@okta/okta-auth-js 5.7.0 → 5.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/cjs/OktaAuth.js +56 -32
- package/cjs/OktaAuth.js.map +1 -1
- package/cjs/OktaUserAgent.js +2 -2
- package/cjs/StorageManager.js +8 -0
- package/cjs/StorageManager.js.map +1 -1
- package/cjs/TransactionManager.js +19 -11
- package/cjs/TransactionManager.js.map +1 -1
- package/cjs/constants.js +3 -1
- package/cjs/constants.js.map +1 -1
- package/cjs/idx/interact.js +5 -2
- package/cjs/idx/interact.js.map +1 -1
- package/cjs/idx/introspect.js +24 -7
- package/cjs/idx/introspect.js.map +1 -1
- package/cjs/idx/remediate.js +21 -25
- package/cjs/idx/remediate.js.map +1 -1
- package/cjs/idx/run.js +28 -6
- package/cjs/idx/run.js.map +1 -1
- package/cjs/idx/transactionMeta.js +21 -8
- package/cjs/idx/transactionMeta.js.map +1 -1
- package/cjs/idx/types/idx-js.js +5 -0
- package/cjs/idx/types/idx-js.js.map +1 -1
- package/cjs/idx/types/index.js.map +1 -1
- package/cjs/oidc/getWithRedirect.js +2 -6
- package/cjs/oidc/getWithRedirect.js.map +1 -1
- package/cjs/oidc/util/loginRedirect.js +9 -5
- package/cjs/oidc/util/loginRedirect.js.map +1 -1
- package/cjs/oidc/util/urlParams.js +1 -1
- package/cjs/oidc/util/urlParams.js.map +1 -1
- package/cjs/options.js +12 -2
- package/cjs/options.js.map +1 -1
- package/cjs/server/serverStorage.js +2 -1
- package/cjs/server/serverStorage.js.map +1 -1
- package/cjs/util/emailVerify.js +28 -0
- package/cjs/util/emailVerify.js.map +1 -0
- package/cjs/util/index.js +13 -0
- package/cjs/util/index.js.map +1 -1
- package/dist/okta-auth-js.min.js +2 -74
- package/dist/okta-auth-js.min.js.LICENSE.txt +32 -0
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.polyfill.js +2 -18
- package/dist/okta-auth-js.polyfill.js.LICENSE.txt +18 -0
- package/dist/okta-auth-js.polyfill.js.map +1 -1
- package/dist/okta-auth-js.umd.js +2 -74
- package/dist/okta-auth-js.umd.js.LICENSE.txt +32 -0
- package/dist/okta-auth-js.umd.js.map +1 -1
- package/esm/OktaAuth.js +57 -33
- package/esm/OktaAuth.js.map +1 -1
- package/esm/OktaUserAgent.js +2 -2
- package/esm/StorageManager.js +9 -1
- package/esm/StorageManager.js.map +1 -1
- package/esm/TransactionManager.js +19 -11
- package/esm/TransactionManager.js.map +1 -1
- package/esm/constants.js +1 -0
- package/esm/constants.js.map +1 -1
- package/esm/idx/interact.js +5 -2
- package/esm/idx/interact.js.map +1 -1
- package/esm/idx/introspect.js +22 -6
- package/esm/idx/introspect.js.map +1 -1
- package/esm/idx/remediate.js +22 -22
- package/esm/idx/remediate.js.map +1 -1
- package/esm/idx/run.js +27 -6
- package/esm/idx/run.js.map +1 -1
- package/esm/idx/transactionMeta.js +20 -9
- package/esm/idx/transactionMeta.js.map +1 -1
- package/esm/idx/types/idx-js.js +3 -0
- package/esm/idx/types/idx-js.js.map +1 -1
- package/esm/idx/types/index.js.map +1 -1
- package/esm/oidc/getWithRedirect.js +2 -6
- package/esm/oidc/getWithRedirect.js.map +1 -1
- package/esm/oidc/util/loginRedirect.js +9 -5
- package/esm/oidc/util/loginRedirect.js.map +1 -1
- package/esm/oidc/util/urlParams.js +1 -1
- package/esm/oidc/util/urlParams.js.map +1 -1
- package/esm/options.js +12 -2
- package/esm/options.js.map +1 -1
- package/esm/server/serverStorage.js +2 -1
- package/esm/server/serverStorage.js.map +1 -1
- package/esm/util/emailVerify.js +21 -0
- package/esm/util/emailVerify.js.map +1 -0
- package/esm/util/index.js +1 -0
- package/esm/util/index.js.map +1 -1
- package/lib/OktaAuth.d.ts +6 -3
- package/lib/StorageManager.d.ts +1 -0
- package/lib/TransactionManager.d.ts +4 -1
- package/lib/constants.d.ts +1 -0
- package/lib/crypto/base64.d.ts +2 -2
- package/lib/crypto/oidcHash.d.ts +1 -1
- package/lib/crypto/verifyToken.d.ts +1 -1
- package/lib/idx/introspect.d.ts +2 -1
- package/lib/idx/run.d.ts +1 -0
- package/lib/idx/transactionMeta.d.ts +4 -3
- package/lib/idx/types/idx-js.d.ts +1 -0
- package/lib/idx/types/index.d.ts +2 -1
- package/lib/oidc/util/loginRedirect.d.ts +1 -1
- package/lib/util/emailVerify.d.ts +17 -0
- package/lib/util/index.d.ts +1 -0
- package/package.json +11 -10
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/types/idx-js.ts"],"names":["isRawIdxResponse","obj","version"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA;AA2EA;AAaA,OAAO,SAASA,gBAAT,CAA0BC,GAA1B,EAA2D;AAChE,SAAOA,GAAG,IAAIA,GAAG,CAACC,OAAlB;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n// TODO: remove when idx-js provides type information\n\nexport interface IdxAuthenticatorMethod {\n type: string;\n}\nexport interface IdxAuthenticator {\n displayName: string;\n id: string;\n key: string;\n methods: IdxAuthenticatorMethod[];\n type: string;\n settings?: {\n complexity?: unknown;\n age?: unknown;\n };\n contextualData?: unknown;\n}\n\nexport interface IdxForm {\n value: IdxRemediationValue[];\n}\n\nexport interface IdxOption {\n value: string | { form: IdxForm };\n label: string;\n relatesTo?: IdxAuthenticator;\n}\n\nexport interface IdpConfig {\n id: string;\n name: string;\n}\n\nexport interface IdxRemediationValue {\n name: string;\n type?: string;\n required?: boolean;\n secret?: boolean;\n value?: string;\n label?: string;\n form?: IdxForm;\n options?: IdxOption[];\n messages?: IdxMessages;\n minLength?: number;\n maxLength?: number;\n}\n\nexport interface IdxRemediation {\n name: string;\n label?: string;\n value?: IdxRemediationValue[];\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n idp?: IdpConfig;\n href?: string;\n method?: string;\n type?: string;\n}\n\nexport interface IdxMessage {\n message: string;\n class: string;\n i18n: {\n key: string;\n params?: unknown[];\n };\n}\n\nexport interface IdxMessages {\n type: 'array';\n value: IdxMessage[];\n}\n\n// JSON response from the server\nexport interface RawIdxResponse {\n version: string;\n stateHandle: string;\n intent?: string;\n expiresAt?: string;\n remediation?: {\n type: 'array';\n value: IdxRemediation[];\n };\n messages?: IdxMessages;\n}\n\nexport function isRawIdxResponse(obj: any): obj is RawIdxResponse {\n return obj && obj.version;\n}\n\n\nexport interface IdxActions {\n [key: string]: Function;\n}\n\n// Object returned from idx-js\nexport interface IdxResponse {\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n toPersist: {\n interactionHandle?: string;\n };\n}\n"],"file":"idx-js.js"}
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/types/idx-js.ts"],"names":["isRawIdxResponse","obj","version","isIdxResponse","rawIdxState"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA;AA2EA;AAaA,OAAO,SAASA,gBAAT,CAA0BC,GAA1B,EAA2D;AAChE,SAAOA,GAAG,IAAIA,GAAG,CAACC,OAAlB;AACD;AAmBD,OAAO,SAASC,aAAT,CAAuBF,GAAvB,EAAqD;AAC1D,SAAOA,GAAG,IAAID,gBAAgB,CAACC,GAAG,CAACG,WAAL,CAA9B;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n// TODO: remove when idx-js provides type information\n\nexport interface IdxAuthenticatorMethod {\n type: string;\n}\nexport interface IdxAuthenticator {\n displayName: string;\n id: string;\n key: string;\n methods: IdxAuthenticatorMethod[];\n type: string;\n settings?: {\n complexity?: unknown;\n age?: unknown;\n };\n contextualData?: unknown;\n}\n\nexport interface IdxForm {\n value: IdxRemediationValue[];\n}\n\nexport interface IdxOption {\n value: string | { form: IdxForm };\n label: string;\n relatesTo?: IdxAuthenticator;\n}\n\nexport interface IdpConfig {\n id: string;\n name: string;\n}\n\nexport interface IdxRemediationValue {\n name: string;\n type?: string;\n required?: boolean;\n secret?: boolean;\n value?: string;\n label?: string;\n form?: IdxForm;\n options?: IdxOption[];\n messages?: IdxMessages;\n minLength?: number;\n maxLength?: number;\n}\n\nexport interface IdxRemediation {\n name: string;\n label?: string;\n value?: IdxRemediationValue[];\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n idp?: IdpConfig;\n href?: string;\n method?: string;\n type?: string;\n}\n\nexport interface IdxMessage {\n message: string;\n class: string;\n i18n: {\n key: string;\n params?: unknown[];\n };\n}\n\nexport interface IdxMessages {\n type: 'array';\n value: IdxMessage[];\n}\n\n// JSON response from the server\nexport interface RawIdxResponse {\n version: string;\n stateHandle: string;\n intent?: string;\n expiresAt?: string;\n remediation?: {\n type: 'array';\n value: IdxRemediation[];\n };\n messages?: IdxMessages;\n}\n\nexport function isRawIdxResponse(obj: any): obj is RawIdxResponse {\n return obj && obj.version;\n}\n\n\nexport interface IdxActions {\n [key: string]: Function;\n}\n\n// Object returned from idx-js\nexport interface IdxResponse {\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n toPersist: {\n interactionHandle?: string;\n };\n}\n\nexport function isIdxResponse(obj: any): obj is IdxResponse {\n return obj && isRawIdxResponse(obj.rawIdxState);\n}\n"],"file":"idx-js.