@okta/okta-auth-js 5.9.1 → 6.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +56 -0
- package/README.md +16 -3
- package/cjs/AuthStateManager.js +2 -1
- package/cjs/AuthStateManager.js.map +1 -1
- package/cjs/OktaAuth.js +95 -78
- package/cjs/OktaAuth.js.map +1 -1
- package/cjs/OktaUserAgent.js +2 -2
- package/cjs/OktaUserAgent.js.map +1 -1
- package/cjs/PromiseQueue.js +6 -1
- package/cjs/PromiseQueue.js.map +1 -1
- package/cjs/StorageManager.js +3 -1
- package/cjs/StorageManager.js.map +1 -1
- package/cjs/TokenManager.js +33 -5
- package/cjs/TokenManager.js.map +1 -1
- package/cjs/TransactionManager.js +17 -4
- package/cjs/TransactionManager.js.map +1 -1
- package/cjs/browser/browserStorage.js +7 -5
- package/cjs/browser/browserStorage.js.map +1 -1
- package/cjs/browser/fingerprint.js +3 -1
- package/cjs/browser/fingerprint.js.map +1 -1
- package/cjs/builderUtil.js +3 -17
- package/cjs/builderUtil.js.map +1 -1
- package/cjs/crypto/oidcHash.js.map +1 -1
- package/cjs/features.js +9 -3
- package/cjs/features.js.map +1 -1
- package/cjs/fetch/fetchRequest.js +2 -1
- package/cjs/fetch/fetchRequest.js.map +1 -1
- package/cjs/http/request.js +2 -0
- package/cjs/http/request.js.map +1 -1
- package/cjs/idx/authenticate.js +8 -5
- package/cjs/idx/authenticate.js.map +1 -1
- package/cjs/idx/authenticator/Authenticator.js +14 -0
- package/cjs/idx/authenticator/Authenticator.js.map +1 -0
- package/cjs/idx/authenticator/OktaPassword.js +31 -0
- package/cjs/idx/authenticator/OktaPassword.js.map +1 -0
- package/cjs/idx/authenticator/OktaVerifyTotp.js +17 -0
- package/cjs/idx/authenticator/OktaVerifyTotp.js.map +1 -0
- package/cjs/idx/authenticator/SecurityQuestionEnrollment.js +50 -0
- package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map +1 -0
- package/cjs/idx/authenticator/SecurityQuestionVerification.js +32 -0
- package/cjs/idx/authenticator/SecurityQuestionVerification.js.map +1 -0
- package/cjs/idx/authenticator/VerificationCodeAuthenticator.js +34 -0
- package/cjs/idx/authenticator/VerificationCodeAuthenticator.js.map +1 -0
- package/cjs/idx/authenticator/getAuthenticator.js +41 -0
- package/cjs/idx/authenticator/getAuthenticator.js.map +1 -0
- package/cjs/idx/authenticator/index.js +80 -0
- package/cjs/idx/authenticator/index.js.map +1 -0
- package/cjs/idx/cancel.js +5 -0
- package/cjs/idx/cancel.js.map +1 -1
- package/cjs/idx/emailVerify.js +73 -0
- package/cjs/idx/emailVerify.js.map +1 -0
- package/cjs/idx/flow/AuthenticationFlow.js +4 -1
- package/cjs/idx/flow/AuthenticationFlow.js.map +1 -1
- package/cjs/idx/flow/FlowSpecification.js +16 -14
- package/cjs/idx/flow/FlowSpecification.js.map +1 -1
- package/cjs/idx/flow/RegistrationFlow.js +3 -0
- package/cjs/idx/flow/RegistrationFlow.js.map +1 -1
- package/cjs/idx/flow/index.js +0 -52
- package/cjs/idx/flow/index.js.map +1 -1
- package/cjs/idx/handleInteractionCodeRedirect.js +1 -0
- package/cjs/idx/handleInteractionCodeRedirect.js.map +1 -1
- package/cjs/idx/index.js +26 -0
- package/cjs/idx/index.js.map +1 -1
- package/cjs/idx/interact.js +47 -29
- package/cjs/idx/interact.js.map +1 -1
- package/cjs/idx/introspect.js +12 -14
- package/cjs/idx/introspect.js.map +1 -1
- package/cjs/idx/poll.js +59 -0
- package/cjs/idx/poll.js.map +1 -0
- package/cjs/idx/proceed.js +4 -7
- package/cjs/idx/proceed.js.map +1 -1
- package/cjs/idx/recoverPassword.js +1 -1
- package/cjs/idx/recoverPassword.js.map +1 -1
- package/cjs/idx/register.js +16 -14
- package/cjs/idx/register.js.map +1 -1
- package/cjs/idx/remediate.js +55 -92
- package/cjs/idx/remediate.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorEnrollmentData.js +11 -12
- package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorVerificationData.js +8 -9
- package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
- package/cjs/idx/remediators/Base/AuthenticatorData.js +48 -35
- package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
- package/cjs/idx/remediators/Base/Remediator.js +53 -20
- package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
- package/cjs/idx/remediators/Base/SelectAuthenticator.js +20 -19
- package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js +8 -28
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/ChallengeAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/ChallengePoll.js +26 -0
- package/cjs/idx/remediators/ChallengePoll.js.map +1 -0
- package/cjs/idx/remediators/EnrollAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/EnrollPoll.js +55 -0
- package/cjs/idx/remediators/EnrollPoll.js.map +1 -0
- package/cjs/idx/remediators/EnrollProfile.js +4 -1
- package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
- package/cjs/idx/remediators/EnrollmentChannelData.js +80 -0
- package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -0
- package/cjs/idx/remediators/Identify.js +2 -35
- package/cjs/idx/remediators/Identify.js.map +1 -1
- package/cjs/idx/remediators/ReEnrollAuthenticator.js +1 -0
- package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/ResetAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js +23 -2
- package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorEnroll.js.map +1 -1
- package/cjs/idx/remediators/SelectEnrollProfile.js.map +1 -1
- package/cjs/idx/remediators/SelectEnrollmentChannel.js +74 -0
- package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -0
- package/cjs/idx/remediators/Skip.js +7 -0
- package/cjs/idx/remediators/Skip.js.map +1 -1
- package/cjs/idx/remediators/index.js +52 -0
- package/cjs/idx/remediators/index.js.map +1 -1
- package/cjs/idx/remediators/util.js +7 -2
- package/cjs/idx/remediators/util.js.map +1 -1
- package/cjs/idx/run.js +110 -52
- package/cjs/idx/run.js.map +1 -1
- package/cjs/idx/startTransaction.js +4 -2
- package/cjs/idx/startTransaction.js.map +1 -1
- package/cjs/idx/transactionMeta.js +82 -69
- package/cjs/idx/transactionMeta.js.map +1 -1
- package/cjs/idx/types/idx-js.js.map +1 -1
- package/cjs/idx/types/index.js +21 -4
- package/cjs/idx/types/index.js.map +1 -1
- package/cjs/index.js +14 -0
- package/cjs/index.js.map +1 -1
- package/cjs/oidc/endpoints/authorize.js +2 -0
- package/cjs/oidc/endpoints/authorize.js.map +1 -1
- package/cjs/oidc/endpoints/token.js +1 -0
- package/cjs/oidc/endpoints/token.js.map +1 -1
- package/cjs/oidc/exchangeCodeForTokens.js +3 -3
- package/cjs/oidc/exchangeCodeForTokens.js.map +1 -1
- package/cjs/oidc/getToken.js +3 -1
- package/cjs/oidc/getToken.js.map +1 -1
- package/cjs/oidc/getWithRedirect.js +10 -37
- package/cjs/oidc/getWithRedirect.js.map +1 -1
- package/cjs/oidc/handleOAuthResponse.js +80 -86
- package/cjs/oidc/handleOAuthResponse.js.map +1 -1
- package/cjs/oidc/parseFromUrl.js.map +1 -1
- package/cjs/oidc/renewToken.js.map +1 -1
- package/cjs/oidc/renewTokens.js +1 -1
- package/cjs/oidc/renewTokens.js.map +1 -1
