@okta/okta-auth-js 5.7.0 → 5.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (449) hide show
  1. package/CHANGELOG.md +47 -0
  2. package/README.md +12 -2
  3. package/cjs/OktaAuth.js +88 -43
  4. package/cjs/OktaAuth.js.map +1 -1
  5. package/cjs/OktaUserAgent.js +2 -2
  6. package/cjs/OktaUserAgent.js.map +1 -1
  7. package/cjs/StorageManager.js +8 -0
  8. package/cjs/StorageManager.js.map +1 -1
  9. package/cjs/TokenManager.js +24 -2
  10. package/cjs/TokenManager.js.map +1 -1
  11. package/cjs/TransactionManager.js +24 -12
  12. package/cjs/TransactionManager.js.map +1 -1
  13. package/cjs/constants.js +3 -1
  14. package/cjs/constants.js.map +1 -1
  15. package/cjs/features.js +1 -1
  16. package/cjs/features.js.map +1 -1
  17. package/cjs/idx/authenticate.js +3 -18
  18. package/cjs/idx/authenticate.js.map +1 -1
  19. package/cjs/idx/authenticator/Authenticator.js +14 -0
  20. package/cjs/idx/authenticator/Authenticator.js.map +1 -0
  21. package/cjs/idx/authenticator/OktaPassword.js +31 -0
  22. package/cjs/idx/authenticator/OktaPassword.js.map +1 -0
  23. package/cjs/idx/authenticator/OktaVerifyTotp.js +17 -0
  24. package/cjs/idx/authenticator/OktaVerifyTotp.js.map +1 -0
  25. package/cjs/idx/authenticator/SecurityQuestionEnrollment.js +50 -0
  26. package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map +1 -0
  27. package/cjs/idx/authenticator/SecurityQuestionVerification.js +31 -0
  28. package/cjs/idx/authenticator/SecurityQuestionVerification.js.map +1 -0
  29. package/cjs/idx/authenticator/VerificationCodeAuthenticator.js +34 -0
  30. package/cjs/idx/authenticator/VerificationCodeAuthenticator.js.map +1 -0
  31. package/cjs/idx/authenticator/getAuthenticator.js +42 -0
  32. package/cjs/idx/authenticator/getAuthenticator.js.map +1 -0
  33. package/cjs/idx/authenticator/index.js +80 -0
  34. package/cjs/idx/authenticator/index.js.map +1 -0
  35. package/cjs/idx/cancel.js +5 -0
  36. package/cjs/idx/cancel.js.map +1 -1
  37. package/cjs/idx/flow/AuthenticationFlow.js +32 -0
  38. package/cjs/idx/flow/AuthenticationFlow.js.map +1 -0
  39. package/cjs/idx/flow/FlowSpecification.js +39 -0
  40. package/cjs/idx/flow/FlowSpecification.js.map +1 -0
  41. package/cjs/idx/flow/PasswordRecoveryFlow.js +28 -0
  42. package/cjs/idx/flow/PasswordRecoveryFlow.js.map +1 -0
  43. package/{esm/crypto/browser.js → cjs/idx/flow/RegistrationFlow.js} +16 -12
  44. package/cjs/idx/flow/RegistrationFlow.js.map +1 -0
  45. package/cjs/idx/flow/RemediationFlow.js +2 -0
  46. package/{esm/types/Cookies.js.map → cjs/idx/flow/RemediationFlow.js.map} +1 -1
  47. package/cjs/idx/flow/index.js +67 -0
  48. package/cjs/idx/flow/index.js.map +1 -0
  49. package/cjs/idx/index.js +39 -0
  50. package/cjs/idx/index.js.map +1 -1
  51. package/cjs/idx/interact.js +13 -4
  52. package/cjs/idx/interact.js.map +1 -1
  53. package/cjs/idx/introspect.js +24 -7
  54. package/cjs/idx/introspect.js.map +1 -1
  55. package/cjs/idx/poll.js +59 -0
  56. package/cjs/idx/poll.js.map +1 -0
  57. package/cjs/idx/proceed.js +49 -0
  58. package/cjs/idx/proceed.js.map +1 -0
  59. package/cjs/idx/recoverPassword.js +3 -17
  60. package/cjs/idx/recoverPassword.js.map +1 -1
  61. package/cjs/idx/register.js +22 -20
  62. package/cjs/idx/register.js.map +1 -1
  63. package/cjs/idx/remediate.js +61 -118
  64. package/cjs/idx/remediate.js.map +1 -1
  65. package/cjs/idx/remediators/AuthenticatorEnrollmentData.js +9 -12
  66. package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
  67. package/cjs/idx/remediators/AuthenticatorVerificationData.js +6 -9
  68. package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
  69. package/cjs/idx/remediators/Base/AuthenticatorData.js +43 -32
  70. package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
  71. package/cjs/idx/remediators/Base/Remediator.js +51 -20
  72. package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
  73. package/cjs/idx/remediators/Base/SelectAuthenticator.js +16 -16
  74. package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  75. package/cjs/idx/remediators/Base/VerifyAuthenticator.js +8 -28
  76. package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  77. package/{esm/idx/remediators/RedirectIdp.js → cjs/idx/remediators/ChallengePoll.js} +13 -25
  78. package/cjs/idx/remediators/ChallengePoll.js.map +1 -0
  79. package/cjs/idx/remediators/EnrollPoll.js +56 -0
  80. package/cjs/idx/remediators/EnrollPoll.js.map +1 -0
  81. package/cjs/idx/remediators/Identify.js +4 -36
  82. package/cjs/idx/remediators/Identify.js.map +1 -1
  83. package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js +23 -2
  84. package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
  85. package/cjs/idx/remediators/Skip.js +7 -0
  86. package/cjs/idx/remediators/Skip.js.map +1 -1
  87. package/cjs/idx/remediators/index.js +26 -0
  88. package/cjs/idx/remediators/index.js.map +1 -1
  89. package/cjs/idx/run.js +36 -16
  90. package/cjs/idx/run.js.map +1 -1
  91. package/cjs/idx/startTransaction.js +2 -0
  92. package/cjs/idx/startTransaction.js.map +1 -1
  93. package/cjs/idx/transactionMeta.js +77 -39
  94. package/cjs/idx/transactionMeta.js.map +1 -1
  95. package/cjs/idx/types/FlowIdentifier.js +2 -0
  96. package/{esm/types/AuthState.js.map → cjs/idx/types/FlowIdentifier.js.map} +1 -1
  97. package/cjs/idx/types/idx-js.js +5 -0
  98. package/cjs/idx/types/idx-js.js.map +1 -1
  99. package/cjs/idx/types/index.js +18 -1
  100. package/cjs/idx/types/index.js.map +1 -1
  101. package/cjs/oidc/endpoints/authorize.js +4 -1
  102. package/cjs/oidc/endpoints/authorize.js.map +1 -1
  103. package/cjs/oidc/getWithRedirect.js +2 -6
  104. package/cjs/oidc/getWithRedirect.js.map +1 -1
  105. package/cjs/oidc/util/loginRedirect.js +9 -5
  106. package/cjs/oidc/util/loginRedirect.js.map +1 -1
  107. package/cjs/oidc/util/urlParams.js +1 -1
  108. package/cjs/oidc/util/urlParams.js.map +1 -1
  109. package/cjs/options.js +12 -2
  110. package/cjs/options.js.map +1 -1
  111. package/cjs/server/serverStorage.js +2 -1
  112. package/cjs/server/serverStorage.js.map +1 -1
  113. package/cjs/types/Token.js.map +1 -1
  114. package/cjs/types/Transaction.js.map +1 -1
  115. package/{esm/clock.js → cjs/util/emailVerify.js} +14 -18
  116. package/cjs/util/emailVerify.js.map +1 -0
  117. package/cjs/util/index.js +13 -0
  118. package/cjs/util/index.js.map +1 -1
  119. package/dist/okta-auth-js.min.js +2 -74
  120. package/dist/okta-auth-js.min.js.LICENSE.txt +32 -0
  121. package/dist/okta-auth-js.min.js.map +1 -1
  122. package/dist/okta-auth-js.polyfill.js +2 -18
  123. package/{esm/crypto/webcrypto.js → dist/okta-auth-js.polyfill.js.LICENSE.txt} +8 -4
  124. package/dist/okta-auth-js.polyfill.js.map +1 -1
  125. package/dist/okta-auth-js.umd.js +2 -74
  126. package/dist/okta-auth-js.umd.js.LICENSE.txt +32 -0
  127. package/dist/okta-auth-js.umd.js.map +1 -1
  128. package/esm/index.js +8580 -16
  129. package/esm/index.js.map +1 -1
  130. package/lib/OktaAuth.d.ts +6 -3
  131. package/lib/StorageManager.d.ts +1 -0
  132. package/lib/TokenManager.d.ts +2 -0
  133. package/lib/TransactionManager.d.ts +5 -1
  134. package/lib/constants.d.ts +1 -0
  135. package/lib/crypto/base64.d.ts +2 -2
  136. package/lib/crypto/oidcHash.d.ts +1 -1
  137. package/lib/crypto/verifyToken.d.ts +1 -1
  138. package/lib/idx/authenticator/Authenticator.d.ts +12 -0
  139. package/lib/idx/authenticator/OktaPassword.d.ts +11 -0
  140. package/lib/idx/authenticator/OktaVerifyTotp.d.ts +9 -0
  141. package/lib/idx/authenticator/SecurityQuestionEnrollment.d.ts +28 -0
  142. package/lib/idx/authenticator/SecurityQuestionVerification.d.ts +14 -0
  143. package/lib/idx/authenticator/VerificationCodeAuthenticator.d.ts +10 -0
  144. package/lib/idx/authenticator/getAuthenticator.d.ts +3 -0
  145. package/lib/idx/authenticator/index.d.ts +6 -0
  146. package/{esm/oidc/endpoints/index.js → lib/idx/flow/AuthenticationFlow.d.ts} +3 -5
  147. package/lib/idx/flow/FlowSpecification.d.ts +8 -0
  148. package/{esm/crypto/index.js → lib/idx/flow/PasswordRecoveryFlow.d.ts} +3 -6
  149. package/{esm/tx/TransactionState.js → lib/idx/flow/RegistrationFlow.d.ts} +3 -3
  150. package/lib/idx/flow/RemediationFlow.d.ts +13 -0
  151. package/lib/idx/{flowMonitors → flow}/index.d.ts +5 -4
  152. package/lib/idx/index.d.ts +3 -0
  153. package/lib/idx/interact.d.ts +1 -0
  154. package/lib/idx/introspect.d.ts +2 -1
  155. package/lib/idx/poll.d.ts +13 -0
  156. package/lib/idx/proceed.d.ts +21 -0
  157. package/lib/idx/register.d.ts +1 -1
  158. package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +9 -5
  159. package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +0 -1
  160. package/lib/idx/remediators/Base/AuthenticatorData.d.ts +8 -3
  161. package/lib/idx/remediators/Base/Remediator.d.ts +9 -6
  162. package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +5 -4
  163. package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +8 -4
  164. package/lib/idx/remediators/ChallengePoll.d.ts +15 -0
  165. package/{esm/tx/util.js → lib/idx/remediators/EnrollPoll.d.ts} +11 -13
  166. package/lib/idx/remediators/Identify.d.ts +1 -3
  167. package/lib/idx/remediators/SelectAuthenticatorAuthenticate.d.ts +6 -2
  168. package/lib/idx/remediators/Skip.d.ts +3 -0
  169. package/lib/idx/remediators/index.d.ts +2 -0
  170. package/lib/idx/run.d.ts +8 -9
  171. package/lib/idx/transactionMeta.d.ts +28 -4
  172. package/lib/idx/types/FlowIdentifier.d.ts +1 -0
  173. package/lib/idx/types/idx-js.d.ts +53 -1
  174. package/lib/idx/types/index.d.ts +18 -4
  175. package/lib/oidc/util/loginRedirect.d.ts +1 -1
  176. package/lib/types/OktaAuthOptions.d.ts +3 -0
  177. package/lib/types/Token.d.ts +1 -0
  178. package/lib/types/Transaction.d.ts +2 -0
  179. package/lib/types/api.d.ts +15 -2
  180. package/lib/{idx/flowMonitors/AuthenticationFlowMonitor.d.ts → util/emailVerify.d.ts} +5 -3
  181. package/lib/util/index.d.ts +1 -0
  182. package/package.json +22 -13
  183. package/cjs/idx/flowMonitors/AuthenticationFlowMonitor.js +0 -45
  184. package/cjs/idx/flowMonitors/AuthenticationFlowMonitor.js.map +0 -1
  185. package/cjs/idx/flowMonitors/FlowMonitor.js +0 -69
  186. package/cjs/idx/flowMonitors/FlowMonitor.js.map +0 -1
  187. package/cjs/idx/flowMonitors/PasswordRecoveryFlowMonitor.js +0 -55
  188. package/cjs/idx/flowMonitors/PasswordRecoveryFlowMonitor.js.map +0 -1
  189. package/cjs/idx/flowMonitors/RegistrationFlowMonitor.js +0 -35
  190. package/cjs/idx/flowMonitors/RegistrationFlowMonitor.js.map +0 -1
  191. package/cjs/idx/flowMonitors/index.js +0 -54
  192. package/cjs/idx/flowMonitors/index.js.map +0 -1
  193. package/esm/AuthStateManager.js +0 -214
  194. package/esm/AuthStateManager.js.map +0 -1
  195. package/esm/OktaAuth.js +0 -681
  196. package/esm/OktaAuth.js.map +0 -1
  197. package/esm/OktaUserAgent.js +0 -49
  198. package/esm/OktaUserAgent.js.map +0 -1
  199. package/esm/PromiseQueue.js +0 -71
  200. package/esm/PromiseQueue.js.map +0 -1
  201. package/esm/SavedObject.js +0 -91
  202. package/esm/SavedObject.js.map +0 -1
  203. package/esm/StorageManager.js +0 -182
  204. package/esm/StorageManager.js.map +0 -1
  205. package/esm/TokenManager.js +0 -455
  206. package/esm/TokenManager.js.map +0 -1
  207. package/esm/TransactionManager.js +0 -316
  208. package/esm/TransactionManager.js.map +0 -1
  209. package/esm/browser/browserStorage.js +0 -256
  210. package/esm/browser/browserStorage.js.map +0 -1
  211. package/esm/browser/fingerprint.js +0 -74
  212. package/esm/browser/fingerprint.js.map +0 -1
  213. package/esm/builderUtil.js +0 -56
  214. package/esm/builderUtil.js.map +0 -1
  215. package/esm/clock.js.map +0 -1
  216. package/esm/constants.js +0 -35
  217. package/esm/constants.js.map +0 -1
  218. package/esm/crypto/base64.js +0 -66
  219. package/esm/crypto/base64.js.map +0 -1
  220. package/esm/crypto/browser.js.map +0 -1
  221. package/esm/crypto/index.js.map +0 -1
  222. package/esm/crypto/node.js +0 -54
  223. package/esm/crypto/node.js.map +0 -1
  224. package/esm/crypto/oidcHash.js +0 -27
  225. package/esm/crypto/oidcHash.js.map +0 -1
  226. package/esm/crypto/verifyToken.js +0 -39
  227. package/esm/crypto/verifyToken.js.map +0 -1
  228. package/esm/crypto/webcrypto.js.map +0 -1
  229. package/esm/errors/AuthApiError.js +0 -30
  230. package/esm/errors/AuthApiError.js.map +0 -1
  231. package/esm/errors/AuthPollStopError.js +0 -20
  232. package/esm/errors/AuthPollStopError.js.map +0 -1
  233. package/esm/errors/AuthSdkError.js +0 -29
  234. package/esm/errors/AuthSdkError.js.map +0 -1
  235. package/esm/errors/CustomError.js +0 -21
  236. package/esm/errors/CustomError.js.map +0 -1
  237. package/esm/errors/OAuthError.js +0 -22
  238. package/esm/errors/OAuthError.js.map +0 -1
  239. package/esm/errors/index.js +0 -22
  240. package/esm/errors/index.js.map +0 -1
  241. package/esm/features.js +0 -64
  242. package/esm/features.js.map +0 -1
  243. package/esm/fetch/fetchRequest.js +0 -92
  244. package/esm/fetch/fetchRequest.js.map +0 -1
  245. package/esm/http/headers.js +0 -17
  246. package/esm/http/headers.js.map +0 -1
  247. package/esm/http/index.js +0 -3
  248. package/esm/http/index.js.map +0 -1
  249. package/esm/http/request.js +0 -145
  250. package/esm/http/request.js.map +0 -1
  251. package/esm/idx/authenticate.js +0 -47
  252. package/esm/idx/authenticate.js.map +0 -1
  253. package/esm/idx/cancel.js +0 -32
  254. package/esm/idx/cancel.js.map +0 -1
  255. package/esm/idx/flowMonitors/AuthenticationFlowMonitor.js +0 -41
  256. package/esm/idx/flowMonitors/AuthenticationFlowMonitor.js.map +0 -1
  257. package/esm/idx/flowMonitors/FlowMonitor.js +0 -73
  258. package/esm/idx/flowMonitors/FlowMonitor.js.map +0 -1
  259. package/esm/idx/flowMonitors/PasswordRecoveryFlowMonitor.js +0 -57
  260. package/esm/idx/flowMonitors/PasswordRecoveryFlowMonitor.js.map +0 -1
  261. package/esm/idx/flowMonitors/RegistrationFlowMonitor.js +0 -28
  262. package/esm/idx/flowMonitors/RegistrationFlowMonitor.js.map +0 -1
  263. package/esm/idx/flowMonitors/index.js +0 -16
  264. package/esm/idx/flowMonitors/index.js.map +0 -1
  265. package/esm/idx/handleInteractionCodeRedirect.js +0 -64
  266. package/esm/idx/handleInteractionCodeRedirect.js.map +0 -1
  267. package/esm/idx/headers.js +0 -39
  268. package/esm/idx/headers.js.map +0 -1
  269. package/esm/idx/index.js +0 -20
  270. package/esm/idx/index.js.map +0 -1
  271. package/esm/idx/interact.js +0 -83
  272. package/esm/idx/interact.js.map +0 -1
  273. package/esm/idx/introspect.js +0 -45
  274. package/esm/idx/introspect.js.map +0 -1
  275. package/esm/idx/recoverPassword.js +0 -46
  276. package/esm/idx/recoverPassword.js.map +0 -1
  277. package/esm/idx/register.js +0 -63
  278. package/esm/idx/register.js.map +0 -1
  279. package/esm/idx/remediate.js +0 -302
  280. package/esm/idx/remediate.js.map +0 -1
  281. package/esm/idx/remediators/AuthenticatorEnrollmentData.js +0 -68
  282. package/esm/idx/remediators/AuthenticatorEnrollmentData.js.map +0 -1
  283. package/esm/idx/remediators/AuthenticatorVerificationData.js +0 -66
  284. package/esm/idx/remediators/AuthenticatorVerificationData.js.map +0 -1
  285. package/esm/idx/remediators/Base/AuthenticatorData.js +0 -105
  286. package/esm/idx/remediators/Base/AuthenticatorData.js.map +0 -1
  287. package/esm/idx/remediators/Base/Remediator.js +0 -221
  288. package/esm/idx/remediators/Base/Remediator.js.map +0 -1
  289. package/esm/idx/remediators/Base/SelectAuthenticator.js +0 -140
  290. package/esm/idx/remediators/Base/SelectAuthenticator.js.map +0 -1
  291. package/esm/idx/remediators/Base/VerifyAuthenticator.js +0 -65
  292. package/esm/idx/remediators/Base/VerifyAuthenticator.js.map +0 -1
  293. package/esm/idx/remediators/ChallengeAuthenticator.js +0 -18
  294. package/esm/idx/remediators/ChallengeAuthenticator.js.map +0 -1
  295. package/esm/idx/remediators/EnrollAuthenticator.js +0 -18
  296. package/esm/idx/remediators/EnrollAuthenticator.js.map +0 -1
  297. package/esm/idx/remediators/EnrollProfile.js +0 -79
  298. package/esm/idx/remediators/EnrollProfile.js.map +0 -1
  299. package/esm/idx/remediators/Identify.js +0 -87
  300. package/esm/idx/remediators/Identify.js.map +0 -1
  301. package/esm/idx/remediators/ReEnrollAuthenticator.js +0 -45
  302. package/esm/idx/remediators/ReEnrollAuthenticator.js.map +0 -1
  303. package/esm/idx/remediators/RedirectIdp.js.map +0 -1
  304. package/esm/idx/remediators/ResetAuthenticator.js +0 -18
  305. package/esm/idx/remediators/ResetAuthenticator.js.map +0 -1
  306. package/esm/idx/remediators/SelectAuthenticatorAuthenticate.js +0 -18
  307. package/esm/idx/remediators/SelectAuthenticatorAuthenticate.js.map +0 -1
  308. package/esm/idx/remediators/SelectAuthenticatorEnroll.js +0 -18
  309. package/esm/idx/remediators/SelectAuthenticatorEnroll.js.map +0 -1
  310. package/esm/idx/remediators/SelectEnrollProfile.js +0 -24
  311. package/esm/idx/remediators/SelectEnrollProfile.js.map +0 -1
  312. package/esm/idx/remediators/Skip.js +0 -23
  313. package/esm/idx/remediators/Skip.js.map +0 -1
  314. package/esm/idx/remediators/index.js +0 -26
  315. package/esm/idx/remediators/index.js.map +0 -1
  316. package/esm/idx/remediators/util.js +0 -35
  317. package/esm/idx/remediators/util.js.map +0 -1
  318. package/esm/idx/run.js +0 -201
  319. package/esm/idx/run.js.map +0 -1
  320. package/esm/idx/startTransaction.js +0 -27
  321. package/esm/idx/startTransaction.js.map +0 -1
  322. package/esm/idx/transactionMeta.js +0 -114
  323. package/esm/idx/transactionMeta.js.map +0 -1
  324. package/esm/idx/types/idx-js.js +0 -17
  325. package/esm/idx/types/idx-js.js.map +0 -1
  326. package/esm/idx/types/index.js +0 -44
  327. package/esm/idx/types/index.js.map +0 -1
  328. package/esm/oidc/decodeToken.js +0 -31
  329. package/esm/oidc/decodeToken.js.map +0 -1
  330. package/esm/oidc/endpoints/authorize.js +0 -61
  331. package/esm/oidc/endpoints/authorize.js.map +0 -1
  332. package/esm/oidc/endpoints/index.js.map +0 -1
  333. package/esm/oidc/endpoints/token.js +0 -97
  334. package/esm/oidc/endpoints/token.js.map +0 -1
  335. package/esm/oidc/endpoints/well-known.js +0 -58
  336. package/esm/oidc/endpoints/well-known.js.map +0 -1
  337. package/esm/oidc/exchangeCodeForTokens.js +0 -69
  338. package/esm/oidc/exchangeCodeForTokens.js.map +0 -1
  339. package/esm/oidc/getToken.js +0 -180
  340. package/esm/oidc/getToken.js.map +0 -1
  341. package/esm/oidc/getUserInfo.js +0 -82
  342. package/esm/oidc/getUserInfo.js.map +0 -1
  343. package/esm/oidc/getWithPopup.js +0 -34
  344. package/esm/oidc/getWithPopup.js.map +0 -1
  345. package/esm/oidc/getWithRedirect.js +0 -65
  346. package/esm/oidc/getWithRedirect.js.map +0 -1
  347. package/esm/oidc/getWithoutPrompt.js +0 -29
  348. package/esm/oidc/getWithoutPrompt.js.map +0 -1
  349. package/esm/oidc/handleOAuthResponse.js +0 -148
  350. package/esm/oidc/handleOAuthResponse.js.map +0 -1
  351. package/esm/oidc/index.js +0 -29
  352. package/esm/oidc/index.js.map +0 -1
  353. package/esm/oidc/parseFromUrl.js +0 -144
  354. package/esm/oidc/parseFromUrl.js.map +0 -1
  355. package/esm/oidc/renewToken.js +0 -85
  356. package/esm/oidc/renewToken.js.map +0 -1
  357. package/esm/oidc/renewTokens.js +0 -74
  358. package/esm/oidc/renewTokens.js.map +0 -1
  359. package/esm/oidc/renewTokensWithRefresh.js +0 -55
  360. package/esm/oidc/renewTokensWithRefresh.js.map +0 -1
  361. package/esm/oidc/revokeToken.js +0 -57
  362. package/esm/oidc/revokeToken.js.map +0 -1
  363. package/esm/oidc/util/browser.js +0 -74
  364. package/esm/oidc/util/browser.js.map +0 -1
  365. package/esm/oidc/util/defaultTokenParams.js +0 -42
  366. package/esm/oidc/util/defaultTokenParams.js.map +0 -1
  367. package/esm/oidc/util/errors.js +0 -31
  368. package/esm/oidc/util/errors.js.map +0 -1
  369. package/esm/oidc/util/index.js +0 -25
  370. package/esm/oidc/util/index.js.map +0 -1
  371. package/esm/oidc/util/loginRedirect.js +0 -84
  372. package/esm/oidc/util/loginRedirect.js.map +0 -1
  373. package/esm/oidc/util/oauth.js +0 -70
  374. package/esm/oidc/util/oauth.js.map +0 -1
  375. package/esm/oidc/util/pkce.js +0 -55
  376. package/esm/oidc/util/pkce.js.map +0 -1
  377. package/esm/oidc/util/prepareTokenParams.js +0 -75
  378. package/esm/oidc/util/prepareTokenParams.js.map +0 -1
  379. package/esm/oidc/util/refreshToken.js +0 -24
  380. package/esm/oidc/util/refreshToken.js.map +0 -1
  381. package/esm/oidc/util/urlParams.js +0 -54
  382. package/esm/oidc/util/urlParams.js.map +0 -1
  383. package/esm/oidc/util/validateClaims.js +0 -53
  384. package/esm/oidc/util/validateClaims.js.map +0 -1
  385. package/esm/oidc/util/validateToken.js +0 -21
  386. package/esm/oidc/util/validateToken.js.map +0 -1
  387. package/esm/oidc/verifyToken.js +0 -78
  388. package/esm/oidc/verifyToken.js.map +0 -1
  389. package/esm/options.js +0 -134
  390. package/esm/options.js.map +0 -1
  391. package/esm/server/serverStorage.js +0 -110
  392. package/esm/server/serverStorage.js.map +0 -1
  393. package/esm/services/TokenService.js +0 -103
  394. package/esm/services/TokenService.js.map +0 -1
  395. package/esm/session.js +0 -81
  396. package/esm/session.js.map +0 -1
  397. package/esm/tx/AuthTransaction.js +0 -213
  398. package/esm/tx/AuthTransaction.js.map +0 -1
  399. package/esm/tx/TransactionState.js.map +0 -1
  400. package/esm/tx/api.js +0 -87
  401. package/esm/tx/api.js.map +0 -1
  402. package/esm/tx/index.js +0 -18
  403. package/esm/tx/index.js.map +0 -1
  404. package/esm/tx/poll.js +0 -124
  405. package/esm/tx/poll.js.map +0 -1
  406. package/esm/tx/util.js.map +0 -1
  407. package/esm/types/AuthState.js +0 -3
  408. package/esm/types/Cookies.js +0 -3
  409. package/esm/types/EventEmitter.js +0 -3
  410. package/esm/types/EventEmitter.js.map +0 -1
  411. package/esm/types/JWT.js +0 -3
  412. package/esm/types/JWT.js.map +0 -1
  413. package/esm/types/OAuth.js +0 -3
  414. package/esm/types/OAuth.js.map +0 -1
  415. package/esm/types/OktaAuthOptions.js +0 -3
  416. package/esm/types/OktaAuthOptions.js.map +0 -1
  417. package/esm/types/Storage.js +0 -3
  418. package/esm/types/Storage.js.map +0 -1
  419. package/esm/types/Token.js +0 -29
  420. package/esm/types/Token.js.map +0 -1
  421. package/esm/types/TokenManager.js +0 -3
  422. package/esm/types/TokenManager.js.map +0 -1
  423. package/esm/types/Transaction.js +0 -57
  424. package/esm/types/Transaction.js.map +0 -1
  425. package/esm/types/UserClaims.js +0 -3
  426. package/esm/types/UserClaims.js.map +0 -1
  427. package/esm/types/api.js +0 -3
  428. package/esm/types/api.js.map +0 -1
  429. package/esm/types/http.js +0 -3