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/types/index.ts"],"names":["IdxMessage","AuthenticationOptions","RegistrationOptions","PasswordRecoveryOptions","CancelOptions","IdxStatus","AuthenticatorKey","IdxFeature"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAQA,SAASA,UAAT,QAA2B,UAA3B;AACA,SAASC,qBAAT,QAAsC,iBAAtC;AACA,SAASC,mBAAT,QAAoC,aAApC;AACA,SAASC,uBAAT,QAAwC,oBAAxC;AACA,SAASC,aAAT,QAA8B,WAA9B;AAEA,WAAYC,SAAZ;;WAAYA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;GAAAA,S,KAAAA,S;;AAQZ,WAAYC,gBAAZ;;WAAYA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;GAAAA,gB,KAAAA,gB;;AAyBZ,WAAYC,UAAZ;;WAAYA,U;AAAAA,EAAAA,U,CAAAA,U;AAAAA,EAAAA,U,CAAAA,U;AAAAA,EAAAA,U,CAAAA,U;GAAAA,U,KAAAA,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { InteractOptions } from '../interact';\nimport { APIError, Tokens } from '../../types';\nimport { IdxTransactionMeta } from '../../types/Transaction';\nimport { IdxAuthenticator, IdxMessage, IdxOption } from './idx-js';\n\nexport { IdxMessage } from './idx-js';\nexport { AuthenticationOptions } from '../authenticate';\nexport { RegistrationOptions } from '../register';\nexport { PasswordRecoveryOptions } from '../recoverPassword';\nexport { CancelOptions } from '../cancel';\n\nexport enum IdxStatus {\n SUCCESS = 'SUCCESS',\n PENDING = 'PENDING',\n FAILURE = 'FAILURE',\n TERMINAL = 'TERMINAL',\n CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n OKTA_PASSWORD = 'okta_password',\n OKTA_EMAIL = 'okta_email',\n OKTA_VERIFIER = 'okta_verifier',\n PHONE_NUMBER = 'phone_number',\n GOOGLE_AUTHENTICATOR = 'google_otp',\n}\n\nexport type Input = {\n name: string;\n label?: string;\n value?: string;\n secret?: boolean;\n required?: boolean;\n}\n\nexport type NextStep = {\n name: string;\n authenticator?: IdxAuthenticator;\n canSkip?: boolean;\n canResend?: boolean;\n inputs?: Input[];\n options?: IdxOption[];\n}\n\nexport enum IdxFeature {\n PASSWORD_RECOVERY,\n REGISTRATION,\n SOCIAL_IDP,\n}\n\nexport interface IdxTransaction {\n status: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n}\n\nexport type IdxOptions = InteractOptions;\n\nexport type Authenticator = {\n key: string;\n methodType?: string;\n phoneNumber?: string;\n};\n"],"file":"index.js"}
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/types/index.ts"],"names":["IdxMessage","AuthenticationOptions","RegistrationOptions","PasswordRecoveryOptions","CancelOptions","IdxStatus","AuthenticatorKey","IdxFeature"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAQA,SAASA,UAAT,QAA2B,UAA3B;AACA,SAASC,qBAAT,QAAsC,iBAAtC;AACA,SAASC,mBAAT,QAAoC,aAApC;AACA,SAASC,uBAAT,QAAwC,oBAAxC;AACA,SAASC,aAAT,QAA8B,WAA9B;AAEA,WAAYC,SAAZ;;WAAYA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;GAAAA,S,KAAAA,S;;AAQZ,WAAYC,gBAAZ;;WAAYA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;GAAAA,gB,KAAAA,gB;;AAyBZ,WAAYC,UAAZ;;WAAYA,U;AAAAA,EAAAA,U,CAAAA,U;AAAAA,EAAAA,U,CAAAA,U;AAAAA,EAAAA,U,CAAAA,U;GAAAA,U,KAAAA,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { InteractOptions } from '../interact';\nimport { APIError, Tokens } from '../../types';\nimport { IdxTransactionMeta } from '../../types/Transaction';\nimport { IdxAuthenticator, IdxMessage, IdxOption, IdxResponse } from './idx-js';\n\nexport { IdxMessage } from './idx-js';\nexport { AuthenticationOptions } from '../authenticate';\nexport { RegistrationOptions } from '../register';\nexport { PasswordRecoveryOptions } from '../recoverPassword';\nexport { CancelOptions } from '../cancel';\n\nexport enum IdxStatus {\n SUCCESS = 'SUCCESS',\n PENDING = 'PENDING',\n FAILURE = 'FAILURE',\n TERMINAL = 'TERMINAL',\n CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n OKTA_PASSWORD = 'okta_password',\n OKTA_EMAIL = 'okta_email',\n OKTA_VERIFIER = 'okta_verifier',\n PHONE_NUMBER = 'phone_number',\n GOOGLE_AUTHENTICATOR = 'google_otp',\n}\n\nexport type Input = {\n name: string;\n label?: string;\n value?: string;\n secret?: boolean;\n required?: boolean;\n}\n\nexport type NextStep = {\n name: string;\n authenticator?: IdxAuthenticator;\n canSkip?: boolean;\n canResend?: boolean;\n inputs?: Input[];\n options?: IdxOption[];\n}\n\nexport enum IdxFeature {\n PASSWORD_RECOVERY,\n REGISTRATION,\n SOCIAL_IDP,\n}\n\nexport interface IdxTransaction {\n status: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n _idxResponse?: IdxResponse; // Temporary for widget conversion. Will not be supported long-term. OKTA-418165\n}\n\nexport type IdxOptions = InteractOptions;\n\nexport type Authenticator = {\n key: string;\n methodType?: string;\n phoneNumber?: string;\n};\n"],"file":"index.js"}
|
|
@@ -36,10 +36,7 @@ export function getWithRedirect(sdk, options) {
|
|
|
36
36
|
codeVerifier,
|
|
37
37
|
codeChallenge,
|
|
38
38
|
codeChallengeMethod
|
|
39
|
-
} = tokenParams;
|
|
40
|
-
// This is needed to support continue flow in another tab.
|
|
41
|
-
|
|
42
|
-
var originalUri = sdk.getOriginalUri();
|
|
39
|
+
} = tokenParams;
|
|
43
40
|
var oauthMeta = {
|
|
44
41
|
issuer,
|
|
45
42
|
responseType,
|
|
@@ -52,8 +49,7 @@ export function getWithRedirect(sdk, options) {
|
|
|
52
49
|
redirectUri,
|
|
53
50
|
codeVerifier,
|
|
54
51
|
codeChallenge,
|
|
55
|
-
codeChallengeMethod
|
|
56
|
-
originalUri
|
|
52
|
+
codeChallengeMethod
|
|
57
53
|
};
|
|
58
54
|
sdk.transactionManager.save(oauthMeta, {
|
|
59
55
|
oauth: true
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/oidc/getWithRedirect.ts"],"names":["AuthSdkError","clone","getOAuthUrls","prepareTokenParams","buildAuthorizeParams","getWithRedirect","sdk","options","arguments","length","Promise","reject","then","tokenParams","urls","requestUrl","authorizeUrl","issuer","responseType","state","nonce","scopes","clientId","ignoreSignature","redirectUri","codeVerifier","codeChallenge","codeChallengeMethod","
|
|
1
|
+
{"version":3,"sources":["../../../lib/oidc/getWithRedirect.ts"],"names":["AuthSdkError","clone","getOAuthUrls","prepareTokenParams","buildAuthorizeParams","getWithRedirect","sdk","options","arguments","length","Promise","reject","then","tokenParams","urls","requestUrl","authorizeUrl","issuer","responseType","state","nonce","scopes","clientId","ignoreSignature","redirectUri","codeVerifier","codeChallenge","codeChallengeMethod","oauthMeta","transactionManager","save","oauth","token","_setLocation"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,YAAT,QAA6B,WAA7B;AAEA,SAASC,KAAT,QAAsB,SAAtB;AACA,SAASC,YAAT,EAAuBC,kBAAvB,QAAiD,QAAjD;AACA,SAASC,oBAAT,QAAqC,uBAArC;AAEA,OAAO,SAASC,eAAT,CAAyBC,GAAzB,EAAwCC,OAAxC,EAA6E;AAClF,MAAIC,SAAS,CAACC,MAAV,GAAmB,CAAvB,EAA0B;AACxB,WAAOC,OAAO,CAACC,MAAR,CAAe,IAAIX,YAAJ,CAAiB,yEAAjB,CAAf,CAAP;AACD;;AAEDO,EAAAA,OAAO,GAAGN,KAAK,CAACM,OAAD,CAAL,IAAkB,EAA5B;AAEA,SAAOJ,kBAAkB,CAACG,GAAD,EAAMC,OAAN,CAAlB,CACJK,IADI,CACC,UAAUC,WAAV,EAAoC;AACxC,QAAMC,IAAI,GAAGZ,YAAY,CAACI,GAAD,EAAMC,OAAN,CAAzB;AACA,QAAMQ,UAAU,GAAGD,IAAI,CAACE,YAAL,GAAoBZ,oBAAoB,CAACS,WAAD,CAA3D;AACA,QAAMI,MAAM,GAAGX,GAAG,CAACC,OAAJ,CAAYU,MAA3B,CAHwC,CAKxC;;AACA,QAAM;AACJC,MAAAA,YADI;AAEJC,MAAAA,KAFI;AAGJC,MAAAA,KAHI;AAIJC,MAAAA,MAJI;AAKJC,MAAAA,QALI;AAMJC,MAAAA,eANI;AAOJC,MAAAA,WAPI;AAQJC,MAAAA,YARI;AASJC,MAAAA,aATI;AAUJC,MAAAA;AAVI,QAWFd,WAXJ;AAaA,QAAMe,SAA0B,GAAG;AACjCX,MAAAA,MADiC;AAEjCC,MAAAA,YAFiC;AAGjCC,MAAAA,KAHiC;AAIjCC,MAAAA,KAJiC;AAKjCC,MAAAA,MALiC;AAMjCC,MAAAA,QANiC;AAOjCR,MAAAA,IAPiC;AAQjCS,MAAAA,eARiC;AASjCC,MAAAA,WATiC;AAUjCC,MAAAA,YAViC;AAWjCC,MAAAA,aAXiC;AAYjCC,MAAAA;AAZiC,KAAnC;AAeArB,IAAAA,GAAG,CAACuB,kBAAJ,CAAuBC,IAAvB,CAA4BF,SAA5B,EAAuC;AAAEG,MAAAA,KAAK,EAAE;AAAT,KAAvC;;AACAzB,IAAAA,GAAG,CAAC0B,KAAJ,CAAU3B,eAAV,CAA0B4B,YAA1B,CAAuClB,UAAvC;AACD,GArCI,CAAP;AAsCD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { OktaAuth, TokenParams, TransactionMeta } from '../types';\nimport { clone } from '../util';\nimport { getOAuthUrls, prepareTokenParams } from './util';\nimport { buildAuthorizeParams } from './endpoints/authorize';\n\nexport function getWithRedirect(sdk: OktaAuth, options: TokenParams): Promise<void> {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getWithRedirect\" takes only a single set of options'));\n }\n\n options = clone(options) || {};\n\n return prepareTokenParams(sdk, options)\n .then(function (tokenParams: TokenParams) {\n const urls = getOAuthUrls(sdk, options);\n const requestUrl = urls.authorizeUrl + buildAuthorizeParams(tokenParams);\n const issuer = sdk.options.issuer;\n\n // Gather the values we want to save in the transaction\n const {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n ignoreSignature,\n redirectUri,\n codeVerifier,\n codeChallenge,\n codeChallengeMethod,\n } = tokenParams;\n\n const oauthMeta: TransactionMeta = {\n issuer,\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature,\n redirectUri,\n codeVerifier,\n codeChallenge,\n codeChallengeMethod\n };\n\n sdk.transactionManager.save(oauthMeta, { oauth: true });\n sdk.token.getWithRedirect._setLocation(requestUrl);\n });\n}\n"],"file":"getWithRedirect.js"}
|
|
@@ -72,13 +72,17 @@ export function isLoginRedirect(sdk) {
|
|
|
72
72
|
* the social auth IDP redirect flow.
|
|
73
73
|
*/
|
|
74
74
|
|
|
75
|
-
export function isInteractionRequired(sdk) {
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
75
|
+
export function isInteractionRequired(sdk, hashOrSearch) {
|
|
76
|
+
if (!hashOrSearch) {
|
|
77
|
+
// web only
|
|
78
|
+
// First check, is this a redirect URI?
