npm - @okta/okta-auth-js - Versions diffs - 5.7.0 → 5.10.0 - Mend

@okta/okta-auth-js 5.7.0 → 5.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (449) hide show

package/CHANGELOG.md +47 -0
package/README.md +12 -2
package/cjs/OktaAuth.js +88 -43
package/cjs/OktaAuth.js.map +1 -1
package/cjs/OktaUserAgent.js +2 -2
package/cjs/OktaUserAgent.js.map +1 -1
package/cjs/StorageManager.js +8 -0
package/cjs/StorageManager.js.map +1 -1
package/cjs/TokenManager.js +24 -2
package/cjs/TokenManager.js.map +1 -1
package/cjs/TransactionManager.js +24 -12
package/cjs/TransactionManager.js.map +1 -1
package/cjs/constants.js +3 -1
package/cjs/constants.js.map +1 -1
package/cjs/features.js +1 -1
package/cjs/features.js.map +1 -1
package/cjs/idx/authenticate.js +3 -18
package/cjs/idx/authenticate.js.map +1 -1
package/cjs/idx/authenticator/Authenticator.js +14 -0
package/cjs/idx/authenticator/Authenticator.js.map +1 -0
package/cjs/idx/authenticator/OktaPassword.js +31 -0
package/cjs/idx/authenticator/OktaPassword.js.map +1 -0
package/cjs/idx/authenticator/OktaVerifyTotp.js +17 -0
package/cjs/idx/authenticator/OktaVerifyTotp.js.map +1 -0
package/cjs/idx/authenticator/SecurityQuestionEnrollment.js +50 -0
package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map +1 -0
package/cjs/idx/authenticator/SecurityQuestionVerification.js +31 -0
package/cjs/idx/authenticator/SecurityQuestionVerification.js.map +1 -0
package/cjs/idx/authenticator/VerificationCodeAuthenticator.js +34 -0
package/cjs/idx/authenticator/VerificationCodeAuthenticator.js.map +1 -0
package/cjs/idx/authenticator/getAuthenticator.js +42 -0
package/cjs/idx/authenticator/getAuthenticator.js.map +1 -0
package/cjs/idx/authenticator/index.js +80 -0
package/cjs/idx/authenticator/index.js.map +1 -0
package/cjs/idx/cancel.js +5 -0
package/cjs/idx/cancel.js.map +1 -1
package/cjs/idx/flow/AuthenticationFlow.js +32 -0
package/cjs/idx/flow/AuthenticationFlow.js.map +1 -0
package/cjs/idx/flow/FlowSpecification.js +39 -0
package/cjs/idx/flow/FlowSpecification.js.map +1 -0
package/cjs/idx/flow/PasswordRecoveryFlow.js +28 -0
package/cjs/idx/flow/PasswordRecoveryFlow.js.map +1 -0
package/{esm/crypto/browser.js → cjs/idx/flow/RegistrationFlow.js} +16 -12
package/cjs/idx/flow/RegistrationFlow.js.map +1 -0
package/cjs/idx/flow/RemediationFlow.js +2 -0
package/{esm/types/Cookies.js.map → cjs/idx/flow/RemediationFlow.js.map} +1 -1
package/cjs/idx/flow/index.js +67 -0
package/cjs/idx/flow/index.js.map +1 -0
package/cjs/idx/index.js +39 -0
package/cjs/idx/index.js.map +1 -1
package/cjs/idx/interact.js +13 -4
package/cjs/idx/interact.js.map +1 -1
package/cjs/idx/introspect.js +24 -7
package/cjs/idx/introspect.js.map +1 -1
package/cjs/idx/poll.js +59 -0
package/cjs/idx/poll.js.map +1 -0
package/cjs/idx/proceed.js +49 -0
package/cjs/idx/proceed.js.map +1 -0
package/cjs/idx/recoverPassword.js +3 -17
package/cjs/idx/recoverPassword.js.map +1 -1
package/cjs/idx/register.js +22 -20
package/cjs/idx/register.js.map +1 -1
package/cjs/idx/remediate.js +61 -118
package/cjs/idx/remediate.js.map +1 -1
package/cjs/idx/remediators/AuthenticatorEnrollmentData.js +9 -12
package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
package/cjs/idx/remediators/AuthenticatorVerificationData.js +6 -9
package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
package/cjs/idx/remediators/Base/AuthenticatorData.js +43 -32
package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
package/cjs/idx/remediators/Base/Remediator.js +51 -20
package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
package/cjs/idx/remediators/Base/SelectAuthenticator.js +16 -16
package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
package/cjs/idx/remediators/Base/VerifyAuthenticator.js +8 -28
package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
package/{esm/idx/remediators/RedirectIdp.js → cjs/idx/remediators/ChallengePoll.js} +13 -25
package/cjs/idx/remediators/ChallengePoll.js.map +1 -0
package/cjs/idx/remediators/EnrollPoll.js +56 -0
package/cjs/idx/remediators/EnrollPoll.js.map +1 -0
package/cjs/idx/remediators/Identify.js +4 -36
package/cjs/idx/remediators/Identify.js.map +1 -1
package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js +23 -2
package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
package/cjs/idx/remediators/Skip.js +7 -0
package/cjs/idx/remediators/Skip.js.map +1 -1
package/cjs/idx/remediators/index.js +26 -0
package/cjs/idx/remediators/index.js.map +1 -1
package/cjs/idx/run.js +36 -16
package/cjs/idx/run.js.map +1 -1
package/cjs/idx/startTransaction.js +2 -0
package/cjs/idx/startTransaction.js.map +1 -1
package/cjs/idx/transactionMeta.js +77 -39
package/cjs/idx/transactionMeta.js.map +1 -1
package/cjs/idx/types/FlowIdentifier.js +2 -0
package/{esm/types/AuthState.js.map → cjs/idx/types/FlowIdentifier.js.map} +1 -1
package/cjs/idx/types/idx-js.js +5 -0
package/cjs/idx/types/idx-js.js.map +1 -1
package/cjs/idx/types/index.js +18 -1
package/cjs/idx/types/index.js.map +1 -1
package/cjs/oidc/endpoints/authorize.js +4 -1
package/cjs/oidc/endpoints/authorize.js.map +1 -1
package/cjs/oidc/getWithRedirect.js +2 -6
package/cjs/oidc/getWithRedirect.js.map +1 -1
package/cjs/oidc/util/loginRedirect.js +9 -5
package/cjs/oidc/util/loginRedirect.js.map +1 -1
package/cjs/oidc/util/urlParams.js +1 -1
package/cjs/oidc/util/urlParams.js.map +1 -1
package/cjs/options.js +12 -2
package/cjs/options.js.map +1 -1
package/cjs/server/serverStorage.js +2 -1
package/cjs/server/serverStorage.js.map +1 -1
package/cjs/types/Token.js.map +1 -1
package/cjs/types/Transaction.js.map +1 -1
package/{esm/clock.js → cjs/util/emailVerify.js} +14 -18
package/cjs/util/emailVerify.js.map +1 -0
package/cjs/util/index.js +13 -0
package/cjs/util/index.js.map +1 -1
package/dist/okta-auth-js.min.js +2 -74
package/dist/okta-auth-js.min.js.LICENSE.txt +32 -0
package/dist/okta-auth-js.min.js.map +1 -1
package/dist/okta-auth-js.polyfill.js +2 -18
package/{esm/crypto/webcrypto.js → dist/okta-auth-js.polyfill.js.LICENSE.txt} +8 -4
package/dist/okta-auth-js.polyfill.js.map +1 -1
package/dist/okta-auth-js.umd.js +2 -74
package/dist/okta-auth-js.umd.js.LICENSE.txt +32 -0
package/dist/okta-auth-js.umd.js.map +1 -1
package/esm/index.js +8580 -16
package/esm/index.js.map +1 -1
package/lib/OktaAuth.d.ts +6 -3
package/lib/StorageManager.d.ts +1 -0
package/lib/TokenManager.d.ts +2 -0
package/lib/TransactionManager.d.ts +5 -1
package/lib/constants.d.ts +1 -0
package/lib/crypto/base64.d.ts +2 -2
package/lib/crypto/oidcHash.d.ts +1 -1
package/lib/crypto/verifyToken.d.ts +1 -1
package/lib/idx/authenticator/Authenticator.d.ts +12 -0
package/lib/idx/authenticator/OktaPassword.d.ts +11 -0
package/lib/idx/authenticator/OktaVerifyTotp.d.ts +9 -0
package/lib/idx/authenticator/SecurityQuestionEnrollment.d.ts +28 -0
package/lib/idx/authenticator/SecurityQuestionVerification.d.ts +14 -0
package/lib/idx/authenticator/VerificationCodeAuthenticator.d.ts +10 -0
package/lib/idx/authenticator/getAuthenticator.d.ts +3 -0
package/lib/idx/authenticator/index.d.ts +6 -0
package/{esm/oidc/endpoints/index.js → lib/idx/flow/AuthenticationFlow.d.ts} +3 -5
package/lib/idx/flow/FlowSpecification.d.ts +8 -0
package/{esm/crypto/index.js → lib/idx/flow/PasswordRecoveryFlow.d.ts} +3 -6
package/{esm/tx/TransactionState.js → lib/idx/flow/RegistrationFlow.d.ts} +3 -3
package/lib/idx/flow/RemediationFlow.d.ts +13 -0
package/lib/idx/{flowMonitors → flow}/index.d.ts +5 -4
package/lib/idx/index.d.ts +3 -0
package/lib/idx/interact.d.ts +1 -0
package/lib/idx/introspect.d.ts +2 -1
package/lib/idx/poll.d.ts +13 -0
package/lib/idx/proceed.d.ts +21 -0
package/lib/idx/register.d.ts +1 -1
package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +9 -5
package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +0 -1
package/lib/idx/remediators/Base/AuthenticatorData.d.ts +8 -3
package/lib/idx/remediators/Base/Remediator.d.ts +9 -6
package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +5 -4
package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +8 -4
package/lib/idx/remediators/ChallengePoll.d.ts +15 -0
package/{esm/tx/util.js → lib/idx/remediators/EnrollPoll.d.ts} +11 -13
package/lib/idx/remediators/Identify.d.ts +1 -3
package/lib/idx/remediators/SelectAuthenticatorAuthenticate.d.ts +6 -2
package/lib/idx/remediators/Skip.d.ts +3 -0
package/lib/idx/remediators/index.d.ts +2 -0
package/lib/idx/run.d.ts +8 -9
package/lib/idx/transactionMeta.d.ts +28 -4
package/lib/idx/types/FlowIdentifier.d.ts +1 -0
package/lib/idx/types/idx-js.d.ts +53 -1
package/lib/idx/types/index.d.ts +18 -4
package/lib/oidc/util/loginRedirect.d.ts +1 -1
package/lib/types/OktaAuthOptions.d.ts +3 -0
package/lib/types/Token.d.ts +1 -0
package/lib/types/Transaction.d.ts +2 -0
package/lib/types/api.d.ts +15 -2
package/lib/{idx/flowMonitors/AuthenticationFlowMonitor.d.ts → util/emailVerify.d.ts} +5 -3
package/lib/util/index.d.ts +1 -0
package/package.json +22 -13
package/cjs/idx/flowMonitors/AuthenticationFlowMonitor.js +0 -45
package/cjs/idx/flowMonitors/AuthenticationFlowMonitor.js.map +0 -1
package/cjs/idx/flowMonitors/FlowMonitor.js +0 -69
package/cjs/idx/flowMonitors/FlowMonitor.js.map +0 -1
package/cjs/idx/flowMonitors/PasswordRecoveryFlowMonitor.js +0 -55
package/cjs/idx/flowMonitors/PasswordRecoveryFlowMonitor.js.map +0 -1
package/cjs/idx/flowMonitors/RegistrationFlowMonitor.js +0 -35
package/cjs/idx/flowMonitors/RegistrationFlowMonitor.js.map +0 -1
package/cjs/idx/flowMonitors/index.js +0 -54
package/cjs/idx/flowMonitors/index.js.map +0 -1
package/esm/AuthStateManager.js +0 -214
package/esm/AuthStateManager.js.map +0 -1
package/esm/OktaAuth.js +0 -681
package/esm/OktaAuth.js.map +0 -1
package/esm/OktaUserAgent.js +0 -49
package/esm/OktaUserAgent.js.map +0 -1
package/esm/PromiseQueue.js +0 -71
package/esm/PromiseQueue.js.map +0 -1
package/esm/SavedObject.js +0 -91
package/esm/SavedObject.js.map +0 -1
package/esm/StorageManager.js +0 -182
package/esm/StorageManager.js.map +0 -1
package/esm/TokenManager.js +0 -455
package/esm/TokenManager.js.map +0 -1
package/esm/TransactionManager.js +0 -316
package/esm/TransactionManager.js.map +0 -1
package/esm/browser/browserStorage.js +0 -256
package/esm/browser/browserStorage.js.map +0 -1
package/esm/browser/fingerprint.js +0 -74
package/esm/browser/fingerprint.js.map +0 -1
package/esm/builderUtil.js +0 -56
package/esm/builderUtil.js.map +0 -1
