@okta/okta-auth-js 5.8.0 → 5.9.0

package/cjs/idx/remediate.js

@@ -23,20 +23,20 @@ var _idxJs = require("./types/idx-js");
 // Return first match idxRemediation in allowed remediators
 function getRemediator(idxRemediations, values, options) {
   const {
-    flow,
+    remediators,
     flowMonitor
   } = options;
   let remediator;
   const remediatorCandidates = [];
 
   for (let remediation of idxRemediations) {
-    const isRemeditionInFlow = Object.keys(flow).includes(remediation.name);
+    const isRemeditionInFlow = Object.keys(remediators).includes(remediation.name);
 
     if (!isRemeditionInFlow) {
       continue;
     }
 
-    const T = flow[remediation.name];
+    const T = remediators[remediation.name];
     remediator = new T(remediation, values);
 
     if (flowMonitor.isRemediatorCandidate(remediator, idxRemediations, values)) {
@@ -83,12 +83,12 @@ function canResendFn(idxResponse) {
   return Object.keys(idxResponse.actions).some(actionName => actionName.includes('resend'));
 }
 
-function getIdxMessages(idxResponse, flow) {
+function getIdxMessages(idxResponse, remediators) {
   var _rawIdxState$messages;
 
   let messages = [];
 
-  if (!flow) {
+  if (!remediators) {
     return messages;
   }
 
@@ -105,7 +105,7 @@ function getIdxMessages(idxResponse, flow) {
 
 
   for (let remediation of neededToProceed) {
-    const T = flow[remediation.name];
+    const T = remediators[remediation.name];
 
     if (!T) {
       continue;
@@ -136,7 +136,7 @@ function getNextStep(remediator, idxResponse) {
   };
 }
 
-function handleIdxError(e, flow, remediator) {
+function handleIdxError(e, remediators, remediator) {
   // Handle idx messages
   const idxState = (0, _idxJs.isIdxResponse)(e) ? e : null;
 
@@ -146,7 +146,7 @@ function handleIdxError(e, flow, remediator) {
   }
 
   const terminal = isTerminalResponse(idxState);
-  const messages = getIdxMessages(idxState, flow);
+  const messages = getIdxMessages(idxState, remediators);
 
   if (terminal) {
     return {
@@ -182,7 +182,7 @@ async function remediate(idxResponse, values, options) {
     interactionCode
   } = idxResponse;
   const {
-    flow,
+    remediators,
     flowMonitor
   } = options; // If the response contains an interaction code, there is no need to remediate
 
@@ -194,7 +194,7 @@ async function remediate(idxResponse, values, options) {
 
 
   const terminal = isTerminalResponse(idxResponse);
-  const messages = getIdxMessages(idxResponse, flow);
+  const messages = getIdxMessages(idxResponse, remediators);
 
   if (terminal) {
     return {
@@ -215,7 +215,7 @@ async function remediate(idxResponse, values, options) {
         try {
           idxResponse = await idxResponse.actions[action]();
         } catch (e) {
-          return handleIdxError(e, flow);
+          return handleIdxError(e, remediators);
         }
 
         if (action === 'cancel') {
@@ -270,7 +270,7 @@ async function remediate(idxResponse, values, options) {
 
 
     const terminal = isTerminalResponse(idxResponse);
-    const messages = getIdxMessages(idxResponse, flow);
+    const messages = getIdxMessages(idxResponse, remediators);
 
     if (terminal) {
       return {
@@ -293,7 +293,7 @@ async function remediate(idxResponse, values, options) {
     values = remediator.getValuesAfterProceed();
     return remediate(idxResponse, values, options); // recursive call
   } catch (e) {
-    return handleIdxError(e, flow, remediator);
+    return handleIdxError(e, remediators, remediator);
   }
 }
 //# sourceMappingURL=remediate.js.map

