@okta/okta-auth-js 5.8.0 → 5.10.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +45 -0
- package/README.md +12 -2
- package/cjs/OktaAuth.js +34 -13
- package/cjs/OktaAuth.js.map +1 -1
- package/cjs/OktaUserAgent.js +2 -2
- package/cjs/OktaUserAgent.js.map +1 -1
- package/cjs/TokenManager.js +24 -2
- package/cjs/TokenManager.js.map +1 -1
- package/cjs/TransactionManager.js +6 -2
- package/cjs/TransactionManager.js.map +1 -1
- package/cjs/features.js +1 -1
- package/cjs/features.js.map +1 -1
- package/cjs/idx/authenticate.js +3 -18
- package/cjs/idx/authenticate.js.map +1 -1
- package/cjs/idx/authenticator/Authenticator.js +14 -0
- package/cjs/idx/authenticator/Authenticator.js.map +1 -0
- package/cjs/idx/authenticator/OktaPassword.js +31 -0
- package/cjs/idx/authenticator/OktaPassword.js.map +1 -0
- package/cjs/idx/authenticator/OktaVerifyTotp.js +17 -0
- package/cjs/idx/authenticator/OktaVerifyTotp.js.map +1 -0
- package/cjs/idx/authenticator/SecurityQuestionEnrollment.js +50 -0
- package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map +1 -0
- package/cjs/idx/authenticator/SecurityQuestionVerification.js +31 -0
- package/cjs/idx/authenticator/SecurityQuestionVerification.js.map +1 -0
- package/cjs/idx/authenticator/VerificationCodeAuthenticator.js +34 -0
- package/cjs/idx/authenticator/VerificationCodeAuthenticator.js.map +1 -0
- package/cjs/idx/authenticator/getAuthenticator.js +42 -0
- package/cjs/idx/authenticator/getAuthenticator.js.map +1 -0
- package/cjs/idx/authenticator/index.js +80 -0
- package/cjs/idx/authenticator/index.js.map +1 -0
- package/cjs/idx/cancel.js +5 -0
- package/cjs/idx/cancel.js.map +1 -1
- package/cjs/idx/flow/AuthenticationFlow.js +32 -0
- package/cjs/idx/flow/AuthenticationFlow.js.map +1 -0
- package/cjs/idx/flow/FlowSpecification.js +39 -0
- package/cjs/idx/flow/FlowSpecification.js.map +1 -0
- package/cjs/idx/flow/PasswordRecoveryFlow.js +28 -0
- package/cjs/idx/flow/PasswordRecoveryFlow.js.map +1 -0
- package/{esm/crypto/browser.js → cjs/idx/flow/RegistrationFlow.js} +16 -12
- package/cjs/idx/flow/RegistrationFlow.js.map +1 -0
- package/cjs/idx/flow/RemediationFlow.js +2 -0
- package/{esm/types/Cookies.js.map → cjs/idx/flow/RemediationFlow.js.map} +1 -1
- package/cjs/idx/flow/index.js +67 -0
- package/cjs/idx/flow/index.js.map +1 -0
- package/cjs/idx/index.js +39 -0
- package/cjs/idx/index.js.map +1 -1
- package/cjs/idx/interact.js +8 -2
- package/cjs/idx/interact.js.map +1 -1
- package/cjs/idx/poll.js +59 -0
- package/cjs/idx/poll.js.map +1 -0
- package/cjs/idx/proceed.js +49 -0
- package/cjs/idx/proceed.js.map +1 -0
- package/cjs/idx/recoverPassword.js +3 -17
- package/cjs/idx/recoverPassword.js.map +1 -1
- package/cjs/idx/register.js +22 -20
- package/cjs/idx/register.js.map +1 -1
- package/cjs/idx/remediate.js +40 -93
- package/cjs/idx/remediate.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorEnrollmentData.js +9 -12
- package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorVerificationData.js +6 -9
- package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
- package/cjs/idx/remediators/Base/AuthenticatorData.js +43 -32
- package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
- package/cjs/idx/remediators/Base/Remediator.js +51 -20
- package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
- package/cjs/idx/remediators/Base/SelectAuthenticator.js +16 -16
- package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js +8 -28
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
- package/{esm/idx/remediators/RedirectIdp.js → cjs/idx/remediators/ChallengePoll.js} +13 -25
- package/cjs/idx/remediators/ChallengePoll.js.map +1 -0
- package/cjs/idx/remediators/EnrollPoll.js +56 -0
- package/cjs/idx/remediators/EnrollPoll.js.map +1 -0
- package/cjs/idx/remediators/Identify.js +4 -36
- package/cjs/idx/remediators/Identify.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js +23 -2
- package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
- package/cjs/idx/remediators/Skip.js +7 -0
- package/cjs/idx/remediators/Skip.js.map +1 -1
- package/cjs/idx/remediators/index.js +26 -0
- package/cjs/idx/remediators/index.js.map +1 -1
- package/cjs/idx/run.js +18 -20
- package/cjs/idx/run.js.map +1 -1
- package/cjs/idx/startTransaction.js +2 -0
- package/cjs/idx/startTransaction.js.map +1 -1
- package/cjs/idx/transactionMeta.js +67 -42
- package/cjs/idx/transactionMeta.js.map +1 -1
- package/cjs/idx/types/FlowIdentifier.js +2 -0
- package/{esm/types/AuthState.js.map → cjs/idx/types/FlowIdentifier.js.map} +1 -1
- package/cjs/idx/types/idx-js.js.map +1 -1
- package/cjs/idx/types/index.js +18 -1
- package/cjs/idx/types/index.js.map +1 -1
- package/cjs/oidc/endpoints/authorize.js +4 -1
- package/cjs/oidc/endpoints/authorize.js.map +1 -1
- package/cjs/types/Token.js.map +1 -1
- package/cjs/types/Transaction.js.map +1 -1
- package/dist/okta-auth-js.min.js +1 -1
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.umd.js +1 -1
- package/dist/okta-auth-js.umd.js.map +1 -1
- package/esm/index.js +8580 -16
- package/esm/index.js.map +1 -1
- package/lib/TokenManager.d.ts +2 -0
- package/lib/TransactionManager.d.ts +1 -0
- package/lib/idx/authenticator/Authenticator.d.ts +12 -0
- package/lib/idx/authenticator/OktaPassword.d.ts +11 -0
- package/lib/idx/authenticator/OktaVerifyTotp.d.ts +9 -0
- package/lib/idx/authenticator/SecurityQuestionEnrollment.d.ts +28 -0
- package/lib/idx/authenticator/SecurityQuestionVerification.d.ts +14 -0
- package/lib/idx/authenticator/VerificationCodeAuthenticator.d.ts +10 -0
- package/lib/idx/authenticator/getAuthenticator.d.ts +3 -0
- package/lib/idx/authenticator/index.d.ts +6 -0
- package/{esm/crypto/webcrypto.js → lib/idx/flow/AuthenticationFlow.d.ts} +3 -4
- package/lib/idx/flow/FlowSpecification.d.ts +8 -0
- package/{esm/oidc/endpoints/index.js → lib/idx/flow/PasswordRecoveryFlow.d.ts} +3 -5
- package/{esm/tx/TransactionState.js → lib/idx/flow/RegistrationFlow.d.ts} +3 -3
- package/{esm/crypto/index.js → lib/idx/flow/RemediationFlow.d.ts} +3 -6
- package/lib/idx/{flowMonitors → flow}/index.d.ts +5 -4
- package/lib/idx/index.d.ts +3 -0
- package/lib/idx/interact.d.ts +1 -0
- package/lib/idx/poll.d.ts +13 -0
- package/lib/idx/proceed.d.ts +21 -0
- package/lib/idx/register.d.ts +1 -1
- package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +9 -5
- package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +0 -1
- package/lib/idx/remediators/Base/AuthenticatorData.d.ts +8 -3
- package/lib/idx/remediators/Base/Remediator.d.ts +9 -6
- package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +5 -4
- package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +8 -4
- package/lib/idx/remediators/ChallengePoll.d.ts +15 -0
- package/{esm/tx/util.js → lib/idx/remediators/EnrollPoll.d.ts} +11 -13
- package/lib/idx/remediators/Identify.d.ts +1 -3
- package/lib/idx/remediators/SelectAuthenticatorAuthenticate.d.ts +6 -2
- package/lib/idx/remediators/Skip.d.ts +3 -0
- package/lib/idx/remediators/index.d.ts +2 -0
- package/lib/idx/run.d.ts +8 -10
- package/lib/idx/transactionMeta.d.ts +24 -1
- package/lib/idx/types/FlowIdentifier.d.ts +1 -0
- package/lib/idx/types/idx-js.d.ts +52 -1
- package/lib/idx/types/index.d.ts +16 -3
- package/lib/types/OktaAuthOptions.d.ts +3 -0
- package/lib/types/Token.d.ts +1 -0
- package/lib/types/Transaction.d.ts +2 -0
- package/lib/types/api.d.ts +15 -2
- package/package.json +16 -8
- package/cjs/idx/flowMonitors/AuthenticationFlowMonitor.js +0 -45
- package/cjs/idx/flowMonitors/AuthenticationFlowMonitor.js.map +0 -1
- package/cjs/idx/flowMonitors/FlowMonitor.js +0 -69
- package/cjs/idx/flowMonitors/FlowMonitor.js.map +0 -1
- package/cjs/idx/flowMonitors/PasswordRecoveryFlowMonitor.js +0 -55
- package/cjs/idx/flowMonitors/PasswordRecoveryFlowMonitor.js.map +0 -1
- package/cjs/idx/flowMonitors/RegistrationFlowMonitor.js +0 -35
- package/cjs/idx/flowMonitors/RegistrationFlowMonitor.js.map +0 -1
- package/cjs/idx/flowMonitors/index.js +0 -54
- package/cjs/idx/flowMonitors/index.js.map +0 -1
- package/esm/AuthStateManager.js +0 -214
- package/esm/AuthStateManager.js.map +0 -1
- package/esm/OktaAuth.js +0 -705
- package/esm/OktaAuth.js.map +0 -1
- package/esm/OktaUserAgent.js +0 -49
- package/esm/OktaUserAgent.js.map +0 -1
- package/esm/PromiseQueue.js +0 -71
- package/esm/PromiseQueue.js.map +0 -1
- package/esm/SavedObject.js +0 -91
- package/esm/SavedObject.js.map +0 -1
- package/esm/StorageManager.js +0 -190
- package/esm/StorageManager.js.map +0 -1
- package/esm/TokenManager.js +0 -455
- package/esm/TokenManager.js.map +0 -1
- package/esm/TransactionManager.js +0 -324
- package/esm/TransactionManager.js.map +0 -1
- package/esm/browser/browserStorage.js +0 -256
- package/esm/browser/browserStorage.js.map +0 -1
- package/esm/browser/fingerprint.js +0 -74
- package/esm/browser/fingerprint.js.map +0 -1
- package/esm/builderUtil.js +0 -56
- package/esm/builderUtil.js.map +0 -1
- package/esm/clock.js +0 -32
- package/esm/clock.js.map +0 -1
- package/esm/constants.js +0 -36
- package/esm/constants.js.map +0 -1
- package/esm/crypto/base64.js +0 -66
- package/esm/crypto/base64.js.map +0 -1
- package/esm/crypto/browser.js.map +0 -1
- package/esm/crypto/index.js.map +0 -1
- package/esm/crypto/node.js +0 -54
- package/esm/crypto/node.js.map +0 -1
- package/esm/crypto/oidcHash.js +0 -27
- package/esm/crypto/oidcHash.js.map +0 -1
- package/esm/crypto/verifyToken.js +0 -39
- package/esm/crypto/verifyToken.js.map +0 -1
- package/esm/crypto/webcrypto.js.map +0 -1
- package/esm/errors/AuthApiError.js +0 -30
- package/esm/errors/AuthApiError.js.map +0 -1
- package/esm/errors/AuthPollStopError.js +0 -20
- package/esm/errors/AuthPollStopError.js.map +0 -1
- package/esm/errors/AuthSdkError.js +0 -29
- package/esm/errors/AuthSdkError.js.map +0 -1
- package/esm/errors/CustomError.js +0 -21
- package/esm/errors/CustomError.js.map +0 -1
- package/esm/errors/OAuthError.js +0 -22
- package/esm/errors/OAuthError.js.map +0 -1
- package/esm/errors/index.js +0 -22
- package/esm/errors/index.js.map +0 -1
- package/esm/features.js +0 -64