|
|
79
|
+
if (!isLoginRedirect(sdk)) {
|
|
80
|
+
return false;
|
|
81
|
+
}
|
|
82
|
+
|
|
83
|
+
hashOrSearch = getHashOrSearch(sdk.options);
|
|
79
84
|
}
|
|
80
85
|
|
|
81
|
-
var hashOrSearch = getHashOrSearch(sdk.options);
|
|
82
86
|
return /(error=interaction_required)/i.test(hashOrSearch);
|
|
83
87
|
}
|
|
84
88
|
//# sourceMappingURL=loginRedirect.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/oidc/util/loginRedirect.ts"],"names":["hasTokensInHash","hash","test","hasAuthorizationCode","hashOrSearch","hasInteractionCode","hasErrorInUrl","isRedirectUri","uri","sdk","authParams","options","indexOf","redirectUri","isCodeFlow","pkce","responseType","responseMode","getHashOrSearch","codeFlow","useQuery","window","location","search","isLoginRedirect","href","hasCode","isInteractionRequired"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AACA;AAGA,OAAO,SAASA,eAAT,CAAyBC,IAAzB,EAAgD;AACrD,SAAO,wBAAwBC,IAAxB,CAA6BD,IAA7B,CAAP;AACD,C,CAED;;AACA,OAAO,SAASE,oBAAT,CAA8BC,YAA9B,EAA6D;AAClE,SAAO,WAAWF,IAAX,CAAgBE,YAAhB,CAAP;AACD,C,CAED;;AACA,OAAO,SAASC,kBAAT,CAA4BD,YAA5B,EAA2D;AAChE,SAAO,uBAAuBF,IAAvB,CAA4BE,YAA5B,CAAP;AACD;AAED,OAAO,SAASE,aAAT,CAAuBF,YAAvB,EAAsD;AAC3D,SAAO,YAAYF,IAAZ,CAAiBE,YAAjB,KAAkC,uBAAuBF,IAAvB,CAA4BE,YAA5B,CAAzC;AACD;AAED,OAAO,SAASG,aAAT,CAAuBC,GAAvB,EAAoCC,GAApC,EAA4D;AACjE,MAAIC,UAAU,GAAGD,GAAG,CAACE,OAArB;AACA,SAAOH,GAAG,IAAIA,GAAG,CAACI,OAAJ,CAAYF,UAAU,CAACG,WAAvB,MAAwC,CAAtD;AACD;AAED,OAAO,SAASC,UAAT,CAAoBH,OAApB,EAA8C;AACnD,SAAOA,OAAO,CAACI,IAAR,IAAgBJ,OAAO,CAACK,YAAR,KAAyB,MAAzC,IAAmDL,OAAO,CAACM,YAAR,KAAyB,OAAnF;AACD;AAED,OAAO,SAASC,eAAT,CAAyBP,OAAzB,EAAmD;AACxD,MAAIQ,QAAQ,GAAGL,UAAU,CAACH,OAAD,CAAzB;AACA,MAAIS,QAAQ,GAAGD,QAAQ,IAAIR,OAAO,CAACM,YAAR,KAAyB,UAApD;AACA,SAAOG,QAAQ,GAAGC,MAAM,CAACC,QAAP,CAAgBC,MAAnB,GAA4BF,MAAM,CAACC,QAAP,CAAgBrB,IAA3D;AACD;AAED;AACA;AACA;AACA;;AACA,OAAO,SAASuB,eAAT,CAA0Bf,GAA1B,EAAyC;AAC9C;AACA,MAAI,CAACF,aAAa,CAACc,MAAM,CAACC,QAAP,CAAgBG,IAAjB,EAAuBhB,GAAvB,CAAlB,EAA8C;AAC5C,WAAO,KAAP;AACD,GAJ6C,CAM9C;;;AACA,MAAIU,QAAQ,GAAGL,UAAU,CAACL,GAAG,CAACE,OAAL,CAAzB;AACA,MAAIP,YAAY,GAAGc,eAAe,CAACT,GAAG,CAACE,OAAL,CAAlC;;AAEA,MAAIL,aAAa,CAACF,YAAD,CAAjB,EAAiC;AAC/B,WAAO,IAAP;AACD;;AAED,MAAIe,QAAJ,EAAc;AACZ,QAAIO,OAAO,GAAIvB,oBAAoB,CAACC,YAAD,CAApB,IAAsCC,kBAAkB,CAACD,YAAD,CAAvE;AACA,WAAOsB,OAAP;AACD,GAjB6C,CAmB9C;;;AACA,SAAO1B,eAAe,CAACqB,MAAM,CAACC,QAAP,CAAgBrB,IAAjB,CAAtB;AACD;AAED;AACA;AACA;AACA;;AACA,OAAO,SAAS0B,qBAAT,CAAgClB,GAAhC,EAA+C;
|
|
1
|
+
{"version":3,"sources":["../../../../lib/oidc/util/loginRedirect.ts"],"names":["hasTokensInHash","hash","test","hasAuthorizationCode","hashOrSearch","hasInteractionCode","hasErrorInUrl","isRedirectUri","uri","sdk","authParams","options","indexOf","redirectUri","isCodeFlow","pkce","responseType","responseMode","getHashOrSearch","codeFlow","useQuery","window","location","search","isLoginRedirect","href","hasCode","isInteractionRequired"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AACA;AAGA,OAAO,SAASA,eAAT,CAAyBC,IAAzB,EAAgD;AACrD,SAAO,wBAAwBC,IAAxB,CAA6BD,IAA7B,CAAP;AACD,C,CAED;;AACA,OAAO,SAASE,oBAAT,CAA8BC,YAA9B,EAA6D;AAClE,SAAO,WAAWF,IAAX,CAAgBE,YAAhB,CAAP;AACD,C,CAED;;AACA,OAAO,SAASC,kBAAT,CAA4BD,YAA5B,EAA2D;AAChE,SAAO,uBAAuBF,IAAvB,CAA4BE,YAA5B,CAAP;AACD;AAED,OAAO,SAASE,aAAT,CAAuBF,YAAvB,EAAsD;AAC3D,SAAO,YAAYF,IAAZ,CAAiBE,YAAjB,KAAkC,uBAAuBF,IAAvB,CAA4BE,YAA5B,CAAzC;AACD;AAED,OAAO,SAASG,aAAT,CAAuBC,GAAvB,EAAoCC,GAApC,EAA4D;AACjE,MAAIC,UAAU,GAAGD,GAAG,CAACE,OAArB;AACA,SAAOH,GAAG,IAAIA,GAAG,CAACI,OAAJ,CAAYF,UAAU,CAACG,WAAvB,MAAwC,CAAtD;AACD;AAED,OAAO,SAASC,UAAT,CAAoBH,OAApB,EAA8C;AACnD,SAAOA,OAAO,CAACI,IAAR,IAAgBJ,OAAO,CAACK,YAAR,KAAyB,MAAzC,IAAmDL,OAAO,CAACM,YAAR,KAAyB,OAAnF;AACD;AAED,OAAO,SAASC,eAAT,CAAyBP,OAAzB,EAAmD;AACxD,MAAIQ,QAAQ,GAAGL,UAAU,CAACH,OAAD,CAAzB;AACA,MAAIS,QAAQ,GAAGD,QAAQ,IAAIR,OAAO,CAACM,YAAR,KAAyB,UAApD;AACA,SAAOG,QAAQ,GAAGC,MAAM,CAACC,QAAP,CAAgBC,MAAnB,GAA4BF,MAAM,CAACC,QAAP,CAAgBrB,IAA3D;AACD;AAED;AACA;AACA;AACA;;AACA,OAAO,SAASuB,eAAT,CAA0Bf,GAA1B,EAAyC;AAC9C;AACA,MAAI,CAACF,aAAa,CAACc,MAAM,CAACC,QAAP,CAAgBG,IAAjB,EAAuBhB,GAAvB,CAAlB,EAA8C;AAC5C,WAAO,KAAP;AACD,GAJ6C,CAM9C;;;AACA,MAAIU,QAAQ,GAAGL,UAAU,CAACL,GAAG,CAACE,OAAL,CAAzB;AACA,MAAIP,YAAY,GAAGc,eAAe,CAACT,GAAG,CAACE,OAAL,CAAlC;;AAEA,MAAIL,aAAa,CAACF,YAAD,CAAjB,EAAiC;AAC/B,WAAO,IAAP;AACD;;AAED,MAAIe,QAAJ,EAAc;AACZ,QAAIO,OAAO,GAAIvB,oBAAoB,CAACC,YAAD,CAApB,IAAsCC,kBAAkB,CAACD,YAAD,CAAvE;AACA,WAAOsB,OAAP;AACD,GAjB6C,CAmB9C;;;AACA,SAAO1B,eAAe,CAACqB,MAAM,CAACC,QAAP,CAAgBrB,IAAjB,CAAtB;AACD;AAED;AACA;AACA;AACA;;AACA,OAAO,SAAS0B,qBAAT,CAAgClB,GAAhC,EAA+CL,YAA/C,EAAsE;AAC3E,MAAI,CAACA,YAAL,EAAmB;AAAE;AACnB;AACA,QAAI,CAACoB,eAAe,CAACf,GAAD,CAApB,EAA0B;AACxB,aAAO,KAAP;AACD;;AAEDL,IAAAA,YAAY,GAAGc,eAAe,CAACT,GAAG,CAACE,OAAL,CAA9B;AACD;;AACD,SAAO,gCAAgCT,IAAhC,CAAqCE,YAArC,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window */\n/* eslint-disable complexity, max-statements */\nimport { OktaAuth, OktaAuthOptions } from '../../types';\n\nexport function hasTokensInHash(hash: string): boolean {\n return /((id|access)_token=)/i.test(hash);\n}\n\n// authorization_code\nexport function hasAuthorizationCode(hashOrSearch: string): boolean {\n return /(code=)/i.test(hashOrSearch);\n}\n\n// interaction_code\nexport function hasInteractionCode(hashOrSearch: string): boolean {\n return /(interaction_code=)/i.test(hashOrSearch);\n}\n\nexport function hasErrorInUrl(hashOrSearch: string): boolean {\n return /(error=)/i.test(hashOrSearch) || /(error_description)/i.test(hashOrSearch);\n}\n\nexport function isRedirectUri(uri: string, sdk: OktaAuth): boolean {\n var authParams = sdk.options;\n return uri && uri.indexOf(authParams.redirectUri) === 0;\n}\n\nexport function isCodeFlow(options: OktaAuthOptions) {\n return options.pkce || options.responseType === 'code' || options.responseMode === 'query';\n}\n\nexport function getHashOrSearch(options: OktaAuthOptions) {\n var codeFlow = isCodeFlow(options);\n var useQuery = codeFlow && options.responseMode !== 'fragment';\n return useQuery ? window.location.search : window.location.hash;\n}\n\n/**\n * Check if tokens or a code have been passed back into the url, which happens in\n * the OIDC (including social auth IDP) redirect flow.\n */\nexport function isLoginRedirect (sdk: OktaAuth) {\n // First check, is this a redirect URI?\n if (!isRedirectUri(window.location.href, sdk)){\n return false;\n }\n\n // The location contains either a code, token, or an error + error_description\n var codeFlow = isCodeFlow(sdk.options);\n var hashOrSearch = getHashOrSearch(sdk.options);\n\n if (hasErrorInUrl(hashOrSearch)) {\n return true;\n }\n\n if (codeFlow) {\n var hasCode = hasAuthorizationCode(hashOrSearch) || hasInteractionCode(hashOrSearch);\n return hasCode;\n }\n\n // implicit flow, will always be hash fragment\n return hasTokensInHash(window.location.hash);\n}\n\n/**\n * Check if error=interaction_required has been passed back in the url, which happens in\n * the social auth IDP redirect flow.\n */\nexport function isInteractionRequired (sdk: OktaAuth, hashOrSearch?: string) {\n if (!hashOrSearch) { // web only\n // First check, is this a redirect URI?\n if (!isLoginRedirect(sdk)){\n return false;\n }\n \n hashOrSearch = getHashOrSearch(sdk.options);\n }\n return /(error=interaction_required)/i.test(hashOrSearch);\n}"],"file":"loginRedirect.js"}
|
|
@@ -16,7 +16,7 @@ export function urlParamsToObject(hashOrSearch) {
|
|
|
16
16
|
// Predefine regexs for parsing hash
|
|
17
17
|
var plus2space = /\+/g;