package/esm/clock.js.map +0 -1
package/esm/constants.js +0 -35
package/esm/constants.js.map +0 -1
package/esm/crypto/base64.js +0 -66
package/esm/crypto/base64.js.map +0 -1
package/esm/crypto/browser.js.map +0 -1
package/esm/crypto/index.js.map +0 -1
package/esm/crypto/node.js +0 -54
package/esm/crypto/node.js.map +0 -1
package/esm/crypto/oidcHash.js +0 -27
package/esm/crypto/oidcHash.js.map +0 -1
package/esm/crypto/verifyToken.js +0 -39
package/esm/crypto/verifyToken.js.map +0 -1
package/esm/crypto/webcrypto.js.map +0 -1
package/esm/errors/AuthApiError.js +0 -30
package/esm/errors/AuthApiError.js.map +0 -1
package/esm/errors/AuthPollStopError.js +0 -20
package/esm/errors/AuthPollStopError.js.map +0 -1
package/esm/errors/AuthSdkError.js +0 -29
package/esm/errors/AuthSdkError.js.map +0 -1
package/esm/errors/CustomError.js +0 -21
package/esm/errors/CustomError.js.map +0 -1
package/esm/errors/OAuthError.js +0 -22
package/esm/errors/OAuthError.js.map +0 -1
package/esm/errors/index.js +0 -22
package/esm/errors/index.js.map +0 -1
package/esm/features.js +0 -64
package/esm/features.js.map +0 -1
package/esm/fetch/fetchRequest.js +0 -92
package/esm/fetch/fetchRequest.js.map +0 -1
package/esm/http/headers.js +0 -17
package/esm/http/headers.js.map +0 -1
package/esm/http/index.js +0 -3
package/esm/http/index.js.map +0 -1
package/esm/http/request.js +0 -145
package/esm/http/request.js.map +0 -1
package/esm/idx/authenticate.js +0 -47
package/esm/idx/authenticate.js.map +0 -1
package/esm/idx/cancel.js +0 -32
package/esm/idx/cancel.js.map +0 -1
package/esm/idx/flowMonitors/AuthenticationFlowMonitor.js +0 -41
package/esm/idx/flowMonitors/AuthenticationFlowMonitor.js.map +0 -1
package/esm/idx/flowMonitors/FlowMonitor.js +0 -73
package/esm/idx/flowMonitors/FlowMonitor.js.map +0 -1
package/esm/idx/flowMonitors/PasswordRecoveryFlowMonitor.js +0 -57
package/esm/idx/flowMonitors/PasswordRecoveryFlowMonitor.js.map +0 -1
package/esm/idx/flowMonitors/RegistrationFlowMonitor.js +0 -28
package/esm/idx/flowMonitors/RegistrationFlowMonitor.js.map +0 -1
package/esm/idx/flowMonitors/index.js +0 -16
package/esm/idx/flowMonitors/index.js.map +0 -1
package/esm/idx/handleInteractionCodeRedirect.js +0 -64
package/esm/idx/handleInteractionCodeRedirect.js.map +0 -1
package/esm/idx/headers.js +0 -39
package/esm/idx/headers.js.map +0 -1
package/esm/idx/index.js +0 -20
package/esm/idx/index.js.map +0 -1
package/esm/idx/interact.js +0 -83
package/esm/idx/interact.js.map +0 -1
package/esm/idx/introspect.js +0 -45
package/esm/idx/introspect.js.map +0 -1
package/esm/idx/recoverPassword.js +0 -46
package/esm/idx/recoverPassword.js.map +0 -1
package/esm/idx/register.js +0 -63
package/esm/idx/register.js.map +0 -1
package/esm/idx/remediate.js +0 -302
package/esm/idx/remediate.js.map +0 -1
package/esm/idx/remediators/AuthenticatorEnrollmentData.js +0 -68
package/esm/idx/remediators/AuthenticatorEnrollmentData.js.map +0 -1
package/esm/idx/remediators/AuthenticatorVerificationData.js +0 -66
package/esm/idx/remediators/AuthenticatorVerificationData.js.map +0 -1
package/esm/idx/remediators/Base/AuthenticatorData.js +0 -105
package/esm/idx/remediators/Base/AuthenticatorData.js.map +0 -1
package/esm/idx/remediators/Base/Remediator.js +0 -221
package/esm/idx/remediators/Base/Remediator.js.map +0 -1
package/esm/idx/remediators/Base/SelectAuthenticator.js +0 -140
package/esm/idx/remediators/Base/SelectAuthenticator.js.map +0 -1
package/esm/idx/remediators/Base/VerifyAuthenticator.js +0 -65
package/esm/idx/remediators/Base/VerifyAuthenticator.js.map +0 -1
package/esm/idx/remediators/ChallengeAuthenticator.js +0 -18
package/esm/idx/remediators/ChallengeAuthenticator.js.map +0 -1
package/esm/idx/remediators/EnrollAuthenticator.js +0 -18
package/esm/idx/remediators/EnrollAuthenticator.js.map +0 -1
package/esm/idx/remediators/EnrollProfile.js +0 -79
package/esm/idx/remediators/EnrollProfile.js.map +0 -1
package/esm/idx/remediators/Identify.js +0 -87
package/esm/idx/remediators/Identify.js.map +0 -1
package/esm/idx/remediators/ReEnrollAuthenticator.js +0 -45
package/esm/idx/remediators/ReEnrollAuthenticator.js.map +0 -1
package/esm/idx/remediators/RedirectIdp.js.map +0 -1
package/esm/idx/remediators/ResetAuthenticator.js +0 -18
package/esm/idx/remediators/ResetAuthenticator.js.map +0 -1
package/esm/idx/remediators/SelectAuthenticatorAuthenticate.js +0 -18
package/esm/idx/remediators/SelectAuthenticatorAuthenticate.js.map +0 -1
package/esm/idx/remediators/SelectAuthenticatorEnroll.js +0 -18
package/esm/idx/remediators/SelectAuthenticatorEnroll.js.map +0 -1
package/esm/idx/remediators/SelectEnrollProfile.js +0 -24
package/esm/idx/remediators/SelectEnrollProfile.js.map +0 -1
package/esm/idx/remediators/Skip.js +0 -23
package/esm/idx/remediators/Skip.js.map +0 -1
package/esm/idx/remediators/index.js +0 -26
package/esm/idx/remediators/index.js.map +0 -1
package/esm/idx/remediators/util.js +0 -35
package/esm/idx/remediators/util.js.map +0 -1
package/esm/idx/run.js +0 -201
package/esm/idx/run.js.map +0 -1
package/esm/idx/startTransaction.js +0 -27
package/esm/idx/startTransaction.js.map +0 -1
package/esm/idx/transactionMeta.js +0 -114
package/esm/idx/transactionMeta.js.map +0 -1
package/esm/idx/types/idx-js.js +0 -17
package/esm/idx/types/idx-js.js.map +0 -1
package/esm/idx/types/index.js +0 -44
package/esm/idx/types/index.js.map +0 -1
package/esm/oidc/decodeToken.js +0 -31
package/esm/oidc/decodeToken.js.map +0 -1
package/esm/oidc/endpoints/authorize.js +0 -61
package/esm/oidc/endpoints/authorize.js.map +0 -1
package/esm/oidc/endpoints/index.js.map +0 -1
package/esm/oidc/endpoints/token.js +0 -97
package/esm/oidc/endpoints/token.js.map +0 -1
package/esm/oidc/endpoints/well-known.js +0 -58
package/esm/oidc/endpoints/well-known.js.map +0 -1
package/esm/oidc/exchangeCodeForTokens.js +0 -69
package/esm/oidc/exchangeCodeForTokens.js.map +0 -1
package/esm/oidc/getToken.js +0 -180
package/esm/oidc/getToken.js.map +0 -1
package/esm/oidc/getUserInfo.js +0 -82
package/esm/oidc/getUserInfo.js.map +0 -1
package/esm/oidc/getWithPopup.js +0 -34
package/esm/oidc/getWithPopup.js.map +0 -1
package/esm/oidc/getWithRedirect.js +0 -65
package/esm/oidc/getWithRedirect.js.map +0 -1
package/esm/oidc/getWithoutPrompt.js +0 -29
package/esm/oidc/getWithoutPrompt.js.map +0 -1
package/esm/oidc/handleOAuthResponse.js +0 -148
package/esm/oidc/handleOAuthResponse.js.map +0 -1
package/esm/oidc/index.js +0 -29
package/esm/oidc/index.js.map +0 -1
package/esm/oidc/parseFromUrl.js +0 -144
package/esm/oidc/parseFromUrl.js.map +0 -1
package/esm/oidc/renewToken.js +0 -85
package/esm/oidc/renewToken.js.map +0 -1
package/esm/oidc/renewTokens.js +0 -74
package/esm/oidc/renewTokens.js.map +0 -1
package/esm/oidc/renewTokensWithRefresh.js +0 -55
package/esm/oidc/renewTokensWithRefresh.js.map +0 -1
package/esm/oidc/revokeToken.js +0 -57
package/esm/oidc/revokeToken.js.map +0 -1
package/esm/oidc/util/browser.js +0 -74
package/esm/oidc/util/browser.js.map +0 -1
package/esm/oidc/util/defaultTokenParams.js +0 -42
package/esm/oidc/util/defaultTokenParams.js.map +0 -1
package/esm/oidc/util/errors.js +0 -31
package/esm/oidc/util/errors.js.map +0 -1
package/esm/oidc/util/index.js +0 -25
package/esm/oidc/util/index.js.map +0 -1
package/esm/oidc/util/loginRedirect.js +0 -84
package/esm/oidc/util/loginRedirect.js.map +0 -1
package/esm/oidc/util/oauth.js +0 -70
package/esm/oidc/util/oauth.js.map +0 -1
package/esm/oidc/util/pkce.js +0 -55
package/esm/oidc/util/pkce.js.map +0 -1
package/esm/oidc/util/prepareTokenParams.js +0 -75
package/esm/oidc/util/prepareTokenParams.js.map +0 -1
package/esm/oidc/util/refreshToken.js +0 -24
package/esm/oidc/util/refreshToken.js.map +0 -1
package/esm/oidc/util/urlParams.js +0 -54
package/esm/oidc/util/urlParams.js.map +0 -1
package/esm/oidc/util/validateClaims.js +0 -53
package/esm/oidc/util/validateClaims.js.map +0 -1
package/esm/oidc/util/validateToken.js +0 -21
package/esm/oidc/util/validateToken.js.map +0 -1
package/esm/oidc/verifyToken.js +0 -78
package/esm/oidc/verifyToken.js.map +0 -1
package/esm/options.js +0 -134
package/esm/options.js.map +0 -1
package/esm/server/serverStorage.js +0 -110
package/esm/server/serverStorage.js.map +0 -1
package/esm/services/TokenService.js +0 -103
package/esm/services/TokenService.js.map +0 -1
package/esm/session.js +0 -81
package/esm/session.js.map +0 -1
package/esm/tx/AuthTransaction.js +0 -213
package/esm/tx/AuthTransaction.js.map +0 -1
package/esm/tx/TransactionState.js.map +0 -1
package/esm/tx/api.js +0 -87
package/esm/tx/api.js.map +0 -1
package/esm/tx/index.js +0 -18
package/esm/tx/index.js.map +0 -1
package/esm/tx/poll.js +0 -124
package/esm/tx/poll.js.map +0 -1
package/esm/tx/util.js.map +0 -1
package/esm/types/AuthState.js +0 -3
package/esm/types/Cookies.js +0 -3
package/esm/types/EventEmitter.js +0 -3
package/esm/types/EventEmitter.js.map +0 -1
package/esm/types/JWT.js +0 -3
package/esm/types/JWT.js.map +0 -1
package/esm/types/OAuth.js +0 -3
package/esm/types/OAuth.js.map +0 -1
package/esm/types/OktaAuthOptions.js +0 -3
package/esm/types/OktaAuthOptions.js.map +0 -1
package/esm/types/Storage.js +0 -3
package/esm/types/Storage.js.map +0 -1
package/esm/types/Token.js +0 -29
package/esm/types/Token.js.map +0 -1
package/esm/types/TokenManager.js +0 -3
package/esm/types/TokenManager.js.map +0 -1
package/esm/types/Transaction.js +0 -57
package/esm/types/Transaction.js.map +0 -1
package/esm/types/UserClaims.js +0 -3
package/esm/types/UserClaims.js.map +0 -1
package/esm/types/api.js +0 -3
package/esm/types/api.js.map +0 -1
package/esm/types/http.js +0 -3
package/esm/types/http.js.map +0 -1
package/esm/types/index.js +0 -27
package/esm/types/index.js.map +0 -1
package/esm/util/console.js +0 -53
package/esm/util/console.js.map +0 -1
package/esm/util/index.js +0 -17
package/esm/util/index.js.map +0 -1
package/esm/util/misc.js +0 -33
package/esm/util/misc.js.map +0 -1
package/esm/util/object.js +0 -117
package/esm/util/object.js.map +0 -1
package/esm/util/sharedStorage.js +0 -43
package/esm/util/sharedStorage.js.map +0 -1
package/esm/util/types.js +0 -27
package/esm/util/types.js.map +0 -1
package/esm/util/url.js +0 -64
package/esm/util/url.js.map +0 -1
package/lib/idx/flowMonitors/FlowMonitor.d.ts +0 -23
package/lib/idx/flowMonitors/PasswordRecoveryFlowMonitor.d.ts +0 -16
package/lib/idx/flowMonitors/RegistrationFlowMonitor.d.ts +0 -15