package/cjs/idx/remediate.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/remediate.ts"],"names":["getRemediator","idxRemediations","values","options","flow","flowMonitor","remediator","remediatorCandidates","remediation","isRemeditionInFlow","Object","keys","includes","name","T","isRemediatorCandidate","canRemediate","push","isTerminalResponse","idxResponse","neededToProceed","interactionCode","length","canSkipFn","some","canResendFn","actions","actionName","getIdxMessages","messages","rawIdxState","globalMessages","value","map","message","fieldMessages","getMessages","getNextStep","nextStep","canSkip","canResend","handleIdxError","e","idxState","terminal","getActionFromValues","find","action","resend","removeActionFromValues","undefined","remediate","actionFromValues","valuesWithoutExecutedAction","canceled","AuthSdkError","reduce","acc","curr","loopDetected","getName","data","getData","proceed","trackRemediations","getValuesAfterProceed"],"mappings":";;;;;AAcA;;AAIA;;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAkBA;AACO,SAASA,aAAT,CACLC,eADK,EAELC,MAFK,EAGLC,OAHK,EAIO;AACZ,QAAM;AAAEC,IAAAA,IAAF;AAAQC,IAAAA;AAAR,MAAwBF,OAA9B;AAEA,MAAIG,UAAJ;AACA,QAAMC,oBAAoB,GAAG,EAA7B;;AACA,OAAK,IAAIC,WAAT,IAAwBP,eAAxB,EAAyC;AACvC,UAAMQ,kBAAkB,GAAGC,MAAM,CAACC,IAAP,CAAYP,IAAZ,EAAkBQ,QAAlB,CAA2BJ,WAAW,CAACK,IAAvC,CAA3B;;AACA,QAAI,CAACJ,kBAAL,EAAyB;AACvB;AACD;;AAED,UAAMK,CAAC,GAAGV,IAAI,CAACI,WAAW,CAACK,IAAb,CAAd;AACAP,IAAAA,UAAU,GAAG,IAAIQ,CAAJ,CAAMN,WAAN,EAAmBN,MAAnB,CAAb;;AACA,QAAIG,WAAW,CAACU,qBAAZ,CAAkCT,UAAlC,EAA8CL,eAA9C,EAA+DC,MAA/D,CAAJ,EAA4E;AAC1E,UAAII,UAAU,CAACU,YAAX,EAAJ,EAA+B;AAC7B;AACA,eAAOV,UAAP;AACD,OAJyE,CAK1E;AACA;;;AACAC,MAAAA,oBAAoB,CAACU,IAArB,CAA0BX,UAA1B;AACD;AACF,GAtBW,CAwBZ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AAEA,SAAOC,oBAAoB,CAAC,CAAD,CAA3B;AACD;;AAED,SAASW,kBAAT,CAA4BC,WAA5B,EAAsD;AACpD,QAAM;AAAEC,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA7C;AACA,SAAO,CAACC,eAAe,CAACE,MAAjB,IAA2B,CAACD,eAAnC;AACD;;AAED,SAASE,SAAT,CAAmBJ,WAAnB,EAA6C;AAC3C,SAAOA,WAAW,CAACC,eAAZ,CAA4BI,IAA5B,CAAiC,CAAC;AAAEX,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,MAAxD,CAAP;AACD;;AAED,SAASY,WAAT,CAAqBN,WAArB,EAA+C;AAC7C,SAAOT,MAAM,CAACC,IAAP,CAAYQ,WAAW,CAACO,OAAxB,EAAiCF,IAAjC,CAAsCG,UAAU,IAAIA,UAAU,CAACf,QAAX,CAAoB,QAApB,CAApD,CAAP;AACD;;AAED,SAASgB,cAAT,CACET,WADF,EAC4Bf,IAD5B,EAEgB;AAAA;;AACd,MAAIyB,QAAQ,GAAG,EAAf;;AACA,MAAI,CAACzB,IAAL,EAAW;AACT,WAAOyB,QAAP;AACD;;AAED,QAAM;AAAEC,IAAAA,WAAF;AAAeV,IAAAA;AAAf,MAAmCD,WAAzC,CANc,CAQd;;AACA,QAAMY,cAAc,4BAAGD,WAAW,CAACD,QAAf,0DAAG,sBAAsBG,KAAtB,CAA4BC,GAA5B,CAAgCC,OAAO,IAAIA,OAA3C,CAAvB;;AACA,MAAIH,cAAJ,EAAoB;AAClBF,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGE,cAAjB,CAAX;AACD,GAZa,CAcd;;;AACA,OAAK,IAAIvB,WAAT,IAAwBY,eAAxB,EAAyC;AACvC,UAAMN,CAAC,GAAGV,IAAI,CAACI,WAAW,CAACK,IAAb,CAAd;;AACA,QAAI,CAACC,CAAL,EAAQ;AACN;AACD;;AACD,UAAMR,UAAU,GAAG,IAAIQ,CAAJ,CAAMN,WAAN,CAAnB;AACA,UAAM2B,aAAa,GAAG7B,UAAU,CAAC8B,WAAX,EAAtB;;AACA,QAAID,aAAJ,EAAmB;AACjBN,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGM,aAAjB,CAAX;AACD;AACF;;AAED,SAAON,QAAP;AACD;;AAED,SAASQ,WAAT,CACE/B,UADF,EAC0Ba,WAD1B,EAEY;AACV,QAAMmB,QAAQ,GAAGhC,UAAU,CAAC+B,WAAX,EAAjB;AACA,QAAME,OAAO,GAAGhB,SAAS,CAACJ,WAAD,CAAzB;AACA,QAAMqB,SAAS,GAAGf,WAAW,CAACN,WAAD,CAA7B;AACA,SAAO,EACL,GAAGmB,QADE;AAEL,QAAIC,OAAO,IAAI;AAACA,MAAAA;AAAD,KAAf,CAFK;AAGL,QAAIC,SAAS,IAAI;AAACA,MAAAA;AAAD,KAAjB;AAHK,GAAP;AAKD;;AAED,SAASC,cAAT,CAAwBC,CAAxB,EAA2BtC,IAA3B,EAAiCE,UAAjC,EAA8C;AAC5C;AACA,QAAMqC,QAAqB,GAAG,0BAAcD,CAAd,IAAmBA,CAAnB,GAAuB,IAArD;;AACA,MAAI,CAACC,QAAL,EAAe;AACb;AACA,UAAMD,CAAN;AACD;;AACD,QAAME,QAAQ,GAAG1B,kBAAkB,CAACyB,QAAD,CAAnC;AACA,QAAMd,QAAQ,GAAGD,cAAc,CAACe,QAAD,EAAWvC,IAAX,CAA/B;;AACA,MAAIwC,QAAJ,EAAc;AACZ,WAAO;AAAEA,MAAAA,QAAF;AAAYf,MAAAA;AAAZ,KAAP;AACD,GAFD,MAEO;AACL,UAAMS,QAAQ,GAAGhC,UAAU,IAAI+B,WAAW,CAAC/B,UAAD,EAAaqC,QAAb,CAA1C;AACA,WAAO;AACLd,MAAAA,QADK;AAEL,UAAIS,QAAQ,IAAI;AAAEA,QAAAA;AAAF,OAAhB;AAFK,KAAP;AAID;AACF;;AAED,SAASO,mBAAT,CAA6B3C,MAA7B,EAAqCiB,WAArC,EAAmF;AACjF;AACA,SAAOT,MAAM,CAACC,IAAP,CAAYQ,WAAW,CAACO,OAAxB,EAAiCoB,IAAjC,CAAsCC,MAAM,IAAI,CAAC,CAAC7C,MAAM,CAAC8C,MAAT,IAAmBD,MAAM,CAACnC,QAAP,CAAgB,SAAhB,CAAnE,CAAP;AACD;;AAED,SAASqC,sBAAT,CAAgC/C,MAAhC,EAAwC;AACtC;AACAA,EAAAA,MAAM,CAAC8C,MAAP,GAAgBE,SAAhB;AACA,SAAOhD,MAAP;AACD,C,CAED;;;AACO,eAAeiD,SAAf,CACLhC,WADK,EAELjB,MAFK,EAGLC,OAHK,EAIyB;AAC9B,MAAI;AAAEiB,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA3C;AACA,QAAM;AAAEf,IAAAA,IAAF;AAAQC,IAAAA;AAAR,MAAwBF,OAA9B,CAF8B,CAI9B;;AACA,MAAIkB,eAAJ,EAAqB;AACnB,WAAO;AAAEF,MAAAA;AAAF,KAAP;AACD,GAP6B,CAS9B;;;AACA,QAAMyB,QAAQ,GAAG1B,kBAAkB,CAACC,WAAD,CAAnC;AACA,QAAMU,QAAQ,GAAGD,cAAc,CAACT,WAAD,EAAcf,IAAd,CAA/B;;AACA,MAAIwC,QAAJ,EAAc;AACZ,WAAO;AAAEA,MAAAA,QAAF;AAAYf,MAAAA;AAAZ,KAAP;AACD,GAd6B,CAgB9B;;;AACA,QAAMuB,gBAAgB,GAAGP,mBAAmB,CAAC3C,MAAD,EAASiB,WAAT,CAA5C;AACA,QAAMO,OAAO,GAAG,CACd,IAAGvB,OAAO,CAACuB,OAAR,IAAmB,EAAtB,CADc,EAEd,IAAI0B,gBAAgB,IAAI,CAACA,gBAAD,CAApB,IAA0C,EAA9C,CAFc,CAAhB;;AAIA,MAAI1B,OAAJ,EAAa;AACX,SAAK,IAAIqB,MAAT,IAAmBrB,OAAnB,EAA4B;AAC1B,UAAI2B,2BAA2B,GAAGJ,sBAAsB,CAAC/C,MAAD,CAAxD;;AACA,UAAI,OAAOiB,WAAW,CAACO,OAAZ,CAAoBqB,MAApB,CAAP,KAAuC,UAA3C,EAAuD;AACrD,YAAI;AACF5B,UAAAA,WAAW,GAAG,MAAMA,WAAW,CAACO,OAAZ,CAAoBqB,MAApB,GAApB;AACD,SAFD,CAEE,OAAOL,CAAP,EAAU;AACV,iBAAOD,cAAc,CAACC,CAAD,EAAItC,IAAJ,CAArB;AACD;;AACD,YAAI2C,MAAM,KAAK,QAAf,EAAyB;AACvB,iBAAO;AAAEO,YAAAA,QAAQ,EAAE;AAAZ,WAAP;AACD;;AACD,eAAOH,SAAS,CAAChC,WAAD,EAAckC,2BAAd,EAA2ClD,OAA3C,CAAhB,CATqD,CASgB;AACtE;AACF;AACF;;AAED,QAAMG,UAAU,GAAGN,aAAa,CAACoB,eAAD,EAAkBlB,MAAlB,EAA0BC,OAA1B,CAAhC;;AAEA,MAAI,CAACG,UAAL,EAAiB;AACf,UAAM,IAAIiD,oBAAJ,CAAkB;AAC5B;AACA,uBAAuBnC,eAAe,CAACoC,MAAhB,CAAuB,CAACC,GAAD,EAAMC,IAAN,KAAeD,GAAG,GAAGA,GAAG,GAAG,IAAN,GAAaC,IAAI,CAAC7C,IAArB,GAA4B6C,IAAI,CAAC7C,IAA1E,EAAgF,EAAhF,CAAoF;AAC3G,KAHU,CAAN;AAID;;AAED,MAAIR,WAAW,CAACsD,YAAZ,CAAyBrD,UAAzB,CAAJ,EAA0C;AACxC,UAAM,IAAIiD,oBAAJ,CAAkB;AAC5B,yDAAyDjD,UAAU,CAACsD,OAAX,EAAqB;AAC9E,KAFU,CAAN;AAGD,GApD6B,CAsD9B;AACA;;;AACA,MAAI,CAACtD,UAAU,CAACU,YAAX,EAAL,EAAgC;AAC9B,UAAMsB,QAAQ,GAAGD,WAAW,CAAC/B,UAAD,EAAaa,WAAb,CAA5B;AACA,WAAO;AAAEA,MAAAA,WAAF;AAAemB,MAAAA;AAAf,KAAP;AACD;;AAED,QAAMzB,IAAI,GAAGP,UAAU,CAACsD,OAAX,EAAb;AACA,QAAMC,IAAI,GAAGvD,UAAU,CAACwD,OAAX,EAAb;;AACA,MAAI;AACF3C,IAAAA,WAAW,GAAG,MAAMA,WAAW,CAAC4C,OAAZ,CAAoBlD,IAApB,EAA0BgD,IAA1B,CAApB,CADE,CAGF;;AACA,UAAMxD,WAAW,CAAC2D,iBAAZ,CAA8BnD,IAA9B,CAAN,CAJE,CAMF;;AACA,QAAIM,WAAW,CAACE,eAAhB,EAAiC;AAC/B,aAAO;AAAEF,QAAAA;AAAF,OAAP;AACD,KATC,CAWF;;;AACA,UAAMyB,QAAQ,GAAG1B,kBAAkB,CAACC,WAAD,CAAnC;AACA,UAAMU,QAAQ,GAAGD,cAAc,CAACT,WAAD,EAAcf,IAAd,CAA/B;;AACA,QAAIwC,QAAJ,EAAc;AACZ,aAAO;AAAEA,QAAAA,QAAF;AAAYf,QAAAA;AAAZ,OAAP;AACD,KAhBC,CAkBF;;;AACA,QAAIA,QAAQ,CAACP,MAAb,EAAqB;AACnB,YAAMgB,QAAQ,GAAGD,WAAW,CAAC/B,UAAD,EAAaa,WAAb,CAA5B;AACA,aAAO;AAAEmB,QAAAA,QAAF;AAAYT,QAAAA;AAAZ,OAAP;AACD,KAtBC,CAwBF;AACA;;;AACA3B,IAAAA,MAAM,GAAGI,UAAU,CAAC2D,qBAAX,EAAT;AACA,WAAOd,SAAS,CAAChC,WAAD,EAAcjB,MAAd,EAAsBC,OAAtB,CAAhB,CA3BE,CA2B8C;AACjD,GA5BD,CA4BE,OAAOuC,CAAP,EAAU;AACV,WAAOD,cAAc,CAACC,CAAD,EAAItC,IAAJ,EAAUE,UAAV,CAArB;AACD;AACF","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, max-depth, complexity */\nimport { AuthSdkError } from '../errors';\nimport { Remediator, RemediationValues } from './remediators';\nimport { RunOptions, RemediationFlow } from './run';\nimport { NextStep, IdxMessage } from './types';\nimport { \n  IdxResponse,  \n  IdxRemediation,\n  isIdxResponse, \n} from './types/idx-js';\n\ninterface RemediationResponse {\n  idxResponse?: IdxResponse;\n  nextStep?: NextStep;\n  messages?: IdxMessage[];\n  terminal?: boolean;\n  canceled?: boolean;\n}\n// Return first match idxRemediation in allowed remediators\nexport function getRemediator(\n  idxRemediations: IdxRemediation[],\n  values: RemediationValues,\n  options: RunOptions,\n): Remediator {\n  const { flow, flowMonitor } = options;\n\n  let remediator;\n  const remediatorCandidates = [];\n  for (let remediation of idxRemediations) {\n    const isRemeditionInFlow = Object.keys(flow).includes(remediation.name);\n    if (!isRemeditionInFlow) {\n      continue;\n    }\n      \n    const T = flow[remediation.name];\n    remediator = new T(remediation, values);\n    if (flowMonitor.isRemediatorCandidate(remediator, idxRemediations, values)) {\n      if (remediator.canRemediate()) {\n        // found the remediator\n        return remediator;\n      }\n      // remediator cannot handle the current values\n      // maybe return for next step\n      remediatorCandidates.push(remediator);  \n    }\n  }\n  \n  // TODO: why is it a problem to have multiple remediations? \n  // JIRA: https://oktainc.atlassian.net/browse/OKTA-400758\n  // if (remediatorCandidates.length > 1) {\n  //   const remediationNames = remediatorCandidates.reduce((acc, curr) => {\n  //     const name = curr.getName();\n  //     return acc ? `${acc}, ${name}` : name;\n  //   }, '');\n  //   throw new AuthSdkError(`\n  //     More than one remediation can match the current input, remediations: ${remediationNames}\n  //   `);\n  // }\n\n  return remediatorCandidates[0];\n}\n\nfunction isTerminalResponse(idxResponse: IdxResponse) {\n  const { neededToProceed, interactionCode } = idxResponse;\n  return !neededToProceed.length && !interactionCode;\n}\n\nfunction canSkipFn(idxResponse: IdxResponse) {\n  return idxResponse.neededToProceed.some(({ name }) => name === 'skip');\n}\n\nfunction canResendFn(idxResponse: IdxResponse) {\n  return Object.keys(idxResponse.actions).some(actionName => actionName.includes('resend'));\n}\n\nfunction getIdxMessages(\n  idxResponse: IdxResponse, flow: RemediationFlow\n): IdxMessage[] {\n  let messages = [];\n  if (!flow) {\n    return messages;\n  }\n\n  const { rawIdxState, neededToProceed } = idxResponse;\n\n  // Handle global messages\n  const globalMessages = rawIdxState.messages?.value.map(message => message);\n  if (globalMessages) {\n    messages = [...messages, ...globalMessages];\n  }\n\n  // Handle field messages for current flow\n  for (let remediation of neededToProceed) {\n    const T = flow[remediation.name];\n    if (!T) {\n      continue;\n    }\n    const remediator = new T(remediation);\n    const fieldMessages = remediator.getMessages();\n    if (fieldMessages) {\n      messages = [...messages, ...fieldMessages];\n    }\n  }\n\n  return messages;\n}\n\nfunction getNextStep(\n  remediator: Remediator, idxResponse: IdxResponse\n): NextStep {\n  const nextStep = remediator.getNextStep();\n  const canSkip = canSkipFn(idxResponse);\n  const canResend = canResendFn(idxResponse);\n  return {\n    ...nextStep,\n    ...(canSkip && {canSkip}),\n    ...(canResend && {canResend}),\n  };\n}\n\nfunction handleIdxError(e, flow, remediator?) {\n  // Handle idx messages\n  const idxState: IdxResponse = isIdxResponse(e) ? e : null;\n  if (!idxState) {\n    // Thrown error terminates the interaction with idx\n    throw e;\n  }\n  const terminal = isTerminalResponse(idxState);\n  const messages = getIdxMessages(idxState, flow);\n  if (terminal) {\n    return { terminal, messages };\n  } else {\n    const nextStep = remediator && getNextStep(remediator, idxState);\n    return { \n      messages, \n      ...(nextStep && { nextStep }) \n    };\n  }\n}\n\nfunction getActionFromValues(values, idxResponse: IdxResponse): string | undefined {\n  // Currently support resend actions only\n  return Object.keys(idxResponse.actions).find(action => !!values.resend && action.includes('-resend'));\n}\n\nfunction removeActionFromValues(values) {\n  // Currently support resend actions only\n  values.resend = undefined;\n  return values;\n}\n\n// This function is called recursively until it reaches success or cannot be remediated\nexport async function remediate(\n  idxResponse: IdxResponse,\n  values: RemediationValues,\n  options: RunOptions\n): Promise<RemediationResponse> {\n  let { neededToProceed, interactionCode } = idxResponse;\n  const { flow, flowMonitor } = options;\n\n  // If the response contains an interaction code, there is no need to remediate\n  if (interactionCode) {\n    return { idxResponse };\n  }\n\n  // Reach to terminal state\n  const terminal = isTerminalResponse(idxResponse);\n  const messages = getIdxMessages(idxResponse, flow);\n  if (terminal) {\n    return { terminal, messages };\n  }\n  \n  // Try actions in idxResponse first\n  const actionFromValues = getActionFromValues(values, idxResponse);\n  const actions = [\n    ...options.actions || [],\n    ...(actionFromValues && [actionFromValues] || []),\n  ];\n  if (actions) {\n    for (let action of actions) {\n      let valuesWithoutExecutedAction = removeActionFromValues(values);\n      if (typeof idxResponse.actions[action] === 'function') {\n        try {\n          idxResponse = await idxResponse.actions[action]();\n        } catch (e) {\n          return handleIdxError(e, flow);\n        }\n        if (action === 'cancel') {\n          return { canceled: true };\n        }\n        return remediate(idxResponse, valuesWithoutExecutedAction, options); // recursive call\n      }\n    }\n  }\n\n  const remediator = getRemediator(neededToProceed, values, options);\n  \n  if (!remediator) {\n    throw new AuthSdkError(`\n      No remediation can match current flow, check policy settings in your org.\n      Remediations: [${neededToProceed.reduce((acc, curr) => acc ? acc + ' ,' + curr.name : curr.name, '')}]\n    `);\n  }\n\n  if (flowMonitor.loopDetected(remediator)) {\n    throw new AuthSdkError(`\n      Remediation run into loop, break!!! remediation: ${remediator.getName()}\n    `);\n  }\n\n  // Recursive loop breaker\n  // Return next step to the caller\n  if (!remediator.canRemediate()) {\n    const nextStep = getNextStep(remediator, idxResponse);\n    return { idxResponse, nextStep };\n  }\n\n  const name = remediator.getName();\n  const data = remediator.getData();\n  try {\n    idxResponse = await idxResponse.proceed(name, data);\n\n    // Track succeed remediations in the current transaction\n    await flowMonitor.trackRemediations(name);\n    \n    // Successfully get interaction code\n    if (idxResponse.interactionCode) {\n      return { idxResponse };\n    }\n\n    // Reach to terminal state\n    const terminal = isTerminalResponse(idxResponse);\n    const messages = getIdxMessages(idxResponse, flow);\n    if (terminal) {\n      return { terminal, messages };\n    }\n\n    // Handle idx message in nextStep\n    if (messages.length) {\n      const nextStep = getNextStep(remediator, idxResponse);\n      return { nextStep, messages };\n    }\n    \n    // We may want to trim the values bag for the next remediation\n    // Let the remediator decide what the values should be (default to current values)\n    values = remediator.getValuesAfterProceed();\n    return remediate(idxResponse, values, options); // recursive call\n  } catch (e) {\n    return handleIdxError(e, flow, remediator);\n  }\n}\n"],"file":"remediate.js"}