|
|
18
18
|
var paramSplit = /([^&=]+)=?([^&]*)/g;
|
|
19
|
-
var fragment = hashOrSearch; // Some hash based routers will automatically add a / character after the hash
|
|
19
|
+
var fragment = hashOrSearch || ''; // Some hash based routers will automatically add a / character after the hash
|
|
20
20
|
|
|
21
21
|
if (fragment.charAt(0) === '#' && fragment.charAt(1) === '/') {
|
|
22
22
|
fragment = fragment.substring(2);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/oidc/util/urlParams.ts"],"names":["urlParamsToObject","hashOrSearch","plus2space","paramSplit","fragment","charAt","substring","obj","param","exec","key","value","decodeURIComponent","replace"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AAEA,OAAO,SAASA,iBAAT,CAA2BC,YAA3B,EAAiD;AACtD;AACA,MAAIC,UAAU,GAAG,KAAjB;AACA,MAAIC,UAAU,GAAG,oBAAjB;AACA,MAAIC,QAAQ,GAAGH,
|
|
1
|
+
{"version":3,"sources":["../../../../lib/oidc/util/urlParams.ts"],"names":["urlParamsToObject","hashOrSearch","plus2space","paramSplit","fragment","charAt","substring","obj","param","exec","key","value","decodeURIComponent","replace"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AAEA,OAAO,SAASA,iBAAT,CAA2BC,YAA3B,EAAiD;AACtD;AACA,MAAIC,UAAU,GAAG,KAAjB;AACA,MAAIC,UAAU,GAAG,oBAAjB;AACA,MAAIC,QAAQ,GAAGH,YAAY,IAAI,EAA/B,CAJsD,CAMtD;;AACA,MAAIG,QAAQ,CAACC,MAAT,CAAgB,CAAhB,MAAuB,GAAvB,IAA8BD,QAAQ,CAACC,MAAT,CAAgB,CAAhB,MAAuB,GAAzD,EAA8D;AAC5DD,IAAAA,QAAQ,GAAGA,QAAQ,CAACE,SAAT,CAAmB,CAAnB,CAAX;AACD,GATqD,CAWtD;;;AACA,MAAIF,QAAQ,CAACC,MAAT,CAAgB,CAAhB,MAAuB,GAAvB,IAA8BD,QAAQ,CAACC,MAAT,CAAgB,CAAhB,MAAuB,GAAzD,EAA8D;AAC5DD,IAAAA,QAAQ,GAAGA,QAAQ,CAACE,SAAT,CAAmB,CAAnB,CAAX;AACD;;AAGD,MAAIC,GAAG,GAAG,EAAV,CAjBsD,CAmBtD;;AACA,MAAIC,KAAJ;;AACA,SAAO,IAAP,EAAa;AAAE;AACbA,IAAAA,KAAK,GAAGL,UAAU,CAACM,IAAX,CAAgBL,QAAhB,CAAR;;AACA,QAAI,CAACI,KAAL,EAAY;AAAE;AAAQ;;AAEtB,QAAIE,GAAG,GAAGF,KAAK,CAAC,CAAD,CAAf;AACA,QAAIG,KAAK,GAAGH,KAAK,CAAC,CAAD,CAAjB,CALW,CAOX;;AACA,QAAIE,GAAG,KAAK,UAAR,IAAsBA,GAAG,KAAK,cAA9B,IAAgDA,GAAG,KAAK,MAA5D,EAAoE;AAClEH,MAAAA,GAAG,CAACG,GAAD,CAAH,GAAWC,KAAX;AACD,KAFD,MAEO;AACLJ,MAAAA,GAAG,CAACG,GAAD,CAAH,GAAWE,kBAAkB,CAACD,KAAK,CAACE,OAAN,CAAcX,UAAd,EAA0B,GAA1B,CAAD,CAA7B;AACD;AACF;;AACD,SAAOK,GAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* eslint-disable complexity, max-statements */\n\nexport function urlParamsToObject(hashOrSearch: string) {\n // Predefine regexs for parsing hash\n var plus2space = /\\+/g;\n var paramSplit = /([^&=]+)=?([^&]*)/g;\n var fragment = hashOrSearch || '';\n\n // Some hash based routers will automatically add a / character after the hash\n if (fragment.charAt(0) === '#' && fragment.charAt(1) === '/') {\n fragment = fragment.substring(2);\n }\n\n // Remove the leading # or ?\n if (fragment.charAt(0) === '#' || fragment.charAt(0) === '?') {\n fragment = fragment.substring(1);\n }\n\n\n var obj = {};\n\n // Loop until we have no more params\n var param;\n while (true) { // eslint-disable-line no-constant-condition\n param = paramSplit.exec(fragment);\n if (!param) { break; }\n\n var key = param[1];\n var value = param[2];\n\n // id_token should remain base64url encoded\n if (key === 'id_token' || key === 'access_token' || key === 'code') {\n obj[key] = value;\n } else {\n obj[key] = decodeURIComponent(value.replace(plus2space, ' '));\n }\n }\n return obj;\n}\n"],"file":"urlParams.js"}
|
package/esm/options.js
CHANGED
|
@@ -30,6 +30,9 @@ var BROWSER_STORAGE = {
|
|
|
30
30
|
},
|
|
31
31
|
'shared-transaction': {
|
|
32
32
|
storageTypes: ['localStorage']
|
|
33
|
+
},
|
|
34
|
+
'original-uri': {
|
|
35
|
+
storageTypes: ['localStorage']
|
|
33
36
|
}
|
|
34
37
|
};
|
|
35
38
|
var SERVER_STORAGE = {
|
|
@@ -79,17 +82,23 @@ function getCookieSettings() {
|
|
|
79
82
|
export function getDefaultOptions() {
|
|
80
83
|
var storageUtil = isBrowser() ? browserStorage : serverStorage;
|
|
81
84
|
var storageManager = isBrowser() ? BROWSER_STORAGE : SERVER_STORAGE;
|
|
85
|
+
var enableSharedStorage = isBrowser() ? true : false; // localStorage for multi-tab flows (browser only)
|
|
86
|
+
|
|
82
87
|
return {
|
|
83
88
|
devMode: false,
|
|
84
89
|
httpRequestClient: fetchRequest,
|
|
85
90
|
storageUtil,
|
|
86
|
-
storageManager
|
|
91
|
+
storageManager,
|
|
92
|
+
transactionManager: {
|
|
93
|
+
enableSharedStorage
|
|
94
|
+
}
|
|
87
95
|
};
|
|
88
96
|
}
|
|
89
97
|
|
|
90
98
|
function mergeOptions(options, args) {
|
|
91
99
|
return Object.assign({}, options, removeNils(args), {
|
|
92
|
-
storageManager: Object.assign({}, options.storageManager, args.storageManager)
|
|
100
|
+
storageManager: Object.assign({}, options.storageManager, args.storageManager),
|
|
101
|
+
transactionManager: Object.assign({}, options.transactionManager, args.transactionManager)
|
|
93
102
|
});
|
|
94
103
|
}
|
|
95
104
|
|
|
@@ -124,6 +133,7 @@ export function buildOptions() {
|
|
|
124
133
|
headers: args.headers,
|
|
125
134
|
devMode: !!args.devMode,
|
|
126
135
|
storageManager: args.storageManager,
|
|
136
|
+
transactionManager: args.transactionManager,
|
|
127
137
|
cookies: isBrowser() ? getCookieSettings(args, isHTTPS()) : args.cookies,
|
|
128
138
|
// Give the developer the ability to disable token signature validation.
|
|
129
139
|
ignoreSignature: !!args.ignoreSignature,
|
package/esm/options.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../lib/options.ts"],"names":["removeTrailingSlash","warn","removeNils","assertValidConfig","fetchRequest","browserStorage","serverStorage","isBrowser","isHTTPS","BROWSER_STORAGE","token","storageTypes","useMultipleCookies","cache","transaction","SERVER_STORAGE","getCookieSettings","args","cookieSettings","cookies","secure","sameSite","getDefaultOptions","storageUtil","storageManager","devMode","httpRequestClient","mergeOptions","options","Object","assign","buildOptions","issuer","tokenUrl","authorizeUrl","userinfoUrl","revokeUrl","logoutUrl","clientId","redirectUri","state","scopes","postLogoutRedirectUri","responseMode","responseType","pkce","useInteractionCodeFlow","transformErrorXHR","transformAuthState","restoreOriginalUri","headers","ignoreSignature","clientSecret"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AACA,SAASA,mBAAT,EAA8BC,IAA9B,EAAoCC,UAApC,QAAsD,QAAtD;AACA,SAASC,iBAAT,QAAkC,eAAlC;AAGA,OAAOC,YAAP,MAAyB,sBAAzB;AACA,OAAOC,cAAP,MAA2B,0BAA3B;AACA,OAAOC,aAAP,MAA0B,wBAA1B;AACA,SAASC,SAAT,EAAoBC,OAApB,QAAmC,YAAnC;AAEA,IAAMC,eAAsC,GAAG;AAC7CC,EAAAA,KAAK,EAAE;AACLC,IAAAA,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY,CADT;AAMLC,IAAAA,kBAAkB,EAAE;AANf,GADsC;AAS7CC,EAAAA,KAAK,EAAE;AACLF,IAAAA,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY;AADT,GATsC;AAgB7CG,EAAAA,WAAW,EAAE;AACXH,IAAAA,YAAY,EAAE,CACZ,gBADY,EAEZ,cAFY,EAGZ,QAHY;AADH,GAhBgC;AAuB7C,wBAAsB;AACpBA,IAAAA,YAAY,EAAE,CACZ,cADY;AADM;AAvBuB,CAA/C;AA8BA,IAAMI,cAAqC,GAAG;AAC5CL,EAAAA,KAAK,EAAE;AACLC,IAAAA,YAAY,EAAE,CACZ,QADY;AADT,GADqC;AAM5CE,EAAAA,KAAK,EAAE;AACLF,IAAAA,YAAY,EAAE,CACZ,QADY;AADT,GANqC;AAW5CG,EAAAA,WAAW,EAAE;AACXH,IAAAA,YAAY,EAAE,CACZ,QADY;AADH;AAX+B,CAA9C;;AAkBA,SAASK,iBAAT,GAAyE;AAAA,MAA9CC,IAA8C,uEAAtB,EAAsB;AAAA,MAAlBT,OAAkB;AACvE;AACA;AACA;AACA,MAAIU,cAAc,GAAGD,IAAI,CAACE,OAAL,IAAgB,EAArC;;AACA,MAAI,OAAOD,cAAc,CAACE,MAAtB,KAAiC,WAArC,EAAkD;AAChDF,IAAAA,cAAc,CAACE,MAAf,GAAwBZ,OAAxB;AACD;;AACD,MAAI,OAAOU,cAAc,CAACG,QAAtB,KAAmC,WAAvC,EAAoD;AAClDH,IAAAA,cAAc,CAACG,QAAf,GAA0BH,cAAc,CAACE,MAAf,GAAwB,MAAxB,GAAiC,KAA3D;AACD,GAVsE,CAYvE;;;AACA,MAAIF,cAAc,CAACE,MAAf,IAAyB,CAACZ,OAA9B,EAAuC;AACrC;AACAP,IAAAA,IAAI,CACF,oEACA,4DADA,GAEA,gEAHE,CAAJ;AAKAiB,IAAAA,cAAc,CAACE,MAAf,GAAwB,KAAxB;AACD,GArBsE,CAuBvE;AACA;;;AACA,MAAIF,cAAc,CAACG,QAAf,KAA4B,MAA5B,IAAsC,CAACH,cAAc,CAACE,MAA1D,EAAkE;AAChEF,IAAAA,cAAc,CAACG,QAAf,GAA0B,KAA1B;AACD;;AAED,SAAOH,cAAP;AACD;;AAGD,OAAO,SAASI,iBAAT,GAA8C;AACnD,MAAMC,WAAW,GAAGhB,SAAS,KAAKF,cAAL,GAAsBC,aAAnD;AACA,MAAMkB,cAAc,GAAGjB,SAAS,KAAKE,eAAL,GAAuBM,cAAvD;AACA,SAAO;AACLU,IAAAA,OAAO,EAAE,KADJ;AAELC,IAAAA,iBAAiB,EAAEtB,YAFd;AAGLmB,IAAAA,WAHK;AAILC,IAAAA;AAJK,GAAP;AAMD;;AAED,SAASG,YAAT,CAAsBC,OAAtB,EAA+BX,IAA/B,EAAsD;AACpD,SAAOY,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBF,OAAlB,EAA2B1B,UAAU,CAACe,IAAD,CAArC,EAA6C;AAClDO,IAAAA,cAAc,EAAEK,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBF,OAAO,CAACJ,cAA1B,EAA0CP,IAAI,CAACO,cAA/C;AADkC,GAA7C,CAAP;AAGD;;AAED,OAAO,SAASO,YAAT,GAAmE;AAAA,MAA7Cd,IAA6C,uEAArB,EAAqB;AACxEd,EAAAA,iBAAiB,CAACc,IAAD,CAAjB;AACAA,EAAAA,IAAI,GAAGU,YAAY,CAACL,iBAAiB,EAAlB,EAAsBL,IAAtB,CAAnB;AACA,SAAOf,UAAU,CAAC;AAChB;AACA8B,IAAAA,MAAM,EAAEhC,mBAAmB,CAACiB,IAAI,CAACe,MAAN,CAFX;AAGhBC,IAAAA,QAAQ,EAAEjC,mBAAmB,CAACiB,IAAI,CAACgB,QAAN,CAHb;AAIhBC,IAAAA,YAAY,EAAElC,mBAAmB,CAACiB,IAAI,CAACiB,YAAN,CAJjB;AAKhBC,IAAAA,WAAW,EAAEnC,mBAAmB,CAACiB,IAAI,CAACkB,WAAN,CALhB;AAMhBC,IAAAA,SAAS,EAAEpC,mBAAmB,CAACiB,IAAI,CAACmB,SAAN,CANd;AAOhBC,IAAAA,SAAS,EAAErC,mBAAmB,CAACiB,IAAI,CAACoB,SAAN,CAPd;AAQhBC,IAAAA,QAAQ,EAAErB,IAAI,CAACqB,QARC;AAShBC,IAAAA,WAAW,EAAEtB,IAAI,CAACsB,WATF;AAUhBC,IAAAA,KAAK,EAAEvB,IAAI,CAACuB,KAVI;AAWhBC,IAAAA,MAAM,EAAExB,IAAI,CAACwB,MAXG;AAYhBC,IAAAA,qBAAqB,EAAEzB,IAAI,CAACyB,qBAZZ;AAahBC,IAAAA,YAAY,EAAE1B,IAAI,CAAC0B,YAbH;AAchBC,IAAAA,YAAY,EAAE3B,IAAI,CAAC2B,YAdH;AAehBC,IAAAA,IAAI,EAAE5B,IAAI,CAAC4B,IAAL,KAAc,KAAd,GAAsB,KAAtB,GAA8B,IAfpB;AAe0B;AAC1CC,IAAAA,sBAAsB,EAAE7B,IAAI,CAAC6B,sBAhBb;AAkBhB;AACApB,IAAAA,iBAAiB,EAAET,IAAI,CAACS,iBAnBR;AAoBhBqB,IAAAA,iBAAiB,EAAE9B,IAAI,CAAC8B,iBApBR;AAqBhBC,IAAAA,kBAAkB,EAAE/B,IAAI,CAAC+B,kBArBT;AAsBhBC,IAAAA,kBAAkB,EAAEhC,IAAI,CAACgC,kBAtBT;AAuBhB1B,IAAAA,WAAW,EAAEN,IAAI,CAACM,WAvBF;AAwBhB2B,IAAAA,OAAO,EAAEjC,IAAI,CAACiC,OAxBE;AAyBhBzB,IAAAA,OAAO,EAAE,CAAC,CAACR,IAAI,CAACQ,OAzBA;AA0BhBD,IAAAA,cAAc,EAAEP,IAAI,CAACO,cA1BL;AA2BhBL,IAAAA,OAAO,EAAEZ,SAAS,KAAKS,iBAAiB,CAACC,IAAD,EAAOT,OAAO,EAAd,CAAtB,GAA0CS,IAAI,CAACE,OA3BjD;AA6BhB;AACAgC,IAAAA,eAAe,EAAE,CAAC,CAAClC,IAAI,CAACkC,eA9BR;AAgChB;AACAC,IAAAA,YAAY,EAAEnC,IAAI,CAACmC;AAjCH,GAAD,CAAjB;AAmCD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable complexity */\nimport { removeTrailingSlash, warn, removeNils } from './util';\nimport { assertValidConfig } from './builderUtil';\nimport { OktaAuthOptions, StorageManagerOptions } from './types';\n\nimport fetchRequest from './fetch/fetchRequest';\nimport browserStorage from './browser/browserStorage';\nimport serverStorage from './server/serverStorage';\nimport { isBrowser, isHTTPS } from './features';\n\nconst BROWSER_STORAGE: StorageManagerOptions = {\n token: {\n storageTypes: [\n 'localStorage',\n 'sessionStorage',\n 'cookie'\n ],\n useMultipleCookies: true\n },\n cache: {\n storageTypes: [\n 'localStorage',\n 'sessionStorage',\n 'cookie'\n ]\n },\n transaction: {\n storageTypes: [\n 'sessionStorage',\n 'localStorage',\n 'cookie'\n ]\n },\n 'shared-transaction': {\n storageTypes: [\n 'localStorage'\n ]\n }\n};\n\nconst SERVER_STORAGE: StorageManagerOptions = {\n token: {\n storageTypes: [\n 'memory'\n ]\n },\n cache: {\n storageTypes: [\n 'memory'\n ]\n },\n transaction: {\n storageTypes: [\n 'memory'\n ]\n }\n};\n\nfunction getCookieSettings(args: OktaAuthOptions = {}, isHTTPS: boolean) {\n // Secure cookies will be automatically used on a HTTPS connection\n // Non-secure cookies will be automatically used on a HTTP connection\n // secure option can override the automatic behavior\n var cookieSettings = args.cookies || {};\n if (typeof cookieSettings.secure === 'undefined') {\n cookieSettings.secure = isHTTPS;\n }\n if (typeof cookieSettings.sameSite === 'undefined') {\n cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';\n }\n\n // If secure=true, but the connection is not HTTPS, set secure=false.\n if (cookieSettings.secure && !isHTTPS) {\n // eslint-disable-next-line no-console\n warn(\n 'The current page is not being served with the HTTPS protocol.\\n' +\n 'For security reasons, we strongly recommend using HTTPS.\\n' +\n 'If you cannot use HTTPS, set \"cookies.secure\" option to false.'\n );\n cookieSettings.secure = false;\n }\n\n // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure\n // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.\n if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {\n cookieSettings.sameSite = 'lax';\n }\n\n return cookieSettings;\n}\n\n\nexport function getDefaultOptions(): OktaAuthOptions {\n const storageUtil = isBrowser() ? browserStorage : serverStorage;\n const storageManager = isBrowser() ? BROWSER_STORAGE : SERVER_STORAGE;\n return {\n devMode: false,\n httpRequestClient: fetchRequest,\n storageUtil,\n storageManager\n };\n}\n\nfunction mergeOptions(options, args): OktaAuthOptions {\n return Object.assign({}, options, removeNils(args), {\n storageManager: Object.assign({}, options.storageManager, args.storageManager)\n });\n}\n\nexport function buildOptions(args: OktaAuthOptions = {}): OktaAuthOptions {\n assertValidConfig(args);\n args = mergeOptions(getDefaultOptions(), args);\n return removeNils({\n // OIDC configuration\n issuer: removeTrailingSlash(args.issuer),\n tokenUrl: removeTrailingSlash(args.tokenUrl),\n authorizeUrl: removeTrailingSlash(args.authorizeUrl),\n userinfoUrl: removeTrailingSlash(args.userinfoUrl),\n revokeUrl: removeTrailingSlash(args.revokeUrl),\n logoutUrl: removeTrailingSlash(args.logoutUrl),\n clientId: args.clientId,\n redirectUri: args.redirectUri,\n state: args.state,\n scopes: args.scopes,\n postLogoutRedirectUri: args.postLogoutRedirectUri,\n responseMode: args.responseMode,\n responseType: args.responseType,\n pkce: args.pkce === false ? false : true, // PKCE defaults to true\n useInteractionCodeFlow: args.useInteractionCodeFlow,\n\n // Internal options\n httpRequestClient: args.httpRequestClient,\n transformErrorXHR: args.transformErrorXHR,\n transformAuthState: args.transformAuthState,\n restoreOriginalUri: args.restoreOriginalUri,\n storageUtil: args.storageUtil,\n headers: args.headers,\n devMode: !!args.devMode,\n storageManager: args.storageManager,\n cookies: isBrowser() ? getCookieSettings(args, isHTTPS()) : args.cookies,\n\n // Give the developer the ability to disable token signature validation.\n ignoreSignature: !!args.ignoreSignature,\n\n // Server-side web applications\n clientSecret: args.clientSecret\n });\n}\n"],"file":"options.js"}
|
|
1
|
+