package/esm/oidc/getToken.js DELETED Viewed

@@ -1,180 +0,0 @@
-/* global document */
-/* eslint-disable complexity, max-statements */
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { getOAuthUrls, loadFrame } from './util';
-import AuthSdkError from '../errors/AuthSdkError';
-import { prepareTokenParams } from './util/prepareTokenParams';
-import { buildAuthorizeParams } from './endpoints/authorize';
-import { addPostMessageListener } from './util';
-import { handleOAuthResponse } from './handleOAuthResponse';
-/*
- * Retrieve an idToken from an Okta or a third party idp
- *
- * Two main flows:
- *
- *  1) Exchange a sessionToken for a token
- *
- *    Required:
- *      clientId: passed via the OktaAuth constructor or into getToken
- *      sessionToken: 'yourtoken'
- *
- *    Optional:
- *      redirectUri: defaults to window.location.href
- *      scopes: defaults to ['openid', 'email']
- *
- *    Forced:
- *      prompt: 'none'
- *      responseMode: 'okta_post_message'
- *      display: undefined
- *
- *  2) Get a token from an idp
- *
- *    Required:
- *      clientId: passed via the OktaAuth constructor or into getToken
- *
- *    Optional:
- *      redirectUri: defaults to window.location.href
- *      scopes: defaults to ['openid', 'email']
- *      idp: defaults to Okta as an idp
- *      prompt: no default. Pass 'none' to throw an error if user is not signed in
- *
- *    Forced:
- *      display: 'popup'
- *
- *  Only common optional params shown. Any OAuth parameters not explicitly forced are available to override
- *
- * @param {Object} oauthOptions
- * @param {String} [oauthOptions.clientId] ID of this client
- * @param {String} [oauthOptions.redirectUri] URI that the iframe or popup will go to once authenticated
- * @param {String[]} [oauthOptions.scopes] OAuth 2.0 scopes to request (openid must be specified)
- * @param {String} [oauthOptions.idp] ID of an external IdP to use for user authentication
- * @param {String} [oauthOptions.sessionToken] Bootstrap Session Token returned by the Okta Authentication API
- * @param {String} [oauthOptions.prompt] Determines whether the Okta login will be displayed on failure.
- *                                       Use 'none' to prevent this behavior
- *
- * @param {Object} options
- * @param {Integer} [options.timeout] Time in ms before the flow is automatically terminated. Defaults to 120000
- * @param {String} [options.popupTitle] Title dispayed in the popup.
- *                                      Defaults to 'External Identity Provider User Authentication'
- */
-export function getToken(sdk, options) {
-  if (arguments.length > 2) {
-    return Promise.reject(new AuthSdkError('As of version 3.0, "getToken" takes only a single set of options'));
-  }
-  options = options || {}; // window object cannot be serialized, save for later use
-  // TODO: move popup related params into a separate options object
-  var popupWindow = options.popupWindow;
-  options.popupWindow = undefined;
-  return prepareTokenParams(sdk, options).then(function (tokenParams) {
-    // Start overriding any options that don't make sense
-    var sessionTokenOverrides = {
-      prompt: 'none',
-      responseMode: 'okta_post_message',
-      display: null
-    };
-    var idpOverrides = {
-      display: 'popup'
-    };
-    if (options.sessionToken) {
-      Object.assign(tokenParams, sessionTokenOverrides);
-    } else if (options.idp) {
-      Object.assign(tokenParams, idpOverrides);
-    } // Use the query params to build the authorize url
-    var requestUrl, endpoint, urls; // Get authorizeUrl and issuer
-    urls = getOAuthUrls(sdk, tokenParams);
-    endpoint = options.codeVerifier ? urls.tokenUrl : urls.authorizeUrl;
-    requestUrl = endpoint + buildAuthorizeParams(tokenParams); // Determine the flow type
-    var flowType;
-    if (tokenParams.sessionToken || tokenParams.display === null) {
-      flowType = 'IFRAME';
-    } else if (tokenParams.display === 'popup') {
-      flowType = 'POPUP';
-    } else {
-      flowType = 'IMPLICIT';
-    } // Execute the flow type
-    switch (flowType) {
-      case 'IFRAME':
-        var iframePromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);
-        var iframeEl = loadFrame(requestUrl);
-        return iframePromise.then(function (res) {
-          return handleOAuthResponse(sdk, tokenParams, res, urls);
-        }).finally(function () {
-          if (document.body.contains(iframeEl)) {
-            iframeEl.parentElement.removeChild(iframeEl);
-          }
-        });
-      case 'POPUP':
-        var oauthPromise; // resolves with OAuth response
-        // Add listener on postMessage before window creation, so
-        // postMessage isn't triggered before we're listening
-        if (tokenParams.responseMode === 'okta_post_message') {
-          if (!sdk.features.isPopupPostMessageSupported()) {
-            throw new AuthSdkError('This browser doesn\'t have full postMessage support');
-          }
-          oauthPromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);
-        } // Redirect for authorization
-        // popupWindown can be null when popup is blocked
-        if (popupWindow) {
-          popupWindow.location.assign(requestUrl);
-        } // The popup may be closed without receiving an OAuth response. Setup a poller to monitor the window.
-        var popupPromise = new Promise(function (resolve, reject) {
-          var closePoller = setInterval(function () {
-            if (!popupWindow || popupWindow.closed) {
-              clearInterval(closePoller);
-              reject(new AuthSdkError('Unable to parse OAuth flow response'));
-            }
-          }, 100); // Proxy the OAuth promise results
-          oauthPromise.then(function (res) {
-            clearInterval(closePoller);
-            resolve(res);
-          }).catch(function (err) {
-            clearInterval(closePoller);
-            reject(err);
-          });
-        });
-        return popupPromise.then(function (res) {
-          return handleOAuthResponse(sdk, tokenParams, res, urls);
-        }).finally(function () {
-          if (popupWindow && !popupWindow.closed) {
-            popupWindow.close();
-          }
-        });
-      default:
-        throw new AuthSdkError('The full page redirect flow is not supported');
-    }
-  });
-}
-//# sourceMappingURL=getToken.js.map

