@okta/okta-auth-js 5.6.0 → 5.9.1

package/cjs/idx/remediate.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/remediate.ts"],"names":["getRemediator","idxRemediations","values","options","flow","flowMonitor","remediator","remediatorCandidates","remediation","isRemeditionInFlow","Object","keys","includes","name","T","isRemediatorCandidate","canRemediate","push","isTerminalResponse","idxResponse","neededToProceed","interactionCode","length","canSkipFn","some","canResendFn","actions","actionName","getIdxMessages","messages","rawIdxState","globalMessages","value","map","message","fieldMessages","getMessages","getNextStep","nextStep","canSkip","canResend","handleIdxError","e","idxState","idx","makeIdxState","terminal","getActionFromValues","find","action","resend","removeActionFromValues","undefined","remediate","actionFromValues","valuesWithoutExecutedAction","canceled","AuthSdkError","reduce","acc","curr","loopDetected","getName","data","getData","proceed","trackRemediations","getValuesAfterProceed"],"mappings":";;;;;;;AAcA;;AACA;;AAIA;;AAnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAmBA;AACO,SAASA,aAAT,CACLC,eADK,EAELC,MAFK,EAGLC,OAHK,EAIO;AACZ,QAAM;AAAEC,IAAAA,IAAF;AAAQC,IAAAA;AAAR,MAAwBF,OAA9B;AAEA,MAAIG,UAAJ;AACA,QAAMC,oBAAoB,GAAG,EAA7B;;AACA,OAAK,IAAIC,WAAT,IAAwBP,eAAxB,EAAyC;AACvC,UAAMQ,kBAAkB,GAAGC,MAAM,CAACC,IAAP,CAAYP,IAAZ,EAAkBQ,QAAlB,CAA2BJ,WAAW,CAACK,IAAvC,CAA3B;;AACA,QAAI,CAACJ,kBAAL,EAAyB;AACvB;AACD;;AAED,UAAMK,CAAC,GAAGV,IAAI,CAACI,WAAW,CAACK,IAAb,CAAd;AACAP,IAAAA,UAAU,GAAG,IAAIQ,CAAJ,CAAMN,WAAN,EAAmBN,MAAnB,CAAb;;AACA,QAAIG,WAAW,CAACU,qBAAZ,CAAkCT,UAAlC,EAA8CL,eAA9C,EAA+DC,MAA/D,CAAJ,EAA4E;AAC1E,UAAII,UAAU,CAACU,YAAX,EAAJ,EAA+B;AAC7B;AACA,eAAOV,UAAP;AACD,OAJyE,CAK1E;AACA;;;AACAC,MAAAA,oBAAoB,CAACU,IAArB,CAA0BX,UAA1B;AACD;AACF,GAtBW,CAwBZ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AAEA,SAAOC,oBAAoB,CAAC,CAAD,CAA3B;AACD;;AAED,SAASW,kBAAT,CAA4BC,WAA5B,EAAsD;AACpD,QAAM;AAAEC,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA7C;AACA,SAAO,CAACC,eAAe,CAACE,MAAjB,IAA2B,CAACD,eAAnC;AACD;;AAED,SAASE,SAAT,CAAmBJ,WAAnB,EAA6C;AAC3C,SAAOA,WAAW,CAACC,eAAZ,CAA4BI,IAA5B,CAAiC,CAAC;AAAEX,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,MAAxD,CAAP;AACD;;AAED,SAASY,WAAT,CAAqBN,WAArB,EAA+C;AAC7C,SAAOT,MAAM,CAACC,IAAP,CAAYQ,WAAW,CAACO,OAAxB,EAAiCF,IAAjC,CAAsCG,UAAU,IAAIA,UAAU,CAACf,QAAX,CAAoB,QAApB,CAApD,CAAP;AACD;;AAED,SAASgB,cAAT,CACET,WADF,EAC4Bf,IAD5B,EAEgB;AAAA;;AACd,MAAIyB,QAAQ,GAAG,EAAf;;AACA,MAAI,CAACzB,IAAL,EAAW;AACT,WAAOyB,QAAP;AACD;;AAED,QAAM;AAAEC,IAAAA,WAAF;AAAeV,IAAAA;AAAf,MAAmCD,WAAzC,CANc,CAQd;;AACA,QAAMY,cAAc,4BAAGD,WAAW,CAACD,QAAf,0DAAG,sBAAsBG,KAAtB,CAA4BC,GAA5B,CAAgCC,OAAO,IAAIA,OAA3C,CAAvB;;AACA,MAAIH,cAAJ,EAAoB;AAClBF,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGE,cAAjB,CAAX;AACD,GAZa,CAcd;;;AACA,OAAK,IAAIvB,WAAT,IAAwBY,eAAxB,EAAyC;AACvC,UAAMN,CAAC,GAAGV,IAAI,CAACI,WAAW,CAACK,IAAb,CAAd;;AACA,QAAI,CAACC,CAAL,EAAQ;AACN;AACD;;AACD,UAAMR,UAAU,GAAG,IAAIQ,CAAJ,CAAMN,WAAN,CAAnB;AACA,UAAM2B,aAAa,GAAG7B,UAAU,CAAC8B,WAAX,EAAtB;;AACA,QAAID,aAAJ,EAAmB;AACjBN,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGM,aAAjB,CAAX;AACD;AACF;;AAED,SAAON,QAAP;AACD;;AAED,SAASQ,WAAT,CACE/B,UADF,EAC0Ba,WAD1B,EAEY;AACV,QAAMmB,QAAQ,GAAGhC,UAAU,CAAC+B,WAAX,EAAjB;AACA,QAAME,OAAO,GAAGhB,SAAS,CAACJ,WAAD,CAAzB;AACA,QAAMqB,SAAS,GAAGf,WAAW,CAACN,WAAD,CAA7B;AACA,SAAO,EACL,GAAGmB,QADE;AAEL,QAAIC,OAAO,IAAI;AAACA,MAAAA;AAAD,KAAf,CAFK;AAGL,QAAIC,SAAS,IAAI;AAACA,MAAAA;AAAD,KAAjB;AAHK,GAAP;AAKD;;AAED,SAASC,cAAT,CAAwBC,CAAxB,EAA2BtC,IAA3B,EAAiCE,UAAjC,EAA8C;AAC5C;AACA,MAAI,6BAAiBoC,CAAjB,CAAJ,EAAyB;AACvB,UAAMC,QAAQ,GAAGC,mBAAIC,YAAJ,CAAiBH,CAAjB,CAAjB;;AACA,UAAMI,QAAQ,GAAG5B,kBAAkB,CAACyB,QAAD,CAAnC;AACA,UAAMd,QAAQ,GAAGD,cAAc,CAACe,QAAD,EAAWvC,IAAX,CAA/B;;AACA,QAAI0C,QAAJ,EAAc;AACZ,aAAO;AAAEA,QAAAA,QAAF;AAAYjB,QAAAA;AAAZ,OAAP;AACD,KAFD,MAEO;AACL,YAAMS,QAAQ,GAAGhC,UAAU,IAAI+B,WAAW,CAAC/B,UAAD,EAAaqC,QAAb,CAA1C;AACA,aAAO;AACLd,QAAAA,QADK;AAEL,YAAIS,QAAQ,IAAI;AAAEA,UAAAA;AAAF,SAAhB;AAFK,OAAP;AAID;AACF,GAf2C,CAgB5C;;;AACA,QAAMI,CAAN;AACD;;AAED,SAASK,mBAAT,CAA6B7C,MAA7B,EAAqCiB,WAArC,EAAmF;AACjF;AACA,SAAOT,MAAM,CAACC,IAAP,CAAYQ,WAAW,CAACO,OAAxB,EAAiCsB,IAAjC,CAAsCC,MAAM,IAAI,CAAC,CAAC/C,MAAM,CAACgD,MAAT,IAAmBD,MAAM,CAACrC,QAAP,CAAgB,SAAhB,CAAnE,CAAP;AACD;;AAED,SAASuC,sBAAT,CAAgCjD,MAAhC,EAAwC;AACtC;AACAA,EAAAA,MAAM,CAACgD,MAAP,GAAgBE,SAAhB;AACA,SAAOlD,MAAP;AACD,C,CAED;;;AACO,eAAemD,SAAf,CACLlC,WADK,EAELjB,MAFK,EAGLC,OAHK,EAIyB;AAC9B,MAAI;AAAEiB,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA3C;AACA,QAAM;AAAEf,IAAAA,IAAF;AAAQC,IAAAA;AAAR,MAAwBF,OAA9B,CAF8B,CAI9B;;AACA,MAAIkB,eAAJ,EAAqB;AACnB,WAAO;AAAEF,MAAAA;AAAF,KAAP;AACD,GAP6B,CAS9B;;;AACA,QAAM2B,QAAQ,GAAG5B,kBAAkB,CAACC,WAAD,CAAnC;AACA,QAAMU,QAAQ,GAAGD,cAAc,CAACT,WAAD,EAAcf,IAAd,CAA/B;;AACA,MAAI0C,QAAJ,EAAc;AACZ,WAAO;AAAEA,MAAAA,QAAF;AAAYjB,MAAAA;AAAZ,KAAP;AACD,GAd6B,CAgB9B;;;AACA,QAAMyB,gBAAgB,GAAGP,mBAAmB,CAAC7C,MAAD,EAASiB,WAAT,CAA5C;AACA,QAAMO,OAAO,GAAG,CACd,IAAGvB,OAAO,CAACuB,OAAR,IAAmB,EAAtB,CADc,EAEd,IAAI4B,gBAAgB,IAAI,CAACA,gBAAD,CAApB,IAA0C,EAA9C,CAFc,CAAhB;;AAIA,MAAI5B,OAAJ,EAAa;AACX,SAAK,IAAIuB,MAAT,IAAmBvB,OAAnB,EAA4B;AAC1B,UAAI6B,2BAA2B,GAAGJ,sBAAsB,CAACjD,MAAD,CAAxD;;AACA,UAAI,OAAOiB,WAAW,CAACO,OAAZ,CAAoBuB,MAApB,CAAP,KAAuC,UAA3C,EAAuD;AACrD,YAAI;AACF9B,UAAAA,WAAW,GAAG,MAAMA,WAAW,CAACO,OAAZ,CAAoBuB,MAApB,GAApB;AACD,SAFD,CAEE,OAAOP,CAAP,EAAU;AACV,iBAAOD,cAAc,CAACC,CAAD,EAAItC,IAAJ,CAArB;AACD;;AACD,YAAI6C,MAAM,KAAK,QAAf,EAAyB;AACvB,iBAAO;AAAEO,YAAAA,QAAQ,EAAE;AAAZ,WAAP;AACD;;AACD,eAAOH,SAAS,CAAClC,WAAD,EAAcoC,2BAAd,EAA2CpD,OAA3C,CAAhB,CATqD,CASgB;AACtE;AACF;AACF;;AAED,QAAMG,UAAU,GAAGN,aAAa,CAACoB,eAAD,EAAkBlB,MAAlB,EAA0BC,OAA1B,CAAhC;;AAEA,MAAI,CAACG,UAAL,EAAiB;AACf,UAAM,IAAImD,oBAAJ,CAAkB;AAC5B;AACA,uBAAuBrC,eAAe,CAACsC,MAAhB,CAAuB,CAACC,GAAD,EAAMC,IAAN,KAAeD,GAAG,GAAGA,GAAG,GAAG,IAAN,GAAaC,IAAI,CAAC/C,IAArB,GAA4B+C,IAAI,CAAC/C,IAA1E,EAAgF,EAAhF,CAAoF;AAC3G,KAHU,CAAN;AAID;;AAED,MAAIR,WAAW,CAACwD,YAAZ,CAAyBvD,UAAzB,CAAJ,EAA0C;AACxC,UAAM,IAAImD,oBAAJ,CAAkB;AAC5B,yDAAyDnD,UAAU,CAACwD,OAAX,EAAqB;AAC9E,KAFU,CAAN;AAGD,GApD6B,CAsD9B;AACA;;;AACA,MAAI,CAACxD,UAAU,CAACU,YAAX,EAAL,EAAgC;AAC9B,UAAMsB,QAAQ,GAAGD,WAAW,CAAC/B,UAAD,EAAaa,WAAb,CAA5B;AACA,WAAO;AAAEA,MAAAA,WAAF;AAAemB,MAAAA;AAAf,KAAP;AACD;;AAED,QAAMzB,IAAI,GAAGP,UAAU,CAACwD,OAAX,EAAb;AACA,QAAMC,IAAI,GAAGzD,UAAU,CAAC0D,OAAX,EAAb;;AACA,MAAI;AACF7C,IAAAA,WAAW,GAAG,MAAMA,WAAW,CAAC8C,OAAZ,CAAoBpD,IAApB,EAA0BkD,IAA1B,CAApB,CADE,CAGF;;AACA,UAAM1D,WAAW,CAAC6D,iBAAZ,CAA8BrD,IAA9B,CAAN,CAJE,CAMF;;AACA,QAAIM,WAAW,CAACE,eAAhB,EAAiC;AAC/B,aAAO;AAAEF,QAAAA;AAAF,OAAP;AACD,KATC,CAWF;;;AACA,UAAM2B,QAAQ,GAAG5B,kBAAkB,CAACC,WAAD,CAAnC;AACA,UAAMU,QAAQ,GAAGD,cAAc,CAACT,WAAD,EAAcf,IAAd,CAA/B;;AACA,QAAI0C,QAAJ,EAAc;AACZ,aAAO;AAAEA,QAAAA,QAAF;AAAYjB,QAAAA;AAAZ,OAAP;AACD,KAhBC,CAkBF;;;AACA,QAAIA,QAAQ,CAACP,MAAb,EAAqB;AACnB,YAAMgB,QAAQ,GAAGD,WAAW,CAAC/B,UAAD,EAAaa,WAAb,CAA5B;AACA,aAAO;AAAEmB,QAAAA,QAAF;AAAYT,QAAAA;AAAZ,OAAP;AACD,KAtBC,CAwBF;AACA;;;AACA3B,IAAAA,MAAM,GAAGI,UAAU,CAAC6D,qBAAX,EAAT;AACA,WAAOd,SAAS,CAAClC,WAAD,EAAcjB,MAAd,EAAsBC,OAAtB,CAAhB,CA3BE,CA2B8C;AACjD,GA5BD,CA4BE,OAAOuC,CAAP,EAAU;AACV,WAAOD,cAAc,CAACC,CAAD,EAAItC,IAAJ,EAAUE,UAAV,CAArB;AACD;AACF","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, max-depth, complexity */\nimport idx from '@okta/okta-idx-js';\nimport { AuthSdkError } from '../errors';\nimport { Remediator, RemediationValues } from './remediators';\nimport { RunOptions, RemediationFlow } from './run';\nimport { NextStep, IdxMessage } from './types';\nimport { \n  IdxResponse, \n  isRawIdxResponse, \n  IdxRemediation, \n} from './types/idx-js';\n\ninterface RemediationResponse {\n  idxResponse?: IdxResponse;\n  nextStep?: NextStep;\n  messages?: IdxMessage[];\n  terminal?: boolean;\n  canceled?: boolean;\n}\n// Return first match idxRemediation in allowed remediators\nexport function getRemediator(\n  idxRemediations: IdxRemediation[],\n  values: RemediationValues,\n  options: RunOptions,\n): Remediator {\n  const { flow, flowMonitor } = options;\n\n  let remediator;\n  const remediatorCandidates = [];\n  for (let remediation of idxRemediations) {\n    const isRemeditionInFlow = Object.keys(flow).includes(remediation.name);\n    if (!isRemeditionInFlow) {\n      continue;\n    }\n      \n    const T = flow[remediation.name];\n    remediator = new T(remediation, values);\n    if (flowMonitor.isRemediatorCandidate(remediator, idxRemediations, values)) {\n      if (remediator.canRemediate()) {\n        // found the remediator\n        return remediator;\n      }\n      // remediator cannot handle the current values\n      // maybe return for next step\n      remediatorCandidates.push(remediator);  \n    }\n  }\n  \n  // TODO: why is it a problem to have multiple remediations? \n  // JIRA: https://oktainc.atlassian.net/browse/OKTA-400758\n  // if (remediatorCandidates.length > 1) {\n  //   const remediationNames = remediatorCandidates.reduce((acc, curr) => {\n  //     const name = curr.getName();\n  //     return acc ? `${acc}, ${name}` : name;\n  //   }, '');\n  //   throw new AuthSdkError(`\n  //     More than one remediation can match the current input, remediations: ${remediationNames}\n  //   `);\n  // }\n\n  return remediatorCandidates[0];\n}\n\nfunction isTerminalResponse(idxResponse: IdxResponse) {\n  const { neededToProceed, interactionCode } = idxResponse;\n  return !neededToProceed.length && !interactionCode;\n}\n\nfunction canSkipFn(idxResponse: IdxResponse) {\n  return idxResponse.neededToProceed.some(({ name }) => name === 'skip');\n}\n\nfunction canResendFn(idxResponse: IdxResponse) {\n  return Object.keys(idxResponse.actions).some(actionName => actionName.includes('resend'));\n}\n\nfunction getIdxMessages(\n  idxResponse: IdxResponse, flow: RemediationFlow\n): IdxMessage[] {\n  let messages = [];\n  if (!flow) {\n    return messages;\n  }\n\n  const { rawIdxState, neededToProceed } = idxResponse;\n\n  // Handle global messages\n  const globalMessages = rawIdxState.messages?.value.map(message => message);\n  if (globalMessages) {\n    messages = [...messages, ...globalMessages];\n  }\n\n  // Handle field messages for current flow\n  for (let remediation of neededToProceed) {\n    const T = flow[remediation.name];\n    if (!T) {\n      continue;\n    }\n    const remediator = new T(remediation);\n    const fieldMessages = remediator.getMessages();\n    if (fieldMessages) {\n      messages = [...messages, ...fieldMessages];\n    }\n  }\n\n  return messages;\n}\n\nfunction getNextStep(\n  remediator: Remediator, idxResponse: IdxResponse\n): NextStep {\n  const nextStep = remediator.getNextStep();\n  const canSkip = canSkipFn(idxResponse);\n  const canResend = canResendFn(idxResponse);\n  return {\n    ...nextStep,\n    ...(canSkip && {canSkip}),\n    ...(canResend && {canResend}),\n  };\n}\n\nfunction handleIdxError(e, flow, remediator?) {\n  // Handle idx messages\n  if (isRawIdxResponse(e)) {\n    const idxState = idx.makeIdxState(e);\n    const terminal = isTerminalResponse(idxState);\n    const messages = getIdxMessages(idxState, flow);\n    if (terminal) {\n      return { terminal, messages };\n    } else {\n      const nextStep = remediator && getNextStep(remediator, idxState);\n      return { \n        messages, \n        ...(nextStep && { nextStep }) \n      };\n    }\n  }\n  // Thrown error terminates the interaction with idx\n  throw e;\n}\n\nfunction getActionFromValues(values, idxResponse: IdxResponse): string | undefined {\n  // Currently support resend actions only\n  return Object.keys(idxResponse.actions).find(action => !!values.resend && action.includes('-resend'));\n}\n\nfunction removeActionFromValues(values) {\n  // Currently support resend actions only\n  values.resend = undefined;\n  return values;\n}\n\n// This function is called recursively until it reaches success or cannot be remediated\nexport async function remediate(\n  idxResponse: IdxResponse,\n  values: RemediationValues,\n  options: RunOptions\n): Promise<RemediationResponse> {\n  let { neededToProceed, interactionCode } = idxResponse;\n  const { flow, flowMonitor } = options;\n\n  // If the response contains an interaction code, there is no need to remediate\n  if (interactionCode) {\n    return { idxResponse };\n  }\n\n  // Reach to terminal state\n  const terminal = isTerminalResponse(idxResponse);\n  const messages = getIdxMessages(idxResponse, flow);\n  if (terminal) {\n    return { terminal, messages };\n  }\n  \n  // Try actions in idxResponse first\n  const actionFromValues = getActionFromValues(values, idxResponse);\n  const actions = [\n    ...options.actions || [],\n    ...(actionFromValues && [actionFromValues] || []),\n  ];\n  if (actions) {\n    for (let action of actions) {\n      let valuesWithoutExecutedAction = removeActionFromValues(values);\n      if (typeof idxResponse.actions[action] === 'function') {\n        try {\n          idxResponse = await idxResponse.actions[action]();\n        } catch (e) {\n          return handleIdxError(e, flow);\n        }\n        if (action === 'cancel') {\n          return { canceled: true };\n        }\n        return remediate(idxResponse, valuesWithoutExecutedAction, options); // recursive call\n      }\n    }\n  }\n\n  const remediator = getRemediator(neededToProceed, values, options);\n  \n  if (!remediator) {\n    throw new AuthSdkError(`\n      No remediation can match current flow, check policy settings in your org.\n      Remediations: [${neededToProceed.reduce((acc, curr) => acc ? acc + ' ,' + curr.name : curr.name, '')}]\n    `);\n  }\n\n  if (flowMonitor.loopDetected(remediator)) {\n    throw new AuthSdkError(`\n      Remediation run into loop, break!!! remediation: ${remediator.getName()}\n    `);\n  }\n\n  // Recursive loop breaker\n  // Return next step to the caller\n  if (!remediator.canRemediate()) {\n    const nextStep = getNextStep(remediator, idxResponse);\n    return { idxResponse, nextStep };\n  }\n\n  const name = remediator.getName();\n  const data = remediator.getData();\n  try {\n    idxResponse = await idxResponse.proceed(name, data);\n\n    // Track succeed remediations in the current transaction\n    await flowMonitor.trackRemediations(name);\n    \n    // Successfully get interaction code\n    if (idxResponse.interactionCode) {\n      return { idxResponse };\n    }\n\n    // Reach to terminal state\n    const terminal = isTerminalResponse(idxResponse);\n    const messages = getIdxMessages(idxResponse, flow);\n    if (terminal) {\n      return { terminal, messages };\n    }\n\n    // Handle idx message in nextStep\n    if (messages.length) {\n      const nextStep = getNextStep(remediator, idxResponse);\n      return { nextStep, messages };\n    }\n    \n    // We may want to trim the values bag for the next remediation\n    // Let the remediator decide what the values should be (default to current values)\n    values = remediator.getValuesAfterProceed();\n    return remediate(idxResponse, values, options); // recursive call\n  } catch (e) {\n    return handleIdxError(e, flow, remediator);\n  }\n}\n"],"file":"remediate.js"}