+{"version":3,"sources":["../../../lib/idx/remediate.ts"],"names":["getRemediator","idxRemediations","values","options","remediators","flowMonitor","remediator","remediatorCandidates","remediation","isRemeditionInFlow","Object","keys","includes","name","T","isRemediatorCandidate","canRemediate","push","isTerminalResponse","idxResponse","neededToProceed","interactionCode","length","canSkipFn","some","canResendFn","actions","actionName","getIdxMessages","messages","rawIdxState","globalMessages","value","map","message","fieldMessages","getMessages","getNextStep","nextStep","canSkip","canResend","handleIdxError","e","idxState","terminal","getActionFromValues","find","action","resend","removeActionFromValues","undefined","remediate","actionFromValues","valuesWithoutExecutedAction","canceled","AuthSdkError","reduce","acc","curr","loopDetected","getName","data","getData","proceed","trackRemediations","getValuesAfterProceed"],"mappings":";;;;;AAcA;;AAKA;;AAnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAmBA;AACO,SAASA,aAAT,CACLC,eADK,EAELC,MAFK,EAGLC,OAHK,EAIO;AACZ,QAAM;AAAEC,IAAAA,WAAF;AAAeC,IAAAA;AAAf,MAA+BF,OAArC;AAEA,MAAIG,UAAJ;AACA,QAAMC,oBAAoB,GAAG,EAA7B;;AACA,OAAK,IAAIC,WAAT,IAAwBP,eAAxB,EAAyC;AACvC,UAAMQ,kBAAkB,GAAGC,MAAM,CAACC,IAAP,CAAYP,WAAZ,EAAyBQ,QAAzB,CAAkCJ,WAAW,CAACK,IAA9C,CAA3B;;AACA,QAAI,CAACJ,kBAAL,EAAyB;AACvB;AACD;;AAED,UAAMK,CAAC,GAAGV,WAAW,CAACI,WAAW,CAACK,IAAb,CAArB;AACAP,IAAAA,UAAU,GAAG,IAAIQ,CAAJ,CAAMN,WAAN,EAAmBN,MAAnB,CAAb;;AACA,QAAIG,WAAW,CAACU,qBAAZ,CAAkCT,UAAlC,EAA8CL,eAA9C,EAA+DC,MAA/D,CAAJ,EAA4E;AAC1E,UAAII,UAAU,CAACU,YAAX,EAAJ,EAA+B;AAC7B;AACA,eAAOV,UAAP;AACD,OAJyE,CAK1E;AACA;;;AACAC,MAAAA,oBAAoB,CAACU,IAArB,CAA0BX,UAA1B;AACD;AACF,GAtBW,CAwBZ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AAEA,SAAOC,oBAAoB,CAAC,CAAD,CAA3B;AACD;;AAED,SAASW,kBAAT,CAA4BC,WAA5B,EAAsD;AACpD,QAAM;AAAEC,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA7C;AACA,SAAO,CAACC,eAAe,CAACE,MAAjB,IAA2B,CAACD,eAAnC;AACD;;AAED,SAASE,SAAT,CAAmBJ,WAAnB,EAA6C;AAC3C,SAAOA,WAAW,CAACC,eAAZ,CAA4BI,IAA5B,CAAiC,CAAC;AAAEX,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,MAAxD,CAAP;AACD;;AAED,SAASY,WAAT,CAAqBN,WAArB,EAA+C;AAC7C,SAAOT,MAAM,CAACC,IAAP,CAAYQ,WAAW,CAACO,OAAxB,EAAiCF,IAAjC,CAAsCG,UAAU,IAAIA,UAAU,CAACf,QAAX,CAAoB,QAApB,CAApD,CAAP;AACD;;AAED,SAASgB,cAAT,CACET,WADF,EAC4Bf,WAD5B,EAEgB;AAAA;;AACd,MAAIyB,QAAQ,GAAG,EAAf;;AACA,MAAI,CAACzB,WAAL,EAAkB;AAChB,WAAOyB,QAAP;AACD;;AAED,QAAM;AAAEC,IAAAA,WAAF;AAAeV,IAAAA;AAAf,MAAmCD,WAAzC,CANc,CAQd;;AACA,QAAMY,cAAc,4BAAGD,WAAW,CAACD,QAAf,0DAAG,sBAAsBG,KAAtB,CAA4BC,GAA5B,CAAgCC,OAAO,IAAIA,OAA3C,CAAvB;;AACA,MAAIH,cAAJ,EAAoB;AAClBF,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGE,cAAjB,CAAX;AACD,GAZa,CAcd;;;AACA,OAAK,IAAIvB,WAAT,IAAwBY,eAAxB,EAAyC;AACvC,UAAMN,CAAC,GAAGV,WAAW,CAACI,WAAW,CAACK,IAAb,CAArB;;AACA,QAAI,CAACC,CAAL,EAAQ;AACN;AACD;;AACD,UAAMR,UAAU,GAAG,IAAIQ,CAAJ,CAAMN,WAAN,CAAnB;AACA,UAAM2B,aAAa,GAAG7B,UAAU,CAAC8B,WAAX,EAAtB;;AACA,QAAID,aAAJ,EAAmB;AACjBN,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGM,aAAjB,CAAX;AACD;AACF;;AAED,SAAON,QAAP;AACD;;AAED,SAASQ,WAAT,CACE/B,UADF,EAC0Ba,WAD1B,EAEY;AACV,QAAMmB,QAAQ,GAAGhC,UAAU,CAAC+B,WAAX,EAAjB;AACA,QAAME,OAAO,GAAGhB,SAAS,CAACJ,WAAD,CAAzB;AACA,QAAMqB,SAAS,GAAGf,WAAW,CAACN,WAAD,CAA7B;AACA,SAAO,EACL,GAAGmB,QADE;AAEL,QAAIC,OAAO,IAAI;AAACA,MAAAA;AAAD,KAAf,CAFK;AAGL,QAAIC,SAAS,IAAI;AAACA,MAAAA;AAAD,KAAjB;AAHK,GAAP;AAKD;;AAED,SAASC,cAAT,CAAwBC,CAAxB,EAA2BtC,WAA3B,EAAwCE,UAAxC,EAAqD;AACnD;AACA,QAAMqC,QAAqB,GAAG,0BAAcD,CAAd,IAAmBA,CAAnB,GAAuB,IAArD;;AACA,MAAI,CAACC,QAAL,EAAe;AACb;AACA,UAAMD,CAAN;AACD;;AACD,QAAME,QAAQ,GAAG1B,kBAAkB,CAACyB,QAAD,CAAnC;AACA,QAAMd,QAAQ,GAAGD,cAAc,CAACe,QAAD,EAAWvC,WAAX,CAA/B;;AACA,MAAIwC,QAAJ,EAAc;AACZ,WAAO;AAAEA,MAAAA,QAAF;AAAYf,MAAAA;AAAZ,KAAP;AACD,GAFD,MAEO;AACL,UAAMS,QAAQ,GAAGhC,UAAU,IAAI+B,WAAW,CAAC/B,UAAD,EAAaqC,QAAb,CAA1C;AACA,WAAO;AACLd,MAAAA,QADK;AAEL,UAAIS,QAAQ,IAAI;AAAEA,QAAAA;AAAF,OAAhB;AAFK,KAAP;AAID;AACF;;AAED,SAASO,mBAAT,CAA6B3C,MAA7B,EAAqCiB,WAArC,EAAmF;AACjF;AACA,SAAOT,MAAM,CAACC,IAAP,CAAYQ,WAAW,CAACO,OAAxB,EAAiCoB,IAAjC,CAAsCC,MAAM,IAAI,CAAC,CAAC7C,MAAM,CAAC8C,MAAT,IAAmBD,MAAM,CAACnC,QAAP,CAAgB,SAAhB,CAAnE,CAAP;AACD;;AAED,SAASqC,sBAAT,CAAgC/C,MAAhC,EAAwC;AACtC;AACAA,EAAAA,MAAM,CAAC8C,MAAP,GAAgBE,SAAhB;AACA,SAAOhD,MAAP;AACD,C,CAED;;;AACO,eAAeiD,SAAf,CACLhC,WADK,EAELjB,MAFK,EAGLC,OAHK,EAIyB;AAC9B,MAAI;AAAEiB,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA3C;AACA,QAAM;AAAEf,IAAAA,WAAF;AAAeC,IAAAA;AAAf,MAA+BF,OAArC,CAF8B,CAI9B;;AACA,MAAIkB,eAAJ,EAAqB;AACnB,WAAO;AAAEF,MAAAA;AAAF,KAAP;AACD,GAP6B,CAS9B;;;AACA,QAAMyB,QAAQ,GAAG1B,kBAAkB,CAACC,WAAD,CAAnC;AACA,QAAMU,QAAQ,GAAGD,cAAc,CAACT,WAAD,EAAcf,WAAd,CAA/B;;AACA,MAAIwC,QAAJ,EAAc;AACZ,WAAO;AAAEA,MAAAA,QAAF;AAAYf,MAAAA;AAAZ,KAAP;AACD,GAd6B,CAgB9B;;;AACA,QAAMuB,gBAAgB,GAAGP,mBAAmB,CAAC3C,MAAD,EAASiB,WAAT,CAA5C;AACA,QAAMO,OAAO,GAAG,CACd,IAAGvB,OAAO,CAACuB,OAAR,IAAmB,EAAtB,CADc,EAEd,IAAI0B,gBAAgB,IAAI,CAACA,gBAAD,CAApB,IAA0C,EAA9C,CAFc,CAAhB;;AAIA,MAAI1B,OAAJ,EAAa;AACX,SAAK,IAAIqB,MAAT,IAAmBrB,OAAnB,EAA4B;AAC1B,UAAI2B,2BAA2B,GAAGJ,sBAAsB,CAAC/C,MAAD,CAAxD;;AACA,UAAI,OAAOiB,WAAW,CAACO,OAAZ,CAAoBqB,MAApB,CAAP,KAAuC,UAA3C,EAAuD;AACrD,YAAI;AACF5B,UAAAA,WAAW,GAAG,MAAMA,WAAW,CAACO,OAAZ,CAAoBqB,MAApB,GAApB;AACD,SAFD,CAEE,OAAOL,CAAP,EAAU;AACV,iBAAOD,cAAc,CAACC,CAAD,EAAItC,WAAJ,CAArB;AACD;;AACD,YAAI2C,MAAM,KAAK,QAAf,EAAyB;AACvB,iBAAO;AAAEO,YAAAA,QAAQ,EAAE;AAAZ,WAAP;AACD;;AACD,eAAOH,SAAS,CAAChC,WAAD,EAAckC,2BAAd,EAA2ClD,OAA3C,CAAhB,CATqD,CASgB;AACtE;AACF;AACF;;AAED,QAAMG,UAAU,GAAGN,aAAa,CAACoB,eAAD,EAAkBlB,MAAlB,EAA0BC,OAA1B,CAAhC;;AAEA,MAAI,CAACG,UAAL,EAAiB;AACf,UAAM,IAAIiD,oBAAJ,CAAkB;AAC5B;AACA,uBAAuBnC,eAAe,CAACoC,MAAhB,CAAuB,CAACC,GAAD,EAAMC,IAAN,KAAeD,GAAG,GAAGA,GAAG,GAAG,IAAN,GAAaC,IAAI,CAAC7C,IAArB,GAA4B6C,IAAI,CAAC7C,IAA1E,EAAgF,EAAhF,CAAoF;AAC3G,KAHU,CAAN;AAID;;AAED,MAAIR,WAAW,CAACsD,YAAZ,CAAyBrD,UAAzB,CAAJ,EAA0C;AACxC,UAAM,IAAIiD,oBAAJ,CAAkB;AAC5B,yDAAyDjD,UAAU,CAACsD,OAAX,EAAqB;AAC9E,KAFU,CAAN;AAGD,GApD6B,CAsD9B;AACA;;;AACA,MAAI,CAACtD,UAAU,CAACU,YAAX,EAAL,EAAgC;AAC9B,UAAMsB,QAAQ,GAAGD,WAAW,CAAC/B,UAAD,EAAaa,WAAb,CAA5B;AACA,WAAO;AAAEA,MAAAA,WAAF;AAAemB,MAAAA;AAAf,KAAP;AACD;;AAED,QAAMzB,IAAI,GAAGP,UAAU,CAACsD,OAAX,EAAb;AACA,QAAMC,IAAI,GAAGvD,UAAU,CAACwD,OAAX,EAAb;;AACA,MAAI;AACF3C,IAAAA,WAAW,GAAG,MAAMA,WAAW,CAAC4C,OAAZ,CAAoBlD,IAApB,EAA0BgD,IAA1B,CAApB,CADE,CAGF;;AACA,UAAMxD,WAAW,CAAC2D,iBAAZ,CAA8BnD,IAA9B,CAAN,CAJE,CAMF;;AACA,QAAIM,WAAW,CAACE,eAAhB,EAAiC;AAC/B,aAAO;AAAEF,QAAAA;AAAF,OAAP;AACD,KATC,CAWF;;;AACA,UAAMyB,QAAQ,GAAG1B,kBAAkB,CAACC,WAAD,CAAnC;AACA,UAAMU,QAAQ,GAAGD,cAAc,CAACT,WAAD,EAAcf,WAAd,CAA/B;;AACA,QAAIwC,QAAJ,EAAc;AACZ,aAAO;AAAEA,QAAAA,QAAF;AAAYf,QAAAA;AAAZ,OAAP;AACD,KAhBC,CAkBF;;;AACA,QAAIA,QAAQ,CAACP,MAAb,EAAqB;AACnB,YAAMgB,QAAQ,GAAGD,WAAW,CAAC/B,UAAD,EAAaa,WAAb,CAA5B;AACA,aAAO;AAAEmB,QAAAA,QAAF;AAAYT,QAAAA;AAAZ,OAAP;AACD,KAtBC,CAwBF;AACA;;;AACA3B,IAAAA,MAAM,GAAGI,UAAU,CAAC2D,qBAAX,EAAT;AACA,WAAOd,SAAS,CAAChC,WAAD,EAAcjB,MAAd,EAAsBC,OAAtB,CAAhB,CA3BE,CA2B8C;AACjD,GA5BD,CA4BE,OAAOuC,CAAP,EAAU;AACV,WAAOD,cAAc,CAACC,CAAD,EAAItC,WAAJ,EAAiBE,UAAjB,CAArB;AACD;AACF","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, max-depth, complexity */\nimport { AuthSdkError } from '../errors';\nimport { Remediator, RemediationValues } from './remediators';\nimport { RemediationFlow } from './flow';\nimport { RunOptions } from './run';\nimport { NextStep, IdxMessage } from './types';\nimport { \n  IdxResponse,  \n  IdxRemediation,\n  isIdxResponse, \n} from './types/idx-js';\n\ninterface RemediationResponse {\n  idxResponse?: IdxResponse;\n  nextStep?: NextStep;\n  messages?: IdxMessage[];\n  terminal?: boolean;\n  canceled?: boolean;\n}\n// Return first match idxRemediation in allowed remediators\nexport function getRemediator(\n  idxRemediations: IdxRemediation[],\n  values: RemediationValues,\n  options: RunOptions,\n): Remediator {\n  const { remediators, flowMonitor } = options;\n\n  let remediator;\n  const remediatorCandidates = [];\n  for (let remediation of idxRemediations) {\n    const isRemeditionInFlow = Object.keys(remediators).includes(remediation.name);\n    if (!isRemeditionInFlow) {\n      continue;\n    }\n      \n    const T = remediators[remediation.name];\n    remediator = new T(remediation, values);\n    if (flowMonitor.isRemediatorCandidate(remediator, idxRemediations, values)) {\n      if (remediator.canRemediate()) {\n        // found the remediator\n        return remediator;\n      }\n      // remediator cannot handle the current values\n      // maybe return for next step\n      remediatorCandidates.push(remediator);  \n    }\n  }\n  \n  // TODO: why is it a problem to have multiple remediations? \n  // JIRA: https://oktainc.atlassian.net/browse/OKTA-400758\n  // if (remediatorCandidates.length > 1) {\n  //   const remediationNames = remediatorCandidates.reduce((acc, curr) => {\n  //     const name = curr.getName();\n  //     return acc ? `${acc}, ${name}` : name;\n  //   }, '');\n  //   throw new AuthSdkError(`\n  //     More than one remediation can match the current input, remediations: ${remediationNames}\n  //   `);\n  // }\n\n  return remediatorCandidates[0];\n}\n\nfunction isTerminalResponse(idxResponse: IdxResponse) {\n  const { neededToProceed, interactionCode } = idxResponse;\n  return !neededToProceed.length && !interactionCode;\n}\n\nfunction canSkipFn(idxResponse: IdxResponse) {\n  return idxResponse.neededToProceed.some(({ name }) => name === 'skip');\n}\n\nfunction canResendFn(idxResponse: IdxResponse) {\n  return Object.keys(idxResponse.actions).some(actionName => actionName.includes('resend'));\n}\n\nfunction getIdxMessages(\n  idxResponse: IdxResponse, remediators: RemediationFlow\n): IdxMessage[] {\n  let messages = [];\n  if (!remediators) {\n    return messages;\n  }\n\n  const { rawIdxState, neededToProceed } = idxResponse;\n\n  // Handle global messages\n  const globalMessages = rawIdxState.messages?.value.map(message => message);\n  if (globalMessages) {\n    messages = [...messages, ...globalMessages];\n  }\n\n  // Handle field messages for current flow\n  for (let remediation of neededToProceed) {\n    const T = remediators[remediation.name];\n    if (!T) {\n      continue;\n    }\n    const remediator = new T(remediation);\n    const fieldMessages = remediator.getMessages();\n    if (fieldMessages) {\n      messages = [...messages, ...fieldMessages];\n    }\n  }\n\n  return messages;\n}\n\nfunction getNextStep(\n  remediator: Remediator, idxResponse: IdxResponse\n): NextStep {\n  const nextStep = remediator.getNextStep();\n  const canSkip = canSkipFn(idxResponse);\n  const canResend = canResendFn(idxResponse);\n  return {\n    ...nextStep,\n    ...(canSkip && {canSkip}),\n    ...(canResend && {canResend}),\n  };\n}\n\nfunction handleIdxError(e, remediators, remediator?) {\n  // Handle idx messages\n  const idxState: IdxResponse = isIdxResponse(e) ? e : null;\n  if (!idxState) {\n    // Thrown error terminates the interaction with idx\n    throw e;\n  }\n  const terminal = isTerminalResponse(idxState);\n  const messages = getIdxMessages(idxState, remediators);\n  if (terminal) {\n    return { terminal, messages };\n  } else {\n    const nextStep = remediator && getNextStep(remediator, idxState);\n    return { \n      messages, \n      ...(nextStep && { nextStep }) \n    };\n  }\n}\n\nfunction getActionFromValues(values, idxResponse: IdxResponse): string | undefined {\n  // Currently support resend actions only\n  return Object.keys(idxResponse.actions).find(action => !!values.resend && action.includes('-resend'));\n}\n\nfunction removeActionFromValues(values) {\n  // Currently support resend actions only\n  values.resend = undefined;\n  return values;\n}\n\n// This function is called recursively until it reaches success or cannot be remediated\nexport async function remediate(\n  idxResponse: IdxResponse,\n  values: RemediationValues,\n  options: RunOptions\n): Promise<RemediationResponse> {\n  let { neededToProceed, interactionCode } = idxResponse;\n  const { remediators, flowMonitor } = options;\n\n  // If the response contains an interaction code, there is no need to remediate\n  if (interactionCode) {\n    return { idxResponse };\n  }\n\n  // Reach to terminal state\n  const terminal = isTerminalResponse(idxResponse);\n  const messages = getIdxMessages(idxResponse, remediators);\n  if (terminal) {\n    return { terminal, messages };\n  }\n  \n  // Try actions in idxResponse first\n  const actionFromValues = getActionFromValues(values, idxResponse);\n  const actions = [\n    ...options.actions || [],\n    ...(actionFromValues && [actionFromValues] || []),\n  ];\n  if (actions) {\n    for (let action of actions) {\n      let valuesWithoutExecutedAction = removeActionFromValues(values);\n      if (typeof idxResponse.actions[action] === 'function') {\n        try {\n          idxResponse = await idxResponse.actions[action]();\n        } catch (e) {\n          return handleIdxError(e, remediators);\n        }\n        if (action === 'cancel') {\n          return { canceled: true };\n        }\n        return remediate(idxResponse, valuesWithoutExecutedAction, options); // recursive call\n      }\n    }\n  }\n\n  const remediator = getRemediator(neededToProceed, values, options);\n  \n  if (!remediator) {\n    throw new AuthSdkError(`\n      No remediation can match current flow, check policy settings in your org.\n      Remediations: [${neededToProceed.reduce((acc, curr) => acc ? acc + ' ,' + curr.name : curr.name, '')}]\n    `);\n  }\n\n  if (flowMonitor.loopDetected(remediator)) {\n    throw new AuthSdkError(`\n      Remediation run into loop, break!!! remediation: ${remediator.getName()}\n    `);\n  }\n\n  // Recursive loop breaker\n  // Return next step to the caller\n  if (!remediator.canRemediate()) {\n    const nextStep = getNextStep(remediator, idxResponse);\n    return { idxResponse, nextStep };\n  }\n\n  const name = remediator.getName();\n  const data = remediator.getData();\n  try {\n    idxResponse = await idxResponse.proceed(name, data);\n\n    // Track succeed remediations in the current transaction\n    await flowMonitor.trackRemediations(name);\n    \n    // Successfully get interaction code\n    if (idxResponse.interactionCode) {\n      return { idxResponse };\n    }\n\n    // Reach to terminal state\n    const terminal = isTerminalResponse(idxResponse);\n    const messages = getIdxMessages(idxResponse, remediators);\n    if (terminal) {\n      return { terminal, messages };\n    }\n\n    // Handle idx message in nextStep\n    if (messages.length) {\n      const nextStep = getNextStep(remediator, idxResponse);\n      return { nextStep, messages };\n    }\n    \n    // We may want to trim the values bag for the next remediation\n    // Let the remediator decide what the values should be (default to current values)\n    values = remediator.getValuesAfterProceed();\n    return remediate(idxResponse, values, options); // recursive call\n  } catch (e) {\n    return handleIdxError(e, remediators, remediator);\n  }\n}\n"],"file":"remediate.js"}