package/esm/oidc/getToken.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../../../lib/oidc/getToken.ts"],"names":["getOAuthUrls","loadFrame","AuthSdkError","prepareTokenParams","buildAuthorizeParams","addPostMessageListener","handleOAuthResponse","getToken","sdk","options","arguments","length","Promise","reject","popupWindow","undefined","then","tokenParams","sessionTokenOverrides","prompt","responseMode","display","idpOverrides","sessionToken","Object","assign","idp","requestUrl","endpoint","urls","codeVerifier","tokenUrl","authorizeUrl","flowType","iframePromise","timeout","state","iframeEl","res","finally","document","body","contains","parentElement","removeChild","oauthPromise","features","isPopupPostMessageSupported","location","popupPromise","resolve","closePoller","setInterval","closed","clearInterval","catch","err","close"],"mappings":"AACA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SACEA,YADF,EAEEC,SAFF,QAGO,QAHP;AAKA,OAAOC,YAAP,MAAyB,wBAAzB;AAQA,SAASC,kBAAT,QAAmC,2BAAnC;AACA,SAASC,oBAAT,QAAqC,uBAArC;AACA,SAASC,sBAAT,QAAuC,QAAvC;AACA,SAASC,mBAAT,QAAoC,uBAApC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA,OAAO,SAASC,QAAT,CAAkBC,GAAlB,EAAiCC,OAAjC,EAAqE;AAC1E,MAAIC,SAAS,CAACC,MAAV,GAAmB,CAAvB,EAA0B;AACxB,WAAOC,OAAO,CAACC,MAAR,CAAe,IAAIX,YAAJ,CAAiB,kEAAjB,CAAf,CAAP;AACD;;AAEDO,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB,CAL0E,CAO1E;AACA;;AACA,MAAMK,WAAW,GAAGL,OAAO,CAACK,WAA5B;AACAL,EAAAA,OAAO,CAACK,WAAR,GAAsBC,SAAtB;AAEA,SAAOZ,kBAAkB,CAACK,GAAD,EAAMC,OAAN,CAAlB,CACJO,IADI,CACC,UAAUC,WAAV,EAAoC;AAExC;AACA,QAAIC,qBAAqB,GAAG;AAC1BC,MAAAA,MAAM,EAAE,MADkB;AAE1BC,MAAAA,YAAY,EAAE,mBAFY;AAG1BC,MAAAA,OAAO,EAAE;AAHiB,KAA5B;AAMA,QAAIC,YAAY,GAAG;AACjBD,MAAAA,OAAO,EAAE;AADQ,KAAnB;;AAIA,QAAIZ,OAAO,CAACc,YAAZ,EAA0B;AACxBC,MAAAA,MAAM,CAACC,MAAP,CAAcR,WAAd,EAA2BC,qBAA3B;AACD,KAFD,MAEO,IAAIT,OAAO,CAACiB,GAAZ,EAAiB;AACtBF,MAAAA,MAAM,CAACC,MAAP,CAAcR,WAAd,EAA2BK,YAA3B;AACD,KAjBuC,CAmBxC;;;AACA,QAAIK,UAAJ,EACEC,QADF,EAEEC,IAFF,CApBwC,CAwBxC;;AACAA,IAAAA,IAAI,GAAG7B,YAAY,CAACQ,GAAD,EAAMS,WAAN,CAAnB;AACAW,IAAAA,QAAQ,GAAGnB,OAAO,CAACqB,YAAR,GAAuBD,IAAI,CAACE,QAA5B,GAAuCF,IAAI,CAACG,YAAvD;AACAL,IAAAA,UAAU,GAAGC,QAAQ,GAAGxB,oBAAoB,CAACa,WAAD,CAA5C,CA3BwC,CA6BxC;;AACA,QAAIgB,QAAJ;;AACA,QAAIhB,WAAW,CAACM,YAAZ,IAA4BN,WAAW,CAACI,OAAZ,KAAwB,IAAxD,EAA8D;AAC5DY,MAAAA,QAAQ,GAAG,QAAX;AACD,KAFD,MAEO,IAAIhB,WAAW,CAACI,OAAZ,KAAwB,OAA5B,EAAqC;AAC1CY,MAAAA,QAAQ,GAAG,OAAX;AACD,KAFM,MAEA;AACLA,MAAAA,QAAQ,GAAG,UAAX;AACD,KArCuC,CAuCxC;;;AACA,YAAQA,QAAR;AACE,WAAK,QAAL;AACE,YAAIC,aAAa,GAAG7B,sBAAsB,CAACG,GAAD,EAAMC,OAAO,CAAC0B,OAAd,EAAuBlB,WAAW,CAACmB,KAAnC,CAA1C;AACA,YAAIC,QAAQ,GAAGpC,SAAS,CAAC0B,UAAD,CAAxB;AACA,eAAOO,aAAa,CACjBlB,IADI,CACC,UAAUsB,GAAV,EAAe;AACnB,iBAAOhC,mBAAmB,CAACE,GAAD,EAAMS,WAAN,EAAmBqB,GAAnB,EAAwBT,IAAxB,CAA1B;AACD,SAHI,EAIJU,OAJI,CAII,YAAY;AACnB,cAAIC,QAAQ,CAACC,IAAT,CAAcC,QAAd,CAAuBL,QAAvB,CAAJ,EAAsC;AACpCA,YAAAA,QAAQ,CAACM,aAAT,CAAuBC,WAAvB,CAAmCP,QAAnC;AACD;AACF,SARI,CAAP;;AAUF,WAAK,OAAL;AACE,YAAIQ,YAAJ,CADF,CACoB;AAElB;AACA;;AACA,YAAI5B,WAAW,CAACG,YAAZ,KAA6B,mBAAjC,EAAsD;AACpD,cAAI,CAACZ,GAAG,CAACsC,QAAJ,CAAaC,2BAAb,EAAL,EAAiD;AAC/C,kBAAM,IAAI7C,YAAJ,CAAiB,qDAAjB,CAAN;AACD;;AACD2C,UAAAA,YAAY,GAAGxC,sBAAsB,CAACG,GAAD,EAAMC,OAAO,CAAC0B,OAAd,EAAuBlB,WAAW,CAACmB,KAAnC,CAArC;AACD,SAVH,CAYE;AACA;;;AACA,YAAItB,WAAJ,EAAiB;AACfA,UAAAA,WAAW,CAACkC,QAAZ,CAAqBvB,MAArB,CAA4BE,UAA5B;AACD,SAhBH,CAkBE;;;AACA,YAAIsB,YAAY,GAAG,IAAIrC,OAAJ,CAAY,UAAUsC,OAAV,EAAmBrC,MAAnB,EAA2B;AACxD,cAAIsC,WAAW,GAAGC,WAAW,CAAC,YAAY;AACxC,gBAAI,CAACtC,WAAD,IAAgBA,WAAW,CAACuC,MAAhC,EAAwC;AACtCC,cAAAA,aAAa,CAACH,WAAD,CAAb;AACAtC,cAAAA,MAAM,CAAC,IAAIX,YAAJ,CAAiB,qCAAjB,CAAD,CAAN;AACD;AACF,WAL4B,EAK1B,GAL0B,CAA7B,CADwD,CAQxD;;AACA2C,UAAAA,YAAY,CACT7B,IADH,CACQ,UAAUsB,GAAV,EAAe;AACnBgB,YAAAA,aAAa,CAACH,WAAD,CAAb;AACAD,YAAAA,OAAO,CAACZ,GAAD,CAAP;AACD,WAJH,EAKGiB,KALH,CAKS,UAAUC,GAAV,EAAe;AACpBF,YAAAA,aAAa,CAACH,WAAD,CAAb;AACAtC,YAAAA,MAAM,CAAC2C,GAAD,CAAN;AACD,WARH;AASD,SAlBkB,CAAnB;AAoBA,eAAOP,YAAY,CAChBjC,IADI,CACC,UAAUsB,GAAV,EAAe;AACnB,iBAAOhC,mBAAmB,CAACE,GAAD,EAAMS,WAAN,EAAmBqB,GAAnB,EAAwBT,IAAxB,CAA1B;AACD,SAHI,EAIJU,OAJI,CAII,YAAY;AACnB,cAAIzB,WAAW,IAAI,CAACA,WAAW,CAACuC,MAAhC,EAAwC;AACtCvC,YAAAA,WAAW,CAAC2C,KAAZ;AACD;AACF,SARI,CAAP;;AAUF;AACE,cAAM,IAAIvD,YAAJ,CAAiB,8CAAjB,CAAN;AAhEJ;AAkED,GA3GI,CAAP;AA4GD","sourcesContent":["\n/* global document */\n/* eslint-disable complexity, max-statements */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport {\n getOAuthUrls,\n loadFrame,\n} from './util';\n\nimport AuthSdkError from '../errors/AuthSdkError';\n\nimport {\n OktaAuth,\n TokenParams,\n PopupParams,\n} from '../types';\n\nimport { prepareTokenParams } from './util/prepareTokenParams';\nimport { buildAuthorizeParams } from './endpoints/authorize';\nimport { addPostMessageListener } from './util';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n/*\n * Retrieve an idToken from an Okta or a third party idp\n *\n * Two main flows:\n *\n * 1) Exchange a sessionToken for a token\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n * sessionToken: 'yourtoken'\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n *\n * Forced:\n * prompt: 'none'\n * responseMode: 'okta_post_message'\n * display: undefined\n *\n * 2) Get a token from an idp\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n * idp: defaults to Okta as an idp\n * prompt: no default. Pass 'none' to throw an error if user is not signed in\n *\n * Forced:\n * display: 'popup'\n *\n * Only common optional params shown. Any OAuth parameters not explicitly forced are available to override\n *\n * @param {Object} oauthOptions\n * @param {String} [oauthOptions.clientId] ID of this client\n * @param {String} [oauthOptions.redirectUri] URI that the iframe or popup will go to once authenticated\n * @param {String[]} [oauthOptions.scopes] OAuth 2.0 scopes to request (openid must be specified)\n * @param {String} [oauthOptions.idp] ID of an external IdP to use for user authentication\n * @param {String} [oauthOptions.sessionToken] Bootstrap Session Token returned by the Okta Authentication API\n * @param {String} [oauthOptions.prompt] Determines whether the Okta login will be displayed on failure.\n * Use 'none' to prevent this behavior\n *\n * @param {Object} options\n * @param {Integer} [options.timeout] Time in ms before the flow is automatically terminated. Defaults to 120000\n * @param {String} [options.popupTitle] Title dispayed in the popup.\n * Defaults to 'External Identity Provider User Authentication'\n */\nexport function getToken(sdk: OktaAuth, options: TokenParams & PopupParams) {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getToken\" takes only a single set of options'));\n }\n\n options = options || {};\n\n // window object cannot be serialized, save for later use\n // TODO: move popup related params into a separate options object\n const popupWindow = options.popupWindow;\n options.popupWindow = undefined;\n\n return prepareTokenParams(sdk, options)\n .then(function (tokenParams: TokenParams) {\n\n // Start overriding any options that don't make sense\n var sessionTokenOverrides = {\n prompt: 'none',\n responseMode: 'okta_post_message',\n display: null\n };\n\n var idpOverrides = {\n display: 'popup'\n };\n\n if (options.sessionToken) {\n Object.assign(tokenParams, sessionTokenOverrides);\n } else if (options.idp) {\n Object.assign(tokenParams, idpOverrides);\n }\n\n // Use the query params to build the authorize url\n var requestUrl,\n endpoint,\n urls;\n\n // Get authorizeUrl and issuer\n urls = getOAuthUrls(sdk, tokenParams);\n endpoint = options.codeVerifier ? urls.tokenUrl : urls.authorizeUrl;\n requestUrl = endpoint + buildAuthorizeParams(tokenParams);\n\n // Determine the flow type\n var flowType;\n if (tokenParams.sessionToken || tokenParams.display === null) {\n flowType = 'IFRAME';\n } else if (tokenParams.display === 'popup') {\n flowType = 'POPUP';\n } else {\n flowType = 'IMPLICIT';\n }\n\n // Execute the flow type\n switch (flowType) {\n case 'IFRAME':\n var iframePromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n var iframeEl = loadFrame(requestUrl);\n return iframePromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res, urls);\n })\n .finally(function () {\n if (document.body.contains(iframeEl)) {\n iframeEl.parentElement.removeChild(iframeEl);\n }\n });\n\n case 'POPUP':\n var oauthPromise; // resolves with OAuth response\n\n // Add listener on postMessage before window creation, so\n // postMessage isn't triggered before we're listening\n if (tokenParams.responseMode === 'okta_post_message') {\n if (!sdk.features.isPopupPostMessageSupported()) {\n throw new AuthSdkError('This browser doesn\\'t have full postMessage support');\n }\n oauthPromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n }\n\n // Redirect for authorization\n // popupWindown can be null when popup is blocked\n if (popupWindow) { \n popupWindow.location.assign(requestUrl);\n }\n\n // The popup may be closed without receiving an OAuth response. Setup a poller to monitor the window.\n var popupPromise = new Promise(function (resolve, reject) {\n var closePoller = setInterval(function () {\n if (!popupWindow || popupWindow.closed) {\n clearInterval(closePoller);\n reject(new AuthSdkError('Unable to parse OAuth flow response'));\n }\n }, 100);\n\n // Proxy the OAuth promise results\n oauthPromise\n .then(function (res) {\n clearInterval(closePoller);\n resolve(res);\n })\n .catch(function (err) {\n clearInterval(closePoller);\n reject(err);\n });\n });\n\n return popupPromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res, urls);\n })\n .finally(function () {\n if (popupWindow && !popupWindow.closed) {\n popupWindow.close();\n }\n });\n\n default:\n throw new AuthSdkError('The full page redirect flow is not supported');\n }\n });\n}"],"file":"getToken.js"}

