@okta/okta-auth-js 5.9.1 → 6.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (275) hide show
  1. package/CHANGELOG.md +56 -0
  2. package/README.md +16 -3
  3. package/cjs/AuthStateManager.js +2 -1
  4. package/cjs/AuthStateManager.js.map +1 -1
  5. package/cjs/OktaAuth.js +95 -78
  6. package/cjs/OktaAuth.js.map +1 -1
  7. package/cjs/OktaUserAgent.js +2 -2
  8. package/cjs/OktaUserAgent.js.map +1 -1
  9. package/cjs/PromiseQueue.js +6 -1
  10. package/cjs/PromiseQueue.js.map +1 -1
  11. package/cjs/StorageManager.js +3 -1
  12. package/cjs/StorageManager.js.map +1 -1
  13. package/cjs/TokenManager.js +33 -5
  14. package/cjs/TokenManager.js.map +1 -1
  15. package/cjs/TransactionManager.js +17 -4
  16. package/cjs/TransactionManager.js.map +1 -1
  17. package/cjs/browser/browserStorage.js +7 -5
  18. package/cjs/browser/browserStorage.js.map +1 -1
  19. package/cjs/browser/fingerprint.js +3 -1
  20. package/cjs/browser/fingerprint.js.map +1 -1
  21. package/cjs/builderUtil.js +3 -17
  22. package/cjs/builderUtil.js.map +1 -1
  23. package/cjs/crypto/oidcHash.js.map +1 -1
  24. package/cjs/features.js +9 -3
  25. package/cjs/features.js.map +1 -1
  26. package/cjs/fetch/fetchRequest.js +2 -1
  27. package/cjs/fetch/fetchRequest.js.map +1 -1
  28. package/cjs/http/request.js +2 -0
  29. package/cjs/http/request.js.map +1 -1
  30. package/cjs/idx/authenticate.js +8 -5
  31. package/cjs/idx/authenticate.js.map +1 -1
  32. package/cjs/idx/authenticator/Authenticator.js +14 -0
  33. package/cjs/idx/authenticator/Authenticator.js.map +1 -0
  34. package/cjs/idx/authenticator/OktaPassword.js +31 -0
  35. package/cjs/idx/authenticator/OktaPassword.js.map +1 -0
  36. package/cjs/idx/authenticator/OktaVerifyTotp.js +17 -0
  37. package/cjs/idx/authenticator/OktaVerifyTotp.js.map +1 -0
  38. package/cjs/idx/authenticator/SecurityQuestionEnrollment.js +50 -0
  39. package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map +1 -0
  40. package/cjs/idx/authenticator/SecurityQuestionVerification.js +32 -0
  41. package/cjs/idx/authenticator/SecurityQuestionVerification.js.map +1 -0
  42. package/cjs/idx/authenticator/VerificationCodeAuthenticator.js +34 -0
  43. package/cjs/idx/authenticator/VerificationCodeAuthenticator.js.map +1 -0
  44. package/cjs/idx/authenticator/getAuthenticator.js +41 -0
  45. package/cjs/idx/authenticator/getAuthenticator.js.map +1 -0
  46. package/cjs/idx/authenticator/index.js +80 -0
  47. package/cjs/idx/authenticator/index.js.map +1 -0
  48. package/cjs/idx/cancel.js +5 -0
  49. package/cjs/idx/cancel.js.map +1 -1
  50. package/cjs/idx/emailVerify.js +73 -0
  51. package/cjs/idx/emailVerify.js.map +1 -0
  52. package/cjs/idx/flow/AuthenticationFlow.js +4 -1
  53. package/cjs/idx/flow/AuthenticationFlow.js.map +1 -1
  54. package/cjs/idx/flow/FlowSpecification.js +16 -14
  55. package/cjs/idx/flow/FlowSpecification.js.map +1 -1
  56. package/cjs/idx/flow/RegistrationFlow.js +3 -0
  57. package/cjs/idx/flow/RegistrationFlow.js.map +1 -1
  58. package/cjs/idx/flow/index.js +0 -52
  59. package/cjs/idx/flow/index.js.map +1 -1
  60. package/cjs/idx/handleInteractionCodeRedirect.js +1 -0
  61. package/cjs/idx/handleInteractionCodeRedirect.js.map +1 -1
  62. package/cjs/idx/index.js +26 -0
  63. package/cjs/idx/index.js.map +1 -1
  64. package/cjs/idx/interact.js +47 -29
  65. package/cjs/idx/interact.js.map +1 -1
  66. package/cjs/idx/introspect.js +12 -14
  67. package/cjs/idx/introspect.js.map +1 -1
  68. package/cjs/idx/poll.js +59 -0
  69. package/cjs/idx/poll.js.map +1 -0
  70. package/cjs/idx/proceed.js +4 -7
  71. package/cjs/idx/proceed.js.map +1 -1
  72. package/cjs/idx/recoverPassword.js +1 -1
  73. package/cjs/idx/recoverPassword.js.map +1 -1
  74. package/cjs/idx/register.js +16 -14
  75. package/cjs/idx/register.js.map +1 -1
  76. package/cjs/idx/remediate.js +55 -92
  77. package/cjs/idx/remediate.js.map +1 -1
  78. package/cjs/idx/remediators/AuthenticatorEnrollmentData.js +11 -12
  79. package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
  80. package/cjs/idx/remediators/AuthenticatorVerificationData.js +8 -9
  81. package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
  82. package/cjs/idx/remediators/Base/AuthenticatorData.js +48 -35
  83. package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
  84. package/cjs/idx/remediators/Base/Remediator.js +53 -20
  85. package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
  86. package/cjs/idx/remediators/Base/SelectAuthenticator.js +20 -19
  87. package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  88. package/cjs/idx/remediators/Base/VerifyAuthenticator.js +8 -28
  89. package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  90. package/cjs/idx/remediators/ChallengeAuthenticator.js.map +1 -1
  91. package/cjs/idx/remediators/ChallengePoll.js +26 -0
  92. package/cjs/idx/remediators/ChallengePoll.js.map +1 -0
  93. package/cjs/idx/remediators/EnrollAuthenticator.js.map +1 -1
  94. package/cjs/idx/remediators/EnrollPoll.js +55 -0
  95. package/cjs/idx/remediators/EnrollPoll.js.map +1 -0
  96. package/cjs/idx/remediators/EnrollProfile.js +4 -1
  97. package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
  98. package/cjs/idx/remediators/EnrollmentChannelData.js +80 -0
  99. package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -0
  100. package/cjs/idx/remediators/Identify.js +2 -35
  101. package/cjs/idx/remediators/Identify.js.map +1 -1
  102. package/cjs/idx/remediators/ReEnrollAuthenticator.js +1 -0
  103. package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
  104. package/cjs/idx/remediators/ResetAuthenticator.js.map +1 -1
  105. package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js +23 -2
  106. package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
  107. package/cjs/idx/remediators/SelectAuthenticatorEnroll.js.map +1 -1
  108. package/cjs/idx/remediators/SelectEnrollProfile.js.map +1 -1
  109. package/cjs/idx/remediators/SelectEnrollmentChannel.js +74 -0
  110. package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -0
  111. package/cjs/idx/remediators/Skip.js +7 -0
  112. package/cjs/idx/remediators/Skip.js.map +1 -1
  113. package/cjs/idx/remediators/index.js +52 -0
  114. package/cjs/idx/remediators/index.js.map +1 -1
  115. package/cjs/idx/remediators/util.js +7 -2
  116. package/cjs/idx/remediators/util.js.map +1 -1
  117. package/cjs/idx/run.js +110 -52
  118. package/cjs/idx/run.js.map +1 -1
  119. package/cjs/idx/startTransaction.js +4 -2
  120. package/cjs/idx/startTransaction.js.map +1 -1
  121. package/cjs/idx/transactionMeta.js +82 -69
  122. package/cjs/idx/transactionMeta.js.map +1 -1
  123. package/cjs/idx/types/idx-js.js.map +1 -1
  124. package/cjs/idx/types/index.js +21 -4
  125. package/cjs/idx/types/index.js.map +1 -1
  126. package/cjs/index.js +14 -0
  127. package/cjs/index.js.map +1 -1
  128. package/cjs/oidc/endpoints/authorize.js +2 -0
  129. package/cjs/oidc/endpoints/authorize.js.map +1 -1
  130. package/cjs/oidc/endpoints/token.js +1 -0
  131. package/cjs/oidc/endpoints/token.js.map +1 -1
  132. package/cjs/oidc/exchangeCodeForTokens.js +3 -3
  133. package/cjs/oidc/exchangeCodeForTokens.js.map +1 -1
  134. package/cjs/oidc/getToken.js +3 -1
  135. package/cjs/oidc/getToken.js.map +1 -1
  136. package/cjs/oidc/getWithRedirect.js +10 -37
  137. package/cjs/oidc/getWithRedirect.js.map +1 -1
  138. package/cjs/oidc/handleOAuthResponse.js +80 -86
  139. package/cjs/oidc/handleOAuthResponse.js.map +1 -1
  140. package/cjs/oidc/parseFromUrl.js.map +1 -1
  141. package/cjs/oidc/renewToken.js.map +1 -1
  142. package/cjs/oidc/renewTokens.js +1 -1
  143. package/cjs/oidc/renewTokens.js.map +1 -1
  144. package/cjs/oidc/revokeToken.js +28 -29
  145. package/cjs/oidc/revokeToken.js.map +1 -1
  146. package/cjs/oidc/util/index.js +14 -0
  147. package/cjs/oidc/util/index.js.map +1 -1
  148. package/cjs/oidc/util/loginRedirect.js +6 -1
  149. package/cjs/oidc/util/loginRedirect.js.map +1 -1
  150. package/cjs/oidc/util/oauth.js.map +1 -1
  151. package/cjs/oidc/util/oauthMeta.js +36 -0
  152. package/cjs/oidc/util/oauthMeta.js.map +1 -0
  153. package/cjs/oidc/util/pkce.js.map +1 -1
  154. package/cjs/oidc/util/prepareTokenParams.js +57 -36
  155. package/cjs/oidc/util/prepareTokenParams.js.map +1 -1
  156. package/cjs/oidc/util/validateClaims.js +2 -0
  157. package/cjs/oidc/util/validateClaims.js.map +1 -1
  158. package/cjs/oidc/verifyToken.js +2 -1
  159. package/cjs/oidc/verifyToken.js.map +1 -1
  160. package/cjs/options.js +6 -2
  161. package/cjs/options.js.map +1 -1
  162. package/cjs/server/serverStorage.js +1 -1
  163. package/cjs/server/serverStorage.js.map +1 -1
  164. package/cjs/services/TokenService.js +3 -0
  165. package/cjs/services/TokenService.js.map +1 -1
  166. package/cjs/tx/AuthTransaction.js +3 -0
  167. package/cjs/tx/AuthTransaction.js.map +1 -1
  168. package/cjs/tx/TransactionState.js +0 -17
  169. package/cjs/tx/TransactionState.js.map +1 -1
  170. package/cjs/tx/api.js +3 -2
  171. package/cjs/tx/api.js.map +1 -1
  172. package/cjs/types/Token.js.map +1 -1
  173. package/cjs/types/Transaction.js.map +1 -1
  174. package/cjs/util/index.js +0 -13
  175. package/cjs/util/index.js.map +1 -1
  176. package/cjs/util/url.js.map +1 -1
  177. package/dist/okta-auth-js.min.js +1 -1
  178. package/dist/okta-auth-js.min.js.map +1 -1
  179. package/dist/okta-auth-js.umd.js +1 -1
  180. package/dist/okta-auth-js.umd.js.map +1 -1
  181. package/esm/index.js +2603 -1814
  182. package/esm/index.js.map +1 -1
  183. package/lib/AuthStateManager.d.ts +1 -2
  184. package/lib/OktaAuth.d.ts +4 -10
  185. package/lib/StorageManager.d.ts +1 -1
  186. package/lib/TokenManager.d.ts +4 -2
  187. package/lib/TransactionManager.d.ts +3 -2
  188. package/lib/browser/fingerprint.d.ts +1 -1
  189. package/lib/builderUtil.d.ts +1 -2
  190. package/lib/crypto/browser.d.ts +1 -1
  191. package/lib/features.d.ts +1 -1
  192. package/lib/idx/authenticate.d.ts +1 -1
  193. package/lib/idx/authenticator/Authenticator.d.ts +12 -0
  194. package/lib/idx/authenticator/OktaPassword.d.ts +11 -0
  195. package/lib/idx/authenticator/OktaVerifyTotp.d.ts +9 -0
  196. package/lib/idx/authenticator/SecurityQuestionEnrollment.d.ts +28 -0
  197. package/lib/idx/authenticator/SecurityQuestionVerification.d.ts +14 -0
  198. package/lib/idx/authenticator/VerificationCodeAuthenticator.d.ts +10 -0
  199. package/lib/idx/authenticator/getAuthenticator.d.ts +3 -0
  200. package/lib/idx/authenticator/index.d.ts +6 -0
  201. package/lib/idx/cancel.d.ts +1 -1
  202. package/lib/{util → idx}/emailVerify.d.ts +10 -1
  203. package/lib/idx/flow/FlowSpecification.d.ts +1 -2
  204. package/lib/idx/flow/index.d.ts +0 -4
  205. package/lib/idx/index.d.ts +2 -0
  206. package/lib/idx/interact.d.ts +5 -11
  207. package/lib/idx/introspect.d.ts +3 -2
  208. package/lib/idx/{flow/AuthenticationFlowMonitor.d.ts → poll.d.ts} +3 -5
  209. package/lib/idx/proceed.d.ts +4 -1
  210. package/lib/idx/recoverPassword.d.ts +1 -1
  211. package/lib/idx/register.d.ts +1 -1
  212. package/lib/idx/remediate.d.ts +10 -4
  213. package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +12 -8
  214. package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +3 -4
  215. package/lib/idx/remediators/Base/AuthenticatorData.d.ts +13 -8
  216. package/lib/idx/remediators/Base/Remediator.d.ts +9 -6
  217. package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +9 -8
  218. package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +10 -5
  219. package/lib/idx/{flow/RegistrationFlowMonitor.d.ts → remediators/ChallengePoll.d.ts} +3 -3
  220. package/lib/idx/{flow/PasswordRecoveryFlowMonitor.d.ts → remediators/EnrollPoll.d.ts} +12 -4
  221. package/lib/idx/remediators/EnrollProfile.d.ts +1 -1
  222. package/lib/idx/remediators/EnrollmentChannelData.d.ts +53 -0
  223. package/lib/idx/remediators/Identify.d.ts +2 -5
  224. package/lib/idx/remediators/ReEnrollAuthenticator.d.ts +2 -2
  225. package/lib/idx/remediators/RedirectIdp.d.ts +3 -3
  226. package/lib/idx/remediators/SelectAuthenticatorAuthenticate.d.ts +6 -2
  227. package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +39 -0
  228. package/lib/idx/remediators/Skip.d.ts +3 -0
  229. package/lib/idx/remediators/index.d.ts +4 -0
  230. package/lib/idx/remediators/util.d.ts +2 -2
  231. package/lib/idx/run.d.ts +4 -3
  232. package/lib/idx/startTransaction.d.ts +3 -2
  233. package/lib/idx/transactionMeta.d.ts +6 -27
  234. package/lib/idx/types/idx-js.d.ts +57 -2
  235. package/lib/idx/types/index.d.ts +25 -8
  236. package/lib/index.d.ts +1 -0
  237. package/lib/oidc/exchangeCodeForTokens.d.ts +12 -0
  238. package/lib/oidc/getWithRedirect.d.ts +1 -1
  239. package/lib/oidc/handleOAuthResponse.d.ts +1 -1
  240. package/lib/oidc/parseFromUrl.d.ts +1 -1
  241. package/lib/oidc/renewToken.d.ts +1 -1
  242. package/lib/oidc/renewTokens.d.ts +1 -1
  243. package/lib/oidc/util/browser.d.ts +1 -1
  244. package/lib/oidc/util/errors.d.ts +1 -1
  245. package/lib/oidc/util/index.d.ts +1 -0
  246. package/lib/oidc/util/oauth.d.ts +1 -8
  247. package/lib/oidc/util/oauthMeta.d.ts +2 -0
  248. package/lib/oidc/util/prepareTokenParams.d.ts +3 -0
  249. package/lib/server/serverStorage.d.ts +1 -1
  250. package/lib/services/TokenService.d.ts +2 -2
  251. package/lib/tx/AuthTransaction.d.ts +2 -2
  252. package/lib/tx/TransactionState.d.ts +11 -1
  253. package/lib/tx/api.d.ts +6 -6
  254. package/lib/types/OktaAuthOptions.d.ts +6 -6
  255. package/lib/types/Storage.d.ts +3 -3
  256. package/lib/types/Token.d.ts +1 -0
  257. package/lib/types/Transaction.d.ts +11 -0
  258. package/lib/types/UserClaims.d.ts +3 -3
  259. package/lib/types/api.d.ts +31 -17
  260. package/lib/util/console.d.ts +1 -1
  261. package/lib/util/index.d.ts +0 -1
  262. package/lib/util/types.d.ts +1 -1
  263. package/lib/util/url.d.ts +2 -2
  264. package/package.json +6 -8
  265. package/cjs/idx/flow/AuthenticationFlowMonitor.js +0 -45
  266. package/cjs/idx/flow/AuthenticationFlowMonitor.js.map +0 -1
  267. package/cjs/idx/flow/FlowMonitor.js +0 -69
  268. package/cjs/idx/flow/FlowMonitor.js.map +0 -1
  269. package/cjs/idx/flow/PasswordRecoveryFlowMonitor.js +0 -55
  270. package/cjs/idx/flow/PasswordRecoveryFlowMonitor.js.map +0 -1
  271. package/cjs/idx/flow/RegistrationFlowMonitor.js +0 -35
  272. package/cjs/idx/flow/RegistrationFlowMonitor.js.map +0 -1
  273. package/cjs/util/emailVerify.js +0 -28
  274. package/cjs/util/emailVerify.js.map +0 -1
  275. package/lib/idx/flow/FlowMonitor.d.ts +0 -23
