ts +2 -1
  128. package/{esm/errors/AuthApiError.js → lib/idx/proceed.d.ts} +9 -19
  129. package/lib/idx/remediators/Base/AuthenticatorData.d.ts +1 -4
  130. package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +1 -4
  131. package/lib/idx/remediators/Identify.d.ts +1 -0
  132. package/lib/idx/run.d.ts +9 -9
  133. package/lib/idx/transactionMeta.d.ts +28 -4
  134. package/lib/idx/types/FlowIdentifier.d.ts +1 -0
  135. package/lib/idx/types/idx-js.d.ts +4 -0
  136. package/lib/idx/types/index.d.ts +14 -3
  137. package/lib/oidc/getToken.d.ts +2 -2
  138. package/lib/oidc/renewTokens.d.ts +0 -12
  139. package/lib/oidc/util/loginRedirect.d.ts +1 -1
  140. package/lib/types/OktaAuthOptions.d.ts +2 -0
  141. package/lib/types/Transaction.d.ts +2 -0
  142. package/lib/types/api.d.ts +20 -5
  143. package/{esm/errors/AuthPollStopError.js → lib/util/emailVerify.d.ts} +5 -8
  144. package/lib/util/index.d.ts +1 -0
  145. package/package.json +26 -14
  146. package/cjs/idx/flowMonitors/AuthenticationFlowMonitor.js.map +0 -1
  147. package/cjs/idx/flowMonitors/FlowMonitor.js.map +0 -1
  148. package/cjs/idx/flowMonitors/PasswordRecoveryFlowMonitor.js.map +0 -1
  149. package/cjs/idx/flowMonitors/RegistrationFlowMonitor.js.map +0 -1
  150. package/cjs/idx/flowMonitors/index.js +0 -54
  151. package/cjs/idx/flowMonitors/index.js.map +0 -1
  152. package/esm/AuthStateManager.js +0 -214
  153. package/esm/AuthStateManager.js.map +0 -1
  154. package/esm/OktaAuth.js +0 -679
  155. package/esm/OktaAuth.js.map +0 -1
  156. package/esm/OktaUserAgent.js +0 -49
  157. package/esm/OktaUserAgent.js.map +0 -1
  158. package/esm/PromiseQueue.js +0 -71
  159. package/esm/PromiseQueue.js.map +0 -1
  160. package/esm/SavedObject.js +0 -91
  161. package/esm/SavedObject.js.map +0 -1
  162. package/esm/StorageManager.js +0 -182
  163. package/esm/StorageManager.js.map +0 -1
  164. package/esm/TokenManager.js +0 -455
  165. package/esm/TokenManager.js.map +0 -1
  166. package/esm/TransactionManager.js +0 -316
  167. package/esm/TransactionManager.js.map +0 -1
  168. package/esm/browser/browserStorage.js +0 -256
  169. package/esm/browser/browserStorage.js.map +0 -1
  170. package/esm/browser/fingerprint.js +0 -74
  171. package/esm/browser/fingerprint.js.map +0 -1
  172. package/esm/builderUtil.js +0 -50
  173. package/esm/builderUtil.js.map +0 -1
  174. package/esm/clock.js.map +0 -1
  175. package/esm/constants.js +0 -35
  176. package/esm/constants.js.map +0 -1
  177. package/esm/crypto/base64.js +0 -66
  178. package/esm/crypto/base64.js.map +0 -1
  179. package/esm/crypto/browser.js.map +0 -1
  180. package/esm/crypto/index.js.map +0 -1
  181. package/esm/crypto/node.js +0 -54
  182. package/esm/crypto/node.js.map +0 -1
  183. package/esm/crypto/oidcHash.js +0 -27
  184. package/esm/crypto/oidcHash.js.map +0 -1
  185. package/esm/crypto/verifyToken.js +0 -39
  186. package/esm/crypto/verifyToken.js.map +0 -1
  187. package/esm/crypto/webcrypto.js.map +0 -1
  188. package/esm/errors/AuthApiError.js.map +0 -1
  189. package/esm/errors/AuthPollStopError.js.map +0 -1
  190. package/esm/errors/AuthSdkError.js +0 -29
  191. package/esm/errors/AuthSdkError.js.map +0 -1
  192. package/esm/errors/CustomError.js +0 -21
  193. package/esm/errors/CustomError.js.map +0 -1
  194. package/esm/errors/OAuthError.js +0 -22
  195. package/esm/errors/OAuthError.js.map +0 -1
  196. package/esm/errors/index.js +0 -22
  197. package/esm/errors/index.js.map +0 -1
  198. package/esm/features.js +0 -64
  199. package/esm/features.js.map +0 -1
  200. package/esm/fetch/fetchRequest.js +0 -92
  201. package/esm/fetch/fetchRequest.js.map +0 -1
  202. package/esm/http/headers.js +0 -17
  203. package/esm/http/headers.js.map +0 -1
  204. package/esm/http/index.js +0 -3
  205. package/esm/http/index.js.map +0 -1
  206. package/esm/http/request.js +0 -145
  207. package/esm/http/request.js.map +0 -1
  208. package/esm/idx/authenticate.js +0 -47
  209. package/esm/idx/authenticate.js.map +0 -1
  210. package/esm/idx/cancel.js +0 -32
  211. package/esm/idx/cancel.js.map +0 -1
  212. package/esm/idx/flowMonitors/AuthenticationFlowMonitor.js +0 -41
  213. package/esm/idx/flowMonitors/AuthenticationFlowMonitor.js.map +0 -1
  214. package/esm/idx/flowMonitors/FlowMonitor.js +0 -73
  215. package/esm/idx/flowMonitors/FlowMonitor.js.map +0 -1
  216. package/esm/idx/flowMonitors/PasswordRecoveryFlowMonitor.js +0 -57
  217. package/esm/idx/flowMonitors/PasswordRecoveryFlowMonitor.js.map +0 -1
  218. package/esm/idx/flowMonitors/RegistrationFlowMonitor.js +0 -28
  219. package/esm/idx/flowMonitors/RegistrationFlowMonitor.js.map +0 -1
  220. package/esm/idx/flowMonitors/index.js +0 -16
  221. package/esm/idx/flowMonitors/index.js.map +0 -1
  222. package/esm/idx/handleInteractionCodeRedirect.js +0 -64
  223. package/esm/idx/handleInteractionCodeRedirect.js.map +0 -1
  224. package/esm/idx/headers.js +0 -39
  225. package/esm/idx/headers.js.map +0 -1
  226. package/esm/idx/index.js +0 -20
  227. package/esm/idx/index.js.map +0 -1
  228. package/esm/idx/interact.js +0 -83
  229. package/esm/idx/interact.js.map +0 -1
  230. package/esm/idx/introspect.js +0 -45
  231. package/esm/idx/introspect.js.map +0 -1
  232. package/esm/idx/recoverPassword.js +0 -46
  233. package/esm/idx/recoverPassword.js.map +0 -1
  234. package/esm/idx/register.js +0 -63
  235. package/esm/idx/register.js.map +0 -1
  236. package/esm/idx/remediate.js +0 -302
  237. package/esm/idx/remediate.js.map +0 -1
  238. package/esm/idx/remediators/AuthenticatorEnrollmentData.js +0 -68
  239. package/esm/idx/remediators/AuthenticatorEnrollmentData.js.map +0 -1
  240. package/esm/idx/remediators/AuthenticatorVerificationData.js +0 -66
  241. package/esm/idx/remediators/AuthenticatorVerificationData.js.map +0 -1
  242. package/esm/idx/remediators/Base/AuthenticatorData.js +0 -105
  243. package/esm/idx/remediators/Base/AuthenticatorData.js.map +0 -1
  244. package/esm/idx/remediators/Base/Remediator.js +0 -221
  245. package/esm/idx/remediators/Base/Remediator.js.map +0 -1
  246. package/esm/idx/remediators/Base/SelectAuthenticator.js +0 -140
  247. package/esm/idx/remediators/Base/SelectAuthenticator.js.map +0 -1
  248. package/esm/idx/remediators/Base/VerifyAuthenticator.js +0 -63
  249. package/esm/idx/remediators/Base/VerifyAuthenticator.js.map +0 -1
  250. package/esm/idx/remediators/ChallengeAuthenticator.js +0 -18
  251. package/esm/idx/remediators/ChallengeAuthenticator.js.map +0 -1
  252. package/esm/idx/remediators/EnrollAuthenticator.js +0 -18
  253. package/esm/idx/remediators/EnrollAuthenticator.js.map +0 -1
  254. package/esm/idx/remediators/EnrollProfile.js +0 -79
  255. package/esm/idx/remediators/EnrollProfile.js.map +0 -1
  256. package/esm/idx/remediators/Identify.js +0 -86
  257. package/esm/idx/remediators/Identify.js.map +0 -1
  258. package/esm/idx/remediators/ReEnrollAuthenticator.js +0 -45
  259. package/esm/idx/remediators/ReEnrollAuthenticator.js.map +0 -1
  260. package/esm/idx/remediators/RedirectIdp.js +0 -38
  261. package/esm/idx/remediators/RedirectIdp.js.map +0 -1
  262. package/esm/idx/remediators/ResetAuthenticator.js +0 -18
  263. package/esm/idx/remediators/ResetAuthenticator.js.map +0 -1
  264. package/esm/idx/remediators/SelectAuthenticatorAuthenticate.js +0 -18
  265. package/esm/idx/remediators/SelectAuthenticatorAuthenticate.js.map +0 -1
  266. package/esm/idx/remediators/SelectAuthenticatorEnroll.js +0 -18
  267. package/esm/idx/remediators/SelectAuthenticatorEnroll.js.map +0 -1
  268. package/esm/idx/remediators/SelectEnrollProfile.js +0 -24
  269. package/esm/idx/remediators/SelectEnrollProfile.js.map +0 -1
  270. package/esm/idx/remediators/Skip.js +0 -23
  271. package/esm/idx/remediators/Skip.js.map +0 -1
  272. package/esm/idx/remediators/index.js +0 -26
  273. package/esm/idx/remediators/index.js.map +0 -1
  274. package/esm/idx/remediators/util.js +0 -35
  275. package/esm/idx/remediators/util.js.map +0 -1
  276. package/esm/idx/run.js +0 -201
  277. package/esm/idx/run.js.map +0 -1
  278. package/esm/idx/startTransaction.js +0 -27
  279. package/esm/idx/startTransaction.js.map +0 -1
  280. package/esm/idx/transactionMeta.js +0 -114
  281. package/esm/idx/transactionMeta.js.map +0 -1
  282. package/esm/idx/types/idx-js.js +0 -17
  283. package/esm/idx/types/idx-js.js.map +0 -1
  284. package/esm/idx/types/index.js +0 -44
  285. package/esm/idx/types/index.js.map +0 -1
  286. package/esm/oidc/decodeToken.js +0 -31
  287. package/esm/oidc/decodeToken.js.map +0 -1
  288. package/esm/oidc/endpoints/authorize.js +0 -61
  289. package/esm/oidc/endpoints/authorize.js.map +0 -1
  290. package/esm/oidc/endpoints/index.js.map +0 -1
  291. package/esm/oidc/endpoints/token.js +0 -97
  292. package/esm/oidc/endpoints/token.js.map +0 -1
  293. package/esm/oidc/endpoints/well-known.js +0 -58
  294. package/esm/oidc/endpoints/well-known.js.map +0 -1
  295. package/esm/oidc/exchangeCodeForTokens.js +0 -69
  296. package/esm/oidc/exchangeCodeForTokens.js.map +0 -1
  297. package/esm/oidc/getToken.js +0 -175
  298. package/esm/oidc/getToken.js.map +0 -1
  299. package/esm/oidc/getUserInfo.js +0 -82
  300. package/esm/oidc/getUserInfo.js.map +0 -1
  301. package/esm/oidc/getWithPopup.js +0 -28
  302. package/esm/oidc/getWithPopup.js.map +0 -1
  303. package/esm/oidc/getWithRedirect.js +0 -65
  304. package/esm/oidc/getWithRedirect.js.map +0 -1
  305. package/esm/oidc/getWithoutPrompt.js +0 -29
  306. package/esm/oidc/getWithoutPrompt.js.map +0 -1
  307. package/esm/oidc/handleOAuthResponse.js +0 -148
  308. package/esm/oidc/handleOAuthResponse.js.map +0 -1
  309. package/esm/oidc/index.js +0 -29
  310. package/esm/oidc/index.js.map +0 -1
  311. package/esm/oidc/parseFromUrl.js +0 -144
  312. package/esm/oidc/parseFromUrl.js.map +0 -1
  313. package/esm/oidc/renewToken.js +0 -85
  314. package/esm/oidc/renewToken.js.map +0 -1
  315. package/esm/oidc/renewTokens.js +0 -52
  316. package/esm/oidc/renewTokens.js.map +0 -1
  317. package/esm/oidc/renewTokensWithRefresh.js +0 -55
  318. package/esm/oidc/renewTokensWithRefresh.js.map +0 -1
  319. package/esm/oidc/revokeToken.js +0 -57
  320. package/esm/oidc/revokeToken.js.map +0 -1
  321. package/esm/oidc/util/browser.js +0 -85
  322. package/esm/oidc/util/browser.js.map +0 -1
  323. package/esm/oidc/util/defaultTokenParams.js +0 -42
  324. package/esm/oidc/util/defaultTokenParams.js.map +0 -1
  325. package/esm/oidc/util/errors.js +0 -31
  326. package/esm/oidc/util/errors.js.map +0 -1
  327. package/esm/oidc/util/index.js +0 -25
  328. package/esm/oidc/util/index.js.map +0 -1
  329. package/esm/oidc/util/loginRedirect.js +0 -84
  330. package/esm/oidc/util/loginRedirect.js.map +0 -1
  331. package/esm/oidc/util/oauth.js +0 -70
  332. package/esm/oidc/util/oauth.js.map +0 -1
  333. package/esm/oidc/util/pkce.js +0 -55
  334. package/esm/oidc/util/pkce.js.map +0 -1
  335. package/esm/oidc/util/prepareTokenParams.js +0 -75
  336. package/esm/oidc/util/prepareTokenParams.js.map +0 -1
  337. package/esm/oidc/util/refreshToken.js +0 -24
  338. package/esm/oidc/util/refreshToken.js.map +0 -1
  339. package/esm/oidc/util/urlParams.js +0 -54
  340. package/esm/oidc/util/urlParams.js.map +0 -1
  341. package/esm/oidc/util/validateClaims.js +0 -53
  342. package/esm/oidc/util/validateClaims.js.map +0 -1
  343. package/esm/oidc/util/validateToken.js +0 -21
  344. package/esm/oidc/util/validateToken.js.map +0 -1
  345. package/esm/oidc/verifyToken.js +0 -78
  346. package/esm/oidc/verifyToken.js.map +0 -1
  347. package/esm/options.js +0 -134
  348. package/esm/options.js.map +0 -1
  349. package/esm/server/serverStorage.js +0 -110
  350. package/esm/server/serverStorage.js.map +0 -1
  351. package/esm/services/TokenService.js +0 -103
  352. package/esm/services/TokenService.js.map +0 -1
  353. package/esm/session.js +0 -81
  354. package/esm/session.js.map +0 -1
  355. package/esm/tx/AuthTransaction.js +0 -215
  356. package/esm/tx/AuthTransaction.js.map +0 -1
  357. package/esm/tx/TransactionState.js.map +0 -1
  358. package/esm/tx/api.js +0 -84
  359. package/esm/tx/api.js.map +0 -1
  360. package/esm/tx/index.js +0 -18
  361. package/esm/tx/index.js.map +0 -1
  362. package/esm/tx/poll.js +0 -124
  363. package/esm/tx/poll.js.map +0 -1
  364. package/esm/tx/util.js +0 -26
  365. package/esm/tx/util.js.map +0 -1
  366. package/esm/types/AuthState.js +0 -3
  367. package/esm/types/Cookies.js +0 -3
  368. package/esm/types/EventEmitter.js +0 -3
  369. package/esm/types/EventEmitter.js.map +0 -1
  370. package/esm/types/JWT.js +0 -3
  371. package/esm/types/JWT.js.map +0 -1
  372. package/esm/types/OAuth.js +0 -3
  373. package/esm/types/OAuth.js.map +0 -1
  374. package/esm/types/OktaAuthOptions.js +0 -3
  375. package/esm/types/OktaAuthOptions.js.map +0 -1
  376. package/esm/types/Storage.js +0 -3
  377. package/esm/types/Storage.js.map +0 -1
  378. package/esm/types/Token.js +0 -29
  379. package/esm/types/Token.js.map +0 -1
  380. package/esm/types/TokenManager.js +0 -3
  381. package/esm/types/TokenManager.js.map +0 -1
  382. package/esm/types/Transaction.js +0 -57
  383. package/esm/types/Transaction.js.map +0 -1
  384. package/esm/types/UserClaims.js +0 -3
  385. package/esm/types/UserClaims.js.map +0 -1
  386. package/esm/types/api.js +0 -3
  387. package/esm/types/api.js.map +0 -1
  388. package/esm/types/http.js +0 -3
  389. package/esm/types/http.js.map +0 -1
  390. package/esm/types/index.js +0 -27
  391. package/esm/types/index.js.map +0 -1
  392. package/esm/util/console.js +0 -53
  393. package/esm/util/console.js.map +0 -1
  394. package/esm/util/index.js +0 -17
  395. package/esm/util/index.js.map +0 -1
  396. package/esm/util/misc.js +0 -33
  397. package/esm/util/misc.js.map +0 -1
  398. package/esm/util/object.js +0 -117
  399. package/esm/util/object.js.map +0 -1
  400. package/esm/util/sharedStorage.js +0 -43
  401. package/esm/util/sharedStorage.js.map +0 -1
  402. package/esm/util/types.js +0 -27
  403. package/esm/util/types.js.map +0 -1
  404. package/esm/util/url.js +0 -64
  405. package/esm/util/url.js.map +0 -1
package/cjs/TransactionManager.js CHANGED
@@ -34,16 +34,24 @@ class TransactionManager {
34
34
  this.saveParamsCookie = options.saveParamsCookie === false ? false : true;
35
35
  this.enableSharedStorage = options.enableSharedStorage === false ? false : true;
36
36
  this.options = options;
37
- }
37
+ } // eslint-disable-next-line complexity
38
+
38
39
 