package/esm/oidc/getUserInfo.js DELETED Viewed

@@ -1,82 +0,0 @@
-import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
-/* eslint-disable complexity */
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { isFunction } from '../util';
-import { AuthSdkError, OAuthError } from '../errors';
-import { httpRequest } from '../http';
-import { isAccessToken, isIDToken } from '../types';
-export function getUserInfo(_x, _x2, _x3) {
-  return _getUserInfo.apply(this, arguments);
-}
-function _getUserInfo() {
-  _getUserInfo = _asyncToGenerator(function* (sdk, accessTokenObject, idTokenObject) {
-    // If token objects were not passed, attempt to read from the TokenManager
-    if (!accessTokenObject) {
-      accessTokenObject = (yield sdk.tokenManager.getTokens()).accessToken;
-    }
-    if (!idTokenObject) {
-      idTokenObject = (yield sdk.tokenManager.getTokens()).idToken;
-    }
-    if (!accessTokenObject || !isAccessToken(accessTokenObject)) {
-      return Promise.reject(new AuthSdkError('getUserInfo requires an access token object'));
-    }
-    if (!idTokenObject || !isIDToken(idTokenObject)) {
-      return Promise.reject(new AuthSdkError('getUserInfo requires an ID token object'));
-    }
-    return httpRequest(sdk, {
-      url: accessTokenObject.userinfoUrl,
-      method: 'GET',
-      accessToken: accessTokenObject.accessToken
-    }).then(userInfo => {
-      // Only return the userinfo response if subjects match to mitigate token substitution attacks
-      if (userInfo.sub === idTokenObject.claims.sub) {
-        return userInfo;
-      }
-      return Promise.reject(new AuthSdkError('getUserInfo request was rejected due to token mismatch'));
-    }).catch(function (err) {
-      if (err.xhr && (err.xhr.status === 401 || err.xhr.status === 403)) {
-        var authenticateHeader;
-        if (err.xhr.headers && isFunction(err.xhr.headers.get) && err.xhr.headers.get('WWW-Authenticate')) {
-          authenticateHeader = err.xhr.headers.get('WWW-Authenticate');
-        } else if (isFunction(err.xhr.getResponseHeader)) {
-          authenticateHeader = err.xhr.getResponseHeader('WWW-Authenticate');
-        }
-        if (authenticateHeader) {
-          var errorMatches = authenticateHeader.match(/error="(.*?)"/) || [];
-          var errorDescriptionMatches = authenticateHeader.match(/error_description="(.*?)"/) || [];
-          var error = errorMatches[1];
-          var errorDescription = errorDescriptionMatches[1];
-          if (error && errorDescription) {
-            err = new OAuthError(error, errorDescription);
-          }
-        }
-      }
-      throw err;
-    });
-  });
-  return _getUserInfo.apply(this, arguments);
-}
-//# sourceMappingURL=getUserInfo.js.map

package/esm/oidc/getUserInfo.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../../../lib/oidc/getUserInfo.ts"],"names":["isFunction","AuthSdkError","OAuthError","httpRequest","isAccessToken","isIDToken","getUserInfo","sdk","accessTokenObject","idTokenObject","tokenManager","getTokens","accessToken","idToken","Promise","reject","url","userinfoUrl","method","then","userInfo","sub","claims","catch","err","xhr","status","authenticateHeader","headers","get","getResponseHeader","errorMatches","match","errorDescriptionMatches","error","errorDescription"],"mappings":";;AAAA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,UAAT,QAA2B,SAA3B;AACA,SAASC,YAAT,EAAuBC,UAAvB,QAAyC,WAAzC;AACA,SAASC,WAAT,QAA4B,SAA5B;AACA,SAA2CC,aAA3C,EAA0DC,SAA1D,QAA2E,UAA3E;AAEA,gBAAsBC,WAAtB;AAAA;AAAA;;;mCAAO,WAA2BC,GAA3B,EAAgCC,iBAAhC,EAAgEC,aAAhE,EAA6G;AAClH;AACA,QAAI,CAACD,iBAAL,EAAwB;AACtBA,MAAAA,iBAAiB,GAAG,OAAOD,GAAG,CAACG,YAAJ,CAAiBC,SAAjB,EAAP,EAAqCC,WAAzD;AACD;;AACD,QAAI,CAACH,aAAL,EAAoB;AAClBA,MAAAA,aAAa,GAAG,OAAOF,GAAG,CAACG,YAAJ,CAAiBC,SAAjB,EAAP,EAAqCE,OAArD;AACD;;AAED,QAAI,CAACL,iBAAD,IAAsB,CAACJ,aAAa,CAACI,iBAAD,CAAxC,EAA6D;AAC3D,aAAOM,OAAO,CAACC,MAAR,CAAe,IAAId,YAAJ,CAAiB,6CAAjB,CAAf,CAAP;AACD;;AAED,QAAI,CAACQ,aAAD,IAAkB,CAACJ,SAAS,CAACI,aAAD,CAAhC,EAAiD;AAC/C,aAAOK,OAAO,CAACC,MAAR,CAAe,IAAId,YAAJ,CAAiB,yCAAjB,CAAf,CAAP;AACD;;AAED,WAAOE,WAAW,CAACI,GAAD,EAAM;AACtBS,MAAAA,GAAG,EAAER,iBAAiB,CAACS,WADD;AAEtBC,MAAAA,MAAM,EAAE,KAFc;AAGtBN,MAAAA,WAAW,EAAEJ,iBAAiB,CAACI;AAHT,KAAN,CAAX,CAKJO,IALI,CAKCC,QAAQ,IAAI;AAChB;AACA,UAAIA,QAAQ,CAACC,GAAT,KAAiBZ,aAAa,CAACa,MAAd,CAAqBD,GAA1C,EAA+C;AAC7C,eAAOD,QAAP;AACD;;AACD,aAAON,OAAO,CAACC,MAAR,CAAe,IAAId,YAAJ,CAAiB,wDAAjB,CAAf,CAAP;AACD,KAXI,EAYJsB,KAZI,CAYE,UAAUC,GAAV,EAAe;AACpB,UAAIA,GAAG,CAACC,GAAJ,KAAYD,GAAG,CAACC,GAAJ,CAAQC,MAAR,KAAmB,GAAnB,IAA0BF,GAAG,CAACC,GAAJ,CAAQC,MAAR,KAAmB,GAAzD,CAAJ,EAAmE;AACjE,YAAIC,kBAAJ;;AACA,YAAIH,GAAG,CAACC,GAAJ,CAAQG,OAAR,IAAmB5B,UAAU,CAACwB,GAAG,CAACC,GAAJ,CAAQG,OAAR,CAAgBC,GAAjB,CAA7B,IAAsDL,GAAG,CAACC,GAAJ,CAAQG,OAAR,CAAgBC,GAAhB,CAAoB,kBAApB,CAA1D,EAAmG;AACjGF,UAAAA,kBAAkB,GAAGH,GAAG,CAACC,GAAJ,CAAQG,OAAR,CAAgBC,GAAhB,CAAoB,kBAApB,CAArB;AACD,SAFD,MAEO,IAAI7B,UAAU,CAACwB,GAAG,CAACC,GAAJ,CAAQK,iBAAT,CAAd,EAA2C;AAChDH,UAAAA,kBAAkB,GAAGH,GAAG,CAACC,GAAJ,CAAQK,iBAAR,CAA0B,kBAA1B,CAArB;AACD;;AACD,YAAIH,kBAAJ,EAAwB;AACtB,cAAII,YAAY,GAAGJ,kBAAkB,CAACK,KAAnB,CAAyB,eAAzB,KAA6C,EAAhE;AACA,cAAIC,uBAAuB,GAAGN,kBAAkB,CAACK,KAAnB,CAAyB,2BAAzB,KAAyD,EAAvF;AACA,cAAIE,KAAK,GAAGH,YAAY,CAAC,CAAD,CAAxB;AACA,cAAII,gBAAgB,GAAGF,uBAAuB,CAAC,CAAD,CAA9C;;AACA,cAAIC,KAAK,IAAIC,gBAAb,EAA+B;AAC7BX,YAAAA,GAAG,GAAG,IAAItB,UAAJ,CAAegC,KAAf,EAAsBC,gBAAtB,CAAN;AACD;AACF;AACF;;AACD,YAAMX,GAAN;AACD,KA/BI,CAAP;AAgCD,G","sourcesContent":["/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { isFunction } from '../util';\nimport { AuthSdkError, OAuthError } from '../errors';\nimport { httpRequest } from '../http';\nimport { AccessToken, IDToken, UserClaims, isAccessToken, isIDToken } from '../types';\n\nexport async function getUserInfo(sdk, accessTokenObject: AccessToken, idTokenObject: IDToken): Promise<UserClaims> {\n // If token objects were not passed, attempt to read from the TokenManager\n if (!accessTokenObject) {\n accessTokenObject = (await sdk.tokenManager.getTokens()).accessToken as AccessToken;\n }\n if (!idTokenObject) {\n idTokenObject = (await sdk.tokenManager.getTokens()).idToken as IDToken;\n }\n\n if (!accessTokenObject || !isAccessToken(accessTokenObject)) {\n return Promise.reject(new AuthSdkError('getUserInfo requires an access token object'));\n }\n\n if (!idTokenObject || !isIDToken(idTokenObject)) {\n return Promise.reject(new AuthSdkError('getUserInfo requires an ID token object'));\n }\n\n return httpRequest(sdk, {\n url: accessTokenObject.userinfoUrl,\n method: 'GET',\n accessToken: accessTokenObject.accessToken\n })\n .then(userInfo => {\n // Only return the userinfo response if subjects match to mitigate token substitution attacks\n if (userInfo.sub === idTokenObject.claims.sub) {\n return userInfo;\n }\n return Promise.reject(new AuthSdkError('getUserInfo request was rejected due to token mismatch'));\n })\n .catch(function (err) {\n if (err.xhr && (err.xhr.status === 401 || err.xhr.status === 403)) {\n var authenticateHeader;\n if (err.xhr.headers && isFunction(err.xhr.headers.get) && err.xhr.headers.get('WWW-Authenticate')) {\n authenticateHeader = err.xhr.headers.get('WWW-Authenticate');\n } else if (isFunction(err.xhr.getResponseHeader)) {\n authenticateHeader = err.xhr.getResponseHeader('WWW-Authenticate');\n }\n if (authenticateHeader) {\n var errorMatches = authenticateHeader.match(/error=\"(.*?)\"/) || [];\n var errorDescriptionMatches = authenticateHeader.match(/error_description=\"(.*?)\"/) || [];\n var error = errorMatches[1];\n var errorDescription = errorDescriptionMatches[1];\n if (error && errorDescription) {\n err = new OAuthError(error, errorDescription);\n }\n }\n }\n throw err;\n });\n}\n"],"file":"getUserInfo.js"}