package/cjs/TokenManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/TokenManager.ts"],"names":["DEFAULT_OPTIONS","autoRenew","autoRemove","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","syncStorage","_storageEventDelay","EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","defaultState","expireTimeouts","renewPromise","TokenManager","constructor","sdk","options","emitter","AuthSdkError","Object","assign","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","clock","SdkClock","create","state","on","bind","off","start","service","stop","TokenService","getOptions","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","emitRenewed","freshToken","oldToken","emitAdded","emitRemoved","emitError","error","emitEventsForCrossTabsStorageUpdate","newValue","oldValue","oldTokens","getTokensFromStorageValue","newTokens","keys","forEach","newToken","JSON","stringify","clearExpireEventTimeout","clearTimeout","clearExpireEventTimeoutAll","prototype","hasOwnProperty","call","setExpireEventTimeout","expireEventWait","Math","max","expireEventTimeout","setTimeout","setExpireEventTimeoutAll","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","setStorage","getSync","get","getTokensSync","tokens","accessToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","filter","getTokenType","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","reduce","existingToken","remove","removedToken","renewToken","renew","validateToken","e","Promise","reject","renewTokens","then","tokenType","catch","err","name","tokenKey","finally","clear","clearStorage","value","parse","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY"],"mappings":";;;;;;AAYA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAmBA;;AArCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA4BA,MAAMA,eAAe,GAAG;AACtBC,EAAAA,SAAS,EAAE,IADW;AAEtBC,EAAAA,UAAU,EAAE,IAFU;AAGtBC,EAAAA,OAAO,EAAEC,SAHa;AAGF;AACpBC,EAAAA,kBAAkB,EAAE,EAJE;AAKtBC,EAAAA,UAAU,EAAEC,6BALU;AAMtBC,EAAAA,WAAW,EAAE,IANS;AAOtBC,EAAAA,kBAAkB,EAAE;AAPE,CAAxB;AASO,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;;AAMP,SAASC,YAAT,GAA2C;AACzC,SAAO;AACLC,IAAAA,cAAc,EAAE,EADX;AAELC,IAAAA,YAAY,EAAE;AAFT,GAAP;AAID;;AACM,MAAMC,YAAN,CAAoD;AAYzDC,EAAAA,WAAW,CAACC,GAAD,EAAgBC,OAA4B,GAAG,EAA/C,EAAmD;AAC5D,SAAKD,GAAL,GAAWA,GAAX;AACA,SAAKE,OAAL,GAAgBF,GAAD,CAAaE,OAA5B;;AACA,QAAI,CAAC,KAAKA,OAAV,EAAmB;AACjB,YAAM,IAAIC,oBAAJ,CAAiB,mDAAjB,CAAN;AACD;;AAEDF,IAAAA,OAAO,GAAGG,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBzB,eAAlB,EAAmC,sBAAWqB,OAAX,CAAnC,CAAV;;AACA,QAAI,6BAAJ,EAAoB;AAClBA,MAAAA,OAAO,CAACZ,kBAAR,GAA6BY,OAAO,CAACZ,kBAAR,IAA8B,IAA3D;AACD;;AACD,QAAI,CAAC,4BAAL,EAAoB;AAClBY,MAAAA,OAAO,CAAChB,kBAAR,GAA6BL,eAAe,CAACK,kBAA7C;AACD;;AACD,SAAKgB,OAAL,GAAeA,OAAf;AAEA,UAAMK,cAA8B,GAAG,sBAAW;AAChDpB,MAAAA,UAAU,EAAEe,OAAO,CAACf,UAD4B;AAEhDqB,MAAAA,MAAM,EAAEN,OAAO,CAACM;AAFgC,KAAX,CAAvC;;AAIA,QAAI,OAAON,OAAO,CAAClB,OAAf,KAA2B,QAA/B,EAAyC;AACvC;AACAuB,MAAAA,cAAc,CAACE,eAAf,GAAiCP,OAAO,CAAClB,OAAzC;AACD,KAHD,MAGO,IAAIkB,OAAO,CAAClB,OAAZ,EAAqB;AAC1BuB,MAAAA,cAAc,CAACG,WAAf,GAA6BR,OAAO,CAAClB,OAArC;AACD;;AAED,SAAKA,OAAL,GAAeiB,GAAG,CAACU,cAAJ,CAAmBC,eAAnB,CAAmCL,cAAnC,CAAf;AACA,SAAKM,KAAL,GAAaC,eAASC,MAAT,EAAb;AACA,SAAKC,KAAL,GAAapB,YAAY,EAAzB;AAEA,SAAKqB,EAAL,GAAU,KAAKd,OAAL,CAAac,EAAb,CAAgBC,IAAhB,CAAqB,KAAKf,OAA1B,CAAV;AACA,SAAKgB,GAAL,GAAW,KAAKhB,OAAL,CAAagB,GAAb,CAAiBD,IAAjB,CAAsB,KAAKf,OAA3B,CAAX;AACD;;AAEDiB,EAAAA,KAAK,GAAG;AACN,QAAI,KAAKC,OAAT,EAAkB;AAChB,WAAKC,IAAL;AACD;;AACD,SAAKD,OAAL,GAAe,IAAIE,0BAAJ,CAAiB,IAAjB,EAAuB,KAAKC,UAAL,EAAvB,CAAf;AACA,SAAKH,OAAL,CAAaD,KAAb;AACD;;AAEDE,EAAAA,IAAI,GAAG;AACL,QAAI,KAAKD,OAAT,EAAkB;AAChB,WAAKA,OAAL,CAAaC,IAAb;AACA,WAAKD,OAAL,GAAe,IAAf;AACD;AACF;;AAEDG,EAAAA,UAAU,GAAwB;AAChC,WAAO,iBAAM,KAAKtB,OAAX,CAAP;AACD;;AAEDuB,EAAAA,aAAa,CAACC,KAAD,EAAQ;AACnB,QAAIC,UAAU,GAAGD,KAAK,CAACE,SAAN,GAAkB,KAAK1B,OAAL,CAAahB,kBAAhD;AACA,WAAOyC,UAAP;AACD;;AAEDE,EAAAA,UAAU,CAACH,KAAD,EAAQ;AAChB,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,WAAOC,UAAU,IAAI,KAAKd,KAAL,CAAWiB,GAAX,EAArB;AACD;;AAEDC,EAAAA,WAAW,CAACC,GAAD,EAAMN,KAAN,EAAa;AACtB,SAAKvB,OAAL,CAAa8B,IAAb,CAAkB1C,aAAlB,EAAiCyC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDQ,EAAAA,WAAW,CAACF,GAAD,EAAMG,UAAN,EAAkBC,QAAlB,EAA4B;AACrC,SAAKjC,OAAL,CAAa8B,IAAb,CAAkBzC,aAAlB,EAAiCwC,GAAjC,EAAsCG,UAAtC,EAAkDC,QAAlD;AACD;;AAEDC,EAAAA,SAAS,CAACL,GAAD,EAAMN,KAAN,EAAa;AACpB,SAAKvB,OAAL,CAAa8B,IAAb,CAAkBxC,WAAlB,EAA+BuC,GAA/B,EAAoCN,KAApC;AACD;;AAEDY,EAAAA,WAAW,CAACN,GAAD,EAAMN,KAAN,EAAc;AACvB,SAAKvB,OAAL,CAAa8B,IAAb,CAAkBvC,aAAlB,EAAiCsC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDa,EAAAA,SAAS,CAACC,KAAD,EAAQ;AACf,SAAKrC,OAAL,CAAa8B,IAAb,CAAkBtC,WAAlB,EAA+B6C,KAA/B;AACD;;AAEDC,EAAAA,mCAAmC,CAACC,QAAD,EAAWC,QAAX,EAAqB;AACtD,UAAMC,SAAS,GAAG,KAAKC,yBAAL,CAA+BF,QAA/B,CAAlB;AACA,UAAMG,SAAS,GAAG,KAAKD,yBAAL,CAA+BH,QAA/B,CAAlB;AACArC,IAAAA,MAAM,CAAC0C,IAAP,CAAYD,SAAZ,EAAuBE,OAAvB,CAA+BhB,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMiB,QAAQ,GAAGH,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAIkB,IAAI,CAACC,SAAL,CAAef,QAAf,MAA6Bc,IAAI,CAACC,SAAL,CAAeF,QAAf,CAAjC,EAA2D;AACzD,aAAKZ,SAAL,CAAeL,GAAf,EAAoBiB,QAApB;AACD;AACF,KAND;AAOA5C,IAAAA,MAAM,CAAC0C,IAAP,CAAYH,SAAZ,EAAuBI,OAAvB,CAA+BhB,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMiB,QAAQ,GAAGH,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,CAACiB,QAAL,EAAe;AACb,aAAKX,WAAL,CAAiBN,GAAjB,EAAsBI,QAAtB;AACD;AACF,KAND;AAOD;;AAEDgB,EAAAA,uBAAuB,CAACpB,GAAD,EAAM;AAC3BqB,IAAAA,YAAY,CAAC,KAAKrC,KAAL,CAAWnB,cAAX,CAA0BmC,GAA1B,CAAD,CAAZ;AACA,WAAO,KAAKhB,KAAL,CAAWnB,cAAX,CAA0BmC,GAA1B,CAAP,CAF2B,CAI3B;;AACA,SAAKhB,KAAL,CAAWlB,YAAX,GAA0B,IAA1B;AACD;;AAEDwD,EAAAA,0BAA0B,GAAG;AAC3B,QAAIzD,cAAc,GAAG,KAAKmB,KAAL,CAAWnB,cAAhC;;AACA,SAAK,IAAImC,GAAT,IAAgBnC,cAAhB,EAAgC;AAC9B,UAAI,CAACQ,MAAM,CAACkD,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqC5D,cAArC,EAAqDmC,GAArD,CAAL,EAAgE;AAC9D;AACD;;AACD,WAAKoB,uBAAL,CAA6BpB,GAA7B;AACD;AACF;;AAED0B,EAAAA,qBAAqB,CAAC1B,GAAD,EAAMN,KAAN,EAAa;AAChC,QAAI,2BAAeA,KAAf,CAAJ,EAA2B;AACzB;AACD;;AAED,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,QAAIiC,eAAe,GAAGC,IAAI,CAACC,GAAL,CAASlC,UAAU,GAAG,KAAKd,KAAL,CAAWiB,GAAX,EAAtB,EAAwC,CAAxC,IAA6C,IAAnE,CANgC,CAQhC;;AACA,SAAKsB,uBAAL,CAA6BpB,GAA7B;AAEA,QAAI8B,kBAAkB,GAAGC,UAAU,CAAC,MAAM;AACxC,WAAKhC,WAAL,CAAiBC,GAAjB,EAAsBN,KAAtB;AACD,KAFkC,EAEhCiC,eAFgC,CAAnC,CAXgC,CAehC;;AACA,SAAK3C,KAAL,CAAWnB,cAAX,CAA0BmC,GAA1B,IAAiC8B,kBAAjC;AACD;;AAEDE,EAAAA,wBAAwB,GAAG;AACzB,QAAIC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;;AACA,SAAI,IAAIlC,GAAR,IAAeiC,YAAf,EAA6B;AAC3B,UAAI,CAAC5D,MAAM,CAACkD,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCQ,YAArC,EAAmDjC,GAAnD,CAAL,EAA8D;AAC5D;AACD;;AACD,UAAIN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAAxB;AACA,WAAK0B,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACD;AACF,GAjKwD,CAmKzD;;;AACAyC,EAAAA,0BAA0B,GAAG;AAC3B,SAAKb,0BAAL;AACA,SAAKU,wBAAL;AACD;;AAEDI,EAAAA,GAAG,CAACpC,GAAD,EAAMN,KAAN,EAAoB;AACrB,QAAIuC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,8BAAcxC,KAAd;AACAuC,IAAAA,YAAY,CAACjC,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAK1C,OAAL,CAAaqF,UAAb,CAAwBJ,YAAxB;AACA,SAAK5B,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,SAAKgC,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACD;;AAED4C,EAAAA,OAAO,CAACtC,GAAD,EAAM;AACX,QAAIiC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,WAAOD,YAAY,CAACjC,GAAD,CAAnB;AACD;;AAEQ,QAAHuC,GAAG,CAACvC,GAAD,EAAM;AACb,WAAO,KAAKsC,OAAL,CAAatC,GAAb,CAAP;AACD;;AAEDwC,EAAAA,aAAa,GAAW;AACtB,UAAMC,MAAM,GAAG,EAAf;AACA,UAAMR,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAArB;AACA7D,IAAAA,MAAM,CAAC0C,IAAP,CAAYkB,YAAZ,EAA0BjB,OAA1B,CAAkChB,GAAG,IAAI;AACvC,YAAMN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAA1B;;AACA,UAAI,0BAAcN,KAAd,CAAJ,EAA0B;AACxB+C,QAAAA,MAAM,CAACC,WAAP,GAAqBhD,KAArB;AACD,OAFD,MAEO,IAAI,sBAAUA,KAAV,CAAJ,EAAsB;AAC3B+C,QAAAA,MAAM,CAACE,OAAP,GAAiBjD,KAAjB;AACD,OAFM,MAEA,IAAI,2BAAeA,KAAf,CAAJ,EAA2B;AAChC+C,QAAAA,MAAM,CAACG,YAAP,GAAsBlD,KAAtB;AACD;AACF,KATD;AAUA,WAAO+C,MAAP;AACD;;AAEc,QAATI,SAAS,GAAoB;AACjC,WAAO,KAAKL,aAAL,EAAP;AACD;;AAEDM,EAAAA,mBAAmB,CAACC,IAAD,EAA0B;AAC3C,UAAMd,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAArB;AACA,UAAMlC,GAAG,GAAG3B,MAAM,CAAC0C,IAAP,CAAYkB,YAAZ,EAA0Be,MAA1B,CAAiChD,GAAG,IAAI;AAClD,YAAMN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAA1B;AACA,aAAQ,0BAAcN,KAAd,KAAwBqD,IAAI,KAAK,aAAlC,IACD,sBAAUrD,KAAV,KAAoBqD,IAAI,KAAK,SAD5B,IAED,2BAAerD,KAAf,KAAyBqD,IAAI,KAAK,cAFxC;AAGD,KALW,EAKT,CALS,CAAZ;AAMA,WAAO/C,GAAP;AACD;;AAEOiD,EAAAA,YAAY,CAACvD,KAAD,EAA0B;AAC5C,QAAI,0BAAcA,KAAd,CAAJ,EAA0B;AACxB,aAAO,aAAP;AACD;;AACD,QAAI,sBAAUA,KAAV,CAAJ,EAAsB;AACpB,aAAO,SAAP;AACD;;AACD,QAAG,2BAAeA,KAAf,CAAH,EAA0B;AACxB,aAAO,cAAP;AACD;;AACD,UAAM,IAAItB,oBAAJ,CAAiB,oBAAjB,CAAN;AACD;;AAED8E,EAAAA,SAAS,CACPT,MADO,EAEP;AACAU,EAAAA,aAHO,EAIPC,SAJO,EAKPC,cALO,EAMD;AACN,UAAMC,mBAAmB,GAAG,CAACtD,GAAD,EAAMN,KAAN,KAAgB;AAC1C,YAAMqD,IAAI,GAAG,KAAKE,YAAL,CAAkBvD,KAAlB,CAAb;;AACA,UAAIqD,IAAI,KAAK,aAAb,EAA4B;AAC1BI,QAAAA,aAAa,IAAIA,aAAa,CAACnD,GAAD,EAAMN,KAAN,CAA9B;AACD,OAFD,MAEO,IAAIqD,IAAI,KAAK,SAAb,EAAwB;AAC7BK,QAAAA,SAAS,IAAIA,SAAS,CAACpD,GAAD,EAAMN,KAAN,CAAtB;AACD,OAFM,MAEA,IAAIqD,IAAI,KAAK,cAAb,EAA6B;AAClCM,QAAAA,cAAc,IAAIA,cAAc,CAACrD,GAAD,EAAMN,KAAN,CAAhC;AACD;AACF,KATD;;AAUA,UAAM6D,WAAW,GAAG,CAACvD,GAAD,EAAMN,KAAN,KAAgB;AAClC,WAAKW,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,WAAKgC,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAKA,UAAM8D,aAAa,GAAG,CAACxD,GAAD,EAAMN,KAAN,EAAaU,QAAb,KAA0B;AAC9C,WAAKF,WAAL,CAAiBF,GAAjB,EAAsBN,KAAtB,EAA6BU,QAA7B;AACA,WAAKgB,uBAAL,CAA6BpB,GAA7B;AACA,WAAK0B,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KALD;;AAMA,UAAM+D,aAAa,GAAG,CAACzD,GAAD,EAAMN,KAAN,KAAgB;AACpC,WAAK0B,uBAAL,CAA6BpB,GAA7B;AACA,WAAKM,WAAL,CAAiBN,GAAjB,EAAsBN,KAAtB;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAMA,UAAMgE,KAAkB,GAAG,CAAC,SAAD,EAAY,aAAZ,EAA2B,cAA3B,CAA3B;AACA,UAAMC,cAAc,GAAG,KAAKnB,aAAL,EAAvB,CA7BM,CA+BN;;AACAkB,IAAAA,KAAK,CAAC1C,OAAN,CAAe+B,IAAD,IAAU;AACtB,YAAMrD,KAAK,GAAG+C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIrD,KAAJ,EAAW;AACT,kCAAcA,KAAd,EAAqBqD,IAArB;AACD;AACF,KALD,EAhCM,CAuCN;;AACA,UAAM/F,OAAO,GAAG0G,KAAK,CAACE,MAAN,CAAa,CAAC5G,OAAD,EAAU+F,IAAV,KAAmB;AAC9C,YAAMrD,KAAK,GAAG+C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIrD,KAAJ,EAAW;AACT,cAAMvC,UAAU,GAAG,KAAK2F,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;AACA/F,QAAAA,OAAO,CAACG,UAAD,CAAP,GAAsBuC,KAAtB;AACD;;AACD,aAAO1C,OAAP;AACD,KAPe,EAOb,EAPa,CAAhB;AAQA,SAAKA,OAAL,CAAaqF,UAAb,CAAwBrF,OAAxB,EAhDM,CAkDN;;AACA0G,IAAAA,KAAK,CAAC1C,OAAN,CAAc+B,IAAI,IAAI;AACpB,YAAM9B,QAAQ,GAAGwB,MAAM,CAACM,IAAD,CAAvB;AACA,YAAMc,aAAa,GAAGF,cAAc,CAACZ,IAAD,CAApC;AACA,YAAM5F,UAAU,GAAG,KAAK2F,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;;AACA,UAAI9B,QAAQ,IAAI4C,aAAhB,EAA+B;AAAE;AAC/B;AACAJ,QAAAA,aAAa,CAACtG,UAAD,EAAa0G,aAAb,CAAb;AACAN,QAAAA,WAAW,CAACpG,UAAD,EAAa8D,QAAb,CAAX;AACAuC,QAAAA,aAAa,CAACrG,UAAD,EAAa8D,QAAb,EAAuB4C,aAAvB,CAAb;AACD,OALD,MAKO,IAAI5C,QAAJ,EAAc;AAAE;AACrBsC,QAAAA,WAAW,CAACpG,UAAD,EAAa8D,QAAb,CAAX;AACD,OAFM,MAEA,IAAI4C,aAAJ,EAAmB;AAAE;AAC1BJ,QAAAA,aAAa,CAACtG,UAAD,EAAa0G,aAAb,CAAb;AACD;AACF,KAdD;AAeD;;AAEDC,EAAAA,MAAM,CAAC9D,GAAD,EAAM;AACV;AACA,SAAKoB,uBAAL,CAA6BpB,GAA7B;AAEA,QAAIiC,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,QAAI6B,YAAY,GAAG9B,YAAY,CAACjC,GAAD,CAA/B;AACA,WAAOiC,YAAY,CAACjC,GAAD,CAAnB;AACA,SAAKhD,OAAL,CAAaqF,UAAb,CAAwBJ,YAAxB;AAEA,SAAK3B,WAAL,CAAiBN,GAAjB,EAAsB+D,YAAtB;AACD,GA3TwD,CA6TzD;;;AACgB,QAAVC,UAAU,CAACtE,KAAD,EAAQ;AACtB,WAAO,KAAKzB,GAAL,CAASyB,KAAT,CAAeuE,KAAf,CAAqBvE,KAArB,CAAP;AACD,GAhUwD,CAiUzD;;;AACAwE,EAAAA,aAAa,CAACxE,KAAD,EAAe;AAC1B,WAAO,0BAAcA,KAAd,CAAP;AACD,GApUwD,CAsUzD;;;AACAuE,EAAAA,KAAK,CAACjE,GAAD,EAAsB;AACzB;AACA,QAAI,KAAKhB,KAAL,CAAWlB,YAAf,EAA6B;AAC3B,aAAO,KAAKkB,KAAL,CAAWlB,YAAlB;AACD;;AAED,QAAI;AACF,UAAI4B,KAAK,GAAG,KAAK4C,OAAL,CAAatC,GAAb,CAAZ;;AACA,UAAI,CAACN,KAAL,EAAY;AACV,cAAM,IAAItB,oBAAJ,CAAiB,gDAAgD4B,GAAjE,CAAN;AACD;AACF,KALD,CAKE,OAAOmE,CAAP,EAAU;AACV,aAAOC,OAAO,CAACC,MAAR,CAAeF,CAAf,CAAP;AACD,KAbwB,CAezB;;;AACA,SAAK/C,uBAAL,CAA6BpB,GAA7B,EAhByB,CAkBzB;AACA;;AACA,SAAKhB,KAAL,CAAWlB,YAAX,GAA0B,KAAKG,GAAL,CAASyB,KAAT,CAAe4E,WAAf,GACvBC,IADuB,CAClB9B,MAAM,IAAI;AACd,WAAKS,SAAL,CAAeT,MAAf,EADc,CAGd;;AACA,YAAM+B,SAAS,GAAG,KAAKvB,YAAL,CAAkBvD,KAAlB,CAAlB;AACA,aAAO+C,MAAM,CAAC+B,SAAD,CAAb;AACD,KAPuB,EAQvBC,KARuB,CAQjBC,GAAG,IAAI;AACZ;AACA,UAAI,gCAAoBA,GAApB,KAA4BA,GAAG,CAACC,IAAJ,KAAa,YAAzC,IAAyDD,GAAG,CAACC,IAAJ,KAAa,cAA1E,EAA0F;AACxF;AACA,aAAKb,MAAL,CAAY9D,GAAZ;AAEA0E,QAAAA,GAAG,CAACE,QAAJ,GAAe5E,GAAf;AACA,aAAKO,SAAL,CAAemE,GAAf;AACD;;AACD,YAAMA,GAAN;AACD,KAlBuB,EAmBvBG,OAnBuB,CAmBf,MAAM;AACb;AACA,WAAK7F,KAAL,CAAWlB,YAAX,GAA0B,IAA1B;AACD,KAtBuB,CAA1B;AAwBA,WAAO,KAAKkB,KAAL,CAAWlB,YAAlB;AACD;;AAEDgH,EAAAA,KAAK,GAAG;AACN,SAAKxD,0BAAL;AACA,SAAKtE,OAAL,CAAa+H,YAAb;AACD;;AAEDlE,EAAAA,yBAAyB,CAACmE,KAAD,EAAQ;AAC/B,QAAIvC,MAAJ;;AACA,QAAI;AACFA,MAAAA,MAAM,GAAGvB,IAAI,CAAC+D,KAAL,CAAWD,KAAX,KAAqB,EAA9B;AACD,KAFD,CAEE,OAAOb,CAAP,EAAU;AACV1B,MAAAA,MAAM,GAAG,EAAT;AACD;;AACD,WAAOA,MAAP;AACD;;AAEDyC,EAAAA,kBAAkB,CAACxF,KAAD,EAAsB;AACtC,UAAMM,GAAG,GAAG,KAAK8C,mBAAL,CAAyB,cAAzB,KAA4CqC,oCAAxD,CADsC,CAGtC;;;AACA,QAAIlD,YAAY,GAAG,KAAKjF,OAAL,CAAakF,UAAb,EAAnB;AACA,8BAAcxC,KAAd;AACAuC,IAAAA,YAAY,CAACjC,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAK1C,OAAL,CAAaqF,UAAb,CAAwBJ,YAAxB;AACD;;AA7YwD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from './util';\nimport { AuthSdkError } from './errors';\nimport { isRefreshTokenError, validateToken } from './oidc/util';\nimport { isLocalhost, isIE11OrLess } from './features';\nimport { TOKEN_STORAGE_NAME } from './constants';\nimport SdkClock from './clock';\nimport {\n EventEmitter,\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n StorageOptions,\n StorageType,\n OktaAuth,\n StorageProvider,\n TokenManagerErrorEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY } from './constants';\nimport { TokenService } from './services/TokenService';\n\nconst DEFAULT_OPTIONS = {\n autoRenew: true,\n autoRemove: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME,\n syncStorage: true,\n _storageEventDelay: 0\n};\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token>;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuth;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n private service: TokenService;\n\n on: (event: string, handler: TokenManagerErrorEventHandler | TokenManagerEventHandler, context?: object) => void;\n off: (event: string, handler?: TokenManagerErrorEventHandler | TokenManagerEventHandler) => void;\n\n constructor(sdk: OktaAuth, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n\n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (isIE11OrLess()) {\n options._storageEventDelay = options._storageEventDelay || 1000;\n }\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage(storageOptions);\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n\n this.on = this.emitter.on.bind(this.emitter);\n this.off = this.emitter.off.bind(this.emitter);\n }\n\n start() {\n if (this.service) {\n this.stop();\n }\n this.service = new TokenService(this, this.getOptions());\n this.service.start();\n }\n \n stop() {\n if (this.service) {\n this.service.stop();\n this.service = null;\n }\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n var expireTime = token.expiresAt - this.options.expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n emitEventsForCrossTabsStorageUpdate(newValue, oldValue) {\n const oldTokens = this.getTokensFromStorageValue(oldValue);\n const newTokens = this.getTokensFromStorageValue(newValue);\n Object.keys(newTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (JSON.stringify(oldToken) !== JSON.stringify(newToken)) {\n this.emitAdded(key, newToken);\n }\n });\n Object.keys(oldTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (!newToken) {\n this.emitRemoved(key, oldToken);\n }\n });\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key) {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key) {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: Function, \n idTokenCb?: Function,\n refreshTokenCb?: Function\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n \n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n \n try {\n var token = this.getSync(key);\n if (!token) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n } catch (e) {\n return Promise.reject(e);\n }\n \n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token and emit error\n if (isRefreshTokenError(err) || err.name === 'OAuthError' || err.name === 'AuthSdkError') {\n // remove token from storage\n this.remove(key);\n \n err.tokenKey = key;\n this.emitError(err);\n }\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return this.state.renewPromise;\n }\n \n clear() {\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n }\n \n getTokensFromStorageValue(value) {\n let tokens;\n try {\n tokens = JSON.parse(value) || {};\n } catch (e) {\n tokens = {};\n }\n return tokens;\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n }\n \n}\n"],"file":"TokenManager.js"}
1