- package/esm/features.js.map +0 -1
- package/esm/fetch/fetchRequest.js +0 -92
- package/esm/fetch/fetchRequest.js.map +0 -1
- package/esm/http/headers.js +0 -17
- package/esm/http/headers.js.map +0 -1
- package/esm/http/index.js +0 -3
- package/esm/http/index.js.map +0 -1
- package/esm/http/request.js +0 -145
- package/esm/http/request.js.map +0 -1
- package/esm/idx/authenticate.js +0 -47
- package/esm/idx/authenticate.js.map +0 -1
- package/esm/idx/cancel.js +0 -32
- package/esm/idx/cancel.js.map +0 -1
- package/esm/idx/flowMonitors/AuthenticationFlowMonitor.js +0 -41
- package/esm/idx/flowMonitors/AuthenticationFlowMonitor.js.map +0 -1
- package/esm/idx/flowMonitors/FlowMonitor.js +0 -73
- package/esm/idx/flowMonitors/FlowMonitor.js.map +0 -1
- package/esm/idx/flowMonitors/PasswordRecoveryFlowMonitor.js +0 -57
- package/esm/idx/flowMonitors/PasswordRecoveryFlowMonitor.js.map +0 -1
- package/esm/idx/flowMonitors/RegistrationFlowMonitor.js +0 -28
- package/esm/idx/flowMonitors/RegistrationFlowMonitor.js.map +0 -1
- package/esm/idx/flowMonitors/index.js +0 -16
- package/esm/idx/flowMonitors/index.js.map +0 -1
- package/esm/idx/handleInteractionCodeRedirect.js +0 -64
- package/esm/idx/handleInteractionCodeRedirect.js.map +0 -1
- package/esm/idx/headers.js +0 -39
- package/esm/idx/headers.js.map +0 -1
- package/esm/idx/index.js +0 -20
- package/esm/idx/index.js.map +0 -1
- package/esm/idx/interact.js +0 -86
- package/esm/idx/interact.js.map +0 -1
- package/esm/idx/introspect.js +0 -61
- package/esm/idx/introspect.js.map +0 -1
- package/esm/idx/recoverPassword.js +0 -46
- package/esm/idx/recoverPassword.js.map +0 -1
- package/esm/idx/register.js +0 -63
- package/esm/idx/register.js.map +0 -1
- package/esm/idx/remediate.js +0 -302
- package/esm/idx/remediate.js.map +0 -1
- package/esm/idx/remediators/AuthenticatorEnrollmentData.js +0 -68
- package/esm/idx/remediators/AuthenticatorEnrollmentData.js.map +0 -1
- package/esm/idx/remediators/AuthenticatorVerificationData.js +0 -66
- package/esm/idx/remediators/AuthenticatorVerificationData.js.map +0 -1
- package/esm/idx/remediators/Base/AuthenticatorData.js +0 -105
- package/esm/idx/remediators/Base/AuthenticatorData.js.map +0 -1
- package/esm/idx/remediators/Base/Remediator.js +0 -221
- package/esm/idx/remediators/Base/Remediator.js.map +0 -1
- package/esm/idx/remediators/Base/SelectAuthenticator.js +0 -140
- package/esm/idx/remediators/Base/SelectAuthenticator.js.map +0 -1
- package/esm/idx/remediators/Base/VerifyAuthenticator.js +0 -65
- package/esm/idx/remediators/Base/VerifyAuthenticator.js.map +0 -1
- package/esm/idx/remediators/ChallengeAuthenticator.js +0 -18
- package/esm/idx/remediators/ChallengeAuthenticator.js.map +0 -1
- package/esm/idx/remediators/EnrollAuthenticator.js +0 -18
- package/esm/idx/remediators/EnrollAuthenticator.js.map +0 -1
- package/esm/idx/remediators/EnrollProfile.js +0 -79
- package/esm/idx/remediators/EnrollProfile.js.map +0 -1
- package/esm/idx/remediators/Identify.js +0 -87
- package/esm/idx/remediators/Identify.js.map +0 -1
- package/esm/idx/remediators/ReEnrollAuthenticator.js +0 -45
- package/esm/idx/remediators/ReEnrollAuthenticator.js.map +0 -1
- package/esm/idx/remediators/RedirectIdp.js.map +0 -1
- package/esm/idx/remediators/ResetAuthenticator.js +0 -18
- package/esm/idx/remediators/ResetAuthenticator.js.map +0 -1
- package/esm/idx/remediators/SelectAuthenticatorAuthenticate.js +0 -18
- package/esm/idx/remediators/SelectAuthenticatorAuthenticate.js.map +0 -1
- package/esm/idx/remediators/SelectAuthenticatorEnroll.js +0 -18
- package/esm/idx/remediators/SelectAuthenticatorEnroll.js.map +0 -1
- package/esm/idx/remediators/SelectEnrollProfile.js +0 -24
- package/esm/idx/remediators/SelectEnrollProfile.js.map +0 -1
- package/esm/idx/remediators/Skip.js +0 -23
- package/esm/idx/remediators/Skip.js.map +0 -1
- package/esm/idx/remediators/index.js +0 -26
- package/esm/idx/remediators/index.js.map +0 -1
- package/esm/idx/remediators/util.js +0 -35
- package/esm/idx/remediators/util.js.map +0 -1
- package/esm/idx/run.js +0 -222
- package/esm/idx/run.js.map +0 -1
- package/esm/idx/startTransaction.js +0 -27
- package/esm/idx/startTransaction.js.map +0 -1
- package/esm/idx/transactionMeta.js +0 -125
- package/esm/idx/transactionMeta.js.map +0 -1
- package/esm/idx/types/idx-js.js +0 -20
- package/esm/idx/types/idx-js.js.map +0 -1
- package/esm/idx/types/index.js +0 -44
- package/esm/idx/types/index.js.map +0 -1
- package/esm/oidc/decodeToken.js +0 -31
- package/esm/oidc/decodeToken.js.map +0 -1
- package/esm/oidc/endpoints/authorize.js +0 -61
- package/esm/oidc/endpoints/authorize.js.map +0 -1
- package/esm/oidc/endpoints/index.js.map +0 -1
- package/esm/oidc/endpoints/token.js +0 -97
- package/esm/oidc/endpoints/token.js.map +0 -1
- package/esm/oidc/endpoints/well-known.js +0 -58
- package/esm/oidc/endpoints/well-known.js.map +0 -1
- package/esm/oidc/exchangeCodeForTokens.js +0 -69
- package/esm/oidc/exchangeCodeForTokens.js.map +0 -1
- package/esm/oidc/getToken.js +0 -180
- package/esm/oidc/getToken.js.map +0 -1
- package/esm/oidc/getUserInfo.js +0 -82
- package/esm/oidc/getUserInfo.js.map +0 -1
- package/esm/oidc/getWithPopup.js +0 -34
- package/esm/oidc/getWithPopup.js.map +0 -1
- package/esm/oidc/getWithRedirect.js +0 -61
- package/esm/oidc/getWithRedirect.js.map +0 -1
- package/esm/oidc/getWithoutPrompt.js +0 -29
- package/esm/oidc/getWithoutPrompt.js.map +0 -1
- package/esm/oidc/handleOAuthResponse.js +0 -148
- package/esm/oidc/handleOAuthResponse.js.map +0 -1
- package/esm/oidc/index.js +0 -29
- package/esm/oidc/index.js.map +0 -1
- package/esm/oidc/parseFromUrl.js +0 -144
- package/esm/oidc/parseFromUrl.js.map +0 -1
- package/esm/oidc/renewToken.js +0 -85
- package/esm/oidc/renewToken.js.map +0 -1
- package/esm/oidc/renewTokens.js +0 -74
- package/esm/oidc/renewTokens.js.map +0 -1
- package/esm/oidc/renewTokensWithRefresh.js +0 -55
- package/esm/oidc/renewTokensWithRefresh.js.map +0 -1
- package/esm/oidc/revokeToken.js +0 -57
- package/esm/oidc/revokeToken.js.map +0 -1
- package/esm/oidc/util/browser.js +0 -74
- package/esm/oidc/util/browser.js.map +0 -1
- package/esm/oidc/util/defaultTokenParams.js +0 -42
- package/esm/oidc/util/defaultTokenParams.js.map +0 -1
- package/esm/oidc/util/errors.js +0 -31
- package/esm/oidc/util/errors.js.map +0 -1
- package/esm/oidc/util/index.js +0 -25
- package/esm/oidc/util/index.js.map +0 -1
- package/esm/oidc/util/loginRedirect.js +0 -88
- package/esm/oidc/util/loginRedirect.js.map +0 -1
- package/esm/oidc/util/oauth.js +0 -70
- package/esm/oidc/util/oauth.js.map +0 -1
- package/esm/oidc/util/pkce.js +0 -55
- package/esm/oidc/util/pkce.js.map +0 -1
- package/esm/oidc/util/prepareTokenParams.js +0 -75
- package/esm/oidc/util/prepareTokenParams.js.map +0 -1
- package/esm/oidc/util/refreshToken.js +0 -24
- package/esm/oidc/util/refreshToken.js.map +0 -1
- package/esm/oidc/util/urlParams.js +0 -54
- package/esm/oidc/util/urlParams.js.map +0 -1
- package/esm/oidc/util/validateClaims.js +0 -53
- package/esm/oidc/util/validateClaims.js.map +0 -1
- package/esm/oidc/util/validateToken.js +0 -21
- package/esm/oidc/util/validateToken.js.map +0 -1
- package/esm/oidc/verifyToken.js +0 -78
- package/esm/oidc/verifyToken.js.map +0 -1
- package/esm/options.js +0 -144
- package/esm/options.js.map +0 -1
- package/esm/server/serverStorage.js +0 -111
- package/esm/server/serverStorage.js.map +0 -1
- package/esm/services/TokenService.js +0 -103
- package/esm/services/TokenService.js.map +0 -1
- package/esm/session.js +0 -81
- package/esm/session.js.map +0 -1
- package/esm/tx/AuthTransaction.js +0 -213
- package/esm/tx/AuthTransaction.js.map +0 -1
- package/esm/tx/TransactionState.js.map +0 -1
- package/esm/tx/api.js +0 -87
- package/esm/tx/api.js.map +0 -1
- package/esm/tx/index.js +0 -18
- package/esm/tx/index.js.map +0 -1
- package/esm/tx/poll.js +0 -124
- package/esm/tx/poll.js.map +0 -1
- package/esm/tx/util.js.map +0 -1
- package/esm/types/AuthState.js +0 -3
- package/esm/types/Cookies.js +0 -3
- package/esm/types/EventEmitter.js +0 -3
- package/esm/types/EventEmitter.js.map +0 -1
- package/esm/types/JWT.js +0 -3
- package/esm/types/JWT.js.map +0 -1
- package/esm/types/OAuth.js +0 -3
- package/esm/types/OAuth.js.map +0 -1
- package/esm/types/OktaAuthOptions.js +0 -3
- package/esm/types/OktaAuthOptions.js.map +0 -1
- package/esm/types/Storage.js +0 -3
- package/esm/types/Storage.js.map +0 -1
- package/esm/types/Token.js +0 -29
- package/esm/types/Token.js.map +0 -1
- package/esm/types/TokenManager.js +0 -3
- package/esm/types/TokenManager.js.map +0 -1
- package/esm/types/Transaction.js +0 -57
- package/esm/types/Transaction.js.map +0 -1
- package/esm/types/UserClaims.js +0 -3
- package/esm/types/UserClaims.js.map +0 -1
- package/esm/types/api.js +0 -3
- package/esm/types/api.js.map +0 -1
- package/esm/types/http.js +0 -3
- package/esm/types/http.js.map +0 -1
- package/esm/types/index.js +0 -27
- package/esm/types/index.js.map +0 -1
- package/esm/util/console.js +0 -53
- package/esm/util/console.js.map +0 -1
- package/esm/util/emailVerify.js +0 -21
- package/esm/util/emailVerify.js.map +0 -1
- package/esm/util/index.js +0 -18
- package/esm/util/index.js.map +0 -1
- package/esm/util/misc.js +0 -33
- package/esm/util/misc.js.map +0 -1
- package/esm/util/object.js +0 -117
- package/esm/util/object.js.map +0 -1
- package/esm/util/sharedStorage.js +0 -43
- package/esm/util/sharedStorage.js.map +0 -1
- package/esm/util/types.js +0 -27
- package/esm/util/types.js.map +0 -1
- package/esm/util/url.js +0 -64
- package/esm/util/url.js.map +0 -1
- package/lib/idx/flowMonitors/AuthenticationFlowMonitor.d.ts +0 -15
- package/lib/idx/flowMonitors/FlowMonitor.d.ts +0 -23
- package/lib/idx/flowMonitors/PasswordRecoveryFlowMonitor.d.ts +0 -16
- package/lib/idx/flowMonitors/RegistrationFlowMonitor.d.ts +0 -15
|
@@ -8,8 +8,6 @@ var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/de
|
|
|
8
8
|
|
|
9
9
|
var _Remediator = require("./Base/Remediator");
|
|
10
10
|
|
|
11
|
-
var _types = require("../types");
|
|
12
|
-
|
|
13
11
|
/*!