package/cjs/idx/remediators/Identify.js

@@ -27,7 +27,8 @@ class Identify extends _Remediator.Remediator {
 
     (0, _defineProperty2.default)(this, "map", {
       'identifier': ['username'],
-      'credentials': []
+      'credentials': [],
+      'rememberMe': ['rememberMe']
     });
     const {
       password,

package/cjs/idx/remediators/Identify.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/idx/remediators/Identify.ts"],"names":["Identify","Remediator","constructor","remediation","values","password","authenticators","some","authenticator","type","key","AuthenticatorKey","OKTA_PASSWORD","canRemediate","identifier","getData","mapCredentials","passcode","getInputCredentials","input","form","value","name","required","getValuesAfterProceed","filter"],"mappings":";;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYO,MAAMA,QAAN,SAAuBC,sBAAvB,CAAkC;AAUvCC,EAAAA,WAAW,CAACC,WAAD,EAA8BC,MAA9B,EAAuD;AAChE,UAAMD,WAAN,EAAmBC,MAAnB,EADgE,CAGhE;;AAHgE,+CAL5D;AACJ,oBAAc,CAAC,UAAD,CADV;AAEJ,qBAAe;AAFX,KAK4D;AAIhE,UAAM;AAAEC,MAAAA,QAAF;AAAYC,MAAAA;AAAZ,QAA+B,KAAKF,MAA1C;;AACA,QAAIC,QAAQ,IAAI,CAACC,cAAc,CAACC,IAAf,CAAoBC,aAAa,IAAIA,aAAa,CAACC,IAAd,KAAuB,UAA5D,CAAjB,EAA0F;AACxF,WAAKL,MAAL,GAAc,EACZ,GAAG,KAAKA,MADI;AAEZE,QAAAA,cAAc,EAAE,CACd;AACEG,UAAAA,IAAI,EAAE,UADR;AAEEC,UAAAA,GAAG,EAAEC,wBAAiBC;AAFxB,SADc,EAKd,GAAGN,cALW;AAFJ,OAAd;AAUD;AACF;;AAEDO,EAAAA,YAAY,GAAG;AACb,UAAM;AAAEC,MAAAA;AAAF,QAAiB,KAAKC,OAAL,EAAvB;AACA,WAAO,CAAC,CAACD,UAAT;AACD;;AAEDE,EAAAA,cAAc,GAAG;AACf,WAAO;AAAEC,MAAAA,QAAQ,EAAE,KAAKb,MAAL,CAAYC;AAAxB,KAAP;AACD;;AAEDa,EAAAA,mBAAmB,CAACC,KAAD,EAAQ;AACzB,WAAO,EACL,GAAGA,KAAK,CAACC,IAAN,CAAWC,KAAX,CAAiB,CAAjB,CADE;AAELC,MAAAA,IAAI,EAAE,UAFD;AAGLC,MAAAA,QAAQ,EAAEJ,KAAK,CAACI;AAHX,KAAP;AAKD;;AAEDC,EAAAA,qBAAqB,GAAG;AACtB;AACA;AACA,QAAI,KAAKrB,WAAL,CAAiBkB,KAAjB,CAAuBd,IAAvB,CAA4B,CAAC;AAAEe,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAK,aAAnD,CAAJ,EAAuE;AAAA;;AACrE,YAAMhB,cAAc,4BAAI,KAAKF,MAAL,CAAYE,cAAhB,0DAAG,sBACnBmB,MADmB,CACZjB,aAAa,IAAIA,aAAa,CAACE,GAAd,KAAsBC,wBAAiBC,aAD5C,CAAvB;AAEA,aAAO,EAAE,GAAG,KAAKR,MAAV;AAAkBE,QAAAA;AAAlB,OAAP;AACD;;AAED,WAAO,MAAMkB,qBAAN,EAAP;AACD;;AAxDsC;;;8BAA5BxB,Q,qBACc,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Base/Remediator';\nimport { Authenticator, AuthenticatorKey } from '../types';\nimport { IdxRemediation } from '../types/idx-js';\n\nexport interface IdentifyValues extends RemediationValues {\n  username?: string;\n  password?: string;\n}\n\nexport class Identify extends Remediator {\n  static remediationName = 'identify';\n\n  values: IdentifyValues;\n\n  map = {\n    'identifier': ['username'],\n    'credentials': []\n  };\n\n  constructor(remediation: IdxRemediation, values?: IdentifyValues) {\n    super(remediation, values);\n\n    // add password authenticator to authenticators list if password is provided\n    const { password, authenticators } = this.values;\n    if (password && !authenticators.some(authenticator => authenticator.type === 'password')) {\n      this.values = {\n        ...this.values,\n        authenticators: [\n          { \n            type: 'password',\n            key: AuthenticatorKey.OKTA_PASSWORD\n          }, \n          ...authenticators\n        ] as Authenticator[]\n      };\n    }\n  }\n\n  canRemediate() {\n    const { identifier } = this.getData();\n    return !!identifier;\n  }\n\n  mapCredentials() {\n    return { passcode: this.values.password };\n  }\n\n  getInputCredentials(input) {\n    return {\n      ...input.form.value[0],\n      name: 'password',\n      required: input.required\n    };\n  }\n\n  getValuesAfterProceed() {\n    // Handle username + password scenario\n    // remove \"password\" from authenticator array when remediation is finished\n    if (this.remediation.value.some(({ name }) => name === 'credentials')) {\n      const authenticators = (this.values.authenticators as Authenticator[])\n        ?.filter(authenticator => authenticator.key !== AuthenticatorKey.OKTA_PASSWORD);\n      return { ...this.values, authenticators };\n    }\n\n    return super.getValuesAfterProceed();\n  }\n}\n"],"file":"Identify.js"}
+{"version":3,"sources":["../../../../lib/idx/remediators/Identify.ts"],"names":["Identify","Remediator","constructor","remediation","values","password","authenticators","some","authenticator","type","key","AuthenticatorKey","OKTA_PASSWORD","canRemediate","identifier","getData","mapCredentials","passcode","getInputCredentials","input","form","value","name","required","getValuesAfterProceed","filter"],"mappings":";;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYO,MAAMA,QAAN,SAAuBC,sBAAvB,CAAkC;AAWvCC,EAAAA,WAAW,CAACC,WAAD,EAA8BC,MAA9B,EAAuD;AAChE,UAAMD,WAAN,EAAmBC,MAAnB,EADgE,CAGhE;;AAHgE,+CAN5D;AACJ,oBAAc,CAAC,UAAD,CADV;AAEJ,qBAAe,EAFX;AAGJ,oBAAc,CAAC,YAAD;AAHV,KAM4D;AAIhE,UAAM;AAAEC,MAAAA,QAAF;AAAYC,MAAAA;AAAZ,QAA+B,KAAKF,MAA1C;;AACA,QAAIC,QAAQ,IAAI,CAACC,cAAc,CAACC,IAAf,CAAoBC,aAAa,IAAIA,aAAa,CAACC,IAAd,KAAuB,UAA5D,CAAjB,EAA0F;AACxF,WAAKL,MAAL,GAAc,EACZ,GAAG,KAAKA,MADI;AAEZE,QAAAA,cAAc,EAAE,CACd;AACEG,UAAAA,IAAI,EAAE,UADR;AAEEC,UAAAA,GAAG,EAAEC,wBAAiBC;AAFxB,SADc,EAKd,GAAGN,cALW;AAFJ,OAAd;AAUD;AACF;;AAEDO,EAAAA,YAAY,GAAG;AACb,UAAM;AAAEC,MAAAA;AAAF,QAAiB,KAAKC,OAAL,EAAvB;AACA,WAAO,CAAC,CAACD,UAAT;AACD;;AAEDE,EAAAA,cAAc,GAAG;AACf,WAAO;AAAEC,MAAAA,QAAQ,EAAE,KAAKb,MAAL,CAAYC;AAAxB,KAAP;AACD;;AAEDa,EAAAA,mBAAmB,CAACC,KAAD,EAAQ;AACzB,WAAO,EACL,GAAGA,KAAK,CAACC,IAAN,CAAWC,KAAX,CAAiB,CAAjB,CADE;AAELC,MAAAA,IAAI,EAAE,UAFD;AAGLC,MAAAA,QAAQ,EAAEJ,KAAK,CAACI;AAHX,KAAP;AAKD;;AAEDC,EAAAA,qBAAqB,GAAG;AACtB;AACA;AACA,QAAI,KAAKrB,WAAL,CAAiBkB,KAAjB,CAAuBd,IAAvB,CAA4B,CAAC;AAAEe,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAK,aAAnD,CAAJ,EAAuE;AAAA;;AACrE,YAAMhB,cAAc,4BAAI,KAAKF,MAAL,CAAYE,cAAhB,0DAAG,sBACnBmB,MADmB,CACZjB,aAAa,IAAIA,aAAa,CAACE,GAAd,KAAsBC,wBAAiBC,aAD5C,CAAvB;AAEA,aAAO,EAAE,GAAG,KAAKR,MAAV;AAAkBE,QAAAA;AAAlB,OAAP;AACD;;AAED,WAAO,MAAMkB,qBAAN,EAAP;AACD;;AAzDsC;;;8BAA5BxB,Q,qBACc,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Base/Remediator';\nimport { Authenticator, AuthenticatorKey } from '../types';\nimport { IdxRemediation } from '../types/idx-js';\n\nexport interface IdentifyValues extends RemediationValues {\n  username?: string;\n  password?: string;\n}\n\nexport class Identify extends Remediator {\n  static remediationName = 'identify';\n\n  values: IdentifyValues;\n\n  map = {\n    'identifier': ['username'],\n    'credentials': [],\n    'rememberMe': ['rememberMe'],\n  };\n\n  constructor(remediation: IdxRemediation, values?: IdentifyValues) {\n    super(remediation, values);\n\n    // add password authenticator to authenticators list if password is provided\n    const { password, authenticators } = this.values;\n    if (password && !authenticators.some(authenticator => authenticator.type === 'password')) {\n      this.values = {\n        ...this.values,\n        authenticators: [\n          { \n            type: 'password',\n            key: AuthenticatorKey.OKTA_PASSWORD\n          }, \n          ...authenticators\n        ] as Authenticator[]\n      };\n    }\n  }\n\n  canRemediate() {\n    const { identifier } = this.getData();\n    return !!identifier;\n  }\n\n  mapCredentials() {\n    return { passcode: this.values.password };\n  }\n\n  getInputCredentials(input) {\n    return {\n      ...input.form.value[0],\n      name: 'password',\n      required: input.required\n    };\n  }\n\n  getValuesAfterProceed() {\n    // Handle username + password scenario\n    // remove \"password\" from authenticator array when remediation is finished\n    if (this.remediation.value.some(({ name }) => name === 'credentials')) {\n      const authenticators = (this.values.authenticators as Authenticator[])\n        ?.filter(authenticator => authenticator.key !== AuthenticatorKey.OKTA_PASSWORD);\n      return { ...this.values, authenticators };\n    }\n\n    return super.getValuesAfterProceed();\n  }\n}\n"],"file":"Identify.js"}

package/cjs/idx/run.js

@@ -82,7 +82,7 @@ function getAvailableSteps(remediations) {
   return res;
 }
 
-async function run(authClient, options) {
+async function run(authClient, options = {}) {
   let tokens;
   let nextStep;
   let messages;
@@ -97,21 +97,27 @@ async function run(authClient, options) {
   let metaFromResp;
 
   try {
+    var _metaFromResp;
+
     const {
+      flow,
       stateTokenExternalId,
       state
-    } = options;
+    } = options; // Only one flow can be operating at a time
 
