npm - @okta/okta-auth-js - Versions diffs - 5.9.1 → 6.0.0 - Mend

@okta/okta-auth-js 5.9.1 → 6.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (275) hide show

package/CHANGELOG.md +56 -0
package/README.md +16 -3
package/cjs/AuthStateManager.js +2 -1
package/cjs/AuthStateManager.js.map +1 -1
package/cjs/OktaAuth.js +95 -78
package/cjs/OktaAuth.js.map +1 -1
package/cjs/OktaUserAgent.js +2 -2
package/cjs/OktaUserAgent.js.map +1 -1
package/cjs/PromiseQueue.js +6 -1
package/cjs/PromiseQueue.js.map +1 -1
package/cjs/StorageManager.js +3 -1
package/cjs/StorageManager.js.map +1 -1
package/cjs/TokenManager.js +33 -5
package/cjs/TokenManager.js.map +1 -1
package/cjs/TransactionManager.js +17 -4
package/cjs/TransactionManager.js.map +1 -1
package/cjs/browser/browserStorage.js +7 -5
package/cjs/browser/browserStorage.js.map +1 -1
package/cjs/browser/fingerprint.js +3 -1
package/cjs/browser/fingerprint.js.map +1 -1
package/cjs/builderUtil.js +3 -17
package/cjs/builderUtil.js.map +1 -1
package/cjs/crypto/oidcHash.js.map +1 -1
package/cjs/features.js +9 -3
package/cjs/features.js.map +1 -1
package/cjs/fetch/fetchRequest.js +2 -1
package/cjs/fetch/fetchRequest.js.map +1 -1
package/cjs/http/request.js +2 -0
package/cjs/http/request.js.map +1 -1
package/cjs/idx/authenticate.js +8 -5
package/cjs/idx/authenticate.js.map +1 -1
package/cjs/idx/authenticator/Authenticator.js +14 -0
package/cjs/idx/authenticator/Authenticator.js.map +1 -0
package/cjs/idx/authenticator/OktaPassword.js +31 -0
package/cjs/idx/authenticator/OktaPassword.js.map +1 -0
package/cjs/idx/authenticator/OktaVerifyTotp.js +17 -0
package/cjs/idx/authenticator/OktaVerifyTotp.js.map +1 -0
package/cjs/idx/authenticator/SecurityQuestionEnrollment.js +50 -0
package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map +1 -0
package/cjs/idx/authenticator/SecurityQuestionVerification.js +32 -0
package/cjs/idx/authenticator/SecurityQuestionVerification.js.map +1 -0
package/cjs/idx/authenticator/VerificationCodeAuthenticator.js +34 -0
package/cjs/idx/authenticator/VerificationCodeAuthenticator.js.map +1 -0
package/cjs/idx/authenticator/getAuthenticator.js +41 -0
package/cjs/idx/authenticator/getAuthenticator.js.map +1 -0
package/cjs/idx/authenticator/index.js +80 -0
package/cjs/idx/authenticator/index.js.map +1 -0
package/cjs/idx/cancel.js +5 -0
package/cjs/idx/cancel.js.map +1 -1
package/cjs/idx/emailVerify.js +73 -0
package/cjs/idx/emailVerify.js.map +1 -0
package/cjs/idx/flow/AuthenticationFlow.js +4 -1
package/cjs/idx/flow/AuthenticationFlow.js.map +1 -1
package/cjs/idx/flow/FlowSpecification.js +16 -14
package/cjs/idx/flow/FlowSpecification.js.map +1 -1
package/cjs/idx/flow/RegistrationFlow.js +3 -0
package/cjs/idx/flow/RegistrationFlow.js.map +1 -1
package/cjs/idx/flow/index.js +0 -52
package/cjs/idx/flow/index.js.map +1 -1
package/cjs/idx/handleInteractionCodeRedirect.js +1 -0
package/cjs/idx/handleInteractionCodeRedirect.js.map +1 -1
package/cjs/idx/index.js +26 -0
package/cjs/idx/index.js.map +1 -1
package/cjs/idx/interact.js +47 -29
package/cjs/idx/interact.js.map +1 -1
package/cjs/idx/introspect.js +12 -14
package/cjs/idx/introspect.js.map +1 -1
package/cjs/idx/poll.js +59 -0
package/cjs/idx/poll.js.map +1 -0
package/cjs/idx/proceed.js +4 -7
package/cjs/idx/proceed.js.map +1 -1
package/cjs/idx/recoverPassword.js +1 -1
package/cjs/idx/recoverPassword.js.map +1 -1
package/cjs/idx/register.js +16 -14
package/cjs/idx/register.js.map +1 -1
package/cjs/idx/remediate.js +55 -92
package/cjs/idx/remediate.js.map +1 -1
package/cjs/idx/remediators/AuthenticatorEnrollmentData.js +11 -12
package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
package/cjs/idx/remediators/AuthenticatorVerificationData.js +8 -9
package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
package/cjs/idx/remediators/Base/AuthenticatorData.js +48 -35
package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
package/cjs/idx/remediators/Base/Remediator.js +53 -20
package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
package/cjs/idx/remediators/Base/SelectAuthenticator.js +20 -19
package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
package/cjs/idx/remediators/Base/VerifyAuthenticator.js +8 -28
package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
package/cjs/idx/remediators/ChallengeAuthenticator.js.map +1 -1
package/cjs/idx/remediators/ChallengePoll.js +26 -0
package/cjs/idx/remediators/ChallengePoll.js.map +1 -0
package/cjs/idx/remediators/EnrollAuthenticator.js.map +1 -1
package/cjs/idx/remediators/EnrollPoll.js +55 -0
package/cjs/idx/remediators/EnrollPoll.js.map +1 -0
package/cjs/idx/remediators/EnrollProfile.js +4 -1
package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
package/cjs/idx/remediators/EnrollmentChannelData.js +80 -0
package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -0
package/cjs/idx/remediators/Identify.js +2 -35
package/cjs/idx/remediators/Identify.js.map +1 -1
package/cjs/idx/remediators/ReEnrollAuthenticator.js +1 -0
package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
package/cjs/idx/remediators/ResetAuthenticator.js.map +1 -1
package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js +23 -2
package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
package/cjs/idx/remediators/SelectAuthenticatorEnroll.js.map +1 -1
package/cjs/idx/remediators/SelectEnrollProfile.js.map +1 -1
package/cjs/idx/remediators/SelectEnrollmentChannel.js +74 -0
package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -0
package/cjs/idx/remediators/Skip.js +7 -0
package/cjs/idx/remediators/Skip.js.map +1 -1
package/cjs/idx/remediators/index.js +52 -0
package/cjs/idx/remediators/index.js.map +1 -1
package/cjs/idx/remediators/util.js +7 -2
package/cjs/idx/remediators/util.js.map +1 -1
package/cjs/idx/run.js +110 -52
package/cjs/idx/run.js.map +1 -1
package/cjs/idx/startTransaction.js +4 -2
package/cjs/idx/startTransaction.js.map +1 -1
package/cjs/idx/transactionMeta.js +82 -69
package/cjs/idx/transactionMeta.js.map +1 -1
package/cjs/idx/types/idx-js.js.map +1 -1
package/cjs/idx/types/index.js +21 -4
package/cjs/idx/types/index.js.map +1 -1
package/cjs/index.js +14 -0
package/cjs/index.js.map +1 -1
package/cjs/oidc/endpoints/authorize.js +2 -0
package/cjs/oidc/endpoints/authorize.js.map +1 -1
package/cjs/oidc/endpoints/token.js +1 -0
package/cjs/oidc/endpoints/token.js.map +1 -1
package/cjs/oidc/exchangeCodeForTokens.js +3 -3
package/cjs/oidc/exchangeCodeForTokens.js.map +1 -1
package/cjs/oidc/getToken.js +3 -1
package/cjs/oidc/getToken.js.map +1 -1
package/cjs/oidc/getWithRedirect.js +10 -37
package/cjs/oidc/getWithRedirect.js.map +1 -1
package/cjs/oidc/handleOAuthResponse.js +80 -86
package/cjs/oidc/handleOAuthResponse.js.map +1 -1
package/cjs/oidc/parseFromUrl.js.map +1 -1
package/cjs/oidc/renewToken.js.map +1 -1
package/cjs/oidc/renewTokens.js +1 -1
package/cjs/oidc/renewTokens.js.map +1 -1
package/cjs/oidc/revokeToken.js +28 -29
package/cjs/oidc/revokeToken.js.map +1 -1
package/cjs/oidc/util/index.js +14 -0
package/cjs/oidc/util/index.js.map +1 -1
package/cjs/oidc/util/loginRedirect.js +6 -1
package/cjs/oidc/util/loginRedirect.js.map +1 -1
package/cjs/oidc/util/oauth.js.map +1 -1
package/cjs/oidc/util/oauthMeta.js +36 -0
package/cjs/oidc/util/oauthMeta.js.map +1 -0
package/cjs/oidc/util/pkce.js.map +1 -1
package/cjs/oidc/util/prepareTokenParams.js +57 -36
package/cjs/oidc/util/prepareTokenParams.js.map +1 -1
package/cjs/oidc/util/validateClaims.js +2 -0
