npm - @okta/okta-auth-js - Versions diffs - 5.6.0 → 5.9.1 - Mend

@okta/okta-auth-js 5.6.0 → 5.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (405) hide show

package/CHANGELOG.md +51 -0
package/README.md +28 -1
package/cjs/OktaAuth.js +69 -35
package/cjs/OktaAuth.js.map +1 -1
package/cjs/OktaUserAgent.js +2 -2
package/cjs/StorageManager.js +8 -0
package/cjs/StorageManager.js.map +1 -1
package/cjs/TransactionManager.js +24 -12
package/cjs/TransactionManager.js.map +1 -1
package/cjs/builderUtil.js +6 -0
package/cjs/builderUtil.js.map +1 -1
package/cjs/constants.js +3 -1
package/cjs/constants.js.map +1 -1
package/cjs/features.js +1 -1
package/cjs/features.js.map +1 -1
package/cjs/idx/authenticate.js +3 -18
package/cjs/idx/authenticate.js.map +1 -1
package/cjs/idx/flow/AuthenticationFlow.js +30 -0
package/cjs/idx/flow/AuthenticationFlow.js.map +1 -0
package/cjs/idx/{flowMonitors → flow}/AuthenticationFlowMonitor.js +0 -0
package/cjs/idx/flow/AuthenticationFlowMonitor.js.map +1 -0
package/cjs/idx/{flowMonitors → flow}/FlowMonitor.js +0 -0
package/cjs/idx/flow/FlowMonitor.js.map +1 -0
package/cjs/idx/flow/FlowSpecification.js +49 -0
package/cjs/idx/flow/FlowSpecification.js.map +1 -0
package/cjs/idx/flow/PasswordRecoveryFlow.js +28 -0
package/cjs/idx/flow/PasswordRecoveryFlow.js.map +1 -0
package/cjs/idx/{flowMonitors → flow}/PasswordRecoveryFlowMonitor.js +0 -0
package/cjs/idx/flow/PasswordRecoveryFlowMonitor.js.map +1 -0
package/{esm/crypto/browser.js → cjs/idx/flow/RegistrationFlow.js} +15 -12
package/cjs/idx/flow/RegistrationFlow.js.map +1 -0
package/cjs/idx/{flowMonitors → flow}/RegistrationFlowMonitor.js +0 -0
package/cjs/idx/flow/RegistrationFlowMonitor.js.map +1 -0
package/cjs/idx/flow/RemediationFlow.js +2 -0
package/{esm/types/Cookies.js.map → cjs/idx/flow/RemediationFlow.js.map} +1 -1
package/cjs/idx/flow/index.js +119 -0
package/cjs/idx/flow/index.js.map +1 -0
package/cjs/idx/index.js +26 -0
package/cjs/idx/index.js.map +1 -1
package/cjs/idx/interact.js +5 -2
package/cjs/idx/interact.js.map +1 -1
package/cjs/idx/introspect.js +24 -7
package/cjs/idx/introspect.js.map +1 -1
package/cjs/idx/proceed.js +49 -0
package/cjs/idx/proceed.js.map +1 -0
package/cjs/idx/recoverPassword.js +3 -17
package/cjs/idx/recoverPassword.js.map +1 -1
package/cjs/idx/register.js +7 -16
package/cjs/idx/register.js.map +1 -1
package/cjs/idx/remediate.js +33 -37
package/cjs/idx/remediate.js.map +1 -1
package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
package/cjs/idx/remediators/Base/VerifyAuthenticator.js +3 -1
package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
package/cjs/idx/remediators/Identify.js +4 -2
package/cjs/idx/remediators/Identify.js.map +1 -1
package/cjs/idx/run.js +36 -8
package/cjs/idx/run.js.map +1 -1
package/cjs/idx/startTransaction.js +2 -0
package/cjs/idx/startTransaction.js.map +1 -1
package/cjs/idx/transactionMeta.js +77 -39
package/cjs/idx/transactionMeta.js.map +1 -1
package/cjs/idx/types/FlowIdentifier.js +2 -0
package/{esm/types/AuthState.js.map → cjs/idx/types/FlowIdentifier.js.map} +1 -1
package/cjs/idx/types/idx-js.js +5 -0
package/cjs/idx/types/idx-js.js.map +1 -1
package/cjs/idx/types/index.js +16 -0
package/cjs/idx/types/index.js.map +1 -1
package/cjs/oidc/endpoints/authorize.js +4 -1
package/cjs/oidc/endpoints/authorize.js.map +1 -1
package/cjs/oidc/getToken.js +14 -9
package/cjs/oidc/getToken.js.map +1 -1
package/cjs/oidc/getWithPopup.js +9 -2
package/cjs/oidc/getWithPopup.js.map +1 -1
package/cjs/oidc/getWithRedirect.js +2 -6
package/cjs/oidc/getWithRedirect.js.map +1 -1
package/cjs/oidc/renewTokens.js +28 -5
package/cjs/oidc/renewTokens.js.map +1 -1
package/cjs/oidc/util/browser.js +1 -13
package/cjs/oidc/util/browser.js.map +1 -1
package/cjs/oidc/util/loginRedirect.js +9 -5
package/cjs/oidc/util/loginRedirect.js.map +1 -1
package/cjs/oidc/util/urlParams.js +1 -1
package/cjs/oidc/util/urlParams.js.map +1 -1
package/cjs/options.js +12 -2
package/cjs/options.js.map +1 -1
package/cjs/server/serverStorage.js +2 -1
package/cjs/server/serverStorage.js.map +1 -1
package/cjs/tx/AuthTransaction.js +1 -3
package/cjs/tx/AuthTransaction.js.map +1 -1
package/cjs/tx/api.js +3 -0
package/cjs/tx/api.js.map +1 -1
package/cjs/types/Transaction.js.map +1 -1
package/{esm/clock.js → cjs/util/emailVerify.js} +14 -18
package/cjs/util/emailVerify.js.map +1 -0
package/cjs/util/index.js +13 -0
package/cjs/util/index.js.map +1 -1
package/dist/okta-auth-js.min.js +2 -74
package/dist/okta-auth-js.min.js.LICENSE.txt +32 -0
package/dist/okta-auth-js.min.js.map +1 -1
package/dist/okta-auth-js.polyfill.js +2 -18
package/{esm/crypto/webcrypto.js → dist/okta-auth-js.polyfill.js.LICENSE.txt} +8 -4
package/dist/okta-auth-js.polyfill.js.map +1 -1
package/dist/okta-auth-js.umd.js +2 -74
package/dist/okta-auth-js.umd.js.LICENSE.txt +32 -0
package/dist/okta-auth-js.umd.js.map +1 -1
package/esm/index.js +8368 -16
package/esm/index.js.map +1 -1
package/lib/OktaAuth.d.ts +7 -3
package/lib/StorageManager.d.ts +1 -0
package/lib/TransactionManager.d.ts +5 -1
package/lib/constants.d.ts +1 -0
package/lib/crypto/base64.d.ts +2 -2
package/lib/crypto/oidcHash.d.ts +1 -1
package/lib/crypto/verifyToken.d.ts +1 -1
package/{esm/oidc/endpoints/index.js → lib/idx/flow/AuthenticationFlow.d.ts} +3 -5
package/lib/idx/{flowMonitors → flow}/AuthenticationFlowMonitor.d.ts +0 -0
package/lib/idx/{flowMonitors → flow}/FlowMonitor.d.ts +0 -0
package/lib/idx/flow/FlowSpecification.d.ts +10 -0
package/{esm/crypto/index.js → lib/idx/flow/PasswordRecoveryFlow.d.ts} +3 -6
package/lib/idx/{flowMonitors → flow}/PasswordRecoveryFlowMonitor.d.ts +0 -0
package/{esm/tx/TransactionState.js → lib/idx/flow/RegistrationFlow.d.ts} +3 -3
package/lib/idx/{flowMonitors → flow}/RegistrationFlowMonitor.d.ts +0 -0
package/lib/idx/flow/RemediationFlow.d.ts +13 -0
package/lib/idx/{flowMonitors → flow}/index.d.ts +7 -2
package/lib/idx/index.d.ts +2 -0
package/lib/idx/introspect.d.ts +2 -1
package/{esm/errors/AuthApiError.js → lib/idx/proceed.d.ts} +9 -19
package/lib/idx/remediators/Base/AuthenticatorData.d.ts +1 -4
package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +1 -4
package/lib/idx/remediators/Identify.d.ts +1 -0
package/lib/idx/run.d.ts +9 -9
package/lib/idx/transactionMeta.d.ts +28 -4
package/lib/idx/types/FlowIdentifier.d.ts +1 -0
package/lib/idx/types/idx-js.d.ts +4 -0
package/lib/idx/types/index.d.ts +14 -3
package/lib/oidc/getToken.d.ts +2 -2
package/lib/oidc/renewTokens.d.ts +0 -12
package/lib/oidc/util/loginRedirect.d.ts +1 -1
package/lib/types/OktaAuthOptions.d.ts +2 -0
package/lib/types/Transaction.d.ts +2 -0
package/lib/types/api.d.ts +20 -5
package/{esm/errors/AuthPollStopError.js → lib/util/emailVerify.d.ts} +5 -8
package/lib/util/index.d.ts +1 -0
package/package.json +26 -14
package/cjs/idx/flowMonitors/AuthenticationFlowMonitor.js.map +0 -1
package/cjs/idx/flowMonitors/FlowMonitor.js.map +0 -1
package/cjs/idx/flowMonitors/PasswordRecoveryFlowMonitor.js.map +0 -1
package/cjs/idx/flowMonitors/RegistrationFlowMonitor.js.map +0 -1
package/cjs/idx/flowMonitors/index.js +0 -54
package/cjs/idx/flowMonitors/index.js.map +0 -1
package/esm/AuthStateManager.js +0 -214
package/esm/AuthStateManager.js.map +0 -1
package/esm/OktaAuth.js +0 -679
package/esm/OktaAuth.js.map +0 -1
package/esm/OktaUserAgent.js +0 -49
package/esm/OktaUserAgent.js.map +0 -1
package/esm/PromiseQueue.js +0 -71
package/esm/PromiseQueue.js.map +0 -1
package/esm/SavedObject.js +0 -91
package/esm/SavedObject.js.map +0 -1
package/esm/StorageManager.js +0 -182
package/esm/StorageManager.js.map +0 -1
package/esm/TokenManager.js +0 -455
package/esm/TokenManager.js.map +0 -1
package/esm/TransactionManager.js +0 -316
package/esm/TransactionManager.js.map +0 -1
package/esm/browser/browserStorage.js +0 -256
package/esm/browser/browserStorage.js.map +0 -1
package/esm/browser/fingerprint.js +0 -74
package/esm/browser/fingerprint.js.map +0 -1
package/esm/builderUtil.js +0 -50
package/esm/builderUtil.js.map +0 -1
package/esm/clock.js.map +0 -1
package/esm/constants.js +0 -35
package/esm/constants.js.map +0 -1
package/esm/crypto/base64.js +0 -66
package/esm/crypto/base64.js.map +0 -1
package/esm/crypto/browser.js.map +0 -1
package/esm/crypto/index.js.map +0 -1
package/esm/crypto/node.js +0 -54
package/esm/crypto/node.js.map +0 -1
package/esm/crypto/oidcHash.js +0 -27
package/esm/crypto/oidcHash.js.map +0 -1
package/esm/crypto/verifyToken.js +0 -39
package/esm/crypto/verifyToken.js.map +0 -1
package/esm/crypto/webcrypto.js.map +0 -1
package/esm/errors/AuthApiError.js.map +0 -1
package/esm/errors/AuthPollStopError.js.map +0 -1
package/esm/errors/AuthSdkError.js +0 -29
package/esm/errors/AuthSdkError.js.map +0 -1
package/esm/errors/CustomError.js +0 -21
package/esm/errors/CustomError.js.map +0 -1
package/esm/errors/OAuthError.js +0 -22
package/esm/errors/OAuthError.js.map +0 -1
package/esm/errors/index.js +0 -22
package/esm/errors/index.js.map +0 -1
package/esm/features.js +0 -64
package/esm/features.js.map +0 -1
package/esm/fetch/fetchRequest.js +0 -92
package/esm/fetch/fetchRequest.js.map +0 -1