-    if (stateTokenExternalId) {
-      var _metaFromResp;
+    if (flow) {
+      authClient.idx.setFlow(flow);
+    } // Try to resume saved transaction
 
-      // Email verify callback: retrieve saved interactionHandle, if possible
-      metaFromResp = (0, _transactionMeta.getSavedTransactionMeta)(authClient, {
-        state
-      });
-      interactionHandle = (_metaFromResp = metaFromResp) === null || _metaFromResp === void 0 ? void 0 : _metaFromResp.interactionHandle; // may be undefined
-    } else {
-      // Start/resume the flow. Will request a new interactionHandle if none is found in storage.
+
+    metaFromResp = (0, _transactionMeta.getSavedTransactionMeta)(authClient, {
+      state
+    });
+    interactionHandle = (_metaFromResp = metaFromResp) === null || _metaFromResp === void 0 ? void 0 : _metaFromResp.interactionHandle; // may be undefined
+
+    if (!interactionHandle && !stateTokenExternalId) {
+      // start a new transaction
+      authClient.transactionManager.clear();
       const interactResponse = await (0, _interact.interact)(authClient, options);
       interactionHandle = interactResponse.interactionHandle;
       metaFromResp = interactResponse.meta;
@@ -123,7 +129,7 @@ async function run(authClient, options) {
       stateTokenExternalId
     });
 
-    if (!options.flow && !options.actions) {
+    if (!options.remediators && !options.actions) {
       // handle start transaction
       meta = metaFromResp;
       enabledFeatures = getEnabledFeatures(idxResponse);

package/cjs/idx/run.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","getAvailableSteps","remediations","remediatorMap","Object","values","remediators","reduce","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","interactionHandle","metaFromResp","stateTokenExternalId","state","interactResponse","flow","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","transactionManager","saveIdxResponse","TERMINAL","CANCELED","interactionCode","flowMonitor","isFinished","AuthSdkError","clientId","codeVerifier","ignoreSignature","redirectUri","urls","scopes","token","exchangeCodeForTokens","SUCCESS","err","FAILURE","clear","_idxResponse"],"mappings":";;;;AAcA;;AACA;;AACA;;AAEA;;AACA;;AACA;;AASA;;;;;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AA0BA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,SAAOT,GAAP;AACD;;AAED,SAASU,iBAAT,CAA2BC,YAA3B,EAAuE;AACrE,QAAMX,GAAG,GAAG,EAAZ;AAEA,QAAMY,aAAa,GAAGC,MAAM,CAACC,MAAP,CAAcC,WAAd,EAA2BC,MAA3B,CAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBT,YAAxB,EAAsC;AACpC,UAAMU,CAAC,GAAGT,aAAa,CAACQ,WAAW,CAACb,IAAb,CAAvB;;AACA,QAAIc,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACApB,MAAAA,GAAG,CAACG,IAAJ,CAAUmB,UAAU,CAACC,WAAX,EAAV;AACD;AACF;;AAED,SAAOvB,GAAP;AACD;;AAEM,eAAewB,GAAf,CACLC,UADK,EAELC,OAFK,EAGoB;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAItC,WAAJ;AACA,MAAIuC,iBAAJ;AACA,MAAIC,YAAJ;;AAEA,MAAI;AAEF,UAAM;AAAEC,MAAAA,oBAAF;AAAwBC,MAAAA;AAAxB,QAAkCf,OAAxC;;AACA,QAAIc,oBAAJ,EAA0B;AAAA;;AACxB;AACAD,MAAAA,YAAY,GAAG,8CAAwBd,UAAxB,EAAoC;AAAEgB,QAAAA;AAAF,OAApC,CAAf;AACAH,MAAAA,iBAAiB,oBAAGC,YAAH,kDAAG,cAAcD,iBAAlC,CAHwB,CAG6B;AACtD,KAJD,MAIO;AACL;AACA,YAAMI,gBAAgB,GAAG,MAAM,wBAASjB,UAAT,EAAqBC,OAArB,CAA/B;AACAY,MAAAA,iBAAiB,GAAGI,gBAAgB,CAACJ,iBAArC;AACAC,MAAAA,YAAY,GAAGG,gBAAgB,CAACX,IAAhC;AACD,KAZC,CAcF;;;AACAhC,IAAAA,WAAW,GAAG,MAAM,4BAAW0B,UAAX,EAAuB;AAAEa,MAAAA,iBAAF;AAAqBE,MAAAA;AAArB,KAAvB,CAApB;;AAEA,QAAI,CAACd,OAAO,CAACiB,IAAT,IAAiB,CAACjB,OAAO,CAACzB,OAA9B,EAAuC;AACrC;AACA8B,MAAAA,IAAI,GAAGQ,YAAP;AACAP,MAAAA,eAAe,GAAGlC,kBAAkB,CAACC,WAAD,CAApC;AACAkC,MAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAW,CAACG,eAAb,CAAlC;AACD,KALD,MAKO;AACL,YAAMY,MAAqC,GAAG,EAC5C,GAAGY,OADyC;AAE5CkB,QAAAA,WAAW,EAAE7C,WAAW,CAAC8C,WAAZ,CAAwBD;AAFO,OAA9C,CADK,CAML;;AACA,YAAM;AACJ7C,QAAAA,WAAW,EAAE+C,mBADT;AAEJlB,QAAAA,QAAQ,EAAEmB,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJpB,QAAAA,QAAQ,EAAEqB;AALN,UAMF,MAAM,0BAAUnD,WAAV,EAAuBe,MAAvB,EAA+BY,OAA/B,CANV,CAPK,CAeL;;AACAE,MAAAA,QAAQ,GAAGmB,gBAAX;AACAlB,MAAAA,QAAQ,GAAGqB,gBAAX,CAjBK,CAmBL;;AACA,UAAItB,QAAQ,IAAIkB,mBAAhB,EAAqC;AACnCrB,QAAAA,UAAU,CAAC0B,kBAAX,CAA8BC,eAA9B,CAA8CN,mBAAmB,CAACD,WAAlE;AACD;;AAED,UAAIG,QAAJ,EAAc;AACZd,QAAAA,MAAM,GAAGC,iBAAUkB,QAAnB;AACAhB,QAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAAC,UAAIY,QAAJ,EAAc;AACdf,QAAAA,MAAM,GAAGC,iBAAUmB,QAAnB;AACAjB,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,IAAIS,mBAAJ,aAAIA,mBAAJ,eAAIA,mBAAmB,CAAES,eAAzB,EAA0C;AAC/C;AACA;AACA,YAAI,EAAE,MAAM7B,OAAO,CAAC8B,WAAR,CAAoBC,UAApB,EAAR,CAAJ,EAA+C;AAC7C,gBAAM,IAAIC,oBAAJ,CAAiB,mEAAjB,CAAN;AACD;;AAED,cAAM;AACJC,UAAAA,QADI;AAEJC,UAAAA,YAFI;AAGJC,UAAAA,eAHI;AAIJC,UAAAA,WAJI;AAKJC,UAAAA,IALI;AAMJC,UAAAA;AANI,YAOFzB,YAPJ;AAQAZ,QAAAA,MAAM,GAAG,MAAMF,UAAU,CAACwC,KAAX,CAAiBC,qBAAjB,CAAuC;AACpDX,UAAAA,eAAe,EAAET,mBAAmB,CAACS,eADe;AAEpDI,UAAAA,QAFoD;AAGpDC,UAAAA,YAHoD;AAIpDC,UAAAA,eAJoD;AAKpDC,UAAAA,WALoD;AAMpDE,UAAAA;AANoD,SAAvC,EAOZD,IAPY,CAAf;AASA7B,QAAAA,MAAM,GAAGC,iBAAUgC,OAAnB;AACA9B,QAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF,GAhFD,CAgFE,OAAO+B,GAAP,EAAY;AACZtC,IAAAA,KAAK,GAAGsC,GAAR;AACAlC,IAAAA,MAAM,GAAGC,iBAAUkC,OAAnB;AACAhC,IAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAED,MAAIA,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAAC0B,kBAAX,CAA8BmB,KAA9B;AACD;;AAED,SAAO;AACLC,IAAAA,YAAY,EAAExE,WADT;AAELmC,IAAAA,MAFK;AAGL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAHK;AAIL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAJK;AAKL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CALK;AAML,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CARK;AASL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb;AATK,GAAP;AAWD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate } from './remediate';\nimport { FlowMonitor } from './flowMonitors';\nimport * as remediators from './remediators';\nimport { AuthSdkError } from '../errors';\nimport { \n  OktaAuth,\n  IdxOptions,\n  IdxStatus,\n  IdxTransaction,\n  IdxFeature,\n  NextStep,\n} from '../types';\nimport { IdxResponse, IdxRemediation } from './types/idx-js';\nimport { getSavedTransactionMeta } from './transactionMeta';\n\nexport type RemediationFlow = Record<string, typeof remediators.Remediator>;\nexport interface RunOptions {\n  flow?: RemediationFlow;\n  actions?: string[];\n  flowMonitor?: FlowMonitor;\n  stateTokenExternalId?: string;\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n  const res = [];\n  const { actions, neededToProceed } = idxResponse;\n\n  if (actions['currentAuthenticator-recover']) {\n    res.push(IdxFeature.PASSWORD_RECOVERY);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n    res.push(IdxFeature.REGISTRATION);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n    res.push(IdxFeature.SOCIAL_IDP);\n  }\n\n  return res;\n}\n\nfunction getAvailableSteps(remediations: IdxRemediation[]): NextStep[] {\n  const res = [];\n\n  const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n    // Only add concrete subclasses to the map\n    if (remediatorClass.remediationName) {\n      map[remediatorClass.remediationName] = remediatorClass;\n    }\n    return map;\n  }, {});\n\n  for (let remediation of remediations) {\n    const T = remediatorMap[remediation.name];\n    if (T) {\n      const remediator = new T(remediation);\n      res.push (remediator.getNextStep());\n    }\n  }\n\n  return res;\n}\n\nexport async function run(\n  authClient: OktaAuth, \n  options: RunOptions & IdxOptions,\n): Promise<IdxTransaction> {\n  let tokens;\n  let nextStep;\n  let messages;\n  let error;\n  let meta;\n  let enabledFeatures;\n  let availableSteps;\n  let status = IdxStatus.PENDING;\n  let shouldClearTransaction = false;\n  let idxResponse;\n  let interactionHandle;\n  let metaFromResp;\n\n  try {\n\n    const { stateTokenExternalId, state } = options;\n    if (stateTokenExternalId) {\n      // Email verify callback: retrieve saved interactionHandle, if possible\n      metaFromResp = getSavedTransactionMeta(authClient, { state });\n      interactionHandle = metaFromResp?.interactionHandle; // may be undefined\n    } else {\n      // Start/resume the flow. Will request a new interactionHandle if none is found in storage.\n      const interactResponse = await interact(authClient, options); \n      interactionHandle = interactResponse.interactionHandle;\n      metaFromResp = interactResponse.meta;\n    }\n\n    // Introspect to get idx response\n    idxResponse = await introspect(authClient, { interactionHandle, stateTokenExternalId });\n\n    if (!options.flow && !options.actions) {\n      // handle start transaction\n      meta = metaFromResp;\n      enabledFeatures = getEnabledFeatures(idxResponse);\n      availableSteps = getAvailableSteps(idxResponse.neededToProceed);\n    } else {\n      const values: remediators.RemediationValues = { \n        ...options, \n        stateHandle: idxResponse.rawIdxState.stateHandle \n      };\n\n      // Can we handle the remediations?\n      const { \n        idxResponse: idxResponseFromResp, \n        nextStep: nextStepFromResp,\n        terminal,\n        canceled,\n        messages: messagesFromResp,\n      } = await remediate(idxResponse, values, options);\n\n      // Track fields from remediation response\n      nextStep = nextStepFromResp;\n      messages = messagesFromResp;\n\n      // Save intermediate idx response in storage to reduce introspect call\n      if (nextStep && idxResponseFromResp) {\n        authClient.transactionManager.saveIdxResponse(idxResponseFromResp.rawIdxState);\n      }\n\n      if (terminal) {\n        status = IdxStatus.TERMINAL;\n        shouldClearTransaction = true;\n      } if (canceled) {\n        status = IdxStatus.CANCELED;\n        shouldClearTransaction = true;\n      } else if (idxResponseFromResp?.interactionCode) { \n        // Flows may end with interactionCode before the key remediation being hit\n        // Double check if flow is finished to mitigate confusion with the wrapper methods\n        if (!(await options.flowMonitor.isFinished())) {\n          throw new AuthSdkError('Current flow is not supported, check policy settings in your org.');\n        }\n\n        const {\n          clientId,\n          codeVerifier,\n          ignoreSignature,\n          redirectUri,\n          urls,\n          scopes,\n        } = metaFromResp;\n        tokens = await authClient.token.exchangeCodeForTokens({\n          interactionCode: idxResponseFromResp.interactionCode,\n          clientId,\n          codeVerifier,\n          ignoreSignature,\n          redirectUri,\n          scopes\n        }, urls);\n\n        status = IdxStatus.SUCCESS;\n        shouldClearTransaction = true;\n      }\n    }\n  } catch (err) {\n    error = err;\n    status = IdxStatus.FAILURE;\n    shouldClearTransaction = true;\n  }\n\n  if (shouldClearTransaction) {\n    authClient.transactionManager.clear();\n  }\n  \n  return {\n    _idxResponse: idxResponse, \n    status,\n    ...(meta && { meta }),\n    ...(enabledFeatures && { enabledFeatures }),\n    ...(availableSteps && { availableSteps }),\n    ...(tokens && { tokens: tokens.tokens }),\n    ...(nextStep && { nextStep }),\n    ...(messages && { messages }),\n    ...(error && { error }),\n  };\n}\n"],"file":"run.js"}
+{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","getAvailableSteps","remediations","remediatorMap","Object","values","remediators","reduce","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","interactionHandle","metaFromResp","flow","stateTokenExternalId","state","idx","setFlow","transactionManager","clear","interactResponse","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","saveIdxResponse","TERMINAL","CANCELED","interactionCode","flowMonitor","isFinished","AuthSdkError","clientId","codeVerifier","ignoreSignature","redirectUri","urls","scopes","token","exchangeCodeForTokens","SUCCESS","err","FAILURE","_idxResponse"],"mappings":";;;;AAcA;;AACA;;AACA;;AAEA;;AACA;;AACA;;AASA;;;;;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AA0BA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,SAAOT,GAAP;AACD;;AAED,SAASU,iBAAT,CAA2BC,YAA3B,EAAuE;AACrE,QAAMX,GAAG,GAAG,EAAZ;AAEA,QAAMY,aAAa,GAAGC,MAAM,CAACC,MAAP,CAAcC,WAAd,EAA2BC,MAA3B,CAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBT,YAAxB,EAAsC;AACpC,UAAMU,CAAC,GAAGT,aAAa,CAACQ,WAAW,CAACb,IAAb,CAAvB;;AACA,QAAIc,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACApB,MAAAA,GAAG,CAACG,IAAJ,CAAUmB,UAAU,CAACC,WAAX,EAAV;AACD;AACF;;AAED,SAAOvB,GAAP;AACD;;AAEM,eAAewB,GAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAItC,WAAJ;AACA,MAAIuC,iBAAJ;AACA,MAAIC,YAAJ;;AAEA,MAAI;AAAA;;AAEF,UAAM;AAAEC,MAAAA,IAAF;AAAQC,MAAAA,oBAAR;AAA8BC,MAAAA;AAA9B,QAAwChB,OAA9C,CAFE,CAIF;;AACA,QAAIc,IAAJ,EAAU;AACRf,MAAAA,UAAU,CAACkB,GAAX,CAAeC,OAAf,CAAuBJ,IAAvB;AACD,KAPC,CASF;;;AACAD,IAAAA,YAAY,GAAG,8CAAwBd,UAAxB,EAAoC;AAAEiB,MAAAA;AAAF,KAApC,CAAf;AACAJ,IAAAA,iBAAiB,oBAAGC,YAAH,kDAAG,cAAcD,iBAAlC,CAXE,CAWmD;;AAErD,QAAI,CAACA,iBAAD,IAAsB,CAACG,oBAA3B,EAAiD;AAC/C;AACAhB,MAAAA,UAAU,CAACoB,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAAStB,UAAT,EAAqBC,OAArB,CAA/B;AACAY,MAAAA,iBAAiB,GAAGS,gBAAgB,CAACT,iBAArC;AACAC,MAAAA,YAAY,GAAGQ,gBAAgB,CAAChB,IAAhC;AACD,KAnBC,CAqBF;;;AACAhC,IAAAA,WAAW,GAAG,MAAM,4BAAW0B,UAAX,EAAuB;AAAEa,MAAAA,iBAAF;AAAqBG,MAAAA;AAArB,KAAvB,CAApB;;AAEA,QAAI,CAACf,OAAO,CAACX,WAAT,IAAwB,CAACW,OAAO,CAACzB,OAArC,EAA8C;AAC5C;AACA8B,MAAAA,IAAI,GAAGQ,YAAP;AACAP,MAAAA,eAAe,GAAGlC,kBAAkB,CAACC,WAAD,CAApC;AACAkC,MAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAW,CAACG,eAAb,CAAlC;AACD,KALD,MAKO;AACL,YAAMY,MAAqC,GAAG,EAC5C,GAAGY,OADyC;AAE5CsB,QAAAA,WAAW,EAAEjD,WAAW,CAACkD,WAAZ,CAAwBD;AAFO,OAA9C,CADK,CAML;;AACA,YAAM;AACJjD,QAAAA,WAAW,EAAEmD,mBADT;AAEJtB,QAAAA,QAAQ,EAAEuB,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJxB,QAAAA,QAAQ,EAAEyB;AALN,UAMF,MAAM,0BAAUvD,WAAV,EAAuBe,MAAvB,EAA+BY,OAA/B,CANV,CAPK,CAeL;;AACAE,MAAAA,QAAQ,GAAGuB,gBAAX;AACAtB,MAAAA,QAAQ,GAAGyB,gBAAX,CAjBK,CAmBL;;AACA,UAAI1B,QAAQ,IAAIsB,mBAAhB,EAAqC;AACnCzB,QAAAA,UAAU,CAACoB,kBAAX,CAA8BU,eAA9B,CAA8CL,mBAAmB,CAACD,WAAlE;AACD;;AAED,UAAIG,QAAJ,EAAc;AACZlB,QAAAA,MAAM,GAAGC,iBAAUqB,QAAnB;AACAnB,QAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAAC,UAAIgB,QAAJ,EAAc;AACdnB,QAAAA,MAAM,GAAGC,iBAAUsB,QAAnB;AACApB,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,IAAIa,mBAAJ,aAAIA,mBAAJ,eAAIA,mBAAmB,CAAEQ,eAAzB,EAA0C;AAC/C;AACA;AACA,YAAI,EAAE,MAAMhC,OAAO,CAACiC,WAAR,CAAoBC,UAApB,EAAR,CAAJ,EAA+C;AAC7C,gBAAM,IAAIC,oBAAJ,CAAiB,mEAAjB,CAAN;AACD;;AAED,cAAM;AACJC,UAAAA,QADI;AAEJC,UAAAA,YAFI;AAGJC,UAAAA,eAHI;AAIJC,UAAAA,WAJI;AAKJC,UAAAA,IALI;AAMJC,UAAAA;AANI,YAOF5B,YAPJ;AAQAZ,QAAAA,MAAM,GAAG,MAAMF,UAAU,CAAC2C,KAAX,CAAiBC,qBAAjB,CAAuC;AACpDX,UAAAA,eAAe,EAAER,mBAAmB,CAACQ,eADe;AAEpDI,UAAAA,QAFoD;AAGpDC,UAAAA,YAHoD;AAIpDC,UAAAA,eAJoD;AAKpDC,UAAAA,WALoD;AAMpDE,UAAAA;AANoD,SAAvC,EAOZD,IAPY,CAAf;AASAhC,QAAAA,MAAM,GAAGC,iBAAUmC,OAAnB;AACAjC,QAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF,GAvFD,CAuFE,OAAOkC,GAAP,EAAY;AACZzC,IAAAA,KAAK,GAAGyC,GAAR;AACArC,IAAAA,MAAM,GAAGC,iBAAUqC,OAAnB;AACAnC,IAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAED,MAAIA,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAACoB,kBAAX,CAA8BC,KAA9B;AACD;;AAED,SAAO;AACL2B,IAAAA,YAAY,EAAE1E,WADT;AAELmC,IAAAA,MAFK;AAGL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAHK;AAIL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAJK;AAKL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CALK;AAML,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CARK;AASL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb;AATK,GAAP;AAWD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate } from './remediate';\nimport { FlowMonitor, RemediationFlow } from './flow';\nimport * as remediators from './remediators';\nimport { AuthSdkError } from '../errors';\nimport { \n  OktaAuth,\n  IdxStatus,\n  IdxTransaction,\n  IdxFeature,\n  NextStep,\n  FlowIdentifier,\n} from '../types';\nimport { IdxResponse, IdxRemediation } from './types/idx-js';\nimport { getSavedTransactionMeta } from './transactionMeta';\nimport { ProceedOptions  } from './proceed';\n\nexport type RunOptions = ProceedOptions & {\n  flow?: FlowIdentifier;\n  remediators?: RemediationFlow;\n  flowMonitor?: FlowMonitor;\n  actions?: string[];\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n  const res = [];\n  const { actions, neededToProceed } = idxResponse;\n\n  if (actions['currentAuthenticator-recover']) {\n    res.push(IdxFeature.PASSWORD_RECOVERY);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n    res.push(IdxFeature.REGISTRATION);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n    res.push(IdxFeature.SOCIAL_IDP);\n  }\n\n  return res;\n}\n\nfunction getAvailableSteps(remediations: IdxRemediation[]): NextStep[] {\n  const res = [];\n\n  const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n    // Only add concrete subclasses to the map\n    if (remediatorClass.remediationName) {\n      map[remediatorClass.remediationName] = remediatorClass;\n    }\n    return map;\n  }, {});\n\n  for (let remediation of remediations) {\n    const T = remediatorMap[remediation.name];\n    if (T) {\n      const remediator = new T(remediation);\n      res.push (remediator.getNextStep());\n    }\n  }\n\n  return res;\n}\n\nexport async function run(\n  authClient: OktaAuth, \n  options: RunOptions = {},\n): Promise<IdxTransaction> {\n  let tokens;\n  let nextStep;\n  let messages;\n  let error;\n  let meta;\n  let enabledFeatures;\n  let availableSteps;\n  let status = IdxStatus.PENDING;\n  let shouldClearTransaction = false;\n  let idxResponse;\n  let interactionHandle;\n  let metaFromResp;\n\n  try {\n\n    const { flow, stateTokenExternalId, state } = options;\n\n    // Only one flow can be operating at a time\n    if (flow) {\n      authClient.idx.setFlow(flow);\n    }\n\n    // Try to resume saved transaction\n    metaFromResp = getSavedTransactionMeta(authClient, { state });\n    interactionHandle = metaFromResp?.interactionHandle; // may be undefined\n\n    if (!interactionHandle && !stateTokenExternalId) {\n      // start a new transaction\n      authClient.transactionManager.clear();\n      const interactResponse = await interact(authClient, options); \n      interactionHandle = interactResponse.interactionHandle;\n      metaFromResp = interactResponse.meta;\n    }\n\n    // Introspect to get idx response\n    idxResponse = await introspect(authClient, { interactionHandle, stateTokenExternalId });\n\n    if (!options.remediators && !options.actions) {\n      // handle start transaction\n      meta = metaFromResp;\n      enabledFeatures = getEnabledFeatures(idxResponse);\n      availableSteps = getAvailableSteps(idxResponse.neededToProceed);\n    } else {\n      const values: remediators.RemediationValues = { \n        ...options, \n        stateHandle: idxResponse.rawIdxState.stateHandle \n      };\n\n      // Can we handle the remediations?\n      const { \n        idxResponse: idxResponseFromResp, \n        nextStep: nextStepFromResp,\n        terminal,\n        canceled,\n        messages: messagesFromResp,\n      } = await remediate(idxResponse, values, options);\n\n      // Track fields from remediation response\n      nextStep = nextStepFromResp;\n      messages = messagesFromResp;\n\n      // Save intermediate idx response in storage to reduce introspect call\n      if (nextStep && idxResponseFromResp) {\n        authClient.transactionManager.saveIdxResponse(idxResponseFromResp.rawIdxState);\n      }\n\n      if (terminal) {\n        status = IdxStatus.TERMINAL;\n        shouldClearTransaction = true;\n      } if (canceled) {\n        status = IdxStatus.CANCELED;\n        shouldClearTransaction = true;\n      } else if (idxResponseFromResp?.interactionCode) { \n        // Flows may end with interactionCode before the key remediation being hit\n        // Double check if flow is finished to mitigate confusion with the wrapper methods\n        if (!(await options.flowMonitor.isFinished())) {\n          throw new AuthSdkError('Current flow is not supported, check policy settings in your org.');\n        }\n\n        const {\n          clientId,\n          codeVerifier,\n          ignoreSignature,\n          redirectUri,\n          urls,\n          scopes,\n        } = metaFromResp;\n        tokens = await authClient.token.exchangeCodeForTokens({\n          interactionCode: idxResponseFromResp.interactionCode,\n          clientId,\n          codeVerifier,\n          ignoreSignature,\n          redirectUri,\n          scopes\n        }, urls);\n\n        status = IdxStatus.SUCCESS;\n        shouldClearTransaction = true;\n      }\n    }\n  } catch (err) {\n    error = err;\n    status = IdxStatus.FAILURE;\n    shouldClearTransaction = true;\n  }\n\n  if (shouldClearTransaction) {\n    authClient.transactionManager.clear();\n  }\n  \n  return {\n    _idxResponse: idxResponse, \n    status,\n    ...(meta && { meta }),\n    ...(enabledFeatures && { enabledFeatures }),\n    ...(availableSteps && { availableSteps }),\n    ...(tokens && { tokens: tokens.tokens }),\n    ...(nextStep && { nextStep }),\n    ...(messages && { messages }),\n    ...(error && { error }),\n  };\n}\n"],"file":"run.js"}