+{"version":3,"sources":["../../../lib/idx/remediate.ts"],"names":["getRemediator","idxRemediations","values","options","remediators","flowMonitor","remediator","remediatorCandidates","remediation","isRemeditionInFlow","Object","keys","includes","name","T","isRemediatorCandidate","canRemediate","push","isTerminalResponse","idxResponse","neededToProceed","interactionCode","length","canSkipFn","some","canResendFn","actions","actionName","getIdxMessages","messages","rawIdxState","globalMessages","value","map","message","fieldMessages","getMessages","getNextStep","nextStep","canSkip","canResend","handleIdxError","e","idxState","terminal","getActionFromValues","find","action","resend","removeActionFromValues","undefined","remediate","actionFromValues","valuesWithoutExecutedAction","canceled","AuthSdkError","reduce","acc","curr","loopDetected","getName","data","getData","proceed","trackRemediations","getValuesAfterProceed"],"mappings":";;;;;AAcA;;AAKA;;AAnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAmBA;AACO,SAASA,aAAT,CACLC,eADK,EAELC,MAFK,EAGLC,OAHK,EAIO;AACZ,QAAM;AAAEC,IAAAA,WAAF;AAAeC,IAAAA;AAAf,MAA+BF,OAArC;AAEA,MAAIG,UAAJ;AACA,QAAMC,oBAAoB,GAAG,EAA7B;;AACA,OAAK,IAAIC,WAAT,IAAwBP,eAAxB,EAAyC;AACvC,UAAMQ,kBAAkB,GAAGC,MAAM,CAACC,IAAP,CAAYP,WAAZ,EAAyBQ,QAAzB,CAAkCJ,WAAW,CAACK,IAA9C,CAA3B;;AACA,QAAI,CAACJ,kBAAL,EAAyB;AACvB;AACD;;AAED,UAAMK,CAAC,GAAGV,WAAW,CAACI,WAAW,CAACK,IAAb,CAArB;AACAP,IAAAA,UAAU,GAAG,IAAIQ,CAAJ,CAAMN,WAAN,EAAmBN,MAAnB,CAAb;;AACA,QAAIG,WAAW,CAACU,qBAAZ,CAAkCT,UAAlC,EAA8CL,eAA9C,EAA+DC,MAA/D,CAAJ,EAA4E;AAC1E,UAAII,UAAU,CAACU,YAAX,EAAJ,EAA+B;AAC7B;AACA,eAAOV,UAAP;AACD,OAJyE,CAK1E;AACA;;;AACAC,MAAAA,oBAAoB,CAACU,IAArB,CAA0BX,UAA1B;AACD;AACF,GAtBW,CAwBZ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AAEA,SAAOC,oBAAoB,CAAC,CAAD,CAA3B;AACD;;AAED,SAASW,kBAAT,CAA4BC,WAA5B,EAAsD;AACpD,QAAM;AAAEC,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA7C;AACA,SAAO,CAACC,eAAe,CAACE,MAAjB,IAA2B,CAACD,eAAnC;AACD;;AAED,SAASE,SAAT,CAAmBJ,WAAnB,EAA6C;AAC3C,SAAOA,WAAW,CAACC,eAAZ,CAA4BI,IAA5B,CAAiC,CAAC;AAAEX,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,MAAxD,CAAP;AACD;;AAED,SAASY,WAAT,CAAqBN,WAArB,EAA+C;AAC7C,SAAOT,MAAM,CAACC,IAAP,CAAYQ,WAAW,CAACO,OAAxB,EAAiCF,IAAjC,CAAsCG,UAAU,IAAIA,UAAU,CAACf,QAAX,CAAoB,QAApB,CAApD,CAAP;AACD;;AAED,SAASgB,cAAT,CACET,WADF,EAC4Bf,WAD5B,EAEgB;AAAA;;AACd,MAAIyB,QAAQ,GAAG,EAAf;;AACA,MAAI,CAACzB,WAAL,EAAkB;AAChB,WAAOyB,QAAP;AACD;;AAED,QAAM;AAAEC,IAAAA,WAAF;AAAeV,IAAAA;AAAf,MAAmCD,WAAzC,CANc,CAQd;;AACA,QAAMY,cAAc,4BAAGD,WAAW,CAACD,QAAf,0DAAG,sBAAsBG,KAAtB,CAA4BC,GAA5B,CAAgCC,OAAO,IAAIA,OAA3C,CAAvB;;AACA,MAAIH,cAAJ,EAAoB;AAClBF,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGE,cAAjB,CAAX;AACD,GAZa,CAcd;;;AACA,OAAK,IAAIvB,WAAT,IAAwBY,eAAxB,EAAyC;AACvC,UAAMN,CAAC,GAAGV,WAAW,CAACI,WAAW,CAACK,IAAb,CAArB;;AACA,QAAI,CAACC,CAAL,EAAQ;AACN;AACD;;AACD,UAAMR,UAAU,GAAG,IAAIQ,CAAJ,CAAMN,WAAN,CAAnB;AACA,UAAM2B,aAAa,GAAG7B,UAAU,CAAC8B,WAAX,EAAtB;;AACA,QAAID,aAAJ,EAAmB;AACjBN,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGM,aAAjB,CAAX;AACD;AACF;;AAED,SAAON,QAAP;AACD;;AAED,SAASQ,WAAT,CACE/B,UADF,EAC0Ba,WAD1B,EAEY;AACV,QAAMmB,QAAQ,GAAGhC,UAAU,CAAC+B,WAAX,EAAjB;AACA,QAAME,OAAO,GAAGhB,SAAS,CAACJ,WAAD,CAAzB;AACA,QAAMqB,SAAS,GAAGf,WAAW,CAACN,WAAD,CAA7B;AACA,SAAO,EACL,GAAGmB,QADE;AAEL,QAAIC,OAAO,IAAI;AAACA,MAAAA;AAAD,KAAf,CAFK;AAGL,QAAIC,SAAS,IAAI;AAACA,MAAAA;AAAD,KAAjB;AAHK,GAAP;AAKD;;AAED,SAASC,cAAT,CAAwBC,CAAxB,EAA2BtC,WAA3B,EAAwCE,UAAxC,EAAqD;AACnD;AACA,QAAMqC,QAAqB,GAAG,0BAAcD,CAAd,IAAmBA,CAAnB,GAAuB,IAArD;;AACA,MAAI,CAACC,QAAL,EAAe;AACb;AACA,UAAMD,CAAN;AACD;;AACD,QAAME,QAAQ,GAAG1B,kBAAkB,CAACyB,QAAD,CAAnC;AACA,QAAMd,QAAQ,GAAGD,cAAc,CAACe,QAAD,EAAWvC,WAAX,CAA/B;;AACA,MAAIwC,QAAJ,EAAc;AACZ,WAAO;AAAEA,MAAAA,QAAF;AAAYf,MAAAA;AAAZ,KAAP;AACD,GAFD,MAEO;AACL,UAAMS,QAAQ,GAAGhC,UAAU,IAAI+B,WAAW,CAAC/B,UAAD,EAAaqC,QAAb,CAA1C;AACA,WAAO;AACLd,MAAAA,QADK;AAEL,UAAIS,QAAQ,IAAI;AAAEA,QAAAA;AAAF,OAAhB;AAFK,KAAP;AAID;AACF;;AAED,SAASO,mBAAT,CAA6B3C,MAA7B,EAAqCiB,WAArC,EAAmF;AACjF;AACA,SAAOT,MAAM,CAACC,IAAP,CAAYQ,WAAW,CAACO,OAAxB,EAAiCoB,IAAjC,CAAsCC,MAAM,IAAI,CAAC,CAAC7C,MAAM,CAAC8C,MAAT,IAAmBD,MAAM,CAACnC,QAAP,CAAgB,SAAhB,CAAnE,CAAP;AACD;;AAED,SAASqC,sBAAT,CAAgC/C,MAAhC,EAAwC;AACtC;AACAA,EAAAA,MAAM,CAAC8C,MAAP,GAAgBE,SAAhB;AACA,SAAOhD,MAAP;AACD,C,CAED;;;AACO,eAAeiD,SAAf,CACLhC,WADK,EAELjB,MAFK,EAGLC,OAHK,EAIyB;AAC9B,MAAI;AAAEiB,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA3C;AACA,QAAM;AAAEf,IAAAA,WAAF;AAAeC,IAAAA;AAAf,MAA+BF,OAArC,CAF8B,CAI9B;;AACA,MAAIkB,eAAJ,EAAqB;AACnB,WAAO;AAAEF,MAAAA;AAAF,KAAP;AACD,GAP6B,CAS9B;;;AACA,QAAMyB,QAAQ,GAAG1B,kBAAkB,CAACC,WAAD,CAAnC;AACA,QAAMU,QAAQ,GAAGD,cAAc,CAACT,WAAD,EAAcf,WAAd,CAA/B;;AACA,MAAIwC,QAAJ,EAAc;AACZ,WAAO;AAAEA,MAAAA,QAAF;AAAYf,MAAAA;AAAZ,KAAP;AACD,GAd6B,CAgB9B;;;AACA,QAAMuB,gBAAgB,GAAGP,mBAAmB,CAAC3C,MAAD,EAASiB,WAAT,CAA5C;AACA,QAAMO,OAAO,GAAG,CACd,IAAGvB,OAAO,CAACuB,OAAR,IAAmB,EAAtB,CADc,EAEd,IAAI0B,gBAAgB,IAAI,CAACA,gBAAD,CAApB,IAA0C,EAA9C,CAFc,CAAhB;;AAIA,MAAI1B,OAAJ,EAAa;AACX,SAAK,IAAIqB,MAAT,IAAmBrB,OAAnB,EAA4B;AAC1B,UAAI2B,2BAA2B,GAAGJ,sBAAsB,CAAC/C,MAAD,CAAxD;;AACA,UAAI,OAAOiB,WAAW,CAACO,OAAZ,CAAoBqB,MAApB,CAAP,KAAuC,UAA3C,EAAuD;AACrD,YAAI;AACF5B,UAAAA,WAAW,GAAG,MAAMA,WAAW,CAACO,OAAZ,CAAoBqB,MAApB,GAApB;AACD,SAFD,CAEE,OAAOL,CAAP,EAAU;AACV,iBAAOD,cAAc,CAACC,CAAD,EAAItC,WAAJ,CAArB;AACD;;AACD,YAAI2C,MAAM,KAAK,QAAf,EAAyB;AACvB,iBAAO;AAAEO,YAAAA,QAAQ,EAAE;AAAZ,WAAP;AACD;;AACD,eAAOH,SAAS,CAAChC,WAAD,EAAckC,2BAAd,EAA2ClD,OAA3C,CAAhB,CATqD,CASgB;AACtE;AACF;AACF;;AAED,QAAMG,UAAU,GAAGN,aAAa,CAACoB,eAAD,EAAkBlB,MAAlB,EAA0BC,OAA1B,CAAhC;;AAEA,MAAI,CAACG,UAAL,EAAiB;AACf,UAAM,IAAIiD,oBAAJ,CAAkB;AAC5B;AACA,uBAAuBnC,eAAe,CAACoC,MAAhB,CAAuB,CAACC,GAAD,EAAMC,IAAN,KAAeD,GAAG,GAAGA,GAAG,GAAG,IAAN,GAAaC,IAAI,CAAC7C,IAArB,GAA4B6C,IAAI,CAAC7C,IAA1E,EAAgF,EAAhF,CAAoF;AAC3G,KAHU,CAAN;AAID;;AAED,MAAIR,WAAW,CAACsD,YAAZ,CAAyBrD,UAAzB,CAAJ,EAA0C;AACxC,UAAM,IAAIiD,oBAAJ,CAAkB;AAC5B,yDAAyDjD,UAAU,CAACsD,OAAX,EAAqB;AAC9E,KAFU,CAAN;AAGD,GApD6B,CAsD9B;AACA;;;AACA,MAAI,CAACtD,UAAU,CAACU,YAAX,EAAL,EAAgC;AAC9B,UAAMsB,QAAQ,GAAGD,WAAW,CAAC/B,UAAD,EAAaa,WAAb,CAA5B;AACA,WAAO;AAAEA,MAAAA,WAAF;AAAemB,MAAAA;AAAf,KAAP;AACD;;AAED,QAAMzB,IAAI,GAAGP,UAAU,CAACsD,OAAX,EAAb;AACA,QAAMC,IAAI,GAAGvD,UAAU,CAACwD,OAAX,EAAb;;AACA,MAAI;AACF3C,IAAAA,WAAW,GAAG,MAAMA,WAAW,CAAC4C,OAAZ,CAAoBlD,IAApB,EAA0BgD,IAA1B,CAApB,CADE,CAGF;;AACA,UAAMxD,WAAW,CAAC2D,iBAAZ,CAA8BnD,IAA9B,CAAN,CAJE,CAMF;;AACA,QAAIM,WAAW,CAACE,eAAhB,EAAiC;AAC/B,aAAO;AAAEF,QAAAA;AAAF,OAAP;AACD,KATC,CAWF;;;AACA,UAAMyB,QAAQ,GAAG1B,kBAAkB,CAACC,WAAD,CAAnC;AACA,UAAMU,QAAQ,GAAGD,cAAc,CAACT,WAAD,EAAcf,WAAd,CAA/B;;AACA,QAAIwC,QAAJ,EAAc;AACZ,aAAO;AAAEA,QAAAA,QAAF;AAAYf,QAAAA;AAAZ,OAAP;AACD,KAhBC,CAkBF;;;AACA,QAAIA,QAAQ,CAACP,MAAb,EAAqB;AACnB,YAAMgB,QAAQ,GAAGD,WAAW,CAAC/B,UAAD,EAAaa,WAAb,CAA5B;AACA,aAAO;AAAEmB,QAAAA,QAAF;AAAYT,QAAAA;AAAZ,OAAP;AACD,KAtBC,CAwBF;AACA;;;AACA3B,IAAAA,MAAM,GAAGI,UAAU,CAAC2D,qBAAX,EAAT;AACA,WAAOd,SAAS,CAAChC,WAAD,EAAcjB,MAAd,EAAsBC,OAAtB,CAAhB,CA3BE,CA2B8C;AACjD,GA5BD,CA4BE,OAAOuC,CAAP,EAAU;AACV,WAAOD,cAAc,CAACC,CAAD,EAAItC,WAAJ,EAAiBE,UAAjB,CAArB;AACD;AACF","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, max-depth, complexity */\nimport { AuthSdkError } from '../errors';\nimport { Remediator, RemediationValues } from './remediators';\nimport { RemediationFlow } from './flow';\nimport { RunOptions } from './run';\nimport { NextStep, IdxMessage } from './types';\nimport { \n  IdxResponse,  \n  IdxRemediation,\n  isIdxResponse, \n} from './types/idx-js';\n\ninterface RemediationResponse {\n  idxResponse?: IdxResponse;\n  nextStep?: NextStep;\n  messages?: IdxMessage[];\n  terminal?: boolean;\n  canceled?: boolean;\n}\n// Return first match idxRemediation in allowed remediators\nexport function getRemediator(\n  idxRemediations: IdxRemediation[],\n  values: RemediationValues,\n  options: RunOptions,\n): Remediator {\n  const { remediators, flowMonitor } = options;\n\n  let remediator;\n  const remediatorCandidates = [];\n  for (let remediation of idxRemediations) {\n    const isRemeditionInFlow = Object.keys(remediators).includes(remediation.name);\n    if (!isRemeditionInFlow) {\n      continue;\n    }\n      \n    const T = remediators[remediation.name];\n    remediator = new T(remediation, values);\n    if (flowMonitor.isRemediatorCandidate(remediator, idxRemediations, values)) {\n      if (remediator.canRemediate()) {\n        // found the remediator\n        return remediator;\n      }\n      // remediator cannot handle the current values\n      // maybe return for next step\n      remediatorCandidates.push(remediator);  \n    }\n  }\n  \n  // TODO: why is it a problem to have multiple remediations? \n  // JIRA: https://oktainc.atlassian.net/browse/OKTA-400758\n  // if (remediatorCandidates.length > 1) {\n  //   const remediationNames = remediatorCandidates.reduce((acc, curr) => {\n  //     const name = curr.getName();\n  //     return acc ? `${acc}, ${name}` : name;\n  //   }, '');\n  //   throw new AuthSdkError(`\n  //     More than one remediation can match the current input, remediations: ${remediationNames}\n  //   `);\n  // }\n\n  return remediatorCandidates[0];\n}\n\nfunction isTerminalResponse(idxResponse: IdxResponse) {\n  const { neededToProceed, interactionCode } = idxResponse;\n  return !neededToProceed.length && !interactionCode;\n}\n\nfunction canSkipFn(idxResponse: IdxResponse) {\n  return idxResponse.neededToProceed.some(({ name }) => name === 'skip');\n}\n\nfunction canResendFn(idxResponse: IdxResponse) {\n  return Object.keys(idxResponse.actions).some(actionName => actionName.includes('resend'));\n}\n\nfunction getIdxMessages(\n  idxResponse: IdxResponse, remediators: RemediationFlow\n): IdxMessage[] {\n  let messages = [];\n  if (!remediators) {\n    return messages;\n  }\n\n  const { rawIdxState, neededToProceed } = idxResponse;\n\n  // Handle global messages\n  const globalMessages = rawIdxState.messages?.value.map(message => message);\n  if (globalMessages) {\n    messages = [...messages, ...globalMessages];\n  }\n\n  // Handle field messages for current flow\n  for (let remediation of neededToProceed) {\n    const T = remediators[remediation.name];\n    if (!T) {\n      continue;\n    }\n    const remediator = new T(remediation);\n    const fieldMessages = remediator.getMessages();\n    if (fieldMessages) {\n      messages = [...messages, ...fieldMessages];\n    }\n  }\n\n  return messages;\n}\n\nfunction getNextStep(\n  remediator: Remediator, idxResponse: IdxResponse\n): NextStep {\n  const nextStep = remediator.getNextStep();\n  const canSkip = canSkipFn(idxResponse);\n  const canResend = canResendFn(idxResponse);\n  return {\n    ...nextStep,\n    ...(canSkip && {canSkip}),\n    ...(canResend && {canResend}),\n  };\n}\n\nfunction handleIdxError(e, remediators, remediator?) {\n  // Handle idx messages\n  const idxState: IdxResponse = isIdxResponse(e) ? e : null;\n  if (!idxState) {\n    // Thrown error terminates the interaction with idx\n    throw e;\n  }\n  const terminal = isTerminalResponse(idxState);\n  const messages = getIdxMessages(idxState, remediators);\n  if (terminal) {\n    return { terminal, messages };\n  } else {\n    const nextStep = remediator && getNextStep(remediator, idxState);\n    return { \n      messages, \n      ...(nextStep && { nextStep }) \n    };\n  }\n}\n\nfunction getActionFromValues(values, idxResponse: IdxResponse): string | undefined {\n  // Currently support resend actions only\n  return Object.keys(idxResponse.actions).find(action => !!values.resend && action.includes('-resend'));\n}\n\nfunction removeActionFromValues(values) {\n  // Currently support resend actions only\n  values.resend = undefined;\n  return values;\n}\n\n// This function is called recursively until it reaches success or cannot be remediated\nexport async function remediate(\n  idxResponse: IdxResponse,\n  values: RemediationValues,\n  options: RunOptions\n): Promise<RemediationResponse> {\n  let { neededToProceed, interactionCode } = idxResponse;\n  const { remediators, flowMonitor } = options;\n\n  // If the response contains an interaction code, there is no need to remediate\n  if (interactionCode) {\n    return { idxResponse };\n  }\n\n  // Reach to terminal state\n  const terminal = isTerminalResponse(idxResponse);\n  const messages = getIdxMessages(idxResponse, remediators);\n  if (terminal) {\n    return { terminal, messages };\n  }\n  \n  // Try actions in idxResponse first\n  const actionFromValues = getActionFromValues(values, idxResponse);\n  const actions = [\n    ...options.actions || [],\n    ...(actionFromValues && [actionFromValues] || []),\n  ];\n  if (actions) {\n    for (let action of actions) {\n      let valuesWithoutExecutedAction = removeActionFromValues(values);\n      if (typeof idxResponse.actions[action] === 'function') {\n        try {\n          idxResponse = await idxResponse.actions[action]();\n        } catch (e) {\n          return handleIdxError(e, remediators);\n        }\n        if (action === 'cancel') {\n          return { canceled: true };\n        }\n        return remediate(idxResponse, valuesWithoutExecutedAction, options); // recursive call\n      }\n    }\n  }\n\n  const remediator = getRemediator(neededToProceed, values, options);\n  \n  if (!remediator) {\n    throw new AuthSdkError(`\n      No remediation can match current flow, check policy settings in your org.\n      Remediations: [${neededToProceed.reduce((acc, curr) => acc ? acc + ' ,' + curr.name : curr.name, '')}]\n    `);\n  }\n\n  if (flowMonitor.loopDetected(remediator)) {\n    throw new AuthSdkError(`\n      Remediation run into loop, break!!! remediation: ${remediator.getName()}\n    `);\n  }\n\n  // Recursive loop breaker\n  // Return next step to the caller\n  if (!remediator.canRemediate()) {\n    const nextStep = getNextStep(remediator, idxResponse);\n    return { idxResponse, nextStep };\n  }\n\n  const name = remediator.getName();\n  const data = remediator.getData();\n  try {\n    idxResponse = await idxResponse.proceed(name, data);\n\n    // Track succeed remediations in the current transaction\n    await flowMonitor.trackRemediations(name);\n    \n    // Successfully get interaction code\n    if (idxResponse.interactionCode) {\n      return { idxResponse };\n    }\n\n    // Reach to terminal state\n    const terminal = isTerminalResponse(idxResponse);\n    const messages = getIdxMessages(idxResponse, remediators);\n    if (terminal) {\n      return { terminal, messages };\n    }\n\n    // Handle idx message in nextStep\n    if (messages.length) {\n      const nextStep = getNextStep(remediator, idxResponse);\n      return { nextStep, messages };\n    }\n    \n    // We may want to trim the values bag for the next remediation\n    // Let the remediator decide what the values should be (default to current values)\n    values = remediator.getValuesAfterProceed();\n    return remediate(idxResponse, values, options); // recursive call\n  } catch (e) {\n    return handleIdxError(e, remediators, remediator);\n  }\n}\n"],"file":"remediate.js"}