39
40
  clear(options = {}) {
40
41
  const transactionStorage = this.storageManager.getTransactionStorage();
41
- transactionStorage.clearStorage();
42
- const idxStateStorage = this.storageManager.getIdxResponseStorage();
43
- idxStateStorage === null || idxStateStorage === void 0 ? void 0 : idxStateStorage.clearStorage();
42
+ const meta = transactionStorage.getStorage(); // Clear primary storage (by default, sessionStorage on browser)
44
43
 
45
- if (this.enableSharedStorage && options.state) {
46
- (0, _sharedStorage.clearTransactionFromSharedStorage)(this.storageManager, options.state);
44
+ transactionStorage.clearStorage(); // clear IDX response storage
45
+
46
+ this.clearIdxResponse(); // Usually we do NOT want to clear shared storage because another tab may need it to continue/complete a flow
47
+ // It can be cleared after a user succcesfully signs in and receives tokens
48
+
49
+ if (this.enableSharedStorage && options.clearSharedStorage) {
50
+ const state = options.state || (meta === null || meta === void 0 ? void 0 : meta.state);
51
+
52
+ if (state) {
53
+ (0, _sharedStorage.clearTransactionFromSharedStorage)(this.storageManager, state);
54
+ }
47
55
  }
48
56
 
49
57
  if (!this.legacyWidgetSupport) {
@@ -75,7 +83,11 @@ class TransactionManager {
75
83
  (0, _util.warn)('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');
76
84
  }
77
85
 
78
- storage.setStorage(meta);
86
+ storage.setStorage(meta); // Shared storage allows continuation of transaction in another tab
87
+
88
+ if (this.enableSharedStorage && meta.state) {
89
+ (0, _sharedStorage.saveTransactionToSharedStorage)(this.storageManager, meta.state, meta);
90
+ }
79
91
 
80
92
  if (!options.oauth) {
81
93
  return;
@@ -118,11 +130,6 @@ class TransactionManager {
118
130
  // Set state cookie for servers to validate state
119
131
  cookieStorage.setItem(_constants.REDIRECT_STATE_COOKIE_NAME, meta.state, null);
120
132
  }
121
- } // Shared storage allows continuation of transaction in another tab
122
-
123
-
124
- if (this.enableSharedStorage && meta.state) {
125
- (0, _sharedStorage.saveTransactionToSharedStorage)(this.storageManager, meta.state, meta);
126
133
  }
127
134
  }
128
135
 
@@ -317,6 +324,11 @@ class TransactionManager {
317
324
  return idxResponse;
318
325
  }
319
326
 
327
+ clearIdxResponse() {
328
+ const storage = this.storageManager.getIdxResponseStorage();
329
+ storage === null || storage === void 0 ? void 0 : storage.clearStorage();
330
+ }
331
+
320
332
  }
321
333
 