{"version":3,"sources":["../../lib/options.ts"],"names":["removeTrailingSlash","warn","removeNils","assertValidConfig","fetchRequest","browserStorage","serverStorage","isBrowser","isHTTPS","BROWSER_STORAGE","token","storageTypes","useMultipleCookies","cache","transaction","SERVER_STORAGE","getCookieSettings","args","cookieSettings","cookies","secure","sameSite","getDefaultOptions","storageUtil","storageManager","enableSharedStorage","devMode","httpRequestClient","transactionManager","mergeOptions","options","Object","assign","buildOptions","issuer","tokenUrl","authorizeUrl","userinfoUrl","revokeUrl","logoutUrl","clientId","redirectUri","state","scopes","postLogoutRedirectUri","responseMode","responseType","pkce","useInteractionCodeFlow","transformErrorXHR","transformAuthState","restoreOriginalUri","headers","ignoreSignature","clientSecret"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AACA,SAASA,mBAAT,EAA8BC,IAA9B,EAAoCC,UAApC,QAAsD,QAAtD;AACA,SAASC,iBAAT,QAAkC,eAAlC;AAGA,OAAOC,YAAP,MAAyB,sBAAzB;AACA,OAAOC,cAAP,MAA2B,0BAA3B;AACA,OAAOC,aAAP,MAA0B,wBAA1B;AACA,SAASC,SAAT,EAAoBC,OAApB,QAAmC,YAAnC;AAEA,IAAMC,eAAsC,GAAG;AAC7CC,EAAAA,KAAK,EAAE;AACLC,IAAAA,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY,CADT;AAMLC,IAAAA,kBAAkB,EAAE;AANf,GADsC;AAS7CC,EAAAA,KAAK,EAAE;AACLF,IAAAA,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY;AADT,GATsC;AAgB7CG,EAAAA,WAAW,EAAE;AACXH,IAAAA,YAAY,EAAE,CACZ,gBADY,EAEZ,cAFY,EAGZ,QAHY;AADH,GAhBgC;AAuB7C,wBAAsB;AACpBA,IAAAA,YAAY,EAAE,CACZ,cADY;AADM,GAvBuB;AA4B7C,kBAAgB;AACdA,IAAAA,YAAY,EAAE,CACZ,cADY;AADA;AA5B6B,CAA/C;AAmCA,IAAMI,cAAqC,GAAG;AAC5CL,EAAAA,KAAK,EAAE;AACLC,IAAAA,YAAY,EAAE,CACZ,QADY;AADT,GADqC;AAM5CE,EAAAA,KAAK,EAAE;AACLF,IAAAA,YAAY,EAAE,CACZ,QADY;AADT,GANqC;AAW5CG,EAAAA,WAAW,EAAE;AACXH,IAAAA,YAAY,EAAE,CACZ,QADY;AADH;AAX+B,CAA9C;;AAkBA,SAASK,iBAAT,GAAyE;AAAA,MAA9CC,IAA8C,uEAAtB,EAAsB;AAAA,MAAlBT,OAAkB;AACvE;AACA;AACA;AACA,MAAIU,cAAc,GAAGD,IAAI,CAACE,OAAL,IAAgB,EAArC;;AACA,MAAI,OAAOD,cAAc,CAACE,MAAtB,KAAiC,WAArC,EAAkD;AAChDF,IAAAA,cAAc,CAACE,MAAf,GAAwBZ,OAAxB;AACD;;AACD,MAAI,OAAOU,cAAc,CAACG,QAAtB,KAAmC,WAAvC,EAAoD;AAClDH,IAAAA,cAAc,CAACG,QAAf,GAA0BH,cAAc,CAACE,MAAf,GAAwB,MAAxB,GAAiC,KAA3D;AACD,GAVsE,CAYvE;;;AACA,MAAIF,cAAc,CAACE,MAAf,IAAyB,CAACZ,OAA9B,EAAuC;AACrC;AACAP,IAAAA,IAAI,CACF,oEACA,4DADA,GAEA,gEAHE,CAAJ;AAKAiB,IAAAA,cAAc,CAACE,MAAf,GAAwB,KAAxB;AACD,GArBsE,CAuBvE;AACA;;;AACA,MAAIF,cAAc,CAACG,QAAf,KAA4B,MAA5B,IAAsC,CAACH,cAAc,CAACE,MAA1D,EAAkE;AAChEF,IAAAA,cAAc,CAACG,QAAf,GAA0B,KAA1B;AACD;;AAED,SAAOH,cAAP;AACD;;AAGD,OAAO,SAASI,iBAAT,GAA8C;AACnD,MAAMC,WAAW,GAAGhB,SAAS,KAAKF,cAAL,GAAsBC,aAAnD;AACA,MAAMkB,cAAc,GAAGjB,SAAS,KAAKE,eAAL,GAAuBM,cAAvD;AACA,MAAMU,mBAAmB,GAAGlB,SAAS,KAAK,IAAL,GAAY,KAAjD,CAHmD,CAGK;;AACxD,SAAO;AACLmB,IAAAA,OAAO,EAAE,KADJ;AAELC,IAAAA,iBAAiB,EAAEvB,YAFd;AAGLmB,IAAAA,WAHK;AAILC,IAAAA,cAJK;AAKLI,IAAAA,kBAAkB,EAAE;AAClBH,MAAAA;AADkB;AALf,GAAP;AASD;;AAED,SAASI,YAAT,CAAsBC,OAAtB,EAA+Bb,IAA/B,EAAsD;AACpD,SAAOc,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBF,OAAlB,EAA2B5B,UAAU,CAACe,IAAD,CAArC,EAA6C;AAClDO,IAAAA,cAAc,EAAEO,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBF,OAAO,CAACN,cAA1B,EAA0CP,IAAI,CAACO,cAA/C,CADkC;AAElDI,IAAAA,kBAAkB,EAAEG,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBF,OAAO,CAACF,kBAA1B,EAA8CX,IAAI,CAACW,kBAAnD;AAF8B,GAA7C,CAAP;AAID;;AAED,OAAO,SAASK,YAAT,GAAmE;AAAA,MAA7ChB,IAA6C,uEAArB,EAAqB;AACxEd,EAAAA,iBAAiB,CAACc,IAAD,CAAjB;AACAA,EAAAA,IAAI,GAAGY,YAAY,CAACP,iBAAiB,EAAlB,EAAsBL,IAAtB,CAAnB;AACA,SAAOf,UAAU,CAAC;AAChB;AACAgC,IAAAA,MAAM,EAAElC,mBAAmB,CAACiB,IAAI,CAACiB,MAAN,CAFX;AAGhBC,IAAAA,QAAQ,EAAEnC,mBAAmB,CAACiB,IAAI,CAACkB,QAAN,CAHb;AAIhBC,IAAAA,YAAY,EAAEpC,mBAAmB,CAACiB,IAAI,CAACmB,YAAN,CAJjB;AAKhBC,IAAAA,WAAW,EAAErC,mBAAmB,CAACiB,IAAI,CAACoB,WAAN,CALhB;AAMhBC,IAAAA,SAAS,EAAEtC,mBAAmB,CAACiB,IAAI,CAACqB,SAAN,CANd;AAOhBC,IAAAA,SAAS,EAAEvC,mBAAmB,CAACiB,IAAI,CAACsB,SAAN,CAPd;AAQhBC,IAAAA,QAAQ,EAAEvB,IAAI,CAACuB,QARC;AAShBC,IAAAA,WAAW,EAAExB,IAAI,CAACwB,WATF;AAUhBC,IAAAA,KAAK,EAAEzB,IAAI,CAACyB,KAVI;AAWhBC,IAAAA,MAAM,EAAE1B,IAAI,CAAC0B,MAXG;AAYhBC,IAAAA,qBAAqB,EAAE3B,IAAI,CAAC2B,qBAZZ;AAahBC,IAAAA,YAAY,EAAE5B,IAAI,CAAC4B,YAbH;AAchBC,IAAAA,YAAY,EAAE7B,IAAI,CAAC6B,YAdH;AAehBC,IAAAA,IAAI,EAAE9B,IAAI,CAAC8B,IAAL,KAAc,KAAd,GAAsB,KAAtB,GAA8B,IAfpB;AAe0B;AAC1CC,IAAAA,sBAAsB,EAAE/B,IAAI,CAAC+B,sBAhBb;AAkBhB;AACArB,IAAAA,iBAAiB,EAAEV,IAAI,CAACU,iBAnBR;AAoBhBsB,IAAAA,iBAAiB,EAAEhC,IAAI,CAACgC,iBApBR;AAqBhBC,IAAAA,kBAAkB,EAAEjC,IAAI,CAACiC,kBArBT;AAsBhBC,IAAAA,kBAAkB,EAAElC,IAAI,CAACkC,kBAtBT;AAuBhB5B,IAAAA,WAAW,EAAEN,IAAI,CAACM,WAvBF;AAwBhB6B,IAAAA,OAAO,EAAEnC,IAAI,CAACmC,OAxBE;AAyBhB1B,IAAAA,OAAO,EAAE,CAAC,CAACT,IAAI,CAACS,OAzBA;AA0BhBF,IAAAA,cAAc,EAAEP,IAAI,CAACO,cA1BL;AA2BhBI,IAAAA,kBAAkB,EAAEX,IAAI,CAACW,kBA3BT;AA4BhBT,IAAAA,OAAO,EAAEZ,SAAS,KAAKS,iBAAiB,CAACC,IAAD,EAAOT,OAAO,EAAd,CAAtB,GAA0CS,IAAI,CAACE,OA5BjD;AA8BhB;AACAkC,IAAAA,eAAe,EAAE,CAAC,CAACpC,IAAI,CAACoC,eA/BR;AAiChB;AACAC,IAAAA,YAAY,EAAErC,IAAI,CAACqC;AAlCH,GAAD,CAAjB;AAoCD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable complexity */\nimport { removeTrailingSlash, warn, removeNils } from './util';\nimport { assertValidConfig } from './builderUtil';\nimport { OktaAuthOptions, StorageManagerOptions } from './types';\n\nimport fetchRequest from './fetch/fetchRequest';\nimport browserStorage from './browser/browserStorage';\nimport serverStorage from './server/serverStorage';\nimport { isBrowser, isHTTPS } from './features';\n\nconst BROWSER_STORAGE: StorageManagerOptions = {\n token: {\n storageTypes: [\n 'localStorage',\n 'sessionStorage',\n 'cookie'\n ],\n useMultipleCookies: true\n },\n cache: {\n storageTypes: [\n 'localStorage',\n 'sessionStorage',\n 'cookie'\n ]\n },\n transaction: {\n storageTypes: [\n 'sessionStorage',\n 'localStorage',\n 'cookie'\n ]\n },\n 'shared-transaction': {\n storageTypes: [\n 'localStorage'\n ]\n },\n 'original-uri': {\n storageTypes: [\n 'localStorage'\n ]\n }\n};\n\nconst SERVER_STORAGE: StorageManagerOptions = {\n token: {\n storageTypes: [\n 'memory'\n ]\n },\n cache: {\n storageTypes: [\n 'memory'\n ]\n },\n transaction: {\n storageTypes: [\n 'memory'\n ]\n }\n};\n\nfunction getCookieSettings(args: OktaAuthOptions = {}, isHTTPS: boolean) {\n // Secure cookies will be automatically used on a HTTPS connection\n // Non-secure cookies will be automatically used on a HTTP connection\n // secure option can override the automatic behavior\n var cookieSettings = args.cookies || {};\n if (typeof cookieSettings.secure === 'undefined') {\n cookieSettings.secure = isHTTPS;\n }\n if (typeof cookieSettings.sameSite === 'undefined') {\n cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';\n }\n\n // If secure=true, but the connection is not HTTPS, set secure=false.\n if (cookieSettings.secure && !isHTTPS) {\n // eslint-disable-next-line no-console\n warn(\n 'The current page is not being served with the HTTPS protocol.\\n' +\n 'For security reasons, we strongly recommend using HTTPS.\\n' +\n 'If you cannot use HTTPS, set \"cookies.secure\" option to false.'\n );\n cookieSettings.secure = false;\n }\n\n // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure\n // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.