package/cjs/idx/remediators/Base/Remediator.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../../lib/idx/remediators/Base/Remediator.ts"],"names":["Remediator","constructor","remediation","values","authenticators","map","authenticator","key","getName","name","canRemediate","required","needed","find","hasData","getData","allValues","res","reduce","data","value","entry","i","length","val","Object","keys","getNextStep","inputs","getInputs","getAuthenticator","type","inputFromRemediation","item","input","aliases","includes","AuthSdkError","Array","isArray","forEach","push","getMessages","form","messages","field","getValuesAfterProceed","authenticatorKey","filter","relatesTo"],"mappings":";;;;AAcA;;AAGA;;AAjBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAcA;AACO,MAAMA,UAAN,CAAiB;AAOtBC,EAAAA,WAAW,CAACC,WAAD,EAA8BC,MAAyB,GAAG,EAA1D,EAA8D;AAAA;;AACvE;AACAA,IAAAA,MAAM,CAACC,cAAP,GAAyB,0BAAAD,MAAM,CAACC,cAAP,gFAAuBC,GAAvB,CAA2BC,aAAa,IAAI;AACnE,aAAO,OAAOA,aAAP,KAAyB,QAAzB,GACH;AAAEC,QAAAA,GAAG,EAAED;AAAP,OADG,GACsBA,aAD7B;AAED,KAHwB,MAGnB,EAHN,CAFuE,CAOvE;;AACA,SAAKH,MAAL,GAAcA,MAAd;AACA,SAAKD,WAAL,GAAmBA,WAAnB;AACD;;AAEDM,EAAAA,OAAO,GAAW;AAChB,WAAO,KAAKN,WAAL,CAAiBO,IAAxB;AACD,GArBqB,CAuBtB;;;AACAC,EAAAA,YAAY,GAAY;AACtB,QAAI,CAAC,KAAKL,GAAV,EAAe;AACb,aAAO,KAAP;AACD;;AACD,UAAMM,QAAQ,GAAG,6BAAkB,KAAKT,WAAvB,CAAjB;AACA,UAAMU,MAAM,GAAGD,QAAQ,CAACE,IAAT,CAAeN,GAAD,IAAS,CAAC,KAAKO,OAAL,CAAaP,GAAb,CAAxB,CAAf;;AACA,QAAIK,MAAJ,EAAY;AACV,aAAO,KAAP,CADU,CACI;AACf;;AACD,WAAO,IAAP,CATsB,CAST;AACd,GAlCqB,CAoCtB;;;AACAG,EAAAA,OAAO,CAACR,GAAD,EAAe;AAEpB,QAAI,CAACA,GAAL,EAAU;AACR,UAAIS,SAAS,GAAG,wBAAa,KAAKd,WAAlB,CAAhB;AACA,UAAIe,GAAG,GAAGD,SAAS,CAACE,MAAV,CAAiB,CAACC,IAAD,EAAOZ,GAAP,KAAe;AACxCY,QAAAA,IAAI,CAACZ,GAAD,CAAJ,GAAY,KAAKQ,OAAL,CAAaR,GAAb,CAAZ,CADwC,CACT;;AAC/B,eAAOY,IAAP;AACD,OAHS,EAGP,EAHO,CAAV;AAIA,aAAOF,GAAP;AACD,KATmB,CAWpB;;;AACA,QAAI,OAAO,KAAM,MAAK,qBAAUV,GAAV,CAAe,EAA1B,CAAP,KAAwC,UAA5C,EAAwD;AACtD,aAAO,KAAM,MAAK,qBAAUA,GAAV,CAAe,EAA1B,EACL,KAAKL,WAAL,CAAiBkB,KAAjB,CAAuBP,IAAvB,CAA4B,CAAC;AAACJ,QAAAA;AAAD,OAAD,KAAYA,IAAI,KAAKF,GAAjD,CADK,CAAP;AAGD;;AAED,QAAI,CAAC,KAAKF,GAAV,EAAe;AACb,aAAO,KAAKF,MAAL,CAAYI,GAAZ,CAAP;AACD,KApBmB,CAsBpB;;;AACA,UAAMc,KAAK,GAAG,KAAKhB,GAAL,CAASE,GAAT,CAAd;;AACA,QAAI,CAACc,KAAL,EAAY;AACV,aAAO,KAAKlB,MAAL,CAAYI,GAAZ,CAAP;AACD,KA1BmB,CA4BpB;;;AACA,SAAK,IAAIe,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGD,KAAK,CAACE,MAA1B,EAAkCD,CAAC,EAAnC,EAAuC;AACrC,UAAIE,GAAG,GAAG,KAAKrB,MAAL,CAAYkB,KAAK,CAACC,CAAD,CAAjB,CAAV;;AACA,UAAIE,GAAJ,EAAS;AACP,eAAOA,GAAP;AACD;AACF;AACF;;AAEDV,EAAAA,OAAO,CACLP,GADK,EAGP;AACE;AAEA;AACA,UAAMY,IAAI,GAAG,KAAKJ,OAAL,CAAaR,GAAb,CAAb;;AACA,QAAI,OAAOY,IAAP,KAAgB,QAApB,EAA8B;AAC5B,aAAO,CAAC,CAACM,MAAM,CAACC,IAAP,CAAYP,IAAZ,EAAkBN,IAAlB,CAAuBN,GAAG,IAAI,CAAC,CAACY,IAAI,CAACZ,GAAD,CAApC,CAAT;AACD;;AACD,WAAO,CAAC,CAACY,IAAT;AACD;;AAEDQ,EAAAA,WAAW,GAAa;AACtB,UAAMlB,IAAI,GAAG,KAAKD,OAAL,EAAb;AACA,UAAMoB,MAAM,GAAG,KAAKC,SAAL,EAAf;AACA,UAAMvB,aAAa,GAAG,KAAKwB,gBAAL,EAAtB,CAHsB,CAItB;AACA;;AACA,UAAMC,IAAI,GAAGzB,aAAH,aAAGA,aAAH,uBAAGA,aAAa,CAAEyB,IAA5B;AACA,WAAO;AACLtB,MAAAA,IADK;AAELmB,MAAAA,MAFK;AAGL,UAAIG,IAAI,IAAI;AAAEA,QAAAA;AAAF,OAAZ,CAHK;AAIL,UAAIzB,aAAa,IAAI;AAAEA,QAAAA;AAAF,OAArB;AAJK,KAAP;AAMD,GArGqB,CAuGtB;;;AACQuB,EAAAA,SAAS,GAAG;AAClB,QAAI,CAAC,KAAKxB,GAAV,EAAe;AACb,aAAO,EAAP;AACD;;AAED,WAAOoB,MAAM,CAACC,IAAP,CAAY,KAAKrB,GAAjB,EAAsBa,MAAtB,CAA6B,CAACU,MAAD,EAASrB,GAAT,KAAiB;AACnD,YAAMyB,oBAAoB,GAAG,KAAK9B,WAAL,CAAiBkB,KAAjB,CAAuBP,IAAvB,CAA4BoB,IAAI,IAAIA,IAAI,CAACxB,IAAL,KAAcF,GAAlD,CAA7B;;AACA,UAAI,CAACyB,oBAAL,EAA2B;AACzB,eAAOJ,MAAP;AACD;;AAED,UAAIM,KAAJ;AACA,YAAMC,OAAO,GAAG,KAAK9B,GAAL,CAASE,GAAT,CAAhB;AACA,YAAM;AAAEwB,QAAAA;AAAF,UAAWC,oBAAjB;;AACA,UAAI,OAAO,KAAM,WAAU,qBAAUzB,GAAV,CAAe,EAA/B,CAAP,KAA6C,UAAjD,EAA6D;AAC3D2B,QAAAA,KAAK,GAAG,KAAM,WAAU,qBAAU3B,GAAV,CAAe,EAA/B,EAAkCyB,oBAAlC,CAAR;AACD,OAFD,MAEO,IAAID,IAAI,KAAK,QAAb,EAAuB;AAC5B;AACA,YAAItB,IAAJ;;AACA,YAAI0B,OAAO,CAACZ,MAAR,KAAmB,CAAvB,EAA0B;AACxBd,UAAAA,IAAI,GAAG0B,OAAO,CAAC,CAAD,CAAd;AACD,SAFD,MAEO;AACL;AACA1B,UAAAA,IAAI,GAAG0B,OAAO,CAACtB,IAAR,CAAaJ,IAAI,IAAIgB,MAAM,CAACC,IAAP,CAAY,KAAKvB,MAAjB,EAAyBiC,QAAzB,CAAkC3B,IAAlC,CAArB,CAAP;AACD;;AACD,YAAIA,IAAJ,EAAU;AACRyB,UAAAA,KAAK,GAAG,EAAE,GAAGF,oBAAL;AAA2BvB,YAAAA;AAA3B,WAAR;AACD;AACF;;AAED,UAAI,CAACyB,KAAL,EAAY;AACV,cAAM,IAAIG,oBAAJ,CAAkB,0BAAyB,qBAAU9B,GAAV,CAAe,0BAAyB,KAAKC,OAAL,EAAe,EAAlG,CAAN;AACD;;AAED,UAAI8B,KAAK,CAACC,OAAN,CAAcL,KAAd,CAAJ,EAA0B;AACxBA,QAAAA,KAAK,CAACM,OAAN,CAAclB,CAAC,IAAIM,MAAM,CAACa,IAAP,CAAYnB,CAAZ,CAAnB;AACD,OAFD,MAEO;AACLM,QAAAA,MAAM,CAACa,IAAP,CAAYP,KAAZ;AACD;;AACD,aAAON,MAAP;AACD,KAnCM,EAmCJ,EAnCI,CAAP;AAoCD,GAjJqB,CAmJtB;;;AACAc,EAAAA,WAAW,GAA6B;AAAA;;AACtC,QAAI,CAAC,KAAKxC,WAAL,CAAiBkB,KAAtB,EAA6B;AAC3B;AACD;;AACD,oCAAO,KAAKlB,WAAL,CAAiBkB,KAAjB,CAAuB,CAAvB,CAAP,oFAAO,sBAA2BuB,IAAlC,2DAAO,uBAAiCvB,KAAjC,CAAuCF,MAAvC,CAA8C,CAAC0B,QAAD,EAAWC,KAAX,KAAqB;AACxE,UAAIA,KAAK,CAACD,QAAV,EAAoB;AAClBA,QAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGC,KAAK,CAACD,QAAN,CAAexB,KAAhC,CAAX;AACD;;AACD,aAAOwB,QAAP;AACD,KALM,EAKJ,EALI,CAAP;AAMD,GA9JqB,CAgKtB;AACA;;;AACAE,EAAAA,qBAAqB,GAAY;AAAA;;AAC/B,UAAMC,gBAAgB,4BAAG,KAAKjB,gBAAL,EAAH,0DAAG,sBAAyBvB,GAAlD;AACA,UAAMH,cAAc,4BAAI,KAAKD,MAAL,CAAYC,cAAhB,0DAAG,sBACnB4C,MADmB,CACZ1C,aAAa,IAAIA,aAAa,CAACC,GAAd,KAAsBwC,gBAD3B,CAAvB;AAEA,WAAO,EAAE,GAAG,KAAK5C,MAAV;AAAkBC,MAAAA;AAAlB,KAAP;AACD;;AAES0B,EAAAA,gBAAgB,GAAiC;AAAA;;AACzD,oCAAO,KAAK5B,WAAL,CAAiB+C,SAAxB,0DAAO,sBAA4B7B,KAAnC;AACD;;AA3KqB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable complexity */\nimport { AuthSdkError } from '../../../errors';\nimport { NextStep, IdxMessage, Authenticator } from '../../types';\nimport { IdxAuthenticator, IdxRemediation } from '../../types/idx-js';\nimport { getAllValues, getRequiredValues, titleCase } from '../util';\n\n// A map from IDX data values (server spec) to RemediationValues (client spec)\nexport type IdxToRemediationValueMap = Record<string, string[]>;\n\nexport interface RemediationValues {\n  stateHandle?: string;\n  authenticators?: Authenticator[] | string[];\n}\n\n// Base class - DO NOT expose static remediationName\nexport class Remediator {\n  static remediationName: string;\n\n  remediation: IdxRemediation;\n  values: RemediationValues;\n  map?: IdxToRemediationValueMap;\n\n  constructor(remediation: IdxRemediation, values: RemediationValues = {}) {\n    // map authenticators to Authenticator[] type\n    values.authenticators = (values.authenticators?.map(authenticator => {\n      return typeof authenticator === 'string' \n        ? { key: authenticator } : authenticator;\n    }) || []) as Authenticator[];\n    \n    // assign fields to the instance\n    this.values = values;\n    this.remediation = remediation;\n  }\n\n  getName(): string {\n    return this.remediation.name;\n  }\n\n  // Override this method to provide custom check\n  canRemediate(): boolean {\n    if (!this.map) {\n      return false;\n    }\n    const required = getRequiredValues(this.remediation);\n    const needed = required.find((key) => !this.hasData(key));\n    if (needed) {\n      return false; // missing data for a required field\n    }\n    return true; // all required fields have available data\n  }\n\n  // returns an object for the entire remediation form, or just a part\n  getData(key?: string) {\n\n    if (!key) {\n      let allValues = getAllValues(this.remediation);\n      let res = allValues.reduce((data, key) => {\n        data[key] = this.getData(key); // recursive\n        return data;\n      }, {});\n      return res;\n    }\n\n    // Map value by \"map${Property}\" function in each subClass\n    if (typeof this[`map${titleCase(key)}`] === 'function') {\n      return this[`map${titleCase(key)}`](\n        this.remediation.value.find(({name}) => name === key)\n      );\n    }\n\n    if (!this.map) {\n      return this.values[key];\n    }\n\n    // Handle general primitive types\n    const entry = this.map[key];\n    if (!entry) {\n      return this.values[key];\n    }\n\n    // find the first aliased property that returns a truthy value\n    for (let i = 0; i < entry.length; i++) {\n      let val = this.values[entry[i]];\n      if (val) {\n        return val;\n      }\n    }\n  }\n\n  hasData(\n    key: string // idx name\n  ): boolean \n  {\n    // no attempt to format, we want simple true/false\n\n    // First see if the remediation has a mapping for this vale\n    const data = this.getData(key);\n    if (typeof data === 'object') {\n      return !!Object.keys(data).find(key => !!data[key]);\n    }\n    return !!data;\n  }\n\n  getNextStep(): NextStep {\n    const name = this.getName();\n    const inputs = this.getInputs();\n    const authenticator = this.getAuthenticator();\n    // TODO: remove type field in the next major version change\n    // https://oktainc.atlassian.net/browse/OKTA-431749\n    const type = authenticator?.type;\n    return { \n      name, \n      inputs, \n      ...(type && { type }),\n      ...(authenticator && { authenticator }),\n    };\n  }\n\n  // Get inputs for the next step\n  private getInputs() {\n    if (!this.map) {\n      return [];\n    }\n\n    return Object.keys(this.map).reduce((inputs, key) => {\n      const inputFromRemediation = this.remediation.value.find(item => item.name === key);\n      if (!inputFromRemediation) {\n        return inputs;\n      }\n\n      let input;\n      const aliases = this.map[key];\n      const { type } = inputFromRemediation;\n      if (typeof this[`getInput${titleCase(key)}`] === 'function') {\n        input = this[`getInput${titleCase(key)}`](inputFromRemediation);\n      } else if (type !== 'object') {\n        // handle general primitive types\n        let name;\n        if (aliases.length === 1) {\n          name = aliases[0];\n        } else {\n          // try find key from values\n          name = aliases.find(name => Object.keys(this.values).includes(name));\n        }\n        if (name) {\n          input = { ...inputFromRemediation, name };\n        }\n      } \n\n      if (!input) {\n        throw new AuthSdkError(`Missing custom getInput${titleCase(key)} method in Remediator: ${this.getName()}`);\n      }\n\n      if (Array.isArray(input)) {\n        input.forEach(i => inputs.push(i));\n      } else {\n        inputs.push(input);\n      }\n      return inputs;\n    }, []);\n  }\n\n  // Override this method to grab messages per remediation\n  getMessages(): IdxMessage[] | undefined {\n    if (!this.remediation.value) {\n      return;\n    }\n    return this.remediation.value[0]?.form?.value.reduce((messages, field) => {\n      if (field.messages) {\n        messages = [...messages, ...field.messages.value];\n      }\n      return messages;\n    }, []);\n  }\n\n  // Prepare values for the next remediation\n  // In general, remove finished authenticator from list\n  getValuesAfterProceed(): unknown {\n    const authenticatorKey = this.getAuthenticator()?.key;\n    const authenticators = (this.values.authenticators as Authenticator[])\n      ?.filter(authenticator => authenticator.key !== authenticatorKey);\n    return { ...this.values, authenticators };\n  }\n\n  protected getAuthenticator(): IdxAuthenticator | undefined {\n    return this.remediation.relatesTo?.value;\n  }\n\n}\n"],"file":"Remediator.js"}