+ {"version":3,"sources":["../../lib/TokenManager.ts"],"names":["DEFAULT_OPTIONS","autoRenew","autoRemove","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","syncStorage","_storageEventDelay","EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","defaultState","expireTimeouts","renewPromise","TokenManager","constructor","sdk","options","emitter","AuthSdkError","service","Object","assign","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","useSeparateCookies","clock","SdkClock","create","state","on","bind","off","start","stop","TokenService","getOptions","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","emitRenewed","freshToken","oldToken","emitAdded","emitRemoved","emitError","error","emitEventsForCrossTabsStorageUpdate","newValue","oldValue","oldTokens","getTokensFromStorageValue","newTokens","keys","forEach","newToken","JSON","stringify","clearExpireEventTimeout","clearTimeout","clearExpireEventTimeoutAll","prototype","hasOwnProperty","call","setExpireEventTimeout","expireEventWait","Math","max","expireEventTimeout","setTimeout","setExpireEventTimeoutAll","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","setStorage","getSync","get","getTokensSync","tokens","accessToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","filter","getTokenType","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","reduce","existingToken","remove","removedToken","renewToken","renew","validateToken","e","Promise","reject","renewTokens","then","tokenType","catch","err","name","tokenKey","finally","clear","clearStorage","pendingRemove","value","parse","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","addPendingRemoveFlags"],"mappings":";;;;;;AAYA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAmBA;;AArCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA4BA,MAAMA,eAAe,GAAG;AACtBC,EAAAA,SAAS,EAAE,IADW;AAEtBC,EAAAA,UAAU,EAAE,IAFU;AAGtBC,EAAAA,wBAAwB,EAAE,IAHJ;AAItBC,EAAAA,OAAO,EAAEC,SAJa;AAIF;AACpBC,EAAAA,kBAAkB,EAAE,EALE;AAMtBC,EAAAA,UAAU,EAAEC,6BANU;AAOtBC,EAAAA,WAAW,EAAE,IAPS;AAQtBC,EAAAA,kBAAkB,EAAE;AARE,CAAxB;AAUO,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;;AAMP,SAASC,YAAT,GAA2C;AACzC,SAAO;AACLC,IAAAA,cAAc,EAAE,EADX;AAELC,IAAAA,YAAY,EAAE;AAFT,GAAP;AAID;;AACM,MAAMC,YAAN,CAAoD;AAYzDC,EAAAA,WAAW,CAACC,GAAD,EAAgBC,OAA4B,GAAG,EAA/C,EAAmD;AAC5D,SAAKD,GAAL,GAAWA,GAAX;AACA,SAAKE,OAAL,GAAgBF,GAAD,CAAaE,OAA5B;;AACA,QAAI,CAAC,KAAKA,OAAV,EAAmB;AACjB,YAAM,IAAIC,oBAAJ,CAAiB,mDAAjB,CAAN;AACD;;AACD,SAAKC,OAAL,GAAe,IAAf;AAEAH,IAAAA,OAAO,GAAGI,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB3B,eAAlB,EAAmC,sBAAWsB,OAAX,CAAnC,CAAV;;AACA,QAAI,6BAAJ,EAAoB;AAClBA,MAAAA,OAAO,CAACZ,kBAAR,GAA6BY,OAAO,CAACZ,kBAAR,IAA8B,IAA3D;AACD;;AACD,QAAI,CAAC,4BAAL,EAAoB;AAClBY,MAAAA,OAAO,CAAChB,kBAAR,GAA6BN,eAAe,CAACM,kBAA7C;AACD;;AACD,SAAKgB,OAAL,GAAeA,OAAf;AAEA,UAAMM,cAA8B,GAAG,sBAAW;AAChDrB,MAAAA,UAAU,EAAEe,OAAO,CAACf,UAD4B;AAEhDsB,MAAAA,MAAM,EAAEP,OAAO,CAACO;AAFgC,KAAX,CAAvC;;AAIA,QAAI,OAAOP,OAAO,CAAClB,OAAf,KAA2B,QAA/B,EAAyC;AACvC;AACAwB,MAAAA,cAAc,CAACE,eAAf,GAAiCR,OAAO,CAAClB,OAAzC;AACD,KAHD,MAGO,IAAIkB,OAAO,CAAClB,OAAZ,EAAqB;AAC1BwB,MAAAA,cAAc,CAACG,WAAf,GAA6BT,OAAO,CAAClB,OAArC;AACD;;AAED,SAAKA,OAAL,GAAeiB,GAAG,CAACW,cAAJ,CAAmBC,eAAnB,CAAmC,EAAC,GAAGL,cAAJ;AAAoBM,MAAAA,kBAAkB,EAAE;AAAxC,KAAnC,CAAf;AACA,SAAKC,KAAL,GAAaC,eAASC,MAAT,EAAb;AACA,SAAKC,KAAL,GAAatB,YAAY,EAAzB;AAEA,SAAKuB,EAAL,GAAU,KAAKhB,OAAL,CAAagB,EAAb,CAAgBC,IAAhB,CAAqB,KAAKjB,OAA1B,CAAV;AACA,SAAKkB,GAAL,GAAW,KAAKlB,OAAL,CAAakB,GAAb,CAAiBD,IAAjB,CAAsB,KAAKjB,OAA3B,CAAX;AACD;;AAEDmB,EAAAA,KAAK,GAAG;AACN,QAAI,KAAKjB,OAAT,EAAkB;AAChB,WAAKkB,IAAL;AACD;;AACD,QAAI,KAAKrB,OAAL,CAAanB,wBAAjB,EAA2C;AACzC,WAAKA,wBAAL;AACD;;AACD,SAAKsB,OAAL,GAAe,IAAImB,0BAAJ,CAAiB,IAAjB,EAAuB,KAAKC,UAAL,EAAvB,CAAf;AACA,SAAKpB,OAAL,CAAaiB,KAAb;AACD;;AAEDC,EAAAA,IAAI,GAAG;AACL,QAAI,KAAKlB,OAAT,EAAkB;AAChB,WAAKA,OAAL,CAAakB,IAAb;AACA,WAAKlB,OAAL,GAAe,IAAf;AACD;AACF;;AAEDoB,EAAAA,UAAU,GAAwB;AAChC,WAAO,iBAAM,KAAKvB,OAAX,CAAP;AACD;;AAEDwB,EAAAA,aAAa,CAACC,KAAD,EAAQ;AACnB,UAAMzC,kBAAkB,GAAG,KAAKgB,OAAL,CAAahB,kBAAb,IAAmC,CAA9D;AACA,QAAI0C,UAAU,GAAGD,KAAK,CAACE,SAAN,GAAkB3C,kBAAnC;AACA,WAAO0C,UAAP;AACD;;AAEDE,EAAAA,UAAU,CAACH,KAAD,EAAQ;AAChB,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,WAAOC,UAAU,IAAI,KAAKb,KAAL,CAAWgB,GAAX,EAArB;AACD;;AAEDC,EAAAA,WAAW,CAACC,GAAD,EAAMN,KAAN,EAAa;AACtB,SAAKxB,OAAL,CAAa+B,IAAb,CAAkB3C,aAAlB,EAAiC0C,GAAjC,EAAsCN,KAAtC;AACD;;AAEDQ,EAAAA,WAAW,CAACF,GAAD,EAAMG,UAAN,EAAkBC,QAAlB,EAA4B;AACrC,SAAKlC,OAAL,CAAa+B,IAAb,CAAkB1C,aAAlB,EAAiCyC,GAAjC,EAAsCG,UAAtC,EAAkDC,QAAlD;AACD;;AAEDC,EAAAA,SAAS,CAACL,GAAD,EAAMN,KAAN,EAAa;AACpB,SAAKxB,OAAL,CAAa+B,IAAb,CAAkBzC,WAAlB,EAA+BwC,GAA/B,EAAoCN,KAApC;AACD;;AAEDY,EAAAA,WAAW,CAACN,GAAD,EAAMN,KAAN,EAAc;AACvB,SAAKxB,OAAL,CAAa+B,IAAb,CAAkBxC,aAAlB,EAAiCuC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDa,EAAAA,SAAS,CAACC,KAAD,EAAQ;AACf,SAAKtC,OAAL,CAAa+B,IAAb,CAAkBvC,WAAlB,EAA+B8C,KAA/B;AACD;;AAEDC,EAAAA,mCAAmC,CAACC,QAAD,EAAWC,QAAX,EAAqB;AACtD,UAAMC,SAAS,GAAG,KAAKC,yBAAL,CAA+BF,QAA/B,CAAlB;AACA,UAAMG,SAAS,GAAG,KAAKD,yBAAL,CAA+BH,QAA/B,CAAlB;AACArC,IAAAA,MAAM,CAAC0C,IAAP,CAAYD,SAAZ,EAAuBE,OAAvB,CAA+BhB,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMiB,QAAQ,GAAGH,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAIkB,IAAI,CAACC,SAAL,CAAef,QAAf,MAA6Bc,IAAI,CAACC,SAAL,CAAeF,QAAf,CAAjC,EAA2D;AACzD,aAAKZ,SAAL,CAAeL,GAAf,EAAoBiB,QAApB;AACD;AACF,KAND;AAOA5C,IAAAA,MAAM,CAAC0C,IAAP,CAAYH,SAAZ,EAAuBI,OAAvB,CAA+BhB,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMiB,QAAQ,GAAGH,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,CAACiB,QAAL,EAAe;AACb,aAAKX,WAAL,CAAiBN,GAAjB,EAAsBI,QAAtB;AACD;AACF,KAND;AAOD;;AAEDgB,EAAAA,uBAAuB,CAACpB,GAAD,EAAM;AAC3BqB,IAAAA,YAAY,CAAC,KAAKpC,KAAL,CAAWrB,cAAX,CAA0BoC,GAA1B,CAAD,CAAZ;AACA,WAAO,KAAKf,KAAL,CAAWrB,cAAX,CAA0BoC,GAA1B,CAAP,CAF2B,CAI3B;;AACA,SAAKf,KAAL,CAAWpB,YAAX,GAA0B,IAA1B;AACD;;AAEDyD,EAAAA,0BAA0B,GAAG;AAC3B,QAAI1D,cAAc,GAAG,KAAKqB,KAAL,CAAWrB,cAAhC;;AACA,SAAK,IAAIoC,GAAT,IAAgBpC,cAAhB,EAAgC;AAC9B,UAAI,CAACS,MAAM,CAACkD,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqC7D,cAArC,EAAqDoC,GAArD,CAAL,EAAgE;AAC9D;AACD;;AACD,WAAKoB,uBAAL,CAA6BpB,GAA7B;AACD;AACF;;AAED0B,EAAAA,qBAAqB,CAAC1B,GAAD,EAAMN,KAAN,EAAa;AAChC,QAAI,2BAAeA,KAAf,CAAJ,EAA2B;AACzB;AACD;;AAED,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,QAAIiC,eAAe,GAAGC,IAAI,CAACC,GAAL,CAASlC,UAAU,GAAG,KAAKb,KAAL,CAAWgB,GAAX,EAAtB,EAAwC,CAAxC,IAA6C,IAAnE,CANgC,CAQhC;;AACA,SAAKsB,uBAAL,CAA6BpB,GAA7B;AAEA,QAAI8B,kBAAkB,GAAGC,UAAU,CAAC,MAAM;AACxC,WAAKhC,WAAL,CAAiBC,GAAjB,EAAsBN,KAAtB;AACD,KAFkC,EAEhCiC,eAFgC,CAAnC,CAXgC,CAehC;;AACA,SAAK1C,KAAL,CAAWrB,cAAX,CAA0BoC,GAA1B,IAAiC8B,kBAAjC;AACD;;AAEDE,EAAAA,wBAAwB,GAAG;AACzB,QAAIC,YAAY,GAAG,KAAKlF,OAAL,CAAamF,UAAb,EAAnB;;AACA,SAAI,IAAIlC,GAAR,IAAeiC,YAAf,EAA6B;AAC3B,UAAI,CAAC5D,MAAM,CAACkD,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCQ,YAArC,EAAmDjC,GAAnD,CAAL,EAA8D;AAC5D;AACD;;AACD,UAAIN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAAxB;AACA,WAAK0B,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACD;AACF,GAtKwD,CAwKzD;;;AACAyC,EAAAA,0BAA0B,GAAG;AAC3B,SAAKb,0BAAL;AACA,SAAKU,wBAAL;AACD;;AAEDI,EAAAA,GAAG,CAACpC,GAAD,EAAMN,KAAN,EAAoB;AACrB,QAAIuC,YAAY,GAAG,KAAKlF,OAAL,CAAamF,UAAb,EAAnB;AACA,8BAAcxC,KAAd;AACAuC,IAAAA,YAAY,CAACjC,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAK3C,OAAL,CAAasF,UAAb,CAAwBJ,YAAxB;AACA,SAAK5B,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,SAAKgC,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACD;;AAED4C,EAAAA,OAAO,CAACtC,GAAD,EAAM;AACX,QAAIiC,YAAY,GAAG,KAAKlF,OAAL,CAAamF,UAAb,EAAnB;AACA,WAAOD,YAAY,CAACjC,GAAD,CAAnB;AACD;;AAEQ,QAAHuC,GAAG,CAACvC,GAAD,EAAM;AACb,WAAO,KAAKsC,OAAL,CAAatC,GAAb,CAAP;AACD;;AAEDwC,EAAAA,aAAa,GAAW;AACtB,UAAMC,MAAM,GAAG,EAAf;AACA,UAAMR,YAAY,GAAG,KAAKlF,OAAL,CAAamF,UAAb,EAArB;AACA7D,IAAAA,MAAM,CAAC0C,IAAP,CAAYkB,YAAZ,EAA0BjB,OAA1B,CAAkChB,GAAG,IAAI;AACvC,YAAMN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAA1B;;AACA,UAAI,0BAAcN,KAAd,CAAJ,EAA0B;AACxB+C,QAAAA,MAAM,CAACC,WAAP,GAAqBhD,KAArB;AACD,OAFD,MAEO,IAAI,sBAAUA,KAAV,CAAJ,EAAsB;AAC3B+C,QAAAA,MAAM,CAACE,OAAP,GAAiBjD,KAAjB;AACD,OAFM,MAEA,IAAI,2BAAeA,KAAf,CAAJ,EAA2B;AAChC+C,QAAAA,MAAM,CAACG,YAAP,GAAsBlD,KAAtB;AACD;AACF,KATD;AAUA,WAAO+C,MAAP;AACD;;AAEc,QAATI,SAAS,GAAoB;AACjC,WAAO,KAAKL,aAAL,EAAP;AACD;;AAEDM,EAAAA,mBAAmB,CAACC,IAAD,EAA0B;AAC3C,UAAMd,YAAY,GAAG,KAAKlF,OAAL,CAAamF,UAAb,EAArB;AACA,UAAMlC,GAAG,GAAG3B,MAAM,CAAC0C,IAAP,CAAYkB,YAAZ,EAA0Be,MAA1B,CAAiChD,GAAG,IAAI;AAClD,YAAMN,KAAK,GAAGuC,YAAY,CAACjC,GAAD,CAA1B;AACA,aAAQ,0BAAcN,KAAd,KAAwBqD,IAAI,KAAK,aAAlC,IACD,sBAAUrD,KAAV,KAAoBqD,IAAI,KAAK,SAD5B,IAED,2BAAerD,KAAf,KAAyBqD,IAAI,KAAK,cAFxC;AAGD,KALW,EAKT,CALS,CAAZ;AAMA,WAAO/C,GAAP;AACD;;AAEOiD,EAAAA,YAAY,CAACvD,KAAD,EAA0B;AAC5C,QAAI,0BAAcA,KAAd,CAAJ,EAA0B;AACxB,aAAO,aAAP;AACD;;AACD,QAAI,sBAAUA,KAAV,CAAJ,EAAsB;AACpB,aAAO,SAAP;AACD;;AACD,QAAG,2BAAeA,KAAf,CAAH,EAA0B;AACxB,aAAO,cAAP;AACD;;AACD,UAAM,IAAIvB,oBAAJ,CAAiB,oBAAjB,CAAN;AACD;;AAED+E,EAAAA,SAAS,CACPT,MADO,EAEP;AACAU,EAAAA,aAHO,EAIPC,SAJO,EAKPC,cALO,EAMD;AACN,UAAMC,mBAAmB,GAAG,CAACtD,GAAD,EAAMN,KAAN,KAAgB;AAC1C,YAAMqD,IAAI,GAAG,KAAKE,YAAL,CAAkBvD,KAAlB,CAAb;;AACA,UAAIqD,IAAI,KAAK,aAAb,EAA4B;AAC1BI,QAAAA,aAAa,IAAIA,aAAa,CAACnD,GAAD,EAAMN,KAAN,CAA9B;AACD,OAFD,MAEO,IAAIqD,IAAI,KAAK,SAAb,EAAwB;AAC7BK,QAAAA,SAAS,IAAIA,SAAS,CAACpD,GAAD,EAAMN,KAAN,CAAtB;AACD,OAFM,MAEA,IAAIqD,IAAI,KAAK,cAAb,EAA6B;AAClCM,QAAAA,cAAc,IAAIA,cAAc,CAACrD,GAAD,EAAMN,KAAN,CAAhC;AACD;AACF,KATD;;AAUA,UAAM6D,WAAW,GAAG,CAACvD,GAAD,EAAMN,KAAN,KAAgB;AAClC,WAAKW,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,WAAKgC,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAKA,UAAM8D,aAAa,GAAG,CAACxD,GAAD,EAAMN,KAAN,EAAaU,QAAb,KAA0B;AAC9C,WAAKF,WAAL,CAAiBF,GAAjB,EAAsBN,KAAtB,EAA6BU,QAA7B;AACA,WAAKgB,uBAAL,CAA6BpB,GAA7B;AACA,WAAK0B,qBAAL,CAA2B1B,GAA3B,EAAgCN,KAAhC;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KALD;;AAMA,UAAM+D,aAAa,GAAG,CAACzD,GAAD,EAAMN,KAAN,KAAgB;AACpC,WAAK0B,uBAAL,CAA6BpB,GAA7B;AACA,WAAKM,WAAL,CAAiBN,GAAjB,EAAsBN,KAAtB;AACA4D,MAAAA,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAMA,UAAMgE,KAAkB,GAAG,CAAC,SAAD,EAAY,aAAZ,EAA2B,cAA3B,CAA3B;AACA,UAAMC,cAAc,GAAG,KAAKnB,aAAL,EAAvB,CA7BM,CA+BN;;AACAkB,IAAAA,KAAK,CAAC1C,OAAN,CAAe+B,IAAD,IAAU;AACtB,YAAMrD,KAAK,GAAG+C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIrD,KAAJ,EAAW;AACT,kCAAcA,KAAd,EAAqBqD,IAArB;AACD;AACF,KALD,EAhCM,CAuCN;;AACA,UAAMhG,OAAO,GAAG2G,KAAK,CAACE,MAAN,CAAa,CAAC7G,OAAD,EAAUgG,IAAV,KAAmB;AAC9C,YAAMrD,KAAK,GAAG+C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIrD,KAAJ,EAAW;AACT,cAAMxC,UAAU,GAAG,KAAK4F,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;AACAhG,QAAAA,OAAO,CAACG,UAAD,CAAP,GAAsBwC,KAAtB;AACD;;AACD,aAAO3C,OAAP;AACD,KAPe,EAOb,EAPa,CAAhB;AAQA,SAAKA,OAAL,CAAasF,UAAb,CAAwBtF,OAAxB,EAhDM,CAkDN;;AACA2G,IAAAA,KAAK,CAAC1C,OAAN,CAAc+B,IAAI,IAAI;AACpB,YAAM9B,QAAQ,GAAGwB,MAAM,CAACM,IAAD,CAAvB;AACA,YAAMc,aAAa,GAAGF,cAAc,CAACZ,IAAD,CAApC;AACA,YAAM7F,UAAU,GAAG,KAAK4F,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;;AACA,UAAI9B,QAAQ,IAAI4C,aAAhB,EAA+B;AAAE;AAC/B;AACAJ,QAAAA,aAAa,CAACvG,UAAD,EAAa2G,aAAb,CAAb;AACAN,QAAAA,WAAW,CAACrG,UAAD,EAAa+D,QAAb,CAAX;AACAuC,QAAAA,aAAa,CAACtG,UAAD,EAAa+D,QAAb,EAAuB4C,aAAvB,CAAb;AACD,OALD,MAKO,IAAI5C,QAAJ,EAAc;AAAE;AACrBsC,QAAAA,WAAW,CAACrG,UAAD,EAAa+D,QAAb,CAAX;AACD,OAFM,MAEA,IAAI4C,aAAJ,EAAmB;AAAE;AAC1BJ,QAAAA,aAAa,CAACvG,UAAD,EAAa2G,aAAb,CAAb;AACD;AACF,KAdD;AAeD;;AAEDC,EAAAA,MAAM,CAAC9D,GAAD,EAAM;AACV;AACA,SAAKoB,uBAAL,CAA6BpB,GAA7B;AAEA,QAAIiC,YAAY,GAAG,KAAKlF,OAAL,CAAamF,UAAb,EAAnB;AACA,QAAI6B,YAAY,GAAG9B,YAAY,CAACjC,GAAD,CAA/B;AACA,WAAOiC,YAAY,CAACjC,GAAD,CAAnB;AACA,SAAKjD,OAAL,CAAasF,UAAb,CAAwBJ,YAAxB;AAEA,SAAK3B,WAAL,CAAiBN,GAAjB,EAAsB+D,YAAtB;AACD,GAhUwD,CAkUzD;;;AACgB,QAAVC,UAAU,CAACtE,KAAD,EAAQ;AAAA;;AACtB,8BAAO,KAAK1B,GAAL,CAAS0B,KAAhB,oDAAO,gBAAgBuE,KAAhB,CAAsBvE,KAAtB,CAAP;AACD,GArUwD,CAsUzD;;;AACAwE,EAAAA,aAAa,CAACxE,KAAD,EAAe;AAC1B,WAAO,0BAAcA,KAAd,CAAP;AACD,GAzUwD,CA2UzD;;;AACAuE,EAAAA,KAAK,CAACjE,GAAD,EAAkC;AACrC;AACA,QAAI,KAAKf,KAAL,CAAWpB,YAAf,EAA6B;AAC3B,aAAO,KAAKoB,KAAL,CAAWpB,YAAlB;AACD;;AAED,QAAI;AACF,UAAI6B,KAAK,GAAG,KAAK4C,OAAL,CAAatC,GAAb,CAAZ;;AACA,UAAI,CAACN,KAAL,EAAY;AACV,cAAM,IAAIvB,oBAAJ,CAAiB,gDAAgD6B,GAAjE,CAAN;AACD;AACF,KALD,CAKE,OAAOmE,CAAP,EAAU;AACV,aAAOC,OAAO,CAACC,MAAR,CAAeF,CAAf,CAAP;AACD,KAboC,CAerC;;;AACA,SAAK/C,uBAAL,CAA6BpB,GAA7B,EAhBqC,CAkBrC;AACA;;AACA,SAAKf,KAAL,CAAWpB,YAAX,GAA0B,KAAKG,GAAL,CAAS0B,KAAT,CAAe4E,WAAf,GACvBC,IADuB,CAClB9B,MAAM,IAAI;AACd,WAAKS,SAAL,CAAeT,MAAf,EADc,CAGd;;AACA,YAAM+B,SAAS,GAAG,KAAKvB,YAAL,CAAkBvD,KAAlB,CAAlB;AACA,aAAO+C,MAAM,CAAC+B,SAAD,CAAb;AACD,KAPuB,EAQvBC,KARuB,CAQjBC,GAAG,IAAI;AACZ;AACA,UAAI,gCAAoBA,GAApB,KAA4BA,GAAG,CAACC,IAAJ,KAAa,YAAzC,IAAyDD,GAAG,CAACC,IAAJ,KAAa,cAA1E,EAA0F;AACxF;AACA,aAAKb,MAAL,CAAY9D,GAAZ;AACD;;AACD0E,MAAAA,GAAG,CAACE,QAAJ,GAAe5E,GAAf;AACA,WAAKO,SAAL,CAAemE,GAAf;AACA,YAAMA,GAAN;AACD,KAjBuB,EAkBvBG,OAlBuB,CAkBf,MAAM;AACb;AACA,WAAK5F,KAAL,CAAWpB,YAAX,GAA0B,IAA1B;AACD,KArBuB,CAA1B;AAuBA,WAAO,KAAKoB,KAAL,CAAWpB,YAAlB;AACD;;AAEDiH,EAAAA,KAAK,GAAG;AACN,SAAKxD,0BAAL;AACA,SAAKvE,OAAL,CAAagI,YAAb;AACD;;AAEDjI,EAAAA,wBAAwB,GAAG;AACzB,UAAM2F,MAAM,GAAG,KAAKD,aAAL,EAAf;AACAnE,IAAAA,MAAM,CAAC0C,IAAP,CAAY0B,MAAZ,EAAoBzB,OAApB,CAA4BhB,GAAG,IAAI;AACjC,UAAIyC,MAAM,CAACzC,GAAD,CAAN,CAAYgF,aAAhB,EAA+B;AAC9B,aAAKlB,MAAL,CAAY9D,GAAZ;AACA;AACF,KAJD;AAKD;;AAEDa,EAAAA,yBAAyB,CAACoE,KAAD,EAAQ;AAC/B,QAAIxC,MAAJ;;AACA,QAAI;AACFA,MAAAA,MAAM,GAAGvB,IAAI,CAACgE,KAAL,CAAWD,KAAX,KAAqB,EAA9B;AACD,KAFD,CAEE,OAAOd,CAAP,EAAU;AACV1B,MAAAA,MAAM,GAAG,EAAT;AACD;;AACD,WAAOA,MAAP;AACD;;AAED0C,EAAAA,kBAAkB,CAACzF,KAAD,EAAsB;AACtC,UAAMM,GAAG,GAAG,KAAK8C,mBAAL,CAAyB,cAAzB,KAA4CsC,oCAAxD,CADsC,CAGtC;;;AACA,QAAInD,YAAY,GAAG,KAAKlF,OAAL,CAAamF,UAAb,EAAnB;AACA,8BAAcxC,KAAd;AACAuC,IAAAA,YAAY,CAACjC,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAK3C,OAAL,CAAasF,UAAb,CAAwBJ,YAAxB;AACD;;AAEDoD,EAAAA,qBAAqB,GAAG;AACtB,UAAM5C,MAAM,GAAG,KAAKD,aAAL,EAAf;AACAnE,IAAAA,MAAM,CAAC0C,IAAP,CAAY0B,MAAZ,EAAoBzB,OAApB,CAA4BhB,GAAG,IAAI;AACjCyC,MAAAA,MAAM,CAACzC,GAAD,CAAN,CAAYgF,aAAZ,GAA4B,IAA5B;AACD,KAFD;AAGA,SAAK9B,SAAL,CAAeT,MAAf;AACD;;AAlawD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from './util';\nimport { AuthSdkError } from './errors';\nimport { isRefreshTokenError, validateToken } from './oidc/util';\nimport { isLocalhost, isIE11OrLess } from './features';\nimport { TOKEN_STORAGE_NAME } from './constants';\nimport SdkClock from './clock';\nimport {\n EventEmitter,\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n StorageOptions,\n StorageType,\n OktaAuth,\n StorageProvider,\n TokenManagerErrorEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY } from './constants';\nimport { TokenService } from './services/TokenService';\n\nconst DEFAULT_OPTIONS = {\n autoRenew: true,\n autoRemove: true,\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME,\n syncStorage: true,\n _storageEventDelay: 0\n};\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token | undefined> | null;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuth;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n private service: TokenService | null;\n\n on: (event: string, handler: TokenManagerErrorEventHandler | TokenManagerEventHandler, context?: object) => void;\n off: (event: string, handler?: TokenManagerErrorEventHandler | TokenManagerEventHandler) => void;\n\n constructor(sdk: OktaAuth, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n this.service = null;\n \n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (isIE11OrLess()) {\n options._storageEventDelay = options._storageEventDelay || 1000;\n }\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n\n this.on = this.emitter.on.bind(this.emitter);\n this.off = this.emitter.off.bind(this.emitter);\n }\n\n start() {\n if (this.service) {\n this.stop();\n }\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.service = new TokenService(this, this.getOptions());\n this.service.start();\n }\n \n stop() {\n if (this.service) {\n this.service.stop();\n this.service = null;\n }\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n var expireTime = token.expiresAt - expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n emitEventsForCrossTabsStorageUpdate(newValue, oldValue) {\n const oldTokens = this.getTokensFromStorageValue(oldValue);\n const newTokens = this.getTokensFromStorageValue(newValue);\n Object.keys(newTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (JSON.stringify(oldToken) !== JSON.stringify(newToken)) {\n this.emitAdded(key, newToken);\n }\n });\n Object.keys(oldTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (!newToken) {\n this.emitRemoved(key, oldToken);\n }\n });\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key) {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key) {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: Function, \n idTokenCb?: Function,\n refreshTokenCb?: Function\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n \n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token?.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token | undefined> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n \n try {\n var token = this.getSync(key);\n if (!token) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n } catch (e) {\n return Promise.reject(e);\n }\n \n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token and emit error\n if (isRefreshTokenError(err) || err.name === 'OAuthError' || err.name === 'AuthSdkError') {\n // remove token from storage\n this.remove(key);\n }\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return this.state.renewPromise;\n }\n \n clear() {\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n }\n\n clearPendingRemoveTokens() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n if (tokens[key].pendingRemove) {\n this.remove(key);\n }\n });\n }\n \n getTokensFromStorageValue(value) {\n let tokens;\n try {\n tokens = JSON.parse(value) || {};\n } catch (e) {\n tokens = {};\n }\n return tokens;\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n"],"file":"TokenManager.js"}
package/cjs/TransactionManager.js CHANGED
@@ -27,12 +27,14 @@ var _sharedStorage = require("./util/sharedStorage");
27
27
  */
28
28
  class TransactionManager {
29
29
  constructor(options) {
30
+ // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
30
31
  this.storageManager = options.storageManager;
31
32
  this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;
32
33
  this.saveNonceCookie = options.saveNonceCookie === false ? false : true;
33
34
  this.saveStateCookie = options.saveStateCookie === false ? false : true;
34
35
  this.saveParamsCookie = options.saveParamsCookie === false ? false : true;
35
36
  this.enableSharedStorage = options.enableSharedStorage === false ? false : true;
37
+ this.saveLastResponse = options.saveLastResponse === false ? false : true;
36
38
  this.options = options;
37
39
  } // eslint-disable-next-line complexity
38
40
 