322
334
  exports.default = TransactionManager;
package/cjs/TransactionManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","clear","transactionStorage","getTransactionStorage","clearStorage","idxStateStorage","getIdxResponseStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","meta","storage","obj","getStorage","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","JSON","stringify","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","Object","assign","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","loadIdxResponse"],"mappings":";;;;AAaA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAyBe,MAAMA,kBAAN,CAAyB;AAStCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKN,OAAL,GAAeA,OAAf;AACD;;AAEDO,EAAAA,KAAK,CAACP,OAA+B,GAAG,EAAnC,EAAuC;AAC1C,UAAMQ,kBAAmC,GAAG,KAAKP,cAAL,CAAoBQ,qBAApB,EAA5C;AACAD,IAAAA,kBAAkB,CAACE,YAAnB;AAEA,UAAMC,eAAgC,GAAG,KAAKV,cAAL,CAAoBW,qBAApB,EAAzC;AACAD,IAAAA,eAAe,SAAf,IAAAA,eAAe,WAAf,YAAAA,eAAe,CAAED,YAAjB;;AAEA,QAAI,KAAKJ,mBAAL,IAA4BN,OAAO,CAACa,KAAxC,EAA+C;AAC7C,4DAAkC,KAAKZ,cAAvC,EAAuDD,OAAO,CAACa,KAA/D;AACD;;AAED,QAAI,CAAC,KAAKX,mBAAV,EAA+B;AAC7B;AACD,KAbyC,CAe1C;;;AACA,QAAIF,OAAO,CAACc,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIf,OAAO,CAACgB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GA1CqC,CA4CtC;;;AACAC,EAAAA,IAAI,CAACC,IAAD,EAAwBnB,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIoB,OAAwB,GAAG,KAAKnB,cAAL,CAAoBQ,qBAApB,EAA/B;AACA,UAAMY,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBD,GAAlB,KAA0B,CAACrB,OAAO,CAACuB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDH,IAAAA,OAAO,CAACI,UAAR,CAAmBL,IAAnB;;AAEA,QAAI,CAACnB,OAAO,CAACc,KAAb,EAAoB;AAClB;AACD,KAnB+D,CAqBhE;;;AACA,QAAI,KAAKX,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMoB,aAA4B,GAAG,KAAKxB,cAAL,CAAoBqB,UAApB,CAA+B;AAAEI,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKrB,gBAAT,EAA2B;AACzB,cAAM;AACJsB,UAAAA,YADI;AAEJd,UAAAA,KAFI;AAGJe,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFb,IARJ;AASA,cAAMc,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBd,UAAAA,KAFkB;AAGlBe,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkDC,IAAI,CAACC,SAAL,CAAeJ,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK9B,eAAL,IAAwBgB,IAAI,CAACS,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBI,qCAAtB,EAAkDnB,IAAI,CAACS,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKxB,eAAL,IAAwBe,IAAI,CAACN,KAAjC,EAAwC;AACtC;AACAY,QAAAA,aAAa,CAACS,OAAd,CAAsBK,qCAAtB,EAAkDpB,IAAI,CAACN,KAAvD,EAA8D,IAA9D;AACD;AACF,KAxD+D,CA0DhE;;;AACA,QAAI,KAAKP,mBAAL,IAA4Ba,IAAI,CAACN,KAArC,EAA4C;AAC1C,yDAA+B,KAAKZ,cAApC,EAAoDkB,IAAI,CAACN,KAAzD,EAAgEM,IAAhE;AACD;AACF;;AAEDqB,EAAAA,MAAM,CAACxC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMmB,IAAqB,GAAG,KAAKsB,IAAL,CAAUzC,OAAV,CAA9B;AACA,aAAO,CAAC,CAACmB,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GApHqC,CAsHtC;AACA;;;AACAsB,EAAAA,IAAI,CAACzC,OAA+B,GAAG,EAAnC,EAAwD;AAE1D,QAAImB,IAAJ,CAF0D,CAI1D;;AACA,QAAI,KAAKb,mBAAL,IAA4BN,OAAO,CAACa,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKZ,cAAxB,EAD6C,CACJ;;AACzCkB,MAAAA,IAAI,GAAG,qDAAiC,KAAKlB,cAAtC,EAAsDD,OAAO,CAACa,KAA9D,CAAP;;AACA,UAAI,8BAAkBM,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIC,OAAwB,GAAG,KAAKnB,cAAL,CAAoBQ,qBAApB,EAA/B;AACAU,IAAAA,IAAI,GAAGC,OAAO,CAACE,UAAR,EAAP;;AACA,QAAI,8BAAkBH,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKjB,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtByD,CAwB1D;;;AACA,QAAIF,OAAO,CAACc,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMmB,WAAW,GAAG,KAAKS,qBAAL,EAApB;AACAC,QAAAA,MAAM,CAACC,MAAP,CAAczB,IAAd,EAAoBc,WAApB;AACD,OAHD,SAGU;AACR,aAAKlB,sBAAL;AACD;AACF;;AAED,QAAIf,OAAO,CAACgB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAM6B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACAH,QAAAA,MAAM,CAACC,MAAP,CAAczB,IAAd,EAAoB0B,QAApB;AACD,OAHD,SAGU;AACR,aAAK5B,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBE,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAvKqC,CAyKtC;;;AACAF,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIG,OAAJ;;AAEA,QAAI,KAAKnB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAN,MAAAA,OAAO,CAACV,YAAR;AACD;;AAED,QAAI,KAAKT,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAN,MAAAA,OAAO,CAACV,YAAR;AACD;AACF;;AAEDoC,EAAAA,cAAc,GAAwB;AACpC,QAAI1B,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAN;;AACA,UAAID,GAAG,IAAIA,GAAG,CAAC6B,YAAf,EAA6B;AAC3B,eAAO7B,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAN;;AACA,UAAID,GAAG,IAAIA,GAAG,CAAC6B,YAAf,EAA6B;AAC3B,eAAO7B,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAI8B,oBAAJ,CAAiB,yJAAjB,EAA4K,IAA5K,CAAN;AACD;;AAEDpC,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAIK,OAAJ;;AAEA,QAAI,KAAKnB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAN,MAAAA,OAAO,CAACV,YAAR;AACD;;AAED,QAAI,KAAKT,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAN,MAAAA,OAAO,CAACV,YAAR;AACD;AACF;;AAEDgC,EAAAA,qBAAqB,GAAyB;AAC5C,QAAItB,OAAJ;AACA,QAAIa,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGb,OAAO,CAACE,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBW,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGb,OAAO,CAACE,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBW,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIkB,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDE,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,UAAMlC,OAAwB,GAAG,KAAKnB,cAAL,CAAoBW,qBAApB,EAAjC;;AACA,QAAI,CAACQ,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACI,UAAR,CAAmB8B,WAAnB;AACD;;AAEDC,EAAAA,eAAe,GAAmB;AAChC,UAAMnC,OAAwB,GAAG,KAAKnB,cAAL,CAAoBW,qBAApB,EAAjC;;AACA,QAAI,CAACQ,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMkC,WAAW,GAAGlC,OAAO,CAACE,UAAR,EAApB;;AACA,QAAI,CAAC,6BAAiBgC,WAAjB,CAAL,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AApRqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport StorageManager from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n enableSharedStorage: boolean;\n\n constructor(options: TransactionManagerOptions) {\n this.storageManager = options.storageManager;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.options = options;\n }\n\n clear(options: TransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n transactionStorage.clearStorage();\n\n const idxStateStorage: StorageProvider = this.storageManager.getIdxResponseStorage();\n idxStateStorage?.clearStorage();\n\n if (this.enableSharedStorage && options.state) {\n clearTransactionFromSharedStorage(this.storageManager, options.state);\n }\n \n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n if (!options.oauth) {\n return;\n }\n \n // Legacy cookie storage\n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta: TransactionMeta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse(idxResponse: RawIdxResponse): void {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(idxResponse);\n }\n\n loadIdxResponse(): RawIdxResponse {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const idxResponse = storage.getStorage();\n if (!isRawIdxResponse(idxResponse)) {\n return null;\n }\n return idxResponse;\n }\n}"],"file":"TransactionManager.js"}
1
+ {"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearIdxResponse","clearSharedStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","JSON","stringify","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","Object","assign","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","getIdxResponseStorage","loadIdxResponse"],"mappings":";;;;AAaA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6Be,MAAMA,kBAAN,CAAyB;AAStCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKN,OAAL,GAAeA,OAAf;AACD,GAjBqC,CAmBtC;;;AACAO,EAAAA,KAAK,CAACP,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMQ,kBAAmC,GAAG,KAAKP,cAAL,CAAoBQ,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,SAAKC,gBAAL,GAR+C,CAU/C;AACA;;AACA,QAAI,KAAKP,mBAAL,IAA4BN,OAAO,CAACc,kBAAxC,EAA4D;AAC1D,YAAMC,KAAK,GAAGf,OAAO,CAACe,KAAR,KAAiBL,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEK,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKd,cAAvC,EAAuDc,KAAvD;AACD;AACF;;AAED,QAAI,CAAC,KAAKb,mBAAV,EAA+B;AAC7B;AACD,KArB8C,CAuB/C;;;AACA,QAAIF,OAAO,CAACgB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIjB,OAAO,CAACkB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GAnDqC,CAqDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBV,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIqB,OAAwB,GAAG,KAAKpB,cAAL,CAAoBQ,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACtB,OAAO,CAACuB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKJ,mBAAL,IAA4BI,IAAI,CAACK,KAArC,EAA4C;AAC1C,yDAA+B,KAAKd,cAApC,EAAoDS,IAAI,CAACK,KAAzD,EAAgEL,IAAhE;AACD;;AAED,QAAI,CAACV,OAAO,CAACgB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKb,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMoB,aAA4B,GAAG,KAAKxB,cAAL,CAAoBU,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKrB,gBAAT,EAA2B;AACzB,cAAM;AACJsB,UAAAA,YADI;AAEJZ,UAAAA,KAFI;AAGJa,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBZ,UAAAA,KAFkB;AAGlBa,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkDC,IAAI,CAACC,SAAL,CAAeJ,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK9B,eAAL,IAAwBO,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBI,qCAAtB,EAAkD5B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKxB,eAAL,IAAwBM,IAAI,CAACK,KAAjC,EAAwC;AACtC;AACAU,QAAAA,aAAa,CAACS,OAAd,CAAsBK,qCAAtB,EAAkD7B,IAAI,CAACK,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDyB,EAAAA,MAAM,CAACxC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMU,IAAqB,GAAG,KAAK+B,IAAL,CAAUzC,OAAV,CAA9B;AACA,aAAO,CAAC,CAACU,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GA7HqC,CA+HtC;AACA;;;AACA+B,EAAAA,IAAI,CAACzC,OAA+B,GAAG,EAAnC,EAAwD;AAE1D,QAAIU,IAAJ,CAF0D,CAI1D;;AACA,QAAI,KAAKJ,mBAAL,IAA4BN,OAAO,CAACe,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKd,cAAxB,EAD6C,CACJ;;AACzCS,MAAAA,IAAI,GAAG,qDAAiC,KAAKT,cAAtC,EAAsDD,OAAO,CAACe,KAA9D,CAAP;;AACA,UAAI,8BAAkBL,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKpB,cAAL,CAAoBQ,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKR,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtByD,CAwB1D;;;AACA,QAAIF,OAAO,CAACgB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKS,qBAAL,EAApB;AACAC,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIjB,OAAO,CAACkB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAM2B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACAH,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBmC,QAApB;AACD,OAHD,SAGU;AACR,aAAK1B,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAhLqC,CAkLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKX,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAEDkC,EAAAA,cAAc,GAAwB;AACpC,QAAIzB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKrB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKrB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAI6B,oBAAJ,CAAiB,yJAAjB,EAA4K,IAA5K,CAAN;AACD;;AAEDlC,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKX,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAIrB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIkB,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDE,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,UAAMjC,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;;AACA,QAAI,CAAClC,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB8B,WAAnB;AACD;;AAEDE,EAAAA,eAAe,GAAmB;AAChC,UAAMnC,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;;AACA,QAAI,CAAClC,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMiC,WAAW,GAAGjC,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC,6BAAiB2C,WAAjB,CAAL,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AAEDzC,EAAAA,gBAAgB,GAAS;AACvB,UAAMQ,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;AACAlC,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AAlSqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport StorageManager from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n clearSharedStorage?: boolean;\n}\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n enableSharedStorage: boolean;\n\n constructor(options: TransactionManagerOptions) {\n this.storageManager = options.storageManager;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.options = options;\n }\n\n // eslint-disable-next-line complexity\n clear(options: ClearTransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n const meta = transactionStorage.getStorage();\n\n // Clear primary storage (by default, sessionStorage on browser)\n transactionStorage.clearStorage();\n\n // clear IDX response storage\n this.clearIdxResponse();\n\n // Usually we do NOT want to clear shared storage because another tab may need it to continue/complete a flow\n // It can be cleared after a user succcesfully signs in and receives tokens\n if (this.enableSharedStorage && options.clearSharedStorage) {\n const state = options.state || meta?.state;\n if (state) {\n clearTransactionFromSharedStorage(this.storageManager, state);\n }\n }\n \n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n\n if (!options.oauth) {\n return;\n }\n \n // Legacy cookie storage\n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta: TransactionMeta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse(idxResponse: RawIdxResponse): void {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(idxResponse);\n }\n\n loadIdxResponse(): RawIdxResponse {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const idxResponse = storage.getStorage();\n if (!isRawIdxResponse(idxResponse)) {\n return null;\n }\n return idxResponse;\n }\n\n clearIdxResponse(): void {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n storage?.clearStorage();\n }\n}"],"file":"TransactionManager.js"}
package/cjs/builderUtil.js CHANGED
@@ -22,6 +22,12 @@ var _AuthSdkError = _interopRequireDefault(require("./errors/AuthSdkError"));
22
22
  // eslint-disable-next-line complexity
23
23
  function assertValidConfig(args) {
24
24
  args = args || {};
25
+ var scopes = args.scopes;
26
+
27
+ if (scopes && !Array.isArray(scopes)) {
28
+ throw new _AuthSdkError.default('scopes must be a array of strings. ' + 'Required usage: new OktaAuth({scopes: ["openid", "email"]})');
29
+ }
30
+
25
31
  var issuer = args.issuer;
26
32
 