  430. package/esm/types/http.js.map +0 -1
  431. package/esm/types/index.js +0 -27
  432. package/esm/types/index.js.map +0 -1
  433. package/esm/util/console.js +0 -53
  434. package/esm/util/console.js.map +0 -1
  435. package/esm/util/index.js +0 -17
  436. package/esm/util/index.js.map +0 -1
  437. package/esm/util/misc.js +0 -33
  438. package/esm/util/misc.js.map +0 -1
  439. package/esm/util/object.js +0 -117
  440. package/esm/util/object.js.map +0 -1
  441. package/esm/util/sharedStorage.js +0 -43
  442. package/esm/util/sharedStorage.js.map +0 -1
  443. package/esm/util/types.js +0 -27
  444. package/esm/util/types.js.map +0 -1
  445. package/esm/util/url.js +0 -64
  446. package/esm/util/url.js.map +0 -1
  447. package/lib/idx/flowMonitors/FlowMonitor.d.ts +0 -23
  448. package/lib/idx/flowMonitors/PasswordRecoveryFlowMonitor.d.ts +0 -16
  449. package/lib/idx/flowMonitors/RegistrationFlowMonitor.d.ts +0 -15
package/cjs/StorageManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/StorageManager.ts"],"names":["logServerSideMemoryStorageWarning","options","storageProvider","StorageManager","constructor","storageManagerOptions","cookieOptions","storageUtil","getOptionsForSection","sectionName","overrideOptions","Object","assign","getStorage","storageType","storageTypes","sessionCookie","idx","indexOf","slice","findStorageType","getStorageByType","getTransactionStorage","storage","storageKey","TRANSACTION_STORAGE_NAME","SavedObject","getSharedTansactionStorage","SHARED_TRANSACTION_STORAGE_NAME","getIdxResponseStorage","e","transactionStorage","getItem","key","transaction","setItem","val","AuthSdkError","setStorage","removeItem","IDX_RESPONSE_STORAGE_NAME","getTokenStorage","TOKEN_STORAGE_NAME","getHttpCache","CACHE_STORAGE_NAME","getLegacyPKCEStorage","PKCE_STORAGE_NAME","getLegacyOAuthParamsStorage","REDIRECT_OAUTH_PARAMS_NAME"],"mappings":";;;;;;AAcA;;AAoBA;;AACA;;AACA;;AACA;;AArCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6BA,SAASA,iCAAT,CAA2CC,OAA3C,EAAoE;AAClE,MAAI,CAAC,0BAAD,IAAgB,CAACA,OAAO,CAACC,eAAzB,IAA4C,CAACD,OAAO,CAACC,eAAzD,EAA0E;AACxE;AACA,oBAAK,6KAAL;AACD;AACF;;AAEc,MAAMC,cAAN,CAAqB;AAKlCC,EAAAA,WAAW,CAACC,qBAAD,EAA+CC,aAA/C,EAA6EC,WAA7E,EAAuG;AAChH,SAAKF,qBAAL,GAA6BA,qBAA7B;AACA,SAAKC,aAAL,GAAqBA,aAArB;AACA,SAAKC,WAAL,GAAmBA,WAAnB;AACD,GATiC,CAWlC;;;AACAC,EAAAA,oBAAoB,CAACC,WAAD,EAAsBC,eAAtB,EAAwD;AAC1E,WAAOC,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,KAAKP,qBAAL,CAA2BI,WAA3B,CAAlB,EAA2DC,eAA3D,CAAP;AACD,GAdiC,CAgBlC;;;AACAG,EAAAA,UAAU,CAACZ,OAAD,EAAyC;AACjDA,IAAAA,OAAO,GAAGU,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,KAAKN,aAAvB,EAAsCL,OAAtC,CAAV,CADiD,CACS;;AAE1D,QAAIA,OAAO,CAACC,eAAZ,EAA6B;AAC3B,aAAOD,OAAO,CAACC,eAAf;AACD;;AAED,QAAI;AAAEY,MAAAA,WAAF;AAAeC,MAAAA;AAAf,QAAgCd,OAApC;;AAEA,QAAGa,WAAW,KAAK,gBAAnB,EAAqC;AACnCb,MAAAA,OAAO,CAACe,aAAR,GAAwB,IAAxB;AACD,KAXgD,CAajD;;;AACA,QAAIF,WAAW,IAAIC,YAAnB,EAAiC;AAC/B,YAAME,GAAG,GAAGF,YAAY,CAACG,OAAb,CAAqBJ,WAArB,CAAZ;;AACA,UAAIG,GAAG,IAAI,CAAX,EAAc;AACZF,QAAAA,YAAY,GAAGA,YAAY,CAACI,KAAb,CAAmBF,GAAnB,CAAf;AACAH,QAAAA,WAAW,GAAG,IAAd;AACD;AACF;;AAED,QAAI,CAACA,WAAL,EAAkB;AAChBA,MAAAA,WAAW,GAAG,KAAKP,WAAL,CAAiBa,eAAjB,CAAiCL,YAAjC,CAAd;AACD;;AACD,WAAO,KAAKR,WAAL,CAAiBc,gBAAjB,CAAkCP,WAAlC,EAA+Cb,OAA/C,CAAP;AACD,GA3CiC,CA6ClC;;;AACAqB,EAAAA,qBAAqB,CAACrB,OAAD,EAA+C;AAClEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,aAA1B,EAAyCP,OAAzC,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBC,mCAAzC;AACA,WAAO,IAAIC,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDG,EAAAA,0BAA0B,CAAC1B,OAAD,EAA+C;AACvEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,oBAA1B,EAAgDP,OAAhD,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBI,0CAAzC;AACA,WAAO,IAAIF,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GA5DiC,CA8DlC;AACA;AACA;;;AACAK,EAAAA,qBAAqB,CAAC5B,OAAD,EAA+C;AAClE,QAAIsB,OAAJ;;AACA,QAAI,0BAAJ,EAAiB;AACf;AACA,UAAI;AACFA,QAAAA,OAAO,GAAG,KAAKhB,WAAL,CAAiBc,gBAAjB,CAAkC,QAAlC,EAA4CpB,OAA5C,CAAV;AACD,OAFD,CAEE,OAAO6B,CAAP,EAAU;AACV;AACA;AACA,wBAAK,yIAAL;AACD;AACF,KATD,MASO;AACL;AACA,YAAMC,kBAAkB,GAAG,KAAKT,qBAAL,CAA2BrB,OAA3B,CAA3B;;AACA,UAAI8B,kBAAJ,EAAwB;AACtBR,QAAAA,OAAO,GAAG;AACRS,UAAAA,OAAO,EAAGC,GAAD,IAAS;AAChB,kBAAMC,WAAW,GAAGH,kBAAkB,CAAClB,UAAnB,EAApB;;AACA,gBAAIqB,WAAW,IAAIA,WAAW,CAACD,GAAD,CAA9B,EAAqC;AACnC,qBAAOC,WAAW,CAACD,GAAD,CAAlB;AACD;;AACD,mBAAO,IAAP;AACD,WAPO;AAQRE,UAAAA,OAAO,EAAE,CAACF,GAAD,EAAMG,GAAN,KAAc;AACrB,kBAAMF,WAAW,GAAGH,kBAAkB,CAAClB,UAAnB,EAApB;;AACA,gBAAI,CAACqB,WAAL,EAAkB;AAChB,oBAAM,IAAIG,oBAAJ,CAAiB,uDAAjB,CAAN;AACD;;AACDH,YAAAA,WAAW,CAACD,GAAD,CAAX,GAAmBG,GAAnB;AACAL,YAAAA,kBAAkB,CAACO,UAAnB,CAA8BJ,WAA9B;AACD,WAfO;AAgBRK,UAAAA,UAAU,EAAGN,GAAD,IAAS;AACnB,kBAAMC,WAAW,GAAGH,kBAAkB,CAAClB,UAAnB,EAApB;;AACA,gBAAI,CAACqB,WAAL,EAAkB;AAChB;AACD;;AACD,mBAAOA,WAAW,CAACD,GAAD,CAAlB;AACAF,YAAAA,kBAAkB,CAACO,UAAnB,CAA8BJ,WAA9B;AACD;AAvBO,SAAV;AAyBD;AACF;;AAED,QAAI,CAACX,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AAED,WAAO,IAAIG,oBAAJ,CAAgBH,OAAhB,EAAyBiB,oCAAzB,CAAP;AACD,GAjHiC,CAmHlC;;;AACAC,EAAAA,eAAe,CAACxC,OAAD,EAA4C;AACzDA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,OAA1B,EAAmCP,OAAnC,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBkB,6BAAzC;AACA,WAAO,IAAIhB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GA1HiC,CA4HlC;;;AACAmB,EAAAA,YAAY,CAAC1C,OAAD,EAA4C;AACtDA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,OAA1B,EAAmCP,OAAnC,CAAV;AACA,UAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBoB,6BAAzC;AACA,WAAO,IAAIlB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GAlIiC,CAoIlC;;;AACAqB,EAAAA,oBAAoB,CAAC5C,OAAD,EAAwC;AAC1DA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,aAA1B,EAAyCP,OAAzC,CAAV;AACA,UAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBsB,4BAAzC;AACA,WAAO,IAAIpB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDuB,EAAAA,2BAA2B,CAAC9C,OAAD,EAA4C;AACrEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,qBAA1B,EAAiDP,OAAjD,CAAV;AACA,UAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBwB,qCAAzC;AACA,WAAO,IAAItB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAjJiC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n\nimport {\n PKCE_STORAGE_NAME,\n TOKEN_STORAGE_NAME,\n TRANSACTION_STORAGE_NAME,\n SHARED_TRANSACTION_STORAGE_NAME,\n IDX_RESPONSE_STORAGE_NAME,\n CACHE_STORAGE_NAME,\n REDIRECT_OAUTH_PARAMS_NAME\n} from './constants';\nimport {\n StorageUtil,\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n TransactionStorage,\n IdxResponseStorage,\n StorageManagerOptions,\n SimpleStorage\n} from './types';\nimport SavedObject from './SavedObject';\nimport { isBrowser } from './features';\nimport { warn } from './util';\nimport { AuthSdkError } from './errors';\n\nfunction logServerSideMemoryStorageWarning(options: StorageOptions) {\n if (!isBrowser() && !options.storageProvider && !options.storageProvider) {\n // eslint-disable-next-line max-len\n warn('Memory storage can only support simple single user use case on server side, please provide custom storageProvider or storageKey if advanced scenarios need to be supported.');\n }\n}\n\nexport default class StorageManager {\n storageManagerOptions: StorageManagerOptions;\n cookieOptions: CookieOptions;\n storageUtil: StorageUtil;\n\n constructor(storageManagerOptions: StorageManagerOptions, cookieOptions: CookieOptions, storageUtil: StorageUtil) {\n this.storageManagerOptions = storageManagerOptions;\n this.cookieOptions = cookieOptions;\n this.storageUtil = storageUtil;\n }\n\n // combines defaults in order\n getOptionsForSection(sectionName: string, overrideOptions?: StorageOptions) {\n return Object.assign({}, this.storageManagerOptions[sectionName], overrideOptions);\n }\n \n // generic method to get any available storage provider\n getStorage(options: StorageOptions): SimpleStorage {\n options = Object.assign({}, this.cookieOptions, options); // set defaults\n\n if (options.storageProvider) {\n return options.storageProvider;\n }\n\n let { storageType, storageTypes } = options;\n\n if(storageType === 'sessionStorage') {\n options.sessionCookie = true;\n }\n\n // Maintain compatibility. Automatically fallback. May change in next major version. OKTA-362589\n if (storageType && storageTypes) {\n const idx = storageTypes.indexOf(storageType);\n if (idx >= 0) {\n storageTypes = storageTypes.slice(idx);\n storageType = null;\n }\n }\n\n if (!storageType) {\n storageType = this.storageUtil.findStorageType(storageTypes);\n }\n return this.storageUtil.getStorageByType(storageType, options);\n }\n\n // stateToken, interactionHandle\n getTransactionStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getSharedTansactionStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('shared-transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || SHARED_TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // intermediate idxResponse\n // store for network traffic optimazation purpose\n // TODO: revisit in auth-js 6.0 epic JIRA: OKTA-399791\n getIdxResponseStorage(options?: StorageOptions): IdxResponseStorage {\n let storage;\n if (isBrowser()) {\n // on browser side only use memory storage \n try {\n storage = this.storageUtil.getStorageByType('memory', options);\n } catch (e) {\n // it's ok to miss response storage\n // eslint-disable-next-line max-len\n warn('No response storage found, you may want to provide custom implementation for intermediate idx responses to optimize the network traffic');\n }\n } else {\n // on server side re-use transaction custom storage\n const transactionStorage = this.getTransactionStorage(options);\n if (transactionStorage) {\n storage = {\n getItem: (key) => {\n const transaction = transactionStorage.getStorage();\n if (transaction && transaction[key]) {\n return transaction[key];\n }\n return null;\n },\n setItem: (key, val) => {\n const transaction = transactionStorage.getStorage();\n if (!transaction) {\n throw new AuthSdkError('Transaction has been cleared, failed to save idxState');\n }\n transaction[key] = val;\n transactionStorage.setStorage(transaction);\n },\n removeItem: (key) => {\n const transaction = transactionStorage.getStorage();\n if (!transaction) {\n return;\n }\n delete transaction[key];\n transactionStorage.setStorage(transaction);\n }\n };\n }\n }\n\n if (!storage) {\n return null;\n }\n\n return new SavedObject(storage, IDX_RESPONSE_STORAGE_NAME);\n }\n\n // access_token, id_token, refresh_token\n getTokenStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('token', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TOKEN_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // caches well-known response, among others\n getHttpCache(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('cache', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || CACHE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // Will be removed in an upcoming major version. OKTA-362589\n getLegacyPKCEStorage(options?: StorageOptions): PKCEStorage {\n options = this.getOptionsForSection('legacy-pkce', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || PKCE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getLegacyOAuthParamsStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('legacy-oauth-params', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || REDIRECT_OAUTH_PARAMS_NAME;\n return new SavedObject(storage, storageKey);\n }\n}\n"],"file":"StorageManager.js"}
1
+ {"version":3,"sources":["../../lib/StorageManager.ts"],"names":["logServerSideMemoryStorageWarning","options","storageProvider","StorageManager","constructor","storageManagerOptions","cookieOptions","storageUtil","getOptionsForSection","sectionName","overrideOptions","Object","assign","getStorage","storageType","storageTypes","sessionCookie","idx","indexOf","slice","findStorageType","getStorageByType","getTransactionStorage","storage","storageKey","TRANSACTION_STORAGE_NAME","SavedObject","getSharedTansactionStorage","SHARED_TRANSACTION_STORAGE_NAME","getOriginalUriStorage","ORIGINAL_URI_STORAGE_NAME","getIdxResponseStorage","e","transactionStorage","getItem","key","transaction","setItem","val","AuthSdkError","setStorage","removeItem","IDX_RESPONSE_STORAGE_NAME","getTokenStorage","TOKEN_STORAGE_NAME","getHttpCache","CACHE_STORAGE_NAME","getLegacyPKCEStorage","PKCE_STORAGE_NAME","getLegacyOAuthParamsStorage","REDIRECT_OAUTH_PARAMS_NAME"],"mappings":";;;;;;AAcA;;AAqBA;;AACA;;AACA;;AACA;;AAtCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA8BA,SAASA,iCAAT,CAA2CC,OAA3C,EAAoE;AAClE,MAAI,CAAC,0BAAD,IAAgB,CAACA,OAAO,CAACC,eAAzB,IAA4C,CAACD,OAAO,CAACC,eAAzD,EAA0E;AACxE;AACA,oBAAK,6KAAL;AACD;AACF;;AAEc,MAAMC,cAAN,CAAqB;AAKlCC,EAAAA,WAAW,CAACC,qBAAD,EAA+CC,aAA/C,EAA6EC,WAA7E,EAAuG;AAChH,SAAKF,qBAAL,GAA6BA,qBAA7B;AACA,SAAKC,aAAL,GAAqBA,aAArB;AACA,SAAKC,WAAL,GAAmBA,WAAnB;AACD,GATiC,CAWlC;;;AACAC,EAAAA,oBAAoB,CAACC,WAAD,EAAsBC,eAAtB,EAAwD;AAC1E,WAAOC,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,KAAKP,qBAAL,CAA2BI,WAA3B,CAAlB,EAA2DC,eAA3D,CAAP;AACD,GAdiC,CAgBlC;;;AACAG,EAAAA,UAAU,CAACZ,OAAD,EAAyC;AACjDA,IAAAA,OAAO,GAAGU,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,KAAKN,aAAvB,EAAsCL,OAAtC,CAAV,CADiD,CACS;;AAE1D,QAAIA,OAAO,CAACC,eAAZ,EAA6B;AAC3B,aAAOD,OAAO,CAACC,eAAf;AACD;;AAED,QAAI;AAAEY,MAAAA,WAAF;AAAeC,MAAAA;AAAf,QAAgCd,OAApC;;AAEA,QAAGa,WAAW,KAAK,gBAAnB,EAAqC;AACnCb,MAAAA,OAAO,CAACe,aAAR,GAAwB,IAAxB;AACD,KAXgD,CAajD;;;AACA,QAAIF,WAAW,IAAIC,YAAnB,EAAiC;AAC/B,YAAME,GAAG,GAAGF,YAAY,CAACG,OAAb,CAAqBJ,WAArB,CAAZ;;AACA,UAAIG,GAAG,IAAI,CAAX,EAAc;AACZF,QAAAA,YAAY,GAAGA,YAAY,CAACI,KAAb,CAAmBF,GAAnB,CAAf;AACAH,QAAAA,WAAW,GAAG,IAAd;AACD;AACF;;AAED,QAAI,CAACA,WAAL,EAAkB;AAChBA,MAAAA,WAAW,GAAG,KAAKP,WAAL,CAAiBa,eAAjB,CAAiCL,YAAjC,CAAd;AACD;;AACD,WAAO,KAAKR,WAAL,CAAiBc,gBAAjB,CAAkCP,WAAlC,EAA+Cb,OAA/C,CAAP;AACD,GA3CiC,CA6ClC;;;AACAqB,EAAAA,qBAAqB,CAACrB,OAAD,EAA+C;AAClEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,aAA1B,EAAyCP,OAAzC,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBC,mCAAzC;AACA,WAAO,IAAIC,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDG,EAAAA,0BAA0B,CAAC1B,OAAD,EAA+C;AACvEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,oBAA1B,EAAgDP,OAAhD,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBI,0CAAzC;AACA,WAAO,IAAIF,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDK,EAAAA,qBAAqB,CAAC5B,OAAD,EAA+C;AAClEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,cAA1B,EAA0CP,OAA1C,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBM,oCAAzC;AACA,WAAO,IAAIJ,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GApEiC,CAsElC;AACA;AACA;;;AACAO,EAAAA,qBAAqB,CAAC9B,OAAD,EAA+C;AAClE,QAAIsB,OAAJ;;AACA,QAAI,0BAAJ,EAAiB;AACf;AACA,UAAI;AACFA,QAAAA,OAAO,GAAG,KAAKhB,WAAL,CAAiBc,gBAAjB,CAAkC,QAAlC,EAA4CpB,OAA5C,CAAV;AACD,OAFD,CAEE,OAAO+B,CAAP,EAAU;AACV;AACA;AACA,wBAAK,yIAAL;AACD;AACF,KATD,MASO;AACL;AACA,YAAMC,kBAAkB,GAAG,KAAKX,qBAAL,CAA2BrB,OAA3B,CAA3B;;AACA,UAAIgC,kBAAJ,EAAwB;AACtBV,QAAAA,OAAO,GAAG;AACRW,UAAAA,OAAO,EAAGC,GAAD,IAAS;AAChB,kBAAMC,WAAW,GAAGH,kBAAkB,CAACpB,UAAnB,EAApB;;AACA,gBAAIuB,WAAW,IAAIA,WAAW,CAACD,GAAD,CAA9B,EAAqC;AACnC,qBAAOC,WAAW,CAACD,GAAD,CAAlB;AACD;;AACD,mBAAO,IAAP;AACD,WAPO;AAQRE,UAAAA,OAAO,EAAE,CAACF,GAAD,EAAMG,GAAN,KAAc;AACrB,kBAAMF,WAAW,GAAGH,kBAAkB,CAACpB,UAAnB,EAApB;;AACA,gBAAI,CAACuB,WAAL,EAAkB;AAChB,oBAAM,IAAIG,oBAAJ,CAAiB,uDAAjB,CAAN;AACD;;AACDH,YAAAA,WAAW,CAACD,GAAD,CAAX,GAAmBG,GAAnB;AACAL,YAAAA,kBAAkB,CAACO,UAAnB,CAA8BJ,WAA9B;AACD,WAfO;AAgBRK,UAAAA,UAAU,EAAGN,GAAD,IAAS;AACnB,kBAAMC,WAAW,GAAGH,kBAAkB,CAACpB,UAAnB,EAApB;;AACA,gBAAI,CAACuB,WAAL,EAAkB;AAChB;AACD;;AACD,mBAAOA,WAAW,CAACD,GAAD,CAAlB;AACAF,YAAAA,kBAAkB,CAACO,UAAnB,CAA8BJ,WAA9B;AACD;AAvBO,SAAV;AAyBD;AACF;;AAED,QAAI,CAACb,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AAED,WAAO,IAAIG,oBAAJ,CAAgBH,OAAhB,EAAyBmB,oCAAzB,CAAP;AACD,GAzHiC,CA2HlC;;;AACAC,EAAAA,eAAe,CAAC1C,OAAD,EAA4C;AACzDA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,OAA1B,EAAmCP,OAAnC,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBoB,6BAAzC;AACA,WAAO,IAAIlB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GAlIiC,CAoIlC;;;AACAqB,EAAAA,YAAY,CAAC5C,OAAD,EAA4C;AACtDA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,OAA1B,EAAmCP,OAAnC,CAAV;AACA,UAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBsB,6BAAzC;AACA,WAAO,IAAIpB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GA1IiC,CA4IlC;;;AACAuB,EAAAA,oBAAoB,CAAC9C,OAAD,EAAwC;AAC1DA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,aAA1B,EAAyCP,OAAzC,CAAV;AACA,UAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsBwB,4BAAzC;AACA,WAAO,IAAItB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDyB,EAAAA,2BAA2B,CAAChD,OAAD,EAA4C;AACrEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,qBAA1B,EAAiDP,OAAjD,CAAV;AACA,UAAMsB,OAAO,GAAG,KAAKV,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMuB,UAAU,GAAGvB,OAAO,CAACuB,UAAR,IAAsB0B,qCAAzC;AACA,WAAO,IAAIxB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAzJiC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n\nimport {\n PKCE_STORAGE_NAME,\n TOKEN_STORAGE_NAME,\n TRANSACTION_STORAGE_NAME,\n SHARED_TRANSACTION_STORAGE_NAME,\n ORIGINAL_URI_STORAGE_NAME,\n IDX_RESPONSE_STORAGE_NAME,\n CACHE_STORAGE_NAME,\n REDIRECT_OAUTH_PARAMS_NAME\n} from './constants';\nimport {\n StorageUtil,\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n TransactionStorage,\n IdxResponseStorage,\n StorageManagerOptions,\n SimpleStorage\n} from './types';\nimport SavedObject from './SavedObject';\nimport { isBrowser } from './features';\nimport { warn } from './util';\nimport { AuthSdkError } from './errors';\n\nfunction logServerSideMemoryStorageWarning(options: StorageOptions) {\n if (!isBrowser() && !options.storageProvider && !options.storageProvider) {\n // eslint-disable-next-line max-len\n warn('Memory storage can only support simple single user use case on server side, please provide custom storageProvider or storageKey if advanced scenarios need to be supported.');\n }\n}\n\nexport default class StorageManager {\n storageManagerOptions: StorageManagerOptions;\n cookieOptions: CookieOptions;\n storageUtil: StorageUtil;\n\n constructor(storageManagerOptions: StorageManagerOptions, cookieOptions: CookieOptions, storageUtil: StorageUtil) {\n this.storageManagerOptions = storageManagerOptions;\n this.cookieOptions = cookieOptions;\n this.storageUtil = storageUtil;\n }\n\n // combines defaults in order\n getOptionsForSection(sectionName: string, overrideOptions?: StorageOptions) {\n return Object.assign({}, this.storageManagerOptions[sectionName], overrideOptions);\n }\n \n // generic method to get any available storage provider\n getStorage(options: StorageOptions): SimpleStorage {\n options = Object.assign({}, this.cookieOptions, options); // set defaults\n\n if (options.storageProvider) {\n return options.storageProvider;\n }\n\n let { storageType, storageTypes } = options;\n\n if(storageType === 'sessionStorage') {\n options.sessionCookie = true;\n }\n\n // Maintain compatibility. Automatically fallback. May change in next major version. OKTA-362589\n if (storageType && storageTypes) {\n const idx = storageTypes.indexOf(storageType);\n if (idx >= 0) {\n storageTypes = storageTypes.slice(idx);\n storageType = null;\n }\n }\n\n if (!storageType) {\n storageType = this.storageUtil.findStorageType(storageTypes);\n }\n return this.storageUtil.getStorageByType(storageType, options);\n }\n\n // stateToken, interactionHandle\n getTransactionStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getSharedTansactionStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('shared-transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || SHARED_TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getOriginalUriStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('original-uri', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || ORIGINAL_URI_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // intermediate idxResponse\n // store for network traffic optimazation purpose\n // TODO: revisit in auth-js 6.0 epic JIRA: OKTA-399791\n getIdxResponseStorage(options?: StorageOptions): IdxResponseStorage {\n let storage;\n if (isBrowser()) {\n // on browser side only use memory storage \n try {\n storage = this.storageUtil.getStorageByType('memory', options);\n } catch (e) {\n // it's ok to miss response storage\n // eslint-disable-next-line max-len\n warn('No response storage found, you may want to provide custom implementation for intermediate idx responses to optimize the network traffic');\n }\n } else {\n // on server side re-use transaction custom storage\n const transactionStorage = this.getTransactionStorage(options);\n if (transactionStorage) {\n storage = {\n getItem: (key) => {\n const transaction = transactionStorage.getStorage();\n if (transaction && transaction[key]) {\n return transaction[key];\n }\n return null;\n },\n setItem: (key, val) => {\n const transaction = transactionStorage.getStorage();\n if (!transaction) {\n throw new AuthSdkError('Transaction has been cleared, failed to save idxState');\n }\n transaction[key] = val;\n transactionStorage.setStorage(transaction);\n },\n removeItem: (key) => {\n const transaction = transactionStorage.getStorage();\n if (!transaction) {\n return;\n }\n delete transaction[key];\n transactionStorage.setStorage(transaction);\n }\n };\n }\n }\n\n if (!storage) {\n return null;\n }\n\n return new SavedObject(storage, IDX_RESPONSE_STORAGE_NAME);\n }\n\n // access_token, id_token, refresh_token\n getTokenStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('token', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TOKEN_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // caches well-known response, among others\n getHttpCache(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('cache', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || CACHE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // Will be removed in an upcoming major version. OKTA-362589\n getLegacyPKCEStorage(options?: StorageOptions): PKCEStorage {\n options = this.getOptionsForSection('legacy-pkce', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || PKCE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getLegacyOAuthParamsStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('legacy-oauth-params', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || REDIRECT_OAUTH_PARAMS_NAME;\n return new SavedObject(storage, storageKey);\n }\n}\n"],"file":"StorageManager.js"}
package/cjs/TokenManager.js CHANGED
@@ -35,6 +35,7 @@ var _TokenService = require("./services/TokenService");
35
35
  const DEFAULT_OPTIONS = {
36
36
  autoRenew: true,
37
37
  autoRemove: true,
38
+ clearPendingRemoveTokens: true,
38
39
  storage: undefined,
39
40
  // will use value from storageManager config
40
41
  expireEarlySeconds: 30,
@@ -104,6 +105,10 @@ class TokenManager {
104
105
  this.stop();
105
106
  }
106
107
 