package/cjs/oidc/util/validateClaims.js.map +1 -1
package/cjs/oidc/verifyToken.js +2 -1
package/cjs/oidc/verifyToken.js.map +1 -1
package/cjs/options.js +6 -2
package/cjs/options.js.map +1 -1
package/cjs/server/serverStorage.js +1 -1
package/cjs/server/serverStorage.js.map +1 -1
package/cjs/services/TokenService.js +3 -0
package/cjs/services/TokenService.js.map +1 -1
package/cjs/tx/AuthTransaction.js +3 -0
package/cjs/tx/AuthTransaction.js.map +1 -1
package/cjs/tx/TransactionState.js +0 -17
package/cjs/tx/TransactionState.js.map +1 -1
package/cjs/tx/api.js +3 -2
package/cjs/tx/api.js.map +1 -1
package/cjs/types/Token.js.map +1 -1
package/cjs/types/Transaction.js.map +1 -1
package/cjs/util/index.js +0 -13
package/cjs/util/index.js.map +1 -1
package/cjs/util/url.js.map +1 -1
package/dist/okta-auth-js.min.js +1 -1
package/dist/okta-auth-js.min.js.map +1 -1
package/dist/okta-auth-js.umd.js +1 -1
package/dist/okta-auth-js.umd.js.map +1 -1
package/esm/index.js +2603 -1814
package/esm/index.js.map +1 -1
package/lib/AuthStateManager.d.ts +1 -2
package/lib/OktaAuth.d.ts +4 -10
package/lib/StorageManager.d.ts +1 -1
package/lib/TokenManager.d.ts +4 -2
package/lib/TransactionManager.d.ts +3 -2
package/lib/browser/fingerprint.d.ts +1 -1
package/lib/builderUtil.d.ts +1 -2
package/lib/crypto/browser.d.ts +1 -1
package/lib/features.d.ts +1 -1
package/lib/idx/authenticate.d.ts +1 -1
package/lib/idx/authenticator/Authenticator.d.ts +12 -0
package/lib/idx/authenticator/OktaPassword.d.ts +11 -0
package/lib/idx/authenticator/OktaVerifyTotp.d.ts +9 -0
package/lib/idx/authenticator/SecurityQuestionEnrollment.d.ts +28 -0
package/lib/idx/authenticator/SecurityQuestionVerification.d.ts +14 -0
package/lib/idx/authenticator/VerificationCodeAuthenticator.d.ts +10 -0
package/lib/idx/authenticator/getAuthenticator.d.ts +3 -0
package/lib/idx/authenticator/index.d.ts +6 -0
package/lib/idx/cancel.d.ts +1 -1
package/lib/{util → idx}/emailVerify.d.ts +10 -1
package/lib/idx/flow/FlowSpecification.d.ts +1 -2
package/lib/idx/flow/index.d.ts +0 -4
package/lib/idx/index.d.ts +2 -0
package/lib/idx/interact.d.ts +5 -11
package/lib/idx/introspect.d.ts +3 -2
package/lib/idx/{flow/AuthenticationFlowMonitor.d.ts → poll.d.ts} +3 -5
package/lib/idx/proceed.d.ts +4 -1
package/lib/idx/recoverPassword.d.ts +1 -1
package/lib/idx/register.d.ts +1 -1
package/lib/idx/remediate.d.ts +10 -4
package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +12 -8
package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +3 -4
package/lib/idx/remediators/Base/AuthenticatorData.d.ts +13 -8
package/lib/idx/remediators/Base/Remediator.d.ts +9 -6
package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +9 -8
package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +10 -5
package/lib/idx/{flow/RegistrationFlowMonitor.d.ts → remediators/ChallengePoll.d.ts} +3 -3
package/lib/idx/{flow/PasswordRecoveryFlowMonitor.d.ts → remediators/EnrollPoll.d.ts} +12 -4
package/lib/idx/remediators/EnrollProfile.d.ts +1 -1
package/lib/idx/remediators/EnrollmentChannelData.d.ts +53 -0
package/lib/idx/remediators/Identify.d.ts +2 -5
package/lib/idx/remediators/ReEnrollAuthenticator.d.ts +2 -2
package/lib/idx/remediators/RedirectIdp.d.ts +3 -3
package/lib/idx/remediators/SelectAuthenticatorAuthenticate.d.ts +6 -2
package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +39 -0
package/lib/idx/remediators/Skip.d.ts +3 -0
package/lib/idx/remediators/index.d.ts +4 -0
package/lib/idx/remediators/util.d.ts +2 -2
package/lib/idx/run.d.ts +4 -3
package/lib/idx/startTransaction.d.ts +3 -2
package/lib/idx/transactionMeta.d.ts +6 -27
package/lib/idx/types/idx-js.d.ts +57 -2
package/lib/idx/types/index.d.ts +25 -8
package/lib/index.d.ts +1 -0
package/lib/oidc/exchangeCodeForTokens.d.ts +12 -0
package/lib/oidc/getWithRedirect.d.ts +1 -1
package/lib/oidc/handleOAuthResponse.d.ts +1 -1
package/lib/oidc/parseFromUrl.d.ts +1 -1
package/lib/oidc/renewToken.d.ts +1 -1
package/lib/oidc/renewTokens.d.ts +1 -1
package/lib/oidc/util/browser.d.ts +1 -1
package/lib/oidc/util/errors.d.ts +1 -1
package/lib/oidc/util/index.d.ts +1 -0
package/lib/oidc/util/oauth.d.ts +1 -8
package/lib/oidc/util/oauthMeta.d.ts +2 -0
package/lib/oidc/util/prepareTokenParams.d.ts +3 -0
package/lib/server/serverStorage.d.ts +1 -1
package/lib/services/TokenService.d.ts +2 -2
package/lib/tx/AuthTransaction.d.ts +2 -2
package/lib/tx/TransactionState.d.ts +11 -1
package/lib/tx/api.d.ts +6 -6
package/lib/types/OktaAuthOptions.d.ts +6 -6
package/lib/types/Storage.d.ts +3 -3
package/lib/types/Token.d.ts +1 -0
package/lib/types/Transaction.d.ts +11 -0
package/lib/types/UserClaims.d.ts +3 -3
package/lib/types/api.d.ts +31 -17
package/lib/util/console.d.ts +1 -1
package/lib/util/index.d.ts +0 -1
package/lib/util/types.d.ts +1 -1
package/lib/util/url.d.ts +2 -2
package/package.json +6 -8
package/cjs/idx/flow/AuthenticationFlowMonitor.js +0 -45
package/cjs/idx/flow/AuthenticationFlowMonitor.js.map +0 -1
package/cjs/idx/flow/FlowMonitor.js +0 -69
package/cjs/idx/flow/FlowMonitor.js.map +0 -1
package/cjs/idx/flow/PasswordRecoveryFlowMonitor.js +0 -55
package/cjs/idx/flow/PasswordRecoveryFlowMonitor.js.map +0 -1
package/cjs/idx/flow/RegistrationFlowMonitor.js +0 -35
package/cjs/idx/flow/RegistrationFlowMonitor.js.map +0 -1
package/cjs/util/emailVerify.js +0 -28
package/cjs/util/emailVerify.js.map +0 -1
package/lib/idx/flow/FlowMonitor.d.ts +0 -23

package/cjs/idx/remediators/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../lib/idx/remediators/index.ts"],"names":[],"mappings":";;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/!\n Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n /\n\n\nexport from './Base/Remediator';\nexport * from './EnrollAuthenticator';\nexport * from './ChallengeAuthenticator';\nexport * from './ResetAuthenticator';\nexport * from './EnrollProfile';\nexport * from './Identify';\nexport * from './ReEnrollAuthenticator';\nexport * from './RedirectIdp';\nexport * from './SelectAuthenticatorAuthenticate';\nexport * from './SelectAuthenticatorEnroll';\nexport * from './SelectEnrollProfile';\nexport * from './AuthenticatorVerificationData';\nexport * from './AuthenticatorEnrollmentData';\nexport * from './Skip';\n"],"file":"index.js"}
1	+ {"version":3,"sources":["../../../../lib/idx/remediators/index.ts"],"names":[],"mappings":";;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/!\n Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n /\n\n\nexport from './Base/Remediator';\nexport * from './EnrollAuthenticator';\nexport * from './EnrollPoll';\nexport * from './SelectEnrollmentChannel';\nexport * from './EnrollmentChannelData';\nexport * from './ChallengeAuthenticator';\nexport * from './ChallengePoll';\nexport * from './ResetAuthenticator';\nexport * from './EnrollProfile';\nexport * from './Identify';\nexport * from './ReEnrollAuthenticator';\nexport * from './RedirectIdp';\nexport * from './SelectAuthenticatorAuthenticate';\nexport * from './SelectAuthenticatorEnroll';\nexport * from './SelectEnrollProfile';\nexport * from './AuthenticatorVerificationData';\nexport * from './AuthenticatorEnrollmentData';\nexport * from './Skip';\n"],"file":"index.js"}

package/cjs/idx/remediators/util.js CHANGED Viewed

@@ -17,11 +17,15 @@ exports.getAuthenticatorFromRemediation = getAuthenticatorFromRemediation;
  * See the License for the specific language governing permissions and limitations under the License.