package/esm/http/headers.js +0 -17
package/esm/http/headers.js.map +0 -1
package/esm/http/index.js +0 -3
package/esm/http/index.js.map +0 -1
package/esm/http/request.js +0 -145
package/esm/http/request.js.map +0 -1
package/esm/idx/authenticate.js +0 -47
package/esm/idx/authenticate.js.map +0 -1
package/esm/idx/cancel.js +0 -32
package/esm/idx/cancel.js.map +0 -1
package/esm/idx/flowMonitors/AuthenticationFlowMonitor.js +0 -41
package/esm/idx/flowMonitors/AuthenticationFlowMonitor.js.map +0 -1
package/esm/idx/flowMonitors/FlowMonitor.js +0 -73
package/esm/idx/flowMonitors/FlowMonitor.js.map +0 -1
package/esm/idx/flowMonitors/PasswordRecoveryFlowMonitor.js +0 -57
package/esm/idx/flowMonitors/PasswordRecoveryFlowMonitor.js.map +0 -1
package/esm/idx/flowMonitors/RegistrationFlowMonitor.js +0 -28
package/esm/idx/flowMonitors/RegistrationFlowMonitor.js.map +0 -1
package/esm/idx/flowMonitors/index.js +0 -16
package/esm/idx/flowMonitors/index.js.map +0 -1
package/esm/idx/handleInteractionCodeRedirect.js +0 -64
package/esm/idx/handleInteractionCodeRedirect.js.map +0 -1
package/esm/idx/headers.js +0 -39
package/esm/idx/headers.js.map +0 -1
package/esm/idx/index.js +0 -20
package/esm/idx/index.js.map +0 -1
package/esm/idx/interact.js +0 -83
package/esm/idx/interact.js.map +0 -1
package/esm/idx/introspect.js +0 -45
package/esm/idx/introspect.js.map +0 -1
package/esm/idx/recoverPassword.js +0 -46
package/esm/idx/recoverPassword.js.map +0 -1
package/esm/idx/register.js +0 -63
package/esm/idx/register.js.map +0 -1
package/esm/idx/remediate.js +0 -302
package/esm/idx/remediate.js.map +0 -1
package/esm/idx/remediators/AuthenticatorEnrollmentData.js +0 -68
package/esm/idx/remediators/AuthenticatorEnrollmentData.js.map +0 -1
package/esm/idx/remediators/AuthenticatorVerificationData.js +0 -66
package/esm/idx/remediators/AuthenticatorVerificationData.js.map +0 -1
package/esm/idx/remediators/Base/AuthenticatorData.js +0 -105
package/esm/idx/remediators/Base/AuthenticatorData.js.map +0 -1
package/esm/idx/remediators/Base/Remediator.js +0 -221
package/esm/idx/remediators/Base/Remediator.js.map +0 -1
package/esm/idx/remediators/Base/SelectAuthenticator.js +0 -140
package/esm/idx/remediators/Base/SelectAuthenticator.js.map +0 -1
package/esm/idx/remediators/Base/VerifyAuthenticator.js +0 -63
package/esm/idx/remediators/Base/VerifyAuthenticator.js.map +0 -1
package/esm/idx/remediators/ChallengeAuthenticator.js +0 -18
package/esm/idx/remediators/ChallengeAuthenticator.js.map +0 -1
package/esm/idx/remediators/EnrollAuthenticator.js +0 -18
package/esm/idx/remediators/EnrollAuthenticator.js.map +0 -1
package/esm/idx/remediators/EnrollProfile.js +0 -79
package/esm/idx/remediators/EnrollProfile.js.map +0 -1
package/esm/idx/remediators/Identify.js +0 -86
package/esm/idx/remediators/Identify.js.map +0 -1
package/esm/idx/remediators/ReEnrollAuthenticator.js +0 -45
package/esm/idx/remediators/ReEnrollAuthenticator.js.map +0 -1
package/esm/idx/remediators/RedirectIdp.js +0 -38
package/esm/idx/remediators/RedirectIdp.js.map +0 -1
package/esm/idx/remediators/ResetAuthenticator.js +0 -18
package/esm/idx/remediators/ResetAuthenticator.js.map +0 -1
package/esm/idx/remediators/SelectAuthenticatorAuthenticate.js +0 -18
package/esm/idx/remediators/SelectAuthenticatorAuthenticate.js.map +0 -1
package/esm/idx/remediators/SelectAuthenticatorEnroll.js +0 -18
package/esm/idx/remediators/SelectAuthenticatorEnroll.js.map +0 -1
package/esm/idx/remediators/SelectEnrollProfile.js +0 -24
package/esm/idx/remediators/SelectEnrollProfile.js.map +0 -1
package/esm/idx/remediators/Skip.js +0 -23
package/esm/idx/remediators/Skip.js.map +0 -1
package/esm/idx/remediators/index.js +0 -26
package/esm/idx/remediators/index.js.map +0 -1
package/esm/idx/remediators/util.js +0 -35
package/esm/idx/remediators/util.js.map +0 -1
package/esm/idx/run.js +0 -201
package/esm/idx/run.js.map +0 -1
package/esm/idx/startTransaction.js +0 -27
package/esm/idx/startTransaction.js.map +0 -1
package/esm/idx/transactionMeta.js +0 -114
package/esm/idx/transactionMeta.js.map +0 -1
package/esm/idx/types/idx-js.js +0 -17
package/esm/idx/types/idx-js.js.map +0 -1
package/esm/idx/types/index.js +0 -44
package/esm/idx/types/index.js.map +0 -1
package/esm/oidc/decodeToken.js +0 -31
package/esm/oidc/decodeToken.js.map +0 -1
package/esm/oidc/endpoints/authorize.js +0 -61
package/esm/oidc/endpoints/authorize.js.map +0 -1
package/esm/oidc/endpoints/index.js.map +0 -1
package/esm/oidc/endpoints/token.js +0 -97
package/esm/oidc/endpoints/token.js.map +0 -1
package/esm/oidc/endpoints/well-known.js +0 -58
package/esm/oidc/endpoints/well-known.js.map +0 -1
package/esm/oidc/exchangeCodeForTokens.js +0 -69
package/esm/oidc/exchangeCodeForTokens.js.map +0 -1
package/esm/oidc/getToken.js +0 -175
package/esm/oidc/getToken.js.map +0 -1
package/esm/oidc/getUserInfo.js +0 -82
package/esm/oidc/getUserInfo.js.map +0 -1
package/esm/oidc/getWithPopup.js +0 -28
package/esm/oidc/getWithPopup.js.map +0 -1
package/esm/oidc/getWithRedirect.js +0 -65
package/esm/oidc/getWithRedirect.js.map +0 -1
package/esm/oidc/getWithoutPrompt.js +0 -29
package/esm/oidc/getWithoutPrompt.js.map +0 -1
package/esm/oidc/handleOAuthResponse.js +0 -148
package/esm/oidc/handleOAuthResponse.js.map +0 -1
package/esm/oidc/index.js +0 -29
package/esm/oidc/index.js.map +0 -1
package/esm/oidc/parseFromUrl.js +0 -144
package/esm/oidc/parseFromUrl.js.map +0 -1
package/esm/oidc/renewToken.js +0 -85
package/esm/oidc/renewToken.js.map +0 -1
package/esm/oidc/renewTokens.js +0 -52
package/esm/oidc/renewTokens.js.map +0 -1
package/esm/oidc/renewTokensWithRefresh.js +0 -55
package/esm/oidc/renewTokensWithRefresh.js.map +0 -1
package/esm/oidc/revokeToken.js +0 -57
package/esm/oidc/revokeToken.js.map +0 -1
package/esm/oidc/util/browser.js +0 -85
package/esm/oidc/util/browser.js.map +0 -1
package/esm/oidc/util/defaultTokenParams.js +0 -42
package/esm/oidc/util/defaultTokenParams.js.map +0 -1
package/esm/oidc/util/errors.js +0 -31
package/esm/oidc/util/errors.js.map +0 -1
package/esm/oidc/util/index.js +0 -25
package/esm/oidc/util/index.js.map +0 -1
package/esm/oidc/util/loginRedirect.js +0 -84
package/esm/oidc/util/loginRedirect.js.map +0 -1
package/esm/oidc/util/oauth.js +0 -70
package/esm/oidc/util/oauth.js.map +0 -1
package/esm/oidc/util/pkce.js +0 -55
package/esm/oidc/util/pkce.js.map +0 -1
package/esm/oidc/util/prepareTokenParams.js +0 -75
package/esm/oidc/util/prepareTokenParams.js.map +0 -1
package/esm/oidc/util/refreshToken.js +0 -24
package/esm/oidc/util/refreshToken.js.map +0 -1
package/esm/oidc/util/urlParams.js +0 -54
package/esm/oidc/util/urlParams.js.map +0 -1
package/esm/oidc/util/validateClaims.js +0 -53
package/esm/oidc/util/validateClaims.js.map +0 -1
package/esm/oidc/util/validateToken.js +0 -21
package/esm/oidc/util/validateToken.js.map +0 -1
package/esm/oidc/verifyToken.js +0 -78
package/esm/oidc/verifyToken.js.map +0 -1
package/esm/options.js +0 -134
package/esm/options.js.map +0 -1
package/esm/server/serverStorage.js +0 -110
package/esm/server/serverStorage.js.map +0 -1
package/esm/services/TokenService.js +0 -103
package/esm/services/TokenService.js.map +0 -1
package/esm/session.js +0 -81
package/esm/session.js.map +0 -1
package/esm/tx/AuthTransaction.js +0 -215
package/esm/tx/AuthTransaction.js.map +0 -1
package/esm/tx/TransactionState.js.map +0 -1
package/esm/tx/api.js +0 -84
package/esm/tx/api.js.map +0 -1
package/esm/tx/index.js +0 -18
package/esm/tx/index.js.map +0 -1
package/esm/tx/poll.js +0 -124
package/esm/tx/poll.js.map +0 -1
package/esm/tx/util.js +0 -26
package/esm/tx/util.js.map +0 -1
package/esm/types/AuthState.js +0 -3
package/esm/types/Cookies.js +0 -3
package/esm/types/EventEmitter.js +0 -3
package/esm/types/EventEmitter.js.map +0 -1
package/esm/types/JWT.js +0 -3
package/esm/types/JWT.js.map +0 -1
package/esm/types/OAuth.js +0 -3
package/esm/types/OAuth.js.map +0 -1
package/esm/types/OktaAuthOptions.js +0 -3
package/esm/types/OktaAuthOptions.js.map +0 -1
package/esm/types/Storage.js +0 -3
package/esm/types/Storage.js.map +0 -1
package/esm/types/Token.js +0 -29
package/esm/types/Token.js.map +0 -1
package/esm/types/TokenManager.js +0 -3
package/esm/types/TokenManager.js.map +0 -1
package/esm/types/Transaction.js +0 -57
package/esm/types/Transaction.js.map +0 -1
package/esm/types/UserClaims.js +0 -3
package/esm/types/UserClaims.js.map +0 -1
package/esm/types/api.js +0 -3
package/esm/types/api.js.map +0 -1
package/esm/types/http.js +0 -3
package/esm/types/http.js.map +0 -1
package/esm/types/index.js +0 -27
package/esm/types/index.js.map +0 -1
package/esm/util/console.js +0 -53
package/esm/util/console.js.map +0 -1
package/esm/util/index.js +0 -17
package/esm/util/index.js.map +0 -1
package/esm/util/misc.js +0 -33
package/esm/util/misc.js.map +0 -1
package/esm/util/object.js +0 -117
package/esm/util/object.js.map +0 -1
package/esm/util/sharedStorage.js +0 -43
package/esm/util/sharedStorage.js.map +0 -1
package/esm/util/types.js +0 -27
package/esm/util/types.js.map +0 -1
package/esm/util/url.js +0 -64
package/esm/util/url.js.map +0 -1