|
|
14
12
|
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
15
13
|
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
@@ -22,26 +20,13 @@ var _types = require("../types");
|
|
|
22
20
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
23
21
|
*/
|
|
24
22
|
class Identify extends _Remediator.Remediator {
|
|
25
|
-
constructor(
|
|
26
|
-
super(
|
|
27
|
-
|
|
23
|
+
constructor(...args) {
|
|
24
|
+
super(...args);
|
|
28
25
|
(0, _defineProperty2.default)(this, "map", {
|
|
29
26
|
'identifier': ['username'],
|
|
30
|
-
'credentials': []
|
|
27
|
+
'credentials': [],
|
|
28
|
+
'rememberMe': ['rememberMe']
|
|
31
29
|
});
|
|
32
|
-
const {
|
|
33
|
-
password,
|
|
34
|
-
authenticators
|
|
35
|
-
} = this.values;
|
|
36
|
-
|
|
37
|
-
if (password && !authenticators.some(authenticator => authenticator.type === 'password')) {
|
|
38
|
-
this.values = { ...this.values,
|
|
39
|
-
authenticators: [{
|
|
40
|
-
type: 'password',
|
|
41
|
-
key: _types.AuthenticatorKey.OKTA_PASSWORD
|
|
42
|
-
}, ...authenticators]
|
|
43
|
-
};
|
|
44
|
-
}
|
|
45
30
|
}
|
|
46
31
|
|
|
47
32
|
canRemediate() {
|
|
@@ -64,23 +49,6 @@ class Identify extends _Remediator.Remediator {
|
|
|
64
49
|
};
|
|
65
50
|
}
|
|
66
51
|
|
|
67
|
-
getValuesAfterProceed() {
|
|
68
|
-
// Handle username + password scenario
|
|
69
|
-
// remove "password" from authenticator array when remediation is finished
|
|
70
|
-
if (this.remediation.value.some(({
|
|
71
|
-
name
|
|
72
|
-
}) => name === 'credentials')) {
|
|
73
|
-
var _this$values$authenti;
|
|
74
|
-
|
|
75
|
-
const authenticators = (_this$values$authenti = this.values.authenticators) === null || _this$values$authenti === void 0 ? void 0 : _this$values$authenti.filter(authenticator => authenticator.key !== _types.AuthenticatorKey.OKTA_PASSWORD);
|
|
76
|
-
return { ...this.values,
|
|
77
|
-
authenticators
|
|
78
|
-
};
|
|
79
|
-
}
|
|
80
|
-
|
|
81
|
-
return super.getValuesAfterProceed();
|
|
82
|
-
}
|
|
83
|
-
|
|
84
52
|
}
|
|
85
53
|
|
|
86
54
|
exports.Identify = Identify;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/remediators/Identify.ts"],"names":["Identify","Remediator","
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/remediators/Identify.ts"],"names":["Identify","Remediator","canRemediate","identifier","getData","mapCredentials","passcode","values","password","getInputCredentials","input","form","value","name","required"],"mappings":";;;;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAUO,MAAMA,QAAN,SAAuBC,sBAAvB,CAAkC;AAAA;AAAA;AAAA,+CAKjC;AACJ,oBAAc,CAAC,UAAD,CADV;AAEJ,qBAAe,EAFX;AAGJ,oBAAc,CAAC,YAAD;AAHV,KALiC;AAAA;;AAWvCC,EAAAA,YAAY,GAAG;AACb,UAAM;AAAEC,MAAAA;AAAF,QAAiB,KAAKC,OAAL,EAAvB;AACA,WAAO,CAAC,CAACD,UAAT;AACD;;AAEDE,EAAAA,cAAc,GAAG;AACf,WAAO;AAAEC,MAAAA,QAAQ,EAAE,KAAKC,MAAL,CAAYC;AAAxB,KAAP;AACD;;AAEDC,EAAAA,mBAAmB,CAACC,KAAD,EAAQ;AACzB,WAAO,EACL,GAAGA,KAAK,CAACC,IAAN,CAAWC,KAAX,CAAiB,CAAjB,CADE;AAELC,MAAAA,IAAI,EAAE,UAFD;AAGLC,MAAAA,QAAQ,EAAEJ,KAAK,CAACI;AAHX,KAAP;AAKD;;AA1BsC;;;8BAA5Bd,Q,qBACc,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Base/Remediator';\n\nexport interface IdentifyValues extends RemediationValues {\n username?: string;\n password?: string;\n}\n\nexport class Identify extends Remediator {\n static remediationName = 'identify';\n\n values: IdentifyValues;\n\n map = {\n 'identifier': ['username'],\n 'credentials': [],\n 'rememberMe': ['rememberMe'],\n };\n\n canRemediate() {\n const { identifier } = this.getData();\n return !!identifier;\n }\n\n mapCredentials() {\n return { passcode: this.values.password };\n }\n\n getInputCredentials(input) {\n return {\n ...input.form.value[0],\n name: 'password',\n required: input.required\n };\n }\n\n}\n"],"file":"Identify.js"}
|
|
@@ -6,7 +6,11 @@ exports.SelectAuthenticatorAuthenticate = void 0;
|
|
|
6
6
|
|
|
7
7
|
var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/defineProperty"));
|
|
8
8
|
|
|
9
|
-
var _SelectAuthenticator = require("
|
|
9
|
+
var _SelectAuthenticator = require("./Base/SelectAuthenticator");
|
|
10
|
+
|
|
11
|
+
var _util = require("./util");
|
|
12
|
+
|
|
13
|
+
var _types = require("../types");
|
|
10
14
|
|
|
11
15
|
/*!