  */
 function getAllValues(idxRemediation) {
-  return idxRemediation.value.map(r => r.name);
+  var _idxRemediation$value;
+  return (_idxRemediation$value = idxRemediation.value) === null || _idxRemediation$value === void 0 ? void 0 : _idxRemediation$value.map(r => r.name);
 }
 function getRequiredValues(idxRemediation) {
-  return idxRemediation.value.reduce((required, cur) => {
+  var _idxRemediation$value2;
+  return (_idxRemediation$value2 = idxRemediation.value) === null || _idxRemediation$value2 === void 0 ? void 0 : _idxRemediation$value2.reduce((required, cur) => {
     if (cur.required) {
       required.push(cur.name);
     }
@@ -35,6 +39,7 @@ function titleCase(str) {
 }
 function getAuthenticatorFromRemediation(remediation) {
+  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
   return remediation.value.find(({
     name
   }) => name === 'authenticator');

package/cjs/idx/remediators/util.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../lib/idx/remediators/util.ts"],"names":["getAllValues","idxRemediation","value","map","r","name","getRequiredValues","reduce","required","cur","push","titleCase","str","charAt","toUpperCase","substring","getAuthenticatorFromRemediation","remediation","find"],"mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKO,SAASA,YAAT,CAAsBC,cAAtB,EAAsD;AAC3D,~~SAAOA~~,cAAc,CAACC,~~KAAf~~,~~CAAqBC~~,~~GAArB~~,~~CAAyBC~~,CAAC,IAAIA,CAAC,CAACC,~~IAAhC~~,CAAP;AACD;;AAEM,SAASC,iBAAT,CAA2BL,cAA3B,EAA2D;AAChE,~~SAAOA~~,cAAc,CAACC,~~KAAf~~,~~CAAqBK~~,~~MAArB~~,~~CAA4B~~,CAACC,QAAD,EAAWC,GAAX,KAAmB;~~AACpD~~,QAAIA,GAAG,CAACD,QAAR,EAAkB;AAChBA,MAAAA,QAAQ,CAACE,IAAT,CAAcD,GAAG,CAACJ,IAAlB;AACD;;AACD,WAAOG,QAAP;AACD,GALM,EAKJ,EALI,CAAP;AAMD;;AAEM,SAASG,SAAT,CAAmBC,GAAnB,EAAgC;AACrC,SAAOA,GAAG,CAACC,MAAJ,CAAW,CAAX,EAAcC,WAAd,KAA8BF,GAAG,CAACG,SAAJ,CAAc,CAAd,CAArC;AACD;;AAEM,SAASC,+BAAT,CACLC,WADK,EAEgB;AACrB,SAAOA,WAAW,CAACf,KAAZ,~~CAAkBgB~~,~~IAAlB~~,~~CAAuB~~,CAAC;AAAEb,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,~~eAA9C~~,CAAP;AACD","sourcesContent":["/!\n Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { IdxRemediation, IdxRemediationValue } from '../types/idx-js';\n\nexport function getAllValues(idxRemediation: IdxRemediation) {\n return idxRemediation.value.map(r => r.name);\n}\n\nexport function getRequiredValues(idxRemediation: IdxRemediation) {\n return idxRemediation.value.reduce((required, cur) => {\n if (cur.required) {\n required.push(cur.name);\n }\n return required;\n }, []);\n}\n\nexport function titleCase(str: string) {\n return str.charAt(0).toUpperCase() + str.substring(1);\n}\n\nexport function getAuthenticatorFromRemediation(\n remediation: IdxRemediation\n): IdxRemediationValue {\n return remediation.value.find(({ name }) => name === 'authenticator');\n}\n"],"file":"util.js"}
1	+ {"version":3,"sources":["../../../../lib/idx/remediators/util.ts"],"names":["getAllValues","idxRemediation","value","map","r","name","getRequiredValues","reduce","required","cur","push","titleCase","str","charAt","toUpperCase","substring","getAuthenticatorFromRemediation","remediation","find"],"mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKO,SAASA,YAAT,CAAsBC,cAAtB,EAAsD;AAAA;;AAC3D,kCAAOA,cAAc,CAACC,KAAtB,0DAAO,sBAAsBC,GAAtB,CAA0BC,CAAC,IAAIA,CAAC,CAACC,IAAjC,CAAP;AACD;;AAEM,SAASC,iBAAT,CAA2BL,cAA3B,EAA2D;AAAA;;AAChE,mCAAOA,cAAc,CAACC,KAAtB,2DAAO,uBAAsBK,MAAtB,CAA6B,CAACC,QAAD,EAAWC,GAAX,KAAmB;AACrD,QAAIA,GAAG,CAACD,QAAR,EAAkB;AAChBA,MAAAA,QAAQ,CAACE,IAAT,CAAcD,GAAG,CAACJ,IAAlB;AACD;;AACD,WAAOG,QAAP;AACD,GALM,EAKJ,EALI,CAAP;AAMD;;AAEM,SAASG,SAAT,CAAmBC,GAAnB,EAAgC;AACrC,SAAOA,GAAG,CAACC,MAAJ,CAAW,CAAX,EAAcC,WAAd,KAA8BF,GAAG,CAACG,SAAJ,CAAc,CAAd,CAArC;AACD;;AAEM,SAASC,+BAAT,CACLC,WADK,EAEgB;AACrB;AACA,SAAOA,WAAW,CAACf,KAAZ,CAAmBgB,IAAnB,CAAwB,CAAC;AAAEb,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,eAA/C,CAAP;AACD","sourcesContent":["/!\n Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { IdxRemediation, IdxRemediationValue } from '../types/idx-js';\n\nexport function getAllValues(idxRemediation: IdxRemediation) {\n return idxRemediation.value?.map(r => r.name);\n}\n\nexport function getRequiredValues(idxRemediation: IdxRemediation) {\n return idxRemediation.value?.reduce((required, cur) => {\n if (cur.required) {\n required.push(cur.name as never);\n }\n return required;\n }, []);\n}\n\nexport function titleCase(str: string) {\n return str.charAt(0).toUpperCase() + str.substring(1);\n}\n\nexport function getAuthenticatorFromRemediation(\n remediation: IdxRemediation\n): IdxRemediationValue {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return remediation.value!.find(({ name }) => name === 'authenticator') as IdxRemediationValue;\n}\n"],"file":"util.js"}

package/cjs/idx/run.js CHANGED Viewed

@@ -8,12 +8,14 @@ var _introspect = require("./introspect");
 var _remediate = require("./remediate");
-var remediators = _interopRequireWildcard(require("./remediators"));
+var _flow = require("./flow");
-var _errors = require("../errors");
+var remediators = _interopRequireWildcard(require("./remediators"));
 var _types = require("../types");
+var _idxJs = require("./types/idx-js");
 var _transactionMeta = require("./transactionMeta");
 function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
@@ -59,7 +61,7 @@ function getEnabledFeatures(idxResponse) {
   return res;
 }
-function getAvailableSteps(remediations) {
+function getAvailableSteps(idxResponse) {
   const res = [];
   const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {
     // Only add concrete subclasses to the map
@@ -70,12 +72,12 @@ function getAvailableSteps(remediations) {
     return map;
   }, {});
-  for (let remediation of remediations) {
+  for (let remediation of idxResponse.neededToProceed) {
     const T = remediatorMap[remediation.name];
     if (T) {
       const remediator = new T(remediation);
-      res.push(remediator.getNextStep());
+      res.push(remediator.getNextStep(idxResponse.context));
     }
   }
@@ -92,21 +94,37 @@ async function run(authClient, options = {}) {
   let availableSteps;
   let status = _types.IdxStatus.PENDING;
   let shouldClearTransaction = false;
+  let clearSharedStorage = true;
   let idxResponse;
   let interactionHandle;
   let metaFromResp;
+  let interactionCode;
   try {
     var _metaFromResp;
-    const {
+    let {
       flow,
-      stateTokenExternalId,
-      state
+      state,
+      scopes,
+      version,
+      remediators,
+      actions,
+      withCredentials,
+      exchangeCodeForTokens,
+      autoRemediate,
+      step
     } = options; // Only one flow can be operating at a time
+    flow = flow || authClient.idx.getFlow() || 'default';
     if (flow) {
       authClient.idx.setFlow(flow);
+      const flowSpec = (0, _flow.getFlowSpecification)(authClient, flow); // Favor option values over flow spec
+      withCredentials = typeof withCredentials !== 'undefined' ? withCredentials : flowSpec.withCredentials;
+      remediators = remediators || flowSpec.remediators;
+      actions = actions || flowSpec.actions;
     } // Try to resume saved transaction
@@ -115,26 +133,33 @@ async function run(authClient, options = {}) {
     });
     interactionHandle = (_metaFromResp = metaFromResp) === null || _metaFromResp === void 0 ? void 0 : _metaFromResp.interactionHandle; // may be undefined
-    if (!interactionHandle && !stateTokenExternalId) {
+    if (!interactionHandle) {
       // start a new transaction
       authClient.transactionManager.clear();
-      const interactResponse = await (0, _interact.interact)(authClient, options);
+      const interactResponse = await (0, _interact.interact)(authClient, {
+        withCredentials,
+        state,
+        scopes
+      });
       interactionHandle = interactResponse.interactionHandle;
       metaFromResp = interactResponse.meta;
+      withCredentials = metaFromResp.withCredentials;
     } // Introspect to get idx response
     idxResponse = await (0, _introspect.introspect)(authClient, {
-      interactionHandle,
-      stateTokenExternalId
+      withCredentials,
+      version,
+      interactionHandle
     });
+    enabledFeatures = getEnabledFeatures(idxResponse);
+    availableSteps = getAvailableSteps(idxResponse); // Include meta in the transaction response
+    meta = metaFromResp;
+    if (autoRemediate !== false && (remediators || actions)) {
+      var _idxResponse;
-    if (!options.remediators && !options.actions) {
-      // handle start transaction
-      meta = metaFromResp;
-      enabledFeatures = getEnabledFeatures(idxResponse);
-      availableSteps = getAvailableSteps(idxResponse.neededToProceed);
-    } else {
       const values = { ...options,
         stateHandle: idxResponse.rawIdxState.stateHandle
       }; // Can we handle the remediations?