package/esm/oidc/verifyToken.js DELETED Viewed

@@ -1,78 +0,0 @@
-import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
-/* eslint-disable max-len */
-/* eslint-disable complexity */
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { getWellKnown, getKey } from './endpoints/well-known';
-import { validateClaims } from './util';
-import { AuthSdkError } from '../errors';
-import { decodeToken } from './decodeToken';
-import * as sdkCrypto from '../crypto'; // Verify the id token
-export function verifyToken(_x, _x2, _x3) {
-  return _verifyToken.apply(this, arguments);
-}
-function _verifyToken() {
-  _verifyToken = _asyncToGenerator(function* (sdk, token, validationParams) {
-    if (!token || !token.idToken) {
-      throw new AuthSdkError('Only idTokens may be verified');
-    } // Decode the Jwt object (may throw)
-    var jwt = decodeToken(token.idToken); // The configured issuer may point to a frontend proxy.
-    // Get the "real" issuer from .well-known/openid-configuration
-    var configuredIssuer = (validationParams === null || validationParams === void 0 ? void 0 : validationParams.issuer) || sdk.options.issuer;
-    var {
-      issuer
-    } = yield getWellKnown(sdk, configuredIssuer);
-    var validationOptions = Object.assign({
-      // base options, can be overridden by params
-      clientId: sdk.options.clientId,
-      ignoreSignature: sdk.options.ignoreSignature
-    }, validationParams, {
-      // final options, cannot be overridden
-      issuer
-    }); // Standard claim validation (may throw)
-    validateClaims(sdk, jwt.payload, validationOptions); // If the browser doesn't support native crypto or we choose not
-    // to verify the signature, bail early
-    if (validationOptions.ignoreSignature == true || !sdk.features.isTokenVerifySupported()) {
-      return token;
-    }
-    var key = yield getKey(sdk, token.issuer, jwt.header.kid);
-    var valid = yield sdkCrypto.verifyToken(token.idToken, key);
-    if (!valid) {
-      throw new AuthSdkError('The token signature is not valid');
-    }
-    if (validationParams && validationParams.accessToken && token.claims.at_hash) {
-      var hash = yield sdkCrypto.getOidcHash(validationParams.accessToken);
-      if (hash !== token.claims.at_hash) {
-        throw new AuthSdkError('Token hash verification failed');
-      }
-    }
-    return token;
-  });
-  return _verifyToken.apply(this, arguments);
-}
-//# sourceMappingURL=verifyToken.js.map

package/esm/oidc/verifyToken.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../../../lib/oidc/verifyToken.ts"],"names":["getWellKnown","getKey","validateClaims","AuthSdkError","decodeToken","sdkCrypto","verifyToken","sdk","token","validationParams","idToken","jwt","configuredIssuer","issuer","options","validationOptions","Object","assign","clientId","ignoreSignature","payload","features","isTokenVerifySupported","key","header","kid","valid","accessToken","claims","at_hash","hash","getOidcHash"],"mappings":";;AAAA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,YAAT,EAAuBC,MAAvB,QAAqC,wBAArC;AACA,SAASC,cAAT,QAA+B,QAA/B;AACA,SAASC,YAAT,QAA6B,WAA7B;AAEA,SAASC,WAAT,QAA4B,eAA5B;AACA,OAAO,KAAKC,SAAZ,MAA2B,WAA3B,C,CAEA;;AACA,gBAAsBC,WAAtB;AAAA;AAAA;;;mCAAO,WAA2BC,GAA3B,EAA0CC,KAA1C,EAA0DC,gBAA1D,EAAiH;AACtH,QAAI,CAACD,KAAD,IAAU,CAACA,KAAK,CAACE,OAArB,EAA8B;AAC5B,YAAM,IAAIP,YAAJ,CAAiB,+BAAjB,CAAN;AACD,KAHqH,CAKtH;;;AACA,QAAIQ,GAAG,GAAGP,WAAW,CAACI,KAAK,CAACE,OAAP,CAArB,CANsH,CAQtH;AACA;;AACA,QAAME,gBAAgB,GAAG,CAAAH,gBAAgB,SAAhB,IAAAA,gBAAgB,WAAhB,YAAAA,gBAAgB,CAAEI,MAAlB,KAA4BN,GAAG,CAACO,OAAJ,CAAYD,MAAjE;AACA,QAAM;AAAEA,MAAAA;AAAF,cAAmBb,YAAY,CAACO,GAAD,EAAMK,gBAAN,CAArC;AAEA,QAAIG,iBAAoC,GAAGC,MAAM,CAACC,MAAP,CAAc;AACvD;AACAC,MAAAA,QAAQ,EAAEX,GAAG,CAACO,OAAJ,CAAYI,QAFiC;AAGvDC,MAAAA,eAAe,EAAEZ,GAAG,CAACO,OAAJ,CAAYK;AAH0B,KAAd,EAIxCV,gBAJwC,EAItB;AACnB;AACAI,MAAAA;AAFmB,KAJsB,CAA3C,CAbsH,CAsBtH;;AACAX,IAAAA,cAAc,CAACK,GAAD,EAAMI,GAAG,CAACS,OAAV,EAAmBL,iBAAnB,CAAd,CAvBsH,CAyBtH;AACA;;AACA,QAAIA,iBAAiB,CAACI,eAAlB,IAAqC,IAArC,IAA6C,CAACZ,GAAG,CAACc,QAAJ,CAAaC,sBAAb,EAAlD,EAAyF;AACvF,aAAOd,KAAP;AACD;;AAED,QAAMe,GAAG,SAAStB,MAAM,CAACM,GAAD,EAAMC,KAAK,CAACK,MAAZ,EAAoBF,GAAG,CAACa,MAAJ,CAAWC,GAA/B,CAAxB;AACA,QAAMC,KAAK,SAASrB,SAAS,CAACC,WAAV,CAAsBE,KAAK,CAACE,OAA5B,EAAqCa,GAArC,CAApB;;AACA,QAAI,CAACG,KAAL,EAAY;AACV,YAAM,IAAIvB,YAAJ,CAAiB,kCAAjB,CAAN;AACD;;AACD,QAAIM,gBAAgB,IAAIA,gBAAgB,CAACkB,WAArC,IAAoDnB,KAAK,CAACoB,MAAN,CAAaC,OAArE,EAA8E;AAC5E,UAAMC,IAAI,SAASzB,SAAS,CAAC0B,WAAV,CAAsBtB,gBAAgB,CAACkB,WAAvC,CAAnB;;AACA,UAAIG,IAAI,KAAKtB,KAAK,CAACoB,MAAN,CAAaC,OAA1B,EAAmC;AACjC,cAAM,IAAI1B,YAAJ,CAAiB,gCAAjB,CAAN;AACD;AACF;;AACD,WAAOK,KAAP;AACD,G","sourcesContent":["/* eslint-disable max-len */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown, getKey } from './endpoints/well-known';\nimport { validateClaims } from './util';\nimport { AuthSdkError } from '../errors';\nimport { IDToken, OktaAuth, TokenVerifyParams } from '../types';\nimport { decodeToken } from './decodeToken';\nimport * as sdkCrypto from '../crypto';\n\n// Verify the id token\nexport async function verifyToken(sdk: OktaAuth, token: IDToken, validationParams: TokenVerifyParams): Promise<IDToken> {\n if (!token || !token.idToken) {\n throw new AuthSdkError('Only idTokens may be verified');\n }\n\n // Decode the Jwt object (may throw)\n var jwt = decodeToken(token.idToken);\n\n // The configured issuer may point to a frontend proxy.\n // Get the \"real\" issuer from .well-known/openid-configuration\n const configuredIssuer = validationParams?.issuer || sdk.options.issuer;\n const { issuer } = await getWellKnown(sdk, configuredIssuer);\n\n var validationOptions: TokenVerifyParams = Object.assign({\n // base options, can be overridden by params\n clientId: sdk.options.clientId,\n ignoreSignature: sdk.options.ignoreSignature\n }, validationParams, {\n // final options, cannot be overridden\n issuer\n });\n\n // Standard claim validation (may throw)\n validateClaims(sdk, jwt.payload, validationOptions);\n\n // If the browser doesn't support native crypto or we choose not\n // to verify the signature, bail early\n if (validationOptions.ignoreSignature == true || !sdk.features.isTokenVerifySupported()) {\n return token;\n }\n\n const key = await getKey(sdk, token.issuer, jwt.header.kid);\n const valid = await sdkCrypto.verifyToken(token.idToken, key);\n if (!valid) {\n throw new AuthSdkError('The token signature is not valid');\n }\n if (validationParams && validationParams.accessToken && token.claims.at_hash) {\n const hash = await sdkCrypto.getOidcHash(validationParams.accessToken);\n if (hash !== token.claims.at_hash) {\n throw new AuthSdkError('Token hash verification failed');\n }\n }\n return token;\n}\n"],"file":"verifyToken.js"}