package/esm/oidc/getWithPopup.js DELETED Viewed

@@ -1,34 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { AuthSdkError } from '../errors';
-import { clone } from '../util';
-import { getToken } from './getToken';
-import { loadPopup } from './util';
-export function getWithPopup(sdk, options) {
-  if (arguments.length > 2) {
-    return Promise.reject(new AuthSdkError('As of version 3.0, "getWithPopup" takes only a single set of options'));
-  } // some browsers (safari, firefox) block popup if it's initialed from an async process
-  // here we create the popup window immediately after user interaction
-  // then redirect to the /authorize endpoint when the requestUrl is available
-  var popupWindow = loadPopup('/', options);
-  options = clone(options) || {};
-  Object.assign(options, {
-    display: 'popup',
-    responseMode: 'okta_post_message',
-    popupWindow
-  });
-  return getToken(sdk, options);
-}
-//# sourceMappingURL=getWithPopup.js.map

package/esm/oidc/getWithPopup.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../../../lib/oidc/getWithPopup.ts"],"names":["AuthSdkError","clone","getToken","loadPopup","getWithPopup","sdk","options","arguments","length","Promise","reject","popupWindow","Object","assign","display","responseMode"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,YAAT,QAA6B,WAA7B;AAEA,SAASC,KAAT,QAAsB,SAAtB;AACA,SAASC,QAAT,QAAyB,YAAzB;AACA,SAASC,SAAT,QAA0B,QAA1B;AAEA,OAAO,SAASC,YAAT,CAAsBC,GAAtB,EAAqCC,OAArC,EAAmF;AACxF,MAAIC,SAAS,CAACC,MAAV,GAAmB,CAAvB,EAA0B;AACxB,WAAOC,OAAO,CAACC,MAAR,CAAe,IAAIV,YAAJ,CAAiB,sEAAjB,CAAf,CAAP;AACD,GAHuF,CAKxF;AACA;AACA;;;AACA,MAAMW,WAAW,GAAGR,SAAS,CAAC,GAAD,EAAMG,OAAN,CAA7B;AACAA,EAAAA,OAAO,GAAGL,KAAK,CAACK,OAAD,CAAL,IAAkB,EAA5B;AACAM,EAAAA,MAAM,CAACC,MAAP,CAAcP,OAAd,EAAuB;AACrBQ,IAAAA,OAAO,EAAE,OADY;AAErBC,IAAAA,YAAY,EAAE,mBAFO;AAGrBJ,IAAAA;AAHqB,GAAvB;AAKA,SAAOT,QAAQ,CAACG,GAAD,EAAMC,OAAN,CAAf;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { OktaAuth, TokenParams, TokenResponse } from '../types';\nimport { clone } from '../util';\nimport { getToken } from './getToken';\nimport { loadPopup } from './util';\n\nexport function getWithPopup(sdk: OktaAuth, options: TokenParams): Promise<TokenResponse> {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getWithPopup\" takes only a single set of options'));\n }\n\n // some browsers (safari, firefox) block popup if it's initialed from an async process\n // here we create the popup window immediately after user interaction\n // then redirect to the /authorize endpoint when the requestUrl is available\n const popupWindow = loadPopup('/', options);\n options = clone(options) || {};\n Object.assign(options, {\n display: 'popup',\n responseMode: 'okta_post_message',\n popupWindow\n });\n return getToken(sdk, options);\n}\n"],"file":"getWithPopup.js"}

package/esm/oidc/getWithRedirect.js DELETED Viewed

@@ -1,65 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { AuthSdkError } from '../errors';
-import { clone } from '../util';
-import { getOAuthUrls, prepareTokenParams } from './util';
-import { buildAuthorizeParams } from './endpoints/authorize';
-export function getWithRedirect(sdk, options) {
-  if (arguments.length > 2) {
-    return Promise.reject(new AuthSdkError('As of version 3.0, "getWithRedirect" takes only a single set of options'));
-  }
-  options = clone(options) || {};
-  return prepareTokenParams(sdk, options).then(function (tokenParams) {
-    var urls = getOAuthUrls(sdk, options);
-    var requestUrl = urls.authorizeUrl + buildAuthorizeParams(tokenParams);
-    var issuer = sdk.options.issuer; // Gather the values we want to save in the transaction
-    var {
-      responseType,
-      state,
-      nonce,
-      scopes,
-      clientId,
-      ignoreSignature,
-      redirectUri,
-      codeVerifier,
-      codeChallenge,
-      codeChallengeMethod
-    } = tokenParams; // Also store the originalUri (if any) in the transaction meta.
-    // This is needed to support continue flow in another tab.
-    var originalUri = sdk.getOriginalUri();
-    var oauthMeta = {
-      issuer,
-      responseType,
-      state,
-      nonce,
-      scopes,
-      clientId,
-      urls,
-      ignoreSignature,
-      redirectUri,
-      codeVerifier,
-      codeChallenge,
-      codeChallengeMethod,
-      originalUri
-    };
-    sdk.transactionManager.save(oauthMeta, {
-      oauth: true
-    });
-    sdk.token.getWithRedirect._setLocation(requestUrl);
-  });
-}
-//# sourceMappingURL=getWithRedirect.js.map

package/esm/oidc/getWithRedirect.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../../../lib/oidc/getWithRedirect.ts"],"names":["AuthSdkError","clone","getOAuthUrls","prepareTokenParams","buildAuthorizeParams","getWithRedirect","sdk","options","arguments","length","Promise","reject","then","tokenParams","urls","requestUrl","authorizeUrl","issuer","responseType","state","nonce","scopes","clientId","ignoreSignature","redirectUri","codeVerifier","codeChallenge","codeChallengeMethod","originalUri","getOriginalUri","oauthMeta","transactionManager","save","oauth","token","_setLocation"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,YAAT,QAA6B,WAA7B;AAEA,SAASC,KAAT,QAAsB,SAAtB;AACA,SAASC,YAAT,EAAuBC,kBAAvB,QAAiD,QAAjD;AACA,SAASC,oBAAT,QAAqC,uBAArC;AAEA,OAAO,SAASC,eAAT,CAAyBC,GAAzB,EAAwCC,OAAxC,EAA6E;AAClF,MAAIC,SAAS,CAACC,MAAV,GAAmB,CAAvB,EAA0B;AACxB,WAAOC,OAAO,CAACC,MAAR,CAAe,IAAIX,YAAJ,CAAiB,yEAAjB,CAAf,CAAP;AACD;;AAEDO,EAAAA,OAAO,GAAGN,KAAK,CAACM,OAAD,CAAL,IAAkB,EAA5B;AAEA,SAAOJ,kBAAkB,CAACG,GAAD,EAAMC,OAAN,CAAlB,CACJK,IADI,CACC,UAAUC,WAAV,EAAoC;AACxC,QAAMC,IAAI,GAAGZ,YAAY,CAACI,GAAD,EAAMC,OAAN,CAAzB;AACA,QAAMQ,UAAU,GAAGD,IAAI,CAACE,YAAL,GAAoBZ,oBAAoB,CAACS,WAAD,CAA3D;AACA,QAAMI,MAAM,GAAGX,GAAG,CAACC,OAAJ,CAAYU,MAA3B,CAHwC,CAKxC;;AACA,QAAM;AACJC,MAAAA,YADI;AAEJC,MAAAA,KAFI;AAGJC,MAAAA,KAHI;AAIJC,MAAAA,MAJI;AAKJC,MAAAA,QALI;AAMJC,MAAAA,eANI;AAOJC,MAAAA,WAPI;AAQJC,MAAAA,YARI;AASJC,MAAAA,aATI;AAUJC,MAAAA;AAVI,QAWFd,WAXJ,CANwC,CAmBxC;AACA;;AACA,QAAMe,WAAW,GAAGtB,GAAG,CAACuB,cAAJ,EAApB;AAEA,QAAMC,SAA0B,GAAG;AACjCb,MAAAA,MADiC;AAEjCC,MAAAA,YAFiC;AAGjCC,MAAAA,KAHiC;AAIjCC,MAAAA,KAJiC;AAKjCC,MAAAA,MALiC;AAMjCC,MAAAA,QANiC;AAOjCR,MAAAA,IAPiC;AAQjCS,MAAAA,eARiC;AASjCC,MAAAA,WATiC;AAUjCC,MAAAA,YAViC;AAWjCC,MAAAA,aAXiC;AAYjCC,MAAAA,mBAZiC;AAajCC,MAAAA;AAbiC,KAAnC;AAgBAtB,IAAAA,GAAG,CAACyB,kBAAJ,CAAuBC,IAAvB,CAA4BF,SAA5B,EAAuC;AAAEG,MAAAA,KAAK,EAAE;AAAT,KAAvC;;AACA3B,IAAAA,GAAG,CAAC4B,KAAJ,CAAU7B,eAAV,CAA0B8B,YAA1B,CAAuCpB,UAAvC;AACD,GA1CI,CAAP;AA2CD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { OktaAuth, TokenParams, TransactionMeta } from '../types';\nimport { clone } from '../util';\nimport { getOAuthUrls, prepareTokenParams } from './util';\nimport { buildAuthorizeParams } from './endpoints/authorize';\n\nexport function getWithRedirect(sdk: OktaAuth, options: TokenParams): Promise<void> {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getWithRedirect\" takes only a single set of options'));\n }\n\n options = clone(options) || {};\n\n return prepareTokenParams(sdk, options)\n .then(function (tokenParams: TokenParams) {\n const urls = getOAuthUrls(sdk, options);\n const requestUrl = urls.authorizeUrl + buildAuthorizeParams(tokenParams);\n const issuer = sdk.options.issuer;\n\n // Gather the values we want to save in the transaction\n const {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n ignoreSignature,\n redirectUri,\n codeVerifier,\n codeChallenge,\n codeChallengeMethod,\n } = tokenParams;\n\n // Also store the originalUri (if any) in the transaction meta.\n // This is needed to support continue flow in another tab.\n const originalUri = sdk.getOriginalUri();\n\n const oauthMeta: TransactionMeta = {\n issuer,\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature,\n redirectUri,\n codeVerifier,\n codeChallenge,\n codeChallengeMethod,\n originalUri,\n };\n\n sdk.transactionManager.save(oauthMeta, { oauth: true });\n sdk.token.getWithRedirect._setLocation(requestUrl);\n });\n}\n"],"file":"getWithRedirect.js"}

package/esm/oidc/getWithoutPrompt.js DELETED Viewed

@@ -1,29 +0,0 @@
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { AuthSdkError } from '../errors';
-import { clone } from '../util';
-import { getToken } from './getToken';
-export function getWithoutPrompt(sdk, options) {
-  if (arguments.length > 2) {
-    return Promise.reject(new AuthSdkError('As of version 3.0, "getWithoutPrompt" takes only a single set of options'));
-  }
-  options = clone(options) || {};
-  Object.assign(options, {
-    prompt: 'none',
-    responseMode: 'okta_post_message',
-    display: null
-  });
-  return getToken(sdk, options);
-}
-//# sourceMappingURL=getWithoutPrompt.js.map