27
33
  if (!issuer) {
package/cjs/builderUtil.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/builderUtil.ts"],"names":["assertValidConfig","args","issuer","AuthSdkError","isUrlRegex","RegExp","test","indexOf","getUserAgent","sdkValue","userAgent","value","template","replace"],"mappings":";;;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA;AACA,SAASA,iBAAT,CAA2BC,IAA3B,EAAkD;AAChDA,EAAAA,IAAI,GAAGA,IAAI,IAAI,EAAf;AAEA,MAAIC,MAAM,GAAGD,IAAI,CAACC,MAAlB;;AACA,MAAI,CAACA,MAAL,EAAa;AACX,UAAM,IAAIC,qBAAJ,CAAiB,sCACrB,8FADI,CAAN;AAED;;AAED,MAAIC,UAAU,GAAG,IAAIC,MAAJ,CAAW,eAAX,CAAjB;;AACA,MAAI,CAACD,UAAU,CAACE,IAAX,CAAgBL,IAAI,CAACC,MAArB,CAAL,EAAmC;AACjC,UAAM,IAAIC,qBAAJ,CAAiB,iCACrB,8FADI,CAAN;AAED;;AAED,MAAID,MAAM,CAACK,OAAP,CAAe,SAAf,MAA8B,CAAC,CAAnC,EAAsC;AACpC,UAAM,IAAIJ,qBAAJ,CAAiB,sEACrB,uEADI,CAAN;AAED;AACF;;AAED,SAASK,YAAT,CAAsBP,IAAtB,EAA6CQ,QAA7C,EAAuE;AACrE,MAAIC,SAAS,GAAGT,IAAI,CAACS,SAAL,IAAkB,EAAlC;;AAEA,MAAIA,SAAS,CAACC,KAAd,EAAqB;AACnB,WAAOD,SAAS,CAACC,KAAjB;AACD;;AAED,MAAID,SAAS,CAACE,QAAd,EAAwB;AACtB,WAAOF,SAAS,CAACE,QAAV,CAAmBC,OAAnB,CAA2B,eAA3B,EAA4CJ,QAA5C,CAAP;AACD;;AAED,SAAOA,QAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { OktaAuthOptions } from './types';\n\n// TODO: use @okta/configuration-validation (move module to this monorepo?)\n// eslint-disable-next-line complexity\nfunction assertValidConfig(args: OktaAuthOptions) {\n args = args || {};\n\n var issuer = args.issuer;\n if (!issuer) {\n throw new AuthSdkError('No issuer passed to constructor. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n var isUrlRegex = new RegExp('^http?s?://.+');\n if (!isUrlRegex.test(args.issuer)) {\n throw new AuthSdkError('Issuer must be a valid URL. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n if (issuer.indexOf('-admin.') !== -1) {\n throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n }\n}\n\nfunction getUserAgent(args: OktaAuthOptions, sdkValue: string): string {\n var userAgent = args.userAgent || {};\n\n if (userAgent.value) {\n return userAgent.value;\n }\n\n if (userAgent.template) {\n return userAgent.template.replace('$OKTA_AUTH_JS', sdkValue);\n }\n\n return sdkValue;\n}\n\nexport {\n assertValidConfig,\n getUserAgent\n};\n"],"file":"builderUtil.js"}
1
+ {"version":3,"sources":["../../lib/builderUtil.ts"],"names":["assertValidConfig","args","scopes","Array","isArray","AuthSdkError","issuer","isUrlRegex","RegExp","test","indexOf","getUserAgent","sdkValue","userAgent","value","template","replace"],"mappings":";;;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA;AACA,SAASA,iBAAT,CAA2BC,IAA3B,EAAkD;AAChDA,EAAAA,IAAI,GAAGA,IAAI,IAAI,EAAf;AAEA,MAAIC,MAAM,GAAGD,IAAI,CAACC,MAAlB;;AACA,MAAIA,MAAM,IAAI,CAACC,KAAK,CAACC,OAAN,CAAcF,MAAd,CAAf,EAAsC;AACpC,UAAM,IAAIG,qBAAJ,CAAiB,wCACrB,6DADI,CAAN;AAED;;AAED,MAAIC,MAAM,GAAGL,IAAI,CAACK,MAAlB;;AACA,MAAI,CAACA,MAAL,EAAa;AACX,UAAM,IAAID,qBAAJ,CAAiB,sCACrB,8FADI,CAAN;AAED;;AAED,MAAIE,UAAU,GAAG,IAAIC,MAAJ,CAAW,eAAX,CAAjB;;AACA,MAAI,CAACD,UAAU,CAACE,IAAX,CAAgBR,IAAI,CAACK,MAArB,CAAL,EAAmC;AACjC,UAAM,IAAID,qBAAJ,CAAiB,iCACrB,8FADI,CAAN;AAED;;AAED,MAAIC,MAAM,CAACI,OAAP,CAAe,SAAf,MAA8B,CAAC,CAAnC,EAAsC;AACpC,UAAM,IAAIL,qBAAJ,CAAiB,sEACrB,uEADI,CAAN;AAED;AACF;;AAED,SAASM,YAAT,CAAsBV,IAAtB,EAA6CW,QAA7C,EAAuE;AACrE,MAAIC,SAAS,GAAGZ,IAAI,CAACY,SAAL,IAAkB,EAAlC;;AAEA,MAAIA,SAAS,CAACC,KAAd,EAAqB;AACnB,WAAOD,SAAS,CAACC,KAAjB;AACD;;AAED,MAAID,SAAS,CAACE,QAAd,EAAwB;AACtB,WAAOF,SAAS,CAACE,QAAV,CAAmBC,OAAnB,CAA2B,eAA3B,EAA4CJ,QAA5C,CAAP;AACD;;AAED,SAAOA,QAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { OktaAuthOptions } from './types';\n\n// TODO: use @okta/configuration-validation (move module to this monorepo?)\n// eslint-disable-next-line complexity\nfunction assertValidConfig(args: OktaAuthOptions) {\n args = args || {};\n\n var scopes = args.scopes;\n if (scopes && !Array.isArray(scopes)) {\n throw new AuthSdkError('scopes must be a array of strings. ' +\n 'Required usage: new OktaAuth({scopes: [\"openid\", \"email\"]})');\n }\n\n var issuer = args.issuer;\n if (!issuer) {\n throw new AuthSdkError('No issuer passed to constructor. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n var isUrlRegex = new RegExp('^http?s?://.+');\n if (!isUrlRegex.test(args.issuer)) {\n throw new AuthSdkError('Issuer must be a valid URL. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n if (issuer.indexOf('-admin.') !== -1) {\n throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n }\n}\n\nfunction getUserAgent(args: OktaAuthOptions, sdkValue: string): string {\n var userAgent = args.userAgent || {};\n\n if (userAgent.value) {\n return userAgent.value;\n }\n\n if (userAgent.template) {\n return userAgent.template.replace('$OKTA_AUTH_JS', sdkValue);\n }\n\n return sdkValue;\n}\n\nexport {\n assertValidConfig,\n getUserAgent\n};\n"],"file":"builderUtil.js"}
package/cjs/constants.js CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
2
 
3
- exports.IDX_API_VERSION = exports.DEFAULT_CODE_CHALLENGE_METHOD = exports.MAX_VERIFIER_LENGTH = exports.MIN_VERIFIER_LENGTH = exports.REFERRER_PATH_STORAGE_KEY = exports.REFRESH_TOKEN_STORAGE_KEY = exports.ID_TOKEN_STORAGE_KEY = exports.ACCESS_TOKEN_STORAGE_KEY = exports.IDX_RESPONSE_STORAGE_NAME = exports.SHARED_TRANSACTION_STORAGE_NAME = exports.TRANSACTION_STORAGE_NAME = exports.PKCE_STORAGE_NAME = exports.CACHE_STORAGE_NAME = exports.TOKEN_STORAGE_NAME = exports.REDIRECT_NONCE_COOKIE_NAME = exports.REDIRECT_STATE_COOKIE_NAME = exports.REDIRECT_OAUTH_PARAMS_NAME = exports.DEFAULT_CACHE_DURATION = exports.DEFAULT_MAX_CLOCK_SKEW = exports.DEFAULT_POLLING_DELAY = exports.STATE_TOKEN_KEY_NAME = void 0;
3
+ exports.IDX_API_VERSION = exports.DEFAULT_CODE_CHALLENGE_METHOD = exports.MAX_VERIFIER_LENGTH = exports.MIN_VERIFIER_LENGTH = exports.REFERRER_PATH_STORAGE_KEY = exports.REFRESH_TOKEN_STORAGE_KEY = exports.ID_TOKEN_STORAGE_KEY = exports.ACCESS_TOKEN_STORAGE_KEY = exports.IDX_RESPONSE_STORAGE_NAME = exports.ORIGINAL_URI_STORAGE_NAME = exports.SHARED_TRANSACTION_STORAGE_NAME = exports.TRANSACTION_STORAGE_NAME = exports.PKCE_STORAGE_NAME = exports.CACHE_STORAGE_NAME = exports.TOKEN_STORAGE_NAME = exports.REDIRECT_NONCE_COOKIE_NAME = exports.REDIRECT_STATE_COOKIE_NAME = exports.REDIRECT_OAUTH_PARAMS_NAME = exports.DEFAULT_CACHE_DURATION = exports.DEFAULT_MAX_CLOCK_SKEW = exports.DEFAULT_POLLING_DELAY = exports.STATE_TOKEN_KEY_NAME = void 0;
4
4
 
5
5
  /*!
6
6
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
@@ -37,6 +37,8 @@ const TRANSACTION_STORAGE_NAME = 'okta-transaction-storage';
37
37
  exports.TRANSACTION_STORAGE_NAME = TRANSACTION_STORAGE_NAME;
38
38
  const SHARED_TRANSACTION_STORAGE_NAME = 'okta-shared-transaction-storage';
39
39
  exports.SHARED_TRANSACTION_STORAGE_NAME = SHARED_TRANSACTION_STORAGE_NAME;
40
+ const ORIGINAL_URI_STORAGE_NAME = 'okta-original-uri-storage';
41
+ exports.ORIGINAL_URI_STORAGE_NAME = ORIGINAL_URI_STORAGE_NAME;
40
42
  const IDX_RESPONSE_STORAGE_NAME = 'okta-idx-response-storage';
41
43
  exports.IDX_RESPONSE_STORAGE_NAME = IDX_RESPONSE_STORAGE_NAME;
42
44
  const ACCESS_TOKEN_STORAGE_KEY = 'accessToken';
package/cjs/constants.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/constants.ts"],"names":["STATE_TOKEN_KEY_NAME","DEFAULT_POLLING_DELAY","DEFAULT_MAX_CLOCK_SKEW","DEFAULT_CACHE_DURATION","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_STATE_COOKIE_NAME","REDIRECT_NONCE_COOKIE_NAME","TOKEN_STORAGE_NAME","CACHE_STORAGE_NAME","PKCE_STORAGE_NAME","TRANSACTION_STORAGE_NAME","SHARED_TRANSACTION_STORAGE_NAME","IDX_RESPONSE_STORAGE_NAME","ACCESS_TOKEN_STORAGE_KEY","ID_TOKEN_STORAGE_KEY","REFRESH_TOKEN_STORAGE_KEY","REFERRER_PATH_STORAGE_KEY","MIN_VERIFIER_LENGTH","MAX_VERIFIER_LENGTH","DEFAULT_CODE_CHALLENGE_METHOD","IDX_API_VERSION"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEO,MAAMA,oBAAoB,GAAG,gBAA7B;;AACA,MAAMC,qBAAqB,GAAG,GAA9B;;AACA,MAAMC,sBAAsB,GAAG,GAA/B;;AACA,MAAMC,sBAAsB,GAAG,KAA/B;;AACA,MAAMC,0BAA0B,GAAG,4BAAnC;;AACA,MAAMC,0BAA0B,GAAG,kBAAnC;;AACA,MAAMC,0BAA0B,GAAG,kBAAnC;;AACA,MAAMC,kBAAkB,GAAG,oBAA3B;;AACA,MAAMC,kBAAkB,GAAG,oBAA3B;;AACA,MAAMC,iBAAiB,GAAG,mBAA1B;;AACA,MAAMC,wBAAwB,GAAG,0BAAjC;;AACA,MAAMC,+BAA+B,GAAG,iCAAxC;;AACA,MAAMC,yBAAyB,GAAG,2BAAlC;;AACA,MAAMC,wBAAwB,GAAG,aAAjC;;AACA,MAAMC,oBAAoB,GAAI,SAA9B;;AACA,MAAMC,yBAAyB,GAAI,cAAnC;;AACA,MAAMC,yBAAyB,GAAG,cAAlC,C,CAEP;AACA;;;AACO,MAAMC,mBAAmB,GAAG,EAA5B;;AACA,MAAMC,mBAAmB,GAAG,GAA5B;;AACA,MAAMC,6BAA6B,GAAG,MAAtC;;AAEA,MAAMC,eAAe,GAAG,OAAxB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport const STATE_TOKEN_KEY_NAME = 'oktaStateToken';\nexport const DEFAULT_POLLING_DELAY = 500;\nexport const DEFAULT_MAX_CLOCK_SKEW = 300;\nexport const DEFAULT_CACHE_DURATION = 86400;\nexport const REDIRECT_OAUTH_PARAMS_NAME = 'okta-oauth-redirect-params';\nexport const REDIRECT_STATE_COOKIE_NAME = 'okta-oauth-state';\nexport const REDIRECT_NONCE_COOKIE_NAME = 'okta-oauth-nonce';\nexport const TOKEN_STORAGE_NAME = 'okta-token-storage';\nexport const CACHE_STORAGE_NAME = 'okta-cache-storage';\nexport const PKCE_STORAGE_NAME = 'okta-pkce-storage';\nexport const TRANSACTION_STORAGE_NAME = 'okta-transaction-storage';\nexport const SHARED_TRANSACTION_STORAGE_NAME = 'okta-shared-transaction-storage';\nexport const IDX_RESPONSE_STORAGE_NAME = 'okta-idx-response-storage';\nexport const ACCESS_TOKEN_STORAGE_KEY = 'accessToken';\nexport const ID_TOKEN_STORAGE_KEY = 'idToken';\nexport const REFRESH_TOKEN_STORAGE_KEY = 'refreshToken';\nexport const REFERRER_PATH_STORAGE_KEY = 'referrerPath';\n\n// Code verifier: Random URL-safe string with a minimum length of 43 characters.\n// Code challenge: Base64 URL-encoded SHA-256 hash of the code verifier.\nexport const MIN_VERIFIER_LENGTH = 43;\nexport const MAX_VERIFIER_LENGTH = 128;\nexport const DEFAULT_CODE_CHALLENGE_METHOD = 'S256';\n\nexport const IDX_API_VERSION = '1.0.0';"],"file":"constants.js"}
1
+ {"version":3,"sources":["../../lib/constants.ts"],"names":["STATE_TOKEN_KEY_NAME","DEFAULT_POLLING_DELAY","DEFAULT_MAX_CLOCK_SKEW","DEFAULT_CACHE_DURATION","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_STATE_COOKIE_NAME","REDIRECT_NONCE_COOKIE_NAME","TOKEN_STORAGE_NAME","CACHE_STORAGE_NAME","PKCE_STORAGE_NAME","TRANSACTION_STORAGE_NAME","SHARED_TRANSACTION_STORAGE_NAME","ORIGINAL_URI_STORAGE_NAME","IDX_RESPONSE_STORAGE_NAME","ACCESS_TOKEN_STORAGE_KEY","ID_TOKEN_STORAGE_KEY","REFRESH_TOKEN_STORAGE_KEY","REFERRER_PATH_STORAGE_KEY","MIN_VERIFIER_LENGTH","MAX_VERIFIER_LENGTH","DEFAULT_CODE_CHALLENGE_METHOD","IDX_API_VERSION"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEO,MAAMA,oBAAoB,GAAG,gBAA7B;;AACA,MAAMC,qBAAqB,GAAG,GAA9B;;AACA,MAAMC,sBAAsB,GAAG,GAA/B;;AACA,MAAMC,sBAAsB,GAAG,KAA/B;;AACA,MAAMC,0BAA0B,GAAG,4BAAnC;;AACA,MAAMC,0BAA0B,GAAG,kBAAnC;;AACA,MAAMC,0BAA0B,GAAG,kBAAnC;;AACA,MAAMC,kBAAkB,GAAG,oBAA3B;;AACA,MAAMC,kBAAkB,GAAG,oBAA3B;;AACA,MAAMC,iBAAiB,GAAG,mBAA1B;;AACA,MAAMC,wBAAwB,GAAG,0BAAjC;;AACA,MAAMC,+BAA+B,GAAG,iCAAxC;;AACA,MAAMC,yBAAyB,GAAG,2BAAlC;;AACA,MAAMC,yBAAyB,GAAG,2BAAlC;;AACA,MAAMC,wBAAwB,GAAG,aAAjC;;AACA,MAAMC,oBAAoB,GAAI,SAA9B;;AACA,MAAMC,yBAAyB,GAAI,cAAnC;;AACA,MAAMC,yBAAyB,GAAG,cAAlC,C,CAEP;AACA;;;AACO,MAAMC,mBAAmB,GAAG,EAA5B;;AACA,MAAMC,mBAAmB,GAAG,GAA5B;;AACA,MAAMC,6BAA6B,GAAG,MAAtC;;AAEA,MAAMC,eAAe,GAAG,OAAxB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport const STATE_TOKEN_KEY_NAME = 'oktaStateToken';\nexport const DEFAULT_POLLING_DELAY = 500;\nexport const DEFAULT_MAX_CLOCK_SKEW = 300;\nexport const DEFAULT_CACHE_DURATION = 86400;\nexport const REDIRECT_OAUTH_PARAMS_NAME = 'okta-oauth-redirect-params';\nexport const REDIRECT_STATE_COOKIE_NAME = 'okta-oauth-state';\nexport const REDIRECT_NONCE_COOKIE_NAME = 'okta-oauth-nonce';\nexport const TOKEN_STORAGE_NAME = 'okta-token-storage';\nexport const CACHE_STORAGE_NAME = 'okta-cache-storage';\nexport const PKCE_STORAGE_NAME = 'okta-pkce-storage';\nexport const TRANSACTION_STORAGE_NAME = 'okta-transaction-storage';\nexport const SHARED_TRANSACTION_STORAGE_NAME = 'okta-shared-transaction-storage';\nexport const ORIGINAL_URI_STORAGE_NAME = 'okta-original-uri-storage';\nexport const IDX_RESPONSE_STORAGE_NAME = 'okta-idx-response-storage';\nexport const ACCESS_TOKEN_STORAGE_KEY = 'accessToken';\nexport const ID_TOKEN_STORAGE_KEY = 'idToken';\nexport const REFRESH_TOKEN_STORAGE_KEY = 'refreshToken';\nexport const REFERRER_PATH_STORAGE_KEY = 'referrerPath';\n\n// Code verifier: Random URL-safe string with a minimum length of 43 characters.\n// Code challenge: Base64 URL-encoded SHA-256 hash of the code verifier.\nexport const MIN_VERIFIER_LENGTH = 43;\nexport const MAX_VERIFIER_LENGTH = 128;\nexport const DEFAULT_CODE_CHALLENGE_METHOD = 'S256';\n\nexport const IDX_API_VERSION = '1.0.0';"],"file":"constants.js"}
package/cjs/features.js CHANGED
@@ -62,7 +62,7 @@ function isPopupPostMessageSupported() {
62
62
  }
63
63
 