package/cjs/idx/startTransaction.js

@@ -17,6 +17,8 @@ var _run = require("./run");
  */
 // This method only resolves { status: IdxStatus.PENDING } if transaction has already started
 async function startTransaction(authClient, options = {}) {
+  // Clear IDX response cache and saved transaction meta (if any)
+  authClient.transactionManager.clear();
   return (0, _run.run)(authClient, options);
 }
 //# sourceMappingURL=startTransaction.js.map

package/cjs/idx/startTransaction.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB,SAAO,cAAID,UAAJ,EAAgBC,OAAhB,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { OktaAuth, IdxOptions, IdxTransaction } from '../types';\n\n// This method only resolves { status: IdxStatus.PENDING } if transaction has already started\nexport async function startTransaction(\n  authClient: OktaAuth, \n  options: IdxOptions = {}\n): Promise<IdxTransaction> {\n  return run(authClient, options);\n}\n"],"file":"startTransaction.js"}
+{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB;AACAD,EAAAA,UAAU,CAACE,kBAAX,CAA8BC,KAA9B;AAEA,SAAO,cAAIH,UAAJ,EAAgBC,OAAhB,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { OktaAuth, IdxOptions, IdxTransaction } from '../types';\n\n// This method only resolves { status: IdxStatus.PENDING } if transaction has already started\nexport async function startTransaction(\n  authClient: OktaAuth, \n  options: IdxOptions = {}\n): Promise<IdxTransaction> {\n  // Clear IDX response cache and saved transaction meta (if any)\n  authClient.transactionManager.clear();\n\n  return run(authClient, options);\n}\n"],"file":"startTransaction.js"}

package/cjs/idx/transactionMeta.js

@@ -24,8 +24,43 @@ var _oidc = require("../oidc");
  * See the License for the specific language governing permissions and limitations under the License.
  */
 // Calculate new values
-async function createTransactionMeta(authClient) {
-  return authClient.token.prepareTokenParams();
+async function createTransactionMeta(authClient, options) {
+  const tokenParams = await authClient.token.prepareTokenParams(options);
+  const {
+    pkce,
+    clientId,
+    redirectUri,
+    responseType,
+    responseMode,
+    scopes,
+    state,
+    nonce,
+    ignoreSignature,
+    codeVerifier,
+    codeChallengeMethod,
+    codeChallenge
+  } = tokenParams;
+  const urls = (0, _oidc.getOAuthUrls)(authClient, tokenParams);
+  const flow = authClient.idx.getFlow() || 'default';
+  const issuer = authClient.options.issuer;
+  const meta = {
+    flow,
+    issuer,
+    pkce,
+    clientId,
+    redirectUri,
+    responseType,
+    responseMode,
+    scopes,
+    state,
+    nonce,
+    urls,
+    ignoreSignature,
+    codeVerifier,
+    codeChallengeMethod,
+    codeChallenge
+  };
+  return meta;
 }
 
 function transactionMetaExist(authClient, options) {
@@ -65,43 +100,9 @@ async function getTransactionMeta(authClient, options) {
 
 
     (0, _util.warn)('Saved transaction meta does not match the current configuration. ' + 'This may indicate that two apps are sharing a storage key.');
-  } // Calculate new values
-
+  }
 
