@okta/okta-auth-js 5.7.0 → 5.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +47 -0
- package/README.md +12 -2
- package/cjs/OktaAuth.js +88 -43
- package/cjs/OktaAuth.js.map +1 -1
- package/cjs/OktaUserAgent.js +2 -2
- package/cjs/OktaUserAgent.js.map +1 -1
- package/cjs/StorageManager.js +8 -0
- package/cjs/StorageManager.js.map +1 -1
- package/cjs/TokenManager.js +24 -2
- package/cjs/TokenManager.js.map +1 -1
- package/cjs/TransactionManager.js +24 -12
- package/cjs/TransactionManager.js.map +1 -1
- package/cjs/constants.js +3 -1
- package/cjs/constants.js.map +1 -1
- package/cjs/features.js +1 -1
- package/cjs/features.js.map +1 -1
- package/cjs/idx/authenticate.js +3 -18
- package/cjs/idx/authenticate.js.map +1 -1
- package/cjs/idx/authenticator/Authenticator.js +14 -0
- package/cjs/idx/authenticator/Authenticator.js.map +1 -0
- package/cjs/idx/authenticator/OktaPassword.js +31 -0
- package/cjs/idx/authenticator/OktaPassword.js.map +1 -0
- package/cjs/idx/authenticator/OktaVerifyTotp.js +17 -0
- package/cjs/idx/authenticator/OktaVerifyTotp.js.map +1 -0
- package/cjs/idx/authenticator/SecurityQuestionEnrollment.js +50 -0
- package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map +1 -0
- package/cjs/idx/authenticator/SecurityQuestionVerification.js +31 -0
- package/cjs/idx/authenticator/SecurityQuestionVerification.js.map +1 -0
- package/cjs/idx/authenticator/VerificationCodeAuthenticator.js +34 -0
- package/cjs/idx/authenticator/VerificationCodeAuthenticator.js.map +1 -0
- package/cjs/idx/authenticator/getAuthenticator.js +42 -0
- package/cjs/idx/authenticator/getAuthenticator.js.map +1 -0
- package/cjs/idx/authenticator/index.js +80 -0
- package/cjs/idx/authenticator/index.js.map +1 -0
- package/cjs/idx/cancel.js +5 -0
- package/cjs/idx/cancel.js.map +1 -1
- package/cjs/idx/flow/AuthenticationFlow.js +32 -0
- package/cjs/idx/flow/AuthenticationFlow.js.map +1 -0
- package/cjs/idx/flow/FlowSpecification.js +39 -0
- package/cjs/idx/flow/FlowSpecification.js.map +1 -0
- package/cjs/idx/flow/PasswordRecoveryFlow.js +28 -0
- package/cjs/idx/flow/PasswordRecoveryFlow.js.map +1 -0
- package/{esm/crypto/browser.js → cjs/idx/flow/RegistrationFlow.js} +16 -12
- package/cjs/idx/flow/RegistrationFlow.js.map +1 -0
- package/cjs/idx/flow/RemediationFlow.js +2 -0
- package/{esm/types/Cookies.js.map → cjs/idx/flow/RemediationFlow.js.map} +1 -1
- package/cjs/idx/flow/index.js +67 -0
- package/cjs/idx/flow/index.js.map +1 -0
- package/cjs/idx/index.js +39 -0
- package/cjs/idx/index.js.map +1 -1
- package/cjs/idx/interact.js +13 -4
- package/cjs/idx/interact.js.map +1 -1
- package/cjs/idx/introspect.js +24 -7
- package/cjs/idx/introspect.js.map +1 -1
- package/cjs/idx/poll.js +59 -0
- package/cjs/idx/poll.js.map +1 -0
- package/cjs/idx/proceed.js +49 -0
- package/cjs/idx/proceed.js.map +1 -0
- package/cjs/idx/recoverPassword.js +3 -17
- package/cjs/idx/recoverPassword.js.map +1 -1
- package/cjs/idx/register.js +22 -20
- package/cjs/idx/register.js.map +1 -1
- package/cjs/idx/remediate.js +61 -118
- package/cjs/idx/remediate.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorEnrollmentData.js +9 -12
- package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorVerificationData.js +6 -9
- package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
- package/cjs/idx/remediators/Base/AuthenticatorData.js +43 -32
- package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
- package/cjs/idx/remediators/Base/Remediator.js +51 -20
- package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
- package/cjs/idx/remediators/Base/SelectAuthenticator.js +16 -16
- package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js +8 -28
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
- package/{esm/idx/remediators/RedirectIdp.js → cjs/idx/remediators/ChallengePoll.js} +13 -25
- package/cjs/idx/remediators/ChallengePoll.js.map +1 -0
- package/cjs/idx/remediators/EnrollPoll.js +56 -0
- package/cjs/idx/remediators/EnrollPoll.js.map +1 -0
- package/cjs/idx/remediators/Identify.js +4 -36
- package/cjs/idx/remediators/Identify.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js +23 -2
- package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
- package/cjs/idx/remediators/Skip.js +7 -0
- package/cjs/idx/remediators/Skip.js.map +1 -1
- package/cjs/idx/remediators/index.js +26 -0
- package/cjs/idx/remediators/index.js.map +1 -1
- package/cjs/idx/run.js +36 -16
- package/cjs/idx/run.js.map +1 -1
- package/cjs/idx/startTransaction.js +2 -0
- package/cjs/idx/startTransaction.js.map +1 -1
- package/cjs/idx/transactionMeta.js +77 -39
- package/cjs/idx/transactionMeta.js.map +1 -1
- package/cjs/idx/types/FlowIdentifier.js +2 -0
- package/{esm/types/AuthState.js.map → cjs/idx/types/FlowIdentifier.js.map} +1 -1
- package/cjs/idx/types/idx-js.js +5 -0
- package/cjs/idx/types/idx-js.js.map +1 -1
- package/cjs/idx/types/index.js +18 -1
- package/cjs/idx/types/index.js.map +1 -1
- package/cjs/oidc/endpoints/authorize.js +4 -1
- package/cjs/oidc/endpoints/authorize.js.map +1 -1
- package/cjs/oidc/getWithRedirect.js +2 -6
- package/cjs/oidc/getWithRedirect.js.map +1 -1
- package/cjs/oidc/util/loginRedirect.js +9 -5
- package/cjs/oidc/util/loginRedirect.js.map +1 -1
- package/cjs/oidc/util/urlParams.js +1 -1
- package/cjs/oidc/util/urlParams.js.map +1 -1
- package/cjs/options.js +12 -2
- package/cjs/options.js.map +1 -1
- package/cjs/server/serverStorage.js +2 -1
- package/cjs/server/serverStorage.js.map +1 -1
- package/cjs/types/Token.js.map +1 -1
- package/cjs/types/Transaction.js.map +1 -1
- package/{esm/clock.js → cjs/util/emailVerify.js} +14 -18
- package/cjs/util/emailVerify.js.map +1 -0
- package/cjs/util/index.js +13 -0
- package/cjs/util/index.js.map +1 -1
- package/dist/okta-auth-js.min.js +2 -74
- package/dist/okta-auth-js.min.js.LICENSE.txt +32 -0
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.polyfill.js +2 -18
- package/{esm/crypto/webcrypto.js → dist/okta-auth-js.polyfill.js.LICENSE.txt} +8 -4
- package/dist/okta-auth-js.polyfill.js.map +1 -1
- package/dist/okta-auth-js.umd.js +2 -74
- package/dist/okta-auth-js.umd.js.LICENSE.txt +32 -0
- package/dist/okta-auth-js.umd.js.map +1 -1
- package/esm/index.js +8580 -16
- package/esm/index.js.map +1 -1
- package/lib/OktaAuth.d.ts +6 -3
- package/lib/StorageManager.d.ts +1 -0
- package/lib/TokenManager.d.ts +2 -0
- package/lib/TransactionManager.d.ts +5 -1
- package/lib/constants.d.ts +1 -0
- package/lib/crypto/base64.d.ts +2 -2
- package/lib/crypto/oidcHash.d.ts +1 -1
- package/lib/crypto/verifyToken.d.ts +1 -1
- package/lib/idx/authenticator/Authenticator.d.ts +12 -0
- package/lib/idx/authenticator/OktaPassword.d.ts +11 -0
- package/lib/idx/authenticator/OktaVerifyTotp.d.ts +9 -0
- package/lib/idx/authenticator/SecurityQuestionEnrollment.d.ts +28 -0
- package/lib/idx/authenticator/SecurityQuestionVerification.d.ts +14 -0
- package/lib/idx/authenticator/VerificationCodeAuthenticator.d.ts +10 -0
- package/lib/idx/authenticator/getAuthenticator.d.ts +3 -0
- package/lib/idx/authenticator/index.d.ts +6 -0
- package/{esm/oidc/endpoints/index.js → lib/idx/flow/AuthenticationFlow.d.ts} +3 -5
- package/lib/idx/flow/FlowSpecification.d.ts +8 -0
- package/{esm/crypto/index.js → lib/idx/flow/PasswordRecoveryFlow.d.ts} +3 -6
- package/{esm/tx/TransactionState.js → lib/idx/flow/RegistrationFlow.d.ts} +3 -3
- package/lib/idx/flow/RemediationFlow.d.ts +13 -0
- package/lib/idx/{flowMonitors → flow}/index.d.ts +5 -4
- package/lib/idx/index.d.ts +3 -0
- package/lib/idx/interact.d.ts +1 -0
- package/lib/idx/introspect.d.ts +2 -1
- package/lib/idx/poll.d.ts +13 -0
- package/lib/idx/proceed.d.ts +21 -0
- package/lib/idx/register.d.ts +1 -1
- package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +9 -5
- package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +0 -1
- package/lib/idx/remediators/Base/AuthenticatorData.d.ts +8 -3
- package/lib/idx/remediators/Base/Remediator.d.ts +9 -6
- package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +5 -4
- package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +8 -4
- package/lib/idx/remediators/ChallengePoll.d.ts +15 -0
- package/{esm/tx/util.js → lib/idx/remediators/EnrollPoll.d.ts} +11 -13
- package/lib/idx/remediators/Identify.d.ts +1 -3
- package/lib/idx/remediators/SelectAuthenticatorAuthenticate.d.ts +6 -2
- package/lib/idx/remediators/Skip.d.ts +3 -0
- package/lib/idx/remediators/index.d.ts +2 -0
- package/lib/idx/run.d.ts +8 -9
- package/lib/idx/transactionMeta.d.ts +28 -4
- package/lib/idx/types/FlowIdentifier.d.ts +1 -0
- package/lib/idx/types/idx-js.d.ts +53 -1
- package/lib/idx/types/index.d.ts +18 -4
- package/lib/oidc/util/loginRedirect.d.ts +1 -1
- package/lib/types/OktaAuthOptions.d.ts +3 -0
- package/lib/types/Token.d.ts +1 -0
- package/lib/types/Transaction.d.ts +2 -0
- package/lib/types/api.d.ts +15 -2
- package/lib/{idx/flowMonitors/AuthenticationFlowMonitor.d.ts → util/emailVerify.d.ts} +5 -3
- package/lib/util/index.d.ts +1 -0
- package/package.json +22 -13
- package/cjs/idx/flowMonitors/AuthenticationFlowMonitor.js +0 -45