64
64
  function isTokenVerifySupported() {
65
- return typeof _crypto.webcrypto !== 'undefined' && typeof _crypto.webcrypto.subtle !== 'undefined' && typeof Uint8Array !== 'undefined';
65
+ return typeof _crypto.webcrypto !== 'undefined' && _crypto.webcrypto !== null && typeof _crypto.webcrypto.subtle !== 'undefined' && typeof Uint8Array !== 'undefined';
66
66
  }
67
67
 
68
68
  function hasTextEncoder() {
package/cjs/features.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/features.ts"],"names":["isWindowsPhone","isBrowser","document","window","isIE11OrLess","documentMode","getUserAgent","navigator","userAgent","isFingerprintSupported","agent","test","isPopupPostMessageSupported","isIE8or9","postMessage","isTokenVerifySupported","webcrypto","subtle","Uint8Array","hasTextEncoder","TextEncoder","isPKCESupported","isHTTPS","location","protocol","isLocalhost","hostname"],"mappings":";;;;;;;;;;;;;AAeA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;;AACA;AAIA,MAAMA,cAAc,GAAG,mCAAvB;;AAEO,SAASC,SAAT,GAAqB;AAC1B,SAAO,OAAOC,QAAP,KAAoB,WAApB,IAAmC,OAAOC,MAAP,KAAkB,WAA5D;AACD;;AAEM,SAASC,YAAT,GAAwB;AAC7B,SAAOH,SAAS,MAAM,CAAC,CAACC,QAAQ,CAACG,YAA1B,IAA0CH,QAAQ,CAACG,YAAT,IAAyB,EAA1E;AACD;;AAEM,SAASC,YAAT,GAAwB;AAC7B,SAAOC,SAAS,CAACC,SAAjB;AACD;;AAEM,SAASC,sBAAT,GAAkC;AACvC,QAAMC,KAAK,GAAGJ,YAAY,EAA1B;AACA,SAAOI,KAAK,IAAI,CAACV,cAAc,CAACW,IAAf,CAAoBD,KAApB,CAAjB;AACD;;AAEM,SAASE,2BAAT,GAAuC;AAC5C,MAAI,CAACX,SAAS,EAAd,EAAkB;AAChB,WAAO,KAAP;AACD;;AACD,MAAIY,QAAQ,GAAGX,QAAQ,CAACG,YAAT,IAAyBH,QAAQ,CAACG,YAAT,GAAwB,EAAhE;;AACA,MAAIF,MAAM,CAACW,WAAP,IAAsB,CAACD,QAA3B,EAAqC;AACnC,WAAO,IAAP;AACD;;AACD,SAAO,KAAP;AACD;;AAEM,SAASE,sBAAT,GAAkC;AACvC,SAAO,OAAOC,iBAAP,KAAqB,WAArB,IACF,OAAOA,kBAAUC,MAAjB,KAA4B,WAD1B,IAEF,OAAOC,UAAP,KAAsB,WAF3B;AAGD;;AAEM,SAASC,cAAT,GAA0B;AAC/B,SAAO,OAAOC,WAAP,KAAuB,WAA9B;AACD;;AAEM,SAASC,eAAT,GAA2B;AAChC,SAAON,sBAAsB,MAAMI,cAAc,EAAjD;AACD;;AAEM,SAASG,OAAT,GAAmB;AACxB,MAAI,CAACrB,SAAS,EAAd,EAAkB;AAChB,WAAO,KAAP;AACD;;AACD,SAAOE,MAAM,CAACoB,QAAP,CAAgBC,QAAhB,KAA6B,QAApC;AACD;;AAEM,SAASC,WAAT,GAAuB;AAC5B;AACA,SAAOxB,SAAS,MAAME,MAAM,CAACoB,QAAP,CAAgBG,QAAhB,KAA6B,WAAnD;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable node/no-unsupported-features/node-builtins */\n/* global document, window, TextEncoder, navigator */\n\nimport { webcrypto } from './crypto';\n\nconst isWindowsPhone = /windows phone|iemobile|wpdesktop/i;\t\n\nexport function isBrowser() {\n return typeof document !== 'undefined' && typeof window !== 'undefined';\n}\n\nexport function isIE11OrLess() {\n return isBrowser() && !!document.documentMode && document.documentMode <= 11;\n}\n\nexport function getUserAgent() {\n return navigator.userAgent;\n}\n\nexport function isFingerprintSupported() {\n const agent = getUserAgent();\n return agent && !isWindowsPhone.test(agent);\t\n}\n\nexport function isPopupPostMessageSupported() {\n if (!isBrowser()) {\n return false;\n }\n var isIE8or9 = document.documentMode && document.documentMode < 10;\n if (window.postMessage && !isIE8or9) {\n return true;\n }\n return false;\n}\n\nexport function isTokenVerifySupported() {\n return typeof webcrypto !== 'undefined'\n && typeof webcrypto.subtle !== 'undefined'\n && typeof Uint8Array !== 'undefined';\n}\n\nexport function hasTextEncoder() {\n return typeof TextEncoder !== 'undefined';\n}\n\nexport function isPKCESupported() {\n return isTokenVerifySupported() && hasTextEncoder();\n}\n\nexport function isHTTPS() {\n if (!isBrowser()) {\n return false;\n }\n return window.location.protocol === 'https:';\n}\n\nexport function isLocalhost() {\n // eslint-disable-next-line compat/compat\n return isBrowser() && window.location.hostname === 'localhost';\n}\n\n"],"file":"features.js"}
1
+ {"version":3,"sources":["../../lib/features.ts"],"names":["isWindowsPhone","isBrowser","document","window","isIE11OrLess","documentMode","getUserAgent","navigator","userAgent","isFingerprintSupported","agent","test","isPopupPostMessageSupported","isIE8or9","postMessage","isTokenVerifySupported","webcrypto","subtle","Uint8Array","hasTextEncoder","TextEncoder","isPKCESupported","isHTTPS","location","protocol","isLocalhost","hostname"],"mappings":";;;;;;;;;;;;;AAeA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;;AACA;AAIA,MAAMA,cAAc,GAAG,mCAAvB;;AAEO,SAASC,SAAT,GAAqB;AAC1B,SAAO,OAAOC,QAAP,KAAoB,WAApB,IAAmC,OAAOC,MAAP,KAAkB,WAA5D;AACD;;AAEM,SAASC,YAAT,GAAwB;AAC7B,SAAOH,SAAS,MAAM,CAAC,CAACC,QAAQ,CAACG,YAA1B,IAA0CH,QAAQ,CAACG,YAAT,IAAyB,EAA1E;AACD;;AAEM,SAASC,YAAT,GAAwB;AAC7B,SAAOC,SAAS,CAACC,SAAjB;AACD;;AAEM,SAASC,sBAAT,GAAkC;AACvC,QAAMC,KAAK,GAAGJ,YAAY,EAA1B;AACA,SAAOI,KAAK,IAAI,CAACV,cAAc,CAACW,IAAf,CAAoBD,KAApB,CAAjB;AACD;;AAEM,SAASE,2BAAT,GAAuC;AAC5C,MAAI,CAACX,SAAS,EAAd,EAAkB;AAChB,WAAO,KAAP;AACD;;AACD,MAAIY,QAAQ,GAAGX,QAAQ,CAACG,YAAT,IAAyBH,QAAQ,CAACG,YAAT,GAAwB,EAAhE;;AACA,MAAIF,MAAM,CAACW,WAAP,IAAsB,CAACD,QAA3B,EAAqC;AACnC,WAAO,IAAP;AACD;;AACD,SAAO,KAAP;AACD;;AAEM,SAASE,sBAAT,GAAkC;AACvC,SAAO,OAAOC,iBAAP,KAAqB,WAArB,IACFA,sBAAc,IADZ,IAEF,OAAOA,kBAAUC,MAAjB,KAA4B,WAF1B,IAGF,OAAOC,UAAP,KAAsB,WAH3B;AAID;;AAEM,SAASC,cAAT,GAA0B;AAC/B,SAAO,OAAOC,WAAP,KAAuB,WAA9B;AACD;;AAEM,SAASC,eAAT,GAA2B;AAChC,SAAON,sBAAsB,MAAMI,cAAc,EAAjD;AACD;;AAEM,SAASG,OAAT,GAAmB;AACxB,MAAI,CAACrB,SAAS,EAAd,EAAkB;AAChB,WAAO,KAAP;AACD;;AACD,SAAOE,MAAM,CAACoB,QAAP,CAAgBC,QAAhB,KAA6B,QAApC;AACD;;AAEM,SAASC,WAAT,GAAuB;AAC5B;AACA,SAAOxB,SAAS,MAAME,MAAM,CAACoB,QAAP,CAAgBG,QAAhB,KAA6B,WAAnD;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable node/no-unsupported-features/node-builtins */\n/* global document, window, TextEncoder, navigator */\n\nimport { webcrypto } from './crypto';\n\nconst isWindowsPhone = /windows phone|iemobile|wpdesktop/i;\t\n\nexport function isBrowser() {\n return typeof document !== 'undefined' && typeof window !== 'undefined';\n}\n\nexport function isIE11OrLess() {\n return isBrowser() && !!document.documentMode && document.documentMode <= 11;\n}\n\nexport function getUserAgent() {\n return navigator.userAgent;\n}\n\nexport function isFingerprintSupported() {\n const agent = getUserAgent();\n return agent && !isWindowsPhone.test(agent);\t\n}\n\nexport function isPopupPostMessageSupported() {\n if (!isBrowser()) {\n return false;\n }\n var isIE8or9 = document.documentMode && document.documentMode < 10;\n if (window.postMessage && !isIE8or9) {\n return true;\n }\n return false;\n}\n\nexport function isTokenVerifySupported() {\n return typeof webcrypto !== 'undefined'\n && webcrypto !== null\n && typeof webcrypto.subtle !== 'undefined'\n && typeof Uint8Array !== 'undefined';\n}\n\nexport function hasTextEncoder() {\n return typeof TextEncoder !== 'undefined';\n}\n\nexport function isPKCESupported() {\n return isTokenVerifySupported() && hasTextEncoder();\n}\n\nexport function isHTTPS() {\n if (!isBrowser()) {\n return false;\n }\n return window.location.protocol === 'https:';\n}\n\nexport function isLocalhost() {\n // eslint-disable-next-line compat/compat\n return isBrowser() && window.location.hostname === 'localhost';\n}\n\n"],"file":"features.js"}
package/cjs/idx/authenticate.js CHANGED
@@ -4,9 +4,7 @@ exports.authenticate = authenticate;
4
4
 