package/esm/options.js DELETED Viewed

@@ -1,134 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- */
-/* eslint-disable complexity */
-import { removeTrailingSlash, warn, removeNils } from './util';
-import { assertValidConfig } from './builderUtil';
-import fetchRequest from './fetch/fetchRequest';
-import browserStorage from './browser/browserStorage';
-import serverStorage from './server/serverStorage';
-import { isBrowser, isHTTPS } from './features';
-var BROWSER_STORAGE = {
-  token: {
-    storageTypes: ['localStorage', 'sessionStorage', 'cookie'],
-    useMultipleCookies: true
-  },
-  cache: {
-    storageTypes: ['localStorage', 'sessionStorage', 'cookie']
-  },
-  transaction: {
-    storageTypes: ['sessionStorage', 'localStorage', 'cookie']
-  },
-  'shared-transaction': {
-    storageTypes: ['localStorage']
-  }
-};
-var SERVER_STORAGE = {
-  token: {
-    storageTypes: ['memory']
-  },
-  cache: {
-    storageTypes: ['memory']
-  },
-  transaction: {
-    storageTypes: ['memory']
-  }
-};
-function getCookieSettings() {
-  var args = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-  var isHTTPS = arguments.length > 1 ? arguments[1] : undefined;
-  // Secure cookies will be automatically used on a HTTPS connection
-  // Non-secure cookies will be automatically used on a HTTP connection
-  // secure option can override the automatic behavior
-  var cookieSettings = args.cookies || {};
-  if (typeof cookieSettings.secure === 'undefined') {
-    cookieSettings.secure = isHTTPS;
-  }
-  if (typeof cookieSettings.sameSite === 'undefined') {
-    cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';
-  } // If secure=true, but the connection is not HTTPS, set secure=false.
-  if (cookieSettings.secure && !isHTTPS) {
-    // eslint-disable-next-line no-console
-    warn('The current page is not being served with the HTTPS protocol.\n' + 'For security reasons, we strongly recommend using HTTPS.\n' + 'If you cannot use HTTPS, set "cookies.secure" option to false.');
-    cookieSettings.secure = false;
-  } // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure
-  // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.
-  if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {
-    cookieSettings.sameSite = 'lax';
-  }
-  return cookieSettings;
-}
-export function getDefaultOptions() {
-  var storageUtil = isBrowser() ? browserStorage : serverStorage;
-  var storageManager = isBrowser() ? BROWSER_STORAGE : SERVER_STORAGE;
-  return {
-    devMode: false,
-    httpRequestClient: fetchRequest,
-    storageUtil,
-    storageManager
-  };
-}
-function mergeOptions(options, args) {
-  return Object.assign({}, options, removeNils(args), {
-    storageManager: Object.assign({}, options.storageManager, args.storageManager)
-  });
-}
-export function buildOptions() {
-  var args = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-  assertValidConfig(args);
-  args = mergeOptions(getDefaultOptions(), args);
-  return removeNils({
-    // OIDC configuration
-    issuer: removeTrailingSlash(args.issuer),
-    tokenUrl: removeTrailingSlash(args.tokenUrl),
-    authorizeUrl: removeTrailingSlash(args.authorizeUrl),
-    userinfoUrl: removeTrailingSlash(args.userinfoUrl),
-    revokeUrl: removeTrailingSlash(args.revokeUrl),
-    logoutUrl: removeTrailingSlash(args.logoutUrl),
-    clientId: args.clientId,
-    redirectUri: args.redirectUri,
-    state: args.state,
-    scopes: args.scopes,
-    postLogoutRedirectUri: args.postLogoutRedirectUri,
-    responseMode: args.responseMode,
-    responseType: args.responseType,
-    pkce: args.pkce === false ? false : true,
-    // PKCE defaults to true
-    useInteractionCodeFlow: args.useInteractionCodeFlow,
-    // Internal options
-    httpRequestClient: args.httpRequestClient,
-    transformErrorXHR: args.transformErrorXHR,
-    transformAuthState: args.transformAuthState,
-    restoreOriginalUri: args.restoreOriginalUri,
-    storageUtil: args.storageUtil,
-    headers: args.headers,
-    devMode: !!args.devMode,
-    storageManager: args.storageManager,
-    cookies: isBrowser() ? getCookieSettings(args, isHTTPS()) : args.cookies,
-    // Give the developer the ability to disable token signature validation.
-    ignoreSignature: !!args.ignoreSignature,
-    // Server-side web applications
-    clientSecret: args.clientSecret
-  });
-}
-//# sourceMappingURL=options.js.map