@@ -145,62 +170,87 @@ async function run(authClient, options = {}) {
         terminal,
         canceled,
         messages: messagesFromResp
-      } = await (0, _remediate.remediate)(idxResponse, values, options); // Track fields from remediation response
+      } = await (0, _remediate.remediate)(idxResponse, values, {
+        remediators,
+        actions,
+        flow,
+        step
+      });
+      idxResponse = idxResponseFromResp || idxResponse; // Track fields from remediation response
       nextStep = nextStepFromResp;
       messages = messagesFromResp; // Save intermediate idx response in storage to reduce introspect call
-      if (nextStep && idxResponseFromResp) {
-        authClient.transactionManager.saveIdxResponse(idxResponseFromResp.rawIdxState);
+      if (nextStep) {
+        authClient.transactionManager.saveIdxResponse(idxResponse.rawIdxState);
+        availableSteps = getAvailableSteps(idxResponse);
       }
       if (terminal) {
         status = _types.IdxStatus.TERMINAL;
         shouldClearTransaction = true;
+        clearSharedStorage = false; // transaction may be continued in another tab
       }
       if (canceled) {
         status = _types.IdxStatus.CANCELED;
         shouldClearTransaction = true;
-      } else if (idxResponseFromResp !== null && idxResponseFromResp !== void 0 && idxResponseFromResp.interactionCode) {
-        // Flows may end with interactionCode before the key remediation being hit
-        // Double check if flow is finished to mitigate confusion with the wrapper methods
-        if (!(await options.flowMonitor.isFinished())) {
-          throw new _errors.AuthSdkError('Current flow is not supported, check policy settings in your org.');
+      } else if ((_idxResponse = idxResponse) !== null && _idxResponse !== void 0 && _idxResponse.interactionCode) {
+        interactionCode = idxResponse.interactionCode;
+        if (exchangeCodeForTokens === false) {
+          status = _types.IdxStatus.SUCCESS;
+          shouldClearTransaction = false;
+        } else {
+          // exchange the interaction code for tokens
+          const {
+            clientId,
+            codeVerifier,
+            ignoreSignature,
+            redirectUri,
+            urls,
+            scopes
+          } = metaFromResp;
+          tokens = await authClient.token.exchangeCodeForTokens({
+            interactionCode,
+            clientId,
+            codeVerifier,
+            ignoreSignature,
+            redirectUri,
+            scopes
+          }, urls);
+          status = _types.IdxStatus.SUCCESS;
+          shouldClearTransaction = true;
         }
-        const {
-          clientId,
-          codeVerifier,
-          ignoreSignature,
-          redirectUri,
-          urls,
-          scopes
-        } = metaFromResp;
-        tokens = await authClient.token.exchangeCodeForTokens({
-          interactionCode: idxResponseFromResp.interactionCode,
-          clientId,
-          codeVerifier,
-          ignoreSignature,
-          redirectUri,
-          scopes
-        }, urls);
-        status = _types.IdxStatus.SUCCESS;
-        shouldClearTransaction = true;
       }
     }
   } catch (err) {
-    error = err;
-    status = _types.IdxStatus.FAILURE;
-    shouldClearTransaction = true;
+    // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors
+    if ((0, _idxJs.isIdxResponse)(err)) {
+      error = err;
+      status = _types.IdxStatus.FAILURE;
+      shouldClearTransaction = true;
+    } else {
+      // error is not an IDX response, throw it like a regular error
+      throw err;
+    }
   }
   if (shouldClearTransaction) {
-    authClient.transactionManager.clear();
-  }
+    authClient.transactionManager.clear({
+      clearSharedStorage
+    });
+  } // from idx-js, used by the widget
+  const {
+    actions,
+    context,
+    neededToProceed,
+    proceed,
+    rawIdxState
+  } = idxResponse || {};
   return {
-    _idxResponse: idxResponse,
     status,
     ...(meta && {
       meta
@@ -222,7 +272,15 @@ async function run(authClient, options = {}) {
     }),
     ...(error && {
       error
-    })
+    }),
+    interactionCode,
+    // if options.exchangeCodeForTokens is false
+    // from idx-js
+    actions,
+    context,
+    neededToProceed,
+    proceed,
+    rawIdxState
   };
 }
 //# sourceMappingURL=run.js.map

package/cjs/idx/run.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","getAvailableSteps","remediations","remediatorMap","Object","values","remediators","reduce","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","interactionHandle","metaFromResp","flow","stateTokenExternalId","state","idx","setFlow","transactionManager","clear","interactResponse","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","saveIdxResponse","TERMINAL","CANCELED","interactionCode","flowMonitor","isFinished","AuthSdkError","clientId","codeVerifier","ignoreSignature","redirectUri","urls","scopes","token","exchangeCodeForTokens","SUCCESS","err","FAILURE","_idxResponse"],"mappings":";;;;AAcA;;AACA;;AACA;;AAEA;;AACA;;AACA;;AASA;;;;;;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AA0BA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,SAAOT,GAAP;AACD;;AAED,SAASU,iBAAT,CAA2BC,YAA3B,EAAuE;AACrE,QAAMX,GAAG,GAAG,EAAZ;AAEA,QAAMY,aAAa,GAAGC,MAAM,CAACC,MAAP,CAAcC,WAAd,EAA2BC,MAA3B,CAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBT,YAAxB,EAAsC;AACpC,UAAMU,CAAC,GAAGT,aAAa,CAACQ,WAAW,CAACb,IAAb,CAAvB;;AACA,QAAIc,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACApB,MAAAA,GAAG,CAACG,IAAJ,CAAUmB,UAAU,CAACC,WAAX,EAAV;AACD;AACF;;AAED,SAAOvB,GAAP;AACD;;AAEM,eAAewB,GAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAItC,WAAJ;AACA,MAAIuC,iBAAJ;AACA,MAAIC,YAAJ;;AAEA,MAAI;AAAA;;AAEF,UAAM;AAAEC,MAAAA,IAAF;AAAQC,MAAAA,oBAAR;AAA8BC,MAAAA;AAA9B,QAAwChB,OAA9C,CAFE,CAIF;;AACA,QAAIc,IAAJ,EAAU;AACRf,MAAAA,UAAU,CAACkB,GAAX,CAAeC,OAAf,CAAuBJ,IAAvB;AACD,KAPC,CASF;;;AACAD,IAAAA,YAAY,GAAG,8CAAwBd,UAAxB,EAAoC;AAAEiB,MAAAA;AAAF,KAApC,CAAf;AACAJ,IAAAA,iBAAiB,oBAAGC,YAAH,kDAAG,cAAcD,iBAAlC,CAXE,CAWmD;;AAErD,QAAI,CAACA,iBAAD,IAAsB,CAACG,oBAA3B,EAAiD;AAC/C;AACAhB,MAAAA,UAAU,CAACoB,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAAStB,UAAT,EAAqBC,OAArB,CAA/B;AACAY,MAAAA,iBAAiB,GAAGS,gBAAgB,CAACT,iBAArC;AACAC,MAAAA,YAAY,GAAGQ,gBAAgB,CAAChB,IAAhC;AACD,KAnBC,CAqBF;;;AACAhC,IAAAA,WAAW,GAAG,MAAM,4BAAW0B,UAAX,EAAuB;AAAEa,MAAAA,iBAAF;AAAqBG,MAAAA;AAArB,KAAvB,CAApB;;AAEA,QAAI,CAACf,OAAO,CAACX,WAAT,IAAwB,CAACW,OAAO,CAACzB,OAArC,EAA8C;