5
5
  var _run = require("./run");
6
6
 
7
- var _remediators = require("./remediators");
8
-
9
- var _flowMonitors = require("./flowMonitors");
7
+ var _flow = require("./flow");
10
8
 
11
9
  /*!
12
10
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
@@ -19,23 +17,10 @@ var _flowMonitors = require("./flowMonitors");
19
17
  *
20
18
  * See the License for the specific language governing permissions and limitations under the License.
21
19
  */
22
- const flow = {
23
- 'identify': _remediators.Identify,
24
- 'select-authenticator-authenticate': _remediators.SelectAuthenticatorAuthenticate,
25
- 'select-authenticator-enroll': _remediators.SelectAuthenticatorEnroll,
26
- 'authenticator-enrollment-data': _remediators.AuthenticatorEnrollmentData,
27
- 'authenticator-verification-data': _remediators.AuthenticatorVerificationData,
28
- 'enroll-authenticator': _remediators.EnrollAuthenticator,
29
- 'challenge-authenticator': _remediators.ChallengeAuthenticator,
30
- 'reenroll-authenticator': _remediators.ReEnrollAuthenticator,
31
- 'redirect-idp': _remediators.RedirectIdp
32
- };
33
-
34
20
  async function authenticate(authClient, options) {
35
- const flowMonitor = new _flowMonitors.AuthenticationFlowMonitor(authClient);
21
+ const flowSpec = (0, _flow.getFlowSpecification)(authClient, 'authenticate');
36
22
  return (0, _run.run)(authClient, { ...options,
37
- flow,
38
- flowMonitor
23
+ ...flowSpec
39
24
  });
40
25
  }
41
26
  //# sourceMappingURL=authenticate.js.map
package/cjs/idx/authenticate.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/idx/authenticate.ts"],"names":["flow","Identify","SelectAuthenticatorAuthenticate","SelectAuthenticatorEnroll","AuthenticatorEnrollmentData","AuthenticatorVerificationData","EnrollAuthenticator","ChallengeAuthenticator","ReEnrollAuthenticator","RedirectIdp","authenticate","authClient","options","flowMonitor","AuthenticationFlowMonitor"],"mappings":";;;;AAkBA;;AACA;;AAkBA;;AArCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6BA,MAAMA,IAAqB,GAAG;AAC5B,cAAYC,qBADgB;AAE5B,uCAAqCC,4CAFT;AAG5B,iCAA+BC,sCAHH;AAI5B,mCAAiCC,wCAJL;AAK5B,qCAAmCC,0CALP;AAM5B,0BAAwBC,gCANI;AAO5B,6BAA2BC,mCAPC;AAQ5B,4BAA0BC,kCARE;AAS5B,kBAAgBC;AATY,CAA9B;;AAqBO,eAAeC,YAAf,CACLC,UADK,EACiBC,OADjB,EAEoB;AACzB,QAAMC,WAAW,GAAG,IAAIC,uCAAJ,CAA8BH,UAA9B,CAApB;AACA,SAAO,cAAIA,UAAJ,EAAgB,EACrB,GAAGC,OADkB;AAErBZ,IAAAA,IAFqB;AAGrBa,IAAAA;AAHqB,GAAhB,CAAP;AAKD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { \n OktaAuth,\n IdxOptions,\n IdxTransaction,\n} from '../types';\nimport { run, RemediationFlow } from './run';\nimport { \n Identify,\n IdentifyValues,\n SelectAuthenticatorAuthenticate,\n SelectAuthenticatorAuthenticateValues,\n ChallengeAuthenticator,\n ChallengeAuthenticatorValues,\n ReEnrollAuthenticator,\n ReEnrollAuthenticatorValues,\n RedirectIdp,\n AuthenticatorEnrollmentData,\n AuthenticatorEnrollmentDataValues,\n SelectAuthenticatorEnroll,\n SelectAuthenticatorEnrollValues,\n EnrollAuthenticator,\n EnrollAuthenticatorValues,\n AuthenticatorVerificationData,\n} from './remediators';\nimport { AuthenticationFlowMonitor } from './flowMonitors';\n\nconst flow: RemediationFlow = {\n 'identify': Identify,\n 'select-authenticator-authenticate': SelectAuthenticatorAuthenticate,\n 'select-authenticator-enroll': SelectAuthenticatorEnroll,\n 'authenticator-enrollment-data': AuthenticatorEnrollmentData,\n 'authenticator-verification-data': AuthenticatorVerificationData,\n 'enroll-authenticator': EnrollAuthenticator,\n 'challenge-authenticator': ChallengeAuthenticator,\n 'reenroll-authenticator': ReEnrollAuthenticator,\n 'redirect-idp': RedirectIdp\n};\n\nexport type AuthenticationOptions = IdxOptions \n & IdentifyValues \n & SelectAuthenticatorAuthenticateValues \n & SelectAuthenticatorEnrollValues\n & ChallengeAuthenticatorValues \n & ReEnrollAuthenticatorValues\n & AuthenticatorEnrollmentDataValues\n & EnrollAuthenticatorValues;\n\nexport async function authenticate(\n authClient: OktaAuth, options: AuthenticationOptions\n): Promise<IdxTransaction> {\n const flowMonitor = new AuthenticationFlowMonitor(authClient);\n return run(authClient, { \n ...options, \n flow,\n flowMonitor,\n });\n}\n"],"file":"authenticate.js"}
1
+ {"version":3,"sources":["../../../lib/idx/authenticate.ts"],"names":["authenticate","authClient","options","flowSpec"],"mappings":";;;;AAkBA;;AAUA;;AA5BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6BO,eAAeA,YAAf,CACLC,UADK,EACiBC,OADjB,EAEoB;AACzB,QAAMC,QAAQ,GAAG,gCAAqBF,UAArB,EAAiC,cAAjC,CAAjB;AACA,SAAO,cAAIA,UAAJ,EAAgB,EACrB,GAAGC,OADkB;AAErB,OAAGC;AAFkB,GAAhB,CAAP;AAID","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { \n OktaAuth,\n IdxOptions,\n IdxTransaction,\n} from '../types';\nimport { run } from './run';\nimport { \n IdentifyValues,\n SelectAuthenticatorAuthenticateValues,\n ChallengeAuthenticatorValues,\n ReEnrollAuthenticatorValues,\n AuthenticatorEnrollmentDataValues,\n SelectAuthenticatorEnrollValues,\n EnrollAuthenticatorValues,\n} from './remediators';\nimport { getFlowSpecification } from './flow';\n\nexport type AuthenticationOptions = IdxOptions \n & IdentifyValues \n & SelectAuthenticatorAuthenticateValues \n & SelectAuthenticatorEnrollValues\n & ChallengeAuthenticatorValues \n & ReEnrollAuthenticatorValues\n & AuthenticatorEnrollmentDataValues\n & EnrollAuthenticatorValues;\n\nexport async function authenticate(\n authClient: OktaAuth, options: AuthenticationOptions\n): Promise<IdxTransaction> {\n const flowSpec = getFlowSpecification(authClient, 'authenticate');\n return run(authClient, { \n ...options, \n ...flowSpec\n });\n}\n"],"file":"authenticate.js"}
package/cjs/idx/flow/AuthenticationFlow.js ADDED
@@ -0,0 +1,30 @@
1
+ "use strict";
2
+
3
+ exports.AuthenticationFlow = void 0;
4
+
5
+ var _remediators = require("../remediators");
6
+
7
+ /*!
8
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
9
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
10
+ *
11
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
12
+ * Unless required by applicable law or agreed to in writing, software
13
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ *
16
+ * See the License for the specific language governing permissions and limitations under the License.
17
+ */
18
+ const AuthenticationFlow = {
19
+ 'identify': _remediators.Identify,
20
+ 'select-authenticator-authenticate': _remediators.SelectAuthenticatorAuthenticate,
21
+ 'select-authenticator-enroll': _remediators.SelectAuthenticatorEnroll,
22
+ 'authenticator-enrollment-data': _remediators.AuthenticatorEnrollmentData,
23
+ 'authenticator-verification-data': _remediators.AuthenticatorVerificationData,
24
+ 'enroll-authenticator': _remediators.EnrollAuthenticator,
25
+ 'challenge-authenticator': _remediators.ChallengeAuthenticator,
26
+ 'reenroll-authenticator': _remediators.ReEnrollAuthenticator,
27
+ 'redirect-idp': _remediators.RedirectIdp
28
+ };
29
+ exports.AuthenticationFlow = AuthenticationFlow;
30
+ //# sourceMappingURL=AuthenticationFlow.js.map
package/cjs/idx/flow/AuthenticationFlow.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../../lib/idx/flow/AuthenticationFlow.ts"],"names":["AuthenticationFlow","Identify","SelectAuthenticatorAuthenticate","SelectAuthenticatorEnroll","AuthenticatorEnrollmentData","AuthenticatorVerificationData","EnrollAuthenticator","ChallengeAuthenticator","ReEnrollAuthenticator","RedirectIdp"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAgBO,MAAMA,kBAAmC,GAAG;AACjD,cAAYC,qBADqC;AAEjD,uCAAqCC,4CAFY;AAGjD,iCAA+BC,sCAHkB;AAIjD,mCAAiCC,wCAJgB;AAKjD,qCAAmCC,0CALc;AAMjD,0BAAwBC,gCANyB;AAOjD,6BAA2BC,mCAPsB;AAQjD,4BAA0BC,kCARuB;AASjD,kBAAgBC;AATiC,CAA5C","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { RemediationFlow } from './RemediationFlow';\nimport { \n Identify,\n SelectAuthenticatorAuthenticate,\n ChallengeAuthenticator,\n ReEnrollAuthenticator,\n RedirectIdp,\n AuthenticatorEnrollmentData,\n SelectAuthenticatorEnroll,\n EnrollAuthenticator,\n AuthenticatorVerificationData,\n} from '../remediators';\n\nexport const AuthenticationFlow: RemediationFlow = {\n 'identify': Identify,\n 'select-authenticator-authenticate': SelectAuthenticatorAuthenticate,\n 'select-authenticator-enroll': SelectAuthenticatorEnroll,\n 'authenticator-enrollment-data': AuthenticatorEnrollmentData,\n 'authenticator-verification-data': AuthenticatorVerificationData,\n 'enroll-authenticator': EnrollAuthenticator,\n 'challenge-authenticator': ChallengeAuthenticator,\n 'reenroll-authenticator': ReEnrollAuthenticator,\n 'redirect-idp': RedirectIdp\n};\n"],"file":"AuthenticationFlow.js"}