-  const tokenParams = await authClient.token.prepareTokenParams();
-  const urls = (0, _oidc.getOAuthUrls)(authClient, tokenParams);
-  const issuer = authClient.options.issuer;
-  const {
-    pkce,
-    clientId,
-    redirectUri,
-    responseType,
-    responseMode,
-    scopes,
-    state,
-    nonce,
-    ignoreSignature,
-    codeVerifier,
-    codeChallengeMethod,
-    codeChallenge
-  } = tokenParams;
-  const meta = {
-    issuer,
-    pkce,
-    clientId,
-    redirectUri,
-    responseType,
-    responseMode,
-    scopes,
-    state,
-    nonce,
-    urls,
-    ignoreSignature,
-    codeVerifier,
-    codeChallengeMethod,
-    codeChallenge
-  };
-  return meta;
+  return createTransactionMeta(authClient, options);
 }
 
 function saveTransactionMeta(authClient, meta) {
@@ -113,13 +114,37 @@ function saveTransactionMeta(authClient, meta) {
 function clearTransactionMeta(authClient) {
   authClient.transactionManager.clear();
 } // returns true if values in meta match current authClient options
+// eslint-disable-next-line complexity
 
 
 function isTransactionMetaValid(authClient, meta) {
+  // First validate against required config
   const keys = ['issuer', 'clientId', 'redirectUri'];
-  const mismatch = keys.find(key => {
-    return authClient.options[key] !== meta[key];
-  });
-  return !mismatch;
+
+  if (keys.some(key => authClient.options[key] !== meta[key])) {
+    return false;
+  } // Validate optional config
+
+
+  const {
+    flow,
+    state
+  } = authClient.options; // If state is specified, it must match meta to be valid
+
+  if (state && state !== meta.state) {
+    return false;
+  } // Specific flows should not share transaction data
+
+
+  const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';
+
+  if (shouldValidateFlow) {
+    if (flow !== meta.flow) {
+      // The flow has changed; abandon the old transaction
+      return false;
+    }
+  }
+
+  return true;
 }
 //# sourceMappingURL=transactionMeta.js.map

package/cjs/idx/transactionMeta.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","token","prepareTokenParams","transactionMetaExist","options","transactionManager","exists","existing","load","isTransactionMetaValid","interactionHandle","getSavedTransactionMeta","state","getTransactionMeta","validExistingMeta","tokenParams","urls","issuer","pkce","clientId","redirectUri","responseType","responseMode","scopes","nonce","ignoreSignature","codeVerifier","codeChallengeMethod","codeChallenge","meta","saveTransactionMeta","save","muteWarning","clearTransactionMeta","clear","keys","mismatch","find","key"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,qBAAf,CAAqCC,UAArC,EAA2D;AAChE,SAAOA,UAAU,CAACC,KAAX,CAAiBC,kBAAjB,EAAP;AACD;;AAEM,SAASC,oBAAT,CAA8BH,UAA9B,EAAoDI,OAApD,EAA+F;AACpG,MAAIJ,UAAU,CAACK,kBAAX,CAA8BC,MAA9B,CAAqCF,OAArC,CAAJ,EAAmD;AACjD,UAAMG,QAAQ,GAAGP,UAAU,CAACK,kBAAX,CAA8BG,IAA9B,CAAmCJ,OAAnC,CAAjB;;AACA,QAAIK,sBAAsB,CAACT,UAAD,EAAaO,QAAb,CAAtB,IAAgDA,QAAQ,CAACG,iBAA7D,EAAgF;AAC9E,aAAO,IAAP;AACD;AACF;;AACD,SAAO,KAAP;AACD,C,CAED;;;AACO,SAASC,uBAAT,CAAiCX,UAAjC,EAAuDI,OAAvD,EAA6G;AAClH,QAAMQ,KAAK,GAAG,CAAAR,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAEQ,KAAT,KAAkBZ,UAAU,CAACI,OAAX,CAAmBQ,KAAnD;AACA,QAAML,QAAQ,GAAGP,UAAU,CAACK,kBAAX,CAA8BG,IAA9B,CAAmC;AAAEI,IAAAA;AAAF,GAAnC,CAAjB;;AACA,MAAIL,QAAQ,IAAIE,sBAAsB,CAACT,UAAD,EAAaO,QAAb,CAAtC,EAA8D;AAC5D,WAAOA,QAAP;AACD;AACF;;AAEM,eAAeM,kBAAf,CACLb,UADK,EAELI,OAFK,EAGwB;AAC7B;AACA,MAAIJ,UAAU,CAACK,kBAAX,CAA8BC,MAA9B,CAAqCF,OAArC,CAAJ,EAAmD;AACjD,UAAMU,iBAAiB,GAAGH,uBAAuB,CAACX,UAAD,EAAaI,OAAb,CAAjD;;AACA,QAAIU,iBAAJ,EAAuB;AACrB,aAAOA,iBAAP;AACD,KAJgD,CAKjD;AACA;AACA;;;AACA,oBAAK,sEACH,4DADF;AAED,GAZ4B,CAc7B;;;AACA,QAAMC,WAAW,GAAG,MAAMf,UAAU,CAACC,KAAX,CAAiBC,kBAAjB,EAA1B;AACA,QAAMc,IAAI,GAAG,wBAAahB,UAAb,EAAyBe,WAAzB,CAAb;AACA,QAAME,MAAM,GAAGjB,UAAU,CAACI,OAAX,CAAmBa,MAAlC;AACA,QAAM;AACJC,IAAAA,IADI;AAEJC,IAAAA,QAFI;AAGJC,IAAAA,WAHI;AAIJC,IAAAA,YAJI;AAKJC,IAAAA,YALI;AAMJC,IAAAA,MANI;AAOJX,IAAAA,KAPI;AAQJY,IAAAA,KARI;AASJC,IAAAA,eATI;AAUJC,IAAAA,YAVI;AAWJC,IAAAA,mBAXI;AAYJC,IAAAA;AAZI,MAaFb,WAbJ;AAcA,QAAMc,IAAI,GAAG;AACXZ,IAAAA,MADW;AAEXC,IAAAA,IAFW;AAGXC,IAAAA,QAHW;AAIXC,IAAAA,WAJW;AAKXC,IAAAA,YALW;AAMXC,IAAAA,YANW;AAOXC,IAAAA,MAPW;AAQXX,IAAAA,KARW;AASXY,IAAAA,KATW;AAUXR,IAAAA,IAVW;AAWXS,IAAAA,eAXW;AAYXC,IAAAA,YAZW;AAaXC,IAAAA,mBAbW;AAcXC,IAAAA;AAdW,GAAb;AAgBA,SAAOC,IAAP;AACD;;AAEM,SAASC,mBAAT,CAA8B9B,UAA9B,EAAoD6B,IAApD,EAA0D;AAC/D7B,EAAAA,UAAU,CAACK,kBAAX,CAA8B0B,IAA9B,CAAmCF,IAAnC,EAAyC;AAAEG,IAAAA,WAAW,EAAE;AAAf,GAAzC;AACD;;AAEM,SAASC,oBAAT,CAA+BjC,UAA/B,EAAqD;AAC1DA,EAAAA,UAAU,CAACK,kBAAX,CAA8B6B,KAA9B;AACD,C,CAED;;;AACO,SAASzB,sBAAT,CAAiCT,UAAjC,EAAuD6B,IAAvD,EAA6D;AAClE,QAAMM,IAAI,GAAG,CAAC,QAAD,EAAW,UAAX,EAAuB,aAAvB,CAAb;AACA,QAAMC,QAAQ,GAAGD,IAAI,CAACE,IAAL,CAAUC,GAAG,IAAI;AAChC,WAAOtC,UAAU,CAACI,OAAX,CAAmBkC,GAAnB,MAA4BT,IAAI,CAACS,GAAD,CAAvC;AACD,GAFgB,CAAjB;AAGA,SAAO,CAACF,QAAR;AACD","sourcesContent":["/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuth, IdxTransactionMeta, TransactionMetaOptions } from '../types';\nimport { warn } from '../util';\nimport { getOAuthUrls } from '../oidc';\n\n// Calculate new values\nexport async function createTransactionMeta(authClient: OktaAuth) {\n  return authClient.token.prepareTokenParams();\n}\n\nexport function transactionMetaExist(authClient: OktaAuth, options?: TransactionMetaOptions): boolean {\n  if (authClient.transactionManager.exists(options)) {\n    const existing = authClient.transactionManager.load(options) as IdxTransactionMeta;\n    if (isTransactionMetaValid(authClient, existing) && existing.interactionHandle) {\n      return true;\n    }\n  }\n  return false;\n}\n\n// Returns the saved transaction meta, if it exists and is valid, or undefined\nexport function getSavedTransactionMeta(authClient: OktaAuth, options?: TransactionMetaOptions): IdxTransactionMeta {\n  const state = options?.state || authClient.options.state;\n  const existing = authClient.transactionManager.load({ state }) as IdxTransactionMeta;\n  if (existing && isTransactionMetaValid(authClient, existing)) {\n    return existing;\n  }\n}\n\nexport async function getTransactionMeta(\n  authClient: OktaAuth,\n  options?: TransactionMetaOptions\n): Promise<IdxTransactionMeta> {\n  // Load existing transaction meta from storage\n  if (authClient.transactionManager.exists(options)) {\n    const validExistingMeta = getSavedTransactionMeta(authClient, options);\n    if (validExistingMeta) {\n      return validExistingMeta;\n    }\n    // existing meta is not valid for this configuration\n    // this is common when changing configuration in local development environment\n    // in a production environment, this may indicate that two apps are sharing a storage key\n    warn('Saved transaction meta does not match the current configuration. ' + \n      'This may indicate that two apps are sharing a storage key.');\n  }\n\n  // Calculate new values\n  const tokenParams = await authClient.token.prepareTokenParams();\n  const urls = getOAuthUrls(authClient, tokenParams);\n  const issuer = authClient.options.issuer;\n  const {\n    pkce,\n    clientId,\n    redirectUri,\n    responseType,\n    responseMode,\n    scopes,\n    state,\n    nonce,\n    ignoreSignature,\n    codeVerifier,\n    codeChallengeMethod,\n    codeChallenge,\n  } = tokenParams;\n  const meta = {\n    issuer,\n    pkce,\n    clientId,\n    redirectUri,\n    responseType,\n    responseMode,\n    scopes,\n    state,\n    nonce,\n    urls,\n    ignoreSignature,\n    codeVerifier,\n    codeChallengeMethod,\n    codeChallenge \n  };\n  return meta;\n}\n\nexport function saveTransactionMeta (authClient: OktaAuth, meta) {\n  authClient.transactionManager.save(meta, { muteWarning: true });\n}\n\nexport function clearTransactionMeta (authClient: OktaAuth) {\n  authClient.transactionManager.clear();\n}\n\n// returns true if values in meta match current authClient options\nexport function isTransactionMetaValid (authClient: OktaAuth, meta) {\n  const keys = ['issuer', 'clientId', 'redirectUri'];\n  const mismatch = keys.find(key => {\n    return authClient.options[key] !== meta[key];\n  });\n  return !mismatch;\n}\n"],"file":"transactionMeta.js"}
+{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","options","tokenParams","token","prepareTokenParams","pkce","clientId","redirectUri","responseType","responseMode","scopes","state","nonce","ignoreSignature","codeVerifier","codeChallengeMethod","codeChallenge","urls","flow","idx","getFlow","issuer","meta","transactionMetaExist","transactionManager","exists","existing","load","isTransactionMetaValid","interactionHandle","getSavedTransactionMeta","getTransactionMeta","validExistingMeta","saveTransactionMeta","save","muteWarning","clearTransactionMeta","clear","keys","some","key","shouldValidateFlow"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,qBAAf,CAAqCC,UAArC,EAA2DC,OAA3D,EAA6F;AAClG,QAAMC,WAAW,GAAG,MAAMF,UAAU,CAACG,KAAX,CAAiBC,kBAAjB,CAAoCH,OAApC,CAA1B;AACA,QAAM;AACJI,IAAAA,IADI;AAEJC,IAAAA,QAFI;AAGJC,IAAAA,WAHI;AAIJC,IAAAA,YAJI;AAKJC,IAAAA,YALI;AAMJC,IAAAA,MANI;AAOJC,IAAAA,KAPI;AAQJC,IAAAA,KARI;AASJC,IAAAA,eATI;AAUJC,IAAAA,YAVI;AAWJC,IAAAA,mBAXI;AAYJC,IAAAA;AAZI,MAaFd,WAbJ;AAcA,QAAMe,IAAI,GAAG,wBAAajB,UAAb,EAAyBE,WAAzB,CAAb;AACA,QAAMgB,IAAI,GAAGlB,UAAU,CAACmB,GAAX,CAAeC,OAAf,MAA4B,SAAzC;AACA,QAAMC,MAAM,GAAGrB,UAAU,CAACC,OAAX,CAAmBoB,MAAlC;AACA,QAAMC,IAAI,GAAG;AACXJ,IAAAA,IADW;AAEXG,IAAAA,MAFW;AAGXhB,IAAAA,IAHW;AAIXC,IAAAA,QAJW;AAKXC,IAAAA,WALW;AAMXC,IAAAA,YANW;AAOXC,IAAAA,YAPW;AAQXC,IAAAA,MARW;AASXC,IAAAA,KATW;AAUXC,IAAAA,KAVW;AAWXK,IAAAA,IAXW;AAYXJ,IAAAA,eAZW;AAaXC,IAAAA,YAbW;AAcXC,IAAAA,mBAdW;AAeXC,IAAAA;AAfW,GAAb;AAiBA,SAAOM,IAAP;AACD;;AAEM,SAASC,oBAAT,CAA8BvB,UAA9B,EAAoDC,OAApD,EAA+F;AACpG,MAAID,UAAU,CAACwB,kBAAX,CAA8BC,MAA9B,CAAqCxB,OAArC,CAAJ,EAAmD;AACjD,UAAMyB,QAAQ,GAAG1B,UAAU,CAACwB,kBAAX,CAA8BG,IAA9B,CAAmC1B,OAAnC,CAAjB;;AACA,QAAI2B,sBAAsB,CAAC5B,UAAD,EAAa0B,QAAb,CAAtB,IAAgDA,QAAQ,CAACG,iBAA7D,EAAgF;AAC9E,aAAO,IAAP;AACD;AACF;;AACD,SAAO,KAAP;AACD,C,CAED;;;AACO,SAASC,uBAAT,CAAiC9B,UAAjC,EAAuDC,OAAvD,EAA6G;AAClH,QAAMU,KAAK,GAAG,CAAAV,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAEU,KAAT,KAAkBX,UAAU,CAACC,OAAX,CAAmBU,KAAnD;AACA,QAAMe,QAAQ,GAAG1B,UAAU,CAACwB,kBAAX,CAA8BG,IAA9B,CAAmC;AAAEhB,IAAAA;AAAF,GAAnC,CAAjB;;AACA,MAAIe,QAAQ,IAAIE,sBAAsB,CAAC5B,UAAD,EAAa0B,QAAb,CAAtC,EAA8D;AAC5D,WAAOA,QAAP;AACD;AACF;;AAEM,eAAeK,kBAAf,CACL/B,UADK,EAELC,OAFK,EAGwB;AAC7B;AACA,MAAID,UAAU,CAACwB,kBAAX,CAA8BC,MAA9B,CAAqCxB,OAArC,CAAJ,EAAmD;AACjD,UAAM+B,iBAAiB,GAAGF,uBAAuB,CAAC9B,UAAD,EAAaC,OAAb,CAAjD;;AACA,QAAI+B,iBAAJ,EAAuB;AACrB,aAAOA,iBAAP;AACD,KAJgD,CAKjD;AACA;AACA;;;AACA,oBAAK,sEACH,4DADF;AAED;;AAED,SAAOjC,qBAAqB,CAACC,UAAD,EAAaC,OAAb,CAA5B;AACD;;AAEM,SAASgC,mBAAT,CAA8BjC,UAA9B,EAAoDsB,IAApD,EAA0D;AAC/DtB,EAAAA,UAAU,CAACwB,kBAAX,CAA8BU,IAA9B,CAAmCZ,IAAnC,EAAyC;AAAEa,IAAAA,WAAW,EAAE;AAAf,GAAzC;AACD;;AAEM,SAASC,oBAAT,CAA+BpC,UAA/B,EAAqD;AAC1DA,EAAAA,UAAU,CAACwB,kBAAX,CAA8Ba,KAA9B;AACD,C,CAED;AACA;;;AACO,SAAST,sBAAT,CAAiC5B,UAAjC,EAAuDsB,IAAvD,EAA6D;AAClE;AACA,QAAMgB,IAAI,GAAG,CAAC,QAAD,EAAW,UAAX,EAAuB,aAAvB,CAAb;;AACA,MAAIA,IAAI,CAACC,IAAL,CAAUC,GAAG,IAAIxC,UAAU,CAACC,OAAX,CAAmBuC,GAAnB,MAA4BlB,IAAI,CAACkB,GAAD,CAAjD,CAAJ,EAA6D;AAC3D,WAAO,KAAP;AACD,GALiE,CAOlE;;;AACA,QAAM;AAAEtB,IAAAA,IAAF;AAAQP,IAAAA;AAAR,MAAkBX,UAAU,CAACC,OAAnC,CARkE,CAUlE;;AACA,MAAIU,KAAK,IAAIA,KAAK,KAAKW,IAAI,CAACX,KAA5B,EAAmC;AACjC,WAAO,KAAP;AACD,GAbiE,CAelE;;;AACA,QAAM8B,kBAAkB,GAAGvB,IAAI,IAAIA,IAAI,KAAK,SAAjB,IAA8BA,IAAI,KAAK,SAAlE;;AACA,MAAIuB,kBAAJ,EAAwB;AACtB,QAAIvB,IAAI,KAAKI,IAAI,CAACJ,IAAlB,EAAwB;AACtB;AACA,aAAO,KAAP;AACD;AACF;;AAED,SAAO,IAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuth, IdxTransactionMeta, TransactionMetaOptions } from '../types';\nimport { warn } from '../util';\nimport { getOAuthUrls } from '../oidc';\n\n// Calculate new values\nexport async function createTransactionMeta(authClient: OktaAuth, options?: TransactionMetaOptions) {\n  const tokenParams = await authClient.token.prepareTokenParams(options);\n  const {\n    pkce,\n    clientId,\n    redirectUri,\n    responseType,\n    responseMode,\n    scopes,\n    state,\n    nonce,\n    ignoreSignature,\n    codeVerifier,\n    codeChallengeMethod,\n    codeChallenge,\n  } = tokenParams;\n  const urls = getOAuthUrls(authClient, tokenParams);\n  const flow = authClient.idx.getFlow() || 'default';\n  const issuer = authClient.options.issuer;\n  const meta = {\n    flow,\n    issuer,\n    pkce,\n    clientId,\n    redirectUri,\n    responseType,\n    responseMode,\n    scopes,\n    state,\n    nonce,\n    urls,\n    ignoreSignature,\n    codeVerifier,\n    codeChallengeMethod,\n    codeChallenge \n  };\n  return meta;\n}\n\nexport function transactionMetaExist(authClient: OktaAuth, options?: TransactionMetaOptions): boolean {\n  if (authClient.transactionManager.exists(options)) {\n    const existing = authClient.transactionManager.load(options) as IdxTransactionMeta;\n    if (isTransactionMetaValid(authClient, existing) && existing.interactionHandle) {\n      return true;\n    }\n  }\n  return false;\n}\n\n// Returns the saved transaction meta, if it exists and is valid, or undefined\nexport function getSavedTransactionMeta(authClient: OktaAuth, options?: TransactionMetaOptions): IdxTransactionMeta {\n  const state = options?.state || authClient.options.state;\n  const existing = authClient.transactionManager.load({ state }) as IdxTransactionMeta;\n  if (existing && isTransactionMetaValid(authClient, existing)) {\n    return existing;\n  }\n}\n\nexport async function getTransactionMeta(\n  authClient: OktaAuth,\n  options?: TransactionMetaOptions\n): Promise<IdxTransactionMeta> {\n  // Load existing transaction meta from storage\n  if (authClient.transactionManager.exists(options)) {\n    const validExistingMeta = getSavedTransactionMeta(authClient, options);\n    if (validExistingMeta) {\n      return validExistingMeta;\n    }\n    // existing meta is not valid for this configuration\n    // this is common when changing configuration in local development environment\n    // in a production environment, this may indicate that two apps are sharing a storage key\n    warn('Saved transaction meta does not match the current configuration. ' + \n      'This may indicate that two apps are sharing a storage key.');\n  }\n\n  return createTransactionMeta(authClient, options);\n}\n\nexport function saveTransactionMeta (authClient: OktaAuth, meta) {\n  authClient.transactionManager.save(meta, { muteWarning: true });\n}\n\nexport function clearTransactionMeta (authClient: OktaAuth) {\n  authClient.transactionManager.clear();\n}\n\n// returns true if values in meta match current authClient options\n// eslint-disable-next-line complexity\nexport function isTransactionMetaValid (authClient: OktaAuth, meta) {\n  // First validate against required config\n  const keys = ['issuer', 'clientId', 'redirectUri'];\n  if (keys.some(key => authClient.options[key] !== meta[key])) {\n    return false;\n  }\n\n  // Validate optional config\n  const { flow, state } = authClient.options;\n  \n  // If state is specified, it must match meta to be valid\n  if (state && state !== meta.state) {\n    return false;\n  }\n\n  // Specific flows should not share transaction data\n  const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';\n  if (shouldValidateFlow) {\n    if (flow !== meta.flow) {\n      // The flow has changed; abandon the old transaction\n      return false;\n    }\n  }\n\n  return true;\n}\n"],"file":"transactionMeta.js"}