108
+ if (this.options.clearPendingRemoveTokens) {
109
+ this.clearPendingRemoveTokens();
110
+ }
111
+
107
112
  this.service = new _TokenService.TokenService(this, this.getOptions());
108
113
  this.service.start();
109
114
  }
@@ -416,10 +421,10 @@ class TokenManager {
416
421
  if ((0, _util2.isRefreshTokenError)(err) || err.name === 'OAuthError' || err.name === 'AuthSdkError') {
417
422
  // remove token from storage
418
423
  this.remove(key);
419
- err.tokenKey = key;
420
- this.emitError(err);
421
424
  }
422
425
 
426
+ err.tokenKey = key;
427
+ this.emitError(err);
423
428
  throw err;
424
429
  }).finally(() => {
425
430
  // Remove existing promise key
@@ -433,6 +438,15 @@ class TokenManager {
433
438
  this.storage.clearStorage();
434
439
  }
435
440
 
441
+ clearPendingRemoveTokens() {
442
+ const tokens = this.getTokensSync();
443
+ Object.keys(tokens).forEach(key => {
444
+ if (tokens[key].pendingRemove) {
445
+ this.remove(key);
446
+ }
447
+ });
448
+ }
449
+
436
450
  getTokensFromStorageValue(value) {
437
451
  let tokens;
438
452
 
@@ -455,6 +469,14 @@ class TokenManager {
455
469
  this.storage.setStorage(tokenStorage);
456
470
  }
457
471
 
472
+ addPendingRemoveFlags() {
473
+ const tokens = this.getTokensSync();
474
+ Object.keys(tokens).forEach(key => {
475
+ tokens[key].pendingRemove = true;
476
+ });
477
+ this.setTokens(tokens);
478
+ }
479
+
458
480
  }
459
481
 