package/esm/options.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../../lib/options.ts"],"names":["removeTrailingSlash","warn","removeNils","assertValidConfig","fetchRequest","browserStorage","serverStorage","isBrowser","isHTTPS","BROWSER_STORAGE","token","storageTypes","useMultipleCookies","cache","transaction","SERVER_STORAGE","getCookieSettings","args","cookieSettings","cookies","secure","sameSite","getDefaultOptions","storageUtil","storageManager","devMode","httpRequestClient","mergeOptions","options","Object","assign","buildOptions","issuer","tokenUrl","authorizeUrl","userinfoUrl","revokeUrl","logoutUrl","clientId","redirectUri","state","scopes","postLogoutRedirectUri","responseMode","responseType","pkce","useInteractionCodeFlow","transformErrorXHR","transformAuthState","restoreOriginalUri","headers","ignoreSignature","clientSecret"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AACA,SAASA,mBAAT,EAA8BC,IAA9B,EAAoCC,UAApC,QAAsD,QAAtD;AACA,SAASC,iBAAT,QAAkC,eAAlC;AAGA,OAAOC,YAAP,MAAyB,sBAAzB;AACA,OAAOC,cAAP,MAA2B,0BAA3B;AACA,OAAOC,aAAP,MAA0B,wBAA1B;AACA,SAASC,SAAT,EAAoBC,OAApB,QAAmC,YAAnC;AAEA,IAAMC,eAAsC,GAAG;AAC7CC,EAAAA,KAAK,EAAE;AACLC,IAAAA,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY,CADT;AAMLC,IAAAA,kBAAkB,EAAE;AANf,GADsC;AAS7CC,EAAAA,KAAK,EAAE;AACLF,IAAAA,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY;AADT,GATsC;AAgB7CG,EAAAA,WAAW,EAAE;AACXH,IAAAA,YAAY,EAAE,CACZ,gBADY,EAEZ,cAFY,EAGZ,QAHY;AADH,GAhBgC;AAuB7C,wBAAsB;AACpBA,IAAAA,YAAY,EAAE,CACZ,cADY;AADM;AAvBuB,CAA/C;AA8BA,IAAMI,cAAqC,GAAG;AAC5CL,EAAAA,KAAK,EAAE;AACLC,IAAAA,YAAY,EAAE,CACZ,QADY;AADT,GADqC;AAM5CE,EAAAA,KAAK,EAAE;AACLF,IAAAA,YAAY,EAAE,CACZ,QADY;AADT,GANqC;AAW5CG,EAAAA,WAAW,EAAE;AACXH,IAAAA,YAAY,EAAE,CACZ,QADY;AADH;AAX+B,CAA9C;;AAkBA,SAASK,iBAAT,GAAyE;AAAA,MAA9CC,IAA8C,uEAAtB,EAAsB;AAAA,MAAlBT,OAAkB;AACvE;AACA;AACA;AACA,MAAIU,cAAc,GAAGD,IAAI,CAACE,OAAL,IAAgB,EAArC;;AACA,MAAI,OAAOD,cAAc,CAACE,MAAtB,KAAiC,WAArC,EAAkD;AAChDF,IAAAA,cAAc,CAACE,MAAf,GAAwBZ,OAAxB;AACD;;AACD,MAAI,OAAOU,cAAc,CAACG,QAAtB,KAAmC,WAAvC,EAAoD;AAClDH,IAAAA,cAAc,CAACG,QAAf,GAA0BH,cAAc,CAACE,MAAf,GAAwB,MAAxB,GAAiC,KAA3D;AACD,GAVsE,CAYvE;;;AACA,MAAIF,cAAc,CAACE,MAAf,IAAyB,CAACZ,OAA9B,EAAuC;AACrC;AACAP,IAAAA,IAAI,CACF,oEACA,4DADA,GAEA,gEAHE,CAAJ;AAKAiB,IAAAA,cAAc,CAACE,MAAf,GAAwB,KAAxB;AACD,GArBsE,CAuBvE;AACA;;;AACA,MAAIF,cAAc,CAACG,QAAf,KAA4B,MAA5B,IAAsC,CAACH,cAAc,CAACE,MAA1D,EAAkE;AAChEF,IAAAA,cAAc,CAACG,QAAf,GAA0B,KAA1B;AACD;;AAED,SAAOH,cAAP;AACD;;AAGD,OAAO,SAASI,iBAAT,GAA8C;AACnD,MAAMC,WAAW,GAAGhB,SAAS,KAAKF,cAAL,GAAsBC,aAAnD;AACA,MAAMkB,cAAc,GAAGjB,SAAS,KAAKE,eAAL,GAAuBM,cAAvD;AACA,SAAO;AACLU,IAAAA,OAAO,EAAE,KADJ;AAELC,IAAAA,iBAAiB,EAAEtB,YAFd;AAGLmB,IAAAA,WAHK;AAILC,IAAAA;AAJK,GAAP;AAMD;;AAED,SAASG,YAAT,CAAsBC,OAAtB,EAA+BX,IAA/B,EAAsD;AACpD,SAAOY,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBF,OAAlB,EAA2B1B,UAAU,CAACe,IAAD,CAArC,EAA6C;AAClDO,IAAAA,cAAc,EAAEK,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBF,OAAO,CAACJ,cAA1B,EAA0CP,IAAI,CAACO,cAA/C;AADkC,GAA7C,CAAP;AAGD;;AAED,OAAO,SAASO,YAAT,GAAmE;AAAA,MAA7Cd,IAA6C,uEAArB,EAAqB;AACxEd,EAAAA,iBAAiB,CAACc,IAAD,CAAjB;AACAA,EAAAA,IAAI,GAAGU,YAAY,CAACL,iBAAiB,EAAlB,EAAsBL,IAAtB,CAAnB;AACA,SAAOf,UAAU,CAAC;AAChB;AACA8B,IAAAA,MAAM,EAAEhC,mBAAmB,CAACiB,IAAI,CAACe,MAAN,CAFX;AAGhBC,IAAAA,QAAQ,EAAEjC,mBAAmB,CAACiB,IAAI,CAACgB,QAAN,CAHb;AAIhBC,IAAAA,YAAY,EAAElC,mBAAmB,CAACiB,IAAI,CAACiB,YAAN,CAJjB;AAKhBC,IAAAA,WAAW,EAAEnC,mBAAmB,CAACiB,IAAI,CAACkB,WAAN,CALhB;AAMhBC,IAAAA,SAAS,EAAEpC,mBAAmB,CAACiB,IAAI,CAACmB,SAAN,CANd;AAOhBC,IAAAA,SAAS,EAAErC,mBAAmB,CAACiB,IAAI,CAACoB,SAAN,CAPd;AAQhBC,IAAAA,QAAQ,EAAErB,IAAI,CAACqB,QARC;AAShBC,IAAAA,WAAW,EAAEtB,IAAI,CAACsB,WATF;AAUhBC,IAAAA,KAAK,EAAEvB,IAAI,CAACuB,KAVI;AAWhBC,IAAAA,MAAM,EAAExB,IAAI,CAACwB,MAXG;AAYhBC,IAAAA,qBAAqB,EAAEzB,IAAI,CAACyB,qBAZZ;AAahBC,IAAAA,YAAY,EAAE1B,IAAI,CAAC0B,YAbH;AAchBC,IAAAA,YAAY,EAAE3B,IAAI,CAAC2B,YAdH;AAehBC,IAAAA,IAAI,EAAE5B,IAAI,CAAC4B,IAAL,KAAc,KAAd,GAAsB,KAAtB,GAA8B,IAfpB;AAe0B;AAC1CC,IAAAA,sBAAsB,EAAE7B,IAAI,CAAC6B,sBAhBb;AAkBhB;AACApB,IAAAA,iBAAiB,EAAET,IAAI,CAACS,iBAnBR;AAoBhBqB,IAAAA,iBAAiB,EAAE9B,IAAI,CAAC8B,iBApBR;AAqBhBC,IAAAA,kBAAkB,EAAE/B,IAAI,CAAC+B,kBArBT;AAsBhBC,IAAAA,kBAAkB,EAAEhC,IAAI,CAACgC,kBAtBT;AAuBhB1B,IAAAA,WAAW,EAAEN,IAAI,CAACM,WAvBF;AAwBhB2B,IAAAA,OAAO,EAAEjC,IAAI,CAACiC,OAxBE;AAyBhBzB,IAAAA,OAAO,EAAE,CAAC,CAACR,IAAI,CAACQ,OAzBA;AA0BhBD,IAAAA,cAAc,EAAEP,IAAI,CAACO,cA1BL;AA2BhBL,IAAAA,OAAO,EAAEZ,SAAS,KAAKS,iBAAiB,CAACC,IAAD,EAAOT,OAAO,EAAd,CAAtB,GAA0CS,IAAI,CAACE,OA3BjD;AA6BhB;AACAgC,IAAAA,eAAe,EAAE,CAAC,CAAClC,IAAI,CAACkC,eA9BR;AAgChB;AACAC,IAAAA,YAAY,EAAEnC,IAAI,CAACmC;AAjCH,GAAD,CAAjB;AAmCD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable complexity */\nimport { removeTrailingSlash, warn, removeNils } from './util';\nimport { assertValidConfig } from './builderUtil';\nimport { OktaAuthOptions, StorageManagerOptions } from './types';\n\nimport fetchRequest from './fetch/fetchRequest';\nimport browserStorage from './browser/browserStorage';\nimport serverStorage from './server/serverStorage';\nimport { isBrowser, isHTTPS } from './features';\n\nconst BROWSER_STORAGE: StorageManagerOptions = {\n token: {\n storageTypes: [\n 'localStorage',\n 'sessionStorage',\n 'cookie'\n ],\n useMultipleCookies: true\n },\n cache: {\n storageTypes: [\n 'localStorage',\n 'sessionStorage',\n 'cookie'\n ]\n },\n transaction: {\n storageTypes: [\n 'sessionStorage',\n 'localStorage',\n 'cookie'\n ]\n },\n 'shared-transaction': {\n storageTypes: [\n 'localStorage'\n ]\n }\n};\n\nconst SERVER_STORAGE: StorageManagerOptions = {\n token: {\n storageTypes: [\n 'memory'\n ]\n },\n cache: {\n storageTypes: [\n 'memory'\n ]\n },\n transaction: {\n storageTypes: [\n 'memory'\n ]\n }\n};\n\nfunction getCookieSettings(args: OktaAuthOptions = {}, isHTTPS: boolean) {\n // Secure cookies will be automatically used on a HTTPS connection\n // Non-secure cookies will be automatically used on a HTTP connection\n // secure option can override the automatic behavior\n var cookieSettings = args.cookies || {};\n if (typeof cookieSettings.secure === 'undefined') {\n cookieSettings.secure = isHTTPS;\n }\n if (typeof cookieSettings.sameSite === 'undefined') {\n cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';\n }\n\n // If secure=true, but the connection is not HTTPS, set secure=false.\n if (cookieSettings.secure && !isHTTPS) {\n // eslint-disable-next-line no-console\n warn(\n 'The current page is not being served with the HTTPS protocol.\\n' +\n 'For security reasons, we strongly recommend using HTTPS.\\n' +\n 'If you cannot use HTTPS, set \"cookies.secure\" option to false.'\n );\n cookieSettings.secure = false;\n }\n\n // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure\n // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.\n if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {\n cookieSettings.sameSite = 'lax';\n }\n\n return cookieSettings;\n}\n\n\nexport function getDefaultOptions(): OktaAuthOptions {\n const storageUtil = isBrowser() ? browserStorage : serverStorage;\n const storageManager = isBrowser() ? BROWSER_STORAGE : SERVER_STORAGE;\n return {\n devMode: false,\n httpRequestClient: fetchRequest,\n storageUtil,\n storageManager\n };\n}\n\nfunction mergeOptions(options, args): OktaAuthOptions {\n return Object.assign({}, options, removeNils(args), {\n storageManager: Object.assign({}, options.storageManager, args.storageManager)\n });\n}\n\nexport function buildOptions(args: OktaAuthOptions = {}): OktaAuthOptions {\n assertValidConfig(args);\n args = mergeOptions(getDefaultOptions(), args);\n return removeNils({\n // OIDC configuration\n issuer: removeTrailingSlash(args.issuer),\n tokenUrl: removeTrailingSlash(args.tokenUrl),\n authorizeUrl: removeTrailingSlash(args.authorizeUrl),\n userinfoUrl: removeTrailingSlash(args.userinfoUrl),\n revokeUrl: removeTrailingSlash(args.revokeUrl),\n logoutUrl: removeTrailingSlash(args.logoutUrl),\n clientId: args.clientId,\n redirectUri: args.redirectUri,\n state: args.state,\n scopes: args.scopes,\n postLogoutRedirectUri: args.postLogoutRedirectUri,\n responseMode: args.responseMode,\n responseType: args.responseType,\n pkce: args.pkce === false ? false : true, // PKCE defaults to true\n useInteractionCodeFlow: args.useInteractionCodeFlow,\n\n // Internal options\n httpRequestClient: args.httpRequestClient,\n transformErrorXHR: args.transformErrorXHR,\n transformAuthState: args.transformAuthState,\n restoreOriginalUri: args.restoreOriginalUri,\n storageUtil: args.storageUtil,\n headers: args.headers,\n devMode: !!args.devMode,\n storageManager: args.storageManager,\n cookies: isBrowser() ? getCookieSettings(args, isHTTPS()) : args.cookies,\n\n // Give the developer the ability to disable token signature validation.\n ignoreSignature: !!args.ignoreSignature,\n\n // Server-side web applications\n clientSecret: args.clientSecret\n });\n}\n"],"file":"options.js"}