- package/cjs/idx/flowMonitors/AuthenticationFlowMonitor.js.map +0 -1
- package/cjs/idx/flowMonitors/FlowMonitor.js +0 -69
- package/cjs/idx/flowMonitors/FlowMonitor.js.map +0 -1
- package/cjs/idx/flowMonitors/PasswordRecoveryFlowMonitor.js +0 -55
- package/cjs/idx/flowMonitors/PasswordRecoveryFlowMonitor.js.map +0 -1
- package/cjs/idx/flowMonitors/RegistrationFlowMonitor.js +0 -35
- package/cjs/idx/flowMonitors/RegistrationFlowMonitor.js.map +0 -1
- package/cjs/idx/flowMonitors/index.js +0 -54
- package/cjs/idx/flowMonitors/index.js.map +0 -1
- package/esm/AuthStateManager.js +0 -214
- package/esm/AuthStateManager.js.map +0 -1
- package/esm/OktaAuth.js +0 -681
- package/esm/OktaAuth.js.map +0 -1
- package/esm/OktaUserAgent.js +0 -49
- package/esm/OktaUserAgent.js.map +0 -1
- package/esm/PromiseQueue.js +0 -71
- package/esm/PromiseQueue.js.map +0 -1
- package/esm/SavedObject.js +0 -91
- package/esm/SavedObject.js.map +0 -1
- package/esm/StorageManager.js +0 -182
- package/esm/StorageManager.js.map +0 -1
- package/esm/TokenManager.js +0 -455
- package/esm/TokenManager.js.map +0 -1
- package/esm/TransactionManager.js +0 -316
- package/esm/TransactionManager.js.map +0 -1
- package/esm/browser/browserStorage.js +0 -256
- package/esm/browser/browserStorage.js.map +0 -1
- package/esm/browser/fingerprint.js +0 -74
- package/esm/browser/fingerprint.js.map +0 -1
- package/esm/builderUtil.js +0 -56
- package/esm/builderUtil.js.map +0 -1
- package/esm/clock.js.map +0 -1
- package/esm/constants.js +0 -35
- package/esm/constants.js.map +0 -1
- package/esm/crypto/base64.js +0 -66
- package/esm/crypto/base64.js.map +0 -1
- package/esm/crypto/browser.js.map +0 -1
- package/esm/crypto/index.js.map +0 -1
- package/esm/crypto/node.js +0 -54
- package/esm/crypto/node.js.map +0 -1
- package/esm/crypto/oidcHash.js +0 -27
- package/esm/crypto/oidcHash.js.map +0 -1
- package/esm/crypto/verifyToken.js +0 -39
- package/esm/crypto/verifyToken.js.map +0 -1
- package/esm/crypto/webcrypto.js.map +0 -1
- package/esm/errors/AuthApiError.js +0 -30
- package/esm/errors/AuthApiError.js.map +0 -1
- package/esm/errors/AuthPollStopError.js +0 -20
- package/esm/errors/AuthPollStopError.js.map +0 -1
- package/esm/errors/AuthSdkError.js +0 -29
- package/esm/errors/AuthSdkError.js.map +0 -1
- package/esm/errors/CustomError.js +0 -21
- package/esm/errors/CustomError.js.map +0 -1
- package/esm/errors/OAuthError.js +0 -22
- package/esm/errors/OAuthError.js.map +0 -1
- package/esm/errors/index.js +0 -22
- package/esm/errors/index.js.map +0 -1
- package/esm/features.js +0 -64
- package/esm/features.js.map +0 -1
- package/esm/fetch/fetchRequest.js +0 -92
- package/esm/fetch/fetchRequest.js.map +0 -1
- package/esm/http/headers.js +0 -17
- package/esm/http/headers.js.map +0 -1
- package/esm/http/index.js +0 -3
- package/esm/http/index.js.map +0 -1
- package/esm/http/request.js +0 -145
- package/esm/http/request.js.map +0 -1
- package/esm/idx/authenticate.js +0 -47
- package/esm/idx/authenticate.js.map +0 -1
- package/esm/idx/cancel.js +0 -32
- package/esm/idx/cancel.js.map +0 -1
- package/esm/idx/flowMonitors/AuthenticationFlowMonitor.js +0 -41
- package/esm/idx/flowMonitors/AuthenticationFlowMonitor.js.map +0 -1
- package/esm/idx/flowMonitors/FlowMonitor.js +0 -73
- package/esm/idx/flowMonitors/FlowMonitor.js.map +0 -1
- package/esm/idx/flowMonitors/PasswordRecoveryFlowMonitor.js +0 -57
- package/esm/idx/flowMonitors/PasswordRecoveryFlowMonitor.js.map +0 -1
- package/esm/idx/flowMonitors/RegistrationFlowMonitor.js +0 -28
- package/esm/idx/flowMonitors/RegistrationFlowMonitor.js.map +0 -1
- package/esm/idx/flowMonitors/index.js +0 -16
- package/esm/idx/flowMonitors/index.js.map +0 -1
- package/esm/idx/handleInteractionCodeRedirect.js +0 -64
- package/esm/idx/handleInteractionCodeRedirect.js.map +0 -1
- package/esm/idx/headers.js +0 -39
- package/esm/idx/headers.js.map +0 -1
- package/esm/idx/index.js +0 -20
- package/esm/idx/index.js.map +0 -1
- package/esm/idx/interact.js +0 -83
- package/esm/idx/interact.js.map +0 -1
- package/esm/idx/introspect.js +0 -45
- package/esm/idx/introspect.js.map +0 -1
- package/esm/idx/recoverPassword.js +0 -46
- package/esm/idx/recoverPassword.js.map +0 -1
- package/esm/idx/register.js +0 -63
- package/esm/idx/register.js.map +0 -1
- package/esm/idx/remediate.js +0 -302
- package/esm/idx/remediate.js.map +0 -1
- package/esm/idx/remediators/AuthenticatorEnrollmentData.js +0 -68
- package/esm/idx/remediators/AuthenticatorEnrollmentData.js.map +0 -1
- package/esm/idx/remediators/AuthenticatorVerificationData.js +0 -66
- package/esm/idx/remediators/AuthenticatorVerificationData.js.map +0 -1
- package/esm/idx/remediators/Base/AuthenticatorData.js +0 -105
- package/esm/idx/remediators/Base/AuthenticatorData.js.map +0 -1
- package/esm/idx/remediators/Base/Remediator.js +0 -221
- package/esm/idx/remediators/Base/Remediator.js.map +0 -1
- package/esm/idx/remediators/Base/SelectAuthenticator.js +0 -140
- package/esm/idx/remediators/Base/SelectAuthenticator.js.map +0 -1
- package/esm/idx/remediators/Base/VerifyAuthenticator.js +0 -65
- package/esm/idx/remediators/Base/VerifyAuthenticator.js.map +0 -1
- package/esm/idx/remediators/ChallengeAuthenticator.js +0 -18
- package/esm/idx/remediators/ChallengeAuthenticator.js.map +0 -1
- package/esm/idx/remediators/EnrollAuthenticator.js +0 -18
- package/esm/idx/remediators/EnrollAuthenticator.js.map +0 -1
- package/esm/idx/remediators/EnrollProfile.js +0 -79
- package/esm/idx/remediators/EnrollProfile.js.map +0 -1
- package/esm/idx/remediators/Identify.js +0 -87
- package/esm/idx/remediators/Identify.js.map +0 -1
- package/esm/idx/remediators/ReEnrollAuthenticator.js +0 -45
- package/esm/idx/remediators/ReEnrollAuthenticator.js.map +0 -1
- package/esm/idx/remediators/RedirectIdp.js.map +0 -1
- package/esm/idx/remediators/ResetAuthenticator.js +0 -18
- package/esm/idx/remediators/ResetAuthenticator.js.map +0 -1
- package/esm/idx/remediators/SelectAuthenticatorAuthenticate.js +0 -18
- package/esm/idx/remediators/SelectAuthenticatorAuthenticate.js.map +0 -1
- package/esm/idx/remediators/SelectAuthenticatorEnroll.js +0 -18
- package/esm/idx/remediators/SelectAuthenticatorEnroll.js.map +0 -1
- package/esm/idx/remediators/SelectEnrollProfile.js +0 -24
- package/esm/idx/remediators/SelectEnrollProfile.js.map +0 -1
- package/esm/idx/remediators/Skip.js +0 -23
- package/esm/idx/remediators/Skip.js.map +0 -1
- package/esm/idx/remediators/index.js +0 -26
- package/esm/idx/remediators/index.js.map +0 -1
- package/esm/idx/remediators/util.js +0 -35
- package/esm/idx/remediators/util.js.map +0 -1
- package/esm/idx/run.js +0 -201
- package/esm/idx/run.js.map +0 -1
- package/esm/idx/startTransaction.js +0 -27
- package/esm/idx/startTransaction.js.map +0 -1
- package/esm/idx/transactionMeta.js +0 -114
- package/esm/idx/transactionMeta.js.map +0 -1
- package/esm/idx/types/idx-js.js +0 -17
- package/esm/idx/types/idx-js.js.map +0 -1
- package/esm/idx/types/index.js +0 -44
- package/esm/idx/types/index.js.map +0 -1
- package/esm/oidc/decodeToken.js +0 -31
- package/esm/oidc/decodeToken.js.map +0 -1
- package/esm/oidc/endpoints/authorize.js +0 -61
- package/esm/oidc/endpoints/authorize.js.map +0 -1
- package/esm/oidc/endpoints/index.js.map +0 -1
- package/esm/oidc/endpoints/token.js +0 -97
- package/esm/oidc/endpoints/token.js.map +0 -1
- package/esm/oidc/endpoints/well-known.js +0 -58
- package/esm/oidc/endpoints/well-known.js.map +0 -1
- package/esm/oidc/exchangeCodeForTokens.js +0 -69
- package/esm/oidc/exchangeCodeForTokens.js.map +0 -1
- package/esm/oidc/getToken.js +0 -180
- package/esm/oidc/getToken.js.map +0 -1
- package/esm/oidc/getUserInfo.js +0 -82
- package/esm/oidc/getUserInfo.js.map +0 -1
- package/esm/oidc/getWithPopup.js +0 -34
- package/esm/oidc/getWithPopup.js.map +0 -1
- package/esm/oidc/getWithRedirect.js +0 -65
- package/esm/oidc/getWithRedirect.js.map +0 -1
- package/esm/oidc/getWithoutPrompt.js +0 -29
- package/esm/oidc/getWithoutPrompt.js.map +0 -1
- package/esm/oidc/handleOAuthResponse.js +0 -148
- package/esm/oidc/handleOAuthResponse.js.map +0 -1
- package/esm/oidc/index.js +0 -29
- package/esm/oidc/index.js.map +0 -1
- package/esm/oidc/parseFromUrl.js +0 -144
- package/esm/oidc/parseFromUrl.js.map +0 -1
- package/esm/oidc/renewToken.js +0 -85
- package/esm/oidc/renewToken.js.map +0 -1
- package/esm/oidc/renewTokens.js +0 -74
- package/esm/oidc/renewTokens.js.map +0 -1
- package/esm/oidc/renewTokensWithRefresh.js +0 -55
- package/esm/oidc/renewTokensWithRefresh.js.map +0 -1
- package/esm/oidc/revokeToken.js +0 -57
- package/esm/oidc/revokeToken.js.map +0 -1
- package/esm/oidc/util/browser.js +0 -74
- package/esm/oidc/util/browser.js.map +0 -1
- package/esm/oidc/util/defaultTokenParams.js +0 -42
- package/esm/oidc/util/defaultTokenParams.js.map +0 -1
- package/esm/oidc/util/errors.js +0 -31
- package/esm/oidc/util/errors.js.map +0 -1
- package/esm/oidc/util/index.js +0 -25
- package/esm/oidc/util/index.js.map +0 -1
- package/esm/oidc/util/loginRedirect.js +0 -84