- package/cjs/oidc/revokeToken.js +28 -29
- package/cjs/oidc/revokeToken.js.map +1 -1
- package/cjs/oidc/util/index.js +14 -0
- package/cjs/oidc/util/index.js.map +1 -1
- package/cjs/oidc/util/loginRedirect.js +6 -1
- package/cjs/oidc/util/loginRedirect.js.map +1 -1
- package/cjs/oidc/util/oauth.js.map +1 -1
- package/cjs/oidc/util/oauthMeta.js +36 -0
- package/cjs/oidc/util/oauthMeta.js.map +1 -0
- package/cjs/oidc/util/pkce.js.map +1 -1
- package/cjs/oidc/util/prepareTokenParams.js +57 -36
- package/cjs/oidc/util/prepareTokenParams.js.map +1 -1
- package/cjs/oidc/util/validateClaims.js +2 -0
- package/cjs/oidc/util/validateClaims.js.map +1 -1
- package/cjs/oidc/verifyToken.js +2 -1
- package/cjs/oidc/verifyToken.js.map +1 -1
- package/cjs/options.js +6 -2
- package/cjs/options.js.map +1 -1
- package/cjs/server/serverStorage.js +1 -1
- package/cjs/server/serverStorage.js.map +1 -1
- package/cjs/services/TokenService.js +3 -0
- package/cjs/services/TokenService.js.map +1 -1
- package/cjs/tx/AuthTransaction.js +3 -0
- package/cjs/tx/AuthTransaction.js.map +1 -1
- package/cjs/tx/TransactionState.js +0 -17
- package/cjs/tx/TransactionState.js.map +1 -1
- package/cjs/tx/api.js +3 -2
- package/cjs/tx/api.js.map +1 -1
- package/cjs/types/Token.js.map +1 -1
- package/cjs/types/Transaction.js.map +1 -1
- package/cjs/util/index.js +0 -13
- package/cjs/util/index.js.map +1 -1
- package/cjs/util/url.js.map +1 -1
- package/dist/okta-auth-js.min.js +1 -1
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.umd.js +1 -1
- package/dist/okta-auth-js.umd.js.map +1 -1
- package/esm/index.js +2603 -1814
- package/esm/index.js.map +1 -1
- package/lib/AuthStateManager.d.ts +1 -2
- package/lib/OktaAuth.d.ts +4 -10
- package/lib/StorageManager.d.ts +1 -1
- package/lib/TokenManager.d.ts +4 -2
- package/lib/TransactionManager.d.ts +3 -2
- package/lib/browser/fingerprint.d.ts +1 -1
- package/lib/builderUtil.d.ts +1 -2
- package/lib/crypto/browser.d.ts +1 -1
- package/lib/features.d.ts +1 -1
- package/lib/idx/authenticate.d.ts +1 -1
- package/lib/idx/authenticator/Authenticator.d.ts +12 -0
- package/lib/idx/authenticator/OktaPassword.d.ts +11 -0
- package/lib/idx/authenticator/OktaVerifyTotp.d.ts +9 -0
- package/lib/idx/authenticator/SecurityQuestionEnrollment.d.ts +28 -0
- package/lib/idx/authenticator/SecurityQuestionVerification.d.ts +14 -0
- package/lib/idx/authenticator/VerificationCodeAuthenticator.d.ts +10 -0
- package/lib/idx/authenticator/getAuthenticator.d.ts +3 -0
- package/lib/idx/authenticator/index.d.ts +6 -0
- package/lib/idx/cancel.d.ts +1 -1
- package/lib/{util → idx}/emailVerify.d.ts +10 -1
- package/lib/idx/flow/FlowSpecification.d.ts +1 -2
- package/lib/idx/flow/index.d.ts +0 -4
- package/lib/idx/index.d.ts +2 -0
- package/lib/idx/interact.d.ts +5 -11
- package/lib/idx/introspect.d.ts +3 -2
- package/lib/idx/{flow/AuthenticationFlowMonitor.d.ts → poll.d.ts} +3 -5
- package/lib/idx/proceed.d.ts +4 -1
- package/lib/idx/recoverPassword.d.ts +1 -1
- package/lib/idx/register.d.ts +1 -1
- package/lib/idx/remediate.d.ts +10 -4
- package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +12 -8
- package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +3 -4
- package/lib/idx/remediators/Base/AuthenticatorData.d.ts +13 -8
- package/lib/idx/remediators/Base/Remediator.d.ts +9 -6
- package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +9 -8
- package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +10 -5
- package/lib/idx/{flow/RegistrationFlowMonitor.d.ts → remediators/ChallengePoll.d.ts} +3 -3
- package/lib/idx/{flow/PasswordRecoveryFlowMonitor.d.ts → remediators/EnrollPoll.d.ts} +12 -4
- package/lib/idx/remediators/EnrollProfile.d.ts +1 -1
- package/lib/idx/remediators/EnrollmentChannelData.d.ts +53 -0
- package/lib/idx/remediators/Identify.d.ts +2 -5
- package/lib/idx/remediators/ReEnrollAuthenticator.d.ts +2 -2
- package/lib/idx/remediators/RedirectIdp.d.ts +3 -3
- package/lib/idx/remediators/SelectAuthenticatorAuthenticate.d.ts +6 -2
- package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +39 -0
- package/lib/idx/remediators/Skip.d.ts +3 -0
- package/lib/idx/remediators/index.d.ts +4 -0
- package/lib/idx/remediators/util.d.ts +2 -2
- package/lib/idx/run.d.ts +4 -3
- package/lib/idx/startTransaction.d.ts +3 -2
- package/lib/idx/transactionMeta.d.ts +6 -27
- package/lib/idx/types/idx-js.d.ts +57 -2
- package/lib/idx/types/index.d.ts +25 -8
- package/lib/index.d.ts +1 -0
- package/lib/oidc/exchangeCodeForTokens.d.ts +12 -0
- package/lib/oidc/getWithRedirect.d.ts +1 -1
- package/lib/oidc/handleOAuthResponse.d.ts +1 -1
- package/lib/oidc/parseFromUrl.d.ts +1 -1
- package/lib/oidc/renewToken.d.ts +1 -1
- package/lib/oidc/renewTokens.d.ts +1 -1
- package/lib/oidc/util/browser.d.ts +1 -1
- package/lib/oidc/util/errors.d.ts +1 -1
- package/lib/oidc/util/index.d.ts +1 -0
- package/lib/oidc/util/oauth.d.ts +1 -8
- package/lib/oidc/util/oauthMeta.d.ts +2 -0
- package/lib/oidc/util/prepareTokenParams.d.ts +3 -0
- package/lib/server/serverStorage.d.ts +1 -1
- package/lib/services/TokenService.d.ts +2 -2
- package/lib/tx/AuthTransaction.d.ts +2 -2
- package/lib/tx/TransactionState.d.ts +11 -1
- package/lib/tx/api.d.ts +6 -6
- package/lib/types/OktaAuthOptions.d.ts +6 -6
- package/lib/types/Storage.d.ts +3 -3
- package/lib/types/Token.d.ts +1 -0
- package/lib/types/Transaction.d.ts +11 -0
- package/lib/types/UserClaims.d.ts +3 -3
- package/lib/types/api.d.ts +31 -17
- package/lib/util/console.d.ts +1 -1
- package/lib/util/index.d.ts +0 -1
- package/lib/util/types.d.ts +1 -1
- package/lib/util/url.d.ts +2 -2
- package/package.json +6 -8
- package/cjs/idx/flow/AuthenticationFlowMonitor.js +0 -45
- package/cjs/idx/flow/AuthenticationFlowMonitor.js.map +0 -1
- package/cjs/idx/flow/FlowMonitor.js +0 -69
- package/cjs/idx/flow/FlowMonitor.js.map +0 -1
- package/cjs/idx/flow/PasswordRecoveryFlowMonitor.js +0 -55
- package/cjs/idx/flow/PasswordRecoveryFlowMonitor.js.map +0 -1
- package/cjs/idx/flow/RegistrationFlowMonitor.js +0 -35
- package/cjs/idx/flow/RegistrationFlowMonitor.js.map +0 -1
- package/cjs/util/emailVerify.js +0 -28
- package/cjs/util/emailVerify.js.map +0 -1
- package/lib/idx/flow/FlowMonitor.d.ts +0 -23
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
|
|
4
|
+
|
|
5
|
+
exports.isEmailVerifyCallbackError = isEmailVerifyCallbackError;
|
|
6
|
+
exports.isEmailVerifyCallback = isEmailVerifyCallback;
|
|
7
|
+
exports.parseEmailVerifyCallback = parseEmailVerifyCallback;
|
|
8
|
+
exports.handleEmailVerifyCallback = handleEmailVerifyCallback;
|
|
9
|
+
exports.EmailVerifyCallbackError = void 0;
|
|
10
|
+
|
|
11
|
+
var _CustomError = _interopRequireDefault(require("../errors/CustomError"));
|
|
12
|
+
|
|
13
|
+
var _urlParams = require("../oidc/util/urlParams");
|
|
14
|
+
|
|
15
|
+
/*!