|
|
12
16
|
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
@@ -19,7 +23,24 @@ var _SelectAuthenticator = require(".//Base/SelectAuthenticator");
|
|
|
19
23
|
*
|
|
20
24
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
21
25
|
*/
|
|
22
|
-
class SelectAuthenticatorAuthenticate extends _SelectAuthenticator.SelectAuthenticator {
|
|
26
|
+
class SelectAuthenticatorAuthenticate extends _SelectAuthenticator.SelectAuthenticator {
|
|
27
|
+
constructor(remediation, values = {}) {
|
|
28
|
+
var _getAuthenticatorFrom;
|
|
29
|
+
|
|
30
|
+
super(remediation, values); // Preset password authenticator to trigger recover action
|
|
31
|
+
|
|
32
|
+
const hasPasswordInOptions = (_getAuthenticatorFrom = (0, _util.getAuthenticatorFromRemediation)(remediation).options) === null || _getAuthenticatorFrom === void 0 ? void 0 : _getAuthenticatorFrom.some(({
|
|
33
|
+
relatesTo
|
|
34
|
+
}) => relatesTo.key === _types.AuthenticatorKey.OKTA_PASSWORD);
|
|
35
|
+
|
|
36
|
+
if (hasPasswordInOptions && (this.values.flow === 'recoverPassword' || this.values.password)) {
|
|
37
|
+
this.values.authenticators = [...this.values.authenticators, {
|
|
38
|
+
key: _types.AuthenticatorKey.OKTA_PASSWORD
|
|
39
|
+
}];
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
|
|
43
|
+
}
|
|
23
44
|
|
|
24
45
|
exports.SelectAuthenticatorAuthenticate = SelectAuthenticatorAuthenticate;
|
|
25
46
|
(0, _defineProperty2.default)(SelectAuthenticatorAuthenticate, "remediationName", 'select-authenticator-authenticate');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/remediators/SelectAuthenticatorAuthenticate.ts"],"names":["SelectAuthenticatorAuthenticate","SelectAuthenticator"],"mappings":";;;;;;;;AAaA;;
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/remediators/SelectAuthenticatorAuthenticate.ts"],"names":["SelectAuthenticatorAuthenticate","SelectAuthenticator","constructor","remediation","values","hasPasswordInOptions","options","some","relatesTo","key","AuthenticatorKey","OKTA_PASSWORD","flow","password","authenticators"],"mappings":";;;;;;;;AAaA;;AACA;;AAEA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYO,MAAMA,+BAAN,SAA8CC,wCAA9C,CAAkE;AAIvEC,EAAAA,WAAW,CAACC,WAAD,EAA8BC,MAAiC,GAAG,EAAlE,EAAsE;AAAA;;AAC/E,UAAMD,WAAN,EAAmBC,MAAnB,EAD+E,CAG/E;;AACA,UAAMC,oBAAoB,4BAAG,2CAAgCF,WAAhC,EAC1BG,OADuB,0DAAG,sBACjBC,IADiB,CACZ,CAAC;AAAEC,MAAAA;AAAF,KAAD,KAAmBA,SAAS,CAACC,GAAV,KAAkBC,wBAAiBC,aAD1C,CAA7B;;AAEA,QAAIN,oBAAoB,KAAK,KAAKD,MAAL,CAAYQ,IAAZ,KAAqB,iBAArB,IAA0C,KAAKR,MAAL,CAAYS,QAA3D,CAAxB,EAA8F;AAC5F,WAAKT,MAAL,CAAYU,cAAZ,GAA6B,CAC3B,GAAG,KAAKV,MAAL,CAAYU,cADY,EAE3B;AAAEL,QAAAA,GAAG,EAAEC,wBAAiBC;AAAxB,OAF2B,CAA7B;AAID;AACF;;AAhBsE;;;8BAA5DX,+B,qBACc,mC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { SelectAuthenticator, SelectAuthenticatorValues } from './Base/SelectAuthenticator';\nimport { getAuthenticatorFromRemediation } from './util';\nimport { IdxRemediation } from '../types/idx-js';\nimport { AuthenticatorKey, Authenticator } from '../types';\n\nexport type SelectAuthenticatorAuthenticateValues = SelectAuthenticatorValues & {\n password?: string;\n};\n\nexport class SelectAuthenticatorAuthenticate extends SelectAuthenticator {\n static remediationName = 'select-authenticator-authenticate';\n values: SelectAuthenticatorAuthenticateValues;\n\n constructor(remediation: IdxRemediation, values: SelectAuthenticatorValues = {}) {\n super(remediation, values);\n\n // Preset password authenticator to trigger recover action\n const hasPasswordInOptions = getAuthenticatorFromRemediation(remediation)\n .options?.some(({ relatesTo }) => relatesTo.key === AuthenticatorKey.OKTA_PASSWORD);\n if (hasPasswordInOptions && (this.values.flow === 'recoverPassword' || this.values.password)) {\n this.values.authenticators = [\n ...this.values.authenticators,\n { key: AuthenticatorKey.OKTA_PASSWORD }\n ] as Authenticator[];\n }\n }\n}\n"],"file":"SelectAuthenticatorAuthenticate.js"}
|
|
@@ -20,6 +20,13 @@ var _Remediator = require("./Base/Remediator");
|
|
|
20
20
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
21
21
|
*/
|
|
22
22
|
class Skip extends _Remediator.Remediator {
|
|
23
|
+
constructor(...args) {
|
|
24
|
+
super(...args);
|
|
25
|
+
(0, _defineProperty2.default)(this, "map", {
|
|
26
|
+
skip: ['skip']
|
|
27
|
+
});
|
|
28
|
+
}
|
|
29
|
+
|
|
23
30
|
canRemediate() {
|
|
24
31
|
return !!this.values.skip;
|
|
25
32
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/remediators/Skip.ts"],"names":["Skip","Remediator","
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/remediators/Skip.ts"],"names":["Skip","Remediator","skip","canRemediate","values"],"mappings":";;;;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AASO,MAAMA,IAAN,SAAmBC,sBAAnB,CAA8B;AAAA;AAAA;AAAA,+CAK7B;AACJC,MAAAA,IAAI,EAAE,CAAC,MAAD;AADF,KAL6B;AAAA;;AASnCC,EAAAA,YAAY,GAAG;AACb,WAAO,CAAC,CAAC,KAAKC,MAAL,CAAYF,IAArB;AACD;;AAXkC;;;8BAAxBF,I,qBACc,M","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Base/Remediator';\n\nexport interface SkipValues extends RemediationValues {\n skip?: boolean;\n}\n\nexport class Skip extends Remediator {\n static remediationName = 'skip';\n\n values: SkipValues;\n\n map = {\n skip: ['skip']\n }\n\n canRemediate() {\n return !!this.values.skip;\n }\n\n}\n"],"file":"Skip.js"}
|
|
@@ -26,6 +26,19 @@ Object.keys(_EnrollAuthenticator).forEach(function (key) {
|
|
|
26
26
|
});
|
|
27
27
|
});
|
|
28
28
|
|
|
29
|
+
var _EnrollPoll = require("./EnrollPoll");
|
|
30
|
+
|
|
31
|
+
Object.keys(_EnrollPoll).forEach(function (key) {
|
|
32
|
+
if (key === "default" || key === "__esModule") return;
|
|
33
|
+
if (key in exports && exports[key] === _EnrollPoll[key]) return;
|
|
34
|
+
Object.defineProperty(exports, key, {
|
|
35
|
+
enumerable: true,
|
|
36
|
+
get: function () {
|
|
37
|
+
return _EnrollPoll[key];
|
|
38
|
+
}
|
|
39
|
+
});
|
|
40
|
+
});
|
|
41
|
+
|
|
29
42
|
var _ChallengeAuthenticator = require("./ChallengeAuthenticator");
|
|
30
43
|
|
|
31
44
|
Object.keys(_ChallengeAuthenticator).forEach(function (key) {
|
|
@@ -39,6 +52,19 @@ Object.keys(_ChallengeAuthenticator).forEach(function (key) {
|
|
|
39
52
|
});
|
|
40
53
|
});
|
|
41
54
|
|
|
55
|
+
var _ChallengePoll = require("./ChallengePoll");
|
|
56
|
+
|
|
57
|
+
Object.keys(_ChallengePoll).forEach(function (key) {
|
|
58
|
+
if (key === "default" || key === "__esModule") return;
|
|
59
|
+
if (key in exports && exports[key] === _ChallengePoll[key]) return;
|
|
60
|
+
Object.defineProperty(exports, key, {
|
|
61
|
+
enumerable: true,
|
|
62
|
+
get: function () {
|
|
63
|
+
return _ChallengePoll[key];
|
|
64
|
+
}
|
|
65
|
+
});
|
|
66
|
+
});
|
|
67
|
+
|
|
42
68
|
var _ResetAuthenticator = require("./ResetAuthenticator");
|
|
43
69
|
|
|
44
70
|
Object.keys(_ResetAuthenticator).forEach(function (key) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/remediators/index.ts"],"names":[],"mappings":";;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './Base/Remediator';\nexport * from './EnrollAuthenticator';\nexport * from './ChallengeAuthenticator';\nexport * from './ResetAuthenticator';\nexport * from './EnrollProfile';\nexport * from './Identify';\nexport * from './ReEnrollAuthenticator';\nexport * from './RedirectIdp';\nexport * from './SelectAuthenticatorAuthenticate';\nexport * from './SelectAuthenticatorEnroll';\nexport * from './SelectEnrollProfile';\nexport * from './AuthenticatorVerificationData';\nexport * from './AuthenticatorEnrollmentData';\nexport * from './Skip';\n"],"file":"index.js"}
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/remediators/index.ts"],"names":[],"mappings":";;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './Base/Remediator';\nexport * from './EnrollAuthenticator';\nexport * from './EnrollPoll';\nexport * from './ChallengeAuthenticator';\nexport * from './ChallengePoll';\nexport * from './ResetAuthenticator';\nexport * from './EnrollProfile';\nexport * from './Identify';\nexport * from './ReEnrollAuthenticator';\nexport * from './RedirectIdp';\nexport * from './SelectAuthenticatorAuthenticate';\nexport * from './SelectAuthenticatorEnroll';\nexport * from './SelectEnrollProfile';\nexport * from './AuthenticatorVerificationData';\nexport * from './AuthenticatorEnrollmentData';\nexport * from './Skip';\n"],"file":"index.js"}
|
package/cjs/idx/run.js
CHANGED
|
@@ -10,8 +10,6 @@ var _remediate = require("./remediate");
|
|
|
10
10
|
|
|
11
11
|
var remediators = _interopRequireWildcard(require("./remediators"));
|
|
12
12
|
|
|
13
|
-
var _errors = require("../errors");
|
|
14
|
-
|
|
15
13
|
var _types = require("../types");
|
|
16
14
|
|
|
17
15
|
var _transactionMeta = require("./transactionMeta");
|
|
@@ -82,7 +80,7 @@ function getAvailableSteps(remediations) {
|
|
|
82
80
|
return res;
|
|
83
81
|
}
|
|
84
82
|
|
|
85
|
-
async function run(authClient, options) {
|
|
83
|
+
async function run(authClient, options = {}) {
|
|
86
84
|
let tokens;
|
|
87
85
|
let nextStep;
|
|
88
86
|
let messages;
|
|
@@ -97,21 +95,27 @@ async function run(authClient, options) {
|
|
|
97
95
|
let metaFromResp;
|
|
98
96
|
|
|
99
97
|
try {
|
|
98
|
+
var _metaFromResp;
|
|
99
|
+
|
|
100
100
|
const {
|
|
101
|
+
flow,
|
|
101
102
|
stateTokenExternalId,
|
|
102
103
|
state
|
|
103
|
-
} = options;
|
|
104
|
+
} = options; // Only one flow can be operating at a time
|
|
104
105
|
|
|
105
|
-
if (
|
|
106
|
-
|
|
106
|
+
if (flow) {
|
|
107
|
+
authClient.idx.setFlow(flow);
|
|
108
|
+
} // Try to resume saved transaction
|
|
107
109
|
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
110
|
+
|
|
111
|
+
metaFromResp = (0, _transactionMeta.getSavedTransactionMeta)(authClient, {
|
|
112
|
+
state
|
|
113
|
+
});
|
|
114
|
+
interactionHandle = (_metaFromResp = metaFromResp) === null || _metaFromResp === void 0 ? void 0 : _metaFromResp.interactionHandle; // may be undefined
|
|
115
|
+
|
|
116
|
+
if (!interactionHandle && !stateTokenExternalId) {
|
|
117
|
+
// start a new transaction
|
|
118
|
+
authClient.transactionManager.clear();
|
|
115
119
|
const interactResponse = await (0, _interact.interact)(authClient, options);
|
|
116
120
|
interactionHandle = interactResponse.interactionHandle;
|
|
117
121
|
metaFromResp = interactResponse.meta;
|
|
@@ -123,7 +127,7 @@ async function run(authClient, options) {
|
|
|
123
127
|
stateTokenExternalId
|
|
124
128
|
});
|
|
125
129
|
|
|
126
|
-
if (!options.