+{"version":3,"sources":["../../../../../lib/idx/remediators/Base/Remediator.ts"],"names":["Remediator","constructor","remediation","values","authenticators","map","authenticator","key","getName","name","canRemediate","required","needed","find","hasData","getData","allValues","res","reduce","data","value","entry","i","length","val","Object","keys","getNextStep","inputs","getInputs","getAuthenticator","type","inputFromRemediation","item","input","aliases","includes","AuthSdkError","Array","isArray","forEach","push","getMessages","form","messages","field","getValuesAfterProceed","authenticatorKey","filter","relatesTo"],"mappings":";;;;AAcA;;AAGA;;AAjBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAcA;AACO,MAAMA,UAAN,CAAiB;AAOtBC,EAAAA,WAAW,CAACC,WAAD,EAA8BC,MAAyB,GAAG,EAA1D,EAA8D;AAAA;;AACvE;AACAA,IAAAA,MAAM,CAACC,cAAP,GAAyB,0BAAAD,MAAM,CAACC,cAAP,gFAAuBC,GAAvB,CAA2BC,aAAa,IAAI;AACnE,aAAO,OAAOA,aAAP,KAAyB,QAAzB,GACH;AAAEC,QAAAA,GAAG,EAAED;AAAP,OADG,GACsBA,aAD7B;AAED,KAHwB,MAGnB,EAHN,CAFuE,CAOvE;;AACA,SAAKH,MAAL,GAAcA,MAAd;AACA,SAAKD,WAAL,GAAmBA,WAAnB;AACD;;AAEDM,EAAAA,OAAO,GAAW;AAChB,WAAO,KAAKN,WAAL,CAAiBO,IAAxB;AACD,GArBqB,CAuBtB;;;AACAC,EAAAA,YAAY,GAAY;AACtB,QAAI,CAAC,KAAKL,GAAV,EAAe;AACb,aAAO,KAAP;AACD;;AACD,UAAMM,QAAQ,GAAG,6BAAkB,KAAKT,WAAvB,CAAjB;AACA,UAAMU,MAAM,GAAGD,QAAQ,CAACE,IAAT,CAAeN,GAAD,IAAS,CAAC,KAAKO,OAAL,CAAaP,GAAb,CAAxB,CAAf;;AACA,QAAIK,MAAJ,EAAY;AACV,aAAO,KAAP,CADU,CACI;AACf;;AACD,WAAO,IAAP,CATsB,CAST;AACd,GAlCqB,CAoCtB;;;AACAG,EAAAA,OAAO,CAACR,GAAD,EAAe;AAEpB,QAAI,CAACA,GAAL,EAAU;AACR,UAAIS,SAAS,GAAG,wBAAa,KAAKd,WAAlB,CAAhB;AACA,UAAIe,GAAG,GAAGD,SAAS,CAACE,MAAV,CAAiB,CAACC,IAAD,EAAOZ,GAAP,KAAe;AACxCY,QAAAA,IAAI,CAACZ,GAAD,CAAJ,GAAY,KAAKQ,OAAL,CAAaR,GAAb,CAAZ,CADwC,CACT;;AAC/B,eAAOY,IAAP;AACD,OAHS,EAGP,EAHO,CAAV;AAIA,aAAOF,GAAP;AACD,KATmB,CAWpB;;;AACA,QAAI,OAAO,KAAM,MAAK,qBAAUV,GAAV,CAAe,EAA1B,CAAP,KAAwC,UAA5C,EAAwD;AACtD,aAAO,KAAM,MAAK,qBAAUA,GAAV,CAAe,EAA1B,EACL,KAAKL,WAAL,CAAiBkB,KAAjB,CAAuBP,IAAvB,CAA4B,CAAC;AAACJ,QAAAA;AAAD,OAAD,KAAYA,IAAI,KAAKF,GAAjD,CADK,CAAP;AAGD;;AAED,QAAI,CAAC,KAAKF,GAAV,EAAe;AACb,aAAO,KAAKF,MAAL,CAAYI,GAAZ,CAAP;AACD,KApBmB,CAsBpB;;;AACA,UAAMc,KAAK,GAAG,KAAKhB,GAAL,CAASE,GAAT,CAAd;;AACA,QAAI,CAACc,KAAL,EAAY;AACV,aAAO,KAAKlB,MAAL,CAAYI,GAAZ,CAAP;AACD,KA1BmB,CA4BpB;;;AACA,SAAK,IAAIe,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGD,KAAK,CAACE,MAA1B,EAAkCD,CAAC,EAAnC,EAAuC;AACrC,UAAIE,GAAG,GAAG,KAAKrB,MAAL,CAAYkB,KAAK,CAACC,CAAD,CAAjB,CAAV;;AACA,UAAIE,GAAJ,EAAS;AACP,eAAOA,GAAP;AACD;AACF;AACF;;AAEDV,EAAAA,OAAO,CACLP,GADK,EAGP;AACE;AAEA;AACA,UAAMY,IAAI,GAAG,KAAKJ,OAAL,CAAaR,GAAb,CAAb;;AACA,QAAI,OAAOY,IAAP,KAAgB,QAApB,EAA8B;AAC5B,aAAO,CAAC,CAACM,MAAM,CAACC,IAAP,CAAYP,IAAZ,EAAkBN,IAAlB,CAAuBN,GAAG,IAAI,CAAC,CAACY,IAAI,CAACZ,GAAD,CAApC,CAAT;AACD;;AACD,WAAO,CAAC,CAACY,IAAT;AACD;;AAEDQ,EAAAA,WAAW,GAAa;AACtB,UAAMlB,IAAI,GAAG,KAAKD,OAAL,EAAb;AACA,UAAMoB,MAAM,GAAG,KAAKC,SAAL,EAAf;AACA,UAAMvB,aAAa,GAAG,KAAKwB,gBAAL,EAAtB,CAHsB,CAItB;AACA;;AACA,UAAMC,IAAI,GAAGzB,aAAH,aAAGA,aAAH,uBAAGA,aAAa,CAAEyB,IAA5B;AACA,WAAO;AACLtB,MAAAA,IADK;AAELmB,MAAAA,MAFK;AAGL,UAAIG,IAAI,IAAI;AAAEA,QAAAA;AAAF,OAAZ,CAHK;AAIL,UAAIzB,aAAa,IAAI;AAAEA,QAAAA;AAAF,OAArB;AAJK,KAAP;AAMD,GArGqB,CAuGtB;;;AACQuB,EAAAA,SAAS,GAAY;AAC3B,QAAI,CAAC,KAAKxB,GAAV,EAAe;AACb,aAAO,EAAP;AACD;;AAED,WAAOoB,MAAM,CAACC,IAAP,CAAY,KAAKrB,GAAjB,EAAsBa,MAAtB,CAA6B,CAACU,MAAD,EAASrB,GAAT,KAAiB;AACnD,YAAMyB,oBAAoB,GAAG,KAAK9B,WAAL,CAAiBkB,KAAjB,CAAuBP,IAAvB,CAA4BoB,IAAI,IAAIA,IAAI,CAACxB,IAAL,KAAcF,GAAlD,CAA7B;;AACA,UAAI,CAACyB,oBAAL,EAA2B;AACzB,eAAOJ,MAAP;AACD;;AAED,UAAIM,KAAJ;AACA,YAAMC,OAAO,GAAG,KAAK9B,GAAL,CAASE,GAAT,CAAhB;AACA,YAAM;AAAEwB,QAAAA;AAAF,UAAWC,oBAAjB;;AACA,UAAI,OAAO,KAAM,WAAU,qBAAUzB,GAAV,CAAe,EAA/B,CAAP,KAA6C,UAAjD,EAA6D;AAC3D2B,QAAAA,KAAK,GAAG,KAAM,WAAU,qBAAU3B,GAAV,CAAe,EAA/B,EAAkCyB,oBAAlC,CAAR;AACD,OAFD,MAEO,IAAID,IAAI,KAAK,QAAb,EAAuB;AAC5B;AACA,YAAItB,IAAJ;;AACA,YAAI0B,OAAO,CAACZ,MAAR,KAAmB,CAAvB,EAA0B;AACxBd,UAAAA,IAAI,GAAG0B,OAAO,CAAC,CAAD,CAAd;AACD,SAFD,MAEO;AACL;AACA1B,UAAAA,IAAI,GAAG0B,OAAO,CAACtB,IAAR,CAAaJ,IAAI,IAAIgB,MAAM,CAACC,IAAP,CAAY,KAAKvB,MAAjB,EAAyBiC,QAAzB,CAAkC3B,IAAlC,CAArB,CAAP;AACD;;AACD,YAAIA,IAAJ,EAAU;AACRyB,UAAAA,KAAK,GAAG,EAAE,GAAGF,oBAAL;AAA2BvB,YAAAA;AAA3B,WAAR;AACD;AACF;;AAED,UAAI,CAACyB,KAAL,EAAY;AACV,cAAM,IAAIG,oBAAJ,CAAkB,0BAAyB,qBAAU9B,GAAV,CAAe,0BAAyB,KAAKC,OAAL,EAAe,EAAlG,CAAN;AACD;;AAED,UAAI8B,KAAK,CAACC,OAAN,CAAcL,KAAd,CAAJ,EAA0B;AACxBA,QAAAA,KAAK,CAACM,OAAN,CAAclB,CAAC,IAAIM,MAAM,CAACa,IAAP,CAAYnB,CAAZ,CAAnB;AACD,OAFD,MAEO;AACLM,QAAAA,MAAM,CAACa,IAAP,CAAYP,KAAZ;AACD;;AACD,aAAON,MAAP;AACD,KAnCM,EAmCJ,EAnCI,CAAP;AAoCD,GAjJqB,CAmJtB;;;AACAc,EAAAA,WAAW,GAA6B;AAAA;;AACtC,QAAI,CAAC,KAAKxC,WAAL,CAAiBkB,KAAtB,EAA6B;AAC3B;AACD;;AACD,oCAAO,KAAKlB,WAAL,CAAiBkB,KAAjB,CAAuB,CAAvB,CAAP,oFAAO,sBAA2BuB,IAAlC,2DAAO,uBAAiCvB,KAAjC,CAAuCF,MAAvC,CAA8C,CAAC0B,QAAD,EAAWC,KAAX,KAAqB;AACxE,UAAIA,KAAK,CAACD,QAAV,EAAoB;AAClBA,QAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGC,KAAK,CAACD,QAAN,CAAexB,KAAhC,CAAX;AACD;;AACD,aAAOwB,QAAP;AACD,KALM,EAKJ,EALI,CAAP;AAMD,GA9JqB,CAgKtB;AACA;;;AACAE,EAAAA,qBAAqB,GAAY;AAAA;;AAC/B,UAAMC,gBAAgB,4BAAG,KAAKjB,gBAAL,EAAH,0DAAG,sBAAyBvB,GAAlD;AACA,UAAMH,cAAc,4BAAI,KAAKD,MAAL,CAAYC,cAAhB,0DAAG,sBACnB4C,MADmB,CACZ1C,aAAa,IAAIA,aAAa,CAACC,GAAd,KAAsBwC,gBAD3B,CAAvB;AAEA,WAAO,EAAE,GAAG,KAAK5C,MAAV;AAAkBC,MAAAA;AAAlB,KAAP;AACD;;AAES0B,EAAAA,gBAAgB,GAAiC;AAAA;;AACzD,oCAAO,KAAK5B,WAAL,CAAiB+C,SAAxB,0DAAO,sBAA4B7B,KAAnC;AACD;;AA3KqB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable complexity */\nimport { AuthSdkError } from '../../../errors';\nimport { NextStep, IdxMessage, Authenticator, Input } from '../../types';\nimport { IdxAuthenticator, IdxRemediation } from '../../types/idx-js';\nimport { getAllValues, getRequiredValues, titleCase } from '../util';\n\n// A map from IDX data values (server spec) to RemediationValues (client spec)\nexport type IdxToRemediationValueMap = Record<string, string[]>;\n\nexport interface RemediationValues {\n  stateHandle?: string;\n  authenticators?: Authenticator[] | string[];\n}\n\n// Base class - DO NOT expose static remediationName\nexport class Remediator {\n  static remediationName: string;\n\n  remediation: IdxRemediation;\n  values: RemediationValues;\n  map?: IdxToRemediationValueMap;\n\n  constructor(remediation: IdxRemediation, values: RemediationValues = {}) {\n    // map authenticators to Authenticator[] type\n    values.authenticators = (values.authenticators?.map(authenticator => {\n      return typeof authenticator === 'string' \n        ? { key: authenticator } : authenticator;\n    }) || []) as Authenticator[];\n    \n    // assign fields to the instance\n    this.values = values;\n    this.remediation = remediation;\n  }\n\n  getName(): string {\n    return this.remediation.name;\n  }\n\n  // Override this method to provide custom check\n  canRemediate(): boolean {\n    if (!this.map) {\n      return false;\n    }\n    const required = getRequiredValues(this.remediation);\n    const needed = required.find((key) => !this.hasData(key));\n    if (needed) {\n      return false; // missing data for a required field\n    }\n    return true; // all required fields have available data\n  }\n\n  // returns an object for the entire remediation form, or just a part\n  getData(key?: string) {\n\n    if (!key) {\n      let allValues = getAllValues(this.remediation);\n      let res = allValues.reduce((data, key) => {\n        data[key] = this.getData(key); // recursive\n        return data;\n      }, {});\n      return res;\n    }\n\n    // Map value by \"map${Property}\" function in each subClass\n    if (typeof this[`map${titleCase(key)}`] === 'function') {\n      return this[`map${titleCase(key)}`](\n        this.remediation.value.find(({name}) => name === key)\n      );\n    }\n\n    if (!this.map) {\n      return this.values[key];\n    }\n\n    // Handle general primitive types\n    const entry = this.map[key];\n    if (!entry) {\n      return this.values[key];\n    }\n\n    // find the first aliased property that returns a truthy value\n    for (let i = 0; i < entry.length; i++) {\n      let val = this.values[entry[i]];\n      if (val) {\n        return val;\n      }\n    }\n  }\n\n  hasData(\n    key: string // idx name\n  ): boolean \n  {\n    // no attempt to format, we want simple true/false\n\n    // First see if the remediation has a mapping for this vale\n    const data = this.getData(key);\n    if (typeof data === 'object') {\n      return !!Object.keys(data).find(key => !!data[key]);\n    }\n    return !!data;\n  }\n\n  getNextStep(): NextStep {\n    const name = this.getName();\n    const inputs = this.getInputs();\n    const authenticator = this.getAuthenticator();\n    // TODO: remove type field in the next major version change\n    // https://oktainc.atlassian.net/browse/OKTA-431749\n    const type = authenticator?.type;\n    return { \n      name, \n      inputs, \n      ...(type && { type }),\n      ...(authenticator && { authenticator }),\n    };\n  }\n\n  // Get inputs for the next step\n  private getInputs(): Input[] {\n    if (!this.map) {\n      return [];\n    }\n\n    return Object.keys(this.map).reduce((inputs, key) => {\n      const inputFromRemediation = this.remediation.value.find(item => item.name === key);\n      if (!inputFromRemediation) {\n        return inputs;\n      }\n\n      let input: Input;\n      const aliases = this.map[key];\n      const { type } = inputFromRemediation;\n      if (typeof this[`getInput${titleCase(key)}`] === 'function') {\n        input = this[`getInput${titleCase(key)}`](inputFromRemediation);\n      } else if (type !== 'object') {\n        // handle general primitive types\n        let name;\n        if (aliases.length === 1) {\n          name = aliases[0];\n        } else {\n          // try find key from values\n          name = aliases.find(name => Object.keys(this.values).includes(name));\n        }\n        if (name) {\n          input = { ...inputFromRemediation, name };\n        }\n      } \n\n      if (!input) {\n        throw new AuthSdkError(`Missing custom getInput${titleCase(key)} method in Remediator: ${this.getName()}`);\n      }\n\n      if (Array.isArray(input)) {\n        input.forEach(i => inputs.push(i));\n      } else {\n        inputs.push(input);\n      }\n      return inputs;\n    }, []);\n  }\n\n  // Override this method to grab messages per remediation\n  getMessages(): IdxMessage[] | undefined {\n    if (!this.remediation.value) {\n      return;\n    }\n    return this.remediation.value[0]?.form?.value.reduce((messages, field) => {\n      if (field.messages) {\n        messages = [...messages, ...field.messages.value];\n      }\n      return messages;\n    }, []);\n  }\n\n  // Prepare values for the next remediation\n  // In general, remove finished authenticator from list\n  getValuesAfterProceed(): unknown {\n    const authenticatorKey = this.getAuthenticator()?.key;\n    const authenticators = (this.values.authenticators as Authenticator[])\n      ?.filter(authenticator => authenticator.key !== authenticatorKey);\n    return { ...this.values, authenticators };\n  }\n\n  protected getAuthenticator(): IdxAuthenticator | undefined {\n    return this.remediation.relatesTo?.value;\n  }\n\n}\n"],"file":"Remediator.js"}