- package/esm/oidc/util/loginRedirect.js.map +0 -1
- package/esm/oidc/util/oauth.js +0 -70
- package/esm/oidc/util/oauth.js.map +0 -1
- package/esm/oidc/util/pkce.js +0 -55
- package/esm/oidc/util/pkce.js.map +0 -1
- package/esm/oidc/util/prepareTokenParams.js +0 -75
- package/esm/oidc/util/prepareTokenParams.js.map +0 -1
- package/esm/oidc/util/refreshToken.js +0 -24
- package/esm/oidc/util/refreshToken.js.map +0 -1
- package/esm/oidc/util/urlParams.js +0 -54
- package/esm/oidc/util/urlParams.js.map +0 -1
- package/esm/oidc/util/validateClaims.js +0 -53
- package/esm/oidc/util/validateClaims.js.map +0 -1
- package/esm/oidc/util/validateToken.js +0 -21
- package/esm/oidc/util/validateToken.js.map +0 -1
- package/esm/oidc/verifyToken.js +0 -78
- package/esm/oidc/verifyToken.js.map +0 -1
- package/esm/options.js +0 -134
- package/esm/options.js.map +0 -1
- package/esm/server/serverStorage.js +0 -110
- package/esm/server/serverStorage.js.map +0 -1
- package/esm/services/TokenService.js +0 -103
- package/esm/services/TokenService.js.map +0 -1
- package/esm/session.js +0 -81
- package/esm/session.js.map +0 -1
- package/esm/tx/AuthTransaction.js +0 -213
- package/esm/tx/AuthTransaction.js.map +0 -1
- package/esm/tx/TransactionState.js.map +0 -1
- package/esm/tx/api.js +0 -87
- package/esm/tx/api.js.map +0 -1
- package/esm/tx/index.js +0 -18
- package/esm/tx/index.js.map +0 -1
- package/esm/tx/poll.js +0 -124
- package/esm/tx/poll.js.map +0 -1
- package/esm/tx/util.js.map +0 -1
- package/esm/types/AuthState.js +0 -3
- package/esm/types/Cookies.js +0 -3
- package/esm/types/EventEmitter.js +0 -3
- package/esm/types/EventEmitter.js.map +0 -1
- package/esm/types/JWT.js +0 -3
- package/esm/types/JWT.js.map +0 -1
- package/esm/types/OAuth.js +0 -3
- package/esm/types/OAuth.js.map +0 -1
- package/esm/types/OktaAuthOptions.js +0 -3
- package/esm/types/OktaAuthOptions.js.map +0 -1
- package/esm/types/Storage.js +0 -3
- package/esm/types/Storage.js.map +0 -1
- package/esm/types/Token.js +0 -29
- package/esm/types/Token.js.map +0 -1
- package/esm/types/TokenManager.js +0 -3
- package/esm/types/TokenManager.js.map +0 -1
- package/esm/types/Transaction.js +0 -57
- package/esm/types/Transaction.js.map +0 -1
- package/esm/types/UserClaims.js +0 -3
- package/esm/types/UserClaims.js.map +0 -1
- package/esm/types/api.js +0 -3
- package/esm/types/api.js.map +0 -1
- package/esm/types/http.js +0 -3
- package/esm/types/http.js.map +0 -1
- package/esm/types/index.js +0 -27
- package/esm/types/index.js.map +0 -1
- package/esm/util/console.js +0 -53
- package/esm/util/console.js.map +0 -1
- package/esm/util/index.js +0 -17
- package/esm/util/index.js.map +0 -1
- package/esm/util/misc.js +0 -33
- package/esm/util/misc.js.map +0 -1
- package/esm/util/object.js +0 -117
- package/esm/util/object.js.map +0 -1
- package/esm/util/sharedStorage.js +0 -43
- package/esm/util/sharedStorage.js.map +0 -1
- package/esm/util/types.js +0 -27
- package/esm/util/types.js.map +0 -1
- package/esm/util/url.js +0 -64
- package/esm/util/url.js.map +0 -1
- package/lib/idx/flowMonitors/FlowMonitor.d.ts +0 -23
- package/lib/idx/flowMonitors/PasswordRecoveryFlowMonitor.d.ts +0 -16
- package/lib/idx/flowMonitors/RegistrationFlowMonitor.d.ts +0 -15
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/remediators/Skip.ts"],"names":["Skip","Remediator","
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/remediators/Skip.ts"],"names":["Skip","Remediator","skip","canRemediate","values"],"mappings":";;;;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AASO,MAAMA,IAAN,SAAmBC,sBAAnB,CAA8B;AAAA;AAAA;AAAA,+CAK7B;AACJC,MAAAA,IAAI,EAAE,CAAC,MAAD;AADF,KAL6B;AAAA;;AASnCC,EAAAA,YAAY,GAAG;AACb,WAAO,CAAC,CAAC,KAAKC,MAAL,CAAYF,IAArB;AACD;;AAXkC;;;8BAAxBF,I,qBACc,M","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Base/Remediator';\n\nexport interface SkipValues extends RemediationValues {\n skip?: boolean;\n}\n\nexport class Skip extends Remediator {\n static remediationName = 'skip';\n\n values: SkipValues;\n\n map = {\n skip: ['skip']\n }\n\n canRemediate() {\n return !!this.values.skip;\n }\n\n}\n"],"file":"Skip.js"}
|
|
@@ -26,6 +26,19 @@ Object.keys(_EnrollAuthenticator).forEach(function (key) {
|
|
|
26
26
|
});
|
|
27
27
|
});
|
|
28
28
|
|
|
29
|
+
var _EnrollPoll = require("./EnrollPoll");
|
|
30
|
+
|
|
31
|
+
Object.keys(_EnrollPoll).forEach(function (key) {
|
|
32
|
+
if (key === "default" || key === "__esModule") return;
|
|
33
|
+
if (key in exports && exports[key] === _EnrollPoll[key]) return;
|
|
34
|
+
Object.defineProperty(exports, key, {
|
|
35
|
+
enumerable: true,
|
|
36
|
+
get: function () {
|
|
37
|
+
return _EnrollPoll[key];
|
|
38
|
+
}
|
|
39
|
+
});
|
|
40
|
+
});
|
|
41
|
+
|
|
29
42
|
var _ChallengeAuthenticator = require("./ChallengeAuthenticator");
|
|
30
43
|
|
|
31
44
|
Object.keys(_ChallengeAuthenticator).forEach(function (key) {
|
|
@@ -39,6 +52,19 @@ Object.keys(_ChallengeAuthenticator).forEach(function (key) {
|
|
|
39
52
|
});
|
|
40
53
|
});
|
|
41
54
|
|
|
55
|
+
var _ChallengePoll = require("./ChallengePoll");
|
|
56
|
+
|
|
57
|
+
Object.keys(_ChallengePoll).forEach(function (key) {
|
|
58
|
+
if (key === "default" || key === "__esModule") return;
|
|
59
|
+
if (key in exports && exports[key] === _ChallengePoll[key]) return;
|
|
60
|
+
Object.defineProperty(exports, key, {
|
|
61
|
+
enumerable: true,
|
|
62
|
+
get: function () {
|
|
63
|
+
return _ChallengePoll[key];
|
|
64
|
+
}
|
|
65
|
+
});
|
|
66
|
+
});
|
|
67
|
+
|
|
42
68
|
var _ResetAuthenticator = require("./ResetAuthenticator");
|
|
43
69
|
|
|
44
70
|
Object.keys(_ResetAuthenticator).forEach(function (key) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/remediators/index.ts"],"names":[],"mappings":";;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './Base/Remediator';\nexport * from './EnrollAuthenticator';\nexport * from './ChallengeAuthenticator';\nexport * from './ResetAuthenticator';\nexport * from './EnrollProfile';\nexport * from './Identify';\nexport * from './ReEnrollAuthenticator';\nexport * from './RedirectIdp';\nexport * from './SelectAuthenticatorAuthenticate';\nexport * from './SelectAuthenticatorEnroll';\nexport * from './SelectEnrollProfile';\nexport * from './AuthenticatorVerificationData';\nexport * from './AuthenticatorEnrollmentData';\nexport * from './Skip';\n"],"file":"index.js"}
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/remediators/index.ts"],"names":[],"mappings":";;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './Base/Remediator';\nexport * from './EnrollAuthenticator';\nexport * from './EnrollPoll';\nexport * from './ChallengeAuthenticator';\nexport * from './ChallengePoll';\nexport * from './ResetAuthenticator';\nexport * from './EnrollProfile';\nexport * from './Identify';\nexport * from './ReEnrollAuthenticator';\nexport * from './RedirectIdp';\nexport * from './SelectAuthenticatorAuthenticate';\nexport * from './SelectAuthenticatorEnroll';\nexport * from './SelectEnrollProfile';\nexport * from './AuthenticatorVerificationData';\nexport * from './AuthenticatorEnrollmentData';\nexport * from './Skip';\n"],"file":"index.js"}
|
package/cjs/idx/run.js
CHANGED
|
@@ -10,10 +10,10 @@ var _remediate = require("./remediate");
|
|
|
10
10
|
|
|
11
11
|
var remediators = _interopRequireWildcard(require("./remediators"));
|
|
12
12
|
|
|
13
|
-
var _errors = require("../errors");
|
|
14
|
-
|
|
15
13
|
var _types = require("../types");
|
|
16
14
|
|
|
15
|
+
var _transactionMeta = require("./transactionMeta");
|
|
16
|
+
|
|
17
17
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
18
18
|
|
|
19
19
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
@@ -80,7 +80,7 @@ function getAvailableSteps(remediations) {
|
|
|
80
80
|
return res;
|
|
81
81
|
}
|
|
82
82
|
|
|
83
|
-
async function run(authClient, options) {
|
|
83
|
+
async function run(authClient, options = {}) {
|
|
84
84
|
let tokens;
|
|
85
85
|
let nextStep;
|
|
86
86
|
let messages;
|
|
@@ -90,19 +90,44 @@ async function run(authClient, options) {
|
|
|
90
90
|
let availableSteps;
|
|
91
91
|
let status = _types.IdxStatus.PENDING;
|
|
92
92
|
let shouldClearTransaction = false;
|
|
93
|
+
let idxResponse;
|
|
94
|
+
let interactionHandle;
|
|
95
|
+
let metaFromResp;
|
|
93
96
|
|
|
94
97
|
try {
|
|
95
|
-
|
|
98
|
+
var _metaFromResp;
|
|
99
|
+
|
|
96
100
|
const {
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
101
|
+
flow,
|
|
102
|
+
stateTokenExternalId,
|
|
103
|
+
state
|
|
104
|
+
} = options; // Only one flow can be operating at a time
|
|
105
|
+
|
|
106
|
+
if (flow) {
|
|
107
|
+
authClient.idx.setFlow(flow);
|
|
108
|
+
} // Try to resume saved transaction
|
|
109
|
+
|
|
100
110
|
|
|
101
|
-
|
|
102
|
-
|
|
111
|
+
metaFromResp = (0, _transactionMeta.getSavedTransactionMeta)(authClient, {
|
|
112
|
+
state
|
|
103
113
|
});
|
|
114
|
+
interactionHandle = (_metaFromResp = metaFromResp) === null || _metaFromResp === void 0 ? void 0 : _metaFromResp.interactionHandle; // may be undefined
|
|
104
115
|
|
|
105
|
-
if (!