460
482
  exports.TokenManager = TokenManager;
package/cjs/TokenManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/TokenManager.ts"],"names":["DEFAULT_OPTIONS","autoRenew","autoRemove","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","syncStorage","_storageEventDelay","EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","defaultState","expireTimeouts","renewPromise","TokenManager","constructor","sdk","options","emitter","AuthSdkError","Object","assign","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","clock","SdkClock","create","state","on","bind","off","start","service","stop","TokenService","getOptions","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","emitRenewed","freshToken","oldToken","emitAdded","emitRemoved","emitError","error","emitEventsForCrossTabsStorageUpdate","newValue","oldValue","oldTokens","getTokensFromStorageValue","newTokens","keys","forEach","newToken","JSON","stringify","clearExpireEventTimeout","clearTimeout","clearExpireEventTimeoutAll","prototype","hasOwnProperty","call","setExpireEventTimeout","expireEventWait","Math","max","expireEventTimeout","setTimeout","setExpireEventTimeoutAll","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","setStorage","getSync","get","getTokensSync","tokens","accessToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","filter","getTokenType","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","reduce","existingToken","remove","removedToken","renewToken","renew","validateToken","e","Promise","reject","renewTokens","then","tokenType","catch","err","name","tokenKey","finally","clear","clearStorage","value","parse","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY"],"mappings":";;;;;;AAYA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAmBA;;AArCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA4BA,MAAMA,eAAe,GAAG;AACtBC,EAAAA,SAAS,EAAE,IADW;AAEtBC,EAAAA,UAAU,EAAE,IAFU;AAGtBC,EAAAA,OAAO,EAAEC,SAHa;AAGF;AACpBC,EAAAA,kBAAkB,EAAE,EAJE;AAKtBC,EAAAA,UAAU,EAAEC,6BALU;AAMtBC,EAAAA,WAAW,EAAE,IANS;AAOtBC,EAAAA,kBAAkB,EAAE;AAPE,CAAxB;AASO,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;;AAMP,SAASC,YAAT,GAA2C;AACzC,SAAO;AACLC,IAAAA,cAAc,EAAE,EADX;AAELC,IAAAA,YAAY,EAAE;AAFT,GAAP;AAID;;AACM,MAAMC,YAAN,CAAoD;AAYzDC,EAAAA,WAAW,CAACC,GAAD,EAAgBC,OAA4B,GAAG,EAA/C,EAAmD;AAC5D,SAAKD,GAAL,GAAWA,GAAX;AACA,SAAKE,OAAL,GAAgBF,GAAD,CAAaE,OAA5B;;AACA,QAAI,CAAC,KAAKA,OAAV,EAAmB;AACjB,YAAM,IAAIC,oBAAJ,CAAiB,mDAAjB,CAAN;AACD;;AAEDF,IAAAA,OAAO,GAAGG,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBzB,eAAlB,EAAmC,sBAAWqB,OAAX,CAAnC,CAAV;;AACA,QAAI,6BAAJ,EAAoB;AAClBA,MAAAA,OAAO,CAACZ,kBAAR,GAA6BY,OAAO,CAACZ,kBAAR,IAA8B,IAA3D;AACD;;AACD,QAAI,CAAC,4BAAL,EAAoB;AAClBY,MAAAA,OAAO,CAAChB,kBAAR,GAA6BL,eAAe,CAACK,kBAA7C;AACD;;AACD,SAAKgB,OAAL,GAAeA,OAAf;AAEA,UAAMK,cAA8B,GAAG,sBAAW;AAChDpB,MAAAA,UAAU,EAAEe,OAAO,CAACf,UAD4B;AAEhDqB,MAAAA,MAAM,EAAEN,OAAO,CAACM;AAFgC,KAAX,CAAvC;;AAIA,QAAI,OAAON,OAAO,CAAClB,OAAf,KAA2B,QAA/B,EAAyC;AACvC;AACAuB,MAAAA,cAAc,CAACE,eAAf,GAAiCP,OAAO,CAAClB,OAAzC;AACD,KAHD,MAGO,IAAIkB,OAAO,CAAClB,OAAZ,EAAqB;AAC1BuB,MAAAA,cAAc,CAACG,WAAf,GAA6BR,OAAO,CAAClB,OAArC;AACD;;AAED,SAAKA,OAAL,GAAeiB,GAAG,CAACU,cAAJ,CAAmBC,eAAnB,CAAmCL,cAAnC,CAAf;AACA,SAAKM,KAAL,GAAaC,eAASC,MAAT,EAAb;AACA,SAAKC,KAAL,GAAapB,YAAY,EAAzB;AAEA,SAAKqB,EAAL,GAAU,KAAKd,OAAL,CAAac,EAAb,CAAgBC,IAAhB,CAAqB,KAAKf,OAA1B,CAAV;AACA,SAAKgB,GAAL,GAAW,KAAKhB,OAAL,CAAagB,GAAb,CAAiBD,IAAjB,CAAsB,KAAKf,OAA3B,CAAX;AACD;;AAEDiB,EAAAA,KAAK,GAAG;AACN,QAAI,KAAKC,OAAT,EAAkB;AAChB,WAAKC,IAAL;AACD;;AACD,SAAKD,OAAL,GAAe,IAAIE,0BAAJ,CAAiB,IAAjB,EAAuB,KAAKC,UAAL,EAAvB,CAAf;AACA,SAAKH,OAAL,CAAaD,KAAb;AACD;;AAEDE,EAAAA,IAAI,GAAG;AACL,QAAI,KAAKD,OAAT,EAAkB;AAChB,WAAKA,OAAL,CAAaC,IAAb;AACA,WAAKD,OAAL,GAAe,IAAf;AACD;AACF;;AAEDG,EAAAA,UAAU,GAAwB;AAChC,WAAO,iBAAM,KAAKtB,OAAX,CAAP;AACD;;AAEDuB,EAAAA,aAAa,CAACC,KAAD,EAAQ;AACnB,QAAIC,UAAU,GAAGD,KAAK,CAACE,SAAN,GAAkB,KAAK1B,OAAL,CAAahB,kBAAhD;AACA,WAAOyC,UAAP;AACD;;AAEDE,EAAAA,UAAU,CAACH,KAAD,EAAQ;AAChB,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,WAAOC,UAAU,IAAI,KAAKd,KAAL,CAAWiB,GAAX,EAArB;AACD;;AAEDC,EAAAA,WAAW,CAACC,GAAD,EAAMN,KAAN,EAAa;AACtB,SAAKvB,OAAL,CAAa8B,IAAb,CAAkB1C,aAAlB,EAAiCyC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDQ,EAAAA,WAAW,CAACF,GAAD,EAAMG,UAAN,EAAkBC,QAAlB,EAA4B;AACrC,SAAKjC,OAAL,CAAa8B,IAAb,CAAkBzC,aAAlB,EAAiCwC,GAAjC,EAAsCG,UAAtC,EAAkDC,QAAlD;AACD;;AAEDC,EAAAA,SAAS,CAACL,GAAD,EAAMN,KAAN,EAAa;AACpB,SAAKvB,OAAL,CAAa8B,IAAb,CAAkBxC,WAAlB,EAA+BuC,GAA/B,EAAoCN,KAApC;AACD;;AAEDY,EAAAA,WAAW,CAACN,GAAD,EAAMN,KAAN,EAAc;AACvB,SAAKvB,OAAL,CAAa8B,IAAb,CAAkBvC,aAAlB,EAAiCsC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDa,EAAAA,SAAS,CAACC,KAAD,EAAQ;AACf,SAAKrC,OAAL,CAAa8B,IAAb,CAAkBtC,WAAlB,EAA+B6C,KAA/B;AACD;;AAEDC,EAAAA,mCAAmC,CAACC,QAAD,EAAWC,QAAX,EAAqB;AACtD,UAAMC,SAAS,GAAG,KAAKC,yBAAL,CAA+BF,QAA/B,CAAlB;AACA,UAAMG,SAAS,GAAG,KAAKD,yBAAL,CAA+BH,QAA/B,CAAlB;AACArC,IAAAA,MAAM,CAAC0C,IAAP,CAAYD,SAAZ,EAAuBE,OAAvB,CAA+BhB,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMiB,QAAQ,GAAGH,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAIkB,IAAI,CAACC,SAAL,CAAef,QAAf,MAA6Bc,IAAI,CAACC,SAAL,CAAeF,QAAf,CAAjC,EAA2D;AACzD,aAAKZ,SAAL,CAAeL,GAAf,EAAoBiB,QAApB;AACD;AACF,KAND;AAOA5C,IAAAA,MAAM,CAAC0C,IAAP,CAAYH,SAAZ,EAAuBI,OAAvB,CAA+BhB,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMiB,QAAQ,GAAGH,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,CAACiB,QAAL,EAAe;AACb,aAAKX,WAAL,CAAiBN,GAAjB,EAAsBI,QAAtB;AACD;AACF,KAND;AAOD;;AAEDgB,EAAAA,uBAAuB,CAACpB,GAAD,EAAM;AAC3BqB,IAAAA,YAAY,CAAC,KAAKrC,KAAL,CAAWnB,cAAX,CAA0BmC,GAA1B,CAAD,CAAZ;AACA,WAAO,KAAKhB,KAAL,CAAWnB,cAAX,CAA0BmC,GAA1B,CAAP,CAF2B,CAI3B;;AACA,SAAKhB,KAAL,CAAWlB,YAAX,GAA0B,IAA1B;AACD;;AAEDwD,EAAAA,0BAA0B,GAAG;AAC3B,QAAIzD,cAAc,GAAG,KAAKmB,KAAL,CAAWnB,cAAhC;;AACA,SAAK,IAAImC,GAAT,IAAgBnC,cAAhB,EAAgC;AAC9B,UAAI,CAACQ,MAAM,CAACkD,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqC5D,cAArC,EAAqDmC,GAArD,CAAL,EAAgE;AAC9D;AACD;;AACD,WAAKoB,uBAAL,CAA6BpB,GAA7B;AACD;AACF;;AAED0B,EAAAA,qBAAqB,CAAC1B,GAAD,EAAMN,KAAN,EAAa;AAChC,QAAI,2BAAeA,KAAf,CAAJ,EAA2B;AACzB;AACD;;AAED,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,QAAIiC,eAAe,GAAGC,IAAI,CAACC,GAAL,CAASlC,UAAU,GAAG,KAAKd,KAAL,CAAWiB,GAAX,EAAtB,EAAwC,CAAxC,IAA6C,IAAnE,CANgC,CAQhC;;AACA,SAAKsB,uBAAL,CAA6BpB,GAA7B;AAEA,QAAI8B,kBAAkB,GAAGC,UAAU,CAAC,MAAM;AACxC,WAAKhC,WAAL,CAAiBC,GAAjB,EAAsBN,KAAtB;AACD,KAFkC,EAEhCiC,eAFgC,CAAnC,CAXgC,CAehC;;AACA,SAAK3C,KAAL,CAAWnB,cAAX,CAA0BmC,GAA1B,IAAiC8B,kBAAjC;AACD;;AAEDE,EAAAA,wBAAwB,GAAG;AACzB,QAAIC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;;AACA,SAAI,IAAIlC,GAAR,IAAeiC,YAAf,EAA6B;AAC3B,UAAI,CAAC5D,MAAM,CAACkD,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCQ,YAArC,EAAmDjC,GAAnD,CAAL,EAA8D;AAC5D;AACD;;AACD,UAAIN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAAxB;AACA,WAAK0B,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACD;AACF,GAjKwD,CAmKzD;;;AACAyC,EAAAA,0BAA0B,GAAG;AAC3B,SAAKb,0BAAL;AACA,SAAKU,wBAAL;AACD;;AAEDI,EAAAA,GAAG,CAACpC,GAAD,EAAMN,KAAN,EAAoB;AACrB,QAAIuC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,8BAAcxC,KAAd;AACAuC,IAAAA,YAAY,CAACjC,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAK1C,OAAL,CAAaqF,UAAb,CAAwBJ,YAAxB;AACA,SAAK5B,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,SAAKgC,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACD;;AAED4C,EAAAA,OAAO,CAACtC,GAAD,EAAM;AACX,QAAIiC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,WAAOD,YAAY,CAACjC,GAAD,CAAnB;AACD;;AAEQ,QAAHuC,GAAG,CAACvC,GAAD,EAAM;AACb,WAAO,KAAKsC,OAAL,CAAatC,GAAb,CAAP;AACD;;AAEDwC,EAAAA,aAAa,GAAW;AACtB,UAAMC,MAAM,GAAG,EAAf;AACA,UAAMR,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAArB;AACA7D,IAAAA,MAAM,CAAC0C,IAAP,CAAYkB,YAAZ,EAA0BjB,OAA1B,CAAkChB,GAAG,IAAI;AACvC,YAAMN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAA1B;;AACA,UAAI,0BAAcN,KAAd,CAAJ,EAA0B;AACxB+C,QAAAA,MAAM,CAACC,WAAP,GAAqBhD,KAArB;AACD,OAFD,MAEO,IAAI,sBAAUA,KAAV,CAAJ,EAAsB;AAC3B+C,QAAAA,MAAM,CAACE,OAAP,GAAiBjD,KAAjB;AACD,OAFM,MAEA,IAAI,2BAAeA,KAAf,CAAJ,EAA2B;AAChC+C,QAAAA,MAAM,CAACG,YAAP,GAAsBlD,KAAtB;AACD;AACF,KATD;AAUA,WAAO+C,MAAP;AACD;;AAEc,QAATI,SAAS,GAAoB;AACjC,WAAO,KAAKL,aAAL,EAAP;AACD;;AAEDM,EAAAA,mBAAmB,CAACC,IAAD,EAA0B;AAC3C,UAAMd,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAArB;AACA,UAAMlC,GAAG,GAAG3B,MAAM,CAAC0C,IAAP,CAAYkB,YAAZ,EAA0Be,MAA1B,CAAiChD,GAAG,IAAI;AAClD,YAAMN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAA1B;AACA,aAAQ,0BAAcN,KAAd,KAAwBqD,IAAI,KAAK,aAAlC,IACD,sBAAUrD,KAAV,KAAoBqD,IAAI,KAAK,SAD5B,IAED,2BAAerD,KAAf,KAAyBqD,IAAI,KAAK,cAFxC;AAGD,KALW,EAKT,CALS,CAAZ;AAMA,WAAO/C,GAAP;AACD;;AAEOiD,EAAAA,YAAY,CAACvD,KAAD,EAA0B;AAC5C,QAAI,0BAAcA,KAAd,CAAJ,EAA0B;AACxB,aAAO,aAAP;AACD;;AACD,QAAI,sBAAUA,KAAV,CAAJ,EAAsB;AACpB,aAAO,SAAP;AACD;;AACD,QAAG,2BAAeA,KAAf,CAAH,EAA0B;AACxB,aAAO,cAAP;AACD;;AACD,UAAM,IAAItB,oBAAJ,CAAiB,oBAAjB,CAAN;AACD;;AAED8E,EAAAA,SAAS,CACPT,MADO,EAEP;AACAU,EAAAA,aAHO,EAIPC,SAJO,EAKPC,cALO,EAMD;AACN,UAAMC,mBAAmB,GAAG,CAACtD,GAAD,EAAMN,KAAN,KAAgB;AAC1C,YAAMqD,IAAI,GAAG,KAAKE,YAAL,CAAkBvD,KAAlB,CAAb;;AACA,UAAIqD,IAAI,KAAK,aAAb,EAA4B;AAC1BI,QAAAA,aAAa,IAAIA,aAAa,CAACnD,GAAD,EAAMN,KAAN,CAA9B;AACD,OAFD,MAEO,IAAIqD,IAAI,KAAK,SAAb,EAAwB;AAC7BK,QAAAA,SAAS,IAAIA,SAAS,CAACpD,GAAD,EAAMN,KAAN,CAAtB;AACD,OAFM,MAEA,IAAIqD,IAAI,KAAK,cAAb,EAA6B;AAClCM,QAAAA,cAAc,IAAIA,cAAc,CAACrD,GAAD,EAAMN,KAAN,CAAhC;AACD;AACF,KATD;;AAUA,UAAM6D,WAAW,GAAG,CAACvD,GAAD,EAAMN,KAAN,KAAgB;AAClC,WAAKW,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,WAAKgC,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAKA,UAAM8D,aAAa,GAAG,CAACxD,GAAD,EAAMN,KAAN,EAAaU,QAAb,KAA0B;AAC9C,WAAKF,WAAL,CAAiBF,GAAjB,EAAsBN,KAAtB,EAA6BU,QAA7B;AACA,WAAKgB,uBAAL,CAA6BpB,GAA7B;AACA,WAAK0B,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KALD;;AAMA,UAAM+D,aAAa,GAAG,CAACzD,GAAD,EAAMN,KAAN,KAAgB;AACpC,WAAK0B,uBAAL,CAA6BpB,GAA7B;AACA,WAAKM,WAAL,CAAiBN,GAAjB,EAAsBN,KAAtB;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAMA,UAAMgE,KAAkB,GAAG,CAAC,SAAD,EAAY,aAAZ,EAA2B,cAA3B,CAA3B;AACA,UAAMC,cAAc,GAAG,KAAKnB,aAAL,EAAvB,CA7BM,CA+BN;;AACAkB,IAAAA,KAAK,CAAC1C,OAAN,CAAe+B,IAAD,IAAU;AACtB,YAAMrD,KAAK,GAAG+C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIrD,KAAJ,EAAW;AACT,kCAAcA,KAAd,EAAqBqD,IAArB;AACD;AACF,KALD,EAhCM,CAuCN;;AACA,UAAM/F,OAAO,GAAG0G,KAAK,CAACE,MAAN,CAAa,CAAC5G,OAAD,EAAU+F,IAAV,KAAmB;AAC9C,YAAMrD,KAAK,GAAG+C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIrD,KAAJ,EAAW;AACT,cAAMvC,UAAU,GAAG,KAAK2F,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;AACA/F,QAAAA,OAAO,CAACG,UAAD,CAAP,GAAsBuC,KAAtB;AACD;;AACD,aAAO1C,OAAP;AACD,KAPe,EAOb,EAPa,CAAhB;AAQA,SAAKA,OAAL,CAAaqF,UAAb,CAAwBrF,OAAxB,EAhDM,CAkDN;;AACA0G,IAAAA,KAAK,CAAC1C,OAAN,CAAc+B,IAAI,IAAI;AACpB,YAAM9B,QAAQ,GAAGwB,MAAM,CAACM,IAAD,CAAvB;AACA,YAAMc,aAAa,GAAGF,cAAc,CAACZ,IAAD,CAApC;AACA,YAAM5F,UAAU,GAAG,KAAK2F,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;;AACA,UAAI9B,QAAQ,IAAI4C,aAAhB,EAA+B;AAAE;AAC/B;AACAJ,QAAAA,aAAa,CAACtG,UAAD,EAAa0G,aAAb,CAAb;AACAN,QAAAA,WAAW,CAACpG,UAAD,EAAa8D,QAAb,CAAX;AACAuC,QAAAA,aAAa,CAACrG,UAAD,EAAa8D,QAAb,EAAuB4C,aAAvB,CAAb;AACD,OALD,MAKO,IAAI5C,QAAJ,EAAc;AAAE;AACrBsC,QAAAA,WAAW,CAACpG,UAAD,EAAa8D,QAAb,CAAX;AACD,OAFM,MAEA,IAAI4C,aAAJ,EAAmB;AAAE;AAC1BJ,QAAAA,aAAa,CAACtG,UAAD,EAAa0G,aAAb,CAAb;AACD;AACF,KAdD;AAeD;;AAEDC,EAAAA,MAAM,CAAC9D,GAAD,EAAM;AACV;AACA,SAAKoB,uBAAL,CAA6BpB,GAA7B;AAEA,QAAIiC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,QAAI6B,YAAY,GAAG9B,YAAY,CAACjC,GAAD,CAA/B;AACA,WAAOiC,YAAY,CAACjC,GAAD,CAAnB;AACA,SAAKhD,OAAL,CAAaqF,UAAb,CAAwBJ,YAAxB;AAEA,SAAK3B,WAAL,CAAiBN,GAAjB,EAAsB+D,YAAtB;AACD,GA3TwD,CA6TzD;;;AACgB,QAAVC,UAAU,CAACtE,KAAD,EAAQ;AACtB,WAAO,KAAKzB,GAAL,CAASyB,KAAT,CAAeuE,KAAf,CAAqBvE,KAArB,CAAP;AACD,GAhUwD,CAiUzD;;;AACAwE,EAAAA,aAAa,CAACxE,KAAD,EAAe;AAC1B,WAAO,0BAAcA,KAAd,CAAP;AACD,GApUwD,CAsUzD;;;AACAuE,EAAAA,KAAK,CAACjE,GAAD,EAAsB;AACzB;AACA,QAAI,KAAKhB,KAAL,CAAWlB,YAAf,EAA6B;AAC3B,aAAO,KAAKkB,KAAL,CAAWlB,YAAlB;AACD;;AAED,QAAI;AACF,UAAI4B,KAAK,GAAG,KAAK4C,OAAL,CAAatC,GAAb,CAAZ;;AACA,UAAI,CAACN,KAAL,EAAY;AACV,cAAM,IAAItB,oBAAJ,CAAiB,gDAAgD4B,GAAjE,CAAN;AACD;AACF,KALD,CAKE,OAAOmE,CAAP,EAAU;AACV,aAAOC,OAAO,CAACC,MAAR,CAAeF,CAAf,CAAP;AACD,KAbwB,CAezB;;;AACA,SAAK/C,uBAAL,CAA6BpB,GAA7B,EAhByB,CAkBzB;AACA;;AACA,SAAKhB,KAAL,CAAWlB,YAAX,GAA0B,KAAKG,GAAL,CAASyB,KAAT,CAAe4E,WAAf,GACvBC,IADuB,CAClB9B,MAAM,IAAI;AACd,WAAKS,SAAL,CAAeT,MAAf,EADc,CAGd;;AACA,YAAM+B,SAAS,GAAG,KAAKvB,YAAL,CAAkBvD,KAAlB,CAAlB;AACA,aAAO+C,MAAM,CAAC+B,SAAD,CAAb;AACD,KAPuB,EAQvBC,KARuB,CAQjBC,GAAG,IAAI;AACZ;AACA,UAAI,gCAAoBA,GAApB,KAA4BA,GAAG,CAACC,IAAJ,KAAa,YAAzC,IAAyDD,GAAG,CAACC,IAAJ,KAAa,cAA1E,EAA0F;AACxF;AACA,aAAKb,MAAL,CAAY9D,GAAZ;AAEA0E,QAAAA,GAAG,CAACE,QAAJ,GAAe5E,GAAf;AACA,aAAKO,SAAL,CAAemE,GAAf;AACD;;AACD,YAAMA,GAAN;AACD,KAlBuB,EAmBvBG,OAnBuB,CAmBf,MAAM;AACb;AACA,WAAK7F,KAAL,CAAWlB,YAAX,GAA0B,IAA1B;AACD,KAtBuB,CAA1B;AAwBA,WAAO,KAAKkB,KAAL,CAAWlB,YAAlB;AACD;;AAEDgH,EAAAA,KAAK,GAAG;AACN,SAAKxD,0BAAL;AACA,SAAKtE,OAAL,CAAa+H,YAAb;AACD;;AAEDlE,EAAAA,yBAAyB,CAACmE,KAAD,EAAQ;AAC/B,QAAIvC,MAAJ;;AACA,QAAI;AACFA,MAAAA,MAAM,GAAGvB,IAAI,CAAC+D,KAAL,CAAWD,KAAX,KAAqB,EAA9B;AACD,KAFD,CAEE,OAAOb,CAAP,EAAU;AACV1B,MAAAA,MAAM,GAAG,EAAT;AACD;;AACD,WAAOA,MAAP;AACD;;AAEDyC,EAAAA,kBAAkB,CAACxF,KAAD,EAAsB;AACtC,UAAMM,GAAG,GAAG,KAAK8C,mBAAL,CAAyB,cAAzB,KAA4CqC,oCAAxD,CADsC,CAGtC;;;AACA,QAAIlD,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,8BAAcxC,KAAd;AACAuC,IAAAA,YAAY,CAACjC,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAK1C,OAAL,CAAaqF,UAAb,CAAwBJ,YAAxB;AACD;;AA7YwD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from './util';\nimport { AuthSdkError } from './errors';\nimport { isRefreshTokenError, validateToken } from './oidc/util';\nimport { isLocalhost, isIE11OrLess } from './features';\nimport { TOKEN_STORAGE_NAME } from './constants';\nimport SdkClock from './clock';\nimport {\n EventEmitter,\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n StorageOptions,\n StorageType,\n OktaAuth,\n StorageProvider,\n TokenManagerErrorEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY } from './constants';\nimport { TokenService } from './services/TokenService';\n\nconst DEFAULT_OPTIONS = {\n autoRenew: true,\n autoRemove: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME,\n syncStorage: true,\n _storageEventDelay: 0\n};\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token>;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuth;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n private service: TokenService;\n\n on: (event: string, handler: TokenManagerErrorEventHandler | TokenManagerEventHandler, context?: object) => void;\n off: (event: string, handler?: TokenManagerErrorEventHandler | TokenManagerEventHandler) => void;\n\n constructor(sdk: OktaAuth, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n\n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (isIE11OrLess()) {\n options._storageEventDelay = options._storageEventDelay || 1000;\n }\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage(storageOptions);\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n\n this.on = this.emitter.on.bind(this.emitter);\n this.off = this.emitter.off.bind(this.emitter);\n }\n\n start() {\n if (this.service) {\n this.stop();\n }\n this.service = new TokenService(this, this.getOptions());\n this.service.start();\n }\n \n stop() {\n if (this.service) {\n this.service.stop();\n this.service = null;\n }\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n var expireTime = token.expiresAt - this.options.expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n emitEventsForCrossTabsStorageUpdate(newValue, oldValue) {\n const oldTokens = this.getTokensFromStorageValue(oldValue);\n const newTokens = this.getTokensFromStorageValue(newValue);\n Object.keys(newTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (JSON.stringify(oldToken) !== JSON.stringify(newToken)) {\n this.emitAdded(key, newToken);\n }\n });\n Object.keys(oldTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (!newToken) {\n this.emitRemoved(key, oldToken);\n }\n });\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key) {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key) {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: Function, \n idTokenCb?: Function,\n refreshTokenCb?: Function\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n \n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n \n try {\n var token = this.getSync(key);\n if (!token) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n } catch (e) {\n return Promise.reject(e);\n }\n \n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token and emit error\n if (isRefreshTokenError(err) || err.name === 'OAuthError' || err.name === 'AuthSdkError') {\n // remove token from storage\n this.remove(key);\n \n err.tokenKey = key;\n this.emitError(err);\n }\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return this.state.renewPromise;\n }\n \n clear() {\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n }\n \n getTokensFromStorageValue(value) {\n let tokens;\n try {\n tokens = JSON.parse(value) || {};\n } catch (e) {\n tokens = {};\n }\n return tokens;\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n }\n \n}\n"],"file":"TokenManager.js"}
1