package/esm/oidc/getWithoutPrompt.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../../../lib/oidc/getWithoutPrompt.ts"],"names":["AuthSdkError","clone","getToken","getWithoutPrompt","sdk","options","arguments","length","Promise","reject","Object","assign","prompt","responseMode","display"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,YAAT,QAA6B,WAA7B;AAEA,SAASC,KAAT,QAAsB,SAAtB;AACA,SAASC,QAAT,QAAyB,YAAzB;AAEA,OAAO,SAASC,gBAAT,CAA0BC,GAA1B,EAAyCC,OAAzC,EAAuF;AAC5F,MAAIC,SAAS,CAACC,MAAV,GAAmB,CAAvB,EAA0B;AACxB,WAAOC,OAAO,CAACC,MAAR,CAAe,IAAIT,YAAJ,CAAiB,0EAAjB,CAAf,CAAP;AACD;;AAEDK,EAAAA,OAAO,GAAGJ,KAAK,CAACI,OAAD,CAAL,IAAkB,EAA5B;AACAK,EAAAA,MAAM,CAACC,MAAP,CAAcN,OAAd,EAAuB;AACrBO,IAAAA,MAAM,EAAE,MADa;AAErBC,IAAAA,YAAY,EAAE,mBAFO;AAGrBC,IAAAA,OAAO,EAAE;AAHY,GAAvB;AAKA,SAAOZ,QAAQ,CAACE,GAAD,EAAMC,OAAN,CAAf;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { OktaAuth, TokenParams, TokenResponse } from '../types';\nimport { clone } from '../util';\nimport { getToken } from './getToken';\n\nexport function getWithoutPrompt(sdk: OktaAuth, options: TokenParams): Promise<TokenResponse> {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getWithoutPrompt\" takes only a single set of options'));\n }\n \n options = clone(options) || {};\n Object.assign(options, {\n prompt: 'none',\n responseMode: 'okta_post_message',\n display: null\n });\n return getToken(sdk, options);\n}\n\n"],"file":"getWithoutPrompt.js"}

package/esm/oidc/handleOAuthResponse.js DELETED Viewed

@@ -1,148 +0,0 @@
-/* eslint-disable complexity, max-statements */
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and limitations under the License.
- *
- */
-import { clone } from '../util';
-import { getOAuthUrls } from './util/oauth';
-import { AuthSdkError, OAuthError } from '../errors';
-import { exchangeCodeForTokens } from './exchangeCodeForTokens';
-import { verifyToken } from './verifyToken';
-import { getDefaultTokenParams } from '.';
-function validateResponse(res, oauthParams) {
-  if (res['error'] || res['error_description']) {
-    throw new OAuthError(res['error'], res['error_description']);
-  }
-  if (res.state !== oauthParams.state) {
-    throw new AuthSdkError('OAuth flow response state doesn\'t match request state');
-  }
-} // eslint-disable-next-line max-len
-export function handleOAuthResponse(sdk, tokenParams, res, urls) {
-  var pkce = sdk.options.pkce !== false; // The result contains an authorization_code and PKCE is enabled
-  // `exchangeCodeForTokens` will call /token then call `handleOauthResponse` recursively with the result
-  if (pkce && (res.code || res.interaction_code)) {
-    return exchangeCodeForTokens(sdk, Object.assign({}, tokenParams, {
-      authorizationCode: res.code,
-      interactionCode: res.interaction_code
-    }), urls);
-  }
-  tokenParams = tokenParams || getDefaultTokenParams(sdk);
-  urls = urls || getOAuthUrls(sdk, tokenParams);
-  var responseType = tokenParams.responseType;
-  if (!Array.isArray(responseType)) {
-    responseType = [responseType];
-  }
-  var scopes;
-  if (res.scope) {
-    scopes = res.scope.split(' ');
-  } else {
-    scopes = clone(tokenParams.scopes);
-  }
-  var clientId = tokenParams.clientId || sdk.options.clientId; // Handling the result from implicit flow or PKCE token exchange
-  return Promise.resolve().then(function () {
-    validateResponse(res, tokenParams);
-  }).then(function () {
-    var tokenDict = {};
-    var expiresIn = res.expires_in;
-    var tokenType = res.token_type;
-    var accessToken = res.access_token;
-    var idToken = res.id_token;
-    var refreshToken = res.refresh_token;
-    var now = Math.floor(Date.now() / 1000);
-    if (accessToken) {
-      var accessJwt = sdk.token.decode(accessToken);
-      tokenDict.accessToken = {
-        accessToken: accessToken,
-        claims: accessJwt.payload,
-        expiresAt: Number(expiresIn) + now,
-        tokenType: tokenType,
-        scopes: scopes,
-        authorizeUrl: urls.authorizeUrl,
-        userinfoUrl: urls.userinfoUrl
-      };
-    }
-    if (refreshToken) {
-      tokenDict.refreshToken = {
-        refreshToken: refreshToken,
-        // should not be used, this is the accessToken expire time
-        // TODO: remove "expiresAt" in the next major version OKTA-407224
-        expiresAt: Number(expiresIn) + now,
-        scopes: scopes,
-        tokenUrl: urls.tokenUrl,
-        authorizeUrl: urls.authorizeUrl,
-        issuer: urls.issuer
-      };
-    }
-    if (idToken) {
-      var idJwt = sdk.token.decode(idToken);
-      var idTokenObj = {
-        idToken: idToken,
-        claims: idJwt.payload,
-        expiresAt: idJwt.payload.exp - idJwt.payload.iat + now,
-        // adjusting expiresAt to be in local time
-        scopes: scopes,
-        authorizeUrl: urls.authorizeUrl,
-        issuer: urls.issuer,
-        clientId: clientId
-      };
-      var validationParams = {
-        clientId: clientId,
-        issuer: urls.issuer,
-        nonce: tokenParams.nonce,
-        accessToken: accessToken
-      };
-      if (tokenParams.ignoreSignature !== undefined) {
-        validationParams.ignoreSignature = tokenParams.ignoreSignature;
-      }
-      return verifyToken(sdk, idTokenObj, validationParams).then(function () {
-        tokenDict.idToken = idTokenObj;
-        return tokenDict;
-      });
-    }
-    return tokenDict;
-  }).then(function (tokenDict) {
-    // Validate received tokens against requested response types
-    if (responseType.indexOf('token') !== -1 && !tokenDict.accessToken) {
-      // eslint-disable-next-line max-len
-      throw new AuthSdkError('Unable to parse OAuth flow response: response type "token" was requested but "access_token" was not returned.');
-    }
-    if (responseType.indexOf('id_token') !== -1 && !tokenDict.idToken) {
-      // eslint-disable-next-line max-len
-      throw new AuthSdkError('Unable to parse OAuth flow response: response type "id_token" was requested but "id_token" was not returned.');
-    }
-    return {
-      tokens: tokenDict,
-      state: res.state,
-      code: res.code
-    };
-  });
-}
-//# sourceMappingURL=handleOAuthResponse.js.map