@@ -43,10 +45,9 @@ class TransactionManager {
43
45
 
44
46
  transactionStorage.clearStorage(); // clear IDX response storage
45
47
 
46
- this.clearIdxResponse(); // Usually we do NOT want to clear shared storage because another tab may need it to continue/complete a flow
47
- // It can be cleared after a user succcesfully signs in and receives tokens
48
+ this.clearIdxResponse(); // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow
48
49
 
49
- if (this.enableSharedStorage && options.clearSharedStorage) {
50
+ if (this.enableSharedStorage && options.clearSharedStorage !== false) {
50
51
  const state = options.state || (meta === null || meta === void 0 ? void 0 : meta.state);
51
52
 
52
53
  if (state) {
@@ -245,7 +246,7 @@ class TransactionManager {
245
246
  // eslint-disable-next-line max-len
246
247
 
247
248
 
248
- throw new _errors.AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);
249
+ throw new _errors.AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);
249
250
  }
250
251
 
251
252
  clearLegacyOAuthParams() {
@@ -299,6 +300,10 @@ class TransactionManager {
299
300
  }
300
301
 
301
302
  saveIdxResponse(idxResponse) {
303
+ if (!this.saveLastResponse) {
304
+ return;
305
+ }
306
+
302
307
  const storage = this.storageManager.getIdxResponseStorage();
303
308
 
304
309
  if (!storage) {
@@ -309,6 +314,10 @@ class TransactionManager {
309
314
  }
310
315
 
311
316
  loadIdxResponse() {
317
+ if (!this.saveLastResponse) {
318
+ return null;
319
+ }
320
+
312
321
  const storage = this.storageManager.getIdxResponseStorage();
313
322
 
314
323
  if (!storage) {
@@ -325,6 +334,10 @@ class TransactionManager {
325
334
  }
326
335
 