|
|
116
|
+
if (!interactionHandle && !stateTokenExternalId) {
|
|
117
|
+
// start a new transaction
|
|
118
|
+
authClient.transactionManager.clear();
|
|
119
|
+
const interactResponse = await (0, _interact.interact)(authClient, options);
|
|
120
|
+
interactionHandle = interactResponse.interactionHandle;
|
|
121
|
+
metaFromResp = interactResponse.meta;
|
|
122
|
+
} // Introspect to get idx response
|
|
123
|
+
|
|
124
|
+
|
|
125
|
+
idxResponse = await (0, _introspect.introspect)(authClient, {
|
|
126
|
+
interactionHandle,
|
|
127
|
+
stateTokenExternalId
|
|
128
|
+
});
|
|
129
|
+
|
|
130
|
+
if (!options.remediators && !options.actions) {
|
|
106
131
|
// handle start transaction
|
|
107
132
|
meta = metaFromResp;
|
|
108
133
|
enabledFeatures = getEnabledFeatures(idxResponse);
|
|
@@ -136,12 +161,6 @@ async function run(authClient, options) {
|
|
|
136
161
|
status = _types.IdxStatus.CANCELED;
|
|
137
162
|
shouldClearTransaction = true;
|
|
138
163
|
} else if (idxResponseFromResp !== null && idxResponseFromResp !== void 0 && idxResponseFromResp.interactionCode) {
|
|
139
|
-
// Flows may end with interactionCode before the key remediation being hit
|
|
140
|
-
// Double check if flow is finished to mitigate confusion with the wrapper methods
|
|
141
|
-
if (!(await options.flowMonitor.isFinished())) {
|
|
142
|
-
throw new _errors.AuthSdkError('Current flow is not supported, check policy settings in your org.');
|
|
143
|
-
}
|
|
144
|
-
|
|
145
164
|
const {
|
|
146
165
|
clientId,
|
|
147
166
|
codeVerifier,
|
|
@@ -173,6 +192,7 @@ async function run(authClient, options) {
|
|
|
173
192
|
}
|
|
174
193
|
|
|
175
194
|
return {
|
|
195
|
+
_idxResponse: idxResponse,
|
|
176
196
|
status,
|
|
177
197
|
...(meta && {
|
|
178
198
|
meta
|
package/cjs/idx/run.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","getAvailableSteps","remediations","remediatorMap","Object","values","remediators","reduce","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","interactionHandle","metaFromResp","flow","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","transactionManager","saveIdxResponse","TERMINAL","CANCELED","interactionCode","flowMonitor","isFinished","AuthSdkError","clientId","codeVerifier","ignoreSignature","redirectUri","urls","scopes","token","exchangeCodeForTokens","SUCCESS","err","FAILURE","clear"],"mappings":";;;;AAcA;;AACA;;AACA;;AAEA;;AACA;;AACA;;;;;;AApBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAwBA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,SAAOT,GAAP;AACD;;AAED,SAASU,iBAAT,CAA2BC,YAA3B,EAAuE;AACrE,QAAMX,GAAG,GAAG,EAAZ;AAEA,QAAMY,aAAa,GAAGC,MAAM,CAACC,MAAP,CAAcC,WAAd,EAA2BC,MAA3B,CAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBT,YAAxB,EAAsC;AACpC,UAAMU,CAAC,GAAGT,aAAa,CAACQ,WAAW,CAACb,IAAb,CAAvB;;AACA,QAAIc,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACApB,MAAAA,GAAG,CAACG,IAAJ,CAAUmB,UAAU,CAACC,WAAX,EAAV;AACD;AACF;;AAED,SAAOvB,GAAP;AACD;;AAEM,eAAewB,GAAf,CACLC,UADK,EAELC,OAFK,EAGoB;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;;AAEA,MAAI;AACF;AACA,UAAM;AAAEC,MAAAA,iBAAF;AAAqBP,MAAAA,IAAI,EAAEQ;AAA3B,QAA4C,MAAM,wBAASd,UAAT,EAAqBC,OAArB,CAAxD,CAFE,CAIF;;AACA,UAAM3B,WAAW,GAAG,MAAM,4BAAW0B,UAAX,EAAuB;AAAEa,MAAAA;AAAF,KAAvB,CAA1B;;AAEA,QAAI,CAACZ,OAAO,CAACc,IAAT,IAAiB,CAACd,OAAO,CAACzB,OAA9B,EAAuC;AACrC;AACA8B,MAAAA,IAAI,GAAGQ,YAAP;AACAP,MAAAA,eAAe,GAAGlC,kBAAkB,CAACC,WAAD,CAApC;AACAkC,MAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAW,CAACG,eAAb,CAAlC;AACD,KALD,MAKO;AACL,YAAMY,MAAqC,GAAG,EAC5C,GAAGY,OADyC;AAE5Ce,QAAAA,WAAW,EAAE1C,WAAW,CAAC2C,WAAZ,CAAwBD;AAFO,OAA9C,CADK,CAML;;AACA,YAAM;AACJ1C,QAAAA,WAAW,EAAE4C,mBADT;AAEJf,QAAAA,QAAQ,EAAEgB,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJjB,QAAAA,QAAQ,EAAEkB;AALN,UAMF,MAAM,0BAAUhD,WAAV,EAAuBe,MAAvB,EAA+BY,OAA/B,CANV,CAPK,CAeL;;AACAE,MAAAA,QAAQ,GAAGgB,gBAAX;AACAf,MAAAA,QAAQ,GAAGkB,gBAAX,CAjBK,CAmBL;;AACA,UAAInB,QAAQ,IAAIe,mBAAhB,EAAqC;AACnClB,QAAAA,UAAU,CAACuB,kBAAX,CAA8BC,eAA9B,CAA8CN,mBAAmB,CAACD,WAAlE;AACD;;AAED,UAAIG,QAAJ,EAAc;AACZX,QAAAA,MAAM,GAAGC,iBAAUe,QAAnB;AACAb,QAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAAC,UAAIS,QAAJ,EAAc;AACdZ,QAAAA,MAAM,GAAGC,iBAAUgB,QAAnB;AACAd,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,IAAIM,mBAAJ,aAAIA,mBAAJ,eAAIA,mBAAmB,CAAES,eAAzB,EAA0C;AAC/C;AACA;AACA,YAAI,EAAE,MAAM1B,OAAO,CAAC2B,WAAR,CAAoBC,UAApB,EAAR,CAAJ,EAA+C;AAC7C,gBAAM,IAAIC,oBAAJ,CAAiB,mEAAjB,CAAN;AACD;;AAED,cAAM;AACJC,UAAAA,QADI;AAEJC,UAAAA,YAFI;AAGJC,UAAAA,eAHI;AAIJC,UAAAA,WAJI;AAKJC,UAAAA,IALI;AAMJC,UAAAA;AANI,YAOFtB,YAPJ;AAQAZ,QAAAA,MAAM,GAAG,MAAMF,UAAU,CAACqC,KAAX,CAAiBC,qBAAjB,CAAuC;AACpDX,UAAAA,eAAe,EAAET,mBAAmB,CAACS,eADe;AAEpDI,UAAAA,QAFoD;AAGpDC,UAAAA,YAHoD;AAIpDC,UAAAA,eAJoD;AAKpDC,UAAAA,WALoD;AAMpDE,UAAAA;AANoD,SAAvC,EAOZD,IAPY,CAAf;AASA1B,QAAAA,MAAM,GAAGC,iBAAU6B,OAAnB;AACA3B,QAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF,GAtED,CAsEE,OAAO4B,GAAP,EAAY;AACZnC,IAAAA,KAAK,GAAGmC,GAAR;AACA/B,IAAAA,MAAM,GAAGC,iBAAU+B,OAAnB;AACA7B,IAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAED,MAAIA,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAACuB,kBAAX,CAA8BmB,KAA9B;AACD;;AAED,SAAO;AACLjC,IAAAA,MADK;AAEL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAFK;AAGL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAHK;AAIL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CAJK;AAKL,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CALK;AAML,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb;AARK,GAAP;AAUD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate } from './remediate';\nimport { FlowMonitor } from './flowMonitors';\nimport * as remediators from './remediators';\nimport { AuthSdkError } from '../errors';\nimport { \n OktaAuth,\n IdxOptions,\n IdxStatus,\n IdxTransaction,\n IdxFeature,\n NextStep,\n} from '../types';\nimport { IdxResponse, IdxRemediation } from './types/idx-js';\n\nexport type RemediationFlow = Record<string, typeof remediators.Remediator>;\nexport interface RunOptions {\n flow?: RemediationFlow;\n actions?: string[];\n flowMonitor?: FlowMonitor;\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n const res = [];\n const { actions, neededToProceed } = idxResponse;\n\n if (actions['currentAuthenticator-recover']) {\n res.push(IdxFeature.PASSWORD_RECOVERY);\n }\n\n if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n res.push(IdxFeature.REGISTRATION);\n }\n\n if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n res.push(IdxFeature.SOCIAL_IDP);\n }\n\n return res;\n}\n\nfunction getAvailableSteps(remediations: IdxRemediation[]): NextStep[] {\n const res = [];\n\n const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n // Only add concrete subclasses to the map\n if (remediatorClass.remediationName) {\n map[remediatorClass.remediationName] = remediatorClass;\n }\n return map;\n }, {});\n\n for (let remediation of remediations) {\n const T = remediatorMap[remediation.name];\n if (T) {\n const remediator = new T(remediation);\n res.push (remediator.getNextStep());\n }\n }\n\n return res;\n}\n\nexport async function run(\n authClient: OktaAuth, \n options: RunOptions & IdxOptions,\n): Promise<IdxTransaction> {\n let tokens;\n let nextStep;\n let messages;\n let error;\n let meta;\n let enabledFeatures;\n let availableSteps;\n let status = IdxStatus.PENDING;\n let shouldClearTransaction = false;\n\n try {\n // Start/resume the flow\n const { interactionHandle, meta: metaFromResp } = await interact(authClient, options); \n\n // Introspect to get idx response\n const idxResponse = await introspect(authClient, { interactionHandle });\n\n if (!options.flow && !options.actions) {\n // handle start transaction\n meta = metaFromResp;\n enabledFeatures = getEnabledFeatures(idxResponse);\n availableSteps = getAvailableSteps(idxResponse.neededToProceed);\n } else {\n const values: remediators.RemediationValues = { \n ...options, \n stateHandle: idxResponse.rawIdxState.stateHandle \n };\n\n // Can we handle the remediations?\n const { \n idxResponse: idxResponseFromResp, \n nextStep: nextStepFromResp,\n terminal,\n canceled,\n messages: messagesFromResp,\n } = await remediate(idxResponse, values, options);\n\n // Track fields from remediation response\n nextStep = nextStepFromResp;\n messages = messagesFromResp;\n\n // Save intermediate idx response in storage to reduce introspect call\n if (nextStep && idxResponseFromResp) {\n authClient.transactionManager.saveIdxResponse(idxResponseFromResp.rawIdxState);\n }\n\n if (terminal) {\n status = IdxStatus.TERMINAL;\n shouldClearTransaction = true;\n } if (canceled) {\n status = IdxStatus.CANCELED;\n shouldClearTransaction = true;\n } else if (idxResponseFromResp?.interactionCode) { \n // Flows may end with interactionCode before the key remediation being hit\n // Double check if flow is finished to mitigate confusion with the wrapper methods\n if (!(await options.flowMonitor.isFinished())) {\n throw new AuthSdkError('Current flow is not supported, check policy settings in your org.');\n }\n\n const {\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n urls,\n scopes,\n } = metaFromResp;\n tokens = await authClient.token.exchangeCodeForTokens({\n interactionCode: idxResponseFromResp.interactionCode,\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n scopes\n }, urls);\n\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = true;\n }\n }\n } catch (err) {\n error = err;\n status = IdxStatus.FAILURE;\n shouldClearTransaction = true;\n }\n\n if (shouldClearTransaction) {\n authClient.transactionManager.clear();\n }\n \n return {\n status,\n ...(meta && { meta }),\n ...(enabledFeatures && { enabledFeatures }),\n ...(availableSteps && { availableSteps }),\n ...(tokens && { tokens: tokens.tokens }),\n ...(nextStep && { nextStep }),\n ...(messages && { messages }),\n ...(error && { error }),\n };\n}\n"],"file":"run.js"}