package/esm/server/serverStorage.js DELETED Viewed

@@ -1,110 +0,0 @@
-/*!
- * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { AuthSdkError } from '../errors';
-var NodeCache = require('node-cache'); // commonJS module cannot be imported without esModuleInterop
-var sharedStorage = new NodeCache(); // this is a SHARED memory storage to support a stateless http server
-class ServerCookies {
-  // NodeCache
-  constructor(nodeCache) {
-    this.nodeCache = nodeCache;
-  }
-  set(name, value, expiresAt) {
-    // eslint-disable-next-line no-extra-boolean-cast
-    if (!!Date.parse(expiresAt)) {
-      // Time to expiration in seconds
-      var ttl = (Date.parse(expiresAt) - Date.now()) / 1000;
-      this.nodeCache.set(name, value, ttl);
-    } else {
-      this.nodeCache.set(name, value);
-    }
-    return this.get(name);
-  }
-  get(name) {
-    return this.nodeCache.get(name);
-  }
-  delete(name) {
-    return this.nodeCache.del(name);
-  }
-} // Building this as an object allows us to mock the functions in our tests
-class ServerStorage {
-  // NodeCache
-  constructor(nodeCache) {
-    this.nodeCache = nodeCache;
-    this.storage = new ServerCookies(nodeCache);
-  }
-  testStorageType(storageType) {
-    var supported = false;
-    switch (storageType) {
-      case 'memory':
-        supported = true;
-        break;
-      default:
-        break;
-    }
-    return supported;
-  }
-  getStorageByType(storageType) {
-    var storageProvider = null;
-    switch (storageType) {
-      case 'memory':
-        storageProvider = this.getStorage();
-        break;
-      default:
-        throw new AuthSdkError("Unrecognized storage option: ".concat(storageType));
-        break;
-    }
-    return storageProvider;
-  }
-  findStorageType() {
-    return 'memory';
-  } // will be removed in next version. OKTA-362589
-  getHttpCache() {
-    return null; // stubbed in server.js
-  } // shared in-memory using node cache
-  getStorage() {
-    return {
-      getItem: this.nodeCache.get,
-      setItem: (key, value) => {
-        this.nodeCache.set(key, value, '2200-01-01T00:00:00.000Z');
-      }
-    };
-  }
-}
-export default new ServerStorage(sharedStorage);
-//# sourceMappingURL=serverStorage.js.map

package/esm/server/serverStorage.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../../../lib/server/serverStorage.ts"],"names":["AuthSdkError","NodeCache","require","sharedStorage","ServerCookies","constructor","nodeCache","set","name","value","expiresAt","Date","parse","ttl","now","get","delete","del","ServerStorage","storage","testStorageType","storageType","supported","getStorageByType","storageProvider","getStorage","findStorageType","getHttpCache","getItem","setItem","key"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,SAASA,YAAT,QAA6B,WAA7B;;AACA,IAAMC,SAAS,GAAGC,OAAO,CAAC,YAAD,CAAzB,C,CAAyC;;;AACzC,IAAMC,aAAa,GAAG,IAAIF,SAAJ,EAAtB,C,CAAuC;;AAEvC,MAAMG,aAAN,CAAuC;AACrB;AAEhBC,EAAAA,WAAW,CAACC,SAAD,EAAY;AACrB,SAAKA,SAAL,GAAiBA,SAAjB;AACD;;AAEDC,EAAAA,GAAG,CAACC,IAAD,EAAeC,KAAf,EAA8BC,SAA9B,EAAyD;AAC1D;AACA,QAAI,CAAC,CAAEC,IAAI,CAACC,KAAL,CAAWF,SAAX,CAAP,EAA+B;AAC7B;AACA,UAAIG,GAAG,GAAG,CAACF,IAAI,CAACC,KAAL,CAAWF,SAAX,IAAwBC,IAAI,CAACG,GAAL,EAAzB,IAAuC,IAAjD;AACA,WAAKR,SAAL,CAAeC,GAAf,CAAmBC,IAAnB,EAAyBC,KAAzB,EAAgCI,GAAhC;AACD,KAJD,MAIO;AACL,WAAKP,SAAL,CAAeC,GAAf,CAAmBC,IAAnB,EAAyBC,KAAzB;AACD;;AAED,WAAO,KAAKM,GAAL,CAASP,IAAT,CAAP;AACD;;AAEDO,EAAAA,GAAG,CAACP,IAAD,EAAe;AAChB,WAAO,KAAKF,SAAL,CAAeS,GAAf,CAAmBP,IAAnB,CAAP;AACD;;AAEDQ,EAAAA,MAAM,CAACR,IAAD,EAAO;AACX,WAAO,KAAKF,SAAL,CAAeW,GAAf,CAAmBT,IAAnB,CAAP;AACD;;AA1BoC,C,CA4BvC;;;AACA,MAAMU,aAAN,CAA2C;AACzB;AAEhBb,EAAAA,WAAW,CAACC,SAAD,EAAY;AACrB,SAAKA,SAAL,GAAiBA,SAAjB;AACA,SAAKa,OAAL,GAAe,IAAIf,aAAJ,CAAkBE,SAAlB,CAAf;AACD;;AAEDc,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,QAAIC,SAAS,GAAG,KAAhB;;AACA,YAAQD,WAAR;AACE,WAAK,QAAL;AACEC,QAAAA,SAAS,GAAG,IAAZ;AACA;;AACF;AACE;AALJ;;AAOA,WAAOA,SAAP;AACD;;AAEDC,EAAAA,gBAAgB,CAACF,WAAD,EAA0C;AACxD,QAAIG,eAAe,GAAG,IAAtB;;AACA,YAAQH,WAAR;AACE,WAAK,QAAL;AACEG,QAAAA,eAAe,GAAG,KAAKC,UAAL,EAAlB;AACA;;AACF;AACE,cAAM,IAAIzB,YAAJ,wCAAiDqB,WAAjD,EAAN;AACA;AANJ;;AAQA,WAAOG,eAAP;AACD;;AAEDE,EAAAA,eAAe,GAAgB;AAC7B,WAAO,QAAP;AACD,GAnCwC,CAqCzC;;;AACAC,EAAAA,YAAY,GAAG;AACb,WAAO,IAAP,CADa,CACA;AACd,GAxCwC,CA0CzC;;;AACAF,EAAAA,UAAU,GAAkB;AAC1B,WAAO;AACLG,MAAAA,OAAO,EAAE,KAAKtB,SAAL,CAAeS,GADnB;AAELc,MAAAA,OAAO,EAAE,CAACC,GAAD,EAAMrB,KAAN,KAAgB;AACvB,aAAKH,SAAL,CAAeC,GAAf,CAAmBuB,GAAnB,EAAwBrB,KAAxB,EAA+B,0BAA/B;AACD;AAJI,KAAP;AAMD;;AAlDwC;;AAqD3C,eAAe,IAAIS,aAAJ,CAAkBf,aAAlB,CAAf","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport { SimpleStorage, StorageType, StorageUtil, Cookies } from '../types';\nimport { AuthSdkError } from '../errors';\nconst NodeCache = require('node-cache'); // commonJS module cannot be imported without esModuleInterop\nconst sharedStorage = new NodeCache(); // this is a SHARED memory storage to support a stateless http server\n\nclass ServerCookies implements Cookies {\n nodeCache: any; // NodeCache\n \n constructor(nodeCache) {\n this.nodeCache = nodeCache;\n }\n\n set(name: string, value: string, expiresAt: string): string {\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Time to expiration in seconds\n var ttl = (Date.parse(expiresAt) - Date.now()) / 1000;\n this.nodeCache.set(name, value, ttl);\n } else {\n this.nodeCache.set(name, value);\n }\n\n return this.get(name);\n }\n\n get(name): string {\n return this.nodeCache.get(name);\n }\n\n delete(name) {\n return this.nodeCache.del(name);\n }\n}\n// Building this as an object allows us to mock the functions in our tests\nclass ServerStorage implements StorageUtil {\n nodeCache: any; // NodeCache\n storage: Cookies;\n constructor(nodeCache) {\n this.nodeCache = nodeCache;\n this.storage = new ServerCookies(nodeCache);\n }\n\n testStorageType(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'memory':\n supported = true;\n break;\n default:\n break;\n }\n return supported;\n }\n\n getStorageByType(storageType: StorageType): SimpleStorage {\n let storageProvider = null;\n switch (storageType) {\n case 'memory':\n storageProvider = this.getStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n }\n\n findStorageType(): StorageType {\n return 'memory';\n }\n\n // will be removed in next version. OKTA-362589\n getHttpCache() {\n return null; // stubbed in server.js\n }\n\n // shared in-memory using node cache\n getStorage(): SimpleStorage {\n return {\n getItem: this.nodeCache.get,\n setItem: (key, value) => {\n this.nodeCache.set(key, value, '2200-01-01T00:00:00.000Z');\n }\n };\n }\n}\n\nexport default new ServerStorage(sharedStorage);\n"],"file":"serverStorage.js"}