package/cjs/idx/flow/AuthenticationFlowMonitor.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../../lib/idx/flow/AuthenticationFlowMonitor.ts"],"names":["AuthenticationFlowMonitor","FlowMonitor","isRemediatorCandidate","remediator","remediations","values","prevRemediatorName","previousRemediator","getName","remediatorName","includes","some","name"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKO,MAAMA,yBAAN,SAAwCC,wBAAxC,CAAoD;AACzDC,EAAAA,qBAAqB,CAACC,UAAD,EAAaC,YAAb,EAA4BC,MAA5B,EAAqC;AAAA;;AACxD,UAAMC,kBAAkB,4BAAG,KAAKC,kBAAR,0DAAG,sBAAyBC,OAAzB,EAA3B;AACA,UAAMC,cAAc,GAAGN,UAAU,CAACK,OAAX,EAAvB;;AAEA,QAAIC,cAAc,KAAK,mCAAnB,IACC,CAAC,mCAAD,EAAsCC,QAAtC,CAA+CJ,kBAA/C,CADL,EACyE;AACvE,aAAO,KAAP;AACD;;AAED,QAAIG,cAAc,KAAK,mCAAnB,IACCL,YAAY,CAACO,IAAb,CAAkB,CAAC;AAAEC,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAK,yBAAzC,CADL,EAC0E;AACxE,aAAO,KAAP;AACD;;AAED,QAAIH,cAAc,KAAK,6BAAnB,IACC,CACC,6BADD,EAEC,+BAFD,EAGCC,QAHD,CAGUJ,kBAHV,CADL,EAIoC;AAClC,aAAO,KAAP;AACD;;AAED,WAAO,MAAMJ,qBAAN,CAA4BC,UAA5B,EAAwCC,YAAxC,EAAsDC,MAAtD,CAAP;AACD;;AAxBwD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { FlowMonitor } from './FlowMonitor';\n\nexport class AuthenticationFlowMonitor extends FlowMonitor {\n isRemediatorCandidate(remediator, remediations?, values?) {\n const prevRemediatorName = this.previousRemediator?.getName();\n const remediatorName = remediator.getName();\n \n if (remediatorName === 'select-authenticator-authenticate' \n && ['select-authenticator-authenticate'].includes(prevRemediatorName)) {\n return false;\n }\n\n if (remediatorName === 'select-authenticator-authenticate' \n && remediations.some(({ name }) => name === 'challenge-authenticator')) {\n return false;\n }\n\n if (remediatorName === 'select-authenticator-enroll' \n && [\n 'select-authenticator-enroll', \n 'authenticator-enrollment-data'\n ].includes(prevRemediatorName)) {\n return false;\n }\n\n return super.isRemediatorCandidate(remediator, remediations, values);\n }\n}\n"],"file":"AuthenticationFlowMonitor.js"}
package/cjs/idx/{flowMonitors → flow}/FlowMonitor.js RENAMED
File without changes
package/cjs/idx/flow/FlowMonitor.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../../lib/idx/flow/FlowMonitor.ts"],"names":["FlowMonitor","constructor","authClient","loopDetected","remediator","previousRemediator","getName","isRemediatorCandidate","remediations","values","remediatorName","skip","trackRemediations","name","meta","isFinished","Promise","resolve"],"mappings":";;;;AAeA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAQO,MAAMA,WAAN,CAAkB;AAIvBC,EAAAA,WAAW,CAACC,UAAD,EAAa;AACtB,SAAKA,UAAL,GAAkBA,UAAlB;AACD,GANsB,CAQvB;;;AACAC,EAAAA,YAAY,CAACC,UAAD,EAAkC;AAC5C,QAAI,CAAC,KAAKC,kBAAV,EAA8B;AAC5B,WAAKA,kBAAL,GAA0BD,UAA1B;AACA,aAAO,KAAP;AACD;;AAED,QAAI,KAAKC,kBAAL,CAAwBC,OAAxB,OAAsCF,UAAU,CAACE,OAAX,EAA1C,EAAgE;AAC9D,aAAO,IAAP;AACD;;AAED,SAAKD,kBAAL,GAA0BD,UAA1B;AACA,WAAO,KAAP;AACD;;AAEDG,EAAAA,qBAAqB,EACnB;AACAH,EAAAA,UAFmB,EAEKI,YAFL,EAEsCC,MAFtC,EAGV;AACT,UAAMC,cAAc,GAAGN,UAAU,CAACE,OAAX,EAAvB;;AACA,QAAI,CAACG,MAAM,CAACE,IAAR,IAAgBD,cAAc,KAAK,MAAvC,EAA+C;AAC7C,aAAO,KAAP;AACD;;AACD,QAAID,MAAM,CAACE,IAAP,IAAeD,cAAc,KAAK,MAAtC,EAA8C;AAC5C,aAAO,KAAP;AACD;;AACD,WAAO,IAAP;AACD;;AAEsB,QAAjBE,iBAAiB,CAACC,IAAD,EAAe;AACpC,QAAIC,IAAI,GAAG,MAAM,yCAAmB,KAAKZ,UAAxB,CAAjB;AACA,UAAMM,YAAY,GAAGM,IAAI,CAACN,YAAL,IAAqB,EAA1C;AACAM,IAAAA,IAAI,GAAG,EACL,GAAGA,IADE;AAELN,MAAAA,YAAY,EAAE,CAAC,GAAGA,YAAJ,EAAkBK,IAAlB;AAFT,KAAP;AAIA,8CAAoB,KAAKX,UAAzB,EAAqCY,IAArC;AACD;;AAEDC,EAAAA,UAAU,GAAqB;AAC7B,WAAOC,OAAO,CAACC,OAAR,CAAgB,IAAhB,CAAP;AACD;;AAjDsB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { OktaAuth } from '../../types';\nimport { Remediator, RemediationValues, SkipValues } from '../remediators';\nimport { getTransactionMeta, saveTransactionMeta } from '../transactionMeta';\nimport { IdxRemediation } from '../types/idx-js';\n\nexport class FlowMonitor {\n previousRemediator: Remediator;\n authClient: OktaAuth;\n\n constructor(authClient) {\n this.authClient = authClient;\n }\n\n // detect in-memory loop\n loopDetected(remediator: Remediator): boolean {\n if (!this.previousRemediator) {\n this.previousRemediator = remediator;\n return false;\n }\n\n if (this.previousRemediator.getName() === remediator.getName()) {\n return true;\n }\n\n this.previousRemediator = remediator;\n return false;\n }\n\n isRemediatorCandidate(\n // eslint-disable-next-line no-unused-vars, @typescript-eslint/no-unused-vars\n remediator: Remediator, remediations?: IdxRemediation[], values?: RemediationValues & SkipValues\n ): boolean {\n const remediatorName = remediator.getName();\n if (!values.skip && remediatorName === 'skip') {\n return false;\n }\n if (values.skip && remediatorName !== 'skip') {\n return false;\n }\n return true;\n }\n\n async trackRemediations(name: string) {\n let meta = await getTransactionMeta(this.authClient);\n const remediations = meta.remediations || [];\n meta = { \n ...meta, \n remediations: [...remediations, name]\n };\n saveTransactionMeta(this.authClient, meta);\n }\n\n isFinished(): Promise<boolean> {\n return Promise.resolve(true);\n }\n}\n"],"file":"FlowMonitor.js"}
package/cjs/idx/flow/FlowSpecification.js ADDED
@@ -0,0 +1,49 @@
1
+ "use strict";
2
+
3
+ exports.getFlowSpecification = getFlowSpecification;
4
+
5
+ var _AuthenticationFlow = require("./AuthenticationFlow");
6
+
7
+ var _AuthenticationFlowMonitor = require("./AuthenticationFlowMonitor");
8
+
9
+ var _PasswordRecoveryFlow = require("./PasswordRecoveryFlow");
10
+
11
+ var _PasswordRecoveryFlowMonitor = require("./PasswordRecoveryFlowMonitor");
12
+
13
+ var _RegistrationFlow = require("./RegistrationFlow");
14
+
15
+ var _RegistrationFlowMonitor = require("./RegistrationFlowMonitor");
16
+
17
+ function getFlowSpecification(oktaAuth, flow = 'proceed') {
18
+ let remediators, flowMonitor, actions;
19
+
20
+ switch (flow) {
21
+ case 'register':
22
+ case 'signup':
23
+ case 'enrollProfile':
24
+ remediators = _RegistrationFlow.RegistrationFlow;
25
+ flowMonitor = new _RegistrationFlowMonitor.RegistrationFlowMonitor(oktaAuth);
26
+ break;
27
+
28
+ case 'recoverPassword':
29
+ case 'resetPassword':
30
+ remediators = _PasswordRecoveryFlow.PasswordRecoveryFlow;
31
+ flowMonitor = new _PasswordRecoveryFlowMonitor.PasswordRecoveryFlowMonitor(oktaAuth);
32
+ actions = ['currentAuthenticator-recover', 'currentAuthenticatorEnrollment-recover'];
33
+ break;
34
+
35
+ default:
36
+ // authenticate
37
+ remediators = _AuthenticationFlow.AuthenticationFlow;
38
+ flowMonitor = new _AuthenticationFlowMonitor.AuthenticationFlowMonitor(oktaAuth);
39
+ break;
40
+ }
41
+
42
+ return {
43
+ flow,
44
+ remediators,
45
+ flowMonitor,
46
+ actions
47
+ };
48
+ }
49
+ //# sourceMappingURL=FlowSpecification.js.map
package/cjs/idx/flow/FlowSpecification.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../../lib/idx/flow/FlowSpecification.ts"],"names":["getFlowSpecification","oktaAuth","flow","remediators","flowMonitor","actions","RegistrationFlow","RegistrationFlowMonitor","PasswordRecoveryFlow","PasswordRecoveryFlowMonitor","AuthenticationFlow","AuthenticationFlowMonitor"],"mappings":";;;;AACA;;AACA;;AAEA;;AACA;;AACA;;AACA;;AAUO,SAASA,oBAAT,CAA8BC,QAA9B,EAAkDC,IAAoB,GAAG,SAAzE,EAAuG;AAC5G,MAAIC,WAAJ,EAAiBC,WAAjB,EAA8BC,OAA9B;;AACA,UAAQH,IAAR;AACE,SAAK,UAAL;AACA,SAAK,QAAL;AACA,SAAK,eAAL;AACEC,MAAAA,WAAW,GAAGG,kCAAd;AACAF,MAAAA,WAAW,GAAG,IAAIG,gDAAJ,CAA4BN,QAA5B,CAAd;AACA;;AACF,SAAK,iBAAL;AACA,SAAK,eAAL;AACEE,MAAAA,WAAW,GAAGK,0CAAd;AACAJ,MAAAA,WAAW,GAAG,IAAIK,wDAAJ,CAAgCR,QAAhC,CAAd;AACAI,MAAAA,OAAO,GAAG,CACR,8BADQ,EAER,wCAFQ,CAAV;AAIA;;AACF;AACE;AACAF,MAAAA,WAAW,GAAGO,sCAAd;AACAN,MAAAA,WAAW,GAAG,IAAIO,oDAAJ,CAA8BV,QAA9B,CAAd;AACA;AApBJ;;AAsBA,SAAO;AAAEC,IAAAA,IAAF;AAAQC,IAAAA,WAAR;AAAqBC,IAAAA,WAArB;AAAkCC,IAAAA;AAAlC,GAAP;AACD","sourcesContent":["import { OktaAuth, FlowIdentifier } from '../../types';\nimport { AuthenticationFlow } from './AuthenticationFlow';\nimport { AuthenticationFlowMonitor } from './AuthenticationFlowMonitor';\nimport { FlowMonitor } from './FlowMonitor';\nimport { PasswordRecoveryFlow } from './PasswordRecoveryFlow';\nimport { PasswordRecoveryFlowMonitor } from './PasswordRecoveryFlowMonitor';\nimport { RegistrationFlow } from './RegistrationFlow';\nimport { RegistrationFlowMonitor } from './RegistrationFlowMonitor';\nimport { RemediationFlow } from './RemediationFlow';\n\nexport interface FlowSpecification {\n flow: FlowIdentifier;\n remediators: RemediationFlow;\n flowMonitor: FlowMonitor;\n actions?: string[];\n}\n\nexport function getFlowSpecification(oktaAuth: OktaAuth, flow: FlowIdentifier = 'proceed'): FlowSpecification {\n let remediators, flowMonitor, actions;\n switch (flow) {\n case 'register':\n case 'signup':\n case 'enrollProfile':\n remediators = RegistrationFlow;\n flowMonitor = new RegistrationFlowMonitor(oktaAuth);\n break;\n case 'recoverPassword':\n case 'resetPassword':\n remediators = PasswordRecoveryFlow;\n flowMonitor = new PasswordRecoveryFlowMonitor(oktaAuth);\n actions = [\n 'currentAuthenticator-recover', \n 'currentAuthenticatorEnrollment-recover'\n ];\n break;\n default:\n // authenticate\n remediators = AuthenticationFlow;\n flowMonitor = new AuthenticationFlowMonitor(oktaAuth);\n break;\n }\n return { flow, remediators, flowMonitor, actions };\n}\n"],"file":"FlowSpecification.js"}
package/cjs/idx/flow/PasswordRecoveryFlow.js ADDED
@@ -0,0 +1,28 @@
1