|
|
130
|
+
if (!options.remediators && !options.actions) {
|
|
127
131
|
// handle start transaction
|
|
128
132
|
meta = metaFromResp;
|
|
129
133
|
enabledFeatures = getEnabledFeatures(idxResponse);
|
|
@@ -157,12 +161,6 @@ async function run(authClient, options) {
|
|
|
157
161
|
status = _types.IdxStatus.CANCELED;
|
|
158
162
|
shouldClearTransaction = true;
|
|
159
163
|
} else if (idxResponseFromResp !== null && idxResponseFromResp !== void 0 && idxResponseFromResp.interactionCode) {
|
|
160
|
-
// Flows may end with interactionCode before the key remediation being hit
|
|
161
|
-
// Double check if flow is finished to mitigate confusion with the wrapper methods
|
|
162
|
-
if (!(await options.flowMonitor.isFinished())) {
|
|
163
|
-
throw new _errors.AuthSdkError('Current flow is not supported, check policy settings in your org.');
|
|
164
|
-
}
|
|
165
|
-
|
|
166
164
|
const {
|
|
167
165
|
clientId,
|
|
168
166
|
codeVerifier,
|
package/cjs/idx/run.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","getAvailableSteps","remediations","remediatorMap","Object","values","remediators","reduce","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","interactionHandle","metaFromResp","stateTokenExternalId","state","interactResponse","flow","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","transactionManager","saveIdxResponse","TERMINAL","CANCELED","interactionCode","flowMonitor","isFinished","AuthSdkError","clientId","codeVerifier","ignoreSignature","redirectUri","urls","scopes","token","exchangeCodeForTokens","SUCCESS","err","FAILURE","clear","_idxResponse"],"mappings":";;;;AAcA;;AACA;;AACA;;AAEA;;AACA;;AACA;;AASA;;;;;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AA0BA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,SAAOT,GAAP;AACD;;AAED,SAASU,iBAAT,CAA2BC,YAA3B,EAAuE;AACrE,QAAMX,GAAG,GAAG,EAAZ;AAEA,QAAMY,aAAa,GAAGC,MAAM,CAACC,MAAP,CAAcC,WAAd,EAA2BC,MAA3B,CAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBT,YAAxB,EAAsC;AACpC,UAAMU,CAAC,GAAGT,aAAa,CAACQ,WAAW,CAACb,IAAb,CAAvB;;AACA,QAAIc,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACApB,MAAAA,GAAG,CAACG,IAAJ,CAAUmB,UAAU,CAACC,WAAX,EAAV;AACD;AACF;;AAED,SAAOvB,GAAP;AACD;;AAEM,eAAewB,GAAf,CACLC,UADK,EAELC,OAFK,EAGoB;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAItC,WAAJ;AACA,MAAIuC,iBAAJ;AACA,MAAIC,YAAJ;;AAEA,MAAI;AAEF,UAAM;AAAEC,MAAAA,oBAAF;AAAwBC,MAAAA;AAAxB,QAAkCf,OAAxC;;AACA,QAAIc,oBAAJ,EAA0B;AAAA;;AACxB;AACAD,MAAAA,YAAY,GAAG,8CAAwBd,UAAxB,EAAoC;AAAEgB,QAAAA;AAAF,OAApC,CAAf;AACAH,MAAAA,iBAAiB,oBAAGC,YAAH,kDAAG,cAAcD,iBAAlC,CAHwB,CAG6B;AACtD,KAJD,MAIO;AACL;AACA,YAAMI,gBAAgB,GAAG,MAAM,wBAASjB,UAAT,EAAqBC,OAArB,CAA/B;AACAY,MAAAA,iBAAiB,GAAGI,gBAAgB,CAACJ,iBAArC;AACAC,MAAAA,YAAY,GAAGG,gBAAgB,CAACX,IAAhC;AACD,KAZC,CAcF;;;AACAhC,IAAAA,WAAW,GAAG,MAAM,4BAAW0B,UAAX,EAAuB;AAAEa,MAAAA,iBAAF;AAAqBE,MAAAA;AAArB,KAAvB,CAApB;;AAEA,QAAI,CAACd,OAAO,CAACiB,IAAT,IAAiB,CAACjB,OAAO,CAACzB,OAA9B,EAAuC;AACrC;AACA8B,MAAAA,IAAI,GAAGQ,YAAP;AACAP,MAAAA,eAAe,GAAGlC,kBAAkB,CAACC,WAAD,CAApC;AACAkC,MAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAW,CAACG,eAAb,CAAlC;AACD,KALD,MAKO;AACL,YAAMY,MAAqC,GAAG,EAC5C,GAAGY,OADyC;AAE5CkB,QAAAA,WAAW,EAAE7C,WAAW,CAAC8C,WAAZ,CAAwBD;AAFO,OAA9C,CADK,CAML;;AACA,YAAM;AACJ7C,QAAAA,WAAW,EAAE+C,mBADT;AAEJlB,QAAAA,QAAQ,EAAEmB,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJpB,QAAAA,QAAQ,EAAEqB;AALN,UAMF,MAAM,0BAAUnD,WAAV,EAAuBe,MAAvB,EAA+BY,OAA/B,CANV,CAPK,CAeL;;AACAE,MAAAA,QAAQ,GAAGmB,gBAAX;AACAlB,MAAAA,QAAQ,GAAGqB,gBAAX,CAjBK,CAmBL;;AACA,UAAItB,QAAQ,IAAIkB,mBAAhB,EAAqC;AACnCrB,QAAAA,UAAU,CAAC0B,kBAAX,CAA8BC,eAA9B,CAA8CN,mBAAmB,CAACD,WAAlE;AACD;;AAED,UAAIG,QAAJ,EAAc;AACZd,QAAAA,MAAM,GAAGC,iBAAUkB,QAAnB;AACAhB,QAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAAC,UAAIY,QAAJ,EAAc;AACdf,QAAAA,MAAM,GAAGC,iBAAUmB,QAAnB;AACAjB,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,IAAIS,mBAAJ,aAAIA,mBAAJ,eAAIA,mBAAmB,CAAES,eAAzB,EAA0C;AAC/C;AACA;AACA,YAAI,EAAE,MAAM7B,OAAO,CAAC8B,WAAR,CAAoBC,UAApB,EAAR,CAAJ,EAA+C;AAC7C,gBAAM,IAAIC,oBAAJ,CAAiB,mEAAjB,CAAN;AACD;;AAED,cAAM;AACJC,UAAAA,QADI;AAEJC,UAAAA,YAFI;AAGJC,UAAAA,eAHI;AAIJC,UAAAA,WAJI;AAKJC,UAAAA,IALI;AAMJC,UAAAA;AANI,YAOFzB,YAPJ;AAQAZ,QAAAA,MAAM,GAAG,MAAMF,UAAU,CAACwC,KAAX,CAAiBC,qBAAjB,CAAuC;AACpDX,UAAAA,eAAe,EAAET,mBAAmB,CAACS,eADe;AAEpDI,UAAAA,QAFoD;AAGpDC,UAAAA,YAHoD;AAIpDC,UAAAA,eAJoD;AAKpDC,UAAAA,WALoD;AAMpDE,UAAAA;AANoD,SAAvC,EAOZD,IAPY,CAAf;AASA7B,QAAAA,MAAM,GAAGC,iBAAUgC,OAAnB;AACA9B,QAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF,GAhFD,CAgFE,OAAO+B,GAAP,EAAY;AACZtC,IAAAA,KAAK,GAAGsC,GAAR;AACAlC,IAAAA,MAAM,GAAGC,iBAAUkC,OAAnB;AACAhC,IAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAED,MAAIA,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAAC0B,kBAAX,CAA8BmB,KAA9B;AACD;;AAED,SAAO;AACLC,IAAAA,YAAY,EAAExE,WADT;AAELmC,IAAAA,MAFK;AAGL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAHK;AAIL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAJK;AAKL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CALK;AAML,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CARK;AASL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb;AATK,GAAP;AAWD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate } from './remediate';\nimport { FlowMonitor } from './flowMonitors';\nimport * as remediators from './remediators';\nimport { AuthSdkError } from '../errors';\nimport { \n OktaAuth,\n IdxOptions,\n IdxStatus,\n IdxTransaction,\n IdxFeature,\n NextStep,\n} from '../types';\nimport { IdxResponse, IdxRemediation } from './types/idx-js';\nimport { getSavedTransactionMeta } from './transactionMeta';\n\nexport type RemediationFlow = Record<string, typeof remediators.Remediator>;\nexport interface RunOptions {\n flow?: RemediationFlow;\n actions?: string[];\n flowMonitor?: FlowMonitor;\n stateTokenExternalId?: string;\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n const res = [];\n const { actions, neededToProceed } = idxResponse;\n\n if (actions['currentAuthenticator-recover']) {\n res.push(IdxFeature.PASSWORD_RECOVERY);\n }\n\n if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n res.push(IdxFeature.REGISTRATION);\n }\n\n if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n res.push(IdxFeature.SOCIAL_IDP);\n }\n\n return res;\n}\n\nfunction getAvailableSteps(remediations: IdxRemediation[]): NextStep[] {\n const res = [];\n\n const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n // Only add concrete subclasses to the map\n if (remediatorClass.remediationName) {\n map[remediatorClass.remediationName] = remediatorClass;\n }\n return map;\n }, {});\n\n for (let remediation of remediations) {\n const T = remediatorMap[remediation.name];\n if (T) {\n const remediator = new T(remediation);\n res.push (remediator.getNextStep());\n }\n }\n\n return res;\n}\n\nexport async function run(\n authClient: OktaAuth, \n options: RunOptions & IdxOptions,\n): Promise<IdxTransaction> {\n let tokens;\n let nextStep;\n let messages;\n let error;\n let meta;\n let enabledFeatures;\n let availableSteps;\n let status = IdxStatus.PENDING;\n let shouldClearTransaction = false;\n let idxResponse;\n let interactionHandle;\n let metaFromResp;\n\n try {\n\n const { stateTokenExternalId, state } = options;\n if (stateTokenExternalId) {\n // Email verify callback: retrieve saved interactionHandle, if possible\n metaFromResp = getSavedTransactionMeta(authClient, { state });\n interactionHandle = metaFromResp?.interactionHandle; // may be undefined\n } else {\n // Start/resume the flow. Will request a new interactionHandle if none is found in storage.\n const interactResponse = await interact(authClient, options); \n interactionHandle = interactResponse.interactionHandle;\n metaFromResp = interactResponse.meta;\n }\n\n // Introspect to get idx response\n idxResponse = await introspect(authClient, { interactionHandle, stateTokenExternalId });\n\n if (!options.flow && !options.actions) {\n // handle start transaction\n meta = metaFromResp;\n enabledFeatures = getEnabledFeatures(idxResponse);\n availableSteps = getAvailableSteps(idxResponse.neededToProceed);\n } else {\n const values: remediators.RemediationValues = { \n ...options, \n stateHandle: idxResponse.rawIdxState.stateHandle \n };\n\n // Can we handle the remediations?\n const { \n idxResponse: idxResponseFromResp, \n nextStep: nextStepFromResp,\n terminal,\n canceled,\n messages: messagesFromResp,\n } = await remediate(idxResponse, values, options);\n\n // Track fields from remediation response\n nextStep = nextStepFromResp;\n messages = messagesFromResp;\n\n // Save intermediate idx response in storage to reduce introspect call\n if (nextStep && idxResponseFromResp) {\n authClient.transactionManager.saveIdxResponse(idxResponseFromResp.rawIdxState);\n }\n\n if (terminal) {\n status = IdxStatus.TERMINAL;\n shouldClearTransaction = true;\n } if (canceled) {\n status = IdxStatus.CANCELED;\n shouldClearTransaction = true;\n } else if (idxResponseFromResp?.interactionCode) { \n // Flows may end with interactionCode before the key remediation being hit\n // Double check if flow is finished to mitigate confusion with the wrapper methods\n if (!(await options.flowMonitor.isFinished())) {\n throw new AuthSdkError('Current flow is not supported, check policy settings in your org.');\n }\n\n const {\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n urls,\n scopes,\n } = metaFromResp;\n tokens = await authClient.token.exchangeCodeForTokens({\n interactionCode: idxResponseFromResp.interactionCode,\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n scopes\n }, urls);\n\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = true;\n }\n }\n } catch (err) {\n error = err;\n status = IdxStatus.FAILURE;\n shouldClearTransaction = true;\n }\n\n if (shouldClearTransaction) {\n authClient.transactionManager.clear();\n }\n \n return {\n _idxResponse: idxResponse, \n status,\n ...(meta && { meta }),\n ...(enabledFeatures && { enabledFeatures }),\n ...(availableSteps && { availableSteps }),\n ...(tokens && { tokens: tokens.tokens }),\n ...(nextStep && { nextStep }),\n ...(messages && { messages }),\n ...(error && { error }),\n };\n}\n"],"file":"run.js"}