+ {"version":3,"sources":["../../lib/TokenManager.ts"],"names":["DEFAULT_OPTIONS","autoRenew","autoRemove","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","syncStorage","_storageEventDelay","EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","defaultState","expireTimeouts","renewPromise","TokenManager","constructor","sdk","options","emitter","AuthSdkError","Object","assign","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","clock","SdkClock","create","state","on","bind","off","start","service","stop","TokenService","getOptions","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","emitRenewed","freshToken","oldToken","emitAdded","emitRemoved","emitError","error","emitEventsForCrossTabsStorageUpdate","newValue","oldValue","oldTokens","getTokensFromStorageValue","newTokens","keys","forEach","newToken","JSON","stringify","clearExpireEventTimeout","clearTimeout","clearExpireEventTimeoutAll","prototype","hasOwnProperty","call","setExpireEventTimeout","expireEventWait","Math","max","expireEventTimeout","setTimeout","setExpireEventTimeoutAll","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","setStorage","getSync","get","getTokensSync","tokens","accessToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","filter","getTokenType","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","reduce","existingToken","remove","removedToken","renewToken","renew","validateToken","e","Promise","reject","renewTokens","then","tokenType","catch","err","name","tokenKey","finally","clear","clearStorage","pendingRemove","value","parse","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","addPendingRemoveFlags"],"mappings":";;;;;;AAYA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAmBA;;AArCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA4BA,MAAMA,eAAe,GAAG;AACtBC,EAAAA,SAAS,EAAE,IADW;AAEtBC,EAAAA,UAAU,EAAE,IAFU;AAGtBC,EAAAA,wBAAwB,EAAE,IAHJ;AAItBC,EAAAA,OAAO,EAAEC,SAJa;AAIF;AACpBC,EAAAA,kBAAkB,EAAE,EALE;AAMtBC,EAAAA,UAAU,EAAEC,6BANU;AAOtBC,EAAAA,WAAW,EAAE,IAPS;AAQtBC,EAAAA,kBAAkB,EAAE;AARE,CAAxB;AAUO,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;;AAMP,SAASC,YAAT,GAA2C;AACzC,SAAO;AACLC,IAAAA,cAAc,EAAE,EADX;AAELC,IAAAA,YAAY,EAAE;AAFT,GAAP;AAID;;AACM,MAAMC,YAAN,CAAoD;AAYzDC,EAAAA,WAAW,CAACC,GAAD,EAAgBC,OAA4B,GAAG,EAA/C,EAAmD;AAC5D,SAAKD,GAAL,GAAWA,GAAX;AACA,SAAKE,OAAL,GAAgBF,GAAD,CAAaE,OAA5B;;AACA,QAAI,CAAC,KAAKA,OAAV,EAAmB;AACjB,YAAM,IAAIC,oBAAJ,CAAiB,mDAAjB,CAAN;AACD;;AAEDF,IAAAA,OAAO,GAAGG,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB1B,eAAlB,EAAmC,sBAAWsB,OAAX,CAAnC,CAAV;;AACA,QAAI,6BAAJ,EAAoB;AAClBA,MAAAA,OAAO,CAACZ,kBAAR,GAA6BY,OAAO,CAACZ,kBAAR,IAA8B,IAA3D;AACD;;AACD,QAAI,CAAC,4BAAL,EAAoB;AAClBY,MAAAA,OAAO,CAAChB,kBAAR,GAA6BN,eAAe,CAACM,kBAA7C;AACD;;AACD,SAAKgB,OAAL,GAAeA,OAAf;AAEA,UAAMK,cAA8B,GAAG,sBAAW;AAChDpB,MAAAA,UAAU,EAAEe,OAAO,CAACf,UAD4B;AAEhDqB,MAAAA,MAAM,EAAEN,OAAO,CAACM;AAFgC,KAAX,CAAvC;;AAIA,QAAI,OAAON,OAAO,CAAClB,OAAf,KAA2B,QAA/B,EAAyC;AACvC;AACAuB,MAAAA,cAAc,CAACE,eAAf,GAAiCP,OAAO,CAAClB,OAAzC;AACD,KAHD,MAGO,IAAIkB,OAAO,CAAClB,OAAZ,EAAqB;AAC1BuB,MAAAA,cAAc,CAACG,WAAf,GAA6BR,OAAO,CAAClB,OAArC;AACD;;AAED,SAAKA,OAAL,GAAeiB,GAAG,CAACU,cAAJ,CAAmBC,eAAnB,CAAmCL,cAAnC,CAAf;AACA,SAAKM,KAAL,GAAaC,eAASC,MAAT,EAAb;AACA,SAAKC,KAAL,GAAapB,YAAY,EAAzB;AAEA,SAAKqB,EAAL,GAAU,KAAKd,OAAL,CAAac,EAAb,CAAgBC,IAAhB,CAAqB,KAAKf,OAA1B,CAAV;AACA,SAAKgB,GAAL,GAAW,KAAKhB,OAAL,CAAagB,GAAb,CAAiBD,IAAjB,CAAsB,KAAKf,OAA3B,CAAX;AACD;;AAEDiB,EAAAA,KAAK,GAAG;AACN,QAAI,KAAKC,OAAT,EAAkB;AAChB,WAAKC,IAAL;AACD;;AACD,QAAI,KAAKpB,OAAL,CAAanB,wBAAjB,EAA2C;AACzC,WAAKA,wBAAL;AACD;;AACD,SAAKsC,OAAL,GAAe,IAAIE,0BAAJ,CAAiB,IAAjB,EAAuB,KAAKC,UAAL,EAAvB,CAAf;AACA,SAAKH,OAAL,CAAaD,KAAb;AACD;;AAEDE,EAAAA,IAAI,GAAG;AACL,QAAI,KAAKD,OAAT,EAAkB;AAChB,WAAKA,OAAL,CAAaC,IAAb;AACA,WAAKD,OAAL,GAAe,IAAf;AACD;AACF;;AAEDG,EAAAA,UAAU,GAAwB;AAChC,WAAO,iBAAM,KAAKtB,OAAX,CAAP;AACD;;AAEDuB,EAAAA,aAAa,CAACC,KAAD,EAAQ;AACnB,QAAIC,UAAU,GAAGD,KAAK,CAACE,SAAN,GAAkB,KAAK1B,OAAL,CAAahB,kBAAhD;AACA,WAAOyC,UAAP;AACD;;AAEDE,EAAAA,UAAU,CAACH,KAAD,EAAQ;AAChB,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,WAAOC,UAAU,IAAI,KAAKd,KAAL,CAAWiB,GAAX,EAArB;AACD;;AAEDC,EAAAA,WAAW,CAACC,GAAD,EAAMN,KAAN,EAAa;AACtB,SAAKvB,OAAL,CAAa8B,IAAb,CAAkB1C,aAAlB,EAAiCyC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDQ,EAAAA,WAAW,CAACF,GAAD,EAAMG,UAAN,EAAkBC,QAAlB,EAA4B;AACrC,SAAKjC,OAAL,CAAa8B,IAAb,CAAkBzC,aAAlB,EAAiCwC,GAAjC,EAAsCG,UAAtC,EAAkDC,QAAlD;AACD;;AAEDC,EAAAA,SAAS,CAACL,GAAD,EAAMN,KAAN,EAAa;AACpB,SAAKvB,OAAL,CAAa8B,IAAb,CAAkBxC,WAAlB,EAA+BuC,GAA/B,EAAoCN,KAApC;AACD;;AAEDY,EAAAA,WAAW,CAACN,GAAD,EAAMN,KAAN,EAAc;AACvB,SAAKvB,OAAL,CAAa8B,IAAb,CAAkBvC,aAAlB,EAAiCsC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDa,EAAAA,SAAS,CAACC,KAAD,EAAQ;AACf,SAAKrC,OAAL,CAAa8B,IAAb,CAAkBtC,WAAlB,EAA+B6C,KAA/B;AACD;;AAEDC,EAAAA,mCAAmC,CAACC,QAAD,EAAWC,QAAX,EAAqB;AACtD,UAAMC,SAAS,GAAG,KAAKC,yBAAL,CAA+BF,QAA/B,CAAlB;AACA,UAAMG,SAAS,GAAG,KAAKD,yBAAL,CAA+BH,QAA/B,CAAlB;AACArC,IAAAA,MAAM,CAAC0C,IAAP,CAAYD,SAAZ,EAAuBE,OAAvB,CAA+BhB,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMiB,QAAQ,GAAGH,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAIkB,IAAI,CAACC,SAAL,CAAef,QAAf,MAA6Bc,IAAI,CAACC,SAAL,CAAeF,QAAf,CAAjC,EAA2D;AACzD,aAAKZ,SAAL,CAAeL,GAAf,EAAoBiB,QAApB;AACD;AACF,KAND;AAOA5C,IAAAA,MAAM,CAAC0C,IAAP,CAAYH,SAAZ,EAAuBI,OAAvB,CAA+BhB,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMiB,QAAQ,GAAGH,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,CAACiB,QAAL,EAAe;AACb,aAAKX,WAAL,CAAiBN,GAAjB,EAAsBI,QAAtB;AACD;AACF,KAND;AAOD;;AAEDgB,EAAAA,uBAAuB,CAACpB,GAAD,EAAM;AAC3BqB,IAAAA,YAAY,CAAC,KAAKrC,KAAL,CAAWnB,cAAX,CAA0BmC,GAA1B,CAAD,CAAZ;AACA,WAAO,KAAKhB,KAAL,CAAWnB,cAAX,CAA0BmC,GAA1B,CAAP,CAF2B,CAI3B;;AACA,SAAKhB,KAAL,CAAWlB,YAAX,GAA0B,IAA1B;AACD;;AAEDwD,EAAAA,0BAA0B,GAAG;AAC3B,QAAIzD,cAAc,GAAG,KAAKmB,KAAL,CAAWnB,cAAhC;;AACA,SAAK,IAAImC,GAAT,IAAgBnC,cAAhB,EAAgC;AAC9B,UAAI,CAACQ,MAAM,CAACkD,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqC5D,cAArC,EAAqDmC,GAArD,CAAL,EAAgE;AAC9D;AACD;;AACD,WAAKoB,uBAAL,CAA6BpB,GAA7B;AACD;AACF;;AAED0B,EAAAA,qBAAqB,CAAC1B,GAAD,EAAMN,KAAN,EAAa;AAChC,QAAI,2BAAeA,KAAf,CAAJ,EAA2B;AACzB;AACD;;AAED,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,QAAIiC,eAAe,GAAGC,IAAI,CAACC,GAAL,CAASlC,UAAU,GAAG,KAAKd,KAAL,CAAWiB,GAAX,EAAtB,EAAwC,CAAxC,IAA6C,IAAnE,CANgC,CAQhC;;AACA,SAAKsB,uBAAL,CAA6BpB,GAA7B;AAEA,QAAI8B,kBAAkB,GAAGC,UAAU,CAAC,MAAM;AACxC,WAAKhC,WAAL,CAAiBC,GAAjB,EAAsBN,KAAtB;AACD,KAFkC,EAEhCiC,eAFgC,CAAnC,CAXgC,CAehC;;AACA,SAAK3C,KAAL,CAAWnB,cAAX,CAA0BmC,GAA1B,IAAiC8B,kBAAjC;AACD;;AAEDE,EAAAA,wBAAwB,GAAG;AACzB,QAAIC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;;AACA,SAAI,IAAIlC,GAAR,IAAeiC,YAAf,EAA6B;AAC3B,UAAI,CAAC5D,MAAM,CAACkD,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCQ,YAArC,EAAmDjC,GAAnD,CAAL,EAA8D;AAC5D;AACD;;AACD,UAAIN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAAxB;AACA,WAAK0B,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACD;AACF,GApKwD,CAsKzD;;;AACAyC,EAAAA,0BAA0B,GAAG;AAC3B,SAAKb,0BAAL;AACA,SAAKU,wBAAL;AACD;;AAEDI,EAAAA,GAAG,CAACpC,GAAD,EAAMN,KAAN,EAAoB;AACrB,QAAIuC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,8BAAcxC,KAAd;AACAuC,IAAAA,YAAY,CAACjC,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAK1C,OAAL,CAAaqF,UAAb,CAAwBJ,YAAxB;AACA,SAAK5B,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,SAAKgC,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACD;;AAED4C,EAAAA,OAAO,CAACtC,GAAD,EAAM;AACX,QAAIiC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,WAAOD,YAAY,CAACjC,GAAD,CAAnB;AACD;;AAEQ,QAAHuC,GAAG,CAACvC,GAAD,EAAM;AACb,WAAO,KAAKsC,OAAL,CAAatC,GAAb,CAAP;AACD;;AAEDwC,EAAAA,aAAa,GAAW;AACtB,UAAMC,MAAM,GAAG,EAAf;AACA,UAAMR,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAArB;AACA7D,IAAAA,MAAM,CAAC0C,IAAP,CAAYkB,YAAZ,EAA0BjB,OAA1B,CAAkChB,GAAG,IAAI;AACvC,YAAMN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAA1B;;AACA,UAAI,0BAAcN,KAAd,CAAJ,EAA0B;AACxB+C,QAAAA,MAAM,CAACC,WAAP,GAAqBhD,KAArB;AACD,OAFD,MAEO,IAAI,sBAAUA,KAAV,CAAJ,EAAsB;AAC3B+C,QAAAA,MAAM,CAACE,OAAP,GAAiBjD,KAAjB;AACD,OAFM,MAEA,IAAI,2BAAeA,KAAf,CAAJ,EAA2B;AAChC+C,QAAAA,MAAM,CAACG,YAAP,GAAsBlD,KAAtB;AACD;AACF,KATD;AAUA,WAAO+C,MAAP;AACD;;AAEc,QAATI,SAAS,GAAoB;AACjC,WAAO,KAAKL,aAAL,EAAP;AACD;;AAEDM,EAAAA,mBAAmB,CAACC,IAAD,EAA0B;AAC3C,UAAMd,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAArB;AACA,UAAMlC,GAAG,GAAG3B,MAAM,CAAC0C,IAAP,CAAYkB,YAAZ,EAA0Be,MAA1B,CAAiChD,GAAG,IAAI;AAClD,YAAMN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAA1B;AACA,aAAQ,0BAAcN,KAAd,KAAwBqD,IAAI,KAAK,aAAlC,IACD,sBAAUrD,KAAV,KAAoBqD,IAAI,KAAK,SAD5B,IAED,2BAAerD,KAAf,KAAyBqD,IAAI,KAAK,cAFxC;AAGD,KALW,EAKT,CALS,CAAZ;AAMA,WAAO/C,GAAP;AACD;;AAEOiD,EAAAA,YAAY,CAACvD,KAAD,EAA0B;AAC5C,QAAI,0BAAcA,KAAd,CAAJ,EAA0B;AACxB,aAAO,aAAP;AACD;;AACD,QAAI,sBAAUA,KAAV,CAAJ,EAAsB;AACpB,aAAO,SAAP;AACD;;AACD,QAAG,2BAAeA,KAAf,CAAH,EAA0B;AACxB,aAAO,cAAP;AACD;;AACD,UAAM,IAAItB,oBAAJ,CAAiB,oBAAjB,CAAN;AACD;;AAED8E,EAAAA,SAAS,CACPT,MADO,EAEP;AACAU,EAAAA,aAHO,EAIPC,SAJO,EAKPC,cALO,EAMD;AACN,UAAMC,mBAAmB,GAAG,CAACtD,GAAD,EAAMN,KAAN,KAAgB;AAC1C,YAAMqD,IAAI,GAAG,KAAKE,YAAL,CAAkBvD,KAAlB,CAAb;;AACA,UAAIqD,IAAI,KAAK,aAAb,EAA4B;AAC1BI,QAAAA,aAAa,IAAIA,aAAa,CAACnD,GAAD,EAAMN,KAAN,CAA9B;AACD,OAFD,MAEO,IAAIqD,IAAI,KAAK,SAAb,EAAwB;AAC7BK,QAAAA,SAAS,IAAIA,SAAS,CAACpD,GAAD,EAAMN,KAAN,CAAtB;AACD,OAFM,MAEA,IAAIqD,IAAI,KAAK,cAAb,EAA6B;AAClCM,QAAAA,cAAc,IAAIA,cAAc,CAACrD,GAAD,EAAMN,KAAN,CAAhC;AACD;AACF,KATD;;AAUA,UAAM6D,WAAW,GAAG,CAACvD,GAAD,EAAMN,KAAN,KAAgB;AAClC,WAAKW,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,WAAKgC,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAKA,UAAM8D,aAAa,GAAG,CAACxD,GAAD,EAAMN,KAAN,EAAaU,QAAb,KAA0B;AAC9C,WAAKF,WAAL,CAAiBF,GAAjB,EAAsBN,KAAtB,EAA6BU,QAA7B;AACA,WAAKgB,uBAAL,CAA6BpB,GAA7B;AACA,WAAK0B,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KALD;;AAMA,UAAM+D,aAAa,GAAG,CAACzD,GAAD,EAAMN,KAAN,KAAgB;AACpC,WAAK0B,uBAAL,CAA6BpB,GAA7B;AACA,WAAKM,WAAL,CAAiBN,GAAjB,EAAsBN,KAAtB;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAMA,UAAMgE,KAAkB,GAAG,CAAC,SAAD,EAAY,aAAZ,EAA2B,cAA3B,CAA3B;AACA,UAAMC,cAAc,GAAG,KAAKnB,aAAL,EAAvB,CA7BM,CA+BN;;AACAkB,IAAAA,KAAK,CAAC1C,OAAN,CAAe+B,IAAD,IAAU;AACtB,YAAMrD,KAAK,GAAG+C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIrD,KAAJ,EAAW;AACT,kCAAcA,KAAd,EAAqBqD,IAArB;AACD;AACF,KALD,EAhCM,CAuCN;;AACA,UAAM/F,OAAO,GAAG0G,KAAK,CAACE,MAAN,CAAa,CAAC5G,OAAD,EAAU+F,IAAV,KAAmB;AAC9C,YAAMrD,KAAK,GAAG+C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIrD,KAAJ,EAAW;AACT,cAAMvC,UAAU,GAAG,KAAK2F,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;AACA/F,QAAAA,OAAO,CAACG,UAAD,CAAP,GAAsBuC,KAAtB;AACD;;AACD,aAAO1C,OAAP;AACD,KAPe,EAOb,EAPa,CAAhB;AAQA,SAAKA,OAAL,CAAaqF,UAAb,CAAwBrF,OAAxB,EAhDM,CAkDN;;AACA0G,IAAAA,KAAK,CAAC1C,OAAN,CAAc+B,IAAI,IAAI;AACpB,YAAM9B,QAAQ,GAAGwB,MAAM,CAACM,IAAD,CAAvB;AACA,YAAMc,aAAa,GAAGF,cAAc,CAACZ,IAAD,CAApC;AACA,YAAM5F,UAAU,GAAG,KAAK2F,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;;AACA,UAAI9B,QAAQ,IAAI4C,aAAhB,EAA+B;AAAE;AAC/B;AACAJ,QAAAA,aAAa,CAACtG,UAAD,EAAa0G,aAAb,CAAb;AACAN,QAAAA,WAAW,CAACpG,UAAD,EAAa8D,QAAb,CAAX;AACAuC,QAAAA,aAAa,CAACrG,UAAD,EAAa8D,QAAb,EAAuB4C,aAAvB,CAAb;AACD,OALD,MAKO,IAAI5C,QAAJ,EAAc;AAAE;AACrBsC,QAAAA,WAAW,CAACpG,UAAD,EAAa8D,QAAb,CAAX;AACD,OAFM,MAEA,IAAI4C,aAAJ,EAAmB;AAAE;AAC1BJ,QAAAA,aAAa,CAACtG,UAAD,EAAa0G,aAAb,CAAb;AACD;AACF,KAdD;AAeD;;AAEDC,EAAAA,MAAM,CAAC9D,GAAD,EAAM;AACV;AACA,SAAKoB,uBAAL,CAA6BpB,GAA7B;AAEA,QAAIiC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,QAAI6B,YAAY,GAAG9B,YAAY,CAACjC,GAAD,CAA/B;AACA,WAAOiC,YAAY,CAACjC,GAAD,CAAnB;AACA,SAAKhD,OAAL,CAAaqF,UAAb,CAAwBJ,YAAxB;AAEA,SAAK3B,WAAL,CAAiBN,GAAjB,EAAsB+D,YAAtB;AACD,GA9TwD,CAgUzD;;;AACgB,QAAVC,UAAU,CAACtE,KAAD,EAAQ;AACtB,WAAO,KAAKzB,GAAL,CAASyB,KAAT,CAAeuE,KAAf,CAAqBvE,KAArB,CAAP;AACD,GAnUwD,CAoUzD;;;AACAwE,EAAAA,aAAa,CAACxE,KAAD,EAAe;AAC1B,WAAO,0BAAcA,KAAd,CAAP;AACD,GAvUwD,CAyUzD;;;AACAuE,EAAAA,KAAK,CAACjE,GAAD,EAAsB;AACzB;AACA,QAAI,KAAKhB,KAAL,CAAWlB,YAAf,EAA6B;AAC3B,aAAO,KAAKkB,KAAL,CAAWlB,YAAlB;AACD;;AAED,QAAI;AACF,UAAI4B,KAAK,GAAG,KAAK4C,OAAL,CAAatC,GAAb,CAAZ;;AACA,UAAI,CAACN,KAAL,EAAY;AACV,cAAM,IAAItB,oBAAJ,CAAiB,gDAAgD4B,GAAjE,CAAN;AACD;AACF,KALD,CAKE,OAAOmE,CAAP,EAAU;AACV,aAAOC,OAAO,CAACC,MAAR,CAAeF,CAAf,CAAP;AACD,KAbwB,CAezB;;;AACA,SAAK/C,uBAAL,CAA6BpB,GAA7B,EAhByB,CAkBzB;AACA;;AACA,SAAKhB,KAAL,CAAWlB,YAAX,GAA0B,KAAKG,GAAL,CAASyB,KAAT,CAAe4E,WAAf,GACvBC,IADuB,CAClB9B,MAAM,IAAI;AACd,WAAKS,SAAL,CAAeT,MAAf,EADc,CAGd;;AACA,YAAM+B,SAAS,GAAG,KAAKvB,YAAL,CAAkBvD,KAAlB,CAAlB;AACA,aAAO+C,MAAM,CAAC+B,SAAD,CAAb;AACD,KAPuB,EAQvBC,KARuB,CAQjBC,GAAG,IAAI;AACZ;AACA,UAAI,gCAAoBA,GAApB,KAA4BA,GAAG,CAACC,IAAJ,KAAa,YAAzC,IAAyDD,GAAG,CAACC,IAAJ,KAAa,cAA1E,EAA0F;AACxF;AACA,aAAKb,MAAL,CAAY9D,GAAZ;AACD;;AACD0E,MAAAA,GAAG,CAACE,QAAJ,GAAe5E,GAAf;AACA,WAAKO,SAAL,CAAemE,GAAf;AACA,YAAMA,GAAN;AACD,KAjBuB,EAkBvBG,OAlBuB,CAkBf,MAAM;AACb;AACA,WAAK7F,KAAL,CAAWlB,YAAX,GAA0B,IAA1B;AACD,KArBuB,CAA1B;AAuBA,WAAO,KAAKkB,KAAL,CAAWlB,YAAlB;AACD;;AAEDgH,EAAAA,KAAK,GAAG;AACN,SAAKxD,0BAAL;AACA,SAAKtE,OAAL,CAAa+H,YAAb;AACD;;AAEDhI,EAAAA,wBAAwB,GAAG;AACzB,UAAM0F,MAAM,GAAG,KAAKD,aAAL,EAAf;AACAnE,IAAAA,MAAM,CAAC0C,IAAP,CAAY0B,MAAZ,EAAoBzB,OAApB,CAA4BhB,GAAG,IAAI;AACjC,UAAIyC,MAAM,CAACzC,GAAD,CAAN,CAAYgF,aAAhB,EAA+B;AAC9B,aAAKlB,MAAL,CAAY9D,GAAZ;AACA;AACF,KAJD;AAKD;;AAEDa,EAAAA,yBAAyB,CAACoE,KAAD,EAAQ;AAC/B,QAAIxC,MAAJ;;AACA,QAAI;AACFA,MAAAA,MAAM,GAAGvB,IAAI,CAACgE,KAAL,CAAWD,KAAX,KAAqB,EAA9B;AACD,KAFD,CAEE,OAAOd,CAAP,EAAU;AACV1B,MAAAA,MAAM,GAAG,EAAT;AACD;;AACD,WAAOA,MAAP;AACD;;AAED0C,EAAAA,kBAAkB,CAACzF,KAAD,EAAsB;AACtC,UAAMM,GAAG,GAAG,KAAK8C,mBAAL,CAAyB,cAAzB,KAA4CsC,oCAAxD,CADsC,CAGtC;;;AACA,QAAInD,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,8BAAcxC,KAAd;AACAuC,IAAAA,YAAY,CAACjC,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAK1C,OAAL,CAAaqF,UAAb,CAAwBJ,YAAxB;AACD;;AAEDoD,EAAAA,qBAAqB,GAAG;AACtB,UAAM5C,MAAM,GAAG,KAAKD,aAAL,EAAf;AACAnE,IAAAA,MAAM,CAAC0C,IAAP,CAAY0B,MAAZ,EAAoBzB,OAApB,CAA4BhB,GAAG,IAAI;AACjCyC,MAAAA,MAAM,CAACzC,GAAD,CAAN,CAAYgF,aAAZ,GAA4B,IAA5B;AACD,KAFD;AAGA,SAAK9B,SAAL,CAAeT,MAAf;AACD;;AAhawD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from './util';\nimport { AuthSdkError } from './errors';\nimport { isRefreshTokenError, validateToken } from './oidc/util';\nimport { isLocalhost, isIE11OrLess } from './features';\nimport { TOKEN_STORAGE_NAME } from './constants';\nimport SdkClock from './clock';\nimport {\n EventEmitter,\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n StorageOptions,\n StorageType,\n OktaAuth,\n StorageProvider,\n TokenManagerErrorEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY } from './constants';\nimport { TokenService } from './services/TokenService';\n\nconst DEFAULT_OPTIONS = {\n autoRenew: true,\n autoRemove: true,\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME,\n syncStorage: true,\n _storageEventDelay: 0\n};\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token>;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuth;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n private service: TokenService;\n\n on: (event: string, handler: TokenManagerErrorEventHandler | TokenManagerEventHandler, context?: object) => void;\n off: (event: string, handler?: TokenManagerErrorEventHandler | TokenManagerEventHandler) => void;\n\n constructor(sdk: OktaAuth, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n\n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (isIE11OrLess()) {\n options._storageEventDelay = options._storageEventDelay || 1000;\n }\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage(storageOptions);\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n\n this.on = this.emitter.on.bind(this.emitter);\n this.off = this.emitter.off.bind(this.emitter);\n }\n\n start() {\n if (this.service) {\n this.stop();\n }\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.service = new TokenService(this, this.getOptions());\n this.service.start();\n }\n \n stop() {\n if (this.service) {\n this.service.stop();\n this.service = null;\n }\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n var expireTime = token.expiresAt - this.options.expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n emitEventsForCrossTabsStorageUpdate(newValue, oldValue) {\n const oldTokens = this.getTokensFromStorageValue(oldValue);\n const newTokens = this.getTokensFromStorageValue(newValue);\n Object.keys(newTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (JSON.stringify(oldToken) !== JSON.stringify(newToken)) {\n this.emitAdded(key, newToken);\n }\n });\n Object.keys(oldTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (!newToken) {\n this.emitRemoved(key, oldToken);\n }\n });\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key) {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key) {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: Function, \n idTokenCb?: Function,\n refreshTokenCb?: Function\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n \n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n \n try {\n var token = this.getSync(key);\n if (!token) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n } catch (e) {\n return Promise.reject(e);\n }\n \n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token and emit error\n if (isRefreshTokenError(err) || err.name === 'OAuthError' || err.name === 'AuthSdkError') {\n // remove token from storage\n this.remove(key);\n }\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return this.state.renewPromise;\n }\n \n clear() {\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n }\n\n clearPendingRemoveTokens() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n if (tokens[key].pendingRemove) {\n this.remove(key);\n }\n });\n }\n \n getTokensFromStorageValue(value) {\n let tokens;\n try {\n tokens = JSON.parse(value) || {};\n } catch (e) {\n tokens = {};\n }\n return tokens;\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n"],"file":"TokenManager.js"}
package/cjs/TransactionManager.js CHANGED
@@ -34,16 +34,24 @@ class TransactionManager {
34
34
  this.saveParamsCookie = options.saveParamsCookie === false ? false : true;
35
35
  this.enableSharedStorage = options.enableSharedStorage === false ? false : true;
36
36
  this.options = options;
37
- }
37
+ } // eslint-disable-next-line complexity
38
+
38
39
 