package/esm/services/TokenService.js DELETED Viewed

@@ -1,103 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- */
-/* global window */
-import { EVENT_EXPIRED } from '../TokenManager';
-import { AuthSdkError } from '../errors';
-import { isBrowser } from '../features';
-function shouldThrottleRenew(renewTimeQueue) {
-  var res = false;
-  renewTimeQueue.push(Date.now());
-  if (renewTimeQueue.length >= 10) {
-    // get and remove first item from queue
-    var firstTime = renewTimeQueue.shift();
-    var lastTime = renewTimeQueue[renewTimeQueue.length - 1];
-    res = lastTime - firstTime < 30 * 1000;
-  }
-  return res;
-}
-export class TokenService {
-  constructor(tokenManager) {
-    var options = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
-    this.tokenManager = tokenManager;
-    this.options = options;
-  }
-  start() {
-    var renewTimeQueue = [];
-    this.onTokenExpiredHandler = key => {
-      if (this.options.autoRenew) {
-        if (shouldThrottleRenew(renewTimeQueue)) {
-          var error = new AuthSdkError('Too many token renew requests');
-          this.tokenManager.emitError(error);
-        } else {
-          this.tokenManager.renew(key).catch(() => {}); // Renew errors will emit an "error" event
-        }
-      } else if (this.options.autoRemove) {
-        this.tokenManager.remove(key);
-      }
-    };
-    this.tokenManager.on(EVENT_EXPIRED, this.onTokenExpiredHandler);
-    this.tokenManager.setExpireEventTimeoutAll();
-    if (this.options.syncStorage && isBrowser()) {
-      // Sync authState cross multiple tabs when localStorage is used as the storageProvider
-      // A StorageEvent is sent to a window when a storage area it has access to is changed
-      // within the context of another document.
-      // https://developer.mozilla.org/en-US/docs/Web/API/StorageEvent
-      this.storageListener = _ref => {
-        var {
-          key,
-          newValue,
-          oldValue
-        } = _ref;
-        var handleCrossTabsStorageChange = () => {
-          this.tokenManager.resetExpireEventTimeoutAll();
-          this.tokenManager.emitEventsForCrossTabsStorageUpdate(newValue, oldValue);
-        }; // Skip if:
-        // not from localStorage.clear (event.key is null)
-        // event.key is not the storageKey
-        // oldValue === newValue
-        if (key && (key !== this.options.storageKey || newValue === oldValue)) {
-          return;
-        } // LocalStorage cross tabs update is not synced in IE, set a 1s timer by default to read latest value
-        // https://stackoverflow.com/questions/24077117/localstorage-in-win8-1-ie11-does-not-synchronize
-        this.syncTimeout = setTimeout(() => handleCrossTabsStorageChange(), this.options._storageEventDelay);
-      };
-      window.addEventListener('storage', this.storageListener);
-    }
-  }
-  stop() {
-    this.tokenManager.clearExpireEventTimeoutAll();
-    this.tokenManager.off(EVENT_EXPIRED, this.onTokenExpiredHandler);
-    if (this.options.syncStorage && isBrowser()) {
-      window.removeEventListener('storage', this.storageListener);
-      clearTimeout(this.syncTimeout);
-    }
-  }
-}
-//# sourceMappingURL=TokenService.js.map

package/esm/services/TokenService.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../../../lib/services/TokenService.ts"],"names":["EVENT_EXPIRED","AuthSdkError","isBrowser","shouldThrottleRenew","renewTimeQueue","res","push","Date","now","length","firstTime","shift","lastTime","TokenService","constructor","tokenManager","options","start","onTokenExpiredHandler","key","autoRenew","error","emitError","renew","catch","autoRemove","remove","on","setExpireEventTimeoutAll","syncStorage","storageListener","newValue","oldValue","handleCrossTabsStorageChange","resetExpireEventTimeoutAll","emitEventsForCrossTabsStorageUpdate","storageKey","syncTimeout","setTimeout","_storageEventDelay","window","addEventListener","stop","clearExpireEventTimeoutAll","off","removeEventListener","clearTimeout"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AACA,SAAuBA,aAAvB,QAA4C,iBAA5C;AACA,SAASC,YAAT,QAA6B,WAA7B;AACA,SAASC,SAAT,QAA0B,aAA1B;;AAGA,SAASC,mBAAT,CAA6BC,cAA7B,EAA6C;AAC3C,MAAIC,GAAG,GAAG,KAAV;AACAD,EAAAA,cAAc,CAACE,IAAf,CAAoBC,IAAI,CAACC,GAAL,EAApB;;AACA,MAAIJ,cAAc,CAACK,MAAf,IAAyB,EAA7B,EAAiC;AAC/B;AACA,QAAMC,SAAS,GAAGN,cAAc,CAACO,KAAf,EAAlB;AACA,QAAMC,QAAQ,GAAGR,cAAc,CAACA,cAAc,CAACK,MAAf,GAAwB,CAAzB,CAA/B;AACAJ,IAAAA,GAAG,GAAGO,QAAQ,GAAGF,SAAX,GAAuB,KAAK,IAAlC;AACD;;AACD,SAAOL,GAAP;AACD;;AAED,OAAO,MAAMQ,YAAN,CAAmB;AAOxBC,EAAAA,WAAW,CAACC,YAAD,EAAgE;AAAA,QAAnCC,OAAmC,uEAAJ,EAAI;AACzE,SAAKD,YAAL,GAAoBA,YAApB;AACA,SAAKC,OAAL,GAAeA,OAAf;AACD;;AAEDC,EAAAA,KAAK,GAAG;AACN,QAAMb,cAAc,GAAG,EAAvB;;AACA,SAAKc,qBAAL,GAA8BC,GAAD,IAAS;AACpC,UAAI,KAAKH,OAAL,CAAaI,SAAjB,EAA4B;AAC1B,YAAIjB,mBAAmB,CAACC,cAAD,CAAvB,EAAyC;AACvC,cAAMiB,KAAK,GAAG,IAAIpB,YAAJ,CAAiB,+BAAjB,CAAd;AACA,eAAKc,YAAL,CAAkBO,SAAlB,CAA4BD,KAA5B;AACD,SAHD,MAGO;AACL,eAAKN,YAAL,CAAkBQ,KAAlB,CAAwBJ,GAAxB,EAA6BK,KAA7B,CAAmC,MAAM,CAAE,CAA3C,EADK,CACyC;AAC/C;AACF,OAPD,MAOO,IAAI,KAAKR,OAAL,CAAaS,UAAjB,EAA6B;AAClC,aAAKV,YAAL,CAAkBW,MAAlB,CAAyBP,GAAzB;AACD;AACF,KAXD;;AAYA,SAAKJ,YAAL,CAAkBY,EAAlB,CAAqB3B,aAArB,EAAoC,KAAKkB,qBAAzC;AAEA,SAAKH,YAAL,CAAkBa,wBAAlB;;AAEA,QAAI,KAAKZ,OAAL,CAAaa,WAAb,IAA4B3B,SAAS,EAAzC,EAA6C;AAC3C;AACA;AACA;AACA;AAEA,WAAK4B,eAAL,GAAuB,QAA+C;AAAA,YAA9C;AAAEX,UAAAA,GAAF;AAAOY,UAAAA,QAAP;AAAiBC,UAAAA;AAAjB,SAA8C;;AACpE,YAAMC,4BAA4B,GAAG,MAAM;AACzC,eAAKlB,YAAL,CAAkBmB,0BAAlB;AACA,eAAKnB,YAAL,CAAkBoB,mCAAlB,CAAsDJ,QAAtD,EAAgEC,QAAhE;AACD,SAHD,CADoE,CAMpE;AACA;AACA;AACA;;;AACA,YAAIb,GAAG,KAAKA,GAAG,KAAK,KAAKH,OAAL,CAAaoB,UAArB,IAAmCL,QAAQ,KAAKC,QAArD,CAAP,EAAuE;AACrE;AACD,SAZmE,CAcpE;AACA;;;AACA,aAAKK,WAAL,GAAmBC,UAAU,CAAC,MAAML,4BAA4B,EAAnC,EAAuC,KAAKjB,OAAL,CAAauB,kBAApD,CAA7B;AACD,OAjBD;;AAmBAC,MAAAA,MAAM,CAACC,gBAAP,CAAwB,SAAxB,EAAmC,KAAKX,eAAxC;AACD;AACF;;AAEDY,EAAAA,IAAI,GAAG;AACL,SAAK3B,YAAL,CAAkB4B,0BAAlB;AACA,SAAK5B,YAAL,CAAkB6B,GAAlB,CAAsB5C,aAAtB,EAAqC,KAAKkB,qBAA1C;;AACA,QAAI,KAAKF,OAAL,CAAaa,WAAb,IAA4B3B,SAAS,EAAzC,EAA6C;AAC3CsC,MAAAA,MAAM,CAACK,mBAAP,CAA2B,SAA3B,EAAsC,KAAKf,eAA3C;AACAgB,MAAAA,YAAY,CAAC,KAAKT,WAAN,CAAZ;AACD;AACF;;AAlEuB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* global window */\nimport { TokenManager, EVENT_EXPIRED } from '../TokenManager';\nimport { AuthSdkError } from '../errors';\nimport { isBrowser } from '../features';\nimport { TokenManagerOptions } from '../types';\n\nfunction shouldThrottleRenew(renewTimeQueue) {\n let res = false;\n renewTimeQueue.push(Date.now());\n if (renewTimeQueue.length >= 10) {\n // get and remove first item from queue\n const firstTime = renewTimeQueue.shift();\n const lastTime = renewTimeQueue[renewTimeQueue.length - 1];\n res = lastTime - firstTime < 30 * 1000;\n }\n return res;\n}\n\nexport class TokenService {\n private tokenManager: TokenManager;\n private options: TokenManagerOptions;\n private storageListener: (event: StorageEvent) => void;\n private onTokenExpiredHandler: (key: string) => void;\n private syncTimeout: unknown;\n\n constructor(tokenManager: TokenManager, options: TokenManagerOptions = {}) {\n this.tokenManager = tokenManager;\n this.options = options;\n }\n\n start() {\n const renewTimeQueue = [];\n this.onTokenExpiredHandler = (key) => {\n if (this.options.autoRenew) {\n if (shouldThrottleRenew(renewTimeQueue)) {\n const error = new AuthSdkError('Too many token renew requests');\n this.tokenManager.emitError(error);\n } else {\n this.tokenManager.renew(key).catch(() => {}); // Renew errors will emit an \"error\" event \n }\n } else if (this.options.autoRemove) {\n this.tokenManager.remove(key);\n }\n };\n this.tokenManager.on(EVENT_EXPIRED, this.onTokenExpiredHandler);\n\n this.tokenManager.setExpireEventTimeoutAll();\n\n if (this.options.syncStorage && isBrowser()) {\n // Sync authState cross multiple tabs when localStorage is used as the storageProvider\n // A StorageEvent is sent to a window when a storage area it has access to is changed \n // within the context of another document.\n // https://developer.mozilla.org/en-US/docs/Web/API/StorageEvent\n\n this.storageListener = ({ key, newValue, oldValue }: StorageEvent) => {\n const handleCrossTabsStorageChange = () => {\n this.tokenManager.resetExpireEventTimeoutAll();\n this.tokenManager.emitEventsForCrossTabsStorageUpdate(newValue, oldValue);\n };\n\n // Skip if:\n // not from localStorage.clear (event.key is null)\n // event.key is not the storageKey\n // oldValue === newValue\n if (key && (key !== this.options.storageKey || newValue === oldValue)) {\n return;\n }\n\n // LocalStorage cross tabs update is not synced in IE, set a 1s timer by default to read latest value\n // https://stackoverflow.com/questions/24077117/localstorage-in-win8-1-ie11-does-not-synchronize\n this.syncTimeout = setTimeout(() => handleCrossTabsStorageChange(), this.options._storageEventDelay);\n };\n\n window.addEventListener('storage', this.storageListener);\n }\n }\n\n stop() {\n this.tokenManager.clearExpireEventTimeoutAll();\n this.tokenManager.off(EVENT_EXPIRED, this.onTokenExpiredHandler);\n if (this.options.syncStorage && isBrowser()) {\n window.removeEventListener('storage', this.storageListener);\n clearTimeout(this.syncTimeout as any);\n }\n }\n}"],"file":"TokenService.js"}