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","getAvailableSteps","remediations","remediatorMap","Object","values","remediators","reduce","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","interactionHandle","metaFromResp","flow","stateTokenExternalId","state","idx","setFlow","transactionManager","clear","interactResponse","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","saveIdxResponse","TERMINAL","CANCELED","interactionCode","clientId","codeVerifier","ignoreSignature","redirectUri","urls","scopes","token","exchangeCodeForTokens","SUCCESS","err","FAILURE","_idxResponse"],"mappings":";;;;AAcA;;AACA;;AACA;;AAEA;;AACA;;AASA;;;;;;AA5BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAwBA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,SAAOT,GAAP;AACD;;AAED,SAASU,iBAAT,CAA2BC,YAA3B,EAAuE;AACrE,QAAMX,GAAG,GAAG,EAAZ;AAEA,QAAMY,aAAa,GAAGC,MAAM,CAACC,MAAP,CAAcC,WAAd,EAA2BC,MAA3B,CAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBT,YAAxB,EAAsC;AACpC,UAAMU,CAAC,GAAGT,aAAa,CAACQ,WAAW,CAACb,IAAb,CAAvB;;AACA,QAAIc,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACApB,MAAAA,GAAG,CAACG,IAAJ,CAAUmB,UAAU,CAACC,WAAX,EAAV;AACD;AACF;;AAED,SAAOvB,GAAP;AACD;;AAEM,eAAewB,GAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAItC,WAAJ;AACA,MAAIuC,iBAAJ;AACA,MAAIC,YAAJ;;AAEA,MAAI;AAAA;;AAEF,UAAM;AAAEC,MAAAA,IAAF;AAAQC,MAAAA,oBAAR;AAA8BC,MAAAA;AAA9B,QAAwChB,OAA9C,CAFE,CAIF;;AACA,QAAIc,IAAJ,EAAU;AACRf,MAAAA,UAAU,CAACkB,GAAX,CAAeC,OAAf,CAAuBJ,IAAvB;AACD,KAPC,CASF;;;AACAD,IAAAA,YAAY,GAAG,8CAAwBd,UAAxB,EAAoC;AAAEiB,MAAAA;AAAF,KAApC,CAAf;AACAJ,IAAAA,iBAAiB,oBAAGC,YAAH,kDAAG,cAAcD,iBAAlC,CAXE,CAWmD;;AAErD,QAAI,CAACA,iBAAD,IAAsB,CAACG,oBAA3B,EAAiD;AAC/C;AACAhB,MAAAA,UAAU,CAACoB,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAAStB,UAAT,EAAqBC,OAArB,CAA/B;AACAY,MAAAA,iBAAiB,GAAGS,gBAAgB,CAACT,iBAArC;AACAC,MAAAA,YAAY,GAAGQ,gBAAgB,CAAChB,IAAhC;AACD,KAnBC,CAqBF;;;AACAhC,IAAAA,WAAW,GAAG,MAAM,4BAAW0B,UAAX,EAAuB;AAAEa,MAAAA,iBAAF;AAAqBG,MAAAA;AAArB,KAAvB,CAApB;;AAEA,QAAI,CAACf,OAAO,CAACX,WAAT,IAAwB,CAACW,OAAO,CAACzB,OAArC,EAA8C;AAC5C;AACA8B,MAAAA,IAAI,GAAGQ,YAAP;AACAP,MAAAA,eAAe,GAAGlC,kBAAkB,CAACC,WAAD,CAApC;AACAkC,MAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAW,CAACG,eAAb,CAAlC;AACD,KALD,MAKO;AACL,YAAMY,MAAqC,GAAG,EAC5C,GAAGY,OADyC;AAE5CsB,QAAAA,WAAW,EAAEjD,WAAW,CAACkD,WAAZ,CAAwBD;AAFO,OAA9C,CADK,CAML;;AACA,YAAM;AACJjD,QAAAA,WAAW,EAAEmD,mBADT;AAEJtB,QAAAA,QAAQ,EAAEuB,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJxB,QAAAA,QAAQ,EAAEyB;AALN,UAMF,MAAM,0BAAUvD,WAAV,EAAuBe,MAAvB,EAA+BY,OAA/B,CANV,CAPK,CAeL;;AACAE,MAAAA,QAAQ,GAAGuB,gBAAX;AACAtB,MAAAA,QAAQ,GAAGyB,gBAAX,CAjBK,CAmBL;;AACA,UAAI1B,QAAQ,IAAIsB,mBAAhB,EAAqC;AACnCzB,QAAAA,UAAU,CAACoB,kBAAX,CAA8BU,eAA9B,CAA8CL,mBAAmB,CAACD,WAAlE;AACD;;AAED,UAAIG,QAAJ,EAAc;AACZlB,QAAAA,MAAM,GAAGC,iBAAUqB,QAAnB;AACAnB,QAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAAC,UAAIgB,QAAJ,EAAc;AACdnB,QAAAA,MAAM,GAAGC,iBAAUsB,QAAnB;AACApB,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,IAAIa,mBAAJ,aAAIA,mBAAJ,eAAIA,mBAAmB,CAAEQ,eAAzB,EAA0C;AAC/C,cAAM;AACJC,UAAAA,QADI;AAEJC,UAAAA,YAFI;AAGJC,UAAAA,eAHI;AAIJC,UAAAA,WAJI;AAKJC,UAAAA,IALI;AAMJC,UAAAA;AANI,YAOFzB,YAPJ;AAQAZ,QAAAA,MAAM,GAAG,MAAMF,UAAU,CAACwC,KAAX,CAAiBC,qBAAjB,CAAuC;AACpDR,UAAAA,eAAe,EAAER,mBAAmB,CAACQ,eADe;AAEpDC,UAAAA,QAFoD;AAGpDC,UAAAA,YAHoD;AAIpDC,UAAAA,eAJoD;AAKpDC,UAAAA,WALoD;AAMpDE,UAAAA;AANoD,SAAvC,EAOZD,IAPY,CAAf;AASA7B,QAAAA,MAAM,GAAGC,iBAAUgC,OAAnB;AACA9B,QAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF,GAjFD,CAiFE,OAAO+B,GAAP,EAAY;AACZtC,IAAAA,KAAK,GAAGsC,GAAR;AACAlC,IAAAA,MAAM,GAAGC,iBAAUkC,OAAnB;AACAhC,IAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAED,MAAIA,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAACoB,kBAAX,CAA8BC,KAA9B;AACD;;AAED,SAAO;AACLwB,IAAAA,YAAY,EAAEvE,WADT;AAELmC,IAAAA,MAFK;AAGL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAHK;AAIL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAJK;AAKL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CALK;AAML,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CARK;AASL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb;AATK,GAAP;AAWD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate } from './remediate';\nimport { RemediationFlow } from './flow';\nimport * as remediators from './remediators';\nimport { \n OktaAuth,\n IdxStatus,\n IdxTransaction,\n IdxFeature,\n NextStep,\n FlowIdentifier,\n} from '../types';\nimport { IdxResponse, IdxRemediation } from './types/idx-js';\nimport { getSavedTransactionMeta } from './transactionMeta';\nimport { ProceedOptions } from './proceed';\n\nexport type RunOptions = ProceedOptions & {\n flow?: FlowIdentifier;\n remediators?: RemediationFlow;\n actions?: string[];\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n const res = [];\n const { actions, neededToProceed } = idxResponse;\n\n if (actions['currentAuthenticator-recover']) {\n res.push(IdxFeature.PASSWORD_RECOVERY);\n }\n\n if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n res.push(IdxFeature.REGISTRATION);\n }\n\n if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n res.push(IdxFeature.SOCIAL_IDP);\n }\n\n return res;\n}\n\nfunction getAvailableSteps(remediations: IdxRemediation[]): NextStep[] {\n const res = [];\n\n const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n // Only add concrete subclasses to the map\n if (remediatorClass.remediationName) {\n map[remediatorClass.remediationName] = remediatorClass;\n }\n return map;\n }, {});\n\n for (let remediation of remediations) {\n const T = remediatorMap[remediation.name];\n if (T) {\n const remediator = new T(remediation);\n res.push (remediator.getNextStep());\n }\n }\n\n return res;\n}\n\nexport async function run(\n authClient: OktaAuth, \n options: RunOptions = {},\n): Promise<IdxTransaction> {\n let tokens;\n let nextStep;\n let messages;\n let error;\n let meta;\n let enabledFeatures;\n let availableSteps;\n let status = IdxStatus.PENDING;\n let shouldClearTransaction = false;\n let idxResponse;\n let interactionHandle;\n let metaFromResp;\n\n try {\n\n const { flow, stateTokenExternalId, state } = options;\n\n // Only one flow can be operating at a time\n if (flow) {\n authClient.idx.setFlow(flow);\n }\n\n // Try to resume saved transaction\n metaFromResp = getSavedTransactionMeta(authClient, { state });\n interactionHandle = metaFromResp?.interactionHandle; // may be undefined\n\n if (!interactionHandle && !stateTokenExternalId) {\n // start a new transaction\n authClient.transactionManager.clear();\n const interactResponse = await interact(authClient, options); \n interactionHandle = interactResponse.interactionHandle;\n metaFromResp = interactResponse.meta;\n }\n\n // Introspect to get idx response\n idxResponse = await introspect(authClient, { interactionHandle, stateTokenExternalId });\n\n if (!options.remediators && !options.actions) {\n // handle start transaction\n meta = metaFromResp;\n enabledFeatures = getEnabledFeatures(idxResponse);\n availableSteps = getAvailableSteps(idxResponse.neededToProceed);\n } else {\n const values: remediators.RemediationValues = { \n ...options, \n stateHandle: idxResponse.rawIdxState.stateHandle \n };\n\n // Can we handle the remediations?\n const { \n idxResponse: idxResponseFromResp, \n nextStep: nextStepFromResp,\n terminal,\n canceled,\n messages: messagesFromResp,\n } = await remediate(idxResponse, values, options);\n\n // Track fields from remediation response\n nextStep = nextStepFromResp;\n messages = messagesFromResp;\n\n // Save intermediate idx response in storage to reduce introspect call\n if (nextStep && idxResponseFromResp) {\n authClient.transactionManager.saveIdxResponse(idxResponseFromResp.rawIdxState);\n }\n\n if (terminal) {\n status = IdxStatus.TERMINAL;\n shouldClearTransaction = true;\n } if (canceled) {\n status = IdxStatus.CANCELED;\n shouldClearTransaction = true;\n } else if (idxResponseFromResp?.interactionCode) { \n const {\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n urls,\n scopes,\n } = metaFromResp;\n tokens = await authClient.token.exchangeCodeForTokens({\n interactionCode: idxResponseFromResp.interactionCode,\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n scopes\n }, urls);\n\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = true;\n }\n }\n } catch (err) {\n error = err;\n status = IdxStatus.FAILURE;\n shouldClearTransaction = true;\n }\n\n if (shouldClearTransaction) {\n authClient.transactionManager.clear();\n }\n \n return {\n _idxResponse: idxResponse, \n status,\n ...(meta && { meta }),\n ...(enabledFeatures && { enabledFeatures }),\n ...(availableSteps && { availableSteps }),\n ...(tokens && { tokens: tokens.tokens }),\n ...(nextStep && { nextStep }),\n ...(messages && { messages }),\n ...(error && { error }),\n };\n}\n"],"file":"run.js"}