|
|
16
|
+
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
17
|
+
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
18
|
+
*
|
|
19
|
+
* You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
|
|
20
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
21
|
+
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
22
|
+
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
23
|
+
*
|
|
24
|
+
* See the License for the specific language governing permissions and limitations under the License.
|
|
25
|
+
*/
|
|
26
|
+
class EmailVerifyCallbackError extends _CustomError.default {
|
|
27
|
+
constructor(state, otp) {
|
|
28
|
+
super(`Enter the OTP code in the originating client: ${otp}`);
|
|
29
|
+
this.name = 'EmailVerifyCallbackError';
|
|
30
|
+
this.state = state;
|
|
31
|
+
this.otp = otp;
|
|
32
|
+
}
|
|
33
|
+
|
|
34
|
+
}
|
|
35
|
+
|
|
36
|
+
exports.EmailVerifyCallbackError = EmailVerifyCallbackError;
|
|
37
|
+
|
|
38
|
+
function isEmailVerifyCallbackError(error) {
|
|
39
|
+
return error.name === 'EmailVerifyCallbackError';
|
|
40
|
+
} // Check if state && otp have been passed back in the url
|
|
41
|
+
|
|
42
|
+
|
|
43
|
+
function isEmailVerifyCallback(urlPath) {
|
|
44
|
+
return /(otp=)/i.test(urlPath) && /(state=)/i.test(urlPath);
|
|
45
|
+
} // Parse state and otp from a urlPath (should be either a search or fragment from the URL)
|
|
46
|
+
|
|
47
|
+
|
|
48
|
+
function parseEmailVerifyCallback(urlPath) {
|
|
49
|
+
return (0, _urlParams.urlParamsToObject)(urlPath);
|
|
50
|
+
}
|
|
51
|
+
|
|
52
|
+
async function handleEmailVerifyCallback(authClient, search) {
|
|
53
|
+
if (isEmailVerifyCallback(search)) {
|
|
54
|
+
const {
|
|
55
|
+
state,
|
|
56
|
+
otp
|
|
57
|
+
} = parseEmailVerifyCallback(search);
|
|
58
|
+
|
|
59
|
+
if (authClient.idx.canProceed({
|
|
60
|
+
state
|
|
61
|
+
})) {
|
|
62
|
+
// same browser / device
|
|
63
|
+
return await authClient.idx.proceed({
|
|
64
|
+
state,
|
|
65
|
+
otp
|
|
66
|
+
});
|
|
67
|
+
} else {
|
|
68
|
+
// different browser or device
|
|
69
|
+
throw new EmailVerifyCallbackError(state, otp);
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
//# sourceMappingURL=emailVerify.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/emailVerify.ts"],"names":["EmailVerifyCallbackError","CustomError","constructor","state","otp","name","isEmailVerifyCallbackError","error","isEmailVerifyCallback","urlPath","test","parseEmailVerifyCallback","handleEmailVerifyCallback","authClient","search","idx","canProceed","proceed"],"mappings":";;;;;;;;;;AAeA;;AACA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYO,MAAMA,wBAAN,SAAuCC,oBAAvC,CAAmD;AAIxDC,EAAAA,WAAW,CAACC,KAAD,EAAgBC,GAAhB,EAA6B;AACtC,UAAO,iDAAgDA,GAAI,EAA3D;AACA,SAAKC,IAAL,GAAY,0BAAZ;AACA,SAAKF,KAAL,GAAaA,KAAb;AACA,SAAKC,GAAL,GAAWA,GAAX;AACD;;AATuD;;;;AAYnD,SAASE,0BAAT,CAAoCC,KAApC,EAAkD;AACvD,SAAQA,KAAK,CAACF,IAAN,KAAe,0BAAvB;AACD,C,CAED;;;AACO,SAASG,qBAAT,CAAgCC,OAAhC,EAA0D;AAC/D,SAAO,UAAUC,IAAV,CAAeD,OAAf,KAA2B,YAAYC,IAAZ,CAAiBD,OAAjB,CAAlC;AACD,C,CAED;;;AACO,SAASE,wBAAT,CAAkCF,OAAlC,EAAgF;AACrF,SAAO,kCAAkBA,OAAlB,CAAP;AACD;;AAEM,eAAeG,yBAAf,CAAyCC,UAAzC,EAA+DC,MAA/D,EAA+E;AACpF,MAAIN,qBAAqB,CAACM,MAAD,CAAzB,EAAmC;AACjC,UAAM;AAAEX,MAAAA,KAAF;AAASC,MAAAA;AAAT,QAAiBO,wBAAwB,CAACG,MAAD,CAA/C;;AACA,QAAID,UAAU,CAACE,GAAX,CAAeC,UAAf,CAA0B;AAAEb,MAAAA;AAAF,KAA1B,CAAJ,EAA0C;AACxC;AACA,aAAO,MAAMU,UAAU,CAACE,GAAX,CAAeE,OAAf,CAAuB;AAAEd,QAAAA,KAAF;AAASC,QAAAA;AAAT,OAAvB,CAAb;AACD,KAHD,MAGO;AACL;AACA,YAAM,IAAIJ,wBAAJ,CAA6BG,KAA7B,EAAoCC,GAApC,CAAN;AACD;AACF;AACF","sourcesContent":["\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuth } from '../types';\n\nimport CustomError from '../errors/CustomError';\nimport { urlParamsToObject } from '../oidc/util/urlParams';\n\nexport interface EmailVerifyCallbackResponse {\n state: string;\n otp: string;\n}\n\nexport class EmailVerifyCallbackError extends CustomError {\n state: string;\n otp: string;\n\n constructor(state: string, otp: string) {\n super(`Enter the OTP code in the originating client: ${otp}`);\n this.name = 'EmailVerifyCallbackError';\n this.state = state;\n this.otp = otp;\n }\n}\n\nexport function isEmailVerifyCallbackError(error: Error) {\n return (error.name === 'EmailVerifyCallbackError');\n}\n\n// Check if state && otp have been passed back in the url\nexport function isEmailVerifyCallback (urlPath: string): boolean {\n return /(otp=)/i.test(urlPath) && /(state=)/i.test(urlPath);\n}\n\n// Parse state and otp from a urlPath (should be either a search or fragment from the URL)\nexport function parseEmailVerifyCallback(urlPath: string): EmailVerifyCallbackResponse {\n return urlParamsToObject(urlPath) as EmailVerifyCallbackResponse;\n}\n\nexport async function handleEmailVerifyCallback(authClient: OktaAuth, search: string) {\n if (isEmailVerifyCallback(search)) {\n const { state, otp } = parseEmailVerifyCallback(search);\n if (authClient.idx.canProceed({ state })) {\n // same browser / device\n return await authClient.idx.proceed({ state, otp });\n } else {\n // different browser or device\n throw new EmailVerifyCallbackError(state, otp);\n }\n }\n}\n"],"file":"emailVerify.js"}
|
|
@@ -23,8 +23,11 @@ const AuthenticationFlow = {
|
|
|
23
23
|
'authenticator-verification-data': _remediators.AuthenticatorVerificationData,
|
|
24
24
|
'enroll-authenticator': _remediators.EnrollAuthenticator,
|
|
25
25
|
'challenge-authenticator': _remediators.ChallengeAuthenticator,
|
|
26
|
+
'challenge-poll': _remediators.ChallengePoll,
|
|
26
27
|
'reenroll-authenticator': _remediators.ReEnrollAuthenticator,
|
|
27
|
-
'
|
|
28
|
+
'enroll-poll': _remediators.EnrollPoll,
|
|
29
|
+
'redirect-idp': _remediators.RedirectIdp,
|
|
30
|
+
'skip': _remediators.Skip
|
|
28
31
|
};
|
|
29
32
|
exports.AuthenticationFlow = AuthenticationFlow;
|
|
30
33
|