AAC5C;AACA8B,MAAAA,IAAI,GAAGQ,YAAP;AACAP,MAAAA,eAAe,GAAGlC,kBAAkB,CAACC,WAAD,CAApC;AACAkC,MAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAW,CAACG,eAAb,CAAlC;AACD,KALD,MAKO;AACL,YAAMY,MAAqC,GAAG,EAC5C,GAAGY,OADyC;AAE5CsB,QAAAA,WAAW,EAAEjD,WAAW,CAACkD,WAAZ,CAAwBD;AAFO,OAA9C,CADK,CAML;;AACA,YAAM;AACJjD,QAAAA,WAAW,EAAEmD,mBADT;AAEJtB,QAAAA,QAAQ,EAAEuB,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJxB,QAAAA,QAAQ,EAAEyB;AALN,UAMF,MAAM,0BAAUvD,WAAV,EAAuBe,MAAvB,EAA+BY,OAA/B,CANV,CAPK,CAeL;;AACAE,MAAAA,QAAQ,GAAGuB,gBAAX;AACAtB,MAAAA,QAAQ,GAAGyB,gBAAX,CAjBK,CAmBL;;AACA,UAAI1B,QAAQ,IAAIsB,mBAAhB,EAAqC;AACnCzB,QAAAA,UAAU,CAACoB,kBAAX,CAA8BU,eAA9B,CAA8CL,mBAAmB,CAACD,WAAlE;AACD;;AAED,UAAIG,QAAJ,EAAc;AACZlB,QAAAA,MAAM,GAAGC,iBAAUqB,QAAnB;AACAnB,QAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAAC,UAAIgB,QAAJ,EAAc;AACdnB,QAAAA,MAAM,GAAGC,iBAAUsB,QAAnB;AACApB,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,IAAIa,mBAAJ,aAAIA,mBAAJ,eAAIA,mBAAmB,CAAEQ,eAAzB,EAA0C;AAC/C;AACA;AACA,YAAI,EAAE,MAAMhC,OAAO,CAACiC,WAAR,CAAoBC,UAApB,EAAR,CAAJ,EAA+C;AAC7C,gBAAM,IAAIC,oBAAJ,CAAiB,mEAAjB,CAAN;AACD;;AAED,cAAM;AACJC,UAAAA,QADI;AAEJC,UAAAA,YAFI;AAGJC,UAAAA,eAHI;AAIJC,UAAAA,WAJI;AAKJC,UAAAA,IALI;AAMJC,UAAAA;AANI,YAOF5B,YAPJ;AAQAZ,QAAAA,MAAM,GAAG,MAAMF,UAAU,CAAC2C,KAAX,CAAiBC,qBAAjB,CAAuC;AACpDX,UAAAA,eAAe,EAAER,mBAAmB,CAACQ,eADe;AAEpDI,UAAAA,QAFoD;AAGpDC,UAAAA,YAHoD;AAIpDC,UAAAA,eAJoD;AAKpDC,UAAAA,WALoD;AAMpDE,UAAAA;AANoD,SAAvC,EAOZD,IAPY,CAAf;AASAhC,QAAAA,MAAM,GAAGC,iBAAUmC,OAAnB;AACAjC,QAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF,GAvFD,CAuFE,OAAOkC,GAAP,EAAY;AACZzC,IAAAA,KAAK,GAAGyC,GAAR;AACArC,IAAAA,MAAM,GAAGC,iBAAUqC,OAAnB;AACAnC,IAAAA,sBAAsB,GAAG,IAAzB;AACD;;AAED,MAAIA,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAACoB,kBAAX,CAA8BC,KAA9B;AACD;;AAED,SAAO;AACL2B,IAAAA,YAAY,EAAE1E,WADT;AAELmC,IAAAA,MAFK;AAGL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAHK;AAIL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAJK;AAKL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CALK;AAML,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CARK;AASL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb;AATK,GAAP;AAWD","sourcesContent":["/!\n Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n /\n\n\n/ eslint-disable max-statements, complexity, max-depth /\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate } from './remediate';\nimport { FlowMonitor, RemediationFlow } from './flow';\nimport as remediators from './remediators';\nimport { AuthSdkError } from '../errors';\nimport { \n OktaAuth,\n IdxStatus,\n IdxTransaction,\n IdxFeature,\n NextStep,\n FlowIdentifier,\n} from '../types';\nimport { IdxResponse, IdxRemediation } from './types/idx-js';\nimport { getSavedTransactionMeta } from './transactionMeta';\nimport { ProceedOptions } from './proceed';\n\nexport type RunOptions = ProceedOptions & {\n flow?: FlowIdentifier;\n remediators?: RemediationFlow;\n flowMonitor?: FlowMonitor;\n actions?: string[];\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n const res = [];\n const { actions, neededToProceed } = idxResponse;\n\n if (actions['currentAuthenticator-recover']) {\n res.push(IdxFeature.PASSWORD_RECOVERY);\n }\n\n if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n res.push(IdxFeature.REGISTRATION);\n }\n\n if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n res.push(IdxFeature.SOCIAL_IDP);\n }\n\n return res;\n}\n\nfunction getAvailableSteps(remediations: IdxRemediation[]): NextStep[] {\n const res = [];\n\n const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n // Only add concrete subclasses to the map\n if (remediatorClass.remediationName) {\n map[remediatorClass.remediationName] = remediatorClass;\n }\n return map;\n }, {});\n\n for (let remediation of remediations) {\n const T = remediatorMap[remediation.name];\n if (T) {\n const remediator = new T(remediation);\n res.push (remediator.getNextStep());\n }\n }\n\n return res;\n}\n\nexport async function run(\n authClient: OktaAuth, \n options: RunOptions = {},\n): Promise<IdxTransaction> {\n let tokens;\n let nextStep;\n let messages;\n let error;\n let meta;\n let enabledFeatures;\n let availableSteps;\n let status = IdxStatus.PENDING;\n let shouldClearTransaction = false;\n let idxResponse;\n let interactionHandle;\n let metaFromResp;\n\n try {\n\n const { flow, stateTokenExternalId, state } = options;\n\n // Only one flow can be operating at a time\n if (flow) {\n authClient.idx.setFlow(flow);\n }\n\n // Try to resume saved transaction\n metaFromResp = getSavedTransactionMeta(authClient, { state });\n interactionHandle = metaFromResp?.interactionHandle; // may be undefined\n\n if (!interactionHandle && !stateTokenExternalId) {\n // start a new transaction\n authClient.transactionManager.clear();\n const interactResponse = await interact(authClient, options); \n interactionHandle = interactResponse.interactionHandle;\n metaFromResp = interactResponse.meta;\n }\n\n // Introspect to get idx response\n idxResponse = await introspect(authClient, { interactionHandle, stateTokenExternalId });\n\n if (!options.remediators && !options.actions) {\n // handle start transaction\n meta = metaFromResp;\n enabledFeatures = getEnabledFeatures(idxResponse);\n availableSteps = getAvailableSteps(idxResponse.neededToProceed);\n } else {\n const values: remediators.RemediationValues = { \n ...options, \n stateHandle: idxResponse.rawIdxState.stateHandle \n };\n\n // Can we handle the remediations?\n const { \n idxResponse: idxResponseFromResp, \n nextStep: nextStepFromResp,\n terminal,\n canceled,\n messages: messagesFromResp,\n } = await remediate(idxResponse, values, options);\n\n // Track fields from remediation response\n nextStep = nextStepFromResp;\n messages = messagesFromResp;\n\n // Save intermediate idx response in storage to reduce introspect call\n if (nextStep && idxResponseFromResp) {\n authClient.transactionManager.saveIdxResponse(idxResponseFromResp.rawIdxState);\n }\n\n if (terminal) {\n status = IdxStatus.TERMINAL;\n shouldClearTransaction = true;\n } if (canceled) {\n status = IdxStatus.CANCELED;\n shouldClearTransaction = true;\n } else if (idxResponseFromResp?.interactionCode) { \n // Flows may end with interactionCode before the key remediation being hit\n // Double check if flow is finished to mitigate confusion with the wrapper methods\n if (!(await options.flowMonitor.isFinished())) {\n throw new AuthSdkError('Current flow is not supported, check policy settings in your org.');\n }\n\n const {\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n urls,\n scopes,\n } = metaFromResp;\n tokens = await authClient.token.exchangeCodeForTokens({\n interactionCode: idxResponseFromResp.interactionCode,\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n scopes\n }, urls);\n\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = true;\n }\n }\n } catch (err) {\n error = err;\n status = IdxStatus.FAILURE;\n shouldClearTransaction = true;\n }\n\n if (shouldClearTransaction) {\n authClient.transactionManager.clear();\n }\n \n return {\n _idxResponse: idxResponse, \n status,\n ...(meta && { meta }),\n ...(enabledFeatures && { enabledFeatures }),\n ...(availableSteps && { availableSteps }),\n ...(tokens && { tokens: tokens.tokens }),\n ...(nextStep && { nextStep }),\n ...(messages && { messages }),\n ...(error && { error }),\n };\n}\n"],"file":"run.js"}