|
|
@@ -17,6 +17,8 @@ var _run = require("./run");
|
|
|
17
17
|
*/
|
|
18
18
|
// This method only resolves { status: IdxStatus.PENDING } if transaction has already started
|
|
19
19
|
async function startTransaction(authClient, options = {}) {
|
|
20
|
+
// Clear IDX response cache and saved transaction meta (if any)
|
|
21
|
+
authClient.transactionManager.clear();
|
|
20
22
|
return (0, _run.run)(authClient, options);
|
|
21
23
|
}
|
|
22
24
|
//# sourceMappingURL=startTransaction.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB,SAAO,
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB;AACAD,EAAAA,UAAU,CAACE,kBAAX,CAA8BC,KAA9B;AAEA,SAAO,cAAIH,UAAJ,EAAgBC,OAAhB,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { OktaAuth, IdxOptions, IdxTransaction } from '../types';\n\n// This method only resolves { status: IdxStatus.PENDING } if transaction has already started\nexport async function startTransaction(\n authClient: OktaAuth, \n options: IdxOptions = {}\n): Promise<IdxTransaction> {\n // Clear IDX response cache and saved transaction meta (if any)\n authClient.transactionManager.clear();\n\n return run(authClient, options);\n}\n"],"file":"startTransaction.js"}
|
|
@@ -24,8 +24,43 @@ var _oidc = require("../oidc");
|
|
|
24
24
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
25
25
|
*/
|
|
26
26
|
// Calculate new values
|
|
27
|
-
async function createTransactionMeta(authClient) {
|
|
28
|
-
|
|
27
|
+
async function createTransactionMeta(authClient, options) {
|
|
28
|
+
const tokenParams = await authClient.token.prepareTokenParams(options);
|
|
29
|
+
const {
|
|
30
|
+
pkce,
|
|
31
|
+
clientId,
|
|
32
|
+
redirectUri,
|
|
33
|
+
responseType,
|
|
34
|
+
responseMode,
|
|
35
|
+
scopes,
|
|
36
|
+
state,
|
|
37
|
+
nonce,
|
|
38
|
+
ignoreSignature,
|
|
39
|
+
codeVerifier,
|
|
40
|
+
codeChallengeMethod,
|
|
41
|
+
codeChallenge
|
|
42
|
+
} = tokenParams;
|
|
43
|
+
const urls = (0, _oidc.getOAuthUrls)(authClient, tokenParams);
|
|
44
|
+
const flow = authClient.idx.getFlow() || 'default';
|
|
45
|
+
const issuer = authClient.options.issuer;
|
|
46
|
+
const meta = {
|
|
47
|
+
flow,
|
|
48
|
+
issuer,
|
|
49
|
+
pkce,
|
|
50
|
+
clientId,
|
|
51
|
+
redirectUri,
|
|
52
|
+
responseType,
|
|
53
|
+
responseMode,
|
|
54
|
+
scopes,
|
|
55
|
+
state,
|
|
56
|
+
nonce,
|
|
57
|
+
urls,
|
|
58
|
+
ignoreSignature,
|
|
59
|
+
codeVerifier,
|
|
60
|
+
codeChallengeMethod,
|
|
61
|
+
codeChallenge
|
|
62
|
+
};
|
|
63
|
+
return meta;
|
|
29
64
|
}
|
|
30
65
|
|
|
31
66
|
function transactionMetaExist(authClient, options) {
|
|
@@ -65,43 +100,9 @@ async function getTransactionMeta(authClient, options) {
|
|
|
65
100
|
|
|
66
101
|
|
|
67
102
|
(0, _util.warn)('Saved transaction meta does not match the current configuration. ' + 'This may indicate that two apps are sharing a storage key.');
|
|
68
|
-
}
|
|
69
|
-
|
|
103
|
+
}
|
|
70
104
|
|
|
71
|
-
|
|
72
|
-
const urls = (0, _oidc.getOAuthUrls)(authClient, tokenParams);
|
|
73
|
-
const issuer = authClient.options.issuer;
|
|
74
|
-
const {
|
|
75
|
-
pkce,
|
|
76
|
-
clientId,
|
|
77
|
-
redirectUri,
|
|
78
|
-
responseType,
|
|
79
|
-
responseMode,
|
|
80
|
-
scopes,
|
|
81
|
-
state,
|
|
82
|
-
nonce,
|
|
83
|
-
ignoreSignature,
|
|
84
|
-
codeVerifier,
|
|
85
|
-
codeChallengeMethod,
|
|
86
|
-
codeChallenge
|
|
87
|
-
} = tokenParams;
|
|
88
|
-
const meta = {
|
|
89
|
-
issuer,
|
|
90
|
-
pkce,
|
|
91
|
-
clientId,
|
|
92
|
-
redirectUri,
|
|
93
|
-
responseType,
|
|
94
|
-
responseMode,
|
|
95
|
-
scopes,
|
|
96
|
-
state,
|
|
97
|
-
nonce,
|
|
98
|
-
urls,
|
|
99
|
-
ignoreSignature,
|
|
100
|
-
codeVerifier,
|
|
101
|
-
codeChallengeMethod,
|
|
102
|
-
codeChallenge
|
|
103
|
-
};
|
|
104
|
-
return meta;
|
|
105
|
+
return createTransactionMeta(authClient, options);
|
|
105
106
|
}
|
|
106
107
|
|
|
107
108
|
function saveTransactionMeta(authClient, meta) {
|
|
@@ -113,13 +114,37 @@ function saveTransactionMeta(authClient, meta) {
|
|
|
113
114
|
function clearTransactionMeta(authClient) {
|
|
114
115
|
authClient.transactionManager.clear();
|
|
115
116
|
} // returns true if values in meta match current authClient options
|
|
117
|
+
// eslint-disable-next-line complexity
|
|
116
118
|
|
|
117
119
|
|
|
118
120
|
function isTransactionMetaValid(authClient, meta) {
|
|
121
|
+
// First validate against required config
|
|
119
122
|
const keys = ['issuer', 'clientId', 'redirectUri'];
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
123
|
+
|
|
124
|
+
if (keys.some(key => authClient.options[key] !== meta[key])) {
|
|
125
|
+
return false;
|
|
126
|
+
} // Validate optional config
|
|
127
|
+
|
|
128
|
+
|
|
129
|
+
const {
|
|
130
|
+
flow,
|
|
131
|
+
state
|
|
132
|
+
} = authClient.options; // If state is specified, it must match meta to be valid
|
|
133
|
+
|
|
134
|
+
if (state && state !== meta.state) {
|
|
135
|
+
return false;
|
|
136
|
+
} // Specific flows should not share transaction data
|
|
137
|
+
|
|
138
|
+
|
|
139
|
+
const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';
|
|
140
|
+
|
|
141
|
+
if (shouldValidateFlow) {
|
|
142
|
+
if (flow !== meta.flow) {
|
|
143
|
+
// The flow has changed; abandon the old transaction
|
|
144
|
+
return false;
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
|
|
148
|
+
return true;
|
|
124
149
|
}
|
|
125
150
|
//# sourceMappingURL=transactionMeta.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","token","prepareTokenParams","
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","options","tokenParams","token","prepareTokenParams","pkce","clientId","redirectUri","responseType","responseMode","scopes","state","nonce","ignoreSignature","codeVerifier","codeChallengeMethod","codeChallenge","urls","flow","idx","getFlow","issuer","meta","transactionMetaExist","transactionManager","exists","existing","load","isTransactionMetaValid","interactionHandle","getSavedTransactionMeta","getTransactionMeta","validExistingMeta","saveTransactionMeta","save","muteWarning","clearTransactionMeta","clear","keys","some","key","shouldValidateFlow"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,qBAAf,CAAqCC,UAArC,EAA2DC,OAA3D,EAA6F;AAClG,QAAMC,WAAW,GAAG,MAAMF,UAAU,CAACG,KAAX,CAAiBC,kBAAjB,CAAoCH,OAApC,CAA1B;AACA,QAAM;AACJI,IAAAA,IADI;AAEJC,IAAAA,QAFI;AAGJC,IAAAA,WAHI;AAIJC,IAAAA,YAJI;AAKJC,IAAAA,YALI;AAMJC,IAAAA,MANI;AAOJC,IAAAA,KAPI;AAQJC,IAAAA,KARI;AASJC,IAAAA,eATI;AAUJC,IAAAA,YAVI;AAWJC,IAAAA,mBAXI;AAYJC,IAAAA;AAZI,MAaFd,WAbJ;AAcA,QAAMe,IAAI,GAAG,wBAAajB,UAAb,EAAyBE,WAAzB,CAAb;AACA,QAAMgB,IAAI,GAAGlB,UAAU,CAACmB,GAAX,CAAeC,OAAf,MAA4B,SAAzC;AACA,QAAMC,MAAM,GAAGrB,UAAU,CAACC,OAAX,CAAmBoB,MAAlC;AACA,QAAMC,IAAI,GAAG;AACXJ,IAAAA,IADW;AAEXG,IAAAA,MAFW;AAGXhB,IAAAA,IAHW;AAIXC,IAAAA,QAJW;AAKXC,IAAAA,WALW;AAMXC,IAAAA,YANW;AAOXC,IAAAA,YAPW;AAQXC,IAAAA,MARW;AASXC,IAAAA,KATW;AAUXC,IAAAA,KAVW;AAWXK,IAAAA,IAXW;AAYXJ,IAAAA,eAZW;AAaXC,IAAAA,YAbW;AAcXC,IAAAA,mBAdW;AAeXC,IAAAA;AAfW,GAAb;AAiBA,SAAOM,IAAP;AACD;;AAEM,SAASC,oBAAT,CAA8BvB,UAA9B,EAAoDC,OAApD,EAA+F;AACpG,MAAID,UAAU,CAACwB,kBAAX,CAA8BC,MAA9B,CAAqCxB,OAArC,CAAJ,EAAmD;AACjD,UAAMyB,QAAQ,GAAG1B,UAAU,CAACwB,kBAAX,CAA8BG,IAA9B,CAAmC1B,OAAnC,CAAjB;;AACA,QAAI2B,sBAAsB,CAAC5B,UAAD,EAAa0B,QAAb,CAAtB,IAAgDA,QAAQ,CAACG,iBAA7D,EAAgF;AAC9E,aAAO,IAAP;AACD;AACF;;AACD,SAAO,KAAP;AACD,C,CAED;;;AACO,SAASC,uBAAT,CAAiC9B,UAAjC,EAAuDC,OAAvD,EAA6G;AAClH,QAAMU,KAAK,GAAG,CAAAV,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAEU,KAAT,KAAkBX,UAAU,CAACC,OAAX,CAAmBU,KAAnD;AACA,QAAMe,QAAQ,GAAG1B,UAAU,CAACwB,kBAAX,CAA8BG,IAA9B,CAAmC;AAAEhB,IAAAA;AAAF,GAAnC,CAAjB;;AACA,MAAIe,QAAQ,IAAIE,sBAAsB,CAAC5B,UAAD,EAAa0B,QAAb,CAAtC,EAA8D;AAC5D,WAAOA,QAAP;AACD;AACF;;AAEM,eAAeK,kBAAf,CACL/B,UADK,EAELC,OAFK,EAGwB;AAC7B;AACA,MAAID,UAAU,CAACwB,kBAAX,CAA8BC,MAA9B,CAAqCxB,OAArC,CAAJ,EAAmD;AACjD,UAAM+B,iBAAiB,GAAGF,uBAAuB,CAAC9B,UAAD,EAAaC,OAAb,CAAjD;;AACA,QAAI+B,iBAAJ,EAAuB;AACrB,aAAOA,iBAAP;AACD,KAJgD,CAKjD;AACA;AACA;;;AACA,oBAAK,sEACH,4DADF;AAED;;AAED,SAAOjC,qBAAqB,CAACC,UAAD,EAAaC,OAAb,CAA5B;AACD;;AAEM,SAASgC,mBAAT,CAA8BjC,UAA9B,EAAoDsB,IAApD,EAA0D;AAC/DtB,EAAAA,UAAU,CAACwB,kBAAX,CAA8BU,IAA9B,CAAmCZ,IAAnC,EAAyC;AAAEa,IAAAA,WAAW,EAAE;AAAf,GAAzC;AACD;;AAEM,SAASC,oBAAT,CAA+BpC,UAA/B,EAAqD;AAC1DA,EAAAA,UAAU,CAACwB,kBAAX,CAA8Ba,KAA9B;AACD,C,CAED;AACA;;;AACO,SAAST,sBAAT,CAAiC5B,UAAjC,EAAuDsB,IAAvD,EAA6D;AAClE;AACA,QAAMgB,IAAI,GAAG,CAAC,QAAD,EAAW,UAAX,EAAuB,aAAvB,CAAb;;AACA,MAAIA,IAAI,CAACC,IAAL,CAAUC,GAAG,IAAIxC,UAAU,CAACC,OAAX,CAAmBuC,GAAnB,MAA4BlB,IAAI,CAACkB,GAAD,CAAjD,CAAJ,EAA6D;AAC3D,WAAO,KAAP;AACD,GALiE,CAOlE;;;AACA,QAAM;AAAEtB,IAAAA,IAAF;AAAQP,IAAAA;AAAR,MAAkBX,UAAU,CAACC,OAAnC,CARkE,CAUlE;;AACA,MAAIU,KAAK,IAAIA,KAAK,KAAKW,IAAI,CAACX,KAA5B,EAAmC;AACjC,WAAO,KAAP;AACD,GAbiE,CAelE;;;AACA,QAAM8B,kBAAkB,GAAGvB,IAAI,IAAIA,IAAI,KAAK,SAAjB,IAA8BA,IAAI,KAAK,SAAlE;;AACA,MAAIuB,kBAAJ,EAAwB;AACtB,QAAIvB,IAAI,KAAKI,IAAI,CAACJ,IAAlB,EAAwB;AACtB;AACA,aAAO,KAAP;AACD;AACF;;AAED,SAAO,IAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuth, IdxTransactionMeta, TransactionMetaOptions } from '../types';\nimport { warn } from '../util';\nimport { getOAuthUrls } from '../oidc';\n\n// Calculate new values\nexport async function createTransactionMeta(authClient: OktaAuth, options?: TransactionMetaOptions) {\n const tokenParams = await authClient.token.prepareTokenParams(options);\n const {\n pkce,\n clientId,\n redirectUri,\n responseType,\n responseMode,\n scopes,\n state,\n nonce,\n ignoreSignature,\n codeVerifier,\n codeChallengeMethod,\n codeChallenge,\n } = tokenParams;\n const urls = getOAuthUrls(authClient, tokenParams);\n const flow = authClient.idx.getFlow() || 'default';\n const issuer = authClient.options.issuer;\n const meta = {\n flow,\n issuer,\n pkce,\n clientId,\n redirectUri,\n responseType,\n responseMode,\n scopes,\n state,\n nonce,\n urls,\n ignoreSignature,\n codeVerifier,\n codeChallengeMethod,\n codeChallenge \n };\n return meta;\n}\n\nexport function transactionMetaExist(authClient: OktaAuth, options?: TransactionMetaOptions): boolean {\n if (authClient.transactionManager.exists(options)) {\n const existing = authClient.transactionManager.load(options) as IdxTransactionMeta;\n if (isTransactionMetaValid(authClient, existing) && existing.interactionHandle) {\n return true;\n }\n }\n return false;\n}\n\n// Returns the saved transaction meta, if it exists and is valid, or undefined\nexport function getSavedTransactionMeta(authClient: OktaAuth, options?: TransactionMetaOptions): IdxTransactionMeta {\n const state = options?.state || authClient.options.state;\n const existing = authClient.transactionManager.load({ state }) as IdxTransactionMeta;\n if (existing && isTransactionMetaValid(authClient, existing)) {\n return existing;\n }\n}\n\nexport async function getTransactionMeta(\n authClient: OktaAuth,\n options?: TransactionMetaOptions\n): Promise<IdxTransactionMeta> {\n // Load existing transaction meta from storage\n if (authClient.transactionManager.exists(options)) {\n const validExistingMeta = getSavedTransactionMeta(authClient, options);\n if (validExistingMeta) {\n return validExistingMeta;\n }\n // existing meta is not valid for this configuration\n // this is common when changing configuration in local development environment\n // in a production environment, this may indicate that two apps are sharing a storage key\n warn('Saved transaction meta does not match the current configuration. ' + \n 'This may indicate that two apps are sharing a storage key.');\n }\n\n return createTransactionMeta(authClient, options);\n}\n\nexport function saveTransactionMeta (authClient: OktaAuth, meta) {\n authClient.transactionManager.save(meta, { muteWarning: true });\n}\n\nexport function clearTransactionMeta (authClient: OktaAuth) {\n authClient.transactionManager.clear();\n}\n\n// returns true if values in meta match current authClient options\n// eslint-disable-next-line complexity\nexport function isTransactionMetaValid (authClient: OktaAuth, meta) {\n // First validate against required config\n const keys = ['issuer', 'clientId', 'redirectUri'];\n if (keys.some(key => authClient.options[key] !== meta[key])) {\n return false;\n }\n\n // Validate optional config\n const { flow, state } = authClient.options;\n \n // If state is specified, it must match meta to be valid\n if (state && state !== meta.state) {\n return false;\n }\n\n // Specific flows should not share transaction data\n const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';\n if (shouldValidateFlow) {\n if (flow !== meta.flow) {\n // The flow has changed; abandon the old transaction\n return false;\n }\n }\n\n return true;\n}\n"],"file":"transactionMeta.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":[],"names":[],"mappings":"","sourcesContent":[],"file":"
|
|
1
|
+
{"version":3,"sources":[],"names":[],"mappings":"","sourcesContent":[],"file":"FlowIdentifier.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/types/idx-js.ts"],"names":["isRawIdxResponse","obj","version","isIdxResponse","rawIdxState"],"mappings":";;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA;
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/types/idx-js.ts"],"names":["isRawIdxResponse","obj","version","isIdxResponse","rawIdxState"],"mappings":";;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA;AA8HA;AAaO,SAASA,gBAAT,CAA0BC,GAA1B,EAA2D;AAChE,SAAOA,GAAG,IAAIA,GAAG,CAACC,OAAlB;AACD;;AAoBM,SAASC,aAAT,CAAuBF,GAAvB,EAAqD;AAC1D,SAAOA,GAAG,IAAID,gBAAgB,CAACC,GAAG,CAACG,WAAL,CAA9B;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n// TODO: remove when idx-js provides type information\n\nexport interface IdxAuthenticatorMethod {\n type: string;\n}\nexport interface IdxAuthenticator {\n displayName: string;\n id: string;\n key: string;\n methods: IdxAuthenticatorMethod[];\n type: string;\n settings?: {\n complexity?: unknown;\n age?: unknown;\n };\n contextualData?: {\n enrolledQuestion?: {\n question: string;\n questionKey: string;\n };\n qrcode?: { \n href: string; \n method: string; \n type: string; \n };\n sharedSecret?: string;\n questions?: {\n questionKey: string;\n question: string;\n }[];\n questionKeys?: string[];\n };\n}\n\nexport interface IdxForm {\n value: IdxRemediationValue[];\n}\n\nexport interface IdxOption {\n value: string | { form: IdxForm };\n label: string;\n relatesTo?: IdxAuthenticator;\n}\n\nexport interface IdpConfig {\n id: string;\n name: string;\n}\n\nexport interface IdxRemediationValue {\n name: string;\n type?: string;\n required?: boolean;\n secret?: boolean;\n visible?: boolean;\n mutable?: boolean;\n value?: string;\n label?: string;\n form?: IdxForm;\n options?: IdxOption[];\n messages?: IdxMessages;\n minLength?: number;\n maxLength?: number;\n}\n\nexport interface IdxRemediation {\n name: string;\n label?: string;\n value?: IdxRemediationValue[];\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n idp?: IdpConfig;\n href?: string;\n method?: string;\n type?: string;\n accepts?: string;\n refresh?: number;\n}\n\nexport interface IdxContext {\n version: string;\n stateHandle: string;\n expiresAt: string;\n intent: string;\n currentAuthenticator: {\n type: string;\n value: IdxAuthenticator;\n };\n authenticators: {\n type: string;\n value: IdxAuthenticator[];\n };\n authenticatorEnrollments: {\n type: string;\n value: IdxAuthenticator[];\n };\n enrollmentAuthenticator: {\n type: string;\n value: IdxAuthenticator;\n };\n user: {\n type: string;\n value: Record<string, unknown>;\n };\n app: {\n type: string;\n value: Record<string, unknown>;\n };\n}\n\nexport interface IdxMessage {\n message: string;\n class: string;\n i18n: {\n key: string;\n params?: unknown[];\n };\n}\n\nexport interface IdxMessages {\n type: 'array';\n value: IdxMessage[];\n}\n\n// JSON response from the server\nexport interface RawIdxResponse {\n version: string;\n stateHandle: string;\n intent?: string;\n expiresAt?: string;\n remediation?: {\n type: 'array';\n value: IdxRemediation[];\n };\n messages?: IdxMessages;\n}\n\nexport function isRawIdxResponse(obj: any): obj is RawIdxResponse {\n return obj && obj.version;\n}\n\n\nexport interface IdxActions {\n [key: string]: Function;\n}\n\n// Object returned from idx-js\nexport interface IdxResponse {\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n toPersist: {\n interactionHandle?: string;\n };\n context?: IdxContext;\n}\n\nexport function isIdxResponse(obj: any): obj is IdxResponse {\n return obj && isRawIdxResponse(obj.rawIdxState);\n}\n"],"file":"idx-js.js"}
|