\n if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {\n cookieSettings.sameSite = 'lax';\n }\n\n return cookieSettings;\n}\n\n\nexport function getDefaultOptions(): OktaAuthOptions {\n const storageUtil = isBrowser() ? browserStorage : serverStorage;\n const storageManager = isBrowser() ? BROWSER_STORAGE : SERVER_STORAGE;\n const enableSharedStorage = isBrowser() ? true : false; // localStorage for multi-tab flows (browser only)\n return {\n devMode: false,\n httpRequestClient: fetchRequest,\n storageUtil,\n storageManager,\n transactionManager: {\n enableSharedStorage\n }\n };\n}\n\nfunction mergeOptions(options, args): OktaAuthOptions {\n return Object.assign({}, options, removeNils(args), {\n storageManager: Object.assign({}, options.storageManager, args.storageManager),\n transactionManager: Object.assign({}, options.transactionManager, args.transactionManager),\n });\n}\n\nexport function buildOptions(args: OktaAuthOptions = {}): OktaAuthOptions {\n assertValidConfig(args);\n args = mergeOptions(getDefaultOptions(), args);\n return removeNils({\n // OIDC configuration\n issuer: removeTrailingSlash(args.issuer),\n tokenUrl: removeTrailingSlash(args.tokenUrl),\n authorizeUrl: removeTrailingSlash(args.authorizeUrl),\n userinfoUrl: removeTrailingSlash(args.userinfoUrl),\n revokeUrl: removeTrailingSlash(args.revokeUrl),\n logoutUrl: removeTrailingSlash(args.logoutUrl),\n clientId: args.clientId,\n redirectUri: args.redirectUri,\n state: args.state,\n scopes: args.scopes,\n postLogoutRedirectUri: args.postLogoutRedirectUri,\n responseMode: args.responseMode,\n responseType: args.responseType,\n pkce: args.pkce === false ? false : true, // PKCE defaults to true\n useInteractionCodeFlow: args.useInteractionCodeFlow,\n\n // Internal options\n httpRequestClient: args.httpRequestClient,\n transformErrorXHR: args.transformErrorXHR,\n transformAuthState: args.transformAuthState,\n restoreOriginalUri: args.restoreOriginalUri,\n storageUtil: args.storageUtil,\n headers: args.headers,\n devMode: !!args.devMode,\n storageManager: args.storageManager,\n transactionManager: args.transactionManager,\n cookies: isBrowser() ? getCookieSettings(args, isHTTPS()) : args.cookies,\n\n // Give the developer the ability to disable token signature validation.\n ignoreSignature: !!args.ignoreSignature,\n\n // Server-side web applications\n clientSecret: args.clientSecret\n });\n}\n"],"file":"options.js"}
|
|
@@ -13,9 +13,10 @@
|
|
|
13
13
|
import { AuthSdkError } from '../errors';
|
|
14
14
|
|
|
15
15
|
var NodeCache = require('node-cache'); // commonJS module cannot be imported without esModuleInterop
|
|
16
|
+
// this is a SHARED memory storage to support a stateless http server
|
|
16
17
|
|
|
17
18
|
|
|
18
|
-
var sharedStorage =
|
|
19
|
+
var sharedStorage = typeof NodeCache === 'function' ? new NodeCache() : null;
|
|
19
20
|
|
|
20
21
|
class ServerCookies {
|
|
21
22
|
// NodeCache
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/server/serverStorage.ts"],"names":["AuthSdkError","NodeCache","require","sharedStorage","ServerCookies","constructor","nodeCache","set","name","value","expiresAt","Date","parse","ttl","now","get","delete","del","ServerStorage","storage","testStorageType","storageType","supported","getStorageByType","storageProvider","getStorage","findStorageType","getHttpCache","getItem","setItem","key"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,SAASA,YAAT,QAA6B,WAA7B;;AACA,IAAMC,SAAS,GAAGC,OAAO,CAAC,YAAD,CAAzB,C,CAAyC;;;
|
|
1
|
+
{"version":3,"sources":["../../../lib/server/serverStorage.ts"],"names":["AuthSdkError","NodeCache","require","sharedStorage","ServerCookies","constructor","nodeCache","set","name","value","expiresAt","Date","parse","ttl","now","get","delete","del","ServerStorage","storage","testStorageType","storageType","supported","getStorageByType","storageProvider","getStorage","findStorageType","getHttpCache","getItem","setItem","key"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,SAASA,YAAT,QAA6B,WAA7B;;AACA,IAAMC,SAAS,GAAGC,OAAO,CAAC,YAAD,CAAzB,C,CAAyC;AAEzC;;;AACA,IAAMC,aAAa,GAAG,OAAOF,SAAP,KAAqB,UAArB,GAAkC,IAAIA,SAAJ,EAAlC,GAAoD,IAA1E;;AAEA,MAAMG,aAAN,CAAuC;AACrB;AAEhBC,EAAAA,WAAW,CAACC,SAAD,EAAY;AACrB,SAAKA,SAAL,GAAiBA,SAAjB;AACD;;AAEDC,EAAAA,GAAG,CAACC,IAAD,EAAeC,KAAf,EAA8BC,SAA9B,EAAyD;AAC1D;AACA,QAAI,CAAC,CAAEC,IAAI,CAACC,KAAL,CAAWF,SAAX,CAAP,EAA+B;AAC7B;AACA,UAAIG,GAAG,GAAG,CAACF,IAAI,CAACC,KAAL,CAAWF,SAAX,IAAwBC,IAAI,CAACG,GAAL,EAAzB,IAAuC,IAAjD;AACA,WAAKR,SAAL,CAAeC,GAAf,CAAmBC,IAAnB,EAAyBC,KAAzB,EAAgCI,GAAhC;AACD,KAJD,MAIO;AACL,WAAKP,SAAL,CAAeC,GAAf,CAAmBC,IAAnB,EAAyBC,KAAzB;AACD;;AAED,WAAO,KAAKM,GAAL,CAASP,IAAT,CAAP;AACD;;AAEDO,EAAAA,GAAG,CAACP,IAAD,EAAe;AAChB,WAAO,KAAKF,SAAL,CAAeS,GAAf,CAAmBP,IAAnB,CAAP;AACD;;AAEDQ,EAAAA,MAAM,CAACR,IAAD,EAAO;AACX,WAAO,KAAKF,SAAL,CAAeW,GAAf,CAAmBT,IAAnB,CAAP;AACD;;AA1BoC,C,CA4BvC;;;AACA,MAAMU,aAAN,CAA2C;AACzB;AAEhBb,EAAAA,WAAW,CAACC,SAAD,EAAY;AACrB,SAAKA,SAAL,GAAiBA,SAAjB;AACA,SAAKa,OAAL,GAAe,IAAIf,aAAJ,CAAkBE,SAAlB,CAAf;AACD;;AAEDc,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,QAAIC,SAAS,GAAG,KAAhB;;AACA,YAAQD,WAAR;AACE,WAAK,QAAL;AACEC,QAAAA,SAAS,GAAG,IAAZ;AACA;;AACF;AACE;AALJ;;AAOA,WAAOA,SAAP;AACD;;AAEDC,EAAAA,gBAAgB,CAACF,WAAD,EAA0C;AACxD,QAAIG,eAAe,GAAG,IAAtB;;AACA,YAAQH,WAAR;AACE,WAAK,QAAL;AACEG,QAAAA,eAAe,GAAG,KAAKC,UAAL,EAAlB;AACA;;AACF;AACE,cAAM,IAAIzB,YAAJ,wCAAiDqB,WAAjD,EAAN;AACA;AANJ;;AAQA,WAAOG,eAAP;AACD;;AAEDE,EAAAA,eAAe,GAAgB;AAC7B,WAAO,QAAP;AACD,GAnCwC,CAqCzC;;;AACAC,EAAAA,YAAY,GAAG;AACb,WAAO,IAAP,CADa,CACA;AACd,GAxCwC,CA0CzC;;;AACAF,EAAAA,UAAU,GAAkB;AAC1B,WAAO;AACLG,MAAAA,OAAO,EAAE,KAAKtB,SAAL,CAAeS,GADnB;AAELc,MAAAA,OAAO,EAAE,CAACC,GAAD,EAAMrB,KAAN,KAAgB;AACvB,aAAKH,SAAL,CAAeC,GAAf,CAAmBuB,GAAnB,EAAwBrB,KAAxB,EAA+B,0BAA/B;AACD;AAJI,KAAP;AAMD;;AAlDwC;;AAqD3C,eAAe,IAAIS,aAAJ,CAAkBf,aAAlB,CAAf","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport { SimpleStorage, StorageType, StorageUtil, Cookies } from '../types';\nimport { AuthSdkError } from '../errors';\nconst NodeCache = require('node-cache'); // commonJS module cannot be imported without esModuleInterop\n\n// this is a SHARED memory storage to support a stateless http server\nconst sharedStorage = typeof NodeCache === 'function' ? new NodeCache() : null;\n\nclass ServerCookies implements Cookies {\n nodeCache: any; // NodeCache\n \n constructor(nodeCache) {\n this.nodeCache = nodeCache;\n }\n\n set(name: string, value: string, expiresAt: string): string {\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Time to expiration in seconds\n var ttl = (Date.parse(expiresAt) - Date.now()) / 1000;\n this.nodeCache.set(name, value, ttl);\n } else {\n this.nodeCache.set(name, value);\n }\n\n return this.get(name);\n }\n\n get(name): string {\n return this.nodeCache.get(name);\n }\n\n delete(name) {\n return this.nodeCache.del(name);\n }\n}\n// Building this as an object allows us to mock the functions in our tests\nclass ServerStorage implements StorageUtil {\n nodeCache: any; // NodeCache\n storage: Cookies;\n constructor(nodeCache) {\n this.nodeCache = nodeCache;\n this.storage = new ServerCookies(nodeCache);\n }\n\n testStorageType(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'memory':\n supported = true;\n break;\n default:\n break;\n }\n return supported;\n }\n\n getStorageByType(storageType: StorageType): SimpleStorage {\n let storageProvider = null;\n switch (storageType) {\n case 'memory':\n storageProvider = this.getStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n }\n\n findStorageType(): StorageType {\n return 'memory';\n }\n\n // will be removed in next version. OKTA-362589\n getHttpCache() {\n return null; // stubbed in server.js\n }\n\n // shared in-memory using node cache\n getStorage(): SimpleStorage {\n return {\n getItem: this.nodeCache.get,\n setItem: (key, value) => {\n this.nodeCache.set(key, value, '2200-01-01T00:00:00.000Z');\n }\n };\n }\n}\n\nexport default new ServerStorage(sharedStorage);\n"],"file":"serverStorage.js"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
/*!
|
|
2
|
+
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
3
|
+
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
4
|
+
*
|
|
5
|
+
* You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
|
|
6
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
7
|
+
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
8
|
+
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
9
|
+
*
|
|
10
|
+
* See the License for the specific language governing permissions and limitations under the License.