39
40
  clear(options = {}) {
40
41
  const transactionStorage = this.storageManager.getTransactionStorage();
41
- transactionStorage.clearStorage();
42
- const idxStateStorage = this.storageManager.getIdxResponseStorage();
43
- idxStateStorage === null || idxStateStorage === void 0 ? void 0 : idxStateStorage.clearStorage();
42
+ const meta = transactionStorage.getStorage(); // Clear primary storage (by default, sessionStorage on browser)
44
43
 
45
- if (this.enableSharedStorage && options.state) {
46
- (0, _sharedStorage.clearTransactionFromSharedStorage)(this.storageManager, options.state);
44
+ transactionStorage.clearStorage(); // clear IDX response storage
45
+
46
+ this.clearIdxResponse(); // Usually we do NOT want to clear shared storage because another tab may need it to continue/complete a flow
47
+ // It can be cleared after a user succcesfully signs in and receives tokens
48
+
49
+ if (this.enableSharedStorage && options.clearSharedStorage) {
50
+ const state = options.state || (meta === null || meta === void 0 ? void 0 : meta.state);
51
+
52
+ if (state) {
53
+ (0, _sharedStorage.clearTransactionFromSharedStorage)(this.storageManager, state);
54
+ }
47
55
  }
48
56
 
49
57
  if (!this.legacyWidgetSupport) {
@@ -75,7 +83,11 @@ class TransactionManager {
75
83
  (0, _util.warn)('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');
76
84
  }
77
85
 
78
- storage.setStorage(meta);
86
+ storage.setStorage(meta); // Shared storage allows continuation of transaction in another tab
87
+
88
+ if (this.enableSharedStorage && meta.state) {
89
+ (0, _sharedStorage.saveTransactionToSharedStorage)(this.storageManager, meta.state, meta);
90
+ }
79
91
 
80
92
  if (!options.oauth) {
81
93
  return;
@@ -118,11 +130,6 @@ class TransactionManager {
118
130
  // Set state cookie for servers to validate state
119
131
  cookieStorage.setItem(_constants.REDIRECT_STATE_COOKIE_NAME, meta.state, null);
120
132
  }
121
- } // Shared storage allows continuation of transaction in another tab
122
-
123
-
124
- if (this.enableSharedStorage && meta.state) {
125
- (0, _sharedStorage.saveTransactionToSharedStorage)(this.storageManager, meta.state, meta);
126
133
  }
127
134
  }
128
135
 
@@ -317,6 +324,11 @@ class TransactionManager {
317
324
  return idxResponse;
318
325
  }
319
326
 
327
+ clearIdxResponse() {
328
+ const storage = this.storageManager.getIdxResponseStorage();
329
+ storage === null || storage === void 0 ? void 0 : storage.clearStorage();
330
+ }
331
+
320
332
  }
321
333
 