1	+ {"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","getAvailableSteps","remediatorMap","Object","values","remediators","reduce","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","context","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","clearSharedStorage","interactionHandle","metaFromResp","interactionCode","flow","state","scopes","version","withCredentials","exchangeCodeForTokens","autoRemediate","step","idx","getFlow","setFlow","flowSpec","transactionManager","clear","interactResponse","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","saveIdxResponse","TERMINAL","CANCELED","SUCCESS","clientId","codeVerifier","ignoreSignature","redirectUri","urls","token","err","FAILURE","proceed"],"mappings":";;;;AAcA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAQA;;AACA;;;;;;AA5BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAyBA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,SAAOT,GAAP;AACD;;AAED,SAASU,iBAAT,CAA2BX,WAA3B,EAAiE;AAC/D,QAAMC,GAAG,GAAG,EAAZ;AAEA,QAAMW,aAAa,GAAGC,MAAM,CAACC,MAAP,CAAcC,WAAd,EAA2BC,MAA3B,CAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBpB,WAAW,CAACG,eAApC,EAAqD;AACnD,UAAMkB,CAAC,GAAGT,aAAa,CAACQ,WAAW,CAACZ,IAAb,CAAvB;;AACA,QAAIa,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACAnB,MAAAA,GAAG,CAACG,IAAJ,CAAUkB,UAAU,CAACC,WAAX,CAAuBvB,WAAW,CAACwB,OAAnC,CAAV;AACD;AACF;;AAED,SAAOvB,GAAP;AACD;;AAEM,eAAewB,GAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAIC,kBAAkB,GAAG,IAAzB;AACA,MAAIvC,WAAJ;AACA,MAAIwC,iBAAJ;AACA,MAAIC,YAAJ;AACA,MAAIC,eAAJ;;AAEA,MAAI;AAAA;;AAEF,QAAI;AACFC,MAAAA,IADE;AAEFC,MAAAA,KAFE;AAGFC,MAAAA,MAHE;AAIFC,MAAAA,OAJE;AAKF/B,MAAAA,WALE;AAMFb,MAAAA,OANE;AAOF6C,MAAAA,eAPE;AAQFC,MAAAA,qBARE;AASFC,MAAAA,aATE;AAUFC,MAAAA;AAVE,QAWAvB,OAXJ,CAFE,CAeF;;AACAgB,IAAAA,IAAI,GAAGA,IAAI,IAAIjB,UAAU,CAACyB,GAAX,CAAeC,OAAf,EAAR,IAAoC,SAA3C;;AACA,QAAIT,IAAJ,EAAU;AACRjB,MAAAA,UAAU,CAACyB,GAAX,CAAeE,OAAf,CAAuBV,IAAvB;AACA,YAAMW,QAAQ,GAAG,gCAAqB5B,UAArB,EAAiCiB,IAAjC,CAAjB,CAFQ,CAGR;;AACAI,MAAAA,eAAe,GAAI,OAAOA,eAAP,KAA2B,WAA5B,GAA2CA,eAA3C,GAA6DO,QAAQ,CAACP,eAAxF;AACAhC,MAAAA,WAAW,GAAGA,WAAW,IAAIuC,QAAQ,CAACvC,WAAtC;AACAb,MAAAA,OAAO,GAAGA,OAAO,IAAIoD,QAAQ,CAACpD,OAA9B;AACD,KAxBC,CA0BF;;;AACAuC,IAAAA,YAAY,GAAG,8CAAwBf,UAAxB,EAAoC;AAAEkB,MAAAA;AAAF,KAApC,CAAf;AACAJ,IAAAA,iBAAiB,oBAAGC,YAAH,kDAAG,cAAcD,iBAAlC,CA5BE,CA4BmD;;AAErD,QAAI,CAACA,iBAAL,EAAwB;AACtB;AACAd,MAAAA,UAAU,CAAC6B,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAAS/B,UAAT,EAAqB;AAAEqB,QAAAA,eAAF;AAAmBH,QAAAA,KAAnB;AAA0BC,QAAAA;AAA1B,OAArB,CAA/B;AACAL,MAAAA,iBAAiB,GAAGiB,gBAAgB,CAACjB,iBAArC;AACAC,MAAAA,YAAY,GAAGgB,gBAAgB,CAACzB,IAAhC;AACAe,MAAAA,eAAe,GAAGN,YAAY,CAACM,eAA/B;AACD,KArCC,CAuCF;;;AACA/C,IAAAA,WAAW,GAAG,MAAM,4BAAW0B,UAAX,EAAuB;AAAEqB,MAAAA,eAAF;AAAmBD,MAAAA,OAAnB;AAA4BN,MAAAA;AAA5B,KAAvB,CAApB;AACAP,IAAAA,eAAe,GAAGlC,kBAAkB,CAACC,WAAD,CAApC;AACAkC,IAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAD,CAAlC,CA1CE,CA4CF;;AACAgC,IAAAA,IAAI,GAAGS,YAAP;;AAEA,QAAIQ,aAAa,KAAK,KAAlB,KAA4BlC,WAAW,IAAIb,OAA3C,CAAJ,EAAyD;AAAA;;AACvD,YAAMY,MAAqC,GAAG,EAC5C,GAAGa,OADyC;AAE5C+B,QAAAA,WAAW,EAAE1D,WAAW,CAAC2D,WAAZ,CAAwBD;AAFO,OAA9C,CADuD,CAMvD;;AACA,YAAM;AACJ1D,QAAAA,WAAW,EAAE4D,mBADT;AAEJ/B,QAAAA,QAAQ,EAAEgC,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJjC,QAAAA,QAAQ,EAAEkC;AALN,UAMF,MAAM,0BAAUhE,WAAV,EAAuBc,MAAvB,EAA+B;AAAEC,QAAAA,WAAF;AAAeb,QAAAA,OAAf;AAAwByC,QAAAA,IAAxB;AAA8BO,QAAAA;AAA9B,OAA/B,CANV;AAOAlD,MAAAA,WAAW,GAAG4D,mBAAmB,IAAI5D,WAArC,CAduD,CAgBvD;;AACA6B,MAAAA,QAAQ,GAAGgC,gBAAX;AACA/B,MAAAA,QAAQ,GAAGkC,gBAAX,CAlBuD,CAoBvD;;AACA,UAAInC,QAAJ,EAAc;AACZH,QAAAA,UAAU,CAAC6B,kBAAX,CAA8BU,eAA9B,CAA8CjE,WAAW,CAAC2D,WAA1D;AACAzB,QAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAD,CAAlC;AACD;;AAED,UAAI8D,QAAJ,EAAc;AACZ3B,QAAAA,MAAM,GAAGC,iBAAU8B,QAAnB;AACA5B,QAAAA,sBAAsB,GAAG,IAAzB;AACAC,QAAAA,kBAAkB,GAAG,KAArB,CAHY,CAGgB;AAC7B;;AAAC,UAAIwB,QAAJ,EAAc;AACd5B,QAAAA,MAAM,GAAGC,iBAAU+B,QAAnB;AACA7B,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,oBAAItC,WAAJ,yCAAI,aAAa0C,eAAjB,EAAkC;AACvCA,QAAAA,eAAe,GAAG1C,WAAW,CAAC0C,eAA9B;;AAEA,YAAIM,qBAAqB,KAAK,KAA9B,EAAqC;AACnCb,UAAAA,MAAM,GAAGC,iBAAUgC,OAAnB;AACA9B,UAAAA,sBAAsB,GAAG,KAAzB;AACD,SAHD,MAGO;AACL;AACA,gBAAM;AACJ+B,YAAAA,QADI;AAEJC,YAAAA,YAFI;AAGJC,YAAAA,eAHI;AAIJC,YAAAA,WAJI;AAKJC,YAAAA,IALI;AAMJ5B,YAAAA;AANI,cAOFJ,YAPJ;AAQAb,UAAAA,MAAM,GAAG,MAAMF,UAAU,CAACgD,KAAX,CAAiB1B,qBAAjB,CAAuC;AACpDN,YAAAA,eADoD;AAEpD2B,YAAAA,QAFoD;AAGpDC,YAAAA,YAHoD;AAIpDC,YAAAA,eAJoD;AAKpDC,YAAAA,WALoD;AAMpD3B,YAAAA;AANoD,WAAvC,EAOZ4B,IAPY,CAAf;AASAtC,UAAAA,MAAM,GAAGC,iBAAUgC,OAAnB;AACA9B,UAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF;AACF,GA9GD,CA8GE,OAAOqC,GAAP,EAAY;AACZ;AACA,QAAI,0BAAcA,GAAd,CAAJ,EAAwB;AACtB5C,MAAAA,KAAK,GAAG4C,GAAR;AACAxC,MAAAA,MAAM,GAAGC,iBAAUwC,OAAnB;AACAtC,MAAAA,sBAAsB,GAAG,IAAzB;AACD,KAJD,MAIO;AACL;AACA,YAAMqC,GAAN;AACD;AAEF;;AAED,MAAIrC,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAAC6B,kBAAX,CAA8BC,KAA9B,CAAoC;AAAEjB,MAAAA;AAAF,KAApC;AACD,GA7IwB,CA+IzB;;;AACA,QAAM;AAAErC,IAAAA,OAAF;AAAWsB,IAAAA,OAAX;AAAoBrB,IAAAA,eAApB;AAAqC0E,IAAAA,OAArC;AAA8ClB,IAAAA;AAA9C,MAA8D3D,WAAW,IAAI,EAAnF;AACA,SAAO;AACLmC,IAAAA,MADK;AAEL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAFK;AAGL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAHK;AAIL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CAJK;AAKL,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CALK;AAML,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb,CARK;AASLW,IAAAA,eATK;AASY;AAEjB;AACAxC,IAAAA,OAZK;AAaLsB,IAAAA,OAbK;AAcLrB,IAAAA,eAdK;AAeL0E,IAAAA,OAfK;AAgBLlB,IAAAA;AAhBK,GAAP;AAkBD","sourcesContent":["/!