//# sourceMappingURL=AuthenticationFlow.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/flow/AuthenticationFlow.ts"],"names":["AuthenticationFlow","Identify","SelectAuthenticatorAuthenticate","SelectAuthenticatorEnroll","AuthenticatorEnrollmentData","AuthenticatorVerificationData","EnrollAuthenticator","ChallengeAuthenticator","ReEnrollAuthenticator","RedirectIdp"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/flow/AuthenticationFlow.ts"],"names":["AuthenticationFlow","Identify","SelectAuthenticatorAuthenticate","SelectAuthenticatorEnroll","AuthenticatorEnrollmentData","AuthenticatorVerificationData","EnrollAuthenticator","ChallengeAuthenticator","ChallengePoll","ReEnrollAuthenticator","EnrollPoll","RedirectIdp","Skip"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAkBO,MAAMA,kBAAmC,GAAG;AACjD,cAAYC,qBADqC;AAEjD,uCAAqCC,4CAFY;AAGjD,iCAA+BC,sCAHkB;AAIjD,mCAAiCC,wCAJgB;AAKjD,qCAAmCC,0CALc;AAMjD,0BAAwBC,gCANyB;AAOjD,6BAA2BC,mCAPsB;AAQjD,oBAAkBC,0BAR+B;AASjD,4BAA0BC,kCATuB;AAUjD,iBAAeC,uBAVkC;AAWjD,kBAAgBC,wBAXiC;AAYjD,UAAQC;AAZyC,CAA5C","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { RemediationFlow } from './RemediationFlow';\nimport { \n Identify,\n SelectAuthenticatorAuthenticate,\n ChallengeAuthenticator,\n ReEnrollAuthenticator,\n RedirectIdp,\n AuthenticatorEnrollmentData,\n SelectAuthenticatorEnroll,\n EnrollAuthenticator,\n AuthenticatorVerificationData,\n EnrollPoll,\n ChallengePoll, Skip\n} from '../remediators';\n\nexport const AuthenticationFlow: RemediationFlow = {\n 'identify': Identify,\n 'select-authenticator-authenticate': SelectAuthenticatorAuthenticate,\n 'select-authenticator-enroll': SelectAuthenticatorEnroll,\n 'authenticator-enrollment-data': AuthenticatorEnrollmentData,\n 'authenticator-verification-data': AuthenticatorVerificationData,\n 'enroll-authenticator': EnrollAuthenticator,\n 'challenge-authenticator': ChallengeAuthenticator,\n 'challenge-poll': ChallengePoll,\n 'reenroll-authenticator': ReEnrollAuthenticator,\n 'enroll-poll': EnrollPoll,\n 'redirect-idp': RedirectIdp,\n 'skip': Skip,\n};\n"],"file":"AuthenticationFlow.js"}
|
|
@@ -4,46 +4,48 @@ exports.getFlowSpecification = getFlowSpecification;
|
|
|
4
4
|
|
|
5
5
|
var _AuthenticationFlow = require("./AuthenticationFlow");
|
|
6
6
|
|
|
7
|
-
var _AuthenticationFlowMonitor = require("./AuthenticationFlowMonitor");
|
|
8
|
-
|
|
9
7
|
var _PasswordRecoveryFlow = require("./PasswordRecoveryFlow");
|
|
10
8
|
|
|
11
|
-
var _PasswordRecoveryFlowMonitor = require("./PasswordRecoveryFlowMonitor");
|
|
12
|
-
|
|
13
9
|
var _RegistrationFlow = require("./RegistrationFlow");
|
|
14
10
|
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
11
|
+
// eslint-disable-next-line complexity
|
|
12
|
+
function getFlowSpecification(oktaAuth, flow = 'default') {
|
|
13
|
+
let remediators,
|
|
14
|
+
actions,
|
|
15
|
+
withCredentials = true;
|
|
19
16
|
|
|
20
17
|
switch (flow) {
|
|
21
18
|
case 'register':
|
|
22
19
|
case 'signup':
|
|
23
20
|
case 'enrollProfile':
|
|
24
21
|
remediators = _RegistrationFlow.RegistrationFlow;
|
|
25
|
-
|
|
22
|
+
withCredentials = false;
|
|
26
23
|
break;
|
|
27
24
|
|
|
28
25
|
case 'recoverPassword':
|
|
29
26
|
case 'resetPassword':
|
|
30
27
|
remediators = _PasswordRecoveryFlow.PasswordRecoveryFlow;
|
|
31
|
-
flowMonitor = new _PasswordRecoveryFlowMonitor.PasswordRecoveryFlowMonitor(oktaAuth);
|
|
32
28
|
actions = ['currentAuthenticator-recover', 'currentAuthenticatorEnrollment-recover'];
|
|
29
|
+
withCredentials = false;
|
|
30
|
+
break;
|
|
31
|
+
|
|
32
|
+
case 'authenticate':
|
|
33
|
+
case 'login':
|
|
34
|
+
case 'signin':
|
|
35
|
+
remediators = _AuthenticationFlow.AuthenticationFlow;
|
|
33
36
|
break;
|
|
34
37
|
|
|
35
38
|
default:
|
|
36
|
-
//
|
|
39
|
+
// default case has no flow monitor
|
|
37
40
|
remediators = _AuthenticationFlow.AuthenticationFlow;
|
|
38
|
-
flowMonitor = new _AuthenticationFlowMonitor.AuthenticationFlowMonitor(oktaAuth);
|
|
39
41
|
break;
|
|
40
42
|
}
|
|
41
43
|
|
|
42
44
|
return {
|
|
43
45
|
flow,
|
|
44
46
|
remediators,
|
|
45
|
-
|
|
46
|
-
|
|
47
|
+
actions,
|
|
48
|
+
withCredentials
|
|
47
49
|
};
|
|
48
50
|
}
|
|
49
51
|
//# sourceMappingURL=FlowSpecification.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/flow/FlowSpecification.ts"],"names":["getFlowSpecification","oktaAuth","flow","remediators","
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/flow/FlowSpecification.ts"],"names":["getFlowSpecification","oktaAuth","flow","remediators","actions","withCredentials","RegistrationFlow","PasswordRecoveryFlow","AuthenticationFlow"],"mappings":";;;;AACA;;AACA;;AACA;;AAUA;AACO,SAASA,oBAAT,CAA8BC,QAA9B,EAAkDC,IAAoB,GAAG,SAAzE,EAAuG;AAC5G,MAAIC,WAAJ;AAAA,MAAiBC,OAAjB;AAAA,MAA0BC,eAAe,GAAG,IAA5C;;AACA,UAAQH,IAAR;AACE,SAAK,UAAL;AACA,SAAK,QAAL;AACA,SAAK,eAAL;AACEC,MAAAA,WAAW,GAAGG,kCAAd;AACAD,MAAAA,eAAe,GAAG,KAAlB;AACA;;AACF,SAAK,iBAAL;AACA,SAAK,eAAL;AACEF,MAAAA,WAAW,GAAGI,0CAAd;AACAH,MAAAA,OAAO,GAAG,CACR,8BADQ,EAER,wCAFQ,CAAV;AAIAC,MAAAA,eAAe,GAAG,KAAlB;AACA;;AACF,SAAK,cAAL;AACA,SAAK,OAAL;AACA,SAAK,QAAL;AACEF,MAAAA,WAAW,GAAGK,sCAAd;AACA;;AACF;AACE;AACAL,MAAAA,WAAW,GAAGK,sCAAd;AACA;AAxBJ;;AA0BA,SAAO;AAAEN,IAAAA,IAAF;AAAQC,IAAAA,WAAR;AAAqBC,IAAAA,OAArB;AAA8BC,IAAAA;AAA9B,GAAP;AACD","sourcesContent":["import { OktaAuth, FlowIdentifier } from '../../types';\nimport { AuthenticationFlow } from './AuthenticationFlow';\nimport { PasswordRecoveryFlow } from './PasswordRecoveryFlow';\nimport { RegistrationFlow } from './RegistrationFlow';\nimport { RemediationFlow } from './RemediationFlow';\n\nexport interface FlowSpecification {\n flow: FlowIdentifier;\n remediators: RemediationFlow;\n actions?: string[];\n withCredentials?: boolean;\n}\n\n// eslint-disable-next-line complexity\nexport function getFlowSpecification(oktaAuth: OktaAuth, flow: FlowIdentifier = 'default'): FlowSpecification {\n let remediators, actions, withCredentials = true;\n switch (flow) {\n case 'register':\n case 'signup':\n case 'enrollProfile':\n remediators = RegistrationFlow;\n withCredentials = false;\n break;\n case 'recoverPassword':\n case 'resetPassword':\n remediators = PasswordRecoveryFlow;\n actions = [\n 'currentAuthenticator-recover', \n 'currentAuthenticatorEnrollment-recover'\n ];\n withCredentials = false;\n break;\n case 'authenticate':\n case 'login':\n case 'signin':\n remediators = AuthenticationFlow;\n break;\n default:\n // default case has no flow monitor\n remediators = AuthenticationFlow;\n break;\n }\n return { flow, remediators, actions, withCredentials };\n}\n"],"file":"FlowSpecification.js"}
|
|
@@ -20,6 +20,9 @@ const RegistrationFlow = {
|
|
|
20
20
|
'enroll-profile': _remediators.EnrollProfile,
|
|
21
21
|
'authenticator-enrollment-data': _remediators.AuthenticatorEnrollmentData,