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","getAvailableSteps","remediations","remediatorMap","Object","values","remediators","reduce","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","interactionHandle","metaFromResp","flow","stateTokenExternalId","state","idx","setFlow","transactionManager","clear","interactResponse","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","saveIdxResponse","TERMINAL","CANCELED","interactionCode","clientId","codeVerifier","ignoreSignature","redirectUri","urls","scopes","token","exchangeCodeForTokens","SUCCESS","err","FAILURE","_idxResponse"],"mappings":";;;;AAcA;;AACA;;AACA;;AAEA;;AACA;;AASA;;;;;;AA5BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAwBA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,SAAOT,GAAP;AACD;;AAED,SAASU,iBAAT,CAA2BC,YAA3B,EAAuE;AACrE,QAAMX,GAAG,GAAG,EAAZ;AAEA,QAAMY,aAAa,GAAGC,MAAM,CAACC,MAAP,CAAcC,WAAd,EAA2BC,MAA3B,CAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBT,YAAxB,EAAsC;AACpC,UAAMU,CAAC,GAAGT,aAAa,CAACQ,WAAW,CAACb,IAAb,CAAvB;;AACA,QAAIc,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACApB,MAAAA,GAAG,CAACG,IAAJ,CAAUmB,UAAU,CAACC,WAAX,EAAV;AACD;AACF;;AAED,SAAOvB,GAAP;AACD;;AAEM,eAAewB,GAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAItC,WAAJ;AACA,MAAIuC,iBAAJ;AACA,MAAIC,YAAJ;;AAEA,MAAI;AAAA;;AAEF,UAAM;AAAEC,MAAAA,IAAF;AAAQC,MAAAA,oBAAR;AAA8BC,MAAAA;AAA9B,QAAwChB,OAA9C,CAFE,CAIF;;AACA,QAAIc,IAAJ,EAAU;AACRf,MAAAA,UAAU,CAACkB,GAAX,CAAeC,OAAf,CAAuBJ,IAAvB;AACD,KAPC,CASF;;;AACAD,IAAAA,YAAY,GAAG,8CAAwBd,UAAxB,EAAoC;AAAEiB,MAAAA;AAAF,KAApC,CAAf;AACAJ,IAAAA,iBAAiB,oBAAGC,YAAH,kDAAG,cAAcD,iBAAlC,CAXE,CAWmD;;AAErD,QAAI,CAACA,iBAAD,IAAsB,CAACG,oBAA3B,EAAiD;AAC/C;AACAhB,MAAAA,UAAU,CAACoB,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAAStB,UAAT,EAAqBC,OAArB,CAA/B;AACAY,MAAAA,iBAAiB,GAAGS,gBAAgB,CAACT,iBAArC;AACAC,MAAAA,YAAY,GAAGQ,gBAAgB,CAAChB,IAAhC;AACD,KAnBC,CAqBF;;;AACAhC,IAAAA,WAAW,GAAG,MAAM,4BAAW0B,UAAX,EAAuB;AAAEa,MAAAA,iBAAF;AAAqBG,MAAAA;AAArB,KAAvB,CAApB;;AAEA,QAAI,CAACf,OAAO,CAACX,WAAT,IAAwB,CAACW,OAAO,CAACzB,OAArC,EAA8C;AAC5C;AACA8B,MAAAA,IAAI,GAAGQ,YAAP;AACAP,MAAAA,eAAe,GAAGlC,kBAAkB,CAACC,WAAD,CAApC;AACAkC,MAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAW,CAACG,eAAb,CAAlC;AACD,KALD,MAKO;AACL,YAAMY,MAAqC,GAAG,EAC5C,GAAGY,OADyC;AAE5CsB,QAAAA,WAAW,EAAEjD,WAAW,CAACkD,WAAZ,CAAwBD;AAFO,OAA9C,CADK,CAML;;AACA,YAAM;AACJjD,QAAAA,WAAW,EAAEmD,mBADT;AAEJtB,QAAAA,QAAQ,EAAEuB,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJxB,QAAAA,QAAQ,EAAEyB;AALN,UAMF,MAAM,0BAAUvD,WAAV,EAAuBe,MAAvB,EAA+BY,OAA/B,CANV,CAPK,CAeL;;AACAE,MAAAA,QAAQ,GAAGuB,gBAAX;AACAtB,MAAAA,QAAQ,GAAGyB,gBAAX,CAjBK,CAmBL;;AACA,UAAI1B,QAAQ,IAAIsB,mBAAhB,EAAqC;AACnCzB,QAAAA,UAAU,CAACoB,kBAAX,CAA8BU,eAA9B,CAA8CL,mBAAmB,CAACD,WAAlE;AACD;;AAED,UAAIG,QAAJ,EAAc;AACZlB,QAAAA,MAAM,GAAGC,iBAAUqB,QAAnB;AACAnB,QAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAAC,UAAIgB,QAAJ,EAAc;AACdnB,QAAAA,MAAM,GAAGC,iBAAUsB,QAAnB;AACApB,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,IAAIa,mBAAJ,aAAIA,mBAAJ,eAAIA,mBAAmB,CAAEQ,eAAzB,EAA0C;AAC/C,cAAM;AACJC,UAAAA,QADI;AAEJC,UAAAA,YAFI;AAGJC,UAAAA,eAHI;AAIJC,UAAAA,WAJI;AAKJC,UAAAA,IALI;AAMJC,UAAAA;AANI,YAOFzB,YAPJ;AAQAZ,QAAAA,MAAM,GAAG,MAAMF,UAAU,CAACwC,KAAX,CAAiBC,qBAAjB,CAAuC;AACpDR,UAAAA,eAAe,EAAER,mBAAmB,CAACQ,eADe;AAEpDC,UAAAA,QAFoD;AAGpDC,UAAAA,YAHoD;AAIpDC,UAAAA,eAJoD;AAKpDC,UAAAA,WALoD;AAMpDE,UAAAA;AANoD,SAAvC,EAOZD,IAPY,CAAf;AASA7B,QAAAA,MAAM,GAAGC,iBAAUgC,OAAnB;AACA9B,QAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF,GAjFD,CAiFE,OAAO+B,GAAP,EAAY;AACZtC,IAAAA,KAAK,GAAGsC,GAAR;AACAlC,IAAAA,MAAM,GAAGC,iBAAUkC,OAAnB;AACAhC,IAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAED,MAAIA,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAACoB,kBAAX,CAA8BC,KAA9B;AACD;;AAED,SAAO;AACLwB,IAAAA,YAAY,EAAEvE,WADT;AAELmC,IAAAA,MAFK;AAGL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAHK;AAIL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAJK;AAKL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CALK;AAML,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CARK;AASL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb;AATK,GAAP;AAWD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate } from './remediate';\nimport { RemediationFlow } from './flow';\nimport * as remediators from './remediators';\nimport { \n OktaAuth,\n IdxStatus,\n IdxTransaction,\n IdxFeature,\n NextStep,\n FlowIdentifier,\n} from '../types';\nimport { IdxResponse, IdxRemediation } from './types/idx-js';\nimport { getSavedTransactionMeta } from './transactionMeta';\nimport { ProceedOptions } from './proceed';\n\nexport type RunOptions = ProceedOptions & {\n flow?: FlowIdentifier;\n remediators?: RemediationFlow;\n actions?: string[];\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n const res = [];\n const { actions, neededToProceed } = idxResponse;\n\n if (actions['currentAuthenticator-recover']) {\n res.push(IdxFeature.PASSWORD_RECOVERY);\n }\n\n if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n res.push(IdxFeature.REGISTRATION);\n }\n\n if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n res.push(IdxFeature.SOCIAL_IDP);\n }\n\n return res;\n}\n\nfunction getAvailableSteps(remediations: IdxRemediation[]): NextStep[] {\n const res = [];\n\n const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n // Only add concrete subclasses to the map\n if (remediatorClass.remediationName) {\n map[remediatorClass.remediationName] = remediatorClass;\n }\n return map;\n }, {});\n\n for (let remediation of remediations) {\n const T = remediatorMap[remediation.name];\n if (T) {\n const remediator = new T(remediation);\n res.push (remediator.getNextStep());\n }\n }\n\n return res;\n}\n\nexport async function run(\n authClient: OktaAuth, \n options: RunOptions = {},\n): Promise<IdxTransaction> {\n let tokens;\n let nextStep;\n let messages;\n let error;\n let meta;\n let enabledFeatures;\n let availableSteps;\n let status = IdxStatus.PENDING;\n let shouldClearTransaction = false;\n let idxResponse;\n let interactionHandle;\n let metaFromResp;\n\n try {\n\n const { flow, stateTokenExternalId, state } = options;\n\n // Only one flow can be operating at a time\n if (flow) {\n authClient.idx.setFlow(flow);\n }\n\n // Try to resume saved transaction\n metaFromResp = getSavedTransactionMeta(authClient, { state });\n interactionHandle = metaFromResp?.interactionHandle; // may be undefined\n\n if (!interactionHandle && !stateTokenExternalId) {\n // start a new transaction\n authClient.transactionManager.clear();\n const interactResponse = await interact(authClient, options); \n interactionHandle = interactResponse.interactionHandle;\n metaFromResp = interactResponse.meta;\n }\n\n // Introspect to get idx response\n idxResponse = await introspect(authClient, { interactionHandle, stateTokenExternalId });\n\n if (!options.remediators && !options.actions) {\n // handle start transaction\n meta = metaFromResp;\n enabledFeatures = getEnabledFeatures(idxResponse);\n availableSteps = getAvailableSteps(idxResponse.neededToProceed);\n } else {\n const values: remediators.RemediationValues = { \n ...options, \n stateHandle: idxResponse.rawIdxState.stateHandle \n };\n\n // Can we handle the remediations?\n const { \n idxResponse: idxResponseFromResp, \n nextStep: nextStepFromResp,\n terminal,\n canceled,\n messages: messagesFromResp,\n } = await remediate(idxResponse, values, options);\n\n // Track fields from remediation response\n nextStep = nextStepFromResp;\n messages = messagesFromResp;\n\n // Save intermediate idx response in storage to reduce introspect call\n if (nextStep && idxResponseFromResp) {\n authClient.transactionManager.saveIdxResponse(idxResponseFromResp.rawIdxState);\n }\n\n if (terminal) {\n status = IdxStatus.TERMINAL;\n shouldClearTransaction = true;\n } if (canceled) {\n status = IdxStatus.CANCELED;\n shouldClearTransaction = true;\n } else if (idxResponseFromResp?.interactionCode) { \n const {\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n urls,\n scopes,\n } = metaFromResp;\n tokens = await authClient.token.exchangeCodeForTokens({\n interactionCode: idxResponseFromResp.interactionCode,\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n scopes\n }, urls);\n\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = true;\n }\n }\n } catch (err) {\n error = err;\n status = IdxStatus.FAILURE;\n shouldClearTransaction = true;\n }\n\n if (shouldClearTransaction) {\n authClient.transactionManager.clear();\n }\n \n return {\n _idxResponse: idxResponse, \n status,\n ...(meta && { meta }),\n ...(enabledFeatures && { enabledFeatures }),\n ...(availableSteps && { availableSteps }),\n ...(tokens && { tokens: tokens.tokens }),\n ...(nextStep && { nextStep }),\n ...(messages && { messages }),\n ...(error && { error }),\n };\n}\n"],"file":"run.js"}
|
|
@@ -17,6 +17,8 @@ var _run = require("./run");
|
|
|
17
17
|
*/
|
|
18
18
|
// This method only resolves { status: IdxStatus.PENDING } if transaction has already started
|
|
19
19
|
async function startTransaction(authClient, options = {}) {
|
|
20
|
+
// Clear IDX response cache and saved transaction meta (if any)
|
|
21
|
+
authClient.transactionManager.clear();
|
|
20
22
|
return (0, _run.run)(authClient, options);
|
|
21
23
|
}
|
|
22
24
|
//# sourceMappingURL=startTransaction.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB,SAAO,
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB;AACAD,EAAAA,UAAU,CAACE,kBAAX,CAA8BC,KAA9B;AAEA,SAAO,cAAIH,UAAJ,EAAgBC,OAAhB,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { OktaAuth, IdxOptions, IdxTransaction } from '../types';\n\n// This method only resolves { status: IdxStatus.PENDING } if transaction has already started\nexport async function startTransaction(\n authClient: OktaAuth, \n options: IdxOptions = {}\n): Promise<IdxTransaction> {\n // Clear IDX response cache and saved transaction meta (if any)\n authClient.transactionManager.clear();\n\n return run(authClient, options);\n}\n"],"file":"startTransaction.js"}
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
exports.createTransactionMeta = createTransactionMeta;
|
|
4
4
|
exports.transactionMetaExist = transactionMetaExist;
|
|
5
|
+
exports.getSavedTransactionMeta = getSavedTransactionMeta;
|
|
5
6
|
exports.getTransactionMeta = getTransactionMeta;
|
|
6
7
|
exports.saveTransactionMeta = saveTransactionMeta;
|
|
7
8
|
exports.clearTransactionMeta = clearTransactionMeta;
|
|
@@ -23,41 +24,8 @@ var _oidc = require("../oidc");
|
|
|
23
24
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
24
25
|
*/
|
|
25
26
|
// Calculate new values
|
|
26
|
-
async function createTransactionMeta(authClient) {
|
|
27
|
-
|
|
28
|
-
}
|
|
29
|
-
|
|
30
|
-
function transactionMetaExist(authClient) {
|
|
31
|
-
if (authClient.transactionManager.exists()) {
|
|
32
|
-
const existing = authClient.transactionManager.load();
|
|
33
|
-
|
|
34
|
-
if (isTransactionMetaValid(authClient, existing) && existing.interactionHandle) {
|
|
35
|
-
return true;
|
|
36
|
-
}
|
|
37
|
-
}
|
|
38
|
-
|
|
39
|
-
return false;
|
|
40
|
-
}
|
|
41
|
-
|
|
42
|
-
async function getTransactionMeta(authClient) {
|
|
43
|
-
// Load existing transaction meta from storage
|
|
44
|
-
if (authClient.transactionManager.exists()) {
|
|
45
|
-
const existing = authClient.transactionManager.load();
|
|
46
|
-
|
|
47
|
-
if (isTransactionMetaValid(authClient, existing)) {
|
|
48
|
-
return existing;
|
|
49
|
-
} // existing meta is not valid for this configuration
|
|
50
|
-
// this is common when changing configuration in local development environment
|
|
51
|
-
// in a production environment, this may indicate that two apps are sharing a storage key
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
(0, _util.warn)('Saved transaction meta does not match the current configuration. ' + 'This may indicate that two apps are sharing a storage key.');
|
|
55
|
-
} // Calculate new values
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
const tokenParams = await authClient.token.prepareTokenParams();
|
|
59
|
-
const urls = (0, _oidc.getOAuthUrls)(authClient, tokenParams);
|
|
60
|
-
const issuer = authClient.options.issuer;
|
|
27
|
+
async function createTransactionMeta(authClient, options) {
|
|
28
|
+
const tokenParams = await authClient.token.prepareTokenParams(options);
|
|
61
29
|
const {
|
|
62
30
|
pkce,
|
|
63
31
|
clientId,
|
|
@@ -72,7 +40,11 @@ async function getTransactionMeta(authClient) {
|
|
|
72
40
|
codeChallengeMethod,
|
|
73
41
|
codeChallenge
|
|
74
42
|
} = tokenParams;
|
|
43
|
+
const urls = (0, _oidc.getOAuthUrls)(authClient, tokenParams);
|
|
44
|
+
const flow = authClient.idx.getFlow() || 'default';
|
|
45
|
+
const issuer = authClient.options.issuer;
|
|
75
46
|
const meta = {
|
|
47
|
+
flow,
|
|
76
48
|