\n Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n /\n\n\n/ eslint-disable max-statements, complexity, max-depth /\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate, RemediateOptions } from './remediate';\nimport { getFlowSpecification, RemediationFlow } from './flow';\nimport as remediators from './remediators';\nimport { \n OktaAuth,\n IdxStatus,\n IdxTransaction,\n IdxFeature,\n NextStep,\n FlowIdentifier,\n} from '../types';\nimport { IdxResponse, isIdxResponse } from './types/idx-js';\nimport { getSavedTransactionMeta } from './transactionMeta';\nimport { ProceedOptions } from './proceed';\n\nexport type RunOptions = ProceedOptions & RemediateOptions & {\n flow?: FlowIdentifier;\n remediators?: RemediationFlow;\n actions?: string[];\n withCredentials?: boolean;\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n const res = [];\n const { actions, neededToProceed } = idxResponse;\n\n if (actions['currentAuthenticator-recover']) {\n res.push(IdxFeature.PASSWORD_RECOVERY as never);\n }\n\n if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n res.push(IdxFeature.REGISTRATION as never);\n }\n\n if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n res.push(IdxFeature.SOCIAL_IDP as never);\n }\n\n return res;\n}\n\nfunction getAvailableSteps(idxResponse: IdxResponse): NextStep[] {\n const res = [];\n\n const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n // Only add concrete subclasses to the map\n if (remediatorClass.remediationName) {\n map[remediatorClass.remediationName] = remediatorClass;\n }\n return map;\n }, {});\n\n for (let remediation of idxResponse.neededToProceed) {\n const T = remediatorMap[remediation.name];\n if (T) {\n const remediator = new T(remediation);\n res.push (remediator.getNextStep(idxResponse.context) as never);\n }\n }\n\n return res;\n}\n\nexport async function run(\n authClient: OktaAuth, \n options: RunOptions = {},\n): Promise<IdxTransaction> {\n let tokens;\n let nextStep;\n let messages;\n let error;\n let meta;\n let enabledFeatures;\n let availableSteps;\n let status = IdxStatus.PENDING;\n let shouldClearTransaction = false;\n let clearSharedStorage = true;\n let idxResponse;\n let interactionHandle;\n let metaFromResp;\n let interactionCode;\n\n try {\n\n let {\n flow,\n state,\n scopes,\n version,\n remediators,\n actions,\n withCredentials,\n exchangeCodeForTokens,\n autoRemediate,\n step\n } = options;\n\n // Only one flow can be operating at a time\n flow = flow \|\| authClient.idx.getFlow() \|\| 'default';\n if (flow) {\n authClient.idx.setFlow(flow);\n const flowSpec = getFlowSpecification(authClient, flow);\n // Favor option values over flow spec\n withCredentials = (typeof withCredentials !== 'undefined') ? withCredentials : flowSpec.withCredentials;\n remediators = remediators \|\| flowSpec.remediators;\n actions = actions \|\| flowSpec.actions;\n }\n\n // Try to resume saved transaction\n metaFromResp = getSavedTransactionMeta(authClient, { state });\n interactionHandle = metaFromResp?.interactionHandle; // may be undefined\n\n if (!interactionHandle) {\n // start a new transaction\n authClient.transactionManager.clear();\n const interactResponse = await interact(authClient, { withCredentials, state, scopes }); \n interactionHandle = interactResponse.interactionHandle;\n metaFromResp = interactResponse.meta;\n withCredentials = metaFromResp.withCredentials;\n }\n\n // Introspect to get idx response\n idxResponse = await introspect(authClient, { withCredentials, version, interactionHandle });\n enabledFeatures = getEnabledFeatures(idxResponse);\n availableSteps = getAvailableSteps(idxResponse);\n \n // Include meta in the transaction response\n meta = metaFromResp;\n\n if (autoRemediate !== false && (remediators \|\| actions)) {\n const values: remediators.RemediationValues = { \n ...options, \n stateHandle: idxResponse.rawIdxState.stateHandle \n };\n\n // Can we handle the remediations?\n const { \n idxResponse: idxResponseFromResp, \n nextStep: nextStepFromResp,\n terminal,\n canceled,\n messages: messagesFromResp,\n } = await remediate(idxResponse, values, { remediators, actions, flow, step });\n idxResponse = idxResponseFromResp \|\| idxResponse;\n\n // Track fields from remediation response\n nextStep = nextStepFromResp;\n messages = messagesFromResp;\n\n // Save intermediate idx response in storage to reduce introspect call\n if (nextStep) {\n authClient.transactionManager.saveIdxResponse(idxResponse.rawIdxState);\n availableSteps = getAvailableSteps(idxResponse);\n }\n\n if (terminal) {\n status = IdxStatus.TERMINAL;\n shouldClearTransaction = true;\n clearSharedStorage = false; // transaction may be continued in another tab\n } if (canceled) {\n status = IdxStatus.CANCELED;\n shouldClearTransaction = true;\n } else if (idxResponse?.interactionCode) { \n interactionCode = idxResponse.interactionCode;\n\n if (exchangeCodeForTokens === false) {\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = false;\n } else {\n // exchange the interaction code for tokens\n const {\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n urls,\n scopes,\n } = metaFromResp;\n tokens = await authClient.token.exchangeCodeForTokens({\n interactionCode,\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n scopes\n }, urls);\n\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = true;\n }\n }\n }\n } catch (err) {\n // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors\n if (isIdxResponse(err)) {\n error = err;\n status = IdxStatus.FAILURE;\n shouldClearTransaction = true;\n } else {\n // error is not an IDX response, throw it like a regular error\n throw err;\n }\n\n }\n\n if (shouldClearTransaction) {\n authClient.transactionManager.clear({ clearSharedStorage });\n }\n \n // from idx-js, used by the widget\n const { actions, context, neededToProceed, proceed, rawIdxState } = idxResponse \|\| {};\n return {\n status,\n ...(meta && { meta }),\n ...(enabledFeatures && { enabledFeatures }),\n ...(availableSteps && { availableSteps }),\n ...(tokens && { tokens: tokens.tokens }),\n ...(nextStep && { nextStep }),\n ...(messages && { messages }),\n ...(error && { error }),\n interactionCode, // if options.exchangeCodeForTokens is false\n\n // from idx-js\n actions,\n context,\n neededToProceed,\n proceed,\n rawIdxState,\n };\n}\n"],"file":"run.js"}

package/cjs/idx/startTransaction.js CHANGED Viewed

@@ -15,10 +15,12 @@ var _run = require("./run");
  *
  * See the License for the specific language governing permissions and limitations under the License.