327
336
  clearIdxResponse() {
337
+ if (!this.saveLastResponse) {
338
+ return;
339
+ }
340
+
328
341
  const storage = this.storageManager.getIdxResponseStorage();
329
342
  storage === null || storage === void 0 ? void 0 : storage.clearStorage();
330
343
  }
package/cjs/TransactionManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearIdxResponse","clearSharedStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","JSON","stringify","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","Object","assign","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","getIdxResponseStorage","loadIdxResponse"],"mappings":";;;;AAaA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6Be,MAAMA,kBAAN,CAAyB;AAStCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKN,OAAL,GAAeA,OAAf;AACD,GAjBqC,CAmBtC;;;AACAO,EAAAA,KAAK,CAACP,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMQ,kBAAmC,GAAG,KAAKP,cAAL,CAAoBQ,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,SAAKC,gBAAL,GAR+C,CAU/C;AACA;;AACA,QAAI,KAAKP,mBAAL,IAA4BN,OAAO,CAACc,kBAAxC,EAA4D;AAC1D,YAAMC,KAAK,GAAGf,OAAO,CAACe,KAAR,KAAiBL,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEK,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKd,cAAvC,EAAuDc,KAAvD;AACD;AACF;;AAED,QAAI,CAAC,KAAKb,mBAAV,EAA+B;AAC7B;AACD,KArB8C,CAuB/C;;;AACA,QAAIF,OAAO,CAACgB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIjB,OAAO,CAACkB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GAnDqC,CAqDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBV,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIqB,OAAwB,GAAG,KAAKpB,cAAL,CAAoBQ,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACtB,OAAO,CAACuB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKJ,mBAAL,IAA4BI,IAAI,CAACK,KAArC,EAA4C;AAC1C,yDAA+B,KAAKd,cAApC,EAAoDS,IAAI,CAACK,KAAzD,EAAgEL,IAAhE;AACD;;AAED,QAAI,CAACV,OAAO,CAACgB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKb,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMoB,aAA4B,GAAG,KAAKxB,cAAL,CAAoBU,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKrB,gBAAT,EAA2B;AACzB,cAAM;AACJsB,UAAAA,YADI;AAEJZ,UAAAA,KAFI;AAGJa,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBZ,UAAAA,KAFkB;AAGlBa,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkDC,IAAI,CAACC,SAAL,CAAeJ,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK9B,eAAL,IAAwBO,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBI,qCAAtB,EAAkD5B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKxB,eAAL,IAAwBM,IAAI,CAACK,KAAjC,EAAwC;AACtC;AACAU,QAAAA,aAAa,CAACS,OAAd,CAAsBK,qCAAtB,EAAkD7B,IAAI,CAACK,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDyB,EAAAA,MAAM,CAACxC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMU,IAAqB,GAAG,KAAK+B,IAAL,CAAUzC,OAAV,CAA9B;AACA,aAAO,CAAC,CAACU,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GA7HqC,CA+HtC;AACA;;;AACA+B,EAAAA,IAAI,CAACzC,OAA+B,GAAG,EAAnC,EAAwD;AAE1D,QAAIU,IAAJ,CAF0D,CAI1D;;AACA,QAAI,KAAKJ,mBAAL,IAA4BN,OAAO,CAACe,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKd,cAAxB,EAD6C,CACJ;;AACzCS,MAAAA,IAAI,GAAG,qDAAiC,KAAKT,cAAtC,EAAsDD,OAAO,CAACe,KAA9D,CAAP;;AACA,UAAI,8BAAkBL,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKpB,cAAL,CAAoBQ,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKR,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtByD,CAwB1D;;;AACA,QAAIF,OAAO,CAACgB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKS,qBAAL,EAApB;AACAC,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIjB,OAAO,CAACkB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAM2B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACAH,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBmC,QAApB;AACD,OAHD,SAGU;AACR,aAAK1B,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAhLqC,CAkLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKX,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAEDkC,EAAAA,cAAc,GAAwB;AACpC,QAAIzB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKrB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKrB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBgD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAI6B,oBAAJ,CAAiB,yJAAjB,EAA4K,IAA5K,CAAN;AACD;;AAEDlC,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKpB,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKX,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAIrB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKhC,cAAL,CAAoB8C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKpB,cAAL,CAAoBmD,2BAApB,CAAgD;AAAE1B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIkB,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDE,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,UAAMjC,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;;AACA,QAAI,CAAClC,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB8B,WAAnB;AACD;;AAEDE,EAAAA,eAAe,GAAmB;AAChC,UAAMnC,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;;AACA,QAAI,CAAClC,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMiC,WAAW,GAAGjC,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC,6BAAiB2C,WAAjB,CAAL,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AAEDzC,EAAAA,gBAAgB,GAAS;AACvB,UAAMQ,OAAwB,GAAG,KAAKpB,cAAL,CAAoBsD,qBAApB,EAAjC;AACAlC,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AAlSqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport StorageManager from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n clearSharedStorage?: boolean;\n}\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n enableSharedStorage: boolean;\n\n constructor(options: TransactionManagerOptions) {\n this.storageManager = options.storageManager;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.options = options;\n }\n\n // eslint-disable-next-line complexity\n clear(options: ClearTransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n const meta = transactionStorage.getStorage();\n\n // Clear primary storage (by default, sessionStorage on browser)\n transactionStorage.clearStorage();\n\n // clear IDX response storage\n this.clearIdxResponse();\n\n // Usually we do NOT want to clear shared storage because another tab may need it to continue/complete a flow\n // It can be cleared after a user succcesfully signs in and receives tokens\n if (this.enableSharedStorage && options.clearSharedStorage) {\n const state = options.state || meta?.state;\n if (state) {\n clearTransactionFromSharedStorage(this.storageManager, state);\n }\n }\n \n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n\n if (!options.oauth) {\n return;\n }\n \n // Legacy cookie storage\n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta: TransactionMeta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', null);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse(idxResponse: RawIdxResponse): void {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(idxResponse);\n }\n\n loadIdxResponse(): RawIdxResponse {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const idxResponse = storage.getStorage();\n if (!isRawIdxResponse(idxResponse)) {\n return null;\n }\n return idxResponse;\n }\n\n clearIdxResponse(): void {\n const storage: StorageProvider = this.storageManager.getIdxResponseStorage();\n storage?.clearStorage();\n }\n}"],"file":"TransactionManager.js"}
1
+ {"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","saveLastResponse","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearIdxResponse","clearSharedStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","JSON","stringify","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","Object","assign","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","undefined","getLegacyOAuthParamsStorage","saveIdxResponse","idxResponse","getIdxResponseStorage","loadIdxResponse"],"mappings":";;;;AAaA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6Be,MAAMA,kBAAN,CAAyB;AAUtCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C;AACA,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,gBAAL,GAAwBP,OAAO,CAACO,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKP,OAAL,GAAeA,OAAf;AACD,GApBqC,CAsBtC;;;AACAQ,EAAAA,KAAK,CAACR,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMS,kBAAmC,GAAG,KAAKR,cAAL,CAAoBS,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,SAAKC,gBAAL,GAR+C,CAU/C;;AACA,QAAI,KAAKR,mBAAL,IAA4BN,OAAO,CAACe,kBAAR,KAA+B,KAA/D,EAAsE;AACpE,YAAMC,KAAK,GAAGhB,OAAO,CAACgB,KAAR,KAAiBL,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEK,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKf,cAAvC,EAAuDe,KAAvD;AACD;AACF;;AAED,QAAI,CAAC,KAAKd,mBAAV,EAA+B;AAC7B;AACD,KApB8C,CAsB/C;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GArDqC,CAuDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBX,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIsB,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACvB,OAAO,CAACwB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKL,mBAAL,IAA4BK,IAAI,CAACK,KAArC,EAA4C;AAC1C,yDAA+B,KAAKf,cAApC,EAAoDU,IAAI,CAACK,KAAzD,EAAgEL,IAAhE;AACD;;AAED,QAAI,CAACX,OAAO,CAACiB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKd,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMqB,aAA4B,GAAG,KAAKzB,cAAL,CAAoBW,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKtB,gBAAT,EAA2B;AACzB,cAAM;AACJuB,UAAAA,YADI;AAEJZ,UAAAA,KAFI;AAGJa,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBZ,UAAAA,KAFkB;AAGlBa,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkDC,IAAI,CAACC,SAAL,CAAeJ,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK/B,eAAL,IAAwBQ,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBI,qCAAtB,EAAkD5B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKzB,eAAL,IAAwBO,IAAI,CAACK,KAAjC,EAAwC;AACtC;AACAU,QAAAA,aAAa,CAACS,OAAd,CAAsBK,qCAAtB,EAAkD7B,IAAI,CAACK,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDyB,EAAAA,MAAM,CAACzC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMW,IAAI,GAAG,KAAK+B,IAAL,CAAU1C,OAAV,CAAb;AACA,aAAO,CAAC,CAACW,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GA/HqC,CAiItC;AACA;;;AACA+B,EAAAA,IAAI,CAAC1C,OAA+B,GAAG,EAAnC,EAA+D;AAEjE,QAAIW,IAAJ,CAFiE,CAIjE;;AACA,QAAI,KAAKL,mBAAL,IAA4BN,OAAO,CAACgB,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKf,cAAxB,EAD6C,CACJ;;AACzCU,MAAAA,IAAI,GAAG,qDAAiC,KAAKV,cAAtC,EAAsDD,OAAO,CAACgB,KAA9D,CAAP;;AACA,UAAI,8BAAkBL,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKT,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtBgE,CAwBjE;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKS,qBAAL,EAApB;AACAC,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAM2B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACAH,QAAAA,MAAM,CAACC,MAAP,CAAclC,IAAd,EAAoBmC,QAApB;AACD,OAHD,SAGU;AACR,aAAK1B,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAlLqC,CAoLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAEDkC,EAAAA,cAAc,GAAwB;AACpC,QAAIzB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKtB,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnE3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKtB,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,oBAApB,CAAyC;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAAC4B,YAAf,EAA6B;AAC3B,eAAO5B,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAI6B,oBAAJ,CAAiB,yJAAjB,EAA4KC,SAA5K,CAAN;AACD;;AAEDnC,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,2BAApB,CAAgD;AAAE3B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,2BAApB,CAAgD;AAAE3B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAIrB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKjC,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrE3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,2BAApB,CAAgD;AAAE3B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKjC,cAAL,CAAoB+C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7D3B,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,2BAApB,CAAgD;AAAE3B,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIkB,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDG,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,QAAI,CAAC,KAAKjD,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBwD,qBAApB,EAAhB;;AACA,QAAI,CAACnC,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB+B,WAAnB;AACD;;AAEDE,EAAAA,eAAe,GAA0B;AACvC,QAAI,CAAC,KAAKnD,gBAAV,EAA4B;AAC1B,aAAO,IAAP;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBwD,qBAApB,EAAhB;;AACA,QAAI,CAACnC,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMkC,WAAW,GAAGlC,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC,6BAAiB4C,WAAjB,CAAL,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AAED1C,EAAAA,gBAAgB,GAAS;AACvB,QAAI,CAAC,KAAKP,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBwD,qBAApB,EAAhB;AACAnC,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AA7SqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport StorageManager from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage\n} from './types';\nimport { RawIdxResponse, isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n clearSharedStorage?: boolean;\n}\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n enableSharedStorage: boolean;\n saveLastResponse: boolean;\n\n constructor(options: TransactionManagerOptions) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.storageManager = options.storageManager!;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.saveLastResponse = options.saveLastResponse === false ? false : true;\n this.options = options;\n }\n\n // eslint-disable-next-line complexity\n clear(options: ClearTransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n const meta = transactionStorage.getStorage();\n\n // Clear primary storage (by default, sessionStorage on browser)\n transactionStorage.clearStorage();\n\n // clear IDX response storage\n this.clearIdxResponse();\n\n // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow\n if (this.enableSharedStorage && options.clearSharedStorage !== false) {\n const state = options.state || meta?.state;\n if (state) {\n clearTransactionFromSharedStorage(this.storageManager, state);\n }\n }\n \n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n\n if (!options.oauth) {\n return;\n }\n \n // Legacy cookie storage\n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta | null {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n \n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse(idxResponse: RawIdxResponse): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(idxResponse);\n }\n\n loadIdxResponse(): RawIdxResponse | null {\n if (!this.saveLastResponse) {\n return null;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const idxResponse = storage.getStorage();\n if (!isRawIdxResponse(idxResponse)) {\n return null;\n }\n return idxResponse;\n }\n\n clearIdxResponse(): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n storage?.clearStorage();\n }\n}"],"file":"TransactionManager.js"}
package/cjs/browser/browserStorage.js CHANGED
@@ -8,6 +8,8 @@ var _AuthSdkError = _interopRequireDefault(require("../errors/AuthSdkError"));
8
8
 
9
9
  var _util = require("../util");
10
10
 
11
+ /* eslint-disable @typescript-eslint/no-non-null-assertion */
12
+
11
13
  /*!
12
14
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
13
15
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -76,7 +78,7 @@ var storageUtil = {
76
78
  return supported;
77
79
  },
78
80
  getStorageByType: function (storageType, options) {
79
- let storageProvider = null;
81
+ let storageProvider;
80
82
 
81
83
  switch (storageType) {
82
84
  case 'sessionStorage':
@@ -154,11 +156,11 @@ var storageUtil = {
154
156
  }
155
157
  };
156
158
 
157
- if (!options.useMultipleCookies) {
159
+ if (!options.useSeparateCookies) {
158
160
  return storage;
159
- } // options.useMultipleCookies - because cookies have size limits.
161
+ } // Tokens are stored separately because cookies have size limits.
160
162
  // Can only be used when storing an object value. Object properties will be saved to separate cookies.
161
- // Each property of the object must also be an object.
163
+ // Each property of the object must also be an object.
162
164
 