issuer,
|
|
77
49
|
pkce,
|
|
78
50
|
clientId,
|
|
@@ -91,6 +63,48 @@ async function getTransactionMeta(authClient) {
|
|
|
91
63
|
return meta;
|
|
92
64
|
}
|
|
93
65
|
|
|
66
|
+
function transactionMetaExist(authClient, options) {
|
|
67
|
+
if (authClient.transactionManager.exists(options)) {
|
|
68
|
+
const existing = authClient.transactionManager.load(options);
|
|
69
|
+
|
|
70
|
+
if (isTransactionMetaValid(authClient, existing) && existing.interactionHandle) {
|
|
71
|
+
return true;
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
|
|
75
|
+
return false;
|
|
76
|
+
} // Returns the saved transaction meta, if it exists and is valid, or undefined
|
|
77
|
+
|
|
78
|
+
|
|
79
|
+
function getSavedTransactionMeta(authClient, options) {
|
|
80
|
+
const state = (options === null || options === void 0 ? void 0 : options.state) || authClient.options.state;
|
|
81
|
+
const existing = authClient.transactionManager.load({
|
|
82
|
+
state
|
|
83
|
+
});
|
|
84
|
+
|
|
85
|
+
if (existing && isTransactionMetaValid(authClient, existing)) {
|
|
86
|
+
return existing;
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
|
|
90
|
+
async function getTransactionMeta(authClient, options) {
|
|
91
|
+
// Load existing transaction meta from storage
|
|
92
|
+
if (authClient.transactionManager.exists(options)) {
|
|
93
|
+
const validExistingMeta = getSavedTransactionMeta(authClient, options);
|
|
94
|
+
|
|
95
|
+
if (validExistingMeta) {
|
|
96
|
+
return validExistingMeta;
|
|
97
|
+
} // existing meta is not valid for this configuration
|
|
98
|
+
// this is common when changing configuration in local development environment
|
|
99
|
+
// in a production environment, this may indicate that two apps are sharing a storage key
|
|
100
|
+
|
|
101
|
+
|
|
102
|
+
(0, _util.warn)('Saved transaction meta does not match the current configuration. ' + 'This may indicate that two apps are sharing a storage key.');
|
|
103
|
+
}
|
|
104
|
+
|
|
105
|
+
return createTransactionMeta(authClient, options);
|
|
106
|
+
}
|
|
107
|
+
|
|
94
108
|
function saveTransactionMeta(authClient, meta) {
|
|
95
109
|
authClient.transactionManager.save(meta, {
|
|
96
110
|
muteWarning: true
|
|
@@ -100,13 +114,37 @@ function saveTransactionMeta(authClient, meta) {
|
|
|
100
114
|
function clearTransactionMeta(authClient) {
|
|
101
115
|
authClient.transactionManager.clear();
|
|
102
116
|
} // returns true if values in meta match current authClient options
|
|
117
|
+
// eslint-disable-next-line complexity
|
|
103
118
|
|
|
104
119
|
|
|
105
120
|
function isTransactionMetaValid(authClient, meta) {
|
|
121
|
+
// First validate against required config
|
|
106
122
|
const keys = ['issuer', 'clientId', 'redirectUri'];
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
123
|
+
|
|
124
|
+
if (keys.some(key => authClient.options[key] !== meta[key])) {
|
|
125
|
+
return false;
|
|
126
|
+
} // Validate optional config
|
|
127
|
+
|
|
128
|
+
|
|
129
|
+
const {
|
|
130
|
+
flow,
|
|
131
|
+
state
|
|
132
|
+
} = authClient.options; // If state is specified, it must match meta to be valid
|
|
133
|
+
|
|
134
|
+
if (state && state !== meta.state) {
|
|
135
|
+
return false;
|
|
136
|
+
} // Specific flows should not share transaction data
|
|
137
|
+
|
|
138
|
+
|
|
139
|
+
const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';
|
|
140
|
+
|
|
141
|
+
if (shouldValidateFlow) {
|
|
142
|
+
if (flow !== meta.flow) {
|
|
143
|
+
// The flow has changed; abandon the old transaction
|
|
144
|
+
return false;
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
|
|
148
|
+
return true;
|
|
111
149
|
}
|
|
112
150
|
//# sourceMappingURL=transactionMeta.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","token","prepareTokenParams","
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","options","tokenParams","token","prepareTokenParams","pkce","clientId","redirectUri","responseType","responseMode","scopes","state","nonce","ignoreSignature","codeVerifier","codeChallengeMethod","codeChallenge","urls","flow","idx","getFlow","issuer","meta","transactionMetaExist","transactionManager","exists","existing","load","isTransactionMetaValid","interactionHandle","getSavedTransactionMeta","getTransactionMeta","validExistingMeta","saveTransactionMeta","save","muteWarning","clearTransactionMeta","clear","keys","some","key","shouldValidateFlow"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,qBAAf,CAAqCC,UAArC,EAA2DC,OAA3D,EAA6F;AAClG,QAAMC,WAAW,GAAG,MAAMF,UAAU,CAACG,KAAX,CAAiBC,kBAAjB,CAAoCH,OAApC,CAA1B;AACA,QAAM;AACJI,IAAAA,IADI;AAEJC,IAAAA,QAFI;AAGJC,IAAAA,WAHI;AAIJC,IAAAA,YAJI;AAKJC,IAAAA,YALI;AAMJC,IAAAA,MANI;AAOJC,IAAAA,KAPI;AAQJC,IAAAA,KARI;AASJC,IAAAA,eATI;AAUJC,IAAAA,YAVI;AAWJC,IAAAA,mBAXI;AAYJC,IAAAA;AAZI,MAaFd,WAbJ;AAcA,QAAMe,IAAI,GAAG,wBAAajB,UAAb,EAAyBE,WAAzB,CAAb;AACA,QAAMgB,IAAI,GAAGlB,UAAU,CAACmB,GAAX,CAAeC,OAAf,MAA4B,SAAzC;AACA,QAAMC,MAAM,GAAGrB,UAAU,CAACC,OAAX,CAAmBoB,MAAlC;AACA,QAAMC,IAAI,GAAG;AACXJ,IAAAA,IADW;AAEXG,IAAAA,MAFW;AAGXhB,IAAAA,IAHW;AAIXC,IAAAA,QAJW;AAKXC,IAAAA,WALW;AAMXC,IAAAA,YANW;AAOXC,IAAAA,YAPW;AAQXC,IAAAA,MARW;AASXC,IAAAA,KATW;AAUXC,IAAAA,KAVW;AAWXK,IAAAA,IAXW;AAYXJ,IAAAA,eAZW;AAaXC,IAAAA,YAbW;AAcXC,IAAAA,mBAdW;AAeXC,IAAAA;AAfW,GAAb;AAiBA,SAAOM,IAAP;AACD;;AAEM,SAASC,oBAAT,CAA8BvB,UAA9B,EAAoDC,OAApD,EAA+F;AACpG,MAAID,UAAU,CAACwB,kBAAX,CAA8BC,MAA9B,CAAqCxB,OAArC,CAAJ,EAAmD;AACjD,UAAMyB,QAAQ,GAAG1B,UAAU,CAACwB,kBAAX,CAA8BG,IAA9B,CAAmC1B,OAAnC,CAAjB;;AACA,QAAI2B,sBAAsB,CAAC5B,UAAD,EAAa0B,QAAb,CAAtB,IAAgDA,QAAQ,CAACG,iBAA7D,EAAgF;AAC9E,aAAO,IAAP;AACD;AACF;;AACD,SAAO,KAAP;AACD,C,CAED;;;AACO,SAASC,uBAAT,CAAiC9B,UAAjC,EAAuDC,OAAvD,EAA6G;AAClH,QAAMU,KAAK,GAAG,CAAAV,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAEU,KAAT,KAAkBX,UAAU,CAACC,OAAX,CAAmBU,KAAnD;AACA,QAAMe,QAAQ,GAAG1B,UAAU,CAACwB,kBAAX,CAA8BG,IAA9B,CAAmC;AAAEhB,IAAAA;AAAF,GAAnC,CAAjB;;AACA,MAAIe,QAAQ,IAAIE,sBAAsB,CAAC5B,UAAD,EAAa0B,QAAb,CAAtC,EAA8D;AAC5D,WAAOA,QAAP;AACD;AACF;;AAEM,eAAeK,kBAAf,CACL/B,UADK,EAELC,OAFK,EAGwB;AAC7B;AACA,MAAID,UAAU,CAACwB,kBAAX,CAA8BC,MAA9B,CAAqCxB,OAArC,CAAJ,EAAmD;AACjD,UAAM+B,iBAAiB,GAAGF,uBAAuB,CAAC9B,UAAD,EAAaC,OAAb,CAAjD;;AACA,QAAI+B,iBAAJ,EAAuB;AACrB,aAAOA,iBAAP;AACD,KAJgD,CAKjD;AACA;AACA;;;AACA,oBAAK,sEACH,4DADF;AAED;;AAED,SAAOjC,qBAAqB,CAACC,UAAD,EAAaC,OAAb,CAA5B;AACD;;AAEM,SAASgC,mBAAT,CAA8BjC,UAA9B,EAAoDsB,IAApD,EAA0D;AAC/DtB,EAAAA,UAAU,CAACwB,kBAAX,CAA8BU,IAA9B,CAAmCZ,IAAnC,EAAyC;AAAEa,IAAAA,WAAW,EAAE;AAAf,GAAzC;AACD;;AAEM,SAASC,oBAAT,CAA+BpC,UAA/B,EAAqD;AAC1DA,EAAAA,UAAU,CAACwB,kBAAX,CAA8Ba,KAA9B;AACD,C,CAED;AACA;;;AACO,SAAST,sBAAT,CAAiC5B,UAAjC,EAAuDsB,IAAvD,EAA6D;AAClE;AACA,QAAMgB,IAAI,GAAG,CAAC,QAAD,EAAW,UAAX,EAAuB,aAAvB,CAAb;;AACA,MAAIA,IAAI,CAACC,IAAL,CAAUC,GAAG,IAAIxC,UAAU,CAACC,OAAX,CAAmBuC,GAAnB,MAA4BlB,IAAI,CAACkB,GAAD,CAAjD,CAAJ,EAA6D;AAC3D,WAAO,KAAP;AACD,GALiE,CAOlE;;;AACA,QAAM;AAAEtB,IAAAA,IAAF;AAAQP,IAAAA;AAAR,MAAkBX,UAAU,CAACC,OAAnC,CARkE,CAUlE;;AACA,MAAIU,KAAK,IAAIA,KAAK,KAAKW,IAAI,CAACX,KAA5B,EAAmC;AACjC,WAAO,KAAP;AACD,GAbiE,CAelE;;;AACA,QAAM8B,kBAAkB,GAAGvB,IAAI,IAAIA,IAAI,KAAK,SAAjB,IAA8BA,IAAI,KAAK,SAAlE;;AACA,MAAIuB,kBAAJ,EAAwB;AACtB,QAAIvB,IAAI,KAAKI,IAAI,CAACJ,IAAlB,EAAwB;AACtB;AACA,aAAO,KAAP;AACD;AACF;;AAED,SAAO,IAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuth, IdxTransactionMeta, TransactionMetaOptions } from '../types';\nimport { warn } from '../util';\nimport { getOAuthUrls } from '../oidc';\n\n// Calculate new values\nexport async function createTransactionMeta(authClient: OktaAuth, options?: TransactionMetaOptions) {\n const tokenParams = await authClient.token.prepareTokenParams(options);\n const {\n pkce,\n clientId,\n redirectUri,\n responseType,\n responseMode,\n scopes,\n state,\n nonce,\n ignoreSignature,\n codeVerifier,\n codeChallengeMethod,\n codeChallenge,\n } = tokenParams;\n const urls = getOAuthUrls(authClient, tokenParams);\n const flow = authClient.idx.getFlow() || 'default';\n const issuer = authClient.options.issuer;\n const meta = {\n flow,\n issuer,\n pkce,\n clientId,\n redirectUri,\n responseType,\n responseMode,\n scopes,\n state,\n nonce,\n urls,\n ignoreSignature,\n codeVerifier,\n codeChallengeMethod,\n codeChallenge \n };\n return meta;\n}\n\nexport function transactionMetaExist(authClient: OktaAuth, options?: TransactionMetaOptions): boolean {\n if (authClient.transactionManager.exists(options)) {\n const existing = authClient.transactionManager.load(options) as IdxTransactionMeta;\n if (isTransactionMetaValid(authClient, existing) && existing.interactionHandle) {\n return true;\n }\n }\n return false;\n}\n\n// Returns the saved transaction meta, if it exists and is valid, or undefined\nexport function getSavedTransactionMeta(authClient: OktaAuth, options?: TransactionMetaOptions): IdxTransactionMeta {\n const state = options?.state || authClient.options.state;\n const existing = authClient.transactionManager.load({ state }) as IdxTransactionMeta;\n if (existing && isTransactionMetaValid(authClient, existing)) {\n return existing;\n }\n}\n\nexport async function getTransactionMeta(\n authClient: OktaAuth,\n options?: TransactionMetaOptions\n): Promise<IdxTransactionMeta> {\n // Load existing transaction meta from storage\n if (authClient.transactionManager.exists(options)) {\n const validExistingMeta = getSavedTransactionMeta(authClient, options);\n if (validExistingMeta) {\n return validExistingMeta;\n }\n // existing meta is not valid for this configuration\n // this is common when changing configuration in local development environment\n // in a production environment, this may indicate that two apps are sharing a storage key\n warn('Saved transaction meta does not match the current configuration. ' + \n 'This may indicate that two apps are sharing a storage key.');\n }\n\n return createTransactionMeta(authClient, options);\n}\n\nexport function saveTransactionMeta (authClient: OktaAuth, meta) {\n authClient.transactionManager.save(meta, { muteWarning: true });\n}\n\nexport function clearTransactionMeta (authClient: OktaAuth) {\n authClient.transactionManager.clear();\n}\n\n// returns true if values in meta match current authClient options\n// eslint-disable-next-line complexity\nexport function isTransactionMetaValid (authClient: OktaAuth, meta) {\n // First validate against required config\n const keys = ['issuer', 'clientId', 'redirectUri'];\n if (keys.some(key => authClient.options[key] !== meta[key])) {\n return false;\n }\n\n // Validate optional config\n const { flow, state } = authClient.options;\n \n // If state is specified, it must match meta to be valid\n if (state && state !== meta.state) {\n return false;\n }\n\n // Specific flows should not share transaction data\n const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';\n if (shouldValidateFlow) {\n if (flow !== meta.flow) {\n // The flow has changed; abandon the old transaction\n return false;\n }\n }\n\n return true;\n}\n"],"file":"transactionMeta.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":[],"names":[],"mappings":"","sourcesContent":[],"file":"
|
|
1
|
+
{"version":3,"sources":[],"names":[],"mappings":"","sourcesContent":[],"file":"FlowIdentifier.js"}
|
package/cjs/idx/types/idx-js.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
3
|
exports.isRawIdxResponse = isRawIdxResponse;
|
|
4
|
+
exports.isIdxResponse = isIdxResponse;
|
|
4
5
|
|
|
5
6
|
/*!