  */
-// This method only resolves { status: IdxStatus.PENDING } if transaction has already started
 async function startTransaction(authClient, options = {}) {
   // Clear IDX response cache and saved transaction meta (if any)
   authClient.transactionManager.clear();
-  return (0, _run.run)(authClient, options);
+  return (0, _run.run)(authClient, {
+    exchangeCodeForTokens: false,
+    ...options
+  });
 }
 //# sourceMappingURL=startTransaction.js.map

package/cjs/idx/startTransaction.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;~~AAMA;AACO~~,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB;AACAD,EAAAA,UAAU,CAACE,kBAAX,CAA8BC,KAA9B;AAEA,SAAO,cAAIH,UAAJ,~~EAAgBC~~,~~OAAhB~~,CAAP;~~AACD~~","sourcesContent":["/!\n Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { OktaAuth, ~~IdxOptions,~~ IdxTransaction } from '../types';\n\~~n// This method only resolves { status: IdxStatus.PENDING } if transaction has already started\~~nexport async function startTransaction(\n authClient: OktaAuth, \n options: ~~IdxOptions~~ = {}\n): Promise<IdxTransaction> {\n // Clear IDX response cache and saved transaction meta (if any)\n authClient.transactionManager.clear();\n\n return run(authClient, options);\n}\n"],"file":"startTransaction.js"}
1	+ {"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear","exchangeCodeForTokens"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB;AACAD,EAAAA,UAAU,CAACE,kBAAX,CAA8BC,KAA9B;AAEA,SAAO,cAAIH,UAAJ,EAAgB;AACrBI,IAAAA,qBAAqB,EAAE,KADF;AAErB,OAAGH;AAFkB,GAAhB,CAAP;AAID","sourcesContent":["/!\n Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run, RunOptions } from './run';\nimport { OktaAuth, IdxTransaction } from '../types';\n\nexport async function startTransaction(\n authClient: OktaAuth, \n options: RunOptions = {}\n): Promise<IdxTransaction> {\n // Clear IDX response cache and saved transaction meta (if any)\n authClient.transactionManager.clear();\n\n return run(authClient, {\n exchangeCodeForTokens: false,\n ...options\n });\n}\n"],"file":"startTransaction.js"}

package/cjs/idx/transactionMeta.js CHANGED Viewed

@@ -1,17 +1,21 @@
 "use strict";
 exports.createTransactionMeta = createTransactionMeta;
-exports.transactionMetaExist = transactionMetaExist;
+exports.hasSavedInteractionHandle = hasSavedInteractionHandle;
 exports.getSavedTransactionMeta = getSavedTransactionMeta;
 exports.getTransactionMeta = getTransactionMeta;
 exports.saveTransactionMeta = saveTransactionMeta;
 exports.clearTransactionMeta = clearTransactionMeta;
 exports.isTransactionMetaValid = isTransactionMetaValid;
+exports.isTransactionMetaValidForFlow = isTransactionMetaValidForFlow;
+exports.isTransactionMetaValidForOptions = isTransactionMetaValidForOptions;
 var _util = require("../util");
 var _oidc = require("../oidc");
+/* eslint-disable @typescript-eslint/no-non-null-assertion */
 /*!
  * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -24,83 +28,78 @@ var _oidc = require("../oidc");
  * See the License for the specific language governing permissions and limitations under the License.
  */
 // Calculate new values
-async function createTransactionMeta(authClient, options) {
+async function createTransactionMeta(authClient, options = {}) {
   const tokenParams = await authClient.token.prepareTokenParams(options);
-  const {
-    pkce,
-    clientId,
-    redirectUri,
-    responseType,
-    responseMode,
-    scopes,
-    state,
-    nonce,
-    ignoreSignature,
-    codeVerifier,
-    codeChallengeMethod,
-    codeChallenge
-  } = tokenParams;
-  const urls = (0, _oidc.getOAuthUrls)(authClient, tokenParams);
-  const flow = authClient.idx.getFlow() || 'default';
-  const issuer = authClient.options.issuer;
-  const meta = {
+  const pkceMeta = (0, _oidc.createOAuthMeta)(authClient, tokenParams);
+  let {
+    flow = 'default',
+    withCredentials = true,
+    activationToken = undefined,
+    recoveryToken = undefined
+  } = { ...authClient.options,
+    ...options
+  }; // local options override SDK options
+  const meta = { ...pkceMeta,
     flow,
-    issuer,
-    pkce,
-    clientId,
-    redirectUri,
-    responseType,
-    responseMode,
-    scopes,
-    state,
-    nonce,
-    urls,
-    ignoreSignature,
-    codeVerifier,
-    codeChallengeMethod,
-    codeChallenge
+    withCredentials,
+    activationToken,
+    recoveryToken
   };
   return meta;
 }
-function transactionMetaExist(authClient, options) {
-  if (authClient.transactionManager.exists(options)) {
-    const existing = authClient.transactionManager.load(options);
+function hasSavedInteractionHandle(authClient, options) {
+  const savedMeta = getSavedTransactionMeta(authClient, options);
-    if (isTransactionMetaValid(authClient, existing) && existing.interactionHandle) {
-      return true;
-    }
+  if (savedMeta !== null && savedMeta !== void 0 && savedMeta.interactionHandle) {
+    return true;
   }
   return false;
-} // Returns the saved transaction meta, if it exists and is valid, or undefined
+} // Returns the saved transaction meta, if it exists and is valid
 function getSavedTransactionMeta(authClient, options) {
-  const state = (options === null || options === void 0 ? void 0 : options.state) || authClient.options.state;
-  const existing = authClient.transactionManager.load({
-    state
-  });
+  options = (0, _util.removeNils)(options);
+  options = { ...authClient.options,
+    ...options
+  }; // local options override SDK options
+  let savedMeta;
-  if (existing && isTransactionMetaValid(authClient, existing)) {
-    return existing;
+  try {
+    savedMeta = authClient.transactionManager.load(options);
+  } catch (e) {// ignore errors here
   }
+  if (!savedMeta) {
+    return;
+  }
+  if (isTransactionMetaValid(savedMeta, options)) {
+    return savedMeta;
+  } // existing meta is not valid for this configuration
+  // this is common when changing configuration in local development environment
+  // in a production environment, this may indicate that two apps are sharing a storage key
+  (0, _util.warn)('Saved transaction meta does not match the current configuration. ' + 'This may indicate that two apps are sharing a storage key.');
 }
 async function getTransactionMeta(authClient, options) {
+  options = (0, _util.removeNils)(options);
+  options = { ...authClient.options,
+    ...options
+  }; // local options override SDK options
   // Load existing transaction meta from storage
-  if (authClient.transactionManager.exists(options)) {
-    const validExistingMeta = getSavedTransactionMeta(authClient, options);
-    if (validExistingMeta) {
-      return validExistingMeta;
-    } // existing meta is not valid for this configuration
-    // this is common when changing configuration in local development environment
-    // in a production environment, this may indicate that two apps are sharing a storage key
+  const validExistingMeta = getSavedTransactionMeta(authClient, options);
+  if (validExistingMeta) {
+    return validExistingMeta;
+  } // No existing? Create new transaction meta.
-    (0, _util.warn)('Saved transaction meta does not match the current configuration. ' + 'This may indicate that two apps are sharing a storage key.');
-  }
   return createTransactionMeta(authClient, options);
 }
@@ -113,29 +112,30 @@ function saveTransactionMeta(authClient, meta) {
 function clearTransactionMeta(authClient) {
   authClient.transactionManager.clear();
-} // returns true if values in meta match current authClient options
-// eslint-disable-next-line complexity
+}
-function isTransactionMetaValid(authClient, meta) {
-  // First validate against required config
-  const keys = ['issuer', 'clientId', 'redirectUri'];
+function isTransactionMetaValid(meta, options = {}) {
+  // Validate against certain options. If these exist in options, they must match in meta
+  const keys = ['issuer', 'clientId', 'redirectUri', 'state', 'codeChallenge', 'codeChallengeMethod', 'activationToken', 'recoveryToken'];
-  if (keys.some(key => authClient.options[key] !== meta[key])) {
+  if (isTransactionMetaValidForOptions(meta, options, keys) === false) {
     return false;
-  } // Validate optional config
+  } // Validate configured flow
   const {
-    flow,
-    state
-  } = authClient.options; // If state is specified, it must match meta to be valid
+    flow
+  } = options;
-  if (state && state !== meta.state) {
+  if (isTransactionMetaValidForFlow(meta, flow) === false) {
     return false;
-  } // Specific flows should not share transaction data
+  }
+  return true;
+}
+function isTransactionMetaValidForFlow(meta, flow) {
+  // Specific flows should not share transaction data
   const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';
   if (shouldValidateFlow) {
@@ -147,4 +147,17 @@ function isTransactionMetaValid(authClient, meta) {
   return true;
 }
+function isTransactionMetaValidForOptions(meta, options, keys) {
+  // returns false if values in meta do not match options
+  // if the option does not have a value for a specific key, it is ignored
+  const mismatch = keys.some(key => {
+    const value = options[key];
+    if (value && value !== meta[key]) {
+      return true;
+    }
+  });
+  return !mismatch;
+}
 //# sourceMappingURL=transactionMeta.js.map