package/esm/oidc/handleOAuthResponse.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../../../lib/oidc/handleOAuthResponse.ts"],"names":["clone","getOAuthUrls","AuthSdkError","OAuthError","exchangeCodeForTokens","verifyToken","getDefaultTokenParams","validateResponse","res","oauthParams","state","handleOAuthResponse","sdk","tokenParams","urls","pkce","options","code","interaction_code","Object","assign","authorizationCode","interactionCode","responseType","Array","isArray","scopes","scope","split","clientId","Promise","resolve","then","tokenDict","expiresIn","expires_in","tokenType","token_type","accessToken","access_token","idToken","id_token","refreshToken","refresh_token","now","Math","floor","Date","accessJwt","token","decode","claims","payload","expiresAt","Number","authorizeUrl","userinfoUrl","tokenUrl","issuer","idJwt","idTokenObj","exp","iat","validationParams","nonce","ignoreSignature","undefined","indexOf","tokens"],"mappings":"AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,KAAT,QAAsB,SAAtB;AACA,SACEC,YADF,QAEO,cAFP;AAGA,SAASC,YAAT,EAAuBC,UAAvB,QAAyC,WAAzC;AAWA,SAASC,qBAAT,QAAsC,yBAAtC;AACA,SAASC,WAAT,QAA4B,eAA5B;AACA,SAASC,qBAAT,QAAsC,GAAtC;;AAEA,SAASC,gBAAT,CAA0BC,GAA1B,EAA8CC,WAA9C,EAAwE;AACtE,MAAID,GAAG,CAAC,OAAD,CAAH,IAAgBA,GAAG,CAAC,mBAAD,CAAvB,EAA8C;AAC5C,UAAM,IAAIL,UAAJ,CAAeK,GAAG,CAAC,OAAD,CAAlB,EAA6BA,GAAG,CAAC,mBAAD,CAAhC,CAAN;AACD;;AAED,MAAIA,GAAG,CAACE,KAAJ,KAAcD,WAAW,CAACC,KAA9B,EAAqC;AACnC,UAAM,IAAIR,YAAJ,CAAiB,wDAAjB,CAAN;AACD;AACF,C,CAED;;;AACA,OAAO,SAASS,mBAAT,CAA6BC,GAA7B,EAA4CC,WAA5C,EAAsEL,GAAtE,EAA0FM,IAA1F,EAAoI;AACzI,MAAIC,IAAI,GAAGH,GAAG,CAACI,OAAJ,CAAYD,IAAZ,KAAqB,KAAhC,CADyI,CAGzI;AACA;;AACA,MAAIA,IAAI,KAAKP,GAAG,CAACS,IAAJ,IAAYT,GAAG,CAACU,gBAArB,CAAR,EAAgD;AAC9C,WAAOd,qBAAqB,CAACQ,GAAD,EAAMO,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBP,WAAlB,EAA+B;AAC/DQ,MAAAA,iBAAiB,EAAEb,GAAG,CAACS,IADwC;AAE/DK,MAAAA,eAAe,EAAEd,GAAG,CAACU;AAF0C,KAA/B,CAAN,EAGxBJ,IAHwB,CAA5B;AAID;;AAEDD,EAAAA,WAAW,GAAGA,WAAW,IAAIP,qBAAqB,CAACM,GAAD,CAAlD;AACAE,EAAAA,IAAI,GAAGA,IAAI,IAAIb,YAAY,CAACW,GAAD,EAAMC,WAAN,CAA3B;AAEA,MAAIU,YAAY,GAAGV,WAAW,CAACU,YAA/B;;AACA,MAAI,CAACC,KAAK,CAACC,OAAN,CAAcF,YAAd,CAAL,EAAkC;AAChCA,IAAAA,YAAY,GAAG,CAACA,YAAD,CAAf;AACD;;AAED,MAAIG,MAAJ;;AACA,MAAIlB,GAAG,CAACmB,KAAR,EAAe;AACbD,IAAAA,MAAM,GAAGlB,GAAG,CAACmB,KAAJ,CAAUC,KAAV,CAAgB,GAAhB,CAAT;AACD,GAFD,MAEO;AACLF,IAAAA,MAAM,GAAG1B,KAAK,CAACa,WAAW,CAACa,MAAb,CAAd;AACD;;AACD,MAAIG,QAAQ,GAAGhB,WAAW,CAACgB,QAAZ,IAAwBjB,GAAG,CAACI,OAAJ,CAAYa,QAAnD,CA1ByI,CA4BzI;;AACA,SAAOC,OAAO,CAACC,OAAR,GACJC,IADI,CACC,YAAY;AAChBzB,IAAAA,gBAAgB,CAACC,GAAD,EAAMK,WAAN,CAAhB;AACD,GAHI,EAGFmB,IAHE,CAGG,YAAY;AAClB,QAAIC,SAAS,GAAG,EAAhB;AACA,QAAIC,SAAS,GAAG1B,GAAG,CAAC2B,UAApB;AACA,QAAIC,SAAS,GAAG5B,GAAG,CAAC6B,UAApB;AACA,QAAIC,WAAW,GAAG9B,GAAG,CAAC+B,YAAtB;AACA,QAAIC,OAAO,GAAGhC,GAAG,CAACiC,QAAlB;AACA,QAAIC,YAAY,GAAGlC,GAAG,CAACmC,aAAvB;AACA,QAAIC,GAAG,GAAGC,IAAI,CAACC,KAAL,CAAWC,IAAI,CAACH,GAAL,KAAW,IAAtB,CAAV;;AAEA,QAAIN,WAAJ,EAAiB;AACf,UAAIU,SAAS,GAAGpC,GAAG,CAACqC,KAAJ,CAAUC,MAAV,CAAiBZ,WAAjB,CAAhB;AACAL,MAAAA,SAAS,CAACK,WAAV,GAAwB;AACtBA,QAAAA,WAAW,EAAEA,WADS;AAEtBa,QAAAA,MAAM,EAAEH,SAAS,CAACI,OAFI;AAGtBC,QAAAA,SAAS,EAAEC,MAAM,CAACpB,SAAD,CAAN,GAAoBU,GAHT;AAItBR,QAAAA,SAAS,EAAEA,SAJW;AAKtBV,QAAAA,MAAM,EAAEA,MALc;AAMtB6B,QAAAA,YAAY,EAAEzC,IAAI,CAACyC,YANG;AAOtBC,QAAAA,WAAW,EAAE1C,IAAI,CAAC0C;AAPI,OAAxB;AASD;;AAED,QAAId,YAAJ,EAAkB;AAChBT,MAAAA,SAAS,CAACS,YAAV,GAAyB;AACvBA,QAAAA,YAAY,EAAEA,YADS;AAEvB;AACA;AACAW,QAAAA,SAAS,EAAEC,MAAM,CAACpB,SAAD,CAAN,GAAoBU,GAJR;AAKvBlB,QAAAA,MAAM,EAAEA,MALe;AAMvB+B,QAAAA,QAAQ,EAAE3C,IAAI,CAAC2C,QANQ;AAOvBF,QAAAA,YAAY,EAAEzC,IAAI,CAACyC,YAPI;AAQvBG,QAAAA,MAAM,EAAE5C,IAAI,CAAC4C;AARU,OAAzB;AAUD;;AAED,QAAIlB,OAAJ,EAAa;AACX,UAAImB,KAAK,GAAG/C,GAAG,CAACqC,KAAJ,CAAUC,MAAV,CAAiBV,OAAjB,CAAZ;AAEA,UAAIoB,UAAmB,GAAG;AACxBpB,QAAAA,OAAO,EAAEA,OADe;AAExBW,QAAAA,MAAM,EAAEQ,KAAK,CAACP,OAFU;AAGxBC,QAAAA,SAAS,EAAEM,KAAK,CAACP,OAAN,CAAcS,GAAd,GAAoBF,KAAK,CAACP,OAAN,CAAcU,GAAlC,GAAwClB,GAH3B;AAGgC;AACxDlB,QAAAA,MAAM,EAAEA,MAJgB;AAKxB6B,QAAAA,YAAY,EAAEzC,IAAI,CAACyC,YALK;AAMxBG,QAAAA,MAAM,EAAE5C,IAAI,CAAC4C,MANW;AAOxB7B,QAAAA,QAAQ,EAAEA;AAPc,OAA1B;AAUA,UAAIkC,gBAAmC,GAAG;AACxClC,QAAAA,QAAQ,EAAEA,QAD8B;AAExC6B,QAAAA,MAAM,EAAE5C,IAAI,CAAC4C,MAF2B;AAGxCM,QAAAA,KAAK,EAAEnD,WAAW,CAACmD,KAHqB;AAIxC1B,QAAAA,WAAW,EAAEA;AAJ2B,OAA1C;;AAOA,UAAIzB,WAAW,CAACoD,eAAZ,KAAgCC,SAApC,EAA+C;AAC7CH,QAAAA,gBAAgB,CAACE,eAAjB,GAAmCpD,WAAW,CAACoD,eAA/C;AACD;;AAED,aAAO5D,WAAW,CAACO,GAAD,EAAMgD,UAAN,EAAkBG,gBAAlB,CAAX,CACJ/B,IADI,CACC,YAAY;AAChBC,QAAAA,SAAS,CAACO,OAAV,GAAoBoB,UAApB;AACA,eAAO3B,SAAP;AACD,OAJI,CAAP;AAKD;;AAED,WAAOA,SAAP;AACD,GAtEI,EAuEJD,IAvEI,CAuEC,UAAUC,SAAV,EAAoC;AACxC;AACA,QAAIV,YAAY,CAAC4C,OAAb,CAAqB,OAArB,MAAkC,CAAC,CAAnC,IAAwC,CAAClC,SAAS,CAACK,WAAvD,EAAoE;AAClE;AACA,YAAM,IAAIpC,YAAJ,CAAiB,+GAAjB,CAAN;AACD;;AACD,QAAIqB,YAAY,CAAC4C,OAAb,CAAqB,UAArB,MAAqC,CAAC,CAAtC,IAA2C,CAAClC,SAAS,CAACO,OAA1D,EAAmE;AACjE;AACA,YAAM,IAAItC,YAAJ,CAAiB,8GAAjB,CAAN;AACD;;AAED,WAAO;AACLkE,MAAAA,MAAM,EAAEnC,SADH;AAELvB,MAAAA,KAAK,EAAEF,GAAG,CAACE,KAFN;AAGLO,MAAAA,IAAI,EAAET,GAAG,CAACS;AAHL,KAAP;AAKD,GAvFI,CAAP;AAwFD","sourcesContent":["\n/* eslint-disable complexity, max-statements */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { clone } from '../util';\nimport {\n getOAuthUrls,\n} from './util/oauth';\nimport { AuthSdkError, OAuthError } from '../errors';\nimport {\n OktaAuth,\n TokenVerifyParams,\n IDToken,\n OAuthResponse,\n TokenParams,\n TokenResponse,\n CustomUrls,\n Tokens,\n} from '../types';\nimport { exchangeCodeForTokens } from './exchangeCodeForTokens';\nimport { verifyToken } from './verifyToken';\nimport { getDefaultTokenParams } from '.';\n\nfunction validateResponse(res: OAuthResponse, oauthParams: TokenParams) {\n if (res['error'] || res['error_description']) {\n throw new OAuthError(res['error'], res['error_description']);\n }\n\n if (res.state !== oauthParams.state) {\n throw new AuthSdkError('OAuth flow response state doesn\\'t match request state');\n }\n}\n\n// eslint-disable-next-line max-len\nexport function handleOAuthResponse(sdk: OktaAuth, tokenParams: TokenParams, res: OAuthResponse, urls: CustomUrls): Promise<TokenResponse> {\n var pkce = sdk.options.pkce !== false;\n\n // The result contains an authorization_code and PKCE is enabled \n // `exchangeCodeForTokens` will call /token then call `handleOauthResponse` recursively with the result\n if (pkce && (res.code || res.interaction_code)) {\n return exchangeCodeForTokens(sdk, Object.assign({}, tokenParams, {\n authorizationCode: res.code,\n interactionCode: res.interaction_code\n }), urls);\n }\n\n tokenParams = tokenParams || getDefaultTokenParams(sdk);\n urls = urls || getOAuthUrls(sdk, tokenParams);\n\n var responseType = tokenParams.responseType;\n if (!Array.isArray(responseType)) {\n responseType = [responseType];\n }\n\n var scopes;\n if (res.scope) {\n scopes = res.scope.split(' ');\n } else {\n scopes = clone(tokenParams.scopes);\n }\n var clientId = tokenParams.clientId || sdk.options.clientId;\n\n // Handling the result from implicit flow or PKCE token exchange\n return Promise.resolve()\n .then(function () {\n validateResponse(res, tokenParams);\n }).then(function () {\n var tokenDict = {} as Tokens;\n var expiresIn = res.expires_in;\n var tokenType = res.token_type;\n var accessToken = res.access_token;\n var idToken = res.id_token;\n var refreshToken = res.refresh_token;\n var now = Math.floor(Date.now()/1000);\n\n if (accessToken) {\n var accessJwt = sdk.token.decode(accessToken);\n tokenDict.accessToken = {\n accessToken: accessToken,\n claims: accessJwt.payload,\n expiresAt: Number(expiresIn) + now,\n tokenType: tokenType,\n scopes: scopes,\n authorizeUrl: urls.authorizeUrl,\n userinfoUrl: urls.userinfoUrl\n };\n }\n\n if (refreshToken) {\n tokenDict.refreshToken = {\n refreshToken: refreshToken,\n // should not be used, this is the accessToken expire time\n // TODO: remove \"expiresAt\" in the next major version OKTA-407224\n expiresAt: Number(expiresIn) + now, \n scopes: scopes,\n tokenUrl: urls.tokenUrl,\n authorizeUrl: urls.authorizeUrl,\n issuer: urls.issuer,\n };\n }\n\n if (idToken) {\n var idJwt = sdk.token.decode(idToken);\n\n var idTokenObj: IDToken = {\n idToken: idToken,\n claims: idJwt.payload,\n expiresAt: idJwt.payload.exp - idJwt.payload.iat + now, // adjusting expiresAt to be in local time\n scopes: scopes,\n authorizeUrl: urls.authorizeUrl,\n issuer: urls.issuer,\n clientId: clientId\n };\n\n var validationParams: TokenVerifyParams = {\n clientId: clientId,\n issuer: urls.issuer,\n nonce: tokenParams.nonce,\n accessToken: accessToken\n };\n\n if (tokenParams.ignoreSignature !== undefined) {\n validationParams.ignoreSignature = tokenParams.ignoreSignature;\n }\n\n return verifyToken(sdk, idTokenObj, validationParams)\n .then(function () {\n tokenDict.idToken = idTokenObj;\n return tokenDict;\n });\n }\n\n return tokenDict;\n })\n .then(function (tokenDict): TokenResponse {\n // Validate received tokens against requested response types \n if (responseType.indexOf('token') !== -1 && !tokenDict.accessToken) {\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Unable to parse OAuth flow response: response type \"token\" was requested but \"access_token\" was not returned.');\n }\n if (responseType.indexOf('id_token') !== -1 && !tokenDict.idToken) {\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Unable to parse OAuth flow response: response type \"id_token\" was requested but \"id_token\" was not returned.');\n }\n\n return {\n tokens: tokenDict,\n state: res.state,\n code: res.code\n };\n });\n}"],"file":"handleOAuthResponse.js"}