322
334
  exports.default = TransactionManager;
package/cjs/TransactionManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","clear","transactionStorage","getTransactionStorage","clearStorage","idxStateStorage","getIdxResponseStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","meta","storage","obj","getStorage","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","JSON","stringify","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","Object","assign","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","loadIdxResponse"],"mappings":";;;;AAaA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAyBe,MAAMA,kBAAN,CAAyB;AAStCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKN,OAAL,GAAeA,OAAf;AACD;;AAEDO,EAAAA,KAAK,CAACP,OAA+B,GAAG,EAAnC,EAAuC;AAC1C,UAAMQ,kBAAmC,GAAG,KAAKP,cAAL,CAAoBQ,qBAApB,EAA5C;AACAD,IAAAA,kBAAkB,CAACE,YAAnB;AAEA,UAAMC,eAAgC,GAAG,KAAKV,cAAL,CAAoBW,qBAApB,EAAzC;AACAD,IAAAA,eAAe,SAAf,IAAAA,eAAe,WAAf,YAAAA,eAAe,CAAED,YAAjB;;AAEA,QAAI,KAAKJ,mBAAL,IAA4BN,OAAO,CAACa,KAAxC,EAA+C;AAC7C,4DAAkC,KAAKZ,cAAvC,EAAuDD,OAAO,CAACa,KAA/D;AACD;;AAED,QAAI,CAAC,KAAKX,mBAAV,EAA+B;AAC7B;AACD,KAbyC,CAe1C;;;AACA,QAAIF,OAAO,CAACc,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIf,OAAO,CAACgB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GA1CqC,CA4CtC;;;AACAC,EAAAA,IAAI,CAACC,IAAD,EAAwBnB,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIoB,OAAwB,GAAG,KAAKnB,cAAL,CAAoBQ,qBAApB,EAA/B;AACA,UAAMY,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBD,GAAlB,KAA0B,CAACrB,OAAO,CAACuB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDH,IAAAA,OAAO,CAACI,UAAR,CAAmBL,IAAnB;;AAEA,QAAI,CAACnB,OAAO,CAACc,KAAb,EAAoB;AAClB;AACD,KAnB+D,CAqBhE;;;AACA,QAAI,KAAKX,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMoB,aAA4B,GAAG,KAAKxB,cAAL,CAAoBqB,UAApB,CAA+B;AAAEI,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKrB,gBAAT,EAA2B;AACzB,cAAM;AACJsB,UAAAA,YADI;AAEJd,UAAAA,KAFI;AAGJe,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFb,IARJ;AASA,cAAMc,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBd,UAAAA,KAFkB;AAGlBe,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkDC,IAAI,CAACC,SAAL,CAAeJ,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK9B,eAAL,IAAwBgB,IAAI,CAACS,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBI,qCAAtB,EAAkDnB,IAAI,CAACS,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKxB,eAAL,IAAwBe,IAAI,CAACN,KAAjC,EAAwC;AACtC;AACAY,QAAAA,aAAa,CAACS,OAAd,CAAsBK,qCAAtB,EAAkDpB,IAAI,CAACN,KAAvD,EAA8D,IAA9D;AACD;AACF,KAxD+D,CA0DhE;;;AACA,QAAI,KAAKP,mBAAL,IAA4Ba,IAAI,CAACN,KAArC,EAA4C;AAC1C,yDAA+B,KAAKZ,cAApC,EAAoDkB,IAAI,CAACN,KAAzD,EAAgEM,IAAhE;AACD;AACF;;AAEDqB,EAAAA,MAAM,CAACxC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMmB,IAAqB,GAAG,KAAKsB,IAAL,CAAUzC,OAAV,CAA9B;AACA,aAAO,CAAC,CAACmB,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GApHqC,CAsHtC;AACA;;;AACAsB,EAAAA,IAAI,CAACzC,OAA+B,GAAG,EAAnC,EAAwD;AAE1D,QAAImB,IAAJ,CAF0D,CAI1D;;AACA,QAAI,KAAKb,mBAAL,IAA4BN,OAAO,CAACa,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKZ,cAAxB,EAD6C,CACJ;;AACzCkB,MAAAA,IAAI,GAAG,qDAAiC,KAAKlB,cAAtC,EAAsDD,OAAO,CAACa,KAA9D,CAAP;;AACA,UAAI,8BAAkBM,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIC,OAAwB,GAAG,KAAKnB,cAAL,CAAoBQ,qBAApB,EAA/B;AACAU,IAAAA,IAAI,GAAGC,OAAO,CAACE,UAAR,EAAP;;AACA,QAAI,8BAAkBH,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKjB,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtByD,CAwB1D;;;AACA,QAAIF,OAAO,CAACc,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMmB,WAAW,GAAG,KAAKS,qBAAL,EAApB;AACAC,QAAAA,MAAM,CAACC,MAAP,CAAczB,IAAd,EAAoBc,WAApB;AACD,OAHD,SAGU;AACR,aAAKlB,sBAAL;AACD;AACF;;AAED,QAAIf,OAAO,CAACgB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAM6B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACAH,QAAAA,MAAM,CAACC,MAAP,CAAczB,IAAd,EAAoB0B,QAApB;AACD,OAHD,SAGU;AACR,aAAK5B,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBE,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAvKqC,CAyKtC;;;AACAF,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIG,OAAJ;;AAEA,QAAI,KAAKnB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAN,MAAAA,OAAO,CAACV,YAAR;AACD;;AAED,QAAI,KAAKT,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAN,MAAAA,OAAO,CAACV,YAAR;AACD;AACF;;AAEDoC,EAAAA,cAAc,GAAwB;AACpC,QAAI1B,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAN;;AACA,UAAID,GAAG,IAAIA,GAAG,CAAC6B,YAAf,EAA6B;AAC3B,eAAO7B,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,GAAG,GAAGD,OAAO,CAACE,UAAR,EAAN;;AACA,UAAID,GAAG,IAAIA,GAAG,CAAC6B,YAAf,EAA6B;AAC3B,eAAO7B,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAI8B,oBAAJ,CAAiB,yJAAjB,EAA4K,IAA5K,CAAN;AACD;;AAEDpC,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAIK,OAAJ;;AAEA,QAAI,KAAKnB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAN,MAAAA,OAAO,CAACV,YAAR;AACD;;AAED,QAAI,KAAKT,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAN,MAAAA,OAAO,CAACV,YAAR;AACD;AACF;;AAEDgC,EAAAA,qBAAqB,GAAyB;AAC5C,QAAItB,OAAJ;AACA,QAAIa,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGb,OAAO,CAACE,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBW,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D5B,MAAAA,OAAO,GAAG,KAAKnB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGb,OAAO,CAACE,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBW,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIkB,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDE,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,UAAMlC,OAAwB,GAAG,KAAKnB,cAAL,CAAoBW,qBAApB,EAAjC;;AACA,QAAI,CAACQ,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACI,UAAR,CAAmB8B,WAAnB;AACD;;AAEDC,EAAAA,eAAe,GAAmB;AAChC,UAAMnC,OAAwB,GAAG,KAAKnB,cAAL,CAAoBW,qBAApB,EAAjC;;AACA,QAAI,CAACQ,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMkC,WAAW,GAAGlC,OAAO,CAACE,UAAR,EAApB;;AACA,QAAI,CAAC,6BAAiBgC,WAAjB,CAAL,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AApRqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport StorageManager from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n enableSharedStorage: boolean;\n\n constructor(options: TransactionManagerOptions) {\n this.storageManager = options.storageManager;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.options = options;\n }\n\n clear(options: TransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n transactionStorage.clearStorage();\n\n const idxStateStorage: StorageProvider = this.storageManager.getIdxResponseStorage();\n idxStateStorage?.clearStorage();\n\n if (this.enableSharedStorage && options.state) {\n clearTransactionFromSharedStorage(this.storageManager, options.state);\n }\n \n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n if (!options.oauth) {\n return;\n }\n \n // Legacy cookie storage\n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta: TransactionMeta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse(idxResponse: RawIdxResponse): void {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(idxResponse);\n }\n\n loadIdxResponse(): RawIdxResponse {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const idxResponse = storage.getStorage();\n if (!isRawIdxResponse(idxResponse)) {\n return null;\n }\n return idxResponse;\n }\n}"],"file":"TransactionManager.js"}
1
+ {"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearIdxResponse","clearSharedStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","JSON","stringify","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","Object","assign","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","getIdxResponseStorage","loadIdxResponse"],"mappings":";;;;AAaA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6Be,MAAMA,kBAAN,CAAyB;AAStCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKN,OAAL,GAAeA,OAAf;AACD,GAjBqC,CAmBtC;;;AACAO,EAAAA,KAAK,CAACP,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMQ,kBAAmC,GAAG,KAAKP,cAAL,CAAoBQ,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,SAAKC,gBAAL,GAR+C,CAU/C;AACA;;AACA,QAAI,KAAKP,mBAAL,IAA4BN,OAAO,CAACc,kBAAxC,EAA4D;AAC1D,YAAMC,KAAK,GAAGf,OAAO,CAACe,KAAR,KAAiBL,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEK,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKd,cAAvC,EAAuDc,KAAvD;AACD;AACF;;AAED,QAAI,CAAC,KAAKb,mBAAV,EAA+B;AAC7B;AACD,KArB8C,CAuB/C;;;AACA,QAAIF,OAAO,CAACgB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIjB,OAAO,CAACkB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GAnDqC,CAqDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBV,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIqB,OAAwB,GAAG,KAAKpB,cAAL,CAAoBQ,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACtB,OAAO,CAACuB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKJ,mBAAL,IAA4BI,IAAI,CAACK,KAArC,EAA4C;AAC1C,yDAA+B,KAAKd,cAApC,EAAoDS,IAAI,CAACK,KAAzD,EAAgEL,IAAhE;AACD;;AAED,QAAI,CAACV,OAAO,CAACgB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKb,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMoB,aAA4B,GAAG,KAAKxB,cAAL,CAAoBU,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKrB,gBAAT,EAA2B;AACzB,cAAM;AACJsB,UAAAA,YADI;AAEJZ,UAAAA,KAFI;AAGJa,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBZ,UAAAA,KAFkB;AAGlBa,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkDC,IAAI,CAACC,SAAL,CAAeJ,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK9B,eAAL,IAAwBO,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBI,qCAAtB,EAAkD5B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKxB,eAAL,IAAwBM,IAAI,CAACK,KAAjC,EAAwC;AACtC;AACAU,QAAAA,aAAa,CAACS,OAAd,CAAsBK,qCAAtB,EAAkD7B,IAAI,CAACK,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDyB,EAAAA,MAAM,CAACxC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMU,IAAqB,GAAG,KAAK+B,IAAL,CAAUzC,OAAV,CAA9B;AACA,aAAO,CAAC,CAACU,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GA7HqC,CA+HtC;AACA;;;AACA+B,EAAAA,IAAI,CAACzC,OAA+B,GAAG,EAAnC,EAAwD;AAE1D,QAAIU,IAAJ,CAF0D,CAI1D;;AACA,QAAI,KAAKJ,mBAAL,IAA4BN,OAAO,CAACe,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKd,cAAxB,EAD6C,CACJ;;AACzCS,MAAAA,IAAI,GAAG,qDAAiC,KAAKT,cAAtC,EAAsDD,OAAO,CAACe,KAA9D,CAAP;;AACA,UAAI,8BAAkBL,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKpB,cAAL,CAAoBQ,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKR,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtByD,CAwB1D;;;AACA,QAAIF,OAAO,CAACgB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKS,qBAAL,EAApB;AACAC,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIjB,OAAO,CAACkB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAM2B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACAH,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBmC,QAApB;AACD,OAHD,SAGU;AACR,aAAK1B,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAhLqC,CAkLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKX,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAEDkC,EAAAA,cAAc,GAAwB;AACpC,QAAIzB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKrB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKrB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAI6B,oBAAJ,CAAiB,yJAAjB,EAA4K,IAA5K,CAAN;AACD;;AAEDlC,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKX,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAIrB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIkB,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDE,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,UAAMjC,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;;AACA,QAAI,CAAClC,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB8B,WAAnB;AACD;;AAEDE,EAAAA,eAAe,GAAmB;AAChC,UAAMnC,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;;AACA,QAAI,CAAClC,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMiC,WAAW,GAAGjC,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC,6BAAiB2C,WAAjB,CAAL,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AAEDzC,EAAAA,gBAAgB,GAAS;AACvB,UAAMQ,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;AACAlC,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AAlSqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport StorageManager from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n clearSharedStorage?: boolean;\n}\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n enableSharedStorage: boolean;\n\n constructor(options: TransactionManagerOptions) {\n this.storageManager = options.storageManager;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.options = options;\n }\n\n // eslint-disable-next-line complexity\n clear(options: ClearTransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n const meta = transactionStorage.getStorage();\n\n // Clear primary storage (by default, sessionStorage on browser)\n transactionStorage.clearStorage();\n\n // clear IDX response storage\n this.clearIdxResponse();\n\n // Usually we do NOT want to clear shared storage because another tab may need it to continue/complete a flow\n // It can be cleared after a user succcesfully signs in and receives tokens\n if (this.enableSharedStorage && options.clearSharedStorage) {\n const state = options.state || meta?.state;\n if (state) {\n clearTransactionFromSharedStorage(this.storageManager, state);\n }\n }\n \n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n\n if (!options.oauth) {\n return;\n }\n \n // Legacy cookie storage\n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta: TransactionMeta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse(idxResponse: RawIdxResponse): void {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(idxResponse);\n }\n\n loadIdxResponse(): RawIdxResponse {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const idxResponse = storage.getStorage();\n if (!isRawIdxResponse(idxResponse)) {\n return null;\n }\n return idxResponse;\n }\n\n clearIdxResponse(): void {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n storage?.clearStorage();\n }\n}"],"file":"TransactionManager.js"}
package/cjs/constants.js CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
2
 
3
- exports.IDX_API_VERSION = exports.DEFAULT_CODE_CHALLENGE_METHOD = exports.MAX_VERIFIER_LENGTH = exports.MIN_VERIFIER_LENGTH = exports.REFERRER_PATH_STORAGE_KEY = exports.REFRESH_TOKEN_STORAGE_KEY = exports.ID_TOKEN_STORAGE_KEY = exports.ACCESS_TOKEN_STORAGE_KEY = exports.IDX_RESPONSE_STORAGE_NAME = exports.SHARED_TRANSACTION_STORAGE_NAME = exports.TRANSACTION_STORAGE_NAME = exports.PKCE_STORAGE_NAME = exports.CACHE_STORAGE_NAME = exports.TOKEN_STORAGE_NAME = exports.REDIRECT_NONCE_COOKIE_NAME = exports.REDIRECT_STATE_COOKIE_NAME = exports.REDIRECT_OAUTH_PARAMS_NAME = exports.DEFAULT_CACHE_DURATION = exports.DEFAULT_MAX_CLOCK_SKEW = exports.DEFAULT_POLLING_DELAY = exports.STATE_TOKEN_KEY_NAME = void 0;
3
+ exports.IDX_API_VERSION = exports.DEFAULT_CODE_CHALLENGE_METHOD = exports.MAX_VERIFIER_LENGTH = exports.MIN_VERIFIER_LENGTH = exports.REFERRER_PATH_STORAGE_KEY = exports.REFRESH_TOKEN_STORAGE_KEY = exports.ID_TOKEN_STORAGE_KEY = exports.ACCESS_TOKEN_STORAGE_KEY = exports.IDX_RESPONSE_STORAGE_NAME = exports.ORIGINAL_URI_STORAGE_NAME = exports.SHARED_TRANSACTION_STORAGE_NAME = exports.TRANSACTION_STORAGE_NAME = exports.PKCE_STORAGE_NAME = exports.CACHE_STORAGE_NAME = exports.TOKEN_STORAGE_NAME = exports.REDIRECT_NONCE_COOKIE_NAME = exports.REDIRECT_STATE_COOKIE_NAME = exports.REDIRECT_OAUTH_PARAMS_NAME = exports.DEFAULT_CACHE_DURATION = exports.DEFAULT_MAX_CLOCK_SKEW = exports.DEFAULT_POLLING_DELAY = exports.STATE_TOKEN_KEY_NAME = void 0;
4
4
 
5
5
  /*!
6
6
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
@@ -37,6 +37,8 @@ const TRANSACTION_STORAGE_NAME = 'okta-transaction-storage';
37
37
  exports.TRANSACTION_STORAGE_NAME = TRANSACTION_STORAGE_NAME;
38
38
  const SHARED_TRANSACTION_STORAGE_NAME = 'okta-shared-transaction-storage';
39
39
  exports.SHARED_TRANSACTION_STORAGE_NAME = SHARED_TRANSACTION_STORAGE_NAME;
40
+ const ORIGINAL_URI_STORAGE_NAME = 'okta-original-uri-storage';
41
+ exports.ORIGINAL_URI_STORAGE_NAME = ORIGINAL_URI_STORAGE_NAME;
40
42
  const IDX_RESPONSE_STORAGE_NAME = 'okta-idx-response-storage';
41
43
  exports.IDX_RESPONSE_STORAGE_NAME = IDX_RESPONSE_STORAGE_NAME;
42
44
  const ACCESS_TOKEN_STORAGE_KEY = 'accessToken';
package/cjs/constants.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/constants.ts"],"names":["STATE_TOKEN_KEY_NAME","DEFAULT_POLLING_DELAY","DEFAULT_MAX_CLOCK_SKEW","DEFAULT_CACHE_DURATION","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_STATE_COOKIE_NAME","REDIRECT_NONCE_COOKIE_NAME","TOKEN_STORAGE_NAME","CACHE_STORAGE_NAME","PKCE_STORAGE_NAME","TRANSACTION_STORAGE_NAME","SHARED_TRANSACTION_STORAGE_NAME","IDX_RESPONSE_STORAGE_NAME","ACCESS_TOKEN_STORAGE_KEY","ID_TOKEN_STORAGE_KEY","REFRESH_TOKEN_STORAGE_KEY","REFERRER_PATH_STORAGE_KEY","MIN_VERIFIER_LENGTH","MAX_VERIFIER_LENGTH","DEFAULT_CODE_CHALLENGE_METHOD","IDX_API_VERSION"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEO,MAAMA,oBAAoB,GAAG,gBAA7B;;AACA,MAAMC,qBAAqB,GAAG,GAA9B;;AACA,MAAMC,sBAAsB,GAAG,GAA/B;;AACA,MAAMC,sBAAsB,GAAG,KAA/B;;AACA,MAAMC,0BAA0B,GAAG,4BAAnC;;AACA,MAAMC,0BAA0B,GAAG,kBAAnC;;AACA,MAAMC,0BAA0B,GAAG,kBAAnC;;AACA,MAAMC,kBAAkB,GAAG,oBAA3B;;AACA,MAAMC,kBAAkB,GAAG,oBAA3B;;AACA,MAAMC,iBAAiB,GAAG,mBAA1B;;AACA,MAAMC,wBAAwB,GAAG,0BAAjC;;AACA,MAAMC,+BAA+B,GAAG,iCAAxC;;AACA,MAAMC,yBAAyB,GAAG,2BAAlC;;AACA,MAAMC,wBAAwB,GAAG,aAAjC;;AACA,MAAMC,oBAAoB,GAAI,SAA9B;;AACA,MAAMC,yBAAyB,GAAI,cAAnC;;AACA,MAAMC,yBAAyB,GAAG,cAAlC,C,CAEP;AACA;;;AACO,MAAMC,mBAAmB,GAAG,EAA5B;;AACA,MAAMC,mBAAmB,GAAG,GAA5B;;AACA,MAAMC,6BAA6B,GAAG,MAAtC;;AAEA,MAAMC,eAAe,GAAG,OAAxB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport const STATE_TOKEN_KEY_NAME = 'oktaStateToken';\nexport const DEFAULT_POLLING_DELAY = 500;\nexport const DEFAULT_MAX_CLOCK_SKEW = 300;\nexport const DEFAULT_CACHE_DURATION = 86400;\nexport const REDIRECT_OAUTH_PARAMS_NAME = 'okta-oauth-redirect-params';\nexport const REDIRECT_STATE_COOKIE_NAME = 'okta-oauth-state';\nexport const REDIRECT_NONCE_COOKIE_NAME = 'okta-oauth-nonce';\nexport const TOKEN_STORAGE_NAME = 'okta-token-storage';\nexport const CACHE_STORAGE_NAME = 'okta-cache-storage';\nexport const PKCE_STORAGE_NAME = 'okta-pkce-storage';\nexport const TRANSACTION_STORAGE_NAME = 'okta-transaction-storage';\nexport const SHARED_TRANSACTION_STORAGE_NAME = 'okta-shared-transaction-storage';\nexport const IDX_RESPONSE_STORAGE_NAME = 'okta-idx-response-storage';\nexport const ACCESS_TOKEN_STORAGE_KEY = 'accessToken';\nexport const ID_TOKEN_STORAGE_KEY = 'idToken';\nexport const REFRESH_TOKEN_STORAGE_KEY = 'refreshToken';\nexport const REFERRER_PATH_STORAGE_KEY = 'referrerPath';\n\n// Code verifier: Random URL-safe string with a minimum length of 43 characters.\n// Code challenge: Base64 URL-encoded SHA-256 hash of the code verifier.\nexport const MIN_VERIFIER_LENGTH = 43;\nexport const MAX_VERIFIER_LENGTH = 128;\nexport const DEFAULT_CODE_CHALLENGE_METHOD = 'S256';\n\nexport const IDX_API_VERSION = '1.0.0';"],"file":"constants.js"}
1
+ {"version":3,"sources":["../../lib/constants.ts"],"names":["STATE_TOKEN_KEY_NAME","DEFAULT_POLLING_DELAY","DEFAULT_MAX_CLOCK_SKEW","DEFAULT_CACHE_DURATION","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_STATE_COOKIE_NAME","REDIRECT_NONCE_COOKIE_NAME","TOKEN_STORAGE_NAME","CACHE_STORAGE_NAME","PKCE_STORAGE_NAME","TRANSACTION_STORAGE_NAME","SHARED_TRANSACTION_STORAGE_NAME","ORIGINAL_URI_STORAGE_NAME","IDX_RESPONSE_STORAGE_NAME","ACCESS_TOKEN_STORAGE_KEY","ID_TOKEN_STORAGE_KEY","REFRESH_TOKEN_STORAGE_KEY","REFERRER_PATH_STORAGE_KEY","MIN_VERIFIER_LENGTH","MAX_VERIFIER_LENGTH","DEFAULT_CODE_CHALLENGE_METHOD","IDX_API_VERSION"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEO,MAAMA,oBAAoB,GAAG,gBAA7B;;AACA,MAAMC,qBAAqB,GAAG,GAA9B;;AACA,MAAMC,sBAAsB,GAAG,GAA/B;;AACA,MAAMC,sBAAsB,GAAG,KAA/B;;AACA,MAAMC,0BAA0B,GAAG,4BAAnC;;AACA,MAAMC,0BAA0B,GAAG,kBAAnC;;AACA,MAAMC,0BAA0B,GAAG,kBAAnC;;AACA,MAAMC,kBAAkB,GAAG,oBAA3B;;AACA,MAAMC,kBAAkB,GAAG,oBAA3B;;AACA,MAAMC,iBAAiB,GAAG,mBAA1B;;AACA,MAAMC,wBAAwB,GAAG,0BAAjC;;AACA,MAAMC,+BAA+B,GAAG,iCAAxC;;AACA,MAAMC,yBAAyB,GAAG,2BAAlC;;AACA,MAAMC,yBAAyB,GAAG,2BAAlC;;AACA,MAAMC,wBAAwB,GAAG,aAAjC;;AACA,MAAMC,oBAAoB,GAAI,SAA9B;;AACA,MAAMC,yBAAyB,GAAI,cAAnC;;AACA,MAAMC,yBAAyB,GAAG,cAAlC,C,CAEP;AACA;;;AACO,MAAMC,mBAAmB,GAAG,EAA5B;;AACA,MAAMC,mBAAmB,GAAG,GAA5B;;AACA,MAAMC,6BAA6B,GAAG,MAAtC;;AAEA,MAAMC,eAAe,GAAG,OAAxB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport const STATE_TOKEN_KEY_NAME = 'oktaStateToken';\nexport const DEFAULT_POLLING_DELAY = 500;\nexport const DEFAULT_MAX_CLOCK_SKEW = 300;\nexport const DEFAULT_CACHE_DURATION = 86400;\nexport const REDIRECT_OAUTH_PARAMS_NAME = 'okta-oauth-redirect-params';\nexport const REDIRECT_STATE_COOKIE_NAME = 'okta-oauth-state';\nexport const REDIRECT_NONCE_COOKIE_NAME = 'okta-oauth-nonce';\nexport const TOKEN_STORAGE_NAME = 'okta-token-storage';\nexport const CACHE_STORAGE_NAME = 'okta-cache-storage';\nexport const PKCE_STORAGE_NAME = 'okta-pkce-storage';\nexport const TRANSACTION_STORAGE_NAME = 'okta-transaction-storage';\nexport const SHARED_TRANSACTION_STORAGE_NAME = 'okta-shared-transaction-storage';\nexport const ORIGINAL_URI_STORAGE_NAME = 'okta-original-uri-storage';\nexport const IDX_RESPONSE_STORAGE_NAME = 'okta-idx-response-storage';\nexport const ACCESS_TOKEN_STORAGE_KEY = 'accessToken';\nexport const ID_TOKEN_STORAGE_KEY = 'idToken';\nexport const REFRESH_TOKEN_STORAGE_KEY = 'refreshToken';\nexport const REFERRER_PATH_STORAGE_KEY = 'referrerPath';\n\n// Code verifier: Random URL-safe string with a minimum length of 43 characters.\n// Code challenge: Base64 URL-encoded SHA-256 hash of the code verifier.\nexport const MIN_VERIFIER_LENGTH = 43;\nexport const MAX_VERIFIER_LENGTH = 128;\nexport const DEFAULT_CODE_CHALLENGE_METHOD = 'S256';\n\nexport const IDX_API_VERSION = '1.0.0';"],"file":"constants.js"}
package/cjs/features.js CHANGED
@@ -62,7 +62,7 @@ function isPopupPostMessageSupported() {
62
62
  }
63
63
 