|
|
22
22
|
'select-authenticator-enroll': _remediators.SelectAuthenticatorEnroll,
|
|
23
|
+
'enroll-poll': _remediators.EnrollPoll,
|
|
24
|
+
'select-enrollment-channel': _remediators.SelectEnrollmentChannel,
|
|
25
|
+
'enrollment-channel-data': _remediators.EnrollmentChannelData,
|
|
23
26
|
'enroll-authenticator': _remediators.EnrollAuthenticator,
|
|
24
27
|
'skip': _remediators.Skip
|
|
25
28
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/flow/RegistrationFlow.ts"],"names":["RegistrationFlow","SelectEnrollProfile","EnrollProfile","AuthenticatorEnrollmentData","SelectAuthenticatorEnroll","EnrollAuthenticator","Skip"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/flow/RegistrationFlow.ts"],"names":["RegistrationFlow","SelectEnrollProfile","EnrollProfile","AuthenticatorEnrollmentData","SelectAuthenticatorEnroll","EnrollPoll","SelectEnrollmentChannel","EnrollmentChannelData","EnrollAuthenticator","Skip"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAgBO,MAAMA,gBAAiC,GAAG;AAC/C,2BAAyBC,gCADsB;AAE/C,oBAAkBC,0BAF6B;AAG/C,mCAAiCC,wCAHc;AAI/C,iCAA+BC,sCAJgB;AAK/C,iBAAeC,uBALgC;AAM/C,+BAA6BC,oCANkB;AAO/C,6BAA2BC,kCAPoB;AAQ/C,0BAAwBC,gCARuB;AAS/C,UAAQC;AATuC,CAA1C","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { RemediationFlow } from './RemediationFlow';\nimport { \n SelectEnrollProfile,\n EnrollPoll,\n SelectEnrollmentChannel,\n EnrollmentChannelData,\n EnrollProfile,\n SelectAuthenticatorEnroll,\n EnrollAuthenticator,\n AuthenticatorEnrollmentData,\n Skip,\n} from '../remediators';\n\nexport const RegistrationFlow: RemediationFlow = {\n 'select-enroll-profile': SelectEnrollProfile,\n 'enroll-profile': EnrollProfile,\n 'authenticator-enrollment-data': AuthenticatorEnrollmentData,\n 'select-authenticator-enroll': SelectAuthenticatorEnroll,\n 'enroll-poll': EnrollPoll,\n 'select-enrollment-channel': SelectEnrollmentChannel,\n 'enrollment-channel-data': EnrollmentChannelData,\n 'enroll-authenticator': EnrollAuthenticator,\n 'skip': Skip,\n};\n"],"file":"RegistrationFlow.js"}
|
package/cjs/idx/flow/index.js
CHANGED
|
@@ -13,32 +13,6 @@ Object.keys(_AuthenticationFlow).forEach(function (key) {
|
|
|
13
13
|
});
|
|
14
14
|
});
|
|
15
15
|
|
|
16
|
-
var _AuthenticationFlowMonitor = require("./AuthenticationFlowMonitor");
|
|
17
|
-
|
|
18
|
-
Object.keys(_AuthenticationFlowMonitor).forEach(function (key) {
|
|
19
|
-
if (key === "default" || key === "__esModule") return;
|
|
20
|
-
if (key in exports && exports[key] === _AuthenticationFlowMonitor[key]) return;
|
|
21
|
-
Object.defineProperty(exports, key, {
|
|
22
|
-
enumerable: true,
|
|
23
|
-
get: function () {
|
|
24
|
-
return _AuthenticationFlowMonitor[key];
|
|
25
|
-
}
|
|
26
|
-
});
|
|
27
|
-
});
|
|
28
|
-
|
|
29
|
-
var _FlowMonitor = require("./FlowMonitor");
|
|
30
|
-
|
|
31
|
-
Object.keys(_FlowMonitor).forEach(function (key) {
|
|
32
|
-
if (key === "default" || key === "__esModule") return;
|
|
33
|
-
if (key in exports && exports[key] === _FlowMonitor[key]) return;
|
|
34
|
-
Object.defineProperty(exports, key, {
|
|
35
|
-
enumerable: true,
|
|
36
|
-
get: function () {
|
|
37
|
-
return _FlowMonitor[key];
|
|
38
|
-
}
|
|
39
|
-
});
|
|
40
|
-
});
|
|
41
|
-
|
|
42
16
|
var _FlowSpecification = require("./FlowSpecification");
|
|
43
17
|
|
|
44
18
|
Object.keys(_FlowSpecification).forEach(function (key) {
|
|
@@ -65,19 +39,6 @@ Object.keys(_PasswordRecoveryFlow).forEach(function (key) {
|
|
|
65
39
|
});
|
|
66
40
|
});
|
|
67
41
|
|
|
68
|
-
var _PasswordRecoveryFlowMonitor = require("./PasswordRecoveryFlowMonitor");
|
|
69
|
-
|
|
70
|
-
Object.keys(_PasswordRecoveryFlowMonitor).forEach(function (key) {
|
|
71
|
-
if (key === "default" || key === "__esModule") return;
|
|
72
|
-
if (key in exports && exports[key] === _PasswordRecoveryFlowMonitor[key]) return;
|
|
73
|
-
Object.defineProperty(exports, key, {
|
|
74
|
-
enumerable: true,
|
|
75
|
-
get: function () {
|
|
76
|
-
return _PasswordRecoveryFlowMonitor[key];
|
|
77
|
-
}
|
|
78
|
-
});
|
|
79
|
-
});
|
|
80
|
-
|
|
81
42
|
var _RegistrationFlow = require("./RegistrationFlow");
|
|
82
43
|
|
|
83
44
|
Object.keys(_RegistrationFlow).forEach(function (key) {
|
|
@@ -91,19 +52,6 @@ Object.keys(_RegistrationFlow).forEach(function (key) {
|
|
|
91
52
|
});
|
|
92
53
|
});
|
|
93
54
|
|
|
94
|
-
var _RegistrationFlowMonitor = require("./RegistrationFlowMonitor");
|
|
95
|
-
|
|
96
|
-
Object.keys(_RegistrationFlowMonitor).forEach(function (key) {
|
|
97
|
-
if (key === "default" || key === "__esModule") return;
|
|
98
|
-
if (key in exports && exports[key] === _RegistrationFlowMonitor[key]) return;
|
|
99
|
-
Object.defineProperty(exports, key, {
|
|
100
|
-
enumerable: true,
|
|
101
|
-
get: function () {
|
|
102
|
-
return _RegistrationFlowMonitor[key];
|
|
103
|
-
}
|
|
104
|
-
});
|
|
105
|
-
});
|
|
106
|
-
|
|
107
55
|
var _RemediationFlow = require("./RemediationFlow");
|
|
108
56
|
|
|
109
57
|
Object.keys(_RemediationFlow).forEach(function (key) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/flow/index.ts"],"names":[],"mappings":";;AAYA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/flow/index.ts"],"names":[],"mappings":";;AAYA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport * from './AuthenticationFlow';\nexport * from './FlowSpecification';\nexport * from './PasswordRecoveryFlow';\nexport * from './RegistrationFlow';\nexport * from './RemediationFlow';\n"],"file":"index.js"}
|
|
@@ -37,6 +37,7 @@ async function handleInteractionCodeRedirect(authClient, url) {
|
|
|
37
37
|
const error = searchParams.get('error');
|
|
38
38
|
|
|
39
39
|
if (error) {
|
|
40
|
+
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
|
|
40
41
|
throw new _errors.OAuthError(error, searchParams.get('error_description'));
|
|
41
42
|
}
|
|
42
43