163
165
 
164
166
  return {
@@ -169,7 +171,7 @@ var storageUtil = {
169
171
  Object.keys(data).forEach(k => {
170
172
  if (k.indexOf(key) === 0) {
171
173
  // filter out unrelated cookies
172
- value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie dataa
174
+ value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie data
173
175
  }
174
176
  });
175
177
  return JSON.stringify(value);
package/cjs/browser/browserStorage.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/browser/browserStorage.ts"],"names":["Cookies","require","storageUtil","getHttpCache","getPKCEStorage","browserHasLocalStorage","storage","getLocalStorage","testStorage","e","browserHasSessionStorage","getSessionStorage","testStorageType","storageType","supported","getStorageByType","options","storageProvider","getCookieStorage","getInMemoryStorage","AuthSdkError","findStorageType","types","curType","nextType","slice","shift","length","localStorage","sessionStorage","secure","sameSite","sessionCookie","getItem","get","setItem","key","value","expiresAt","set","removeItem","delete","useMultipleCookies","data","Object","keys","forEach","k","indexOf","replace","JSON","parse","stringify","existingValues","storageKey","valueToStore","inMemoryStore","name","cookieOptions","path","Date","expires","remove"],"mappings":";;;;;;AAaA;;AAWA;;AAxBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAeA,MAAMA,OAAO,GAAGC,OAAO,CAAC,WAAD,CAAvB,C,CAEA;;;AACA,IAAIC,WAA+B,GAAG;AAEpC;AACAC,EAAAA,YAAY,GAAoB;AAC9B,WAAO,IAAP;AACD,GALmC;;AAOpCC,EAAAA,cAAc,GAAgB;AAC5B,WAAO,IAAP;AACD,GATmC;;AAWpC;AACA;AACAC,EAAAA,sBAAsB,EAAE,YAAW;AACjC,QAAI;AACF,UAAIC,OAAO,GAAGJ,WAAW,CAACK,eAAZ,EAAd;AACA,aAAOL,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GApBmC;AAsBpCC,EAAAA,wBAAwB,EAAE,YAAW;AACnC,QAAI;AACF,UAAIJ,OAAO,GAAGJ,WAAW,CAACS,iBAAZ,EAAd;AACA,aAAOT,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA7BmC;AA+BpCG,EAAAA,eAAe,EAAE,UAASC,WAAT,EAA4C;AAC3D,QAAIC,SAAS,GAAG,KAAhB;;AACA,YAAQD,WAAR;AACE,WAAK,gBAAL;AACEC,QAAAA,SAAS,GAAGZ,WAAW,CAACQ,wBAAZ,EAAZ;AACA;;AACF,WAAK,cAAL;AACEI,QAAAA,SAAS,GAAGZ,WAAW,CAACG,sBAAZ,EAAZ;AACA;;AACF,WAAK,QAAL;AACA,WAAK,QAAL;AACES,QAAAA,SAAS,GAAG,IAAZ;AACA;;AACF;AACEA,QAAAA,SAAS,GAAG,KAAZ;AACA;AAbJ;;AAeA,WAAOA,SAAP;AACD,GAjDmC;AAmDpCC,EAAAA,gBAAgB,EAAE,UAASF,WAAT,EAAmCG,OAAnC,EAA2E;AAC3F,QAAIC,eAAe,GAAG,IAAtB;;AACA,YAAQJ,WAAR;AACE,WAAK,gBAAL;AACEI,QAAAA,eAAe,GAAGf,WAAW,CAACS,iBAAZ,EAAlB;AACA;;AACF,WAAK,cAAL;AACEM,QAAAA,eAAe,GAAGf,WAAW,CAACK,eAAZ,EAAlB;AACA;;AACF,WAAK,QAAL;AACEU,QAAAA,eAAe,GAAGf,WAAW,CAACgB,gBAAZ,CAA6BF,OAA7B,CAAlB;AACA;;AACF,WAAK,QAAL;AACEC,QAAAA,eAAe,GAAGf,WAAW,CAACiB,kBAAZ,EAAlB;AACA;;AACF;AACE,cAAM,IAAIC,qBAAJ,CAAkB,gCAA+BP,WAAY,EAA7D,CAAN;AACA;AAfJ;;AAiBA,WAAOI,eAAP;AACD,GAvEmC;AAyEpCI,EAAAA,eAAe,EAAE,UAASC,KAAT,EAA+B;AAC9C,QAAIC,OAAJ;AACA,QAAIC,QAAJ;AAEAF,IAAAA,KAAK,GAAGA,KAAK,CAACG,KAAN,EAAR,CAJ8C,CAIvB;;AACvBF,IAAAA,OAAO,GAAGD,KAAK,CAACI,KAAN,EAAV;AACAF,IAAAA,QAAQ,GAAGF,KAAK,CAACK,MAAN,GAAeL,KAAK,CAAC,CAAD,CAApB,GAA0B,IAArC;;AACA,QAAI,CAACE,QAAL,EAAe;AACb,aAAOD,OAAP;AACD;;AAED,QAAIrB,WAAW,CAACU,eAAZ,CAA4BW,OAA5B,CAAJ,EAA0C;AACxC,aAAOA,OAAP;AACD,KAb6C,CAe9C;;;AACA,oBAAM,gCAA+BA,OAAQ,kBAAiBC,QAAS,GAAvE,EAhB8C,CAkB9C;;AACA,WAAOtB,WAAW,CAACmB,eAAZ,CAA4BC,KAA5B,CAAP;AACD,GA7FmC;AA+FpCf,EAAAA,eAAe,EAAE,YAAW;AAC1B,WAAOqB,YAAP;AACD,GAjGmC;AAmGpCjB,EAAAA,iBAAiB,EAAE,YAAW;AAC5B,WAAOkB,cAAP;AACD,GArGmC;AAuGpC;AACAX,EAAAA,gBAAgB,EAAE,UAASF,OAAT,EAAiC;AACjD,UAAMc,MAAM,GAAGd,OAAO,CAACc,MAAvB;AACA,UAAMC,QAAQ,GAAGf,OAAO,CAACe,QAAzB;AACA,UAAMC,aAAa,GAAGhB,OAAO,CAACgB,aAA9B;;AACA,QAAI,OAAOF,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,YAAM,IAAIX,qBAAJ,CAAiB,oEAAjB,CAAN;AACD;;AACD,UAAMd,OAAsB,GAAG;AAC7B2B,MAAAA,OAAO,EAAE/B,WAAW,CAACI,OAAZ,CAAoB4B,GADA;AAE7BC,MAAAA,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqBC,SAAS,GAAG,0BAAjC,EAA6D;AACpE;AACAA,QAAAA,SAAS,GAAGN,aAAa,GAAG,IAAH,GAAUM,SAAnC;AACApC,QAAAA,WAAW,CAACI,OAAZ,CAAoBiC,GAApB,CAAwBH,GAAxB,EAA6BC,KAA7B,EAAoCC,SAApC,EAA+C;AAC7CR,UAAAA,MAAM,EAAEA,MADqC;AAE7CC,UAAAA,QAAQ,EAAEA;AAFmC,SAA/C;AAID,OAT4B;AAU7BS,MAAAA,UAAU,EAAE,UAASJ,GAAT,EAAc;AACxBlC,QAAAA,WAAW,CAACI,OAAZ,CAAoBmC,MAApB,CAA2BL,GAA3B;AACD;AAZ4B,KAA/B;;AAeA,QAAI,CAACpB,OAAO,CAAC0B,kBAAb,EAAiC;AAC/B,aAAOpC,OAAP;AACD,KAxBgD,CA0BjD;AACA;AACA;;;AACA,WAAO;AACL2B,MAAAA,OAAO,EAAE,UAASG,GAAT,EAAc;AACrB,YAAIO,IAAI,GAAGrC,OAAO,CAAC2B,OAAR,EAAX,CADqB,CACS;;AAC9B,YAAII,KAAK,GAAG,EAAZ;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYF,IAAZ,EAAkBG,OAAlB,CAA0BC,CAAC,IAAI;AAC7B,cAAIA,CAAC,CAACC,OAAF,CAAUZ,GAAV,MAAmB,CAAvB,EAA0B;AAAE;AAC1BC,YAAAA,KAAK,CAACU,CAAC,CAACE,OAAF,CAAW,GAAEb,GAAI,GAAjB,EAAqB,EAArB,CAAD,CAAL,GAAkCc,IAAI,CAACC,KAAL,CAAWR,IAAI,CAACI,CAAD,CAAf,CAAlC,CADwB,CAC+B;AACxD;AACF,SAJD;AAKA,eAAOG,IAAI,CAACE,SAAL,CAAef,KAAf,CAAP;AACD,OAVI;AAWLF,MAAAA,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqB;AAC5B,YAAIgB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAC,QAAAA,KAAK,GAAGa,IAAI,CAACC,KAAL,CAAWd,KAAX,CAAR,CAF4B,CAG5B;;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYR,KAAZ,EAAmBS,OAAnB,CAA2BC,CAAC,IAAI;AAC9B,cAAIO,UAAU,GAAGlB,GAAG,GAAG,GAAN,GAAYW,CAA7B;AACA,cAAIQ,YAAY,GAAGL,IAAI,CAACE,SAAL,CAAef,KAAK,CAACU,CAAD,CAApB,CAAnB;AACAzC,UAAAA,OAAO,CAAC6B,OAAR,CAAgBmB,UAAhB,EAA4BC,YAA5B;AACA,iBAAOF,cAAc,CAACN,CAAD,CAArB;AACD,SALD,EAJ4B,CAU5B;;AACAH,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCzC,UAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD,OAzBI;AA0BLP,MAAAA,UAAU,EAAE,UAASJ,GAAT,EAAc;AACxB,YAAIiB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAQ,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCzC,UAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD;AA/BI,KAAP;AAiCD,GAtKmC;AAwKpC;AACAS,EAAAA,aAAa,EAAE,EAzKqB;AA0KpCrC,EAAAA,kBAAkB,EAAE,YAAW;AAC7B,WAAO;AACLc,MAAAA,OAAO,EAAGG,GAAD,IAAS;AAChB,eAAO,KAAKoB,aAAL,CAAmBpB,GAAnB,CAAP;AACD,OAHI;AAILD,MAAAA,OAAO,EAAE,CAACC,GAAD,EAAMC,KAAN,KAAgB;AACvB,aAAKmB,aAAL,CAAmBpB,GAAnB,IAA0BC,KAA1B;AACD;AANI,KAAP;AAQD,GAnLmC;AAqLpC7B,EAAAA,WAAW,EAAE,UAASF,OAAT,EAAkB;AAC7B,QAAI8B,GAAG,GAAG,mBAAV;;AACA,QAAI;AACF9B,MAAAA,OAAO,CAAC6B,OAAR,CAAgBC,GAAhB,EAAqBA,GAArB;AACA9B,MAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAnB;AACA,aAAO,IAAP;AACD,KAJD,CAIE,OAAO3B,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA9LmC;AAgMpCH,EAAAA,OAAO,EAAE;AACPiC,IAAAA,GAAG,EAAE,UAASkB,IAAT,EAAuBpB,KAAvB,EAAsCC,SAAtC,EAAyDtB,OAAzD,EAAyF;AAC5F,YAAM;AAAEe,QAAAA,QAAF;AAAYD,QAAAA;AAAZ,UAAuBd,OAA7B;;AACA,UAAI,OAAOc,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,cAAM,IAAIX,qBAAJ,CAAiB,+DAAjB,CAAN;AACD;;AACD,UAAIsC,aAA4B,GAAG;AACjCC,QAAAA,IAAI,EAAE3C,OAAO,CAAC2C,IAAR,IAAgB,GADW;AAEjC7B,QAAAA,MAFiC;AAGjCC,QAAAA;AAHiC,OAAnC,CAL4F,CAW5F;;AACA,UAAI,CAAC,CAAE6B,IAAI,CAACT,KAAL,CAAWb,SAAX,CAAP,EAA+B;AAC7B;AACA;AACA;AACA;AACAoB,QAAAA,aAAa,CAACG,OAAd,GAAwB,IAAID,IAAJ,CAAStB,SAAT,CAAxB;AACD;;AAEDtC,MAAAA,OAAO,CAACuC,GAAR,CAAYkB,IAAZ,EAAkBpB,KAAlB,EAAyBqB,aAAzB;AACA,aAAOxD,WAAW,CAACI,OAAZ,CAAoB4B,GAApB,CAAwBuB,IAAxB,CAAP;AACD,KAvBM;AAyBPvB,IAAAA,GAAG,EAAE,UAASuB,IAAT,EAA+B;AAClC,aAAOzD,OAAO,CAACkC,GAAR,CAAYuB,IAAZ,CAAP;AACD,KA3BM;AA6BPhB,IAAAA,MAAM,EAAE,UAASgB,IAAT,EAA+B;AACrC,aAAOzD,OAAO,CAAC8D,MAAR,CAAeL,IAAf,EAAqB;AAAEE,QAAAA,IAAI,EAAE;AAAR,OAArB,CAAP;AACD;AA/BM;AAhM2B,CAAtC;eAmOezD,W","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n SimpleStorage,\n StorageType,\n BrowserStorageUtil,\n CookieStorage\n} from '../types';\nimport { warn } from '../util';\n\nconst Cookies = require('js-cookie');\n\n// Building this as an object allows us to mock the functions in our tests\nvar storageUtil: BrowserStorageUtil = {\n\n // These are shimmed in `OktaAuthBase.ts`\n getHttpCache(): StorageProvider {\n return null;\n },\n\n getPKCEStorage(): PKCEStorage {\n return null;\n },\n\n // IE11 bug that Microsoft doesn't plan to fix\n // https://connect.microsoft.com/IE/Feedback/Details/1496040\n browserHasLocalStorage: function() {\n try {\n var storage = storageUtil.getLocalStorage();\n return storageUtil.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n browserHasSessionStorage: function() {\n try {\n var storage = storageUtil.getSessionStorage();\n return storageUtil.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n testStorageType: function(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'sessionStorage':\n supported = storageUtil.browserHasSessionStorage();\n break;\n case 'localStorage':\n supported = storageUtil.browserHasLocalStorage();\n break;\n case 'cookie':\n case 'memory':\n supported = true;\n break;\n default:\n supported = false;\n break;\n }\n return supported;\n },\n\n getStorageByType: function(storageType: StorageType, options: StorageOptions): SimpleStorage {\n let storageProvider = null;\n switch (storageType) {\n case 'sessionStorage':\n storageProvider = storageUtil.getSessionStorage();\n break;\n case 'localStorage':\n storageProvider = storageUtil.getLocalStorage();\n break;\n case 'cookie':\n storageProvider = storageUtil.getCookieStorage(options);\n break;\n case 'memory':\n storageProvider = storageUtil.getInMemoryStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n },\n\n findStorageType: function(types: StorageType[]) {\n let curType;\n let nextType;\n \n types = types.slice(); // copy array\n curType = types.shift();\n nextType = types.length ? types[0] : null;\n if (!nextType) {\n return curType;\n }\n\n if (storageUtil.testStorageType(curType)) {\n return curType;\n }\n\n // preferred type was unsupported.\n warn(`This browser doesn't support ${curType}. Switching to ${nextType}.`);\n\n // fallback to the next type. this is a recursive call\n return storageUtil.findStorageType(types);\n },\n\n getLocalStorage: function() {\n return localStorage;\n },\n\n getSessionStorage: function() {\n return sessionStorage;\n },\n\n // Provides webStorage-like interface for cookies\n getCookieStorage: function(options): CookieStorage {\n const secure = options.secure;\n const sameSite = options.sameSite;\n const sessionCookie = options.sessionCookie;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('getCookieStorage: \"secure\" and \"sameSite\" options must be provided');\n }\n const storage: CookieStorage = {\n getItem: storageUtil.storage.get,\n setItem: function(key, value, expiresAt = '2200-01-01T00:00:00.000Z') {\n // By defauilt, cookie shouldn't expire\n expiresAt = sessionCookie ? null : expiresAt;\n storageUtil.storage.set(key, value, expiresAt, {\n secure: secure, \n sameSite: sameSite,\n });\n },\n removeItem: function(key) {\n storageUtil.storage.delete(key);\n }\n };\n\n if (!options.useMultipleCookies) {\n return storage;\n }\n\n // options.useMultipleCookies - because cookies have size limits.\n // Can only be used when storing an object value. Object properties will be saved to separate cookies.\n // Each property of the object must also be an object.\n return {\n getItem: function(key) {\n var data = storage.getItem(); // read all cookies\n var value = {};\n Object.keys(data).forEach(k => {\n if (k.indexOf(key) === 0) { // filter out unrelated cookies\n value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie dataa\n }\n });\n return JSON.stringify(value);\n },\n setItem: function(key, value) {\n var existingValues = JSON.parse(this.getItem(key));\n value = JSON.parse(value);\n // Set key-value pairs from input to cookies\n Object.keys(value).forEach(k => {\n var storageKey = key + '_' + k;\n var valueToStore = JSON.stringify(value[k]);\n storage.setItem(storageKey, valueToStore);\n delete existingValues[k];\n });\n // Delete unmatched keys from existing cookies\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n removeItem: function(key) {\n var existingValues = JSON.parse(this.getItem(key));\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n }\n };\n },\n\n // Provides an in-memory solution\n inMemoryStore: {},\n getInMemoryStorage: function() {\n return {\n getItem: (key) => {\n return this.inMemoryStore[key];\n },\n setItem: (key, value) => {\n this.inMemoryStore[key] = value;\n }\n };\n },\n\n testStorage: function(storage) {\n var key = 'okta-test-storage';\n try {\n storage.setItem(key, key);\n storage.removeItem(key);\n return true;\n } catch (e) {\n return false;\n }\n },\n\n storage: {\n set: function(name: string, value: string, expiresAt: string, options: CookieOptions): string {\n const { sameSite, secure } = options;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('storage.set: \"secure\" and \"sameSite\" options must be provided');\n }\n var cookieOptions: CookieOptions = {\n path: options.path || '/',\n secure,\n sameSite\n };\n\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Expires value can be converted to a Date object.\n //\n // If the 'expiresAt' value is not provided, or the value cannot be\n // parsed as a Date object, the cookie will set as a session cookie.\n cookieOptions.expires = new Date(expiresAt);\n }\n\n Cookies.set(name, value, cookieOptions);\n return storageUtil.storage.get(name);\n },\n\n get: function(name: string): string {\n return Cookies.get(name);\n },\n\n delete: function(name: string): string {\n return Cookies.remove(name, { path: '/' });\n }\n }\n};\n\nexport default storageUtil;\n"],"file":"browserStorage.js"}
1
+ {"version":3,"sources":["../../../lib/browser/browserStorage.ts"],"names":["Cookies","require","storageUtil","getHttpCache","getPKCEStorage","browserHasLocalStorage","storage","getLocalStorage","testStorage","e","browserHasSessionStorage","getSessionStorage","testStorageType","storageType","supported","getStorageByType","options","storageProvider","getCookieStorage","getInMemoryStorage","AuthSdkError","findStorageType","types","curType","nextType","slice","shift","length","localStorage","sessionStorage","secure","sameSite","sessionCookie","getItem","get","setItem","key","value","expiresAt","set","removeItem","delete","useSeparateCookies","data","Object","keys","forEach","k","indexOf","replace","JSON","parse","stringify","existingValues","storageKey","valueToStore","inMemoryStore","name","cookieOptions","path","Date","expires","remove"],"mappings":";;;;;;AAcA;;AAWA;;AAzBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAeA,MAAMA,OAAO,GAAGC,OAAO,CAAC,WAAD,CAAvB,C,CAEA;;;AACA,IAAIC,WAA+B,GAAG;AAEpC;AACAC,EAAAA,YAAY,GAAoB;AAC9B,WAAO,IAAP;AACD,GALmC;;AAOpCC,EAAAA,cAAc,GAAgB;AAC5B,WAAO,IAAP;AACD,GATmC;;AAWpC;AACA;AACAC,EAAAA,sBAAsB,EAAE,YAAW;AACjC,QAAI;AACF,UAAIC,OAAO,GAAGJ,WAAW,CAACK,eAAZ,EAAd;AACA,aAAOL,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GApBmC;AAsBpCC,EAAAA,wBAAwB,EAAE,YAAW;AACnC,QAAI;AACF,UAAIJ,OAAO,GAAGJ,WAAW,CAACS,iBAAZ,EAAd;AACA,aAAOT,WAAW,CAACM,WAAZ,CAAwBF,OAAxB,CAAP;AACD,KAHD,CAGE,OAAOG,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA7BmC;AA+BpCG,EAAAA,eAAe,EAAE,UAASC,WAAT,EAA4C;AAC3D,QAAIC,SAAS,GAAG,KAAhB;;AACA,YAAQD,WAAR;AACE,WAAK,gBAAL;AACEC,QAAAA,SAAS,GAAGZ,WAAW,CAACQ,wBAAZ,EAAZ;AACA;;AACF,WAAK,cAAL;AACEI,QAAAA,SAAS,GAAGZ,WAAW,CAACG,sBAAZ,EAAZ;AACA;;AACF,WAAK,QAAL;AACA,WAAK,QAAL;AACES,QAAAA,SAAS,GAAG,IAAZ;AACA;;AACF;AACEA,QAAAA,SAAS,GAAG,KAAZ;AACA;AAbJ;;AAeA,WAAOA,SAAP;AACD,GAjDmC;AAmDpCC,EAAAA,gBAAgB,EAAE,UAASF,WAAT,EAAmCG,OAAnC,EAA4E;AAC5F,QAAIC,eAAJ;;AACA,YAAQJ,WAAR;AACE,WAAK,gBAAL;AACEI,QAAAA,eAAe,GAAGf,WAAW,CAACS,iBAAZ,EAAlB;AACA;;AACF,WAAK,cAAL;AACEM,QAAAA,eAAe,GAAGf,WAAW,CAACK,eAAZ,EAAlB;AACA;;AACF,WAAK,QAAL;AACEU,QAAAA,eAAe,GAAGf,WAAW,CAACgB,gBAAZ,CAA6BF,OAA7B,CAAlB;AACA;;AACF,WAAK,QAAL;AACEC,QAAAA,eAAe,GAAGf,WAAW,CAACiB,kBAAZ,EAAlB;AACA;;AACF;AACE,cAAM,IAAIC,qBAAJ,CAAkB,gCAA+BP,WAAY,EAA7D,CAAN;AACA;AAfJ;;AAiBA,WAAOI,eAAP;AACD,GAvEmC;AAyEpCI,EAAAA,eAAe,EAAE,UAASC,KAAT,EAA+B;AAC9C,QAAIC,OAAJ;AACA,QAAIC,QAAJ;AAEAF,IAAAA,KAAK,GAAGA,KAAK,CAACG,KAAN,EAAR,CAJ8C,CAIvB;;AACvBF,IAAAA,OAAO,GAAGD,KAAK,CAACI,KAAN,EAAV;AACAF,IAAAA,QAAQ,GAAGF,KAAK,CAACK,MAAN,GAAeL,KAAK,CAAC,CAAD,CAApB,GAA0B,IAArC;;AACA,QAAI,CAACE,QAAL,EAAe;AACb,aAAOD,OAAP;AACD;;AAED,QAAIrB,WAAW,CAACU,eAAZ,CAA4BW,OAA5B,CAAJ,EAA0C;AACxC,aAAOA,OAAP;AACD,KAb6C,CAe9C;;;AACA,oBAAM,gCAA+BA,OAAQ,kBAAiBC,QAAS,GAAvE,EAhB8C,CAkB9C;;AACA,WAAOtB,WAAW,CAACmB,eAAZ,CAA4BC,KAA5B,CAAP;AACD,GA7FmC;AA+FpCf,EAAAA,eAAe,EAAE,YAAW;AAC1B,WAAOqB,YAAP;AACD,GAjGmC;AAmGpCjB,EAAAA,iBAAiB,EAAE,YAAW;AAC5B,WAAOkB,cAAP;AACD,GArGmC;AAuGpC;AACAX,EAAAA,gBAAgB,EAAE,UAASF,OAAT,EAAiC;AACjD,UAAMc,MAAM,GAAGd,OAAO,CAAEc,MAAxB;AACA,UAAMC,QAAQ,GAAGf,OAAO,CAAEe,QAA1B;AACA,UAAMC,aAAa,GAAGhB,OAAO,CAAEgB,aAA/B;;AACA,QAAI,OAAOF,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,YAAM,IAAIX,qBAAJ,CAAiB,oEAAjB,CAAN;AACD;;AACD,UAAMd,OAAsB,GAAG;AAC7B2B,MAAAA,OAAO,EAAE/B,WAAW,CAACI,OAAZ,CAAoB4B,GADA;AAE7BC,MAAAA,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqBC,SAAS,GAAG,0BAAjC,EAA6D;AACpE;AACAA,QAAAA,SAAS,GAAIN,aAAa,GAAG,IAAH,GAAUM,SAApC;AACApC,QAAAA,WAAW,CAACI,OAAZ,CAAoBiC,GAApB,CAAwBH,GAAxB,EAA6BC,KAA7B,EAAoCC,SAApC,EAA+C;AAC7CR,UAAAA,MAAM,EAAEA,MADqC;AAE7CC,UAAAA,QAAQ,EAAEA;AAFmC,SAA/C;AAID,OAT4B;AAU7BS,MAAAA,UAAU,EAAE,UAASJ,GAAT,EAAc;AACxBlC,QAAAA,WAAW,CAACI,OAAZ,CAAoBmC,MAApB,CAA2BL,GAA3B;AACD;AAZ4B,KAA/B;;AAeA,QAAI,CAACpB,OAAO,CAAE0B,kBAAd,EAAkC;AAChC,aAAOpC,OAAP;AACD,KAxBgD,CA0BjD;AACA;AACA;;;AACA,WAAO;AACL2B,MAAAA,OAAO,EAAE,UAASG,GAAT,EAAc;AACrB,YAAIO,IAAI,GAAGrC,OAAO,CAAC2B,OAAR,EAAX,CADqB,CACS;;AAC9B,YAAII,KAAK,GAAG,EAAZ;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYF,IAAZ,EAAkBG,OAAlB,CAA0BC,CAAC,IAAI;AAC7B,cAAIA,CAAC,CAACC,OAAF,CAAUZ,GAAV,MAAoB,CAAxB,EAA2B;AAAE;AAC3BC,YAAAA,KAAK,CAACU,CAAC,CAACE,OAAF,CAAW,GAAEb,GAAI,GAAjB,EAAqB,EAArB,CAAD,CAAL,GAAkCc,IAAI,CAACC,KAAL,CAAWR,IAAI,CAACI,CAAD,CAAf,CAAlC,CADyB,CAC8B;AACxD;AACF,SAJD;AAKA,eAAOG,IAAI,CAACE,SAAL,CAAef,KAAf,CAAP;AACD,OAVI;AAWLF,MAAAA,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqB;AAC5B,YAAIgB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAC,QAAAA,KAAK,GAAGa,IAAI,CAACC,KAAL,CAAWd,KAAX,CAAR,CAF4B,CAG5B;;AACAO,QAAAA,MAAM,CAACC,IAAP,CAAYR,KAAZ,EAAmBS,OAAnB,CAA2BC,CAAC,IAAI;AAC9B,cAAIO,UAAU,GAAGlB,GAAG,GAAG,GAAN,GAAYW,CAA7B;AACA,cAAIQ,YAAY,GAAGL,IAAI,CAACE,SAAL,CAAef,KAAK,CAACU,CAAD,CAApB,CAAnB;AACAzC,UAAAA,OAAO,CAAC6B,OAAR,CAAgBmB,UAAhB,EAA4BC,YAA5B;AACA,iBAAOF,cAAc,CAACN,CAAD,CAArB;AACD,SALD,EAJ4B,CAU5B;;AACAH,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCzC,UAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD,OAzBI;AA0BLP,MAAAA,UAAU,EAAE,UAASJ,GAAT,EAAc;AACxB,YAAIiB,cAAc,GAAGH,IAAI,CAACC,KAAL,CAAW,KAAKlB,OAAL,CAAaG,GAAb,CAAX,CAArB;AACAQ,QAAAA,MAAM,CAACC,IAAP,CAAYQ,cAAZ,EAA4BP,OAA5B,CAAoCC,CAAC,IAAI;AACvCzC,UAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYW,CAA/B;AACD,SAFD;AAGD;AA/BI,KAAP;AAiCD,GAtKmC;AAwKpC;AACAS,EAAAA,aAAa,EAAE,EAzKqB;AA0KpCrC,EAAAA,kBAAkB,EAAE,YAAW;AAC7B,WAAO;AACLc,MAAAA,OAAO,EAAGG,GAAD,IAAS;AAChB,eAAO,KAAKoB,aAAL,CAAmBpB,GAAnB,CAAP;AACD,OAHI;AAILD,MAAAA,OAAO,EAAE,CAACC,GAAD,EAAMC,KAAN,KAAgB;AACvB,aAAKmB,aAAL,CAAmBpB,GAAnB,IAA0BC,KAA1B;AACD;AANI,KAAP;AAQD,GAnLmC;AAqLpC7B,EAAAA,WAAW,EAAE,UAASF,OAAT,EAAkB;AAC7B,QAAI8B,GAAG,GAAG,mBAAV;;AACA,QAAI;AACF9B,MAAAA,OAAO,CAAC6B,OAAR,CAAgBC,GAAhB,EAAqBA,GAArB;AACA9B,MAAAA,OAAO,CAACkC,UAAR,CAAmBJ,GAAnB;AACA,aAAO,IAAP;AACD,KAJD,CAIE,OAAO3B,CAAP,EAAU;AACV,aAAO,KAAP;AACD;AACF,GA9LmC;AAgMpCH,EAAAA,OAAO,EAAE;AACPiC,IAAAA,GAAG,EAAE,UAASkB,IAAT,EAAuBpB,KAAvB,EAAsCC,SAAtC,EAAyDtB,OAAzD,EAAyF;AAC5F,YAAM;AAAEe,QAAAA,QAAF;AAAYD,QAAAA;AAAZ,UAAuBd,OAA7B;;AACA,UAAI,OAAOc,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;AACpE,cAAM,IAAIX,qBAAJ,CAAiB,+DAAjB,CAAN;AACD;;AACD,UAAIsC,aAA4B,GAAG;AACjCC,QAAAA,IAAI,EAAE3C,OAAO,CAAC2C,IAAR,IAAgB,GADW;AAEjC7B,QAAAA,MAFiC;AAGjCC,QAAAA;AAHiC,OAAnC,CAL4F,CAW5F;;AACA,UAAI,CAAC,CAAE6B,IAAI,CAACT,KAAL,CAAWb,SAAX,CAAP,EAA+B;AAC7B;AACA;AACA;AACA;AACAoB,QAAAA,aAAa,CAACG,OAAd,GAAwB,IAAID,IAAJ,CAAStB,SAAT,CAAxB;AACD;;AAEDtC,MAAAA,OAAO,CAACuC,GAAR,CAAYkB,IAAZ,EAAkBpB,KAAlB,EAAyBqB,aAAzB;AACA,aAAOxD,WAAW,CAACI,OAAZ,CAAoB4B,GAApB,CAAwBuB,IAAxB,CAAP;AACD,KAvBM;AAyBPvB,IAAAA,GAAG,EAAE,UAASuB,IAAT,EAA+B;AAClC,aAAOzD,OAAO,CAACkC,GAAR,CAAYuB,IAAZ,CAAP;AACD,KA3BM;AA6BPhB,IAAAA,MAAM,EAAE,UAASgB,IAAT,EAA+B;AACrC,aAAOzD,OAAO,CAAC8D,MAAR,CAAeL,IAAf,EAAqB;AAAEE,QAAAA,IAAI,EAAE;AAAR,OAArB,CAAP;AACD;AA/BM;AAhM2B,CAAtC;eAmOezD,W","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n SimpleStorage,\n StorageType,\n BrowserStorageUtil,\n CookieStorage\n} from '../types';\nimport { warn } from '../util';\n\nconst Cookies = require('js-cookie');\n\n// Building this as an object allows us to mock the functions in our tests\nvar storageUtil: BrowserStorageUtil = {\n\n // These are shimmed in `OktaAuthBase.ts`\n getHttpCache(): StorageProvider {\n return null as never as StorageProvider;\n },\n\n getPKCEStorage(): PKCEStorage {\n return null as never as PKCEStorage;\n },\n\n // IE11 bug that Microsoft doesn't plan to fix\n // https://connect.microsoft.com/IE/Feedback/Details/1496040\n browserHasLocalStorage: function() {\n try {\n var storage = storageUtil.getLocalStorage();\n return storageUtil.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n browserHasSessionStorage: function() {\n try {\n var storage = storageUtil.getSessionStorage();\n return storageUtil.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n testStorageType: function(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'sessionStorage':\n supported = storageUtil.browserHasSessionStorage();\n break;\n case 'localStorage':\n supported = storageUtil.browserHasLocalStorage();\n break;\n case 'cookie':\n case 'memory':\n supported = true;\n break;\n default:\n supported = false;\n break;\n }\n return supported;\n },\n\n getStorageByType: function(storageType: StorageType, options?: StorageOptions): SimpleStorage {\n let storageProvider;\n switch (storageType) {\n case 'sessionStorage':\n storageProvider = storageUtil.getSessionStorage();\n break;\n case 'localStorage':\n storageProvider = storageUtil.getLocalStorage();\n break;\n case 'cookie':\n storageProvider = storageUtil.getCookieStorage(options);\n break;\n case 'memory':\n storageProvider = storageUtil.getInMemoryStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n },\n\n findStorageType: function(types: StorageType[]) {\n let curType;\n let nextType;\n \n types = types.slice(); // copy array\n curType = types.shift();\n nextType = types.length ? types[0] : null;\n if (!nextType) {\n return curType;\n }\n\n if (storageUtil.testStorageType(curType)) {\n return curType;\n }\n\n // preferred type was unsupported.\n warn(`This browser doesn't support ${curType}. Switching to ${nextType}.`);\n\n // fallback to the next type. this is a recursive call\n return storageUtil.findStorageType(types);\n },\n\n getLocalStorage: function() {\n return localStorage;\n },\n\n getSessionStorage: function() {\n return sessionStorage;\n },\n\n // Provides webStorage-like interface for cookies\n getCookieStorage: function(options): CookieStorage {\n const secure = options!.secure;\n const sameSite = options!.sameSite;\n const sessionCookie = options!.sessionCookie;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('getCookieStorage: \"secure\" and \"sameSite\" options must be provided');\n }\n const storage: CookieStorage = {\n getItem: storageUtil.storage.get,\n setItem: function(key, value, expiresAt = '2200-01-01T00:00:00.000Z') {\n // By defauilt, cookie shouldn't expire\n expiresAt = (sessionCookie ? null : expiresAt) as string;\n storageUtil.storage.set(key, value, expiresAt, {\n secure: secure, \n sameSite: sameSite,\n });\n },\n removeItem: function(key) {\n storageUtil.storage.delete(key);\n }\n };\n\n if (!options!.useSeparateCookies) {\n return storage;\n }\n\n // Tokens are stored separately because cookies have size limits.\n // Can only be used when storing an object value. Object properties will be saved to separate cookies.\n // Each property of the object must also be an object.\n return {\n getItem: function(key) {\n var data = storage.getItem(); // read all cookies\n var value = {};\n Object.keys(data).forEach(k => {\n if (k.indexOf(key!) === 0) { // filter out unrelated cookies\n value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie data\n }\n });\n return JSON.stringify(value);\n },\n setItem: function(key, value) {\n var existingValues = JSON.parse(this.getItem(key));\n value = JSON.parse(value);\n // Set key-value pairs from input to cookies\n Object.keys(value).forEach(k => {\n var storageKey = key + '_' + k;\n var valueToStore = JSON.stringify(value[k]);\n storage.setItem(storageKey, valueToStore);\n delete existingValues[k];\n });\n // Delete unmatched keys from existing cookies\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n removeItem: function(key) {\n var existingValues = JSON.parse(this.getItem(key));\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n }\n };\n },\n\n // Provides an in-memory solution\n inMemoryStore: {},\n getInMemoryStorage: function() {\n return {\n getItem: (key) => {\n return this.inMemoryStore[key];\n },\n setItem: (key, value) => {\n this.inMemoryStore[key] = value;\n }\n };\n },\n\n testStorage: function(storage) {\n var key = 'okta-test-storage';\n try {\n storage.setItem(key, key);\n storage.removeItem(key);\n return true;\n } catch (e) {\n return false;\n }\n },\n\n storage: {\n set: function(name: string, value: string, expiresAt: string, options: CookieOptions): string {\n const { sameSite, secure } = options;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('storage.set: \"secure\" and \"sameSite\" options must be provided');\n }\n var cookieOptions: CookieOptions = {\n path: options.path || '/',\n secure,\n sameSite\n };\n\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Expires value can be converted to a Date object.\n //\n // If the 'expiresAt' value is not provided, or the value cannot be\n // parsed as a Date object, the cookie will set as a session cookie.\n cookieOptions.expires = new Date(expiresAt);\n }\n\n Cookies.set(name, value, cookieOptions);\n return storageUtil.storage.get(name);\n },\n\n get: function(name: string): string {\n return Cookies.get(name);\n },\n\n delete: function(name: string): string {\n return Cookies.remove(name, { path: '/' });\n }\n }\n};\n\nexport default storageUtil;\n"],"file":"browserStorage.js"}
package/cjs/browser/fingerprint.js CHANGED
@@ -30,6 +30,8 @@ function fingerprint(sdk, options) {
30
30
  var iframe;
31
31
  var listener;
32
32
  var promise = new Promise(function (resolve, reject) {
33
+ var _options;
34
+
33
35
  iframe = document.createElement('iframe');
34
36
  iframe.style.display = 'none'; // eslint-disable-next-line complexity
35
37
 