package/cjs/idx/remediators/Base/VerifyAuthenticator.js

@@ -39,9 +39,11 @@ class VerifyAuthenticator extends _Remediator.Remediator {
   }
 
   getInputCredentials(input) {
+    var _input$form;
+
     const challengeType = this.getAuthenticator().type;
     const name = challengeType === 'password' ? 'password' : 'verificationCode';
-    return { ...input.form.value[0],
+    return { ...((_input$form = input.form) === null || _input$form === void 0 ? void 0 : _input$form.value[0]),
       name,
       type: 'string',
       required: input.required

package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../../lib/idx/remediators/Base/VerifyAuthenticator.ts"],"names":["VerifyAuthenticator","Remediator","canRemediate","values","password","verificationCode","mapCredentials","passcode","getInputCredentials","input","challengeType","getAuthenticator","type","name","form","value","required","getValuesAfterProceed","authenticator"],"mappings":";;;;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAUA;AACO,MAAMA,mBAAN,SAAkCC,sBAAlC,CAA6C;AAAA;AAAA;AAAA,+CAI5C;AACJ,qBAAe;AADX,KAJ4C;AAAA;;AAQlDC,EAAAA,YAAY,GAAG;AACb,WAAO,CAAC,EAAE,KAAKC,MAAL,CAAYC,QAAZ,IAAwB,KAAKD,MAAL,CAAYE,gBAAtC,CAAR;AACD;;AAEDC,EAAAA,cAAc,GAAG;AACf,WAAO;AACLC,MAAAA,QAAQ,EAAE,KAAKJ,MAAL,CAAYE,gBAAZ,IAAgC,KAAKF,MAAL,CAAYC;AADjD,KAAP;AAGD;;AAEDI,EAAAA,mBAAmB,CAACC,KAAD,EAAQ;AACzB,UAAMC,aAAa,GAAG,KAAKC,gBAAL,GAAwBC,IAA9C;AACA,UAAMC,IAAI,GAAGH,aAAa,KAAK,UAAlB,GAA+B,UAA/B,GAA4C,kBAAzD;AACA,WAAO,EACL,GAAGD,KAAK,CAACK,IAAN,CAAWC,KAAX,CAAiB,CAAjB,CADE;AAELF,MAAAA,IAFK;AAGLD,MAAAA,IAAI,EAAE,QAHD;AAILI,MAAAA,QAAQ,EAAEP,KAAK,CAACO;AAJX,KAAP;AAMD;;AAEDC,EAAAA,qBAAqB,GAAG;AACtB,QAAId,MAAM,GAAG,MAAMc,qBAAN,EAAb;AACA,UAAMC,aAAa,GAAG,KAAKP,gBAAL,EAAtB;;AACA,QAAIO,aAAa,CAACN,IAAd,KAAuB,UAA3B,EAAuC;AACrC,aAAOT,MAAM,CAACC,QAAd;AACD,KAFD,MAEO;AACL,aAAOD,MAAM,CAACE,gBAAd;AACD;;AACD,WAAOF,MAAP;AACD;;AAtCiD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Remediator';\n\nexport interface VerifyAuthenticatorValues extends RemediationValues {\n  verificationCode?: string;\n  password?: string;\n}\n\n// Base class - DO NOT expose static remediationName\nexport class VerifyAuthenticator extends Remediator {\n\n  values: VerifyAuthenticatorValues;\n\n  map = {\n    'credentials': []\n  };\n\n  canRemediate() {\n    return !!(this.values.password || this.values.verificationCode);\n  }\n\n  mapCredentials() {\n    return { \n      passcode: this.values.verificationCode || this.values.password\n    };\n  }\n\n  getInputCredentials(input) {\n    const challengeType = this.getAuthenticator().type;\n    const name = challengeType === 'password' ? 'password' : 'verificationCode';\n    return {\n      ...input.form.value[0],\n      name,\n      type: 'string',\n      required: input.required\n    };\n  }\n\n  getValuesAfterProceed() {\n    let values = super.getValuesAfterProceed() as VerifyAuthenticatorValues;\n    const authenticator = this.getAuthenticator();\n    if (authenticator.type === 'password') {\n      delete values.password;\n    } else {\n      delete values.verificationCode;\n    }\n    return values;\n  }\n\n}\n"],"file":"VerifyAuthenticator.js"}
+{"version":3,"sources":["../../../../../lib/idx/remediators/Base/VerifyAuthenticator.ts"],"names":["VerifyAuthenticator","Remediator","canRemediate","values","password","verificationCode","mapCredentials","passcode","getInputCredentials","input","challengeType","getAuthenticator","type","name","form","value","required","getValuesAfterProceed","authenticator"],"mappings":";;;;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAUA;AACO,MAAMA,mBAAN,SAAkCC,sBAAlC,CAA6C;AAAA;AAAA;AAAA,+CAI5C;AACJ,qBAAe;AADX,KAJ4C;AAAA;;AAQlDC,EAAAA,YAAY,GAAG;AACb,WAAO,CAAC,EAAE,KAAKC,MAAL,CAAYC,QAAZ,IAAwB,KAAKD,MAAL,CAAYE,gBAAtC,CAAR;AACD;;AAEDC,EAAAA,cAAc,GAAG;AACf,WAAO;AACLC,MAAAA,QAAQ,EAAE,KAAKJ,MAAL,CAAYE,gBAAZ,IAAgC,KAAKF,MAAL,CAAYC;AADjD,KAAP;AAGD;;AAEDI,EAAAA,mBAAmB,CAACC,KAAD,EAAQ;AAAA;;AACzB,UAAMC,aAAa,GAAG,KAAKC,gBAAL,GAAwBC,IAA9C;AACA,UAAMC,IAAI,GAAGH,aAAa,KAAK,UAAlB,GAA+B,UAA/B,GAA4C,kBAAzD;AACA,WAAO,EACL,mBAAGD,KAAK,CAACK,IAAT,gDAAG,YAAYC,KAAZ,CAAkB,CAAlB,CAAH,CADK;AAELF,MAAAA,IAFK;AAGLD,MAAAA,IAAI,EAAE,QAHD;AAILI,MAAAA,QAAQ,EAAEP,KAAK,CAACO;AAJX,KAAP;AAMD;;AAEDC,EAAAA,qBAAqB,GAAG;AACtB,QAAId,MAAM,GAAG,MAAMc,qBAAN,EAAb;AACA,UAAMC,aAAa,GAAG,KAAKP,gBAAL,EAAtB;;AACA,QAAIO,aAAa,CAACN,IAAd,KAAuB,UAA3B,EAAuC;AACrC,aAAOT,MAAM,CAACC,QAAd;AACD,KAFD,MAEO;AACL,aAAOD,MAAM,CAACE,gBAAd;AACD;;AACD,WAAOF,MAAP;AACD;;AAtCiD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Remediator';\n\nexport interface VerifyAuthenticatorValues extends RemediationValues {\n  verificationCode?: string;\n  password?: string;\n}\n\n// Base class - DO NOT expose static remediationName\nexport class VerifyAuthenticator extends Remediator {\n\n  values: VerifyAuthenticatorValues;\n\n  map = {\n    'credentials': []\n  };\n\n  canRemediate() {\n    return !!(this.values.password || this.values.verificationCode);\n  }\n\n  mapCredentials() {\n    return { \n      passcode: this.values.verificationCode || this.values.password\n    };\n  }\n\n  getInputCredentials(input) {\n    const challengeType = this.getAuthenticator().type;\n    const name = challengeType === 'password' ? 'password' : 'verificationCode';\n    return {\n      ...input.form?.value[0],\n      name,\n      type: 'string',\n      required: input.required\n    };\n  }\n\n  getValuesAfterProceed() {\n    let values = super.getValuesAfterProceed() as VerifyAuthenticatorValues;\n    const authenticator = this.getAuthenticator();\n    if (authenticator.type === 'password') {\n      delete values.password;\n    } else {\n      delete values.verificationCode;\n    }\n    return values;\n  }\n\n}\n"],"file":"VerifyAuthenticator.js"}

package/cjs/idx/remediators/Identify.js

@@ -27,7 +27,8 @@ class Identify extends _Remediator.Remediator {
 
     (0, _defineProperty2.default)(this, "map", {
       'identifier': ['username'],
-      'credentials': []
+      'credentials': [],
+      'rememberMe': ['rememberMe']
     });
     const {
       password,
@@ -37,7 +38,8 @@ class Identify extends _Remediator.Remediator {
     if (password && !authenticators.some(authenticator => authenticator.type === 'password')) {
       this.values = { ...this.values,
         authenticators: [{
-          type: 'password'
+          type: 'password',
+          key: _types.AuthenticatorKey.OKTA_PASSWORD
         }, ...authenticators]
       };
     }

package/cjs/idx/remediators/Identify.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/idx/remediators/Identify.ts"],"names":["Identify","Remediator","constructor","remediation","values","password","authenticators","some","authenticator","type","canRemediate","identifier","getData","mapCredentials","passcode","getInputCredentials","input","form","value","name","required","getValuesAfterProceed","filter","key","AuthenticatorKey","OKTA_PASSWORD"],"mappings":";;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYO,MAAMA,QAAN,SAAuBC,sBAAvB,CAAkC;AAUvCC,EAAAA,WAAW,CAACC,WAAD,EAA8BC,MAA9B,EAAuD;AAChE,UAAMD,WAAN,EAAmBC,MAAnB,EADgE,CAGhE;;AAHgE,+CAL5D;AACJ,oBAAc,CAAC,UAAD,CADV;AAEJ,qBAAe;AAFX,KAK4D;AAIhE,UAAM;AAAEC,MAAAA,QAAF;AAAYC,MAAAA;AAAZ,QAA+B,KAAKF,MAA1C;;AACA,QAAIC,QAAQ,IAAI,CAACC,cAAc,CAACC,IAAf,CAAoBC,aAAa,IAAIA,aAAa,CAACC,IAAd,KAAuB,UAA5D,CAAjB,EAA0F;AACxF,WAAKL,MAAL,GAAc,EACZ,GAAG,KAAKA,MADI;AAEZE,QAAAA,cAAc,EAAE,CAAC;AAAEG,UAAAA,IAAI,EAAE;AAAR,SAAD,EAAuB,GAAGH,cAA1B;AAFJ,OAAd;AAID;AACF;;AAEDI,EAAAA,YAAY,GAAG;AACb,UAAM;AAAEC,MAAAA;AAAF,QAAiB,KAAKC,OAAL,EAAvB;AACA,WAAO,CAAC,CAACD,UAAT;AACD;;AAEDE,EAAAA,cAAc,GAAG;AACf,WAAO;AAAEC,MAAAA,QAAQ,EAAE,KAAKV,MAAL,CAAYC;AAAxB,KAAP;AACD;;AAEDU,EAAAA,mBAAmB,CAACC,KAAD,EAAQ;AACzB,WAAO,EACL,GAAGA,KAAK,CAACC,IAAN,CAAWC,KAAX,CAAiB,CAAjB,CADE;AAELC,MAAAA,IAAI,EAAE,UAFD;AAGLC,MAAAA,QAAQ,EAAEJ,KAAK,CAACI;AAHX,KAAP;AAKD;;AAEDC,EAAAA,qBAAqB,GAAG;AACtB;AACA;AACA,QAAI,KAAKlB,WAAL,CAAiBe,KAAjB,CAAuBX,IAAvB,CAA4B,CAAC;AAAEY,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAK,aAAnD,CAAJ,EAAuE;AAAA;;AACrE,YAAMb,cAAc,4BAAI,KAAKF,MAAL,CAAYE,cAAhB,0DAAG,sBACnBgB,MADmB,CACZd,aAAa,IAAIA,aAAa,CAACe,GAAd,KAAsBC,wBAAiBC,aAD5C,CAAvB;AAEA,aAAO,EAAE,GAAG,KAAKrB,MAAV;AAAkBE,QAAAA;AAAlB,OAAP;AACD;;AAED,WAAO,MAAMe,qBAAN,EAAP;AACD;;AAlDsC;;;8BAA5BrB,Q,qBACc,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Base/Remediator';\nimport { Authenticator, AuthenticatorKey } from '../types';\nimport { IdxRemediation } from '../types/idx-js';\n\nexport interface IdentifyValues extends RemediationValues {\n  username?: string;\n  password?: string;\n}\n\nexport class Identify extends Remediator {\n  static remediationName = 'identify';\n\n  values: IdentifyValues;\n\n  map = {\n    'identifier': ['username'],\n    'credentials': []\n  };\n\n  constructor(remediation: IdxRemediation, values?: IdentifyValues) {\n    super(remediation, values);\n\n    // add password authenticator to authenticators list if password is provided\n    const { password, authenticators } = this.values;\n    if (password && !authenticators.some(authenticator => authenticator.type === 'password')) {\n      this.values = {\n        ...this.values,\n        authenticators: [{ type: 'password' }, ...authenticators] as Authenticator[]\n      };\n    }\n  }\n\n  canRemediate() {\n    const { identifier } = this.getData();\n    return !!identifier;\n  }\n\n  mapCredentials() {\n    return { passcode: this.values.password };\n  }\n\n  getInputCredentials(input) {\n    return {\n      ...input.form.value[0],\n      name: 'password',\n      required: input.required\n    };\n  }\n\n  getValuesAfterProceed() {\n    // Handle username + password scenario\n    // remove \"password\" from authenticator array when remediation is finished\n    if (this.remediation.value.some(({ name }) => name === 'credentials')) {\n      const authenticators = (this.values.authenticators as Authenticator[])\n        ?.filter(authenticator => authenticator.key !== AuthenticatorKey.OKTA_PASSWORD);\n      return { ...this.values, authenticators };\n    }\n\n    return super.getValuesAfterProceed();\n  }\n}\n"],"file":"Identify.js"}
+{"version":3,"sources":["../../../../lib/idx/remediators/Identify.ts"],"names":["Identify","Remediator","constructor","remediation","values","password","authenticators","some","authenticator","type","key","AuthenticatorKey","OKTA_PASSWORD","canRemediate","identifier","getData","mapCredentials","passcode","getInputCredentials","input","form","value","name","required","getValuesAfterProceed","filter"],"mappings":";;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYO,MAAMA,QAAN,SAAuBC,sBAAvB,CAAkC;AAWvCC,EAAAA,WAAW,CAACC,WAAD,EAA8BC,MAA9B,EAAuD;AAChE,UAAMD,WAAN,EAAmBC,MAAnB,EADgE,CAGhE;;AAHgE,+CAN5D;AACJ,oBAAc,CAAC,UAAD,CADV;AAEJ,qBAAe,EAFX;AAGJ,oBAAc,CAAC,YAAD;AAHV,KAM4D;AAIhE,UAAM;AAAEC,MAAAA,QAAF;AAAYC,MAAAA;AAAZ,QAA+B,KAAKF,MAA1C;;AACA,QAAIC,QAAQ,IAAI,CAACC,cAAc,CAACC,IAAf,CAAoBC,aAAa,IAAIA,aAAa,CAACC,IAAd,KAAuB,UAA5D,CAAjB,EAA0F;AACxF,WAAKL,MAAL,GAAc,EACZ,GAAG,KAAKA,MADI;AAEZE,QAAAA,cAAc,EAAE,CACd;AACEG,UAAAA,IAAI,EAAE,UADR;AAEEC,UAAAA,GAAG,EAAEC,wBAAiBC;AAFxB,SADc,EAKd,GAAGN,cALW;AAFJ,OAAd;AAUD;AACF;;AAEDO,EAAAA,YAAY,GAAG;AACb,UAAM;AAAEC,MAAAA;AAAF,QAAiB,KAAKC,OAAL,EAAvB;AACA,WAAO,CAAC,CAACD,UAAT;AACD;;AAEDE,EAAAA,cAAc,GAAG;AACf,WAAO;AAAEC,MAAAA,QAAQ,EAAE,KAAKb,MAAL,CAAYC;AAAxB,KAAP;AACD;;AAEDa,EAAAA,mBAAmB,CAACC,KAAD,EAAQ;AACzB,WAAO,EACL,GAAGA,KAAK,CAACC,IAAN,CAAWC,KAAX,CAAiB,CAAjB,CADE;AAELC,MAAAA,IAAI,EAAE,UAFD;AAGLC,MAAAA,QAAQ,EAAEJ,KAAK,CAACI;AAHX,KAAP;AAKD;;AAEDC,EAAAA,qBAAqB,GAAG;AACtB;AACA;AACA,QAAI,KAAKrB,WAAL,CAAiBkB,KAAjB,CAAuBd,IAAvB,CAA4B,CAAC;AAAEe,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAK,aAAnD,CAAJ,EAAuE;AAAA;;AACrE,YAAMhB,cAAc,4BAAI,KAAKF,MAAL,CAAYE,cAAhB,0DAAG,sBACnBmB,MADmB,CACZjB,aAAa,IAAIA,aAAa,CAACE,GAAd,KAAsBC,wBAAiBC,aAD5C,CAAvB;AAEA,aAAO,EAAE,GAAG,KAAKR,MAAV;AAAkBE,QAAAA;AAAlB,OAAP;AACD;;AAED,WAAO,MAAMkB,qBAAN,EAAP;AACD;;AAzDsC;;;8BAA5BxB,Q,qBACc,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Base/Remediator';\nimport { Authenticator, AuthenticatorKey } from '../types';\nimport { IdxRemediation } from '../types/idx-js';\n\nexport interface IdentifyValues extends RemediationValues {\n  username?: string;\n  password?: string;\n}\n\nexport class Identify extends Remediator {\n  static remediationName = 'identify';\n\n  values: IdentifyValues;\n\n  map = {\n    'identifier': ['username'],\n    'credentials': [],\n    'rememberMe': ['rememberMe'],\n  };\n\n  constructor(remediation: IdxRemediation, values?: IdentifyValues) {\n    super(remediation, values);\n\n    // add password authenticator to authenticators list if password is provided\n    const { password, authenticators } = this.values;\n    if (password && !authenticators.some(authenticator => authenticator.type === 'password')) {\n      this.values = {\n        ...this.values,\n        authenticators: [\n          { \n            type: 'password',\n            key: AuthenticatorKey.OKTA_PASSWORD\n          }, \n          ...authenticators\n        ] as Authenticator[]\n      };\n    }\n  }\n\n  canRemediate() {\n    const { identifier } = this.getData();\n    return !!identifier;\n  }\n\n  mapCredentials() {\n    return { passcode: this.values.password };\n  }\n\n  getInputCredentials(input) {\n    return {\n      ...input.form.value[0],\n      name: 'password',\n      required: input.required\n    };\n  }\n\n  getValuesAfterProceed() {\n    // Handle username + password scenario\n    // remove \"password\" from authenticator array when remediation is finished\n    if (this.remediation.value.some(({ name }) => name === 'credentials')) {\n      const authenticators = (this.values.authenticators as Authenticator[])\n        ?.filter(authenticator => authenticator.key !== AuthenticatorKey.OKTA_PASSWORD);\n      return { ...this.values, authenticators };\n    }\n\n    return super.getValuesAfterProceed();\n  }\n}\n"],"file":"Identify.js"}