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/handleInteractionCodeRedirect.ts"],"names":["handleInteractionCodeRedirect","authClient","url","meta","transactionManager","load","AuthSdkError","codeVerifier","state","savedState","searchParams","URL","get","interactionCode","error","OAuthError","tokens","token","exchangeCodeForTokens","tokenManager","setTokens"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAOO,eAAeA,6BAAf,CACLC,UADK,EAELC,GAFK,EAGU;AACf,QAAMC,IAAI,GAAGF,UAAU,CAACG,kBAAX,CAA8BC,IAA9B,EAAb;;AACA,MAAI,CAACF,IAAL,EAAW;AACT,UAAM,IAAIG,oBAAJ,CAAiB,0CAAjB,CAAN;AACD;;AAED,QAAM;AACJC,IAAAA,YADI;AAEJC,IAAAA,KAAK,EAAEC;AAFH,MAGFN,IAHJ;AAIA,QAAM;AACJO,IAAAA,YADI,CAEN;AACA;;AAHM,MAIF,IAAIC,GAAJ,CAAQT,GAAR,CAJJ;AAKA,QAAMM,KAAK,GAAGE,YAAY,CAACE,GAAb,CAAiB,OAAjB,CAAd;AACA,QAAMC,eAAe,GAAGH,YAAY,CAACE,GAAb,CAAiB,kBAAjB,CAAxB,CAhBe,CAkBf;;AACA,QAAME,KAAK,GAAGJ,YAAY,CAACE,GAAb,CAAiB,OAAjB,CAAd;;AACA,MAAIE,KAAJ,EAAW;AACT,UAAM,IAAIC,kBAAJ,CAAeD,KAAf,EAAsBJ,YAAY,CAACE,GAAb,CAAiB,mBAAjB,CAAtB,CAAN;AACD;;AACD,MAAIJ,KAAK,KAAKC,UAAd,EAA0B;AACxB,UAAM,IAAIH,oBAAJ,CAAiB,6DAAjB,CAAN;AACD;;AACD,MAAI,CAACO,eAAL,EAAsB;AACpB,UAAM,IAAIP,oBAAJ,CAAiB,+CAAjB,CAAN;AACD,
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/handleInteractionCodeRedirect.ts"],"names":["handleInteractionCodeRedirect","authClient","url","meta","transactionManager","load","AuthSdkError","codeVerifier","state","savedState","searchParams","URL","get","interactionCode","error","OAuthError","tokens","token","exchangeCodeForTokens","tokenManager","setTokens"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAOO,eAAeA,6BAAf,CACLC,UADK,EAELC,GAFK,EAGU;AACf,QAAMC,IAAI,GAAGF,UAAU,CAACG,kBAAX,CAA8BC,IAA9B,EAAb;;AACA,MAAI,CAACF,IAAL,EAAW;AACT,UAAM,IAAIG,oBAAJ,CAAiB,0CAAjB,CAAN;AACD;;AAED,QAAM;AACJC,IAAAA,YADI;AAEJC,IAAAA,KAAK,EAAEC;AAFH,MAGFN,IAHJ;AAIA,QAAM;AACJO,IAAAA,YADI,CAEN;AACA;;AAHM,MAIF,IAAIC,GAAJ,CAAQT,GAAR,CAJJ;AAKA,QAAMM,KAAK,GAAGE,YAAY,CAACE,GAAb,CAAiB,OAAjB,CAAd;AACA,QAAMC,eAAe,GAAGH,YAAY,CAACE,GAAb,CAAiB,kBAAjB,CAAxB,CAhBe,CAkBf;;AACA,QAAME,KAAK,GAAGJ,YAAY,CAACE,GAAb,CAAiB,OAAjB,CAAd;;AACA,MAAIE,KAAJ,EAAW;AACT;AACA,UAAM,IAAIC,kBAAJ,CAAeD,KAAf,EAAsBJ,YAAY,CAACE,GAAb,CAAiB,mBAAjB,CAAtB,CAAN;AACD;;AACD,MAAIJ,KAAK,KAAKC,UAAd,EAA0B;AACxB,UAAM,IAAIH,oBAAJ,CAAiB,6DAAjB,CAAN;AACD;;AACD,MAAI,CAACO,eAAL,EAAsB;AACpB,UAAM,IAAIP,oBAAJ,CAAiB,+CAAjB,CAAN;AACD,GA7Bc,CA+Bf;;;AACA,QAAM;AAAEU,IAAAA;AAAF,MAAa,MAAMf,UAAU,CAACgB,KAAX,CAAiBC,qBAAjB,CAAuC;AAAEL,IAAAA,eAAF;AAAmBN,IAAAA;AAAnB,GAAvC,CAAzB;AACAN,EAAAA,UAAU,CAACkB,YAAX,CAAwBC,SAAxB,CAAkCJ,MAAlC;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError, OAuthError } from '../errors';\nimport { OktaAuth } from '..';\nimport {IdxTransactionMeta} from '../types';\n\nexport async function handleInteractionCodeRedirect(\n authClient: OktaAuth, \n url: string\n): Promise<void> {\n const meta = authClient.transactionManager.load() as IdxTransactionMeta;\n if (!meta) {\n throw new AuthSdkError('No transaction data was found in storage');\n }\n\n const { \n codeVerifier,\n state: savedState \n } = meta;\n const { \n searchParams\n // URL API has been added to the polyfill\n // eslint-disable-next-line compat/compat\n } = new URL(url); \n const state = searchParams.get('state');\n const interactionCode = searchParams.get('interaction_code');\n\n // Error handling\n const error = searchParams.get('error');\n if (error) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n throw new OAuthError(error, searchParams.get('error_description')!);\n }\n if (state !== savedState) {\n throw new AuthSdkError('State in redirect uri does not match with transaction state');\n }\n if (!interactionCode) {\n throw new AuthSdkError('Unable to parse interaction_code from the url');\n }\n \n // Save tokens to storage\n const { tokens } = await authClient.token.exchangeCodeForTokens({ interactionCode, codeVerifier });\n authClient.tokenManager.setTokens(tokens);\n}"],"file":"handleInteractionCodeRedirect.js"}
|
package/cjs/idx/index.js
CHANGED
|
@@ -26,6 +26,19 @@ Object.keys(_cancel).forEach(function (key) {
|
|
|
26
26
|
});
|
|
27
27
|
});
|
|
28
28
|
|
|
29
|
+
var _emailVerify = require("./emailVerify");
|
|
30
|
+
|
|
31
|
+
Object.keys(_emailVerify).forEach(function (key) {
|
|
32
|
+
if (key === "default" || key === "__esModule") return;
|
|
33
|
+
if (key in exports && exports[key] === _emailVerify[key]) return;
|
|
34
|
+
Object.defineProperty(exports, key, {
|
|
35
|
+
enumerable: true,
|
|
36
|
+
get: function () {
|
|
37
|
+
return _emailVerify[key];
|
|
38
|
+
}
|
|
39
|
+
});
|
|
40
|
+
});
|
|
41
|
+
|
|
29
42
|
var _interact = require("./interact");
|
|
30
43
|
|
|
31
44
|
Object.keys(_interact).forEach(function (key) {
|
|
@@ -52,6 +65,19 @@ Object.keys(_introspect).forEach(function (key) {
|
|
|
52
65
|
});
|
|
53
66
|
});
|
|
54
67
|
|
|
68
|
+
var _poll = require("./poll");
|
|
69
|
+
|
|
70
|
+
Object.keys(_poll).forEach(function (key) {
|
|
71
|
+
if (key === "default" || key === "__esModule") return;
|
|
72
|
+
if (key in exports && exports[key] === _poll[key]) return;
|
|
73
|
+
Object.defineProperty(exports, key, {
|
|
74
|
+
enumerable: true,
|
|
75
|
+
get: function () {
|
|
76
|
+
return _poll[key];
|
|
77
|
+
}
|
|
78
|
+
});
|
|
79
|
+
});
|
|
80
|
+
|
|
55
81
|
var _proceed = require("./proceed");
|
|
56
82
|
|
|
57
83
|
Object.keys(_proceed).forEach(function (key) {
|
package/cjs/idx/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/index.ts"],"names":[],"mappings":";;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './authenticate';\nexport * from './cancel';\nexport * from './interact';\nexport * from './introspect';\nexport * from './proceed';\nexport * from './register';\nexport * from './recoverPassword';\nexport * from './handleInteractionCodeRedirect';\nexport * from './startTransaction';\nexport * from './transactionMeta';\n"],"file":"index.js"}
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/index.ts"],"names":[],"mappings":";;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './authenticate';\nexport * from './cancel';\nexport * from './emailVerify';\nexport * from './interact';\nexport * from './introspect';\nexport * from './poll';\nexport * from './proceed';\nexport * from './register';\nexport * from './recoverPassword';\nexport * from './handleInteractionCodeRedirect';\nexport * from './startTransaction';\nexport * from './transactionMeta';\n"],"file":"index.js"}
|
package/cjs/idx/interact.js
CHANGED
|
@@ -10,6 +10,12 @@ var _transactionMeta = require("./transactionMeta");
|
|
|
10
10
|
|
|
11
11
|
var _oidc = require("../oidc");
|
|
12
12
|
|
|
13
|
+
var _ = require(".");
|
|
14
|
+
|
|
15
|
+
var _util = require("../util");
|
|
16
|
+
|
|
17
|
+
/* eslint-disable @typescript-eslint/no-non-null-assertion */
|
|
18
|
+
|
|
13
19
|
/*!