@@ -67,7 +69,7 @@ function fingerprint(sdk, options) {
67
69
  document.body.appendChild(iframe);
68
70
  timeout = setTimeout(function () {
69
71
  reject(new _errors.AuthSdkError('Fingerprinting timed out'));
70
- }, options.timeout || 15000);
72
+ }, ((_options = options) === null || _options === void 0 ? void 0 : _options.timeout) || 15000);
71
73
  });
72
74
  return promise.finally(function () {
73
75
  clearTimeout(timeout);
package/cjs/browser/fingerprint.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/browser/fingerprint.ts"],"names":["fingerprint","sdk","options","Promise","reject","AuthSdkError","timeout","iframe","listener","promise","resolve","document","createElement","style","display","e","data","origin","getIssuerOrigin","msg","JSON","parse","err","type","source","postMessage","stringify","window","src","body","appendChild","setTimeout","finally","clearTimeout","contains","parentElement","removeChild"],"mappings":";;;;AAcA;;AACA;;AACA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYe,SAASA,WAAT,CAAqBC,GAArB,EAAoCC,OAApC,EAAiE;AAC9EA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;;AAEA,MAAI,CAAC,uCAAL,EAA+B;AAC7B,WAAOC,OAAO,CAACC,MAAR,CAAe,IAAIC,oBAAJ,CAAiB,gDAAjB,CAAf,CAAP;AACD;;AAED,MAAIC,OAAJ;AACA,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,OAAO,GAAG,IAAIN,OAAJ,CAAY,UAAUO,OAAV,EAAmBN,MAAnB,EAA2B;AACnDG,IAAAA,MAAM,GAAGI,QAAQ,CAACC,aAAT,CAAuB,QAAvB,CAAT;AACAL,IAAAA,MAAM,CAACM,KAAP,CAAaC,OAAb,GAAuB,MAAvB,CAFmD,CAInD;;AACAN,IAAAA,QAAQ,GAAG,SAASA,QAAT,CAAkBO,CAAlB,EAAqB;AAC9B,UAAI,CAACA,CAAD,IAAM,CAACA,CAAC,CAACC,IAAT,IAAiBD,CAAC,CAACE,MAAF,KAAahB,GAAG,CAACiB,eAAJ,EAAlC,EAAyD;AACvD;AACD;;AAED,UAAI;AACF,YAAIC,GAAG,GAAGC,IAAI,CAACC,KAAL,CAAWN,CAAC,CAACC,IAAb,CAAV;AACD,OAFD,CAEE,OAAOM,GAAP,EAAY;AACZ;AACA;AACA;AACA;AACD;;AAED,UAAI,CAACH,GAAL,EAAU;AAAE;AAAS;;AACrB,UAAIA,GAAG,CAACI,IAAJ,KAAa,sBAAjB,EAAyC;AACvC,eAAOb,OAAO,CAACS,GAAG,CAACnB,WAAL,CAAd;AACD;;AACD,UAAImB,GAAG,CAACI,IAAJ,KAAa,yBAAjB,EAA4C;AAC1CR,QAAAA,CAAC,CAACS,MAAF,CAASC,WAAT,CAAqBL,IAAI,CAACM,SAAL,CAAe;AAClCH,UAAAA,IAAI,EAAE;AAD4B,SAAf,CAArB,EAEIR,CAAC,CAACE,MAFN;AAGD;AACF,KAvBD;;AAwBA,2BAAYU,MAAZ,EAAoB,SAApB,EAA+BnB,QAA/B;AAEAD,IAAAA,MAAM,CAACqB,GAAP,GAAa3B,GAAG,CAACiB,eAAJ,KAAwB,kCAArC;AACAP,IAAAA,QAAQ,CAACkB,IAAT,CAAcC,WAAd,CAA0BvB,MAA1B;AAEAD,IAAAA,OAAO,GAAGyB,UAAU,CAAC,YAAW;AAC9B3B,MAAAA,MAAM,CAAC,IAAIC,oBAAJ,CAAiB,0BAAjB,CAAD,CAAN;AACD,KAFmB,EAEjBH,OAAO,CAACI,OAAR,IAAmB,KAFF,CAApB;AAGD,GArCa,CAAd;AAuCA,SAAOG,OAAO,CAACuB,OAAR,CAAgB,YAAW;AAChCC,IAAAA,YAAY,CAAC3B,OAAD,CAAZ;AACA,8BAAeqB,MAAf,EAAuB,SAAvB,EAAkCnB,QAAlC;;AACA,QAAIG,QAAQ,CAACkB,IAAT,CAAcK,QAAd,CAAuB3B,MAAvB,CAAJ,EAAoC;AAClCA,MAAAA,MAAM,CAAC4B,aAAP,CAAqBC,WAArB,CAAiC7B,MAAjC;AACD;AACF,GANM,CAAP;AAOD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { OktaAuth } from '../types';\nimport { AuthSdkError } from '../errors';\nimport { isFingerprintSupported } from '../features';\nimport {\n addListener,\n removeListener\n} from '../oidc';\nimport { FingerprintOptions } from '../types';\n\nexport default function fingerprint(sdk: OktaAuth, options: FingerprintOptions) {\n options = options || {};\n\n if (!isFingerprintSupported()) {\n return Promise.reject(new AuthSdkError('Fingerprinting is not supported on this device'));\n }\n\n var timeout;\n var iframe;\n var listener;\n var promise = new Promise(function (resolve, reject) {\n iframe = document.createElement('iframe');\n iframe.style.display = 'none';\n\n // eslint-disable-next-line complexity\n listener = function listener(e) {\n if (!e || !e.data || e.origin !== sdk.getIssuerOrigin()) {\n return;\n }\n\n try {\n var msg = JSON.parse(e.data);\n } catch (err) {\n // iframe messages should all be parsable\n // skip not parsable messages come from other sources in same origin (browser extensions)\n // TODO: add namespace flag in okta-core to distinguish messages that come from other sources\n return;\n }\n\n if (!msg) { return; }\n if (msg.type === 'FingerprintAvailable') {\n return resolve(msg.fingerprint);\n }\n if (msg.type === 'FingerprintServiceReady') {\n e.source.postMessage(JSON.stringify({\n type: 'GetFingerprint'\n }), e.origin);\n }\n };\n addListener(window, 'message', listener);\n\n iframe.src = sdk.getIssuerOrigin() + '/auth/services/devicefingerprint';\n document.body.appendChild(iframe);\n\n timeout = setTimeout(function() {\n reject(new AuthSdkError('Fingerprinting timed out'));\n }, options.timeout || 15000);\n });\n\n return promise.finally(function() {\n clearTimeout(timeout);\n removeListener(window, 'message', listener);\n if (document.body.contains(iframe)) {\n iframe.parentElement.removeChild(iframe);\n }\n });\n}\n"],"file":"fingerprint.js"}
1
+ {"version":3,"sources":["../../../lib/browser/fingerprint.ts"],"names":["fingerprint","sdk","options","Promise","reject","AuthSdkError","timeout","iframe","listener","promise","resolve","document","createElement","style","display","e","data","origin","getIssuerOrigin","msg","JSON","parse","err","type","source","postMessage","stringify","window","src","body","appendChild","setTimeout","finally","clearTimeout","contains","parentElement","removeChild"],"mappings":";;;;AAcA;;AACA;;AACA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYe,SAASA,WAAT,CAAqBC,GAArB,EAAoCC,OAApC,EAAmF;AAChGA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;;AAEA,MAAI,CAAC,uCAAL,EAA+B;AAC7B,WAAOC,OAAO,CAACC,MAAR,CAAe,IAAIC,oBAAJ,CAAiB,gDAAjB,CAAf,CAAP;AACD;;AAED,MAAIC,OAAJ;AACA,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,OAAO,GAAG,IAAIN,OAAJ,CAAY,UAAUO,OAAV,EAAmBN,MAAnB,EAA2B;AAAA;;AACnDG,IAAAA,MAAM,GAAGI,QAAQ,CAACC,aAAT,CAAuB,QAAvB,CAAT;AACAL,IAAAA,MAAM,CAACM,KAAP,CAAaC,OAAb,GAAuB,MAAvB,CAFmD,CAInD;;AACAN,IAAAA,QAAQ,GAAG,SAASA,QAAT,CAAkBO,CAAlB,EAAqB;AAC9B,UAAI,CAACA,CAAD,IAAM,CAACA,CAAC,CAACC,IAAT,IAAiBD,CAAC,CAACE,MAAF,KAAahB,GAAG,CAACiB,eAAJ,EAAlC,EAAyD;AACvD;AACD;;AAED,UAAI;AACF,YAAIC,GAAG,GAAGC,IAAI,CAACC,KAAL,CAAWN,CAAC,CAACC,IAAb,CAAV;AACD,OAFD,CAEE,OAAOM,GAAP,EAAY;AACZ;AACA;AACA;AACA;AACD;;AAED,UAAI,CAACH,GAAL,EAAU;AAAE;AAAS;;AACrB,UAAIA,GAAG,CAACI,IAAJ,KAAa,sBAAjB,EAAyC;AACvC,eAAOb,OAAO,CAACS,GAAG,CAACnB,WAAL,CAAd;AACD;;AACD,UAAImB,GAAG,CAACI,IAAJ,KAAa,yBAAjB,EAA4C;AAC1CR,QAAAA,CAAC,CAACS,MAAF,CAASC,WAAT,CAAqBL,IAAI,CAACM,SAAL,CAAe;AAClCH,UAAAA,IAAI,EAAE;AAD4B,SAAf,CAArB,EAEIR,CAAC,CAACE,MAFN;AAGD;AACF,KAvBD;;AAwBA,2BAAYU,MAAZ,EAAoB,SAApB,EAA+BnB,QAA/B;AAEAD,IAAAA,MAAM,CAACqB,GAAP,GAAa3B,GAAG,CAACiB,eAAJ,KAAwB,kCAArC;AACAP,IAAAA,QAAQ,CAACkB,IAAT,CAAcC,WAAd,CAA0BvB,MAA1B;AAEAD,IAAAA,OAAO,GAAGyB,UAAU,CAAC,YAAW;AAC9B3B,MAAAA,MAAM,CAAC,IAAIC,oBAAJ,CAAiB,0BAAjB,CAAD,CAAN;AACD,KAFmB,EAEjB,aAAAH,OAAO,UAAP,4CAASI,OAAT,KAAoB,KAFH,CAApB;AAGD,GArCa,CAAd;AAuCA,SAAOG,OAAO,CAACuB,OAAR,CAAgB,YAAW;AAChCC,IAAAA,YAAY,CAAC3B,OAAD,CAAZ;AACA,8BAAeqB,MAAf,EAAuB,SAAvB,EAAkCnB,QAAlC;;AACA,QAAIG,QAAQ,CAACkB,IAAT,CAAcK,QAAd,CAAuB3B,MAAvB,CAAJ,EAAoC;AAClCA,MAAAA,MAAM,CAAC4B,aAAP,CAAqBC,WAArB,CAAiC7B,MAAjC;AACD;AACF,GANM,CAAP;AAOD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { OktaAuth } from '../types';\nimport { AuthSdkError } from '../errors';\nimport { isFingerprintSupported } from '../features';\nimport {\n addListener,\n removeListener\n} from '../oidc';\nimport { FingerprintOptions } from '../types';\n\nexport default function fingerprint(sdk: OktaAuth, options?: FingerprintOptions): Promise<string> {\n options = options || {};\n\n if (!isFingerprintSupported()) {\n return Promise.reject(new AuthSdkError('Fingerprinting is not supported on this device'));\n }\n\n var timeout;\n var iframe;\n var listener;\n var promise = new Promise(function (resolve, reject) {\n iframe = document.createElement('iframe');\n iframe.style.display = 'none';\n\n // eslint-disable-next-line complexity\n listener = function listener(e) {\n if (!e || !e.data || e.origin !== sdk.getIssuerOrigin()) {\n return;\n }\n\n try {\n var msg = JSON.parse(e.data);\n } catch (err) {\n // iframe messages should all be parsable\n // skip not parsable messages come from other sources in same origin (browser extensions)\n // TODO: add namespace flag in okta-core to distinguish messages that come from other sources\n return;\n }\n\n if (!msg) { return; }\n if (msg.type === 'FingerprintAvailable') {\n return resolve(msg.fingerprint as string);\n }\n if (msg.type === 'FingerprintServiceReady') {\n e.source.postMessage(JSON.stringify({\n type: 'GetFingerprint'\n }), e.origin);\n }\n };\n addListener(window, 'message', listener);\n\n iframe.src = sdk.getIssuerOrigin() + '/auth/services/devicefingerprint';\n document.body.appendChild(iframe);\n\n timeout = setTimeout(function() {\n reject(new AuthSdkError('Fingerprinting timed out'));\n }, options?.timeout || 15000);\n });\n\n return promise.finally(function() {\n clearTimeout(timeout);\n removeListener(window, 'message', listener);\n if (document.body.contains(iframe)) {\n iframe.parentElement.removeChild(iframe);\n }\n }) as Promise<string>;\n}\n"],"file":"fingerprint.js"}
package/cjs/builderUtil.js CHANGED
@@ -3,7 +3,6 @@
3
3
  var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
4
4
 