package/cjs/idx/run.js

@@ -14,6 +14,8 @@ var _errors = require("../errors");
 
 var _types = require("../types");
 
+var _transactionMeta = require("./transactionMeta");
+
 function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
 
 function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
@@ -80,7 +82,7 @@ function getAvailableSteps(remediations) {
   return res;
 }
 
-async function run(authClient, options) {
+async function run(authClient, options = {}) {
   let tokens;
   let nextStep;
   let messages;
@@ -90,19 +92,44 @@ async function run(authClient, options) {
   let availableSteps;
   let status = _types.IdxStatus.PENDING;
   let shouldClearTransaction = false;
+  let idxResponse;
+  let interactionHandle;
+  let metaFromResp;
 
   try {
-    // Start/resume the flow
+    var _metaFromResp;
+
     const {
-      interactionHandle,
-      meta: metaFromResp
-    } = await (0, _interact.interact)(authClient, options); // Introspect to get idx response
+      flow,
+      stateTokenExternalId,
+      state
+    } = options; // Only one flow can be operating at a time
+
+    if (flow) {
+      authClient.idx.setFlow(flow);
+    } // Try to resume saved transaction
+
 
-    const idxResponse = await (0, _introspect.introspect)(authClient, {
-      interactionHandle
+    metaFromResp = (0, _transactionMeta.getSavedTransactionMeta)(authClient, {
+      state
+    });
+    interactionHandle = (_metaFromResp = metaFromResp) === null || _metaFromResp === void 0 ? void 0 : _metaFromResp.interactionHandle; // may be undefined
+
+    if (!interactionHandle && !stateTokenExternalId) {
+      // start a new transaction
+      authClient.transactionManager.clear();
+      const interactResponse = await (0, _interact.interact)(authClient, options);
+      interactionHandle = interactResponse.interactionHandle;
+      metaFromResp = interactResponse.meta;
+    } // Introspect to get idx response
+
+
+    idxResponse = await (0, _introspect.introspect)(authClient, {
+      interactionHandle,
+      stateTokenExternalId
     });
 
-    if (!options.flow && !options.actions) {
+    if (!options.remediators && !options.actions) {
       // handle start transaction
       meta = metaFromResp;
       enabledFeatures = getEnabledFeatures(idxResponse);
@@ -173,6 +200,7 @@ async function run(authClient, options) {
   }
 
   return {
+    _idxResponse: idxResponse,
     status,
     ...(meta && {
       meta

package/cjs/idx/run.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","getAvailableSteps","remediations","remediatorMap","Object","values","remediators","reduce","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","interactionHandle","metaFromResp","flow","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","transactionManager","saveIdxResponse","TERMINAL","CANCELED","interactionCode","flowMonitor","isFinished","AuthSdkError","clientId","codeVerifier","ignoreSignature","redirectUri","urls","scopes","token","exchangeCodeForTokens","SUCCESS","err","FAILURE","clear"],"mappings":";;;;AAcA;;AACA;;AACA;;AAEA;;AACA;;AACA;;;;;;AApBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAwBA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,SAAOT,GAAP;AACD;;AAED,SAASU,iBAAT,CAA2BC,YAA3B,EAAuE;AACrE,QAAMX,GAAG,GAAG,EAAZ;AAEA,QAAMY,aAAa,GAAGC,MAAM,CAACC,MAAP,CAAcC,WAAd,EAA2BC,MAA3B,CAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBT,YAAxB,EAAsC;AACpC,UAAMU,CAAC,GAAGT,aAAa,CAACQ,WAAW,CAACb,IAAb,CAAvB;;AACA,QAAIc,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACApB,MAAAA,GAAG,CAACG,IAAJ,CAAUmB,UAAU,CAACC,WAAX,EAAV;AACD;AACF;;AAED,SAAOvB,GAAP;AACD;;AAEM,eAAewB,GAAf,CACLC,UADK,EAELC,OAFK,EAGoB;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;;AAEA,MAAI;AACF;AACA,UAAM;AAAEC,MAAAA,iBAAF;AAAqBP,MAAAA,IAAI,EAAEQ;AAA3B,QAA4C,MAAM,wBAASd,UAAT,EAAqBC,OAArB,CAAxD,CAFE,CAIF;;AACA,UAAM3B,WAAW,GAAG,MAAM,4BAAW0B,UAAX,EAAuB;AAAEa,MAAAA;AAAF,KAAvB,CAA1B;;AAEA,QAAI,CAACZ,OAAO,CAACc,IAAT,IAAiB,CAACd,OAAO,CAACzB,OAA9B,EAAuC;AACrC;AACA8B,MAAAA,IAAI,GAAGQ,YAAP;AACAP,MAAAA,eAAe,GAAGlC,kBAAkB,CAACC,WAAD,CAApC;AACAkC,MAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAW,CAACG,eAAb,CAAlC;AACD,KALD,MAKO;AACL,YAAMY,MAAqC,GAAG,EAC5C,GAAGY,OADyC;AAE5Ce,QAAAA,WAAW,EAAE1C,WAAW,CAAC2C,WAAZ,CAAwBD;AAFO,OAA9C,CADK,CAML;;AACA,YAAM;AACJ1C,QAAAA,WAAW,EAAE4C,mBADT;AAEJf,QAAAA,QAAQ,EAAEgB,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJjB,QAAAA,QAAQ,EAAEkB;AALN,UAMF,MAAM,0BAAUhD,WAAV,EAAuBe,MAAvB,EAA+BY,OAA/B,CANV,CAPK,CAeL;;AACAE,MAAAA,QAAQ,GAAGgB,gBAAX;AACAf,MAAAA,QAAQ,GAAGkB,gBAAX,CAjBK,CAmBL;;AACA,UAAInB,QAAQ,IAAIe,mBAAhB,EAAqC;AACnClB,QAAAA,UAAU,CAACuB,kBAAX,CAA8BC,eAA9B,CAA8CN,mBAAmB,CAACD,WAAlE;AACD;;AAED,UAAIG,QAAJ,EAAc;AACZX,QAAAA,MAAM,GAAGC,iBAAUe,QAAnB;AACAb,QAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAAC,UAAIS,QAAJ,EAAc;AACdZ,QAAAA,MAAM,GAAGC,iBAAUgB,QAAnB;AACAd,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,IAAIM,mBAAJ,aAAIA,mBAAJ,eAAIA,mBAAmB,CAAES,eAAzB,EAA0C;AAC/C;AACA;AACA,YAAI,EAAE,MAAM1B,OAAO,CAAC2B,WAAR,CAAoBC,UAApB,EAAR,CAAJ,EAA+C;AAC7C,gBAAM,IAAIC,oBAAJ,CAAiB,mEAAjB,CAAN;AACD;;AAED,cAAM;AACJC,UAAAA,QADI;AAEJC,UAAAA,YAFI;AAGJC,UAAAA,eAHI;AAIJC,UAAAA,WAJI;AAKJC,UAAAA,IALI;AAMJC,UAAAA;AANI,YAOFtB,YAPJ;AAQAZ,QAAAA,MAAM,GAAG,MAAMF,UAAU,CAACqC,KAAX,CAAiBC,qBAAjB,CAAuC;AACpDX,UAAAA,eAAe,EAAET,mBAAmB,CAACS,eADe;AAEpDI,UAAAA,QAFoD;AAGpDC,UAAAA,YAHoD;AAIpDC,UAAAA,eAJoD;AAKpDC,UAAAA,WALoD;AAMpDE,UAAAA;AANoD,SAAvC,EAOZD,IAPY,CAAf;AASA1B,QAAAA,MAAM,GAAGC,iBAAU6B,OAAnB;AACA3B,QAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF,GAtED,CAsEE,OAAO4B,GAAP,EAAY;AACZnC,IAAAA,KAAK,GAAGmC,GAAR;AACA/B,IAAAA,MAAM,GAAGC,iBAAU+B,OAAnB;AACA7B,IAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAED,MAAIA,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAACuB,kBAAX,CAA8BmB,KAA9B;AACD;;AAED,SAAO;AACLjC,IAAAA,MADK;AAEL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAFK;AAGL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAHK;AAIL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CAJK;AAKL,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CALK;AAML,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb;AARK,GAAP;AAUD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate } from './remediate';\nimport { FlowMonitor } from './flowMonitors';\nimport * as remediators from './remediators';\nimport { AuthSdkError } from '../errors';\nimport { \n  OktaAuth,\n  IdxOptions,\n  IdxStatus,\n  IdxTransaction,\n  IdxFeature,\n  NextStep,\n} from '../types';\nimport { IdxResponse, IdxRemediation } from './types/idx-js';\n\nexport type RemediationFlow = Record<string, typeof remediators.Remediator>;\nexport interface RunOptions {\n  flow?: RemediationFlow;\n  actions?: string[];\n  flowMonitor?: FlowMonitor;\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n  const res = [];\n  const { actions, neededToProceed } = idxResponse;\n\n  if (actions['currentAuthenticator-recover']) {\n    res.push(IdxFeature.PASSWORD_RECOVERY);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n    res.push(IdxFeature.REGISTRATION);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n    res.push(IdxFeature.SOCIAL_IDP);\n  }\n\n  return res;\n}\n\nfunction getAvailableSteps(remediations: IdxRemediation[]): NextStep[] {\n  const res = [];\n\n  const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n    // Only add concrete subclasses to the map\n    if (remediatorClass.remediationName) {\n      map[remediatorClass.remediationName] = remediatorClass;\n    }\n    return map;\n  }, {});\n\n  for (let remediation of remediations) {\n    const T = remediatorMap[remediation.name];\n    if (T) {\n      const remediator = new T(remediation);\n      res.push (remediator.getNextStep());\n    }\n  }\n\n  return res;\n}\n\nexport async function run(\n  authClient: OktaAuth, \n  options: RunOptions & IdxOptions,\n): Promise<IdxTransaction> {\n  let tokens;\n  let nextStep;\n  let messages;\n  let error;\n  let meta;\n  let enabledFeatures;\n  let availableSteps;\n  let status = IdxStatus.PENDING;\n  let shouldClearTransaction = false;\n\n  try {\n    // Start/resume the flow\n    const { interactionHandle, meta: metaFromResp } = await interact(authClient, options); \n\n    // Introspect to get idx response\n    const idxResponse = await introspect(authClient, { interactionHandle });\n\n    if (!options.flow && !options.actions) {\n      // handle start transaction\n      meta = metaFromResp;\n      enabledFeatures = getEnabledFeatures(idxResponse);\n      availableSteps = getAvailableSteps(idxResponse.neededToProceed);\n    } else {\n      const values: remediators.RemediationValues = { \n        ...options, \n        stateHandle: idxResponse.rawIdxState.stateHandle \n      };\n\n      // Can we handle the remediations?\n      const { \n        idxResponse: idxResponseFromResp, \n        nextStep: nextStepFromResp,\n        terminal,\n        canceled,\n        messages: messagesFromResp,\n      } = await remediate(idxResponse, values, options);\n\n      // Track fields from remediation response\n      nextStep = nextStepFromResp;\n      messages = messagesFromResp;\n\n      // Save intermediate idx response in storage to reduce introspect call\n      if (nextStep && idxResponseFromResp) {\n        authClient.transactionManager.saveIdxResponse(idxResponseFromResp.rawIdxState);\n      }\n\n      if (terminal) {\n        status = IdxStatus.TERMINAL;\n        shouldClearTransaction = true;\n      } if (canceled) {\n        status = IdxStatus.CANCELED;\n        shouldClearTransaction = true;\n      } else if (idxResponseFromResp?.interactionCode) { \n        // Flows may end with interactionCode before the key remediation being hit\n        // Double check if flow is finished to mitigate confusion with the wrapper methods\n        if (!(await options.flowMonitor.isFinished())) {\n          throw new AuthSdkError('Current flow is not supported, check policy settings in your org.');\n        }\n\n        const {\n          clientId,\n          codeVerifier,\n          ignoreSignature,\n          redirectUri,\n          urls,\n          scopes,\n        } = metaFromResp;\n        tokens = await authClient.token.exchangeCodeForTokens({\n          interactionCode: idxResponseFromResp.interactionCode,\n          clientId,\n          codeVerifier,\n          ignoreSignature,\n          redirectUri,\n          scopes\n        }, urls);\n\n        status = IdxStatus.SUCCESS;\n        shouldClearTransaction = true;\n      }\n    }\n  } catch (err) {\n    error = err;\n    status = IdxStatus.FAILURE;\n    shouldClearTransaction = true;\n  }\n\n  if (shouldClearTransaction) {\n    authClient.transactionManager.clear();\n  }\n  \n  return {\n    status,\n    ...(meta && { meta }),\n    ...(enabledFeatures && { enabledFeatures }),\n    ...(availableSteps && { availableSteps }),\n    ...(tokens && { tokens: tokens.tokens }),\n    ...(nextStep && { nextStep }),\n    ...(messages && { messages }),\n    ...(error && { error }),\n  };\n}\n"],"file":"run.js"}
+{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","getAvailableSteps","remediations","remediatorMap","Object","values","remediators","reduce","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","interactionHandle","metaFromResp","flow","stateTokenExternalId","state","idx","setFlow","transactionManager","clear","interactResponse","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","saveIdxResponse","TERMINAL","CANCELED","interactionCode","flowMonitor","isFinished","AuthSdkError","clientId","codeVerifier","ignoreSignature","redirectUri","urls","scopes","token","exchangeCodeForTokens","SUCCESS","err","FAILURE","_idxResponse"],"mappings":";;;;AAcA;;AACA;;AACA;;AAEA;;AACA;;AACA;;AASA;;;;;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AA0BA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,SAAOT,GAAP;AACD;;AAED,SAASU,iBAAT,CAA2BC,YAA3B,EAAuE;AACrE,QAAMX,GAAG,GAAG,EAAZ;AAEA,QAAMY,aAAa,GAAGC,MAAM,CAACC,MAAP,CAAcC,WAAd,EAA2BC,MAA3B,CAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBT,YAAxB,EAAsC;AACpC,UAAMU,CAAC,GAAGT,aAAa,CAACQ,WAAW,CAACb,IAAb,CAAvB;;AACA,QAAIc,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACApB,MAAAA,GAAG,CAACG,IAAJ,CAAUmB,UAAU,CAACC,WAAX,EAAV;AACD;AACF;;AAED,SAAOvB,GAAP;AACD;;AAEM,eAAewB,GAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAItC,WAAJ;AACA,MAAIuC,iBAAJ;AACA,MAAIC,YAAJ;;AAEA,MAAI;AAAA;;AAEF,UAAM;AAAEC,MAAAA,IAAF;AAAQC,MAAAA,oBAAR;AAA8BC,MAAAA;AAA9B,QAAwChB,OAA9C,CAFE,CAIF;;AACA,QAAIc,IAAJ,EAAU;AACRf,MAAAA,UAAU,CAACkB,GAAX,CAAeC,OAAf,CAAuBJ,IAAvB;AACD,KAPC,CASF;;;AACAD,IAAAA,YAAY,GAAG,8CAAwBd,UAAxB,EAAoC;AAAEiB,MAAAA;AAAF,KAApC,CAAf;AACAJ,IAAAA,iBAAiB,oBAAGC,YAAH,kDAAG,cAAcD,iBAAlC,CAXE,CAWmD;;AAErD,QAAI,CAACA,iBAAD,IAAsB,CAACG,oBAA3B,EAAiD;AAC/C;AACAhB,MAAAA,UAAU,CAACoB,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAAStB,UAAT,EAAqBC,OAArB,CAA/B;AACAY,MAAAA,iBAAiB,GAAGS,gBAAgB,CAACT,iBAArC;AACAC,MAAAA,YAAY,GAAGQ,gBAAgB,CAAChB,IAAhC;AACD,KAnBC,CAqBF;;;AACAhC,IAAAA,WAAW,GAAG,MAAM,4BAAW0B,UAAX,EAAuB;AAAEa,MAAAA,iBAAF;AAAqBG,MAAAA;AAArB,KAAvB,CAApB;;AAEA,QAAI,CAACf,OAAO,CAACX,WAAT,IAAwB,CAACW,OAAO,CAACzB,OAArC,EAA8C;AAC5C;AACA8B,MAAAA,IAAI,GAAGQ,YAAP;AACAP,MAAAA,eAAe,GAAGlC,kBAAkB,CAACC,WAAD,CAApC;AACAkC,MAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAW,CAACG,eAAb,CAAlC;AACD,KALD,MAKO;AACL,YAAMY,MAAqC,GAAG,EAC5C,GAAGY,OADyC;AAE5CsB,QAAAA,WAAW,EAAEjD,WAAW,CAACkD,WAAZ,CAAwBD;AAFO,OAA9C,CADK,CAML;;AACA,YAAM;AACJjD,QAAAA,WAAW,EAAEmD,mBADT;AAEJtB,QAAAA,QAAQ,EAAEuB,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJxB,QAAAA,QAAQ,EAAEyB;AALN,UAMF,MAAM,0BAAUvD,WAAV,EAAuBe,MAAvB,EAA+BY,OAA/B,CANV,CAPK,CAeL;;AACAE,MAAAA,QAAQ,GAAGuB,gBAAX;AACAtB,MAAAA,QAAQ,GAAGyB,gBAAX,CAjBK,CAmBL;;AACA,UAAI1B,QAAQ,IAAIsB,mBAAhB,EAAqC;AACnCzB,QAAAA,UAAU,CAACoB,kBAAX,CAA8BU,eAA9B,CAA8CL,mBAAmB,CAACD,WAAlE;AACD;;AAED,UAAIG,QAAJ,EAAc;AACZlB,QAAAA,MAAM,GAAGC,iBAAUqB,QAAnB;AACAnB,QAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAAC,UAAIgB,QAAJ,EAAc;AACdnB,QAAAA,MAAM,GAAGC,iBAAUsB,QAAnB;AACApB,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,IAAIa,mBAAJ,aAAIA,mBAAJ,eAAIA,mBAAmB,CAAEQ,eAAzB,EAA0C;AAC/C;AACA;AACA,YAAI,EAAE,MAAMhC,OAAO,CAACiC,WAAR,CAAoBC,UAApB,EAAR,CAAJ,EAA+C;AAC7C,gBAAM,IAAIC,oBAAJ,CAAiB,mEAAjB,CAAN;AACD;;AAED,cAAM;AACJC,UAAAA,QADI;AAEJC,UAAAA,YAFI;AAGJC,UAAAA,eAHI;AAIJC,UAAAA,WAJI;AAKJC,UAAAA,IALI;AAMJC,UAAAA;AANI,YAOF5B,YAPJ;AAQAZ,QAAAA,MAAM,GAAG,MAAMF,UAAU,CAAC2C,KAAX,CAAiBC,qBAAjB,CAAuC;AACpDX,UAAAA,eAAe,EAAER,mBAAmB,CAACQ,eADe;AAEpDI,UAAAA,QAFoD;AAGpDC,UAAAA,YAHoD;AAIpDC,UAAAA,eAJoD;AAKpDC,UAAAA,WALoD;AAMpDE,UAAAA;AANoD,SAAvC,EAOZD,IAPY,CAAf;AASAhC,QAAAA,MAAM,GAAGC,iBAAUmC,OAAnB;AACAjC,QAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF,GAvFD,CAuFE,OAAOkC,GAAP,EAAY;AACZzC,IAAAA,KAAK,GAAGyC,GAAR;AACArC,IAAAA,MAAM,GAAGC,iBAAUqC,OAAnB;AACAnC,IAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAED,MAAIA,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAACoB,kBAAX,CAA8BC,KAA9B;AACD;;AAED,SAAO;AACL2B,IAAAA,YAAY,EAAE1E,WADT;AAELmC,IAAAA,MAFK;AAGL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAHK;AAIL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAJK;AAKL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CALK;AAML,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CARK;AASL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb;AATK,GAAP;AAWD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate } from './remediate';\nimport { FlowMonitor, RemediationFlow } from './flow';\nimport * as remediators from './remediators';\nimport { AuthSdkError } from '../errors';\nimport { \n  OktaAuth,\n  IdxStatus,\n  IdxTransaction,\n  IdxFeature,\n  NextStep,\n  FlowIdentifier,\n} from '../types';\nimport { IdxResponse, IdxRemediation } from './types/idx-js';\nimport { getSavedTransactionMeta } from './transactionMeta';\nimport { ProceedOptions  } from './proceed';\n\nexport type RunOptions = ProceedOptions & {\n  flow?: FlowIdentifier;\n  remediators?: RemediationFlow;\n  flowMonitor?: FlowMonitor;\n  actions?: string[];\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n  const res = [];\n  const { actions, neededToProceed } = idxResponse;\n\n  if (actions['currentAuthenticator-recover']) {\n    res.push(IdxFeature.PASSWORD_RECOVERY);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n    res.push(IdxFeature.REGISTRATION);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n    res.push(IdxFeature.SOCIAL_IDP);\n  }\n\n  return res;\n}\n\nfunction getAvailableSteps(remediations: IdxRemediation[]): NextStep[] {\n  const res = [];\n\n  const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n    // Only add concrete subclasses to the map\n    if (remediatorClass.remediationName) {\n      map[remediatorClass.remediationName] = remediatorClass;\n    }\n    return map;\n  }, {});\n\n  for (let remediation of remediations) {\n    const T = remediatorMap[remediation.name];\n    if (T) {\n      const remediator = new T(remediation);\n      res.push (remediator.getNextStep());\n    }\n  }\n\n  return res;\n}\n\nexport async function run(\n  authClient: OktaAuth, \n  options: RunOptions = {},\n): Promise<IdxTransaction> {\n  let tokens;\n  let nextStep;\n  let messages;\n  let error;\n  let meta;\n  let enabledFeatures;\n  let availableSteps;\n  let status = IdxStatus.PENDING;\n  let shouldClearTransaction = false;\n  let idxResponse;\n  let interactionHandle;\n  let metaFromResp;\n\n  try {\n\n    const { flow, stateTokenExternalId, state } = options;\n\n    // Only one flow can be operating at a time\n    if (flow) {\n      authClient.idx.setFlow(flow);\n    }\n\n    // Try to resume saved transaction\n    metaFromResp = getSavedTransactionMeta(authClient, { state });\n    interactionHandle = metaFromResp?.interactionHandle; // may be undefined\n\n    if (!interactionHandle && !stateTokenExternalId) {\n      // start a new transaction\n      authClient.transactionManager.clear();\n      const interactResponse = await interact(authClient, options); \n      interactionHandle = interactResponse.interactionHandle;\n      metaFromResp = interactResponse.meta;\n    }\n\n    // Introspect to get idx response\n    idxResponse = await introspect(authClient, { interactionHandle, stateTokenExternalId });\n\n    if (!options.remediators && !options.actions) {\n      // handle start transaction\n      meta = metaFromResp;\n      enabledFeatures = getEnabledFeatures(idxResponse);\n      availableSteps = getAvailableSteps(idxResponse.neededToProceed);\n    } else {\n      const values: remediators.RemediationValues = { \n        ...options, \n        stateHandle: idxResponse.rawIdxState.stateHandle \n      };\n\n      // Can we handle the remediations?\n      const { \n        idxResponse: idxResponseFromResp, \n        nextStep: nextStepFromResp,\n        terminal,\n        canceled,\n        messages: messagesFromResp,\n      } = await remediate(idxResponse, values, options);\n\n      // Track fields from remediation response\n      nextStep = nextStepFromResp;\n      messages = messagesFromResp;\n\n      // Save intermediate idx response in storage to reduce introspect call\n      if (nextStep && idxResponseFromResp) {\n        authClient.transactionManager.saveIdxResponse(idxResponseFromResp.rawIdxState);\n      }\n\n      if (terminal) {\n        status = IdxStatus.TERMINAL;\n        shouldClearTransaction = true;\n      } if (canceled) {\n        status = IdxStatus.CANCELED;\n        shouldClearTransaction = true;\n      } else if (idxResponseFromResp?.interactionCode) { \n        // Flows may end with interactionCode before the key remediation being hit\n        // Double check if flow is finished to mitigate confusion with the wrapper methods\n        if (!(await options.flowMonitor.isFinished())) {\n          throw new AuthSdkError('Current flow is not supported, check policy settings in your org.');\n        }\n\n        const {\n          clientId,\n          codeVerifier,\n          ignoreSignature,\n          redirectUri,\n          urls,\n          scopes,\n        } = metaFromResp;\n        tokens = await authClient.token.exchangeCodeForTokens({\n          interactionCode: idxResponseFromResp.interactionCode,\n          clientId,\n          codeVerifier,\n          ignoreSignature,\n          redirectUri,\n          scopes\n        }, urls);\n\n        status = IdxStatus.SUCCESS;\n        shouldClearTransaction = true;\n      }\n    }\n  } catch (err) {\n    error = err;\n    status = IdxStatus.FAILURE;\n    shouldClearTransaction = true;\n  }\n\n  if (shouldClearTransaction) {\n    authClient.transactionManager.clear();\n  }\n  \n  return {\n    _idxResponse: idxResponse, \n    status,\n    ...(meta && { meta }),\n    ...(enabledFeatures && { enabledFeatures }),\n    ...(availableSteps && { availableSteps }),\n    ...(tokens && { tokens: tokens.tokens }),\n    ...(nextStep && { nextStep }),\n    ...(messages && { messages }),\n    ...(error && { error }),\n  };\n}\n"],"file":"run.js"}