|
|
11
|
+
*/
|
|
12
|
+
import { urlParamsToObject } from '../oidc/util/urlParams';
|
|
13
|
+
// Check if state && stateTokenExternalId have been passed back in the url
|
|
14
|
+
export function isEmailVerifyCallback(urlPath) {
|
|
15
|
+
return /(stateTokenExternalId=)/i.test(urlPath) && /(state=)/i.test(urlPath);
|
|
16
|
+
} // Parse state and stateTokenExternalId from a urlPath (should be either a search or fragment from the URL)
|
|
17
|
+
|
|
18
|
+
export function parseEmailVerifyCallback(urlPath) {
|
|
19
|
+
return urlParamsToObject(urlPath);
|
|
20
|
+
}
|
|
21
|
+
//# sourceMappingURL=emailVerify.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../lib/util/emailVerify.ts"],"names":["urlParamsToObject","isEmailVerifyCallback","urlPath","test","parseEmailVerifyCallback"],"mappings":"AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA,SAASA,iBAAT,QAAmC,wBAAnC;AAOA;AACA,OAAO,SAASC,qBAAT,CAAgCC,OAAhC,EAA0D;AAC/D,SAAO,2BAA2BC,IAA3B,CAAgCD,OAAhC,KAA4C,YAAYC,IAAZ,CAAiBD,OAAjB,CAAnD;AACD,C,CAED;;AACA,OAAO,SAASE,wBAAT,CAAkCF,OAAlC,EAAgF;AACrF,SAAOF,iBAAiB,CAACE,OAAD,CAAxB;AACD","sourcesContent":["\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { urlParamsToObject } from '../oidc/util/urlParams';\n\nexport interface EmailVerifyCallbackResponse {\n state: string;\n stateTokenExternalId: string;\n}\n\n// Check if state && stateTokenExternalId have been passed back in the url\nexport function isEmailVerifyCallback (urlPath: string): boolean {\n return /(stateTokenExternalId=)/i.test(urlPath) && /(state=)/i.test(urlPath);\n}\n\n// Parse state and stateTokenExternalId from a urlPath (should be either a search or fragment from the URL)\nexport function parseEmailVerifyCallback(urlPath: string): EmailVerifyCallbackResponse {\n return urlParamsToObject(urlPath) as EmailVerifyCallbackResponse;\n}\n"],"file":"emailVerify.js"}
|
package/esm/util/index.js
CHANGED
package/esm/util/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/util/index.ts"],"names":[],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,cAAc,WAAd;AACA,cAAc,QAAd;AACA,cAAc,UAAd;AACA,cAAc,SAAd;AACA,cAAc,OAAd","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './console';\nexport * from './misc';\nexport * from './object';\nexport * from './types';\nexport * from './url';\n"],"file":"index.js"}
|
|
1
|
+
{"version":3,"sources":["../../../lib/util/index.ts"],"names":[],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA,cAAc,WAAd;AACA,cAAc,eAAd;AACA,cAAc,QAAd;AACA,cAAc,UAAd;AACA,cAAc,SAAd;AACA,cAAc,OAAd","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './console';\nexport * from './emailVerify';\nexport * from './misc';\nexport * from './object';\nexport * from './types';\nexport * from './url';\n"],"file":"index.js"}
|
package/lib/OktaAuth.d.ts
CHANGED
|
@@ -11,6 +11,7 @@
|
|
|
11
11
|
*/
|
|
12
12
|
import { OktaAuth as SDKInterface, OktaAuthOptions, AccessToken, RefreshToken, TokenAPI, FeaturesAPI, SignoutAPI, FingerprintAPI, UserClaims, SigninWithRedirectOptions, SigninWithCredentialsOptions, SignoutOptions, Tokens, ForgotPasswordOptions, VerifyRecoveryTokenOptions, TransactionAPI, SessionAPI, SigninAPI, PkceAPI, SigninOptions, IdxAPI, SignoutRedirectUrlOptions, HttpAPI } from './types';
|
|
13
13
|
import { AuthTransaction } from './tx';
|
|
14
|
+
import { EmailVerifyCallbackResponse } from './util';
|
|
14
15
|
import { TokenManager } from './TokenManager';
|
|
15
16
|
import PromiseQueue from './PromiseQueue';
|
|
16
17
|
import { AuthStateManager } from './AuthStateManager';
|
|
@@ -44,8 +45,10 @@ declare class OktaAuth implements SDKInterface, SigninAPI, SignoutAPI {
|
|
|
44
45
|
start(): void;
|
|
45
46
|
stop(): void;
|
|
46
47
|
setHeaders(headers: any): void;
|
|
47
|
-
isInteractionRequired(): boolean;
|
|
48
|
+
isInteractionRequired(hashOrSearch?: string): boolean;
|
|
48
49
|
isInteractionRequiredError(error: Error): boolean;
|
|
50
|
+
isEmailVerifyCallback(urlPath: string): boolean;
|
|
51
|
+
parseEmailVerifyCallback(urlPath: string): EmailVerifyCallbackResponse;
|
|
49
52
|
signIn(opts: SigninOptions): Promise<AuthTransaction>;
|
|
50
53
|
signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthTransaction>;
|
|
51
54
|
signInWithRedirect(opts?: SigninWithRedirectOptions): Promise<void>;
|
|
@@ -64,9 +67,9 @@ declare class OktaAuth implements SDKInterface, SigninAPI, SignoutAPI {
|
|
|
64
67
|
* Store parsed tokens from redirect url
|
|
65
68
|
*/
|
|
66
69
|
storeTokensFromRedirect(): Promise<void>;
|
|
67
|
-
setOriginalUri(originalUri: string): void;
|
|
70
|
+
setOriginalUri(originalUri: string, state?: string): void;
|
|
68
71
|
getOriginalUri(state?: string): string;
|
|
69
|
-
removeOriginalUri(): void;
|
|
72
|
+
removeOriginalUri(state?: string): void;
|
|
70
73
|
isLoginRedirect(): boolean;
|
|
71
74
|
handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void>;
|
|
72
75
|
isPKCE(): boolean;
|
package/lib/StorageManager.d.ts
CHANGED
|
@@ -19,6 +19,7 @@ export default class StorageManager {
|
|
|
19
19
|
getStorage(options: StorageOptions): SimpleStorage;
|
|
20
20
|
getTransactionStorage(options?: StorageOptions): TransactionStorage;
|
|
21
21
|
getSharedTansactionStorage(options?: StorageOptions): TransactionStorage;
|
|
22
|
+
getOriginalUriStorage(options?: StorageOptions): TransactionStorage;
|
|
22
23
|
getIdxResponseStorage(options?: StorageOptions): IdxResponseStorage;
|
|
23
24
|
getTokenStorage(options?: StorageOptions): StorageProvider;
|
|
24
25
|
getHttpCache(options?: StorageOptions): StorageProvider;
|
|
@@ -12,6 +12,9 @@
|
|
|
12
12
|
import StorageManager from './StorageManager';
|
|
13
13
|
import { TransactionMeta, PKCETransactionMeta, OAuthTransactionMeta, TransactionMetaOptions, TransactionManagerOptions } from './types';
|
|
14
14
|
import { RawIdxResponse } from './idx/types/idx-js';
|
|
15
|
+
export interface ClearTransactionMetaOptions extends TransactionMetaOptions {
|
|
16
|
+
clearSharedStorage?: boolean;
|
|
17
|
+
}
|
|
15
18
|
export default class TransactionManager {
|
|
16
19
|
options: TransactionManagerOptions;
|
|
17
20
|
storageManager: StorageManager;
|
|
@@ -21,7 +24,7 @@ export default class TransactionManager {
|
|
|
21
24
|
saveParamsCookie: boolean;
|
|
22
25
|
enableSharedStorage: boolean;
|
|
23
26
|
constructor(options: TransactionManagerOptions);
|
|
24
|
-
clear(options?:
|
|
27
|
+
clear(options?: ClearTransactionMetaOptions): void;
|
|
25
28
|
save(meta: TransactionMeta, options?: TransactionMetaOptions): void;
|
|
26
29
|
exists(options?: TransactionMetaOptions): boolean;
|
|
27
30
|
load(options?: TransactionMetaOptions): TransactionMeta;
|
package/lib/constants.d.ts
CHANGED
|
@@ -21,6 +21,7 @@ export declare const CACHE_STORAGE_NAME = "okta-cache-storage";
|
|
|
21
21
|
export declare const PKCE_STORAGE_NAME = "okta-pkce-storage";
|
|
22
22
|
export declare const TRANSACTION_STORAGE_NAME = "okta-transaction-storage";
|
|
23
23
|
export declare const SHARED_TRANSACTION_STORAGE_NAME = "okta-shared-transaction-storage";
|
|
24
|
+
export declare const ORIGINAL_URI_STORAGE_NAME = "okta-original-uri-storage";
|
|
24
25
|
export declare const IDX_RESPONSE_STORAGE_NAME = "okta-idx-response-storage";
|
|
25
26
|
export declare const ACCESS_TOKEN_STORAGE_KEY = "accessToken";
|
|
26
27
|
export declare const ID_TOKEN_STORAGE_KEY = "idToken";
|
package/lib/crypto/base64.d.ts
CHANGED
|
@@ -12,6 +12,6 @@
|
|
|
12
12
|
export declare function stringToBase64Url(str: any): any;
|
|
13
13
|
export declare function base64ToBase64Url(b64: any): any;
|
|
14
14
|
export declare function base64UrlToBase64(b64u: any): any;
|
|
15
|
-
export declare function base64UrlToString(b64u: any):
|
|
15
|
+
export declare function base64UrlToString(b64u: any): any;
|
|
16
16
|
export declare function stringToBuffer(str: any): Uint8Array;
|
|
17
|
-
export declare function base64UrlDecode(str: any):
|
|
17
|
+
export declare function base64UrlDecode(str: any): any;
|
package/lib/crypto/oidcHash.d.ts
CHANGED
package/lib/idx/introspect.d.ts
CHANGED
|
@@ -12,7 +12,8 @@
|
|
|
12
12
|
import { OktaAuth } from '../types';
|
|
13
13
|
import { IdxResponse } from './types/idx-js';
|
|
14
14
|
export interface IntrospectOptions {
|
|
15
|
-
interactionHandle
|
|
15
|
+
interactionHandle?: string;
|
|
16
16
|
stateHandle?: string;
|
|
17
|
+
stateTokenExternalId?: string;
|
|
17
18
|
}
|
|
18
19
|
export declare function introspect(authClient: OktaAuth, options: IntrospectOptions): Promise<IdxResponse>;
|
package/lib/idx/run.d.ts
CHANGED
|
@@ -9,10 +9,11 @@
|
|
|
9
9
|
*
|
|
10
10
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
11
11
|
*/
|
|
12
|
-
import { OktaAuth, IdxTransactionMeta } from '../types';
|
|
12
|
+
import { OktaAuth, IdxTransactionMeta, TransactionMetaOptions } from '../types';
|
|
13
13
|
export declare function createTransactionMeta(authClient: OktaAuth): Promise<import("../types").TokenParams>;
|
|
14
|
-
export declare function transactionMetaExist(authClient: OktaAuth): boolean;
|
|
15
|
-
export declare function
|
|
14
|
+
export declare function transactionMetaExist(authClient: OktaAuth, options?: TransactionMetaOptions): boolean;
|
|
15
|
+
export declare function getSavedTransactionMeta(authClient: OktaAuth, options?: TransactionMetaOptions): IdxTransactionMeta;
|
|
16
|
+
export declare function getTransactionMeta(authClient: OktaAuth, options?: TransactionMetaOptions): Promise<IdxTransactionMeta>;
|
|
16
17
|
export declare function saveTransactionMeta(authClient: OktaAuth, meta: any): void;
|
|
17
18
|
export declare function clearTransactionMeta(authClient: OktaAuth): void;
|
|
18
19
|
export declare function isTransactionMetaValid(authClient: OktaAuth, meta: any): boolean;
|
package/lib/idx/types/index.d.ts
CHANGED
|
@@ -12,7 +12,7 @@
|
|
|
12
12
|
import { InteractOptions } from '../interact';
|
|
13
13
|
import { APIError, Tokens } from '../../types';
|
|
14
14
|
import { IdxTransactionMeta } from '../../types/Transaction';
|
|
15
|
-
import { IdxAuthenticator, IdxMessage, IdxOption } from './idx-js';
|
|
15
|
+
import { IdxAuthenticator, IdxMessage, IdxOption, IdxResponse } from './idx-js';
|
|
16
16
|
export { IdxMessage } from './idx-js';
|
|
17
17
|
export { AuthenticationOptions } from '../authenticate';
|
|
18
18
|
export { RegistrationOptions } from '../register';
|
|
@@ -61,6 +61,7 @@ export interface IdxTransaction {
|
|
|
61
61
|
meta?: IdxTransactionMeta;
|
|
62
62
|
enabledFeatures?: IdxFeature[];
|
|
63
63
|
availableSteps?: NextStep[];
|
|
64
|
+
_idxResponse?: IdxResponse;
|
|
64
65
|
}
|
|
65
66
|
export declare type IdxOptions = InteractOptions;
|
|
66
67
|
export declare type Authenticator = {
|
|
@@ -27,4 +27,4 @@ export declare function isLoginRedirect(sdk: OktaAuth): boolean;
|
|
|
27
27
|
* Check if error=interaction_required has been passed back in the url, which happens in
|
|
28
28
|
* the social auth IDP redirect flow.
|
|
29
29
|
*/
|
|
30
|
-
export declare function isInteractionRequired(sdk: OktaAuth): boolean;
|
|
30
|
+
export declare function isInteractionRequired(sdk: OktaAuth, hashOrSearch?: string): boolean;
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
/*!
|
|
2
|
+
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
3
|
+
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
4
|
+
*
|
|
5
|
+
* You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
|
|
6
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
7
|
+
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
8
|
+
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
9
|
+
*
|
|
10
|
+
* See the License for the specific language governing permissions and limitations under the License.
|
|
11
|
+
*/
|
|
12
|
+
export interface EmailVerifyCallbackResponse {
|
|
13
|
+
state: string;
|
|
14
|
+
stateTokenExternalId: string;
|
|
15
|
+
}
|
|
16
|
+
export declare function isEmailVerifyCallback(urlPath: string): boolean;
|
|
17
|
+
export declare function parseEmailVerifyCallback(urlPath: string): EmailVerifyCallbackResponse;
|
package/lib/util/index.d.ts
CHANGED