|
|
14
20
|
* Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
15
21
|
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
@@ -21,6 +27,8 @@ var _oidc = require("../oidc");
|
|
|
21
27
|
*
|
|
22
28
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
23
29
|
*/
|
|
30
|
+
|
|
31
|
+
/* eslint complexity:[0,8] */
|
|
24
32
|
function getResponse(meta) {
|
|
25
33
|
return {
|
|
26
34
|
meta,
|
|
@@ -31,30 +39,33 @@ function getResponse(meta) {
|
|
|
31
39
|
|
|
32
40
|
|
|
33
41
|
async function interact(authClient, options = {}) {
|
|
34
|
-
|
|
35
|
-
const meta = await (0, _transactionMeta.getTransactionMeta)(authClient, {
|
|
36
|
-
state
|
|
37
|
-
}); // Saved transaction, return meta
|
|
42
|
+
var _meta;
|
|
38
43
|
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
} // These properties are always loaded from meta (or calculated fresh)
|
|
44
|
+
options = (0, _util.removeNils)(options);
|
|
45
|
+
let meta = (0, _transactionMeta.getSavedTransactionMeta)(authClient, options); // If meta exists, it has been validated against all options
|
|
42
46
|
|
|
47
|
+
if ((_meta = meta) !== null && _meta !== void 0 && _meta.interactionHandle) {
|
|
48
|
+
return getResponse(meta); // Saved transaction, return meta
|
|
49
|
+
} // Create new meta, respecting previous meta if it has been set and is not overridden
|
|
43
50
|
|
|
44
|
-
const {
|
|
45
|
-
codeChallenge,
|
|
46
|
-
codeChallengeMethod
|
|
47
|
-
} = meta; // These properties are defined by global configuration
|
|
48
|
-
|
|
49
|
-
const {
|
|
50
|
-
clientId,
|
|
51
|
-
redirectUri
|
|
52
|
-
} = authClient.options; // These properties can be set in options, but also have a default value in global configuration.
|
|
53
51
|
|
|
54
|
-
|
|
55
|
-
|
|
52
|
+
meta = await (0, _.createTransactionMeta)(authClient, { ...meta,
|
|
53
|
+
...options
|
|
54
|
+
});
|
|
56
55
|
const baseUrl = (0, _oidc.getOAuthBaseUrl)(authClient);
|
|
57
|
-
|
|
56
|
+
let {
|
|
57
|
+
clientId,
|
|
58
|
+
redirectUri,
|
|
59
|
+
state,
|
|
60
|
+
scopes,
|
|
61
|
+
withCredentials,
|
|
62
|
+
codeChallenge,
|
|
63
|
+
codeChallengeMethod,
|
|
64
|
+
activationToken,
|
|
65
|
+
recoveryToken
|
|
66
|
+
} = meta;
|
|
67
|
+
const interactionHandle = await _oktaIdxJs.default.interact({
|
|
68
|
+
withCredentials,
|
|
58
69
|
// OAuth
|
|
59
70
|
clientId,
|
|
60
71
|
baseUrl,
|
|
@@ -63,16 +74,23 @@ async function interact(authClient, options = {}) {
|
|
|
63
74
|
redirectUri,
|
|
64
75
|
// PKCE
|
|
65
76
|
codeChallenge,
|
|
66
|
-
codeChallengeMethod
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
scopes
|
|
72
|
-
}; // Save transaction meta so it can be resumed
|
|
73
|
-
|
|
74
|
-
(0, _transactionMeta.saveTransactionMeta)(authClient, newMeta);
|
|
75
|
-
return getResponse(newMeta);
|
|
77
|
+
codeChallengeMethod,
|
|
78
|
+
// Activation
|
|
79
|
+
activationToken,
|
|
80
|
+
// Recovery
|
|
81
|
+
recoveryToken
|
|
76
82
|
});
|
|
83
|
+
const newMeta = { ...meta,
|
|
84
|
+
interactionHandle,
|
|
85
|
+
// Options which can be passed into interact() should be saved in the meta
|
|
86
|
+
withCredentials,
|
|
87
|
+
state,
|
|
88
|
+
scopes,
|
|
89
|
+
recoveryToken,
|
|
90
|
+
activationToken
|
|
91
|
+
}; // Save transaction meta so it can be resumed
|
|
92
|
+
|
|
93
|
+
(0, _transactionMeta.saveTransactionMeta)(authClient, newMeta);
|
|
94
|
+
return getResponse(newMeta);
|
|
77
95
|
}
|
|
78
96
|
//# sourceMappingURL=interact.js.map
|
package/cjs/idx/interact.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/interact.ts"],"names":["getResponse","meta","interactionHandle","state","interact","authClient","options","
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/interact.ts"],"names":["getResponse","meta","interactionHandle","state","interact","authClient","options","baseUrl","clientId","redirectUri","scopes","withCredentials","codeChallenge","codeChallengeMethod","activationToken","recoveryToken","idx","newMeta"],"mappings":";;;;;;AAaA;;AAEA;;AACA;;AACA;;AACA;;AAlBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AAwBA,SAASA,WAAT,CAAqBC,IAArB,EAAiE;AAC/D,SAAO;AACLA,IAAAA,IADK;AAELC,IAAAA,iBAAiB,EAAED,IAAI,CAACC,iBAFnB;AAGLC,IAAAA,KAAK,EAAEF,IAAI,CAACE;AAHP,GAAP;AAKD,C,CAED;;;AACO,eAAeC,QAAf,CAAyBC,UAAzB,EAA+CC,OAAwB,GAAG,EAA1E,EAAyG;AAAA;;AAC9GA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AAEA,MAAIL,IAAI,GAAG,8CAAwBI,UAAxB,EAAoCC,OAApC,CAAX,CAH8G,CAI9G;;AAEA,eAAIL,IAAJ,kCAAI,MAAMC,iBAAV,EAA6B;AAC3B,WAAOF,WAAW,CAACC,IAAD,CAAlB,CAD2B,CACD;AAC3B,GAR6G,CAU9G;;;AACAA,EAAAA,IAAI,GAAG,MAAM,6BAAsBI,UAAtB,EAAkC,EAAE,GAAGJ,IAAL;AAAW,OAAGK;AAAd,GAAlC,CAAb;AACA,QAAMC,OAAO,GAAG,2BAAgBF,UAAhB,CAAhB;AACA,MAAI;AACFG,IAAAA,QADE;AAEFC,IAAAA,WAFE;AAGFN,IAAAA,KAHE;AAIFO,IAAAA,MAJE;AAKFC,IAAAA,eALE;AAMFC,IAAAA,aANE;AAOFC,IAAAA,mBAPE;AAQFC,IAAAA,eARE;AASFC,IAAAA;AATE,MAUAd,IAVJ;AAYA,QAAMC,iBAAiB,GAAG,MAAMc,mBAAIZ,QAAJ,CAAa;AAC3CO,IAAAA,eAD2C;AAG3C;AACAH,IAAAA,QAJ2C;AAK3CD,IAAAA,OAL2C;AAM3CG,IAAAA,MAN2C;AAO3CP,IAAAA,KAP2C;AAQ3CM,IAAAA,WAR2C;AAU3C;AACAG,IAAAA,aAX2C;AAY3CC,IAAAA,mBAZ2C;AAc3C;AACAC,IAAAA,eAf2C;AAiB3C;AACAC,IAAAA;AAlB2C,GAAb,CAAhC;AAoBA,QAAME,OAAO,GAAG,EACd,GAAGhB,IADW;AAEdC,IAAAA,iBAFc;AAId;AACAS,IAAAA,eALc;AAMdR,IAAAA,KANc;AAOdO,IAAAA,MAPc;AAQdK,IAAAA,aARc;AASdD,IAAAA;AATc,GAAhB,CA7C8G,CAwD9G;;AACA,4CAAoBT,UAApB,EAAgCY,OAAhC;AAEA,SAAOjB,WAAW,CAACiB,OAAD,CAAlB;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* eslint complexity:[0,8] */\nimport idx from '@okta/okta-idx-js';\nimport { OktaAuth, IdxTransactionMeta } from '../types';\nimport { getSavedTransactionMeta, saveTransactionMeta } from './transactionMeta';\nimport { getOAuthBaseUrl } from '../oidc';\nimport { createTransactionMeta } from '.';\nimport { removeNils } from '../util';\n\nexport interface InteractOptions {\n withCredentials?: boolean;\n state?: string;\n scopes?: string[];\n codeChallenge?: string;\n codeChallengeMethod?: string;\n activationToken?: string;\n recoveryToken?: string;\n}\n\nexport interface InteractResponse {\n state?: string;\n interactionHandle: string;\n meta: IdxTransactionMeta;\n}\n\nfunction getResponse(meta: IdxTransactionMeta): InteractResponse {\n return {\n meta,\n interactionHandle: meta.interactionHandle!,\n state: meta.state\n };\n}\n\n// Begin or resume a transaction. Returns an interaction handle\nexport async function interact (authClient: OktaAuth, options: InteractOptions = {}): Promise<InteractResponse> {\n options = removeNils(options);\n\n let meta = getSavedTransactionMeta(authClient, options);\n // If meta exists, it has been validated against all options\n\n if (meta?.interactionHandle) {\n return getResponse(meta); // Saved transaction, return meta\n }\n\n // Create new meta, respecting previous meta if it has been set and is not overridden\n meta = await createTransactionMeta(authClient, { ...meta, ...options });\n const baseUrl = getOAuthBaseUrl(authClient);\n let {\n clientId,\n redirectUri,\n state,\n scopes,\n withCredentials,\n codeChallenge,\n codeChallengeMethod,\n activationToken,\n recoveryToken\n } = meta as IdxTransactionMeta;\n\n const interactionHandle = await idx.interact({\n withCredentials,\n\n // OAuth\n clientId, \n baseUrl,\n scopes,\n state,\n redirectUri,\n\n // PKCE\n codeChallenge,\n codeChallengeMethod,\n\n // Activation\n activationToken,\n \n // Recovery\n recoveryToken\n });\n const newMeta = {\n ...meta,\n interactionHandle,\n \n // Options which can be passed into interact() should be saved in the meta\n withCredentials,\n state,\n scopes,\n recoveryToken,\n activationToken\n };\n // Save transaction meta so it can be resumed\n saveTransactionMeta(authClient, newMeta);\n\n return getResponse(newMeta);\n}\n"],"file":"interact.js"}
|
package/cjs/idx/introspect.js
CHANGED
|
@@ -23,26 +23,19 @@ var _constants = require("../constants");
|
|
|
23
23
|
*
|
|
24
24
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
25
25
|
*/
|
|
26
|
-
async function introspect(authClient, options) {
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
let rawIdxResponse;
|
|
30
|
-
|
|
31
|
-
if (useLastResponse) {
|
|
32
|
-
// try load from storage first
|
|
33
|
-
rawIdxResponse = authClient.transactionManager.loadIdxResponse();
|
|
34
|
-
} // call idx.introspect if no existing idx response available in storage
|
|
35
|
-
|
|
26
|
+
async function introspect(authClient, options = {}) {
|
|
27
|
+
// try load from storage first
|
|
28
|
+
let rawIdxResponse = authClient.transactionManager.loadIdxResponse(); // call idx.introspect if no existing idx response available in storage
|
|
36
29
|
|
|
37
30
|
if (!rawIdxResponse) {
|
|
38
|
-
const version = _constants.IDX_API_VERSION;
|
|
31
|
+
const version = options.version || _constants.IDX_API_VERSION;
|
|
39
32
|
const domain = (0, _oidc.getOAuthDomain)(authClient);
|
|
40
33
|
|
|
41
34
|
try {
|
|
42
35
|
rawIdxResponse = await _oktaIdxJs.default.introspect({
|
|
43
36
|
domain,
|
|
44
|
-
|
|
45
|
-
|
|
37
|
+
...options,
|
|
38
|
+
version
|
|
46
39
|
});
|
|
47
40
|
} catch (err) {
|
|
48
41
|
if ((0, _idxJs.isRawIdxResponse)(err)) {
|
|
@@ -53,6 +46,11 @@ async function introspect(authClient, options) {
|
|
|
53
46
|
}
|
|
54
47
|
}
|
|
55
48
|
|
|
56
|
-
|
|
49
|
+
const {
|
|
50
|
+
withCredentials
|
|
51
|
+
} = options;
|
|
52
|
+
return _oktaIdxJs.default.makeIdxState(rawIdxResponse, {
|
|
53
|
+
withCredentials
|
|
54
|
+
});
|
|
57
55
|
}
|
|
58
56
|
//# sourceMappingURL=introspect.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/introspect.ts"],"names":["introspect","authClient","options","
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/introspect.ts"],"names":["introspect","authClient","options","rawIdxResponse","transactionManager","loadIdxResponse","version","IDX_API_VERSION","domain","idx","err","withCredentials","makeIdxState"],"mappings":";;;;;;AAYA;;AAEA;;AACA;;AACA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAeO,eAAeA,UAAf,CAA2BC,UAA3B,EAAiDC,OAA0B,GAAG,EAA9E,EAAwG;AAC7G;AACA,MAAIC,cAAc,GAAGF,UAAU,CAACG,kBAAX,CAA8BC,eAA9B,EAArB,CAF6G,CAI7G;;AACA,MAAI,CAACF,cAAL,EAAqB;AACnB,UAAMG,OAAO,GAAGJ,OAAO,CAACI,OAAR,IAAmBC,0BAAnC;AACA,UAAMC,MAAM,GAAG,0BAAeP,UAAf,CAAf;;AACA,QAAI;AACFE,MAAAA,cAAc,GAAG,MAAMM,mBAAIT,UAAJ,CAAe;AAAEQ,QAAAA,MAAF;AAAU,WAAGN,OAAb;AAAsBI,QAAAA;AAAtB,OAAf,CAAvB;AACD,KAFD,CAEE,OAAOI,GAAP,EAAY;AACZ,UAAI,6BAAiBA,GAAjB,CAAJ,EAA2B;AACzBP,QAAAA,cAAc,GAAGO,GAAjB;AACD,OAFD,MAEO;AACL,cAAMA,GAAN;AACD;AACF;AACF;;AAED,QAAM;AAAEC,IAAAA;AAAF,MAAsBT,OAA5B;AACA,SAAOO,mBAAIG,YAAJ,CAAiBT,cAAjB,EAAiC;AAAEQ,IAAAA;AAAF,GAAjC,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport idx from '@okta/okta-idx-js';\nimport { OktaAuth } from '../types';\nimport { IdxResponse, isRawIdxResponse } from './types/idx-js';\nimport { getOAuthDomain } from '../oidc';\nimport { IDX_API_VERSION } from '../constants';\n\nexport interface IntrospectOptions {\n withCredentials?: boolean;\n interactionHandle?: string;\n stateHandle?: string;\n version?: string;\n}\n\nexport async function introspect (authClient: OktaAuth, options: IntrospectOptions = {}): Promise<IdxResponse> {\n // try load from storage first\n let rawIdxResponse = authClient.transactionManager.loadIdxResponse();\n \n // call idx.introspect if no existing idx response available in storage\n if (!rawIdxResponse) {\n const version = options.version || IDX_API_VERSION;\n const domain = getOAuthDomain(authClient);\n try {\n rawIdxResponse = await idx.introspect({ domain, ...options, version });\n } catch (err) {\n if (isRawIdxResponse(err)) {\n rawIdxResponse = err;\n } else {\n throw err;\n }\n }\n }\n\n const { withCredentials } = options;\n return idx.makeIdxState(rawIdxResponse, { withCredentials });\n}\n"],"file":"introspect.js"}
|