package/cjs/idx/startTransaction.js

@@ -17,6 +17,8 @@ var _run = require("./run");
  */
 // This method only resolves { status: IdxStatus.PENDING } if transaction has already started
 async function startTransaction(authClient, options = {}) {
+  // Clear IDX response cache and saved transaction meta (if any)
+  authClient.transactionManager.clear();
   return (0, _run.run)(authClient, options);
 }
 //# sourceMappingURL=startTransaction.js.map

package/cjs/idx/startTransaction.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB,SAAO,cAAID,UAAJ,EAAgBC,OAAhB,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { OktaAuth, IdxOptions, IdxTransaction } from '../types';\n\n// This method only resolves { status: IdxStatus.PENDING } if transaction has already started\nexport async function startTransaction(\n  authClient: OktaAuth, \n  options: IdxOptions = {}\n): Promise<IdxTransaction> {\n  return run(authClient, options);\n}\n"],"file":"startTransaction.js"}
+{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB;AACAD,EAAAA,UAAU,CAACE,kBAAX,CAA8BC,KAA9B;AAEA,SAAO,cAAIH,UAAJ,EAAgBC,OAAhB,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { OktaAuth, IdxOptions, IdxTransaction } from '../types';\n\n// This method only resolves { status: IdxStatus.PENDING } if transaction has already started\nexport async function startTransaction(\n  authClient: OktaAuth, \n  options: IdxOptions = {}\n): Promise<IdxTransaction> {\n  // Clear IDX response cache and saved transaction meta (if any)\n  authClient.transactionManager.clear();\n\n  return run(authClient, options);\n}\n"],"file":"startTransaction.js"}

package/cjs/idx/transactionMeta.js

@@ -2,6 +2,7 @@
 
 exports.createTransactionMeta = createTransactionMeta;
 exports.transactionMetaExist = transactionMetaExist;
+exports.getSavedTransactionMeta = getSavedTransactionMeta;
 exports.getTransactionMeta = getTransactionMeta;
 exports.saveTransactionMeta = saveTransactionMeta;
 exports.clearTransactionMeta = clearTransactionMeta;
@@ -23,41 +24,8 @@ var _oidc = require("../oidc");
  * See the License for the specific language governing permissions and limitations under the License.
  */
 // Calculate new values
-async function createTransactionMeta(authClient) {
-  return authClient.token.prepareTokenParams();
-}
-
-function transactionMetaExist(authClient) {
-  if (authClient.transactionManager.exists()) {
-    const existing = authClient.transactionManager.load();
-
-    if (isTransactionMetaValid(authClient, existing) && existing.interactionHandle) {
-      return true;
-    }
-  }
-
-  return false;
-}
-
-async function getTransactionMeta(authClient) {
-  // Load existing transaction meta from storage
-  if (authClient.transactionManager.exists()) {
-    const existing = authClient.transactionManager.load();
-
-    if (isTransactionMetaValid(authClient, existing)) {
-      return existing;
-    } // existing meta is not valid for this configuration
-    // this is common when changing configuration in local development environment
-    // in a production environment, this may indicate that two apps are sharing a storage key
-
-
-    (0, _util.warn)('Saved transaction meta does not match the current configuration. ' + 'This may indicate that two apps are sharing a storage key.');
-  } // Calculate new values
-
-
-  const tokenParams = await authClient.token.prepareTokenParams();
-  const urls = (0, _oidc.getOAuthUrls)(authClient, tokenParams);
-  const issuer = authClient.options.issuer;
+async function createTransactionMeta(authClient, options) {
+  const tokenParams = await authClient.token.prepareTokenParams(options);
   const {
     pkce,
     clientId,
@@ -72,7 +40,11 @@ async function getTransactionMeta(authClient) {
     codeChallengeMethod,
     codeChallenge
   } = tokenParams;
+  const urls = (0, _oidc.getOAuthUrls)(authClient, tokenParams);
+  const flow = authClient.idx.getFlow() || 'default';
+  const issuer = authClient.options.issuer;
   const meta = {
+    flow,
     issuer,
     pkce,
     clientId,
@@ -91,6 +63,48 @@ async function getTransactionMeta(authClient) {
   return meta;
 }
 
+function transactionMetaExist(authClient, options) {
+  if (authClient.transactionManager.exists(options)) {
+    const existing = authClient.transactionManager.load(options);
+
+    if (isTransactionMetaValid(authClient, existing) && existing.interactionHandle) {
+      return true;
+    }
+  }
+
+  return false;
+} // Returns the saved transaction meta, if it exists and is valid, or undefined
+
+
+function getSavedTransactionMeta(authClient, options) {
+  const state = (options === null || options === void 0 ? void 0 : options.state) || authClient.options.state;
+  const existing = authClient.transactionManager.load({
+    state
+  });
+
+  if (existing && isTransactionMetaValid(authClient, existing)) {
+    return existing;
+  }
+}
+
+async function getTransactionMeta(authClient, options) {
+  // Load existing transaction meta from storage
+  if (authClient.transactionManager.exists(options)) {
+    const validExistingMeta = getSavedTransactionMeta(authClient, options);
+
+    if (validExistingMeta) {
+      return validExistingMeta;
+    } // existing meta is not valid for this configuration
+    // this is common when changing configuration in local development environment
+    // in a production environment, this may indicate that two apps are sharing a storage key
+
+
+    (0, _util.warn)('Saved transaction meta does not match the current configuration. ' + 'This may indicate that two apps are sharing a storage key.');
+  }
+
+  return createTransactionMeta(authClient, options);
+}
+
 function saveTransactionMeta(authClient, meta) {
   authClient.transactionManager.save(meta, {
     muteWarning: true
@@ -100,13 +114,37 @@ function saveTransactionMeta(authClient, meta) {
 function clearTransactionMeta(authClient) {
   authClient.transactionManager.clear();
 } // returns true if values in meta match current authClient options
+// eslint-disable-next-line complexity
 
 
 function isTransactionMetaValid(authClient, meta) {
+  // First validate against required config
   const keys = ['issuer', 'clientId', 'redirectUri'];
-  const mismatch = keys.find(key => {
-    return authClient.options[key] !== meta[key];
-  });
-  return !mismatch;
+
+  if (keys.some(key => authClient.options[key] !== meta[key])) {
+    return false;
+  } // Validate optional config
+
+
+  const {
+    flow,
+    state
+  } = authClient.options; // If state is specified, it must match meta to be valid
+
+  if (state && state !== meta.state) {
+    return false;
+  } // Specific flows should not share transaction data
+
+
+  const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';
+
+  if (shouldValidateFlow) {
+    if (flow !== meta.flow) {
+      // The flow has changed; abandon the old transaction
+      return false;
+    }
+  }
+
+  return true;
 }
 //# sourceMappingURL=transactionMeta.js.map