64
64
  function isTokenVerifySupported() {
65
- return typeof _crypto.webcrypto !== 'undefined' && typeof _crypto.webcrypto.subtle !== 'undefined' && typeof Uint8Array !== 'undefined';
65
+ return typeof _crypto.webcrypto !== 'undefined' && _crypto.webcrypto !== null && typeof _crypto.webcrypto.subtle !== 'undefined' && typeof Uint8Array !== 'undefined';
66
66
  }
67
67
 
68
68
  function hasTextEncoder() {
package/cjs/features.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/features.ts"],"names":["isWindowsPhone","isBrowser","document","window","isIE11OrLess","documentMode","getUserAgent","navigator","userAgent","isFingerprintSupported","agent","test","isPopupPostMessageSupported","isIE8or9","postMessage","isTokenVerifySupported","webcrypto","subtle","Uint8Array","hasTextEncoder","TextEncoder","isPKCESupported","isHTTPS","location","protocol","isLocalhost","hostname"],"mappings":";;;;;;;;;;;;;AAeA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;;AACA;AAIA,MAAMA,cAAc,GAAG,mCAAvB;;AAEO,SAASC,SAAT,GAAqB;AAC1B,SAAO,OAAOC,QAAP,KAAoB,WAApB,IAAmC,OAAOC,MAAP,KAAkB,WAA5D;AACD;;AAEM,SAASC,YAAT,GAAwB;AAC7B,SAAOH,SAAS,MAAM,CAAC,CAACC,QAAQ,CAACG,YAA1B,IAA0CH,QAAQ,CAACG,YAAT,IAAyB,EAA1E;AACD;;AAEM,SAASC,YAAT,GAAwB;AAC7B,SAAOC,SAAS,CAACC,SAAjB;AACD;;AAEM,SAASC,sBAAT,GAAkC;AACvC,QAAMC,KAAK,GAAGJ,YAAY,EAA1B;AACA,SAAOI,KAAK,IAAI,CAACV,cAAc,CAACW,IAAf,CAAoBD,KAApB,CAAjB;AACD;;AAEM,SAASE,2BAAT,GAAuC;AAC5C,MAAI,CAACX,SAAS,EAAd,EAAkB;AAChB,WAAO,KAAP;AACD;;AACD,MAAIY,QAAQ,GAAGX,QAAQ,CAACG,YAAT,IAAyBH,QAAQ,CAACG,YAAT,GAAwB,EAAhE;;AACA,MAAIF,MAAM,CAACW,WAAP,IAAsB,CAACD,QAA3B,EAAqC;AACnC,WAAO,IAAP;AACD;;AACD,SAAO,KAAP;AACD;;AAEM,SAASE,sBAAT,GAAkC;AACvC,SAAO,OAAOC,iBAAP,KAAqB,WAArB,IACF,OAAOA,kBAAUC,MAAjB,KAA4B,WAD1B,IAEF,OAAOC,UAAP,KAAsB,WAF3B;AAGD;;AAEM,SAASC,cAAT,GAA0B;AAC/B,SAAO,OAAOC,WAAP,KAAuB,WAA9B;AACD;;AAEM,SAASC,eAAT,GAA2B;AAChC,SAAON,sBAAsB,MAAMI,cAAc,EAAjD;AACD;;AAEM,SAASG,OAAT,GAAmB;AACxB,MAAI,CAACrB,SAAS,EAAd,EAAkB;AAChB,WAAO,KAAP;AACD;;AACD,SAAOE,MAAM,CAACoB,QAAP,CAAgBC,QAAhB,KAA6B,QAApC;AACD;;AAEM,SAASC,WAAT,GAAuB;AAC5B;AACA,SAAOxB,SAAS,MAAME,MAAM,CAACoB,QAAP,CAAgBG,QAAhB,KAA6B,WAAnD;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable node/no-unsupported-features/node-builtins */\n/* global document, window, TextEncoder, navigator */\n\nimport { webcrypto } from './crypto';\n\nconst isWindowsPhone = /windows phone|iemobile|wpdesktop/i;\t\n\nexport function isBrowser() {\n return typeof document !== 'undefined' && typeof window !== 'undefined';\n}\n\nexport function isIE11OrLess() {\n return isBrowser() && !!document.documentMode && document.documentMode <= 11;\n}\n\nexport function getUserAgent() {\n return navigator.userAgent;\n}\n\nexport function isFingerprintSupported() {\n const agent = getUserAgent();\n return agent && !isWindowsPhone.test(agent);\t\n}\n\nexport function isPopupPostMessageSupported() {\n if (!isBrowser()) {\n return false;\n }\n var isIE8or9 = document.documentMode && document.documentMode < 10;\n if (window.postMessage && !isIE8or9) {\n return true;\n }\n return false;\n}\n\nexport function isTokenVerifySupported() {\n return typeof webcrypto !== 'undefined'\n && typeof webcrypto.subtle !== 'undefined'\n && typeof Uint8Array !== 'undefined';\n}\n\nexport function hasTextEncoder() {\n return typeof TextEncoder !== 'undefined';\n}\n\nexport function isPKCESupported() {\n return isTokenVerifySupported() && hasTextEncoder();\n}\n\nexport function isHTTPS() {\n if (!isBrowser()) {\n return false;\n }\n return window.location.protocol === 'https:';\n}\n\nexport function isLocalhost() {\n // eslint-disable-next-line compat/compat\n return isBrowser() && window.location.hostname === 'localhost';\n}\n\n"],"file":"features.js"}
1
+ {"version":3,"sources":["../../lib/features.ts"],"names":["isWindowsPhone","isBrowser","document","window","isIE11OrLess","documentMode","getUserAgent","navigator","userAgent","isFingerprintSupported","agent","test","isPopupPostMessageSupported","isIE8or9","postMessage","isTokenVerifySupported","webcrypto","subtle","Uint8Array","hasTextEncoder","TextEncoder","isPKCESupported","isHTTPS","location","protocol","isLocalhost","hostname"],"mappings":";;;;;;;;;;;;;AAeA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;;AACA;AAIA,MAAMA,cAAc,GAAG,mCAAvB;;AAEO,SAASC,SAAT,GAAqB;AAC1B,SAAO,OAAOC,QAAP,KAAoB,WAApB,IAAmC,OAAOC,MAAP,KAAkB,WAA5D;AACD;;AAEM,SAASC,YAAT,GAAwB;AAC7B,SAAOH,SAAS,MAAM,CAAC,CAACC,QAAQ,CAACG,YAA1B,IAA0CH,QAAQ,CAACG,YAAT,IAAyB,EAA1E;AACD;;AAEM,SAASC,YAAT,GAAwB;AAC7B,SAAOC,SAAS,CAACC,SAAjB;AACD;;AAEM,SAASC,sBAAT,GAAkC;AACvC,QAAMC,KAAK,GAAGJ,YAAY,EAA1B;AACA,SAAOI,KAAK,IAAI,CAACV,cAAc,CAACW,IAAf,CAAoBD,KAApB,CAAjB;AACD;;AAEM,SAASE,2BAAT,GAAuC;AAC5C,MAAI,CAACX,SAAS,EAAd,EAAkB;AAChB,WAAO,KAAP;AACD;;AACD,MAAIY,QAAQ,GAAGX,QAAQ,CAACG,YAAT,IAAyBH,QAAQ,CAACG,YAAT,GAAwB,EAAhE;;AACA,MAAIF,MAAM,CAACW,WAAP,IAAsB,CAACD,QAA3B,EAAqC;AACnC,WAAO,IAAP;AACD;;AACD,SAAO,KAAP;AACD;;AAEM,SAASE,sBAAT,GAAkC;AACvC,SAAO,OAAOC,iBAAP,KAAqB,WAArB,IACFA,sBAAc,IADZ,IAEF,OAAOA,kBAAUC,MAAjB,KAA4B,WAF1B,IAGF,OAAOC,UAAP,KAAsB,WAH3B;AAID;;AAEM,SAASC,cAAT,GAA0B;AAC/B,SAAO,OAAOC,WAAP,KAAuB,WAA9B;AACD;;AAEM,SAASC,eAAT,GAA2B;AAChC,SAAON,sBAAsB,MAAMI,cAAc,EAAjD;AACD;;AAEM,SAASG,OAAT,GAAmB;AACxB,MAAI,CAACrB,SAAS,EAAd,EAAkB;AAChB,WAAO,KAAP;AACD;;AACD,SAAOE,MAAM,CAACoB,QAAP,CAAgBC,QAAhB,KAA6B,QAApC;AACD;;AAEM,SAASC,WAAT,GAAuB;AAC5B;AACA,SAAOxB,SAAS,MAAME,MAAM,CAACoB,QAAP,CAAgBG,QAAhB,KAA6B,WAAnD;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable node/no-unsupported-features/node-builtins */\n/* global document, window, TextEncoder, navigator */\n\nimport { webcrypto } from './crypto';\n\nconst isWindowsPhone = /windows phone|iemobile|wpdesktop/i;\t\n\nexport function isBrowser() {\n return typeof document !== 'undefined' && typeof window !== 'undefined';\n}\n\nexport function isIE11OrLess() {\n return isBrowser() && !!document.documentMode && document.documentMode <= 11;\n}\n\nexport function getUserAgent() {\n return navigator.userAgent;\n}\n\nexport function isFingerprintSupported() {\n const agent = getUserAgent();\n return agent && !isWindowsPhone.test(agent);\t\n}\n\nexport function isPopupPostMessageSupported() {\n if (!isBrowser()) {\n return false;\n }\n var isIE8or9 = document.documentMode && document.documentMode < 10;\n if (window.postMessage && !isIE8or9) {\n return true;\n }\n return false;\n}\n\nexport function isTokenVerifySupported() {\n return typeof webcrypto !== 'undefined'\n && webcrypto !== null\n && typeof webcrypto.subtle !== 'undefined'\n && typeof Uint8Array !== 'undefined';\n}\n\nexport function hasTextEncoder() {\n return typeof TextEncoder !== 'undefined';\n}\n\nexport function isPKCESupported() {\n return isTokenVerifySupported() && hasTextEncoder();\n}\n\nexport function isHTTPS() {\n if (!isBrowser()) {\n return false;\n }\n return window.location.protocol === 'https:';\n}\n\nexport function isLocalhost() {\n // eslint-disable-next-line compat/compat\n return isBrowser() && window.location.hostname === 'localhost';\n}\n\n"],"file":"features.js"}
package/cjs/idx/authenticate.js CHANGED
@@ -4,9 +4,7 @@ exports.authenticate = authenticate;
4
4
 
5
5
  var _run = require("./run");
6
6
 
7
- var _remediators = require("./remediators");
8
-
9
- var _flowMonitors = require("./flowMonitors");
7
+ var _flow = require("./flow");
10
8
 
11
9
  /*!
12
10
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
@@ -19,23 +17,10 @@ var _flowMonitors = require("./flowMonitors");
19
17
  *
20
18
  * See the License for the specific language governing permissions and limitations under the License.
21
19
  */
22
- const flow = {
23
- 'identify': _remediators.Identify,
24
- 'select-authenticator-authenticate': _remediators.SelectAuthenticatorAuthenticate,
25
- 'select-authenticator-enroll': _remediators.SelectAuthenticatorEnroll,
26
- 'authenticator-enrollment-data': _remediators.AuthenticatorEnrollmentData,
27
- 'authenticator-verification-data': _remediators.AuthenticatorVerificationData,
28
- 'enroll-authenticator': _remediators.EnrollAuthenticator,
29
- 'challenge-authenticator': _remediators.ChallengeAuthenticator,
30
- 'reenroll-authenticator': _remediators.ReEnrollAuthenticator,
31
- 'redirect-idp': _remediators.RedirectIdp
32
- };
33
-
34
20
  async function authenticate(authClient, options) {
35
- const flowMonitor = new _flowMonitors.AuthenticationFlowMonitor(authClient);
21
+ const flowSpec = (0, _flow.getFlowSpecification)(authClient, 'authenticate');
36
22
  return (0, _run.run)(authClient, { ...options,
37
- flow,
38
- flowMonitor
23
+ ...flowSpec
39
24
  });
40
25
  }
41
26
  //# sourceMappingURL=authenticate.js.map
package/cjs/idx/authenticate.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/idx/authenticate.ts"],"names":["flow","Identify","SelectAuthenticatorAuthenticate","SelectAuthenticatorEnroll","AuthenticatorEnrollmentData","AuthenticatorVerificationData","EnrollAuthenticator","ChallengeAuthenticator","ReEnrollAuthenticator","RedirectIdp","authenticate","authClient","options","flowMonitor","AuthenticationFlowMonitor"],"mappings":";;;;AAkBA;;AACA;;AAkBA;;AArCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6BA,MAAMA,IAAqB,GAAG;AAC5B,cAAYC,qBADgB;AAE5B,uCAAqCC,4CAFT;AAG5B,iCAA+BC,sCAHH;AAI5B,mCAAiCC,wCAJL;AAK5B,qCAAmCC,0CALP;AAM5B,0BAAwBC,gCANI;AAO5B,6BAA2BC,mCAPC;AAQ5B,4BAA0BC,kCARE;AAS5B,kBAAgBC;AATY,CAA9B;;AAqBO,eAAeC,YAAf,CACLC,UADK,EACiBC,OADjB,EAEoB;AACzB,QAAMC,WAAW,GAAG,IAAIC,uCAAJ,CAA8BH,UAA9B,CAApB;AACA,SAAO,cAAIA,UAAJ,EAAgB,EACrB,GAAGC,OADkB;AAErBZ,IAAAA,IAFqB;AAGrBa,IAAAA;AAHqB,GAAhB,CAAP;AAKD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { \n OktaAuth,\n IdxOptions,\n IdxTransaction,\n} from '../types';\nimport { run, RemediationFlow } from './run';\nimport { \n Identify,\n IdentifyValues,\n SelectAuthenticatorAuthenticate,\n SelectAuthenticatorAuthenticateValues,\n ChallengeAuthenticator,\n ChallengeAuthenticatorValues,\n ReEnrollAuthenticator,\n ReEnrollAuthenticatorValues,\n RedirectIdp,\n AuthenticatorEnrollmentData,\n AuthenticatorEnrollmentDataValues,\n SelectAuthenticatorEnroll,\n SelectAuthenticatorEnrollValues,\n EnrollAuthenticator,\n EnrollAuthenticatorValues,\n AuthenticatorVerificationData,\n} from './remediators';\nimport { AuthenticationFlowMonitor } from './flowMonitors';\n\nconst flow: RemediationFlow = {\n 'identify': Identify,\n 'select-authenticator-authenticate': SelectAuthenticatorAuthenticate,\n 'select-authenticator-enroll': SelectAuthenticatorEnroll,\n 'authenticator-enrollment-data': AuthenticatorEnrollmentData,\n 'authenticator-verification-data': AuthenticatorVerificationData,\n 'enroll-authenticator': EnrollAuthenticator,\n 'challenge-authenticator': ChallengeAuthenticator,\n 'reenroll-authenticator': ReEnrollAuthenticator,\n 'redirect-idp': RedirectIdp\n};\n\nexport type AuthenticationOptions = IdxOptions \n & IdentifyValues \n & SelectAuthenticatorAuthenticateValues \n & SelectAuthenticatorEnrollValues\n & ChallengeAuthenticatorValues \n & ReEnrollAuthenticatorValues\n & AuthenticatorEnrollmentDataValues\n & EnrollAuthenticatorValues;\n\nexport async function authenticate(\n authClient: OktaAuth, options: AuthenticationOptions\n): Promise<IdxTransaction> {\n const flowMonitor = new AuthenticationFlowMonitor(authClient);\n return run(authClient, { \n ...options, \n flow,\n flowMonitor,\n });\n}\n"],"file":"authenticate.js"}
1
+ {"version":3,"sources":["../../../lib/idx/authenticate.ts"],"names":["authenticate","authClient","options","flowSpec"],"mappings":";;;;AAkBA;;AAUA;;AA5BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6BO,eAAeA,YAAf,CACLC,UADK,EACiBC,OADjB,EAEoB;AACzB,QAAMC,QAAQ,GAAG,gCAAqBF,UAArB,EAAiC,cAAjC,CAAjB;AACA,SAAO,cAAIA,UAAJ,EAAgB,EACrB,GAAGC,OADkB;AAErB,OAAGC;AAFkB,GAAhB,CAAP;AAID","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { \n OktaAuth,\n IdxOptions,\n IdxTransaction,\n} from '../types';\nimport { run } from './run';\nimport { \n IdentifyValues,\n SelectAuthenticatorAuthenticateValues,\n ChallengeAuthenticatorValues,\n ReEnrollAuthenticatorValues,\n AuthenticatorEnrollmentDataValues,\n SelectAuthenticatorEnrollValues,\n EnrollAuthenticatorValues,\n} from './remediators';\nimport { getFlowSpecification } from './flow';\n\nexport type AuthenticationOptions = IdxOptions \n & IdentifyValues \n & SelectAuthenticatorAuthenticateValues \n & SelectAuthenticatorEnrollValues\n & ChallengeAuthenticatorValues \n & ReEnrollAuthenticatorValues\n & AuthenticatorEnrollmentDataValues\n & EnrollAuthenticatorValues;\n\nexport async function authenticate(\n authClient: OktaAuth, options: AuthenticationOptions\n): Promise<IdxTransaction> {\n const flowSpec = getFlowSpecification(authClient, 'authenticate');\n return run(authClient, { \n ...options, \n ...flowSpec\n });\n}\n"],"file":"authenticate.js"}
package/cjs/idx/authenticator/Authenticator.js ADDED
@@ -0,0 +1,14 @@
1
+ "use strict";
2
+
3
+ exports.Authenticator = void 0;
4
+
5
+ class Authenticator {
6
+ constructor(authenticator) {
7
+ this.meta = authenticator;
8
+ } // TODO: add type
9
+
10
+
11
+ }
12
+
13
+ exports.Authenticator = Authenticator;
14
+ //# sourceMappingURL=Authenticator.js.map
package/cjs/idx/authenticator/Authenticator.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../../lib/idx/authenticator/Authenticator.ts"],"names":["Authenticator","constructor","authenticator","meta"],"mappings":";;;;AAQO,MAAeA,aAAf,CAA6B;AAGlCC,EAAAA,WAAW,CAACC,aAAD,EAAkC;AAC3C,SAAKC,IAAL,GAAYD,aAAZ;AACD,GALiC,CAWiC;;;AAXjC","sourcesContent":["import { RemediationValues } from '../remediators';\nimport { IdxAuthenticator, IdxRemediationValue } from '../types/idx-js';\n\n\nexport interface Credentials {\n [key: string]: string;\n}\n\nexport abstract class Authenticator {\n meta: IdxAuthenticator;\n\n constructor(authenticator: IdxAuthenticator) {\n this.meta = authenticator;\n }\n\n abstract canVerify(values: RemediationValues): boolean;\n\n abstract mapCredentials(values: RemediationValues): Credentials;\n\n abstract getInputs(idxRemediationValue: IdxRemediationValue): any; // TODO: add type\n}\n"],"file":"Authenticator.js"}