@okta/okta-auth-js 6.0.0 → 6.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (344) hide show
  1. package/CHANGELOG.md +18 -0
  2. package/README.md +5 -4
  3. package/cjs/AuthStateManager.js +9 -2
  4. package/cjs/AuthStateManager.js.map +1 -1
  5. package/cjs/OktaAuth.js +67 -27
  6. package/cjs/OktaAuth.js.map +1 -1
  7. package/cjs/OktaUserAgent.js +2 -2
  8. package/cjs/PromiseQueue.js +5 -1
  9. package/cjs/PromiseQueue.js.map +1 -1
  10. package/cjs/SavedObject.js +4 -2
  11. package/cjs/SavedObject.js.map +1 -1
  12. package/cjs/StorageManager.js +13 -8
  13. package/cjs/StorageManager.js.map +1 -1
  14. package/cjs/TokenManager.js +29 -19
  15. package/cjs/TokenManager.js.map +1 -1
  16. package/cjs/TransactionManager.js +9 -3
  17. package/cjs/TransactionManager.js.map +1 -1
  18. package/cjs/browser/browserStorage.js +18 -9
  19. package/cjs/browser/browserStorage.js.map +1 -1
  20. package/cjs/browser/fingerprint.js +9 -3
  21. package/cjs/browser/fingerprint.js.map +1 -1
  22. package/cjs/builderUtil.js +4 -2
  23. package/cjs/builderUtil.js.map +1 -1
  24. package/cjs/clock.js +5 -1
  25. package/cjs/clock.js.map +1 -1
  26. package/cjs/crypto/base64.js +18 -0
  27. package/cjs/crypto/base64.js.map +1 -1
  28. package/cjs/crypto/index.js +6 -4
  29. package/cjs/crypto/index.js.map +1 -1
  30. package/cjs/crypto/oidcHash.js +5 -1
  31. package/cjs/crypto/oidcHash.js.map +1 -1
  32. package/cjs/crypto/webauthn.js +101 -0
  33. package/cjs/crypto/webauthn.js.map +1 -0
  34. package/cjs/crypto/webcrypto.js +3 -1
  35. package/cjs/crypto/webcrypto.js.map +1 -1
  36. package/cjs/errors/AuthApiError.js +1 -1
  37. package/cjs/errors/AuthPollStopError.js +1 -1
  38. package/cjs/errors/AuthSdkError.js +1 -1
  39. package/cjs/errors/CustomError.js +5 -1
  40. package/cjs/errors/CustomError.js.map +1 -1
  41. package/cjs/errors/OAuthError.js +1 -1
  42. package/cjs/errors/index.js +1 -1
  43. package/cjs/fetch/fetchRequest.js +18 -6
  