5
5
  exports.assertValidConfig = assertValidConfig;
6
- exports.getUserAgent = getUserAgent;
7
6
 
8
7
  var _AuthSdkError = _interopRequireDefault(require("./errors/AuthSdkError"));
9
8
 
@@ -26,7 +25,8 @@ function assertValidConfig(args) {
26
25
 
27
26
  if (scopes && !Array.isArray(scopes)) {
28
27
  throw new _AuthSdkError.default('scopes must be a array of strings. ' + 'Required usage: new OktaAuth({scopes: ["openid", "email"]})');
29
- }
28
+ } // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
29
+
30
30
 
31
31
  var issuer = args.issuer;
32
32
 
@@ -36,7 +36,7 @@ function assertValidConfig(args) {
36
36
 
37
37
  var isUrlRegex = new RegExp('^http?s?://.+');
38
38
 
39
- if (!isUrlRegex.test(args.issuer)) {
39
+ if (!isUrlRegex.test(issuer)) {
40
40
  throw new _AuthSdkError.default('Issuer must be a valid URL. ' + 'Required usage: new OktaAuth({issuer: "https://{yourOktaDomain}.com/oauth2/{authServerId}"})');
41
41
  }
42
42
 
@@ -44,18 +44,4 @@ function assertValidConfig(args) {
44
44
  throw new _AuthSdkError.default('Issuer URL passed to constructor contains "-admin" in subdomain. ' + 'Required usage: new OktaAuth({issuer: "https://{yourOktaDomain}.com})');
45
45
  }
46
46
  }
47
-
48
- function getUserAgent(args, sdkValue) {
49
- var userAgent = args.userAgent || {};
50
-
51
- if (userAgent.value) {
52
- return userAgent.value;
53
- }
54
-
55
- if (userAgent.template) {
56
- return userAgent.template.replace('$OKTA_AUTH_JS', sdkValue);
57
- }
58
-
59
- return sdkValue;
60
- }
61
47
  //# sourceMappingURL=builderUtil.js.map
package/cjs/builderUtil.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/builderUtil.ts"],"names":["assertValidConfig","args","scopes","Array","isArray","AuthSdkError","issuer","isUrlRegex","RegExp","test","indexOf","getUserAgent","sdkValue","userAgent","value","template","replace"],"mappings":";;;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA;AACA,SAASA,iBAAT,CAA2BC,IAA3B,EAAkD;AAChDA,EAAAA,IAAI,GAAGA,IAAI,IAAI,EAAf;AAEA,MAAIC,MAAM,GAAGD,IAAI,CAACC,MAAlB;;AACA,MAAIA,MAAM,IAAI,CAACC,KAAK,CAACC,OAAN,CAAcF,MAAd,CAAf,EAAsC;AACpC,UAAM,IAAIG,qBAAJ,CAAiB,wCACrB,6DADI,CAAN;AAED;;AAED,MAAIC,MAAM,GAAGL,IAAI,CAACK,MAAlB;;AACA,MAAI,CAACA,MAAL,EAAa;AACX,UAAM,IAAID,qBAAJ,CAAiB,sCACrB,8FADI,CAAN;AAED;;AAED,MAAIE,UAAU,GAAG,IAAIC,MAAJ,CAAW,eAAX,CAAjB;;AACA,MAAI,CAACD,UAAU,CAACE,IAAX,CAAgBR,IAAI,CAACK,MAArB,CAAL,EAAmC;AACjC,UAAM,IAAID,qBAAJ,CAAiB,iCACrB,8FADI,CAAN;AAED;;AAED,MAAIC,MAAM,CAACI,OAAP,CAAe,SAAf,MAA8B,CAAC,CAAnC,EAAsC;AACpC,UAAM,IAAIL,qBAAJ,CAAiB,sEACrB,uEADI,CAAN;AAED;AACF;;AAED,SAASM,YAAT,CAAsBV,IAAtB,EAA6CW,QAA7C,EAAuE;AACrE,MAAIC,SAAS,GAAGZ,IAAI,CAACY,SAAL,IAAkB,EAAlC;;AAEA,MAAIA,SAAS,CAACC,KAAd,EAAqB;AACnB,WAAOD,SAAS,CAACC,KAAjB;AACD;;AAED,MAAID,SAAS,CAACE,QAAd,EAAwB;AACtB,WAAOF,SAAS,CAACE,QAAV,CAAmBC,OAAnB,CAA2B,eAA3B,EAA4CJ,QAA5C,CAAP;AACD;;AAED,SAAOA,QAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { OktaAuthOptions } from './types';\n\n// TODO: use @okta/configuration-validation (move module to this monorepo?)\n// eslint-disable-next-line complexity\nfunction assertValidConfig(args: OktaAuthOptions) {\n args = args || {};\n\n var scopes = args.scopes;\n if (scopes && !Array.isArray(scopes)) {\n throw new AuthSdkError('scopes must be a array of strings. ' +\n 'Required usage: new OktaAuth({scopes: [\"openid\", \"email\"]})');\n }\n\n var issuer = args.issuer;\n if (!issuer) {\n throw new AuthSdkError('No issuer passed to constructor. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n var isUrlRegex = new RegExp('^http?s?://.+');\n if (!isUrlRegex.test(args.issuer)) {\n throw new AuthSdkError('Issuer must be a valid URL. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n if (issuer.indexOf('-admin.') !== -1) {\n throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n }\n}\n\nfunction getUserAgent(args: OktaAuthOptions, sdkValue: string): string {\n var userAgent = args.userAgent || {};\n\n if (userAgent.value) {\n return userAgent.value;\n }\n\n if (userAgent.template) {\n return userAgent.template.replace('$OKTA_AUTH_JS', sdkValue);\n }\n\n return sdkValue;\n}\n\nexport {\n assertValidConfig,\n getUserAgent\n};\n"],"file":"builderUtil.js"}
1
+ {"version":3,"sources":["../../lib/builderUtil.ts"],"names":["assertValidConfig","args","scopes","Array","isArray","AuthSdkError","issuer","isUrlRegex","RegExp","test","indexOf"],"mappings":";;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA;AACA,SAASA,iBAAT,CAA2BC,IAA3B,EAAkD;AAChDA,EAAAA,IAAI,GAAGA,IAAI,IAAI,EAAf;AAEA,MAAIC,MAAM,GAAGD,IAAI,CAACC,MAAlB;;AACA,MAAIA,MAAM,IAAI,CAACC,KAAK,CAACC,OAAN,CAAcF,MAAd,CAAf,EAAsC;AACpC,UAAM,IAAIG,qBAAJ,CAAiB,wCACrB,6DADI,CAAN;AAED,GAP+C,CAShD;;;AACA,MAAIC,MAAM,GAAGL,IAAI,CAACK,MAAlB;;AACA,MAAI,CAACA,MAAL,EAAa;AACX,UAAM,IAAID,qBAAJ,CAAiB,sCACrB,8FADI,CAAN;AAED;;AAED,MAAIE,UAAU,GAAG,IAAIC,MAAJ,CAAW,eAAX,CAAjB;;AACA,MAAI,CAACD,UAAU,CAACE,IAAX,CAAgBH,MAAhB,CAAL,EAA8B;AAC5B,UAAM,IAAID,qBAAJ,CAAiB,iCACrB,8FADI,CAAN;AAED;;AAED,MAAIC,MAAM,CAACI,OAAP,CAAe,SAAf,MAA8B,CAAC,CAAnC,EAAsC;AACpC,UAAM,IAAIL,qBAAJ,CAAiB,sEACrB,uEADI,CAAN;AAED;AACF","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { OktaAuthOptions } from './types';\n\n// TODO: use @okta/configuration-validation (move module to this monorepo?)\n// eslint-disable-next-line complexity\nfunction assertValidConfig(args: OktaAuthOptions) {\n args = args || {};\n\n var scopes = args.scopes;\n if (scopes && !Array.isArray(scopes)) {\n throw new AuthSdkError('scopes must be a array of strings. ' +\n 'Required usage: new OktaAuth({scopes: [\"openid\", \"email\"]})');\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n var issuer = args.issuer!;\n if (!issuer) {\n throw new AuthSdkError('No issuer passed to constructor. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n var isUrlRegex = new RegExp('^http?s?://.+');\n if (!isUrlRegex.test(issuer)) {\n throw new AuthSdkError('Issuer must be a valid URL. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n if (issuer.indexOf('-admin.') !== -1) {\n throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n }\n}\n\nexport {\n assertValidConfig\n};\n"],"file":"builderUtil.js"}
package/cjs/crypto/oidcHash.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/crypto/oidcHash.ts"],"names":["getOidcHash","str","buffer","TextEncoder","encode","webcrypto","subtle","digest","then","arrayBuffer","intBuffer","Uint8Array","firstHalf","slice","hash","String","fromCharCode","apply","b64u"],"mappings":";;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAIO,SAASA,WAAT,CAAqBC,GAArB,EAA0B;AAC/B,MAAIC,MAAM,GAAG,IAAIC,WAAJ,GAAkBC,MAAlB,CAAyBH,GAAzB,CAAb;AACA,SAAOI,qBAAUC,MAAV,CAAiBC,MAAjB,CAAwB,SAAxB,EAAmCL,MAAnC,EAA2CM,IAA3C,CAAgD,UAASC,WAAT,EAAsB;AAC3E,QAAIC,SAAS,GAAG,IAAIC,UAAJ,CAAeF,WAAf,CAAhB;AACA,QAAIG,SAAS,GAAGF,SAAS,CAACG,KAAV,CAAgB,CAAhB,EAAmB,EAAnB,CAAhB;AACA,QAAIC,IAAI,GAAGC,MAAM,CAACC,YAAP,CAAoBC,KAApB,CAA0B,IAA1B,EAAgCL,SAAhC,CAAX;AACA,QAAIM,IAAI,GAAG,6BAAkBJ,IAAlB,CAAX,CAJ2E,CAIvC;;AACpC,WAAOI,IAAP;AACD,GANM,CAAP;AAOD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* global TextEncoder */\nimport { stringToBase64Url } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function getOidcHash(str) { \n var buffer = new TextEncoder().encode(str);\n return webcrypto.subtle.digest('SHA-256', buffer).then(function(arrayBuffer) {\n var intBuffer = new Uint8Array(arrayBuffer);\n var firstHalf = intBuffer.slice(0, 16);\n var hash = String.fromCharCode.apply(null, firstHalf);\n var b64u = stringToBase64Url(hash); // url-safe base64 variant\n return b64u;\n });\n}\n"],"file":"oidcHash.js"}
1
+ {"version":3,"sources":["../../../lib/crypto/oidcHash.ts"],"names":["getOidcHash","str","buffer","TextEncoder","encode","webcrypto","subtle","digest","then","arrayBuffer","intBuffer","Uint8Array","firstHalf","slice","hash","String","fromCharCode","apply","b64u"],"mappings":";;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAIO,SAASA,WAAT,CAAqBC,GAArB,EAA0B;AAC/B,MAAIC,MAAM,GAAG,IAAIC,WAAJ,GAAkBC,MAAlB,CAAyBH,GAAzB,CAAb;AACA,SAAOI,qBAAUC,MAAV,CAAiBC,MAAjB,CAAwB,SAAxB,EAAmCL,MAAnC,EAA2CM,IAA3C,CAAgD,UAASC,WAAT,EAAsB;AAC3E,QAAIC,SAAS,GAAG,IAAIC,UAAJ,CAAeF,WAAf,CAAhB;AACA,QAAIG,SAAS,GAAGF,SAAS,CAACG,KAAV,CAAgB,CAAhB,EAAmB,EAAnB,CAAhB;AACA,QAAIC,IAAI,GAAGC,MAAM,CAACC,YAAP,CAAoBC,KAApB,CAA0B,IAA1B,EAAgCL,SAAhC,CAAX;AACA,QAAIM,IAAI,GAAG,6BAAkBJ,IAAlB,CAAX,CAJ2E,CAIvC;;AACpC,WAAOI,IAAP;AACD,GANM,CAAP;AAOD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* global TextEncoder */\nimport { stringToBase64Url } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function getOidcHash(str) { \n var buffer = new TextEncoder().encode(str);\n return webcrypto.subtle.digest('SHA-256', buffer).then(function(arrayBuffer) {\n var intBuffer = new Uint8Array(arrayBuffer);\n var firstHalf = intBuffer.slice(0, 16);\n var hash = String.fromCharCode.apply(null, firstHalf as unknown as number[]);\n var b64u = stringToBase64Url(hash); // url-safe base64 variant\n return b64u;\n });\n}\n"],"file":"oidcHash.js"}
package/cjs/features.js CHANGED
@@ -35,7 +35,12 @@ function isBrowser() {
35
35
  }
36
36
 
37
37
  function isIE11OrLess() {
38
- return isBrowser() && !!document.documentMode && document.documentMode <= 11;
38
+ if (!isBrowser()) {
39
+ return false;
40
+ }
41
+
42
+ const documentMode = document.documentMode;
43
+ return !!documentMode && documentMode <= 11;
39
44
  }
40
45
 
41
46
  function getUserAgent() {
@@ -52,9 +57,10 @@ function isPopupPostMessageSupported() {
52
57
  return false;
53
58
  }
54
59
 
55
- var isIE8or9 = document.documentMode && document.documentMode < 10;
60
+ const documentMode = document.documentMode;
61
+ var isIE8or9 = documentMode && documentMode < 10;
56
62
 
57
- if (window.postMessage && !isIE8or9) {
63
+ if (typeof window.postMessage !== 'undefined' && !isIE8or9) {
58
64
  return true;
59
65
  }
60
66