package/cjs/idx/transactionMeta.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","token","prepareTokenParams","transactionMetaExist","transactionManager","exists","existing","load","isTransactionMetaValid","interactionHandle","getTransactionMeta","tokenParams","urls","issuer","options","pkce","clientId","redirectUri","responseType","responseMode","scopes","state","nonce","ignoreSignature","codeVerifier","codeChallengeMethod","codeChallenge","meta","saveTransactionMeta","save","muteWarning","clearTransactionMeta","clear","keys","mismatch","find","key"],"mappings":";;;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,qBAAf,CAAqCC,UAArC,EAA2D;AAChE,SAAOA,UAAU,CAACC,KAAX,CAAiBC,kBAAjB,EAAP;AACD;;AAEM,SAASC,oBAAT,CAA8BH,UAA9B,EAA6D;AAClE,MAAIA,UAAU,CAACI,kBAAX,CAA8BC,MAA9B,EAAJ,EAA4C;AAC1C,UAAMC,QAAQ,GAAGN,UAAU,CAACI,kBAAX,CAA8BG,IAA9B,EAAjB;;AACA,QAAIC,sBAAsB,CAACR,UAAD,EAAaM,QAAb,CAAtB,IAAgDA,QAAQ,CAACG,iBAA7D,EAAgF;AAC9E,aAAO,IAAP;AACD;AACF;;AACD,SAAO,KAAP;AACD;;AAEM,eAAeC,kBAAf,CAAkCV,UAAlC,EAAqF;AAC1F;AACA,MAAIA,UAAU,CAACI,kBAAX,CAA8BC,MAA9B,EAAJ,EAA4C;AAC1C,UAAMC,QAAQ,GAAGN,UAAU,CAACI,kBAAX,CAA8BG,IAA9B,EAAjB;;AACA,QAAIC,sBAAsB,CAACR,UAAD,EAAaM,QAAb,CAA1B,EAAkD;AAChD,aAAOA,QAAP;AACD,KAJyC,CAK1C;AACA;AACA;;;AACA,oBAAK,sEACH,4DADF;AAED,GAZyF,CAc1F;;;AACA,QAAMK,WAAW,GAAG,MAAMX,UAAU,CAACC,KAAX,CAAiBC,kBAAjB,EAA1B;AACA,QAAMU,IAAI,GAAG,wBAAaZ,UAAb,EAAyBW,WAAzB,CAAb;AACA,QAAME,MAAM,GAAGb,UAAU,CAACc,OAAX,CAAmBD,MAAlC;AACA,QAAM;AACJE,IAAAA,IADI;AAEJC,IAAAA,QAFI;AAGJC,IAAAA,WAHI;AAIJC,IAAAA,YAJI;AAKJC,IAAAA,YALI;AAMJC,IAAAA,MANI;AAOJC,IAAAA,KAPI;AAQJC,IAAAA,KARI;AASJC,IAAAA,eATI;AAUJC,IAAAA,YAVI;AAWJC,IAAAA,mBAXI;AAYJC,IAAAA;AAZI,MAaFf,WAbJ;AAcA,QAAMgB,IAAI,GAAG;AACXd,IAAAA,MADW;AAEXE,IAAAA,IAFW;AAGXC,IAAAA,QAHW;AAIXC,IAAAA,WAJW;AAKXC,IAAAA,YALW;AAMXC,IAAAA,YANW;AAOXC,IAAAA,MAPW;AAQXC,IAAAA,KARW;AASXC,IAAAA,KATW;AAUXV,IAAAA,IAVW;AAWXW,IAAAA,eAXW;AAYXC,IAAAA,YAZW;AAaXC,IAAAA,mBAbW;AAcXC,IAAAA;AAdW,GAAb;AAgBA,SAAOC,IAAP;AACD;;AAEM,SAASC,mBAAT,CAA8B5B,UAA9B,EAAoD2B,IAApD,EAA0D;AAC/D3B,EAAAA,UAAU,CAACI,kBAAX,CAA8ByB,IAA9B,CAAmCF,IAAnC,EAAyC;AAAEG,IAAAA,WAAW,EAAE;AAAf,GAAzC;AACD;;AAEM,SAASC,oBAAT,CAA+B/B,UAA/B,EAAqD;AAC1DA,EAAAA,UAAU,CAACI,kBAAX,CAA8B4B,KAA9B;AACD,C,CAED;;;AACO,SAASxB,sBAAT,CAAiCR,UAAjC,EAAuD2B,IAAvD,EAA6D;AAClE,QAAMM,IAAI,GAAG,CAAC,QAAD,EAAW,UAAX,EAAuB,aAAvB,CAAb;AACA,QAAMC,QAAQ,GAAGD,IAAI,CAACE,IAAL,CAAUC,GAAG,IAAI;AAChC,WAAOpC,UAAU,CAACc,OAAX,CAAmBsB,GAAnB,MAA4BT,IAAI,CAACS,GAAD,CAAvC;AACD,GAFgB,CAAjB;AAGA,SAAO,CAACF,QAAR;AACD","sourcesContent":["/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuth, IdxTransactionMeta } from '../types';\nimport { warn } from '../util';\nimport { getOAuthUrls } from '../oidc';\n\n// Calculate new values\nexport async function createTransactionMeta(authClient: OktaAuth) {\n  return authClient.token.prepareTokenParams();\n}\n\nexport function transactionMetaExist(authClient: OktaAuth): boolean {\n  if (authClient.transactionManager.exists()) {\n    const existing = authClient.transactionManager.load() as IdxTransactionMeta;\n    if (isTransactionMetaValid(authClient, existing) && existing.interactionHandle) {\n      return true;\n    }\n  }\n  return false;\n}\n\nexport async function getTransactionMeta(authClient: OktaAuth): Promise<IdxTransactionMeta> {\n  // Load existing transaction meta from storage\n  if (authClient.transactionManager.exists()) {\n    const existing = authClient.transactionManager.load();\n    if (isTransactionMetaValid(authClient, existing)) {\n      return existing as IdxTransactionMeta;\n    }\n    // existing meta is not valid for this configuration\n    // this is common when changing configuration in local development environment\n    // in a production environment, this may indicate that two apps are sharing a storage key\n    warn('Saved transaction meta does not match the current configuration. ' + \n      'This may indicate that two apps are sharing a storage key.');\n  }\n\n  // Calculate new values\n  const tokenParams = await authClient.token.prepareTokenParams();\n  const urls = getOAuthUrls(authClient, tokenParams);\n  const issuer = authClient.options.issuer;\n  const {\n    pkce,\n    clientId,\n    redirectUri,\n    responseType,\n    responseMode,\n    scopes,\n    state,\n    nonce,\n    ignoreSignature,\n    codeVerifier,\n    codeChallengeMethod,\n    codeChallenge,\n  } = tokenParams;\n  const meta = {\n    issuer,\n    pkce,\n    clientId,\n    redirectUri,\n    responseType,\n    responseMode,\n    scopes,\n    state,\n    nonce,\n    urls,\n    ignoreSignature,\n    codeVerifier,\n    codeChallengeMethod,\n    codeChallenge \n  };\n  return meta;\n}\n\nexport function saveTransactionMeta (authClient: OktaAuth, meta) {\n  authClient.transactionManager.save(meta, { muteWarning: true });\n}\n\nexport function clearTransactionMeta (authClient: OktaAuth) {\n  authClient.transactionManager.clear();\n}\n\n// returns true if values in meta match current authClient options\nexport function isTransactionMetaValid (authClient: OktaAuth, meta) {\n  const keys = ['issuer', 'clientId', 'redirectUri'];\n  const mismatch = keys.find(key => {\n    return authClient.options[key] !== meta[key];\n  });\n  return !mismatch;\n}\n"],"file":"transactionMeta.js"}
+{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","options","tokenParams","token","prepareTokenParams","pkce","clientId","redirectUri","responseType","responseMode","scopes","state","nonce","ignoreSignature","codeVerifier","codeChallengeMethod","codeChallenge","urls","flow","idx","getFlow","issuer","meta","transactionMetaExist","transactionManager","exists","existing","load","isTransactionMetaValid","interactionHandle","getSavedTransactionMeta","getTransactionMeta","validExistingMeta","saveTransactionMeta","save","muteWarning","clearTransactionMeta","clear","keys","some","key","shouldValidateFlow"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,qBAAf,CAAqCC,UAArC,EAA2DC,OAA3D,EAA6F;AAClG,QAAMC,WAAW,GAAG,MAAMF,UAAU,CAACG,KAAX,CAAiBC,kBAAjB,CAAoCH,OAApC,CAA1B;AACA,QAAM;AACJI,IAAAA,IADI;AAEJC,IAAAA,QAFI;AAGJC,IAAAA,WAHI;AAIJC,IAAAA,YAJI;AAKJC,IAAAA,YALI;AAMJC,IAAAA,MANI;AAOJC,IAAAA,KAPI;AAQJC,IAAAA,KARI;AASJC,IAAAA,eATI;AAUJC,IAAAA,YAVI;AAWJC,IAAAA,mBAXI;AAYJC,IAAAA;AAZI,MAaFd,WAbJ;AAcA,QAAMe,IAAI,GAAG,wBAAajB,UAAb,EAAyBE,WAAzB,CAAb;AACA,QAAMgB,IAAI,GAAGlB,UAAU,CAACmB,GAAX,CAAeC,OAAf,MAA4B,SAAzC;AACA,QAAMC,MAAM,GAAGrB,UAAU,CAACC,OAAX,CAAmBoB,MAAlC;AACA,QAAMC,IAAI,GAAG;AACXJ,IAAAA,IADW;AAEXG,IAAAA,MAFW;AAGXhB,IAAAA,IAHW;AAIXC,IAAAA,QAJW;AAKXC,IAAAA,WALW;AAMXC,IAAAA,YANW;AAOXC,IAAAA,YAPW;AAQXC,IAAAA,MARW;AASXC,IAAAA,KATW;AAUXC,IAAAA,KAVW;AAWXK,IAAAA,IAXW;AAYXJ,IAAAA,eAZW;AAaXC,IAAAA,YAbW;AAcXC,IAAAA,mBAdW;AAeXC,IAAAA;AAfW,GAAb;AAiBA,SAAOM,IAAP;AACD;;AAEM,SAASC,oBAAT,CAA8BvB,UAA9B,EAAoDC,OAApD,EAA+F;AACpG,MAAID,UAAU,CAACwB,kBAAX,CAA8BC,MAA9B,CAAqCxB,OAArC,CAAJ,EAAmD;AACjD,UAAMyB,QAAQ,GAAG1B,UAAU,CAACwB,kBAAX,CAA8BG,IAA9B,CAAmC1B,OAAnC,CAAjB;;AACA,QAAI2B,sBAAsB,CAAC5B,UAAD,EAAa0B,QAAb,CAAtB,IAAgDA,QAAQ,CAACG,iBAA7D,EAAgF;AAC9E,aAAO,IAAP;AACD;AACF;;AACD,SAAO,KAAP;AACD,C,CAED;;;AACO,SAASC,uBAAT,CAAiC9B,UAAjC,EAAuDC,OAAvD,EAA6G;AAClH,QAAMU,KAAK,GAAG,CAAAV,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAEU,KAAT,KAAkBX,UAAU,CAACC,OAAX,CAAmBU,KAAnD;AACA,QAAMe,QAAQ,GAAG1B,UAAU,CAACwB,kBAAX,CAA8BG,IAA9B,CAAmC;AAAEhB,IAAAA;AAAF,GAAnC,CAAjB;;AACA,MAAIe,QAAQ,IAAIE,sBAAsB,CAAC5B,UAAD,EAAa0B,QAAb,CAAtC,EAA8D;AAC5D,WAAOA,QAAP;AACD;AACF;;AAEM,eAAeK,kBAAf,CACL/B,UADK,EAELC,OAFK,EAGwB;AAC7B;AACA,MAAID,UAAU,CAACwB,kBAAX,CAA8BC,MAA9B,CAAqCxB,OAArC,CAAJ,EAAmD;AACjD,UAAM+B,iBAAiB,GAAGF,uBAAuB,CAAC9B,UAAD,EAAaC,OAAb,CAAjD;;AACA,QAAI+B,iBAAJ,EAAuB;AACrB,aAAOA,iBAAP;AACD,KAJgD,CAKjD;AACA;AACA;;;AACA,oBAAK,sEACH,4DADF;AAED;;AAED,SAAOjC,qBAAqB,CAACC,UAAD,EAAaC,OAAb,CAA5B;AACD;;AAEM,SAASgC,mBAAT,CAA8BjC,UAA9B,EAAoDsB,IAApD,EAA0D;AAC/DtB,EAAAA,UAAU,CAACwB,kBAAX,CAA8BU,IAA9B,CAAmCZ,IAAnC,EAAyC;AAAEa,IAAAA,WAAW,EAAE;AAAf,GAAzC;AACD;;AAEM,SAASC,oBAAT,CAA+BpC,UAA/B,EAAqD;AAC1DA,EAAAA,UAAU,CAACwB,kBAAX,CAA8Ba,KAA9B;AACD,C,CAED;AACA;;;AACO,SAAST,sBAAT,CAAiC5B,UAAjC,EAAuDsB,IAAvD,EAA6D;AAClE;AACA,QAAMgB,IAAI,GAAG,CAAC,QAAD,EAAW,UAAX,EAAuB,aAAvB,CAAb;;AACA,MAAIA,IAAI,CAACC,IAAL,CAAUC,GAAG,IAAIxC,UAAU,CAACC,OAAX,CAAmBuC,GAAnB,MAA4BlB,IAAI,CAACkB,GAAD,CAAjD,CAAJ,EAA6D;AAC3D,WAAO,KAAP;AACD,GALiE,CAOlE;;;AACA,QAAM;AAAEtB,IAAAA,IAAF;AAAQP,IAAAA;AAAR,MAAkBX,UAAU,CAACC,OAAnC,CARkE,CAUlE;;AACA,MAAIU,KAAK,IAAIA,KAAK,KAAKW,IAAI,CAACX,KAA5B,EAAmC;AACjC,WAAO,KAAP;AACD,GAbiE,CAelE;;;AACA,QAAM8B,kBAAkB,GAAGvB,IAAI,IAAIA,IAAI,KAAK,SAAjB,IAA8BA,IAAI,KAAK,SAAlE;;AACA,MAAIuB,kBAAJ,EAAwB;AACtB,QAAIvB,IAAI,KAAKI,IAAI,CAACJ,IAAlB,EAAwB;AACtB;AACA,aAAO,KAAP;AACD;AACF;;AAED,SAAO,IAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuth, IdxTransactionMeta, TransactionMetaOptions } from '../types';\nimport { warn } from '../util';\nimport { getOAuthUrls } from '../oidc';\n\n// Calculate new values\nexport async function createTransactionMeta(authClient: OktaAuth, options?: TransactionMetaOptions) {\n  const tokenParams = await authClient.token.prepareTokenParams(options);\n  const {\n    pkce,\n    clientId,\n    redirectUri,\n    responseType,\n    responseMode,\n    scopes,\n    state,\n    nonce,\n    ignoreSignature,\n    codeVerifier,\n    codeChallengeMethod,\n    codeChallenge,\n  } = tokenParams;\n  const urls = getOAuthUrls(authClient, tokenParams);\n  const flow = authClient.idx.getFlow() || 'default';\n  const issuer = authClient.options.issuer;\n  const meta = {\n    flow,\n    issuer,\n    pkce,\n    clientId,\n    redirectUri,\n    responseType,\n    responseMode,\n    scopes,\n    state,\n    nonce,\n    urls,\n    ignoreSignature,\n    codeVerifier,\n    codeChallengeMethod,\n    codeChallenge \n  };\n  return meta;\n}\n\nexport function transactionMetaExist(authClient: OktaAuth, options?: TransactionMetaOptions): boolean {\n  if (authClient.transactionManager.exists(options)) {\n    const existing = authClient.transactionManager.load(options) as IdxTransactionMeta;\n    if (isTransactionMetaValid(authClient, existing) && existing.interactionHandle) {\n      return true;\n    }\n  }\n  return false;\n}\n\n// Returns the saved transaction meta, if it exists and is valid, or undefined\nexport function getSavedTransactionMeta(authClient: OktaAuth, options?: TransactionMetaOptions): IdxTransactionMeta {\n  const state = options?.state || authClient.options.state;\n  const existing = authClient.transactionManager.load({ state }) as IdxTransactionMeta;\n  if (existing && isTransactionMetaValid(authClient, existing)) {\n    return existing;\n  }\n}\n\nexport async function getTransactionMeta(\n  authClient: OktaAuth,\n  options?: TransactionMetaOptions\n): Promise<IdxTransactionMeta> {\n  // Load existing transaction meta from storage\n  if (authClient.transactionManager.exists(options)) {\n    const validExistingMeta = getSavedTransactionMeta(authClient, options);\n    if (validExistingMeta) {\n      return validExistingMeta;\n    }\n    // existing meta is not valid for this configuration\n    // this is common when changing configuration in local development environment\n    // in a production environment, this may indicate that two apps are sharing a storage key\n    warn('Saved transaction meta does not match the current configuration. ' + \n      'This may indicate that two apps are sharing a storage key.');\n  }\n\n  return createTransactionMeta(authClient, options);\n}\n\nexport function saveTransactionMeta (authClient: OktaAuth, meta) {\n  authClient.transactionManager.save(meta, { muteWarning: true });\n}\n\nexport function clearTransactionMeta (authClient: OktaAuth) {\n  authClient.transactionManager.clear();\n}\n\n// returns true if values in meta match current authClient options\n// eslint-disable-next-line complexity\nexport function isTransactionMetaValid (authClient: OktaAuth, meta) {\n  // First validate against required config\n  const keys = ['issuer', 'clientId', 'redirectUri'];\n  if (keys.some(key => authClient.options[key] !== meta[key])) {\n    return false;\n  }\n\n  // Validate optional config\n  const { flow, state } = authClient.options;\n  \n  // If state is specified, it must match meta to be valid\n  if (state && state !== meta.state) {\n    return false;\n  }\n\n  // Specific flows should not share transaction data\n  const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';\n  if (shouldValidateFlow) {\n    if (flow !== meta.flow) {\n      // The flow has changed; abandon the old transaction\n      return false;\n    }\n  }\n\n  return true;\n}\n"],"file":"transactionMeta.js"}

package/cjs/idx/types/FlowIdentifier.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=FlowIdentifier.js.map

package/{esm/types/AuthState.js.map → cjs/idx/types/FlowIdentifier.js.map}

@@ -1 +1 @@
-{"version":3,"sources":[],"names":[],"mappings":"","sourcesContent":[],"file":"AuthState.js"}
+{"version":3,"sources":[],"names":[],"mappings":"","sourcesContent":[],"file":"FlowIdentifier.js"}

package/cjs/idx/types/idx-js.js

@@ -1,6 +1,7 @@
 "use strict";
 
 exports.isRawIdxResponse = isRawIdxResponse;
+exports.isIdxResponse = isIdxResponse;
 
 /*!
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
@@ -18,4 +19,8 @@ exports.isRawIdxResponse = isRawIdxResponse;
 function isRawIdxResponse(obj) {
   return obj && obj.version;
 }
+
+function isIdxResponse(obj) {
+  return obj && isRawIdxResponse(obj.rawIdxState);
+}
 //# sourceMappingURL=idx-js.js.map