+ "use strict";
2
+
3
+ exports.PasswordRecoveryFlow = void 0;
4
+
5
+ var _remediators = require("../remediators");
6
+
7
+ /*!
8
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
9
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
10
+ *
11
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
12
+ * Unless required by applicable law or agreed to in writing, software
13
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ *
16
+ * See the License for the specific language governing permissions and limitations under the License.
17
+ */
18
+ const PasswordRecoveryFlow = {
19
+ 'identify': _remediators.Identify,
20
+ 'identify-recovery': _remediators.Identify,
21
+ 'select-authenticator-authenticate': _remediators.SelectAuthenticatorAuthenticate,
22
+ 'challenge-authenticator': _remediators.ChallengeAuthenticator,
23
+ 'authenticator-verification-data': _remediators.AuthenticatorVerificationData,
24
+ 'reset-authenticator': _remediators.ResetAuthenticator,
25
+ 'reenroll-authenticator': _remediators.ReEnrollAuthenticator
26
+ };
27
+ exports.PasswordRecoveryFlow = PasswordRecoveryFlow;
28
+ //# sourceMappingURL=PasswordRecoveryFlow.js.map
package/cjs/idx/flow/PasswordRecoveryFlow.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../../lib/idx/flow/PasswordRecoveryFlow.ts"],"names":["PasswordRecoveryFlow","Identify","SelectAuthenticatorAuthenticate","ChallengeAuthenticator","AuthenticatorVerificationData","ResetAuthenticator","ReEnrollAuthenticator"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAaO,MAAMA,oBAAqC,GAAG;AACnD,cAAYC,qBADuC;AAEnD,uBAAqBA,qBAF8B;AAGnD,uCAAqCC,4CAHc;AAInD,6BAA2BC,mCAJwB;AAKnD,qCAAmCC,0CALgB;AAMnD,yBAAuBC,+BAN4B;AAOnD,4BAA0BC;AAPyB,CAA9C","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { RemediationFlow } from './RemediationFlow';\nimport {\n Identify,\n SelectAuthenticatorAuthenticate,\n ChallengeAuthenticator,\n AuthenticatorVerificationData,\n ResetAuthenticator,\n ReEnrollAuthenticator,\n} from '../remediators';\n\nexport const PasswordRecoveryFlow: RemediationFlow = {\n 'identify': Identify,\n 'identify-recovery': Identify,\n 'select-authenticator-authenticate': SelectAuthenticatorAuthenticate,\n 'challenge-authenticator': ChallengeAuthenticator,\n 'authenticator-verification-data': AuthenticatorVerificationData,\n 'reset-authenticator': ResetAuthenticator,\n 'reenroll-authenticator': ReEnrollAuthenticator,\n};\n"],"file":"PasswordRecoveryFlow.js"}
package/cjs/idx/flow/PasswordRecoveryFlowMonitor.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../../lib/idx/flow/PasswordRecoveryFlowMonitor.ts"],"names":["PasswordRecoveryFlowMonitor","FlowMonitor","isRemediatorCandidate","remediator","remediations","values","prevRemediatorName","previousRemediator","getName","remediatorName","includes","some","name","isFinished","authClient"],"mappings":";;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,MAAMA,2BAAN,SAA0CC,wBAA1C,CAAsD;AAC3DC,EAAAA,qBAAqB,CAACC,UAAD,EAAaC,YAAb,EAA4BC,MAA5B,EAAqC;AAAA;;AACxD,UAAMC,kBAAkB,4BAAG,KAAKC,kBAAR,0DAAG,sBAAyBC,OAAzB,EAA3B;AACA,UAAMC,cAAc,GAAGN,UAAU,CAACK,OAAX,EAAvB;;AAEA,QAAIC,cAAc,KAAK,mCAAnB,IACC,CACD,mCADC,EAED,wBAFC,EAGDC,QAHC,CAGQJ,kBAHR,CADL,EAIkC;AAChC,aAAO,KAAP;AACD;;AAED,QAAIG,cAAc,KAAK,mCAAnB,IACCL,YAAY,CAACO,IAAb,CAAkB,CAAC;AAAEC,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAK,yBAAzC,CADL,EAC0E;AACxE,aAAO,KAAP;AACD;;AAED,WAAO,MAAMV,qBAAN,CAA4BC,UAA5B,EAAwCC,YAAxC,EAAsDC,MAAtD,CAAP;AACD;;AAEe,QAAVQ,UAAU,GAAG;AACjB,UAAM;AAAET,MAAAA;AAAF,QAAoB,MAAM,yCAAmB,KAAKU,UAAxB,CAAhC;;AACA,QAAI,CAACV,YAAY,CAACM,QAAb,CAAsB,qBAAtB,CAAL,EAAmD;AACjD,aAAO,KAAP;AACD;;AAED,WAAO,MAAM,MAAMG,UAAN,EAAb;AACD;;AA5B0D","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { FlowMonitor } from './FlowMonitor';\nimport { getTransactionMeta } from '../transactionMeta';\n\nexport class PasswordRecoveryFlowMonitor extends FlowMonitor {\n isRemediatorCandidate(remediator, remediations?, values?) {\n const prevRemediatorName = this.previousRemediator?.getName();\n const remediatorName = remediator.getName();\n \n if (remediatorName === 'select-authenticator-authenticate' \n && [\n 'select-authenticator-authenticate',\n 'reenroll-authenticator'\n ].includes(prevRemediatorName)) {\n return false;\n }\n\n if (remediatorName === 'select-authenticator-authenticate' \n && remediations.some(({ name }) => name === 'challenge-authenticator')) {\n return false;\n }\n\n return super.isRemediatorCandidate(remediator, remediations, values);\n }\n\n async isFinished() {\n const { remediations } = await getTransactionMeta(this.authClient);\n if (!remediations.includes('reset-authenticator')) {\n return false;\n }\n\n return await super.isFinished();\n }\n}\n"],"file":"PasswordRecoveryFlowMonitor.js"}
package/{esm/crypto/browser.js → cjs/idx/flow/RegistrationFlow.js} RENAMED
@@ -1,3 +1,9 @@
1
+ "use strict";
2
+
3
+ exports.RegistrationFlow = void 0;
4
+
5
+ var _remediators = require("../remediators");
6
+
1
7
  /*!
2
8
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
3
9
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -9,16 +15,13 @@
9
15
  *
10
16
  * See the License for the specific language governing permissions and limitations under the License.
11
17
  */
12
-
13
- /* global atob, btoa, crypto */
14
- var a = function a(str) {
15
- return atob(str);
18
+ const RegistrationFlow = {
19
+ 'select-enroll-profile': _remediators.SelectEnrollProfile,
20
+ 'enroll-profile': _remediators.EnrollProfile,
21
+ 'authenticator-enrollment-data': _remediators.AuthenticatorEnrollmentData,
22
+ 'select-authenticator-enroll': _remediators.SelectAuthenticatorEnroll,
23
+ 'enroll-authenticator': _remediators.EnrollAuthenticator,
24
+ 'skip': _remediators.Skip
16
25
  };
17
-
18
- var b = function b(str) {
19
- return btoa(str);
20
- };
21
-
22
- var c = typeof crypto === 'undefined' ? null : crypto;
23
- export { a as atob, b as btoa, c as webcrypto };
24
- //# sourceMappingURL=browser.js.map
26
+ exports.RegistrationFlow = RegistrationFlow;
27
+ //# sourceMappingURL=RegistrationFlow.js.map
package/cjs/idx/flow/RegistrationFlow.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../../lib/idx/flow/RegistrationFlow.ts"],"names":["RegistrationFlow","SelectEnrollProfile","EnrollProfile","AuthenticatorEnrollmentData","SelectAuthenticatorEnroll","EnrollAuthenticator","Skip"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAaO,MAAMA,gBAAiC,GAAG;AAC/C,2BAAyBC,gCADsB;AAE/C,oBAAkBC,0BAF6B;AAG/C,mCAAiCC,wCAHc;AAI/C,iCAA+BC,sCAJgB;AAK/C,0BAAwBC,gCALuB;AAM/C,UAAQC;AANuC,CAA1C","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { RemediationFlow } from './RemediationFlow';\nimport { \n SelectEnrollProfile,\n EnrollProfile,\n SelectAuthenticatorEnroll,\n EnrollAuthenticator,\n AuthenticatorEnrollmentData,\n Skip,\n} from '../remediators';\n\nexport const RegistrationFlow: RemediationFlow = {\n 'select-enroll-profile': SelectEnrollProfile,\n 'enroll-profile': EnrollProfile,\n 'authenticator-enrollment-data': AuthenticatorEnrollmentData,\n 'select-authenticator-enroll': SelectAuthenticatorEnroll,\n 'enroll-authenticator': EnrollAuthenticator,\n 'skip': Skip,\n};\n"],"file":"RegistrationFlow.js"}
package/cjs/idx/flow/RegistrationFlowMonitor.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../../lib/idx/flow/RegistrationFlowMonitor.ts"],"names":["RegistrationFlowMonitor","FlowMonitor","isRemediatorCandidate","remediator","remediations","values","prevRemediatorName","previousRemediator","getName","remediatorName","includes"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKO,MAAMA,uBAAN,SAAsCC,wBAAtC,CAAkD;AACvDC,EAAAA,qBAAqB,CAACC,UAAD,EAAaC,YAAb,EAA4BC,MAA5B,EAAqC;AAAA;;AACxD,UAAMC,kBAAkB,4BAAG,KAAKC,kBAAR,0DAAG,sBAAyBC,OAAzB,EAA3B;AACA,UAAMC,cAAc,GAAGN,UAAU,CAACK,OAAX,EAAvB;;AACA,QAAIC,cAAc,KAAK,6BAAnB,IACC,CACC,6BADD,EAEC,+BAFD,EAGCC,QAHD,CAGUJ,kBAHV,CADL,EAIoC;AAClC,aAAO,KAAP;AACD;;AAED,WAAO,MAAMJ,qBAAN,CAA4BC,UAA5B,EAAwCC,YAAxC,EAAsDC,MAAtD,CAAP;AACD;;AAbsD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { FlowMonitor } from './FlowMonitor';\n\nexport class RegistrationFlowMonitor extends FlowMonitor {\n isRemediatorCandidate(remediator, remediations?, values?) {\n const prevRemediatorName = this.previousRemediator?.getName();\n const remediatorName = remediator.getName();\n if (remediatorName === 'select-authenticator-enroll' \n && [\n 'select-authenticator-enroll', \n 'authenticator-enrollment-data'\n ].includes(prevRemediatorName)) {\n return false;\n }\n\n return super.isRemediatorCandidate(remediator, remediations, values);\n }\n}\n"],"file":"RegistrationFlowMonitor.js"}
package/cjs/idx/flow/RemediationFlow.js ADDED
@@ -0,0 +1,2 @@
1
+ "use strict";
2
+ //# sourceMappingURL=RemediationFlow.js.map
package/{esm/types/Cookies.js.map → cjs/idx/flow/RemediationFlow.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":[],"names":[],"mappings":"","sourcesContent":[],"file":"Cookies.js"}
1
+ {"version":3,"sources":[],"names":[],"mappings":"","sourcesContent":[],"file":"RemediationFlow.js"}