package/cjs/idx/types/FlowIdentifier.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=FlowIdentifier.js.map

package/{esm/types/AuthState.js.map → cjs/idx/types/FlowIdentifier.js.map}

@@ -1 +1 @@
-{"version":3,"sources":[],"names":[],"mappings":"","sourcesContent":[],"file":"AuthState.js"}
+{"version":3,"sources":[],"names":[],"mappings":"","sourcesContent":[],"file":"FlowIdentifier.js"}

package/cjs/idx/types/idx-js.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/idx/types/idx-js.ts"],"names":["isRawIdxResponse","obj","version","isIdxResponse","rawIdxState"],"mappings":";;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA;AA2EA;AAaO,SAASA,gBAAT,CAA0BC,GAA1B,EAA2D;AAChE,SAAOA,GAAG,IAAIA,GAAG,CAACC,OAAlB;AACD;;AAmBM,SAASC,aAAT,CAAuBF,GAAvB,EAAqD;AAC1D,SAAOA,GAAG,IAAID,gBAAgB,CAACC,GAAG,CAACG,WAAL,CAA9B;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n// TODO: remove when idx-js provides type information\n\nexport interface IdxAuthenticatorMethod {\n  type: string;\n}\nexport interface IdxAuthenticator {\n  displayName: string;\n  id: string;\n  key: string;\n  methods: IdxAuthenticatorMethod[];\n  type: string;\n  settings?: {\n    complexity?: unknown;\n    age?: unknown;\n  };\n  contextualData?: unknown;\n}\n\nexport interface IdxForm {\n  value: IdxRemediationValue[];\n}\n\nexport interface IdxOption {\n  value: string | { form: IdxForm };\n  label: string;\n  relatesTo?: IdxAuthenticator;\n}\n\nexport interface IdpConfig {\n  id: string;\n  name: string;\n}\n\nexport interface IdxRemediationValue {\n  name: string;\n  type?: string;\n  required?: boolean;\n  secret?: boolean;\n  value?: string;\n  label?: string;\n  form?: IdxForm;\n  options?: IdxOption[];\n  messages?: IdxMessages;\n  minLength?: number;\n  maxLength?: number;\n}\n\nexport interface IdxRemediation {\n  name: string;\n  label?: string;\n  value?: IdxRemediationValue[];\n  relatesTo?: {\n    type?: string;\n    value: IdxAuthenticator;\n  };\n  idp?: IdpConfig;\n  href?: string;\n  method?: string;\n  type?: string;\n}\n\nexport interface IdxMessage {\n  message: string;\n  class: string;\n  i18n: {\n    key: string;\n    params?: unknown[];\n  };\n}\n\nexport interface IdxMessages {\n  type: 'array';\n  value: IdxMessage[];\n}\n\n// JSON response from the server\nexport interface RawIdxResponse {\n  version: string;\n  stateHandle: string;\n  intent?: string;\n  expiresAt?: string;\n  remediation?: {\n    type: 'array';\n    value: IdxRemediation[];\n  };\n  messages?: IdxMessages;\n}\n\nexport function isRawIdxResponse(obj: any): obj is RawIdxResponse {\n  return obj && obj.version;\n}\n\n\nexport interface IdxActions {\n  [key: string]: Function;\n}\n\n// Object returned from idx-js\nexport interface IdxResponse {\n  proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n  neededToProceed: IdxRemediation[];\n  rawIdxState: RawIdxResponse;\n  interactionCode?: string;\n  actions: IdxActions;\n  toPersist: {\n    interactionHandle?: string;\n  };\n}\n\nexport function isIdxResponse(obj: any): obj is IdxResponse {\n  return obj && isRawIdxResponse(obj.rawIdxState);\n}\n"],"file":"idx-js.js"}
+{"version":3,"sources":["../../../../lib/idx/types/idx-js.ts"],"names":["isRawIdxResponse","obj","version","isIdxResponse","rawIdxState"],"mappings":";;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA;AA8EA;AAaO,SAASA,gBAAT,CAA0BC,GAA1B,EAA2D;AAChE,SAAOA,GAAG,IAAIA,GAAG,CAACC,OAAlB;AACD;;AAmBM,SAASC,aAAT,CAAuBF,GAAvB,EAAqD;AAC1D,SAAOA,GAAG,IAAID,gBAAgB,CAACC,GAAG,CAACG,WAAL,CAA9B;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n// TODO: remove when idx-js provides type information\n\nexport interface IdxAuthenticatorMethod {\n  type: string;\n}\nexport interface IdxAuthenticator {\n  displayName: string;\n  id: string;\n  key: string;\n  methods: IdxAuthenticatorMethod[];\n  type: string;\n  settings?: {\n    complexity?: unknown;\n    age?: unknown;\n  };\n  contextualData?: unknown;\n}\n\nexport interface IdxForm {\n  value: IdxRemediationValue[];\n}\n\nexport interface IdxOption {\n  value: string | { form: IdxForm };\n  label: string;\n  relatesTo?: IdxAuthenticator;\n}\n\nexport interface IdpConfig {\n  id: string;\n  name: string;\n}\n\nexport interface IdxRemediationValue {\n  name: string;\n  type?: string;\n  required?: boolean;\n  secret?: boolean;\n  visible?: boolean;\n  mutable?: boolean;\n  value?: string;\n  label?: string;\n  form?: IdxForm;\n  options?: IdxOption[];\n  messages?: IdxMessages;\n  minLength?: number;\n  maxLength?: number;\n}\n\nexport interface IdxRemediation {\n  name: string;\n  label?: string;\n  value?: IdxRemediationValue[];\n  relatesTo?: {\n    type?: string;\n    value: IdxAuthenticator;\n  };\n  idp?: IdpConfig;\n  href?: string;\n  method?: string;\n  type?: string;\n  accepts?: string;\n}\n\nexport interface IdxMessage {\n  message: string;\n  class: string;\n  i18n: {\n    key: string;\n    params?: unknown[];\n  };\n}\n\nexport interface IdxMessages {\n  type: 'array';\n  value: IdxMessage[];\n}\n\n// JSON response from the server\nexport interface RawIdxResponse {\n  version: string;\n  stateHandle: string;\n  intent?: string;\n  expiresAt?: string;\n  remediation?: {\n    type: 'array';\n    value: IdxRemediation[];\n  };\n  messages?: IdxMessages;\n}\n\nexport function isRawIdxResponse(obj: any): obj is RawIdxResponse {\n  return obj && obj.version;\n}\n\n\nexport interface IdxActions {\n  [key: string]: Function;\n}\n\n// Object returned from idx-js\nexport interface IdxResponse {\n  proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n  neededToProceed: IdxRemediation[];\n  rawIdxState: RawIdxResponse;\n  interactionCode?: string;\n  actions: IdxActions;\n  toPersist: {\n    interactionHandle?: string;\n  };\n}\n\nexport function isIdxResponse(obj: any): obj is IdxResponse {\n  return obj && isRawIdxResponse(obj.rawIdxState);\n}\n"],"file":"idx-js.js"}

package/cjs/idx/types/index.js

@@ -1,5 +1,11 @@
 "use strict";
 
+Object.defineProperty(exports, "FlowIdentifier", {
+  enumerable: true,
+  get: function () {
+    return _FlowIdentifier.FlowIdentifier;
+  }
+});
 Object.defineProperty(exports, "IdxMessage", {
   enumerable: true,
   get: function () {
@@ -24,6 +30,12 @@ Object.defineProperty(exports, "PasswordRecoveryOptions", {
     return _recoverPassword.PasswordRecoveryOptions;
   }
 });
+Object.defineProperty(exports, "ProceedOptions", {
+  enumerable: true,
+  get: function () {
+    return _proceed.ProceedOptions;
+  }
+});
 Object.defineProperty(exports, "CancelOptions", {
   enumerable: true,
   get: function () {
@@ -32,6 +44,8 @@ Object.defineProperty(exports, "CancelOptions", {
 });
 exports.IdxFeature = exports.AuthenticatorKey = exports.IdxStatus = void 0;
 
+var _FlowIdentifier = require("./FlowIdentifier");
+
 var _idxJs = require("./idx-js");
 
 var _authenticate = require("../authenticate");
@@ -40,6 +54,8 @@ var _register = require("../register");
 
 var _recoverPassword = require("../recoverPassword");
 
+var _proceed = require("../proceed");
+
 var _cancel = require("../cancel");
 
 /*!