|
|
6
7
|
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
@@ -18,4 +19,8 @@ exports.isRawIdxResponse = isRawIdxResponse;
|
|
|
18
19
|
function isRawIdxResponse(obj) {
|
|
19
20
|
return obj && obj.version;
|
|
20
21
|
}
|
|
22
|
+
|
|
23
|
+
function isIdxResponse(obj) {
|
|
24
|
+
return obj && isRawIdxResponse(obj.rawIdxState);
|
|
25
|
+
}
|
|
21
26
|
//# sourceMappingURL=idx-js.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/types/idx-js.ts"],"names":["isRawIdxResponse","obj","version"],"mappings":"
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/types/idx-js.ts"],"names":["isRawIdxResponse","obj","version","isIdxResponse","rawIdxState"],"mappings":";;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA;AA8HA;AAaO,SAASA,gBAAT,CAA0BC,GAA1B,EAA2D;AAChE,SAAOA,GAAG,IAAIA,GAAG,CAACC,OAAlB;AACD;;AAoBM,SAASC,aAAT,CAAuBF,GAAvB,EAAqD;AAC1D,SAAOA,GAAG,IAAID,gBAAgB,CAACC,GAAG,CAACG,WAAL,CAA9B;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n// TODO: remove when idx-js provides type information\n\nexport interface IdxAuthenticatorMethod {\n type: string;\n}\nexport interface IdxAuthenticator {\n displayName: string;\n id: string;\n key: string;\n methods: IdxAuthenticatorMethod[];\n type: string;\n settings?: {\n complexity?: unknown;\n age?: unknown;\n };\n contextualData?: {\n enrolledQuestion?: {\n question: string;\n questionKey: string;\n };\n qrcode?: { \n href: string; \n method: string; \n type: string; \n };\n sharedSecret?: string;\n questions?: {\n questionKey: string;\n question: string;\n }[];\n questionKeys?: string[];\n };\n}\n\nexport interface IdxForm {\n value: IdxRemediationValue[];\n}\n\nexport interface IdxOption {\n value: string | { form: IdxForm };\n label: string;\n relatesTo?: IdxAuthenticator;\n}\n\nexport interface IdpConfig {\n id: string;\n name: string;\n}\n\nexport interface IdxRemediationValue {\n name: string;\n type?: string;\n required?: boolean;\n secret?: boolean;\n visible?: boolean;\n mutable?: boolean;\n value?: string;\n label?: string;\n form?: IdxForm;\n options?: IdxOption[];\n messages?: IdxMessages;\n minLength?: number;\n maxLength?: number;\n}\n\nexport interface IdxRemediation {\n name: string;\n label?: string;\n value?: IdxRemediationValue[];\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n idp?: IdpConfig;\n href?: string;\n method?: string;\n type?: string;\n accepts?: string;\n refresh?: number;\n}\n\nexport interface IdxContext {\n version: string;\n stateHandle: string;\n expiresAt: string;\n intent: string;\n currentAuthenticator: {\n type: string;\n value: IdxAuthenticator;\n };\n authenticators: {\n type: string;\n value: IdxAuthenticator[];\n };\n authenticatorEnrollments: {\n type: string;\n value: IdxAuthenticator[];\n };\n enrollmentAuthenticator: {\n type: string;\n value: IdxAuthenticator;\n };\n user: {\n type: string;\n value: Record<string, unknown>;\n };\n app: {\n type: string;\n value: Record<string, unknown>;\n };\n}\n\nexport interface IdxMessage {\n message: string;\n class: string;\n i18n: {\n key: string;\n params?: unknown[];\n };\n}\n\nexport interface IdxMessages {\n type: 'array';\n value: IdxMessage[];\n}\n\n// JSON response from the server\nexport interface RawIdxResponse {\n version: string;\n stateHandle: string;\n intent?: string;\n expiresAt?: string;\n remediation?: {\n type: 'array';\n value: IdxRemediation[];\n };\n messages?: IdxMessages;\n}\n\nexport function isRawIdxResponse(obj: any): obj is RawIdxResponse {\n return obj && obj.version;\n}\n\n\nexport interface IdxActions {\n [key: string]: Function;\n}\n\n// Object returned from idx-js\nexport interface IdxResponse {\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n toPersist: {\n interactionHandle?: string;\n };\n context?: IdxContext;\n}\n\nexport function isIdxResponse(obj: any): obj is IdxResponse {\n return obj && isRawIdxResponse(obj.rawIdxState);\n}\n"],"file":"idx-js.js"}
|
package/cjs/idx/types/index.js
CHANGED
|
@@ -1,5 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
+
Object.defineProperty(exports, "FlowIdentifier", {
|
|
4
|
+
enumerable: true,
|
|
5
|
+
get: function () {
|
|
6
|
+
return _FlowIdentifier.FlowIdentifier;
|
|
7
|
+
}
|
|
8
|
+
});
|
|
3
9
|
Object.defineProperty(exports, "IdxMessage", {
|
|
4
10
|
enumerable: true,
|
|
5
11
|
get: function () {
|
|
@@ -24,6 +30,12 @@ Object.defineProperty(exports, "PasswordRecoveryOptions", {
|
|
|
24
30
|
return _recoverPassword.PasswordRecoveryOptions;
|
|
25
31
|
}
|
|
26
32
|
});
|
|
33
|
+
Object.defineProperty(exports, "ProceedOptions", {
|
|
34
|
+
enumerable: true,
|
|
35
|
+
get: function () {
|
|
36
|
+
return _proceed.ProceedOptions;
|
|
37
|
+
}
|
|
38
|
+
});
|
|
27
39
|
Object.defineProperty(exports, "CancelOptions", {
|
|
28
40
|
enumerable: true,
|
|
29
41
|
get: function () {
|
|
@@ -32,6 +44,8 @@ Object.defineProperty(exports, "CancelOptions", {
|
|
|
32
44
|
});
|
|
33
45
|
exports.IdxFeature = exports.AuthenticatorKey = exports.IdxStatus = void 0;
|
|
34
46
|
|
|
47
|
+
var _FlowIdentifier = require("./FlowIdentifier");
|
|
48
|
+
|
|
35
49
|
var _idxJs = require("./idx-js");
|
|
36
50
|
|
|
37
51
|
var _authenticate = require("../authenticate");
|
|
@@ -40,6 +54,8 @@ var _register = require("../register");
|
|
|
40
54
|
|
|
41
55
|
var _recoverPassword = require("../recoverPassword");
|
|
42
56
|
|
|
57
|
+
var _proceed = require("../proceed");
|
|
58
|
+
|
|
43
59
|
var _cancel = require("../cancel");
|
|
44
60
|
|
|
45
61
|
/*!
|
|
@@ -70,9 +86,10 @@ exports.AuthenticatorKey = AuthenticatorKey;
|
|
|
70
86
|
(function (AuthenticatorKey) {
|
|
71
87
|
AuthenticatorKey["OKTA_PASSWORD"] = "okta_password";
|
|
72
88
|
AuthenticatorKey["OKTA_EMAIL"] = "okta_email";
|
|
73
|
-
AuthenticatorKey["OKTA_VERIFIER"] = "okta_verifier";
|
|
74
89
|
AuthenticatorKey["PHONE_NUMBER"] = "phone_number";
|
|
75
90
|
AuthenticatorKey["GOOGLE_AUTHENTICATOR"] = "google_otp";
|
|
91
|
+
AuthenticatorKey["SECURITY_QUESTION"] = "security_question";
|
|
92
|
+
AuthenticatorKey["OKTA_VERIFY"] = "okta_verify";
|
|
76
93
|
})(AuthenticatorKey || (exports.AuthenticatorKey = AuthenticatorKey = {}));
|
|
77
94
|
|
|
78
95
|
let IdxFeature;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/types/index.ts"],"names":["IdxStatus","AuthenticatorKey","IdxFeature"],"mappings":"
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/types/index.ts"],"names":["IdxStatus","AuthenticatorKey","IdxFeature"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkBA;;AAEA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAzBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IAkBYA,S;;;WAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;GAAAA,S,yBAAAA,S;;IAQAC,gB;;;WAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;GAAAA,gB,gCAAAA,gB;;IA4BAC,U;;;WAAAA,U;AAAAA,EAAAA,U,CAAAA,U;AAAAA,EAAAA,U,CAAAA,U;AAAAA,EAAAA,U,CAAAA,U;GAAAA,U,0BAAAA,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { InteractOptions } from '../interact';\nimport { IntrospectOptions } from '../introspect';\nimport { APIError, Tokens } from '../../types';\nimport { IdxTransactionMeta } from '../../types/Transaction';\nimport { IdxAuthenticator, IdxMessage, IdxOption, IdxResponse } from './idx-js';\nimport { FlowIdentifier } from './FlowIdentifier';\n\nexport { IdxMessage } from './idx-js';\nexport { AuthenticationOptions } from '../authenticate';\nexport { RegistrationOptions } from '../register';\nexport { PasswordRecoveryOptions } from '../recoverPassword';\nexport { ProceedOptions } from '../proceed';\nexport { CancelOptions } from '../cancel';\nexport { FlowIdentifier };\n\nexport enum IdxStatus {\n SUCCESS = 'SUCCESS',\n PENDING = 'PENDING',\n FAILURE = 'FAILURE',\n TERMINAL = 'TERMINAL',\n CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n OKTA_PASSWORD = 'okta_password',\n OKTA_EMAIL = 'okta_email',\n PHONE_NUMBER = 'phone_number',\n GOOGLE_AUTHENTICATOR = 'google_otp',\n SECURITY_QUESTION = 'security_question',\n OKTA_VERIFY = 'okta_verify'\n}\n\nexport type Input = {\n name: string;\n type?: string;\n label?: string;\n value?: string;\n secret?: boolean;\n required?: boolean;\n}\n\nexport type NextStep = {\n name: string;\n authenticator?: IdxAuthenticator;\n canSkip?: boolean;\n canResend?: boolean;\n inputs?: Input[];\n options?: IdxOption[];\n poll?: IdxPollOptions;\n}\n\nexport enum IdxFeature {\n PASSWORD_RECOVERY,\n REGISTRATION,\n SOCIAL_IDP,\n}\n\nexport interface IdxTransaction {\n status: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n _idxResponse?: IdxResponse; // Temporary for widget conversion. Will not be supported long-term. OKTA-418165\n}\n\nexport type IdxOptions = InteractOptions & IntrospectOptions & {\n flow?: FlowIdentifier;\n};\n\nexport interface IdxPollOptions {\n required?: boolean;\n refresh?: number;\n}\n\nexport type Authenticator = {\n key: string;\n methodType?: string;\n phoneNumber?: string;\n};\n"],"file":"index.js"}