package/esm/session.js DELETED Viewed

@@ -1,81 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-/* global window */
-import { omit, getLink, toQueryString } from './util';
-import { get, post, httpRequest } from './http';
-function sessionExists(sdk) {
-  return sdk.session.get().then(function (res) {
-    if (res.status === 'ACTIVE') {
-      return true;
-    }
-    return false;
-  }).catch(function () {
-    return false;
-  });
-}
-function getSession(sdk) {
-  return get(sdk, '/api/v1/sessions/me', {
-    withCredentials: true
-  }).then(function (session) {
-    var res = omit(session, '_links');
-    res.refresh = function () {
-      return post(sdk, getLink(session, 'refresh').href, {}, {
-        withCredentials: true
-      });
-    };
-    res.user = function () {
-      return get(sdk, getLink(session, 'user').href, {
-        withCredentials: true
-      });
-    };
-    return res;
-  }).catch(function () {
-    // Return INACTIVE status on failure
-    return {
-      status: 'INACTIVE'
-    };
-  });
-}
-function closeSession(sdk) {
-  return httpRequest(sdk, {
-    url: sdk.getIssuerOrigin() + '/api/v1/sessions/me',
-    method: 'DELETE',
-    withCredentials: true
-  });
-}
-function refreshSession(sdk) {
-  return post(sdk, '/api/v1/sessions/me/lifecycle/refresh', {}, {
-    withCredentials: true
-  });
-}
-function setCookieAndRedirect(sdk, sessionToken, redirectUrl) {
-  redirectUrl = redirectUrl || window.location.href;
-  window.location.assign(sdk.getIssuerOrigin() + '/login/sessionCookieRedirect' + toQueryString({
-    checkAccountSetupComplete: true,
-    token: sessionToken,
-    redirectUrl: redirectUrl
-  }));
-}
-export { sessionExists, getSession, closeSession, refreshSession, setCookieAndRedirect };
-//# sourceMappingURL=session.js.map

package/esm/session.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../../lib/session.ts"],"names":["omit","getLink","toQueryString","get","post","httpRequest","sessionExists","sdk","session","then","res","status","catch","getSession","withCredentials","refresh","href","user","closeSession","url","getIssuerOrigin","method","refreshSession","setCookieAndRedirect","sessionToken","redirectUrl","window","location","assign","checkAccountSetupComplete","token"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AACA,SAASA,IAAT,EAAeC,OAAf,EAAwBC,aAAxB,QAA6C,QAA7C;AACA,SAASC,GAAT,EAAcC,IAAd,EAAoBC,WAApB,QAAuC,QAAvC;;AAEA,SAASC,aAAT,CAAuBC,GAAvB,EAA4B;AAC1B,SAAOA,GAAG,CAACC,OAAJ,CAAYL,GAAZ,GACJM,IADI,CACC,UAASC,GAAT,EAAc;AAClB,QAAIA,GAAG,CAACC,MAAJ,KAAe,QAAnB,EAA6B;AAC3B,aAAO,IAAP;AACD;;AACD,WAAO,KAAP;AACD,GANI,EAOJC,KAPI,CAOE,YAAW;AAChB,WAAO,KAAP;AACD,GATI,CAAP;AAUD;;AAED,SAASC,UAAT,CAAoBN,GAApB,EAAyB;AACvB,SAAOJ,GAAG,CAACI,GAAD,EAAM,qBAAN,EAA6B;AAAEO,IAAAA,eAAe,EAAE;AAAnB,GAA7B,CAAH,CACNL,IADM,CACD,UAASD,OAAT,EAAkB;AACtB,QAAIE,GAAG,GAAGV,IAAI,CAACQ,OAAD,EAAU,QAAV,CAAd;;AAEAE,IAAAA,GAAG,CAACK,OAAJ,GAAc,YAAW;AACvB,aAAOX,IAAI,CAACG,GAAD,EAAMN,OAAO,CAACO,OAAD,EAAU,SAAV,CAAP,CAA4BQ,IAAlC,EAAwC,EAAxC,EAA4C;AAAEF,QAAAA,eAAe,EAAE;AAAnB,OAA5C,CAAX;AACD,KAFD;;AAIAJ,IAAAA,GAAG,CAACO,IAAJ,GAAW,YAAW;AACpB,aAAOd,GAAG,CAACI,GAAD,EAAMN,OAAO,CAACO,OAAD,EAAU,MAAV,CAAP,CAAyBQ,IAA/B,EAAqC;AAAEF,QAAAA,eAAe,EAAE;AAAnB,OAArC,CAAV;AACD,KAFD;;AAIA,WAAOJ,GAAP;AACD,GAbM,EAcNE,KAdM,CAcA,YAAW;AAChB;AACA,WAAO;AAACD,MAAAA,MAAM,EAAE;AAAT,KAAP;AACD,GAjBM,CAAP;AAkBD;;AAED,SAASO,YAAT,CAAsBX,GAAtB,EAA2B;AACzB,SAAOF,WAAW,CAACE,GAAD,EAAM;AACtBY,IAAAA,GAAG,EAAEZ,GAAG,CAACa,eAAJ,KAAwB,qBADP;AAEtBC,IAAAA,MAAM,EAAE,QAFc;AAGtBP,IAAAA,eAAe,EAAE;AAHK,GAAN,CAAlB;AAKD;;AAED,SAASQ,cAAT,CAAwBf,GAAxB,EAA6B;AAC3B,SAAOH,IAAI,CAACG,GAAD,EAAM,uCAAN,EAA+C,EAA/C,EAAmD;AAAEO,IAAAA,eAAe,EAAE;AAAnB,GAAnD,CAAX;AACD;;AAED,SAASS,oBAAT,CAA8BhB,GAA9B,EAAmCiB,YAAnC,EAAiDC,WAAjD,EAA8D;AAC5DA,EAAAA,WAAW,GAAGA,WAAW,IAAIC,MAAM,CAACC,QAAP,CAAgBX,IAA7C;AACAU,EAAAA,MAAM,CAACC,QAAP,CAAgBC,MAAhB,CAAuBrB,GAAG,CAACa,eAAJ,KAAwB,8BAAxB,GACrBlB,aAAa,CAAC;AACZ2B,IAAAA,yBAAyB,EAAE,IADf;AAEZC,IAAAA,KAAK,EAAEN,YAFK;AAGZC,IAAAA,WAAW,EAAEA;AAHD,GAAD,CADf;AAMD;;AAED,SACEnB,aADF,EAEEO,UAFF,EAGEK,YAHF,EAIEI,cAJF,EAKEC,oBALF","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window */\nimport { omit, getLink, toQueryString } from './util';\nimport { get, post, httpRequest } from './http';\n\nfunction sessionExists(sdk) {\n return sdk.session.get()\n .then(function(res) {\n if (res.status === 'ACTIVE') {\n return true;\n }\n return false;\n })\n .catch(function() {\n return false;\n });\n}\n\nfunction getSession(sdk) { \n return get(sdk, '/api/v1/sessions/me', { withCredentials: true })\n .then(function(session) {\n var res = omit(session, '_links');\n\n res.refresh = function() {\n return post(sdk, getLink(session, 'refresh').href, {}, { withCredentials: true });\n };\n\n res.user = function() {\n return get(sdk, getLink(session, 'user').href, { withCredentials: true });\n };\n\n return res;\n })\n .catch(function() {\n // Return INACTIVE status on failure\n return {status: 'INACTIVE'};\n });\n}\n\nfunction closeSession(sdk) {\n return httpRequest(sdk, {\n url: sdk.getIssuerOrigin() + '/api/v1/sessions/me',\n method: 'DELETE',\n withCredentials: true\n });\n}\n\nfunction refreshSession(sdk) {\n return post(sdk, '/api/v1/sessions/me/lifecycle/refresh', {}, { withCredentials: true });\n}\n\nfunction setCookieAndRedirect(sdk, sessionToken, redirectUrl) {\n redirectUrl = redirectUrl || window.location.href;\n window.location.assign(sdk.getIssuerOrigin() + '/login/sessionCookieRedirect' +\n toQueryString({\n checkAccountSetupComplete: true,\n token: sessionToken,\n redirectUrl: redirectUrl\n }));\n}\n\nexport {\n sessionExists,\n getSession,\n closeSession,\n refreshSession,\n setCookieAndRedirect\n};\n"],"file":"session.js"}