|
|
@@ -64,6 +64,9 @@ function convertTokenParamsToOAuthParams(tokenParams) {
|
|
|
64
64
|
|
|
65
65
|
function buildAuthorizeParams(tokenParams) {
|
|
66
66
|
var oauthQueryParams = convertTokenParamsToOAuthParams(tokenParams);
|
|
67
|
-
return (0, _util.toQueryString)(oauthQueryParams
|
|
67
|
+
return (0, _util.toQueryString)({ ...oauthQueryParams,
|
|
68
|
+
...(tokenParams.extraParams && { ...tokenParams.extraParams
|
|
69
|
+
})
|
|
70
|
+
});
|
|
68
71
|
}
|
|
69
72
|
//# sourceMappingURL=authorize.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/oidc/endpoints/authorize.ts"],"names":["convertTokenParamsToOAuthParams","tokenParams","clientId","AuthSdkError","responseType","indexOf","oauthParams","codeChallenge","codeChallengeMethod","display","idp","idpScope","loginHint","maxAge","nonce","prompt","redirectUri","responseMode","sessionToken","state","forEach","mayBeArray","Array","isArray","join","scopes","scope","buildAuthorizeParams","oauthQueryParams"],"mappings":";;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAOO,SAASA,+BAAT,CAAyCC,WAAzC,EAAmE;AACxE;AACA,MAAI,CAACA,WAAW,CAACC,QAAjB,EAA2B;AACzB,UAAM,IAAIC,oBAAJ,CAAiB,yEAAjB,CAAN;AACD;;AAED,MAAI,oBAASF,WAAW,CAACG,YAArB,KAAsCH,WAAW,CAACG,YAAZ,CAAyBC,OAAzB,CAAiC,GAAjC,MAA0C,CAAC,CAArF,EAAwF;AACtF,UAAM,IAAIF,oBAAJ,CAAiB,0DAAjB,CAAN;AACD,GARuE,CAUxE;;;AACA,MAAIG,WAAwB,GAAG;AAC7B,iBAAaL,WAAW,CAACC,QADI;AAE7B,sBAAkBD,WAAW,CAACM,aAFD;AAG7B,6BAAyBN,WAAW,CAACO,mBAHR;AAI7B,eAAWP,WAAW,CAACQ,OAJM;AAK7B,WAAOR,WAAW,CAACS,GALU;AAM7B,iBAAaT,WAAW,CAACU,QANI;AAO7B,kBAAcV,WAAW,CAACW,SAPG;AAQ7B,eAAWX,WAAW,CAACY,MARM;AAS7B,aAASZ,WAAW,CAACa,KATQ;AAU7B,cAAUb,WAAW,CAACc,MAVO;AAW7B,oBAAgBd,WAAW,CAACe,WAXC;AAY7B,qBAAiBf,WAAW,CAACgB,YAZA;AAa7B,qBAAiBhB,WAAW,CAACG,YAbA;AAc7B,oBAAgBH,WAAW,CAACiB,YAdC;AAe7B,aAASjB,WAAW,CAACkB;AAfQ,GAA/B;AAiBAb,EAAAA,WAAW,GAAG,sBAAWA,WAAX,CAAd;AAEA,GAAC,WAAD,EAAc,eAAd,EAA+Bc,OAA/B,CAAuC,UAAUC,UAAV,EAAsB;AAC3D,QAAIC,KAAK,CAACC,OAAN,CAAcjB,WAAW,CAACe,UAAD,CAAzB,CAAJ,EAA4C;AAC1Cf,MAAAA,WAAW,CAACe,UAAD,CAAX,GAA0Bf,WAAW,CAACe,UAAD,CAAX,CAAwBG,IAAxB,CAA6B,GAA7B,CAA1B;AACD;AACF,GAJD;;AAMA,MAAIvB,WAAW,CAACG,YAAZ,CAAyBC,OAAzB,CAAiC,UAAjC,MAAiD,CAAC,CAAlD,IACFJ,WAAW,CAACwB,MAAZ,CAAmBpB,OAAnB,CAA2B,QAA3B,MAAyC,CAAC,CAD5C,EAC+C;AAC7C,UAAM,IAAIF,oBAAJ,CAAiB,mFAAjB,CAAN;AACD,GAHD,MAGO;AACLG,IAAAA,WAAW,CAACoB,KAAZ,GAAoBzB,WAAW,CAACwB,MAAZ,CAAmBD,IAAnB,CAAwB,GAAxB,CAApB;AACD;;AAED,SAAOlB,WAAP;AACD;;AAEM,SAASqB,oBAAT,CAA8B1B,WAA9B,EAAwD;AAC7D,MAAI2B,gBAAgB,GAAG5B,+BAA+B,CAACC,WAAD,CAAtD;AACA,SAAO,
|
|
1
|
+
{"version":3,"sources":["../../../../lib/oidc/endpoints/authorize.ts"],"names":["convertTokenParamsToOAuthParams","tokenParams","clientId","AuthSdkError","responseType","indexOf","oauthParams","codeChallenge","codeChallengeMethod","display","idp","idpScope","loginHint","maxAge","nonce","prompt","redirectUri","responseMode","sessionToken","state","forEach","mayBeArray","Array","isArray","join","scopes","scope","buildAuthorizeParams","oauthQueryParams","extraParams"],"mappings":";;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAOO,SAASA,+BAAT,CAAyCC,WAAzC,EAAmE;AACxE;AACA,MAAI,CAACA,WAAW,CAACC,QAAjB,EAA2B;AACzB,UAAM,IAAIC,oBAAJ,CAAiB,yEAAjB,CAAN;AACD;;AAED,MAAI,oBAASF,WAAW,CAACG,YAArB,KAAsCH,WAAW,CAACG,YAAZ,CAAyBC,OAAzB,CAAiC,GAAjC,MAA0C,CAAC,CAArF,EAAwF;AACtF,UAAM,IAAIF,oBAAJ,CAAiB,0DAAjB,CAAN;AACD,GARuE,CAUxE;;;AACA,MAAIG,WAAwB,GAAG;AAC7B,iBAAaL,WAAW,CAACC,QADI;AAE7B,sBAAkBD,WAAW,CAACM,aAFD;AAG7B,6BAAyBN,WAAW,CAACO,mBAHR;AAI7B,eAAWP,WAAW,CAACQ,OAJM;AAK7B,WAAOR,WAAW,CAACS,GALU;AAM7B,iBAAaT,WAAW,CAACU,QANI;AAO7B,kBAAcV,WAAW,CAACW,SAPG;AAQ7B,eAAWX,WAAW,CAACY,MARM;AAS7B,aAASZ,WAAW,CAACa,KATQ;AAU7B,cAAUb,WAAW,CAACc,MAVO;AAW7B,oBAAgBd,WAAW,CAACe,WAXC;AAY7B,qBAAiBf,WAAW,CAACgB,YAZA;AAa7B,qBAAiBhB,WAAW,CAACG,YAbA;AAc7B,oBAAgBH,WAAW,CAACiB,YAdC;AAe7B,aAASjB,WAAW,CAACkB;AAfQ,GAA/B;AAiBAb,EAAAA,WAAW,GAAG,sBAAWA,WAAX,CAAd;AAEA,GAAC,WAAD,EAAc,eAAd,EAA+Bc,OAA/B,CAAuC,UAAUC,UAAV,EAAsB;AAC3D,QAAIC,KAAK,CAACC,OAAN,CAAcjB,WAAW,CAACe,UAAD,CAAzB,CAAJ,EAA4C;AAC1Cf,MAAAA,WAAW,CAACe,UAAD,CAAX,GAA0Bf,WAAW,CAACe,UAAD,CAAX,CAAwBG,IAAxB,CAA6B,GAA7B,CAA1B;AACD;AACF,GAJD;;AAMA,MAAIvB,WAAW,CAACG,YAAZ,CAAyBC,OAAzB,CAAiC,UAAjC,MAAiD,CAAC,CAAlD,IACFJ,WAAW,CAACwB,MAAZ,CAAmBpB,OAAnB,CAA2B,QAA3B,MAAyC,CAAC,CAD5C,EAC+C;AAC7C,UAAM,IAAIF,oBAAJ,CAAiB,mFAAjB,CAAN;AACD,GAHD,MAGO;AACLG,IAAAA,WAAW,CAACoB,KAAZ,GAAoBzB,WAAW,CAACwB,MAAZ,CAAmBD,IAAnB,CAAwB,GAAxB,CAApB;AACD;;AAED,SAAOlB,WAAP;AACD;;AAEM,SAASqB,oBAAT,CAA8B1B,WAA9B,EAAwD;AAC7D,MAAI2B,gBAAgB,GAAG5B,+BAA+B,CAACC,WAAD,CAAtD;AACA,SAAO,yBAAc,EACnB,GAAG2B,gBADgB;AAEnB,QAAI3B,WAAW,CAAC4B,WAAZ,IAA2B,EAAE,GAAG5B,WAAW,CAAC4B;AAAjB,KAA/B;AAFmB,GAAd,CAAP;AAID","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { isString, removeNils, toQueryString } from '../../util';\nimport { AuthSdkError } from '../../errors';\nimport { OAuthParams, TokenParams } from '../../types';\n\nexport function convertTokenParamsToOAuthParams(tokenParams: TokenParams) {\n // Quick validation\n if (!tokenParams.clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');\n }\n\n if (isString(tokenParams.responseType) && tokenParams.responseType.indexOf(' ') !== -1) {\n throw new AuthSdkError('Multiple OAuth responseTypes must be defined as an array');\n }\n\n // Convert our params to their actual OAuth equivalents\n var oauthParams: OAuthParams = {\n 'client_id': tokenParams.clientId,\n 'code_challenge': tokenParams.codeChallenge,\n 'code_challenge_method': tokenParams.codeChallengeMethod,\n 'display': tokenParams.display,\n 'idp': tokenParams.idp,\n 'idp_scope': tokenParams.idpScope,\n 'login_hint': tokenParams.loginHint,\n 'max_age': tokenParams.maxAge,\n 'nonce': tokenParams.nonce,\n 'prompt': tokenParams.prompt,\n 'redirect_uri': tokenParams.redirectUri,\n 'response_mode': tokenParams.responseMode,\n 'response_type': tokenParams.responseType,\n 'sessionToken': tokenParams.sessionToken,\n 'state': tokenParams.state,\n };\n oauthParams = removeNils(oauthParams) as OAuthParams;\n\n ['idp_scope', 'response_type'].forEach(function (mayBeArray) {\n if (Array.isArray(oauthParams[mayBeArray])) {\n oauthParams[mayBeArray] = oauthParams[mayBeArray].join(' ');\n }\n });\n\n if (tokenParams.responseType.indexOf('id_token') !== -1 &&\n tokenParams.scopes.indexOf('openid') === -1) {\n throw new AuthSdkError('openid scope must be specified in the scopes argument when requesting an id_token');\n } else {\n oauthParams.scope = tokenParams.scopes.join(' ');\n }\n\n return oauthParams;\n}\n\nexport function buildAuthorizeParams(tokenParams: TokenParams) {\n var oauthQueryParams = convertTokenParamsToOAuthParams(tokenParams);\n return toQueryString({ \n ...oauthQueryParams, \n ...(tokenParams.extraParams && { ...tokenParams.extraParams })\n });\n}\n"],"file":"authorize.js"}
|
|
@@ -44,10 +44,7 @@ function getWithRedirect(sdk, options) {
|
|
|
44
44
|
codeVerifier,
|
|
45
45
|
codeChallenge,
|
|
46
46
|
codeChallengeMethod
|
|
47
|
-
} = tokenParams;
|
|
48
|
-
// This is needed to support continue flow in another tab.
|
|
49
|
-
|
|
50
|
-
const originalUri = sdk.getOriginalUri();
|
|
47
|
+
} = tokenParams;
|
|
51
48
|
const oauthMeta = {
|
|
52
49
|
issuer,
|
|
53
50
|
responseType,
|
|
@@ -60,8 +57,7 @@ function getWithRedirect(sdk, options) {
|
|
|
60
57
|
redirectUri,
|
|
61
58
|
codeVerifier,
|
|
62
59
|
codeChallenge,
|
|
63
|
-
codeChallengeMethod
|
|
64
|
-
originalUri
|
|
60
|
+
codeChallengeMethod
|
|
65
61
|
};
|
|
66
62
|
sdk.transactionManager.save(oauthMeta, {
|
|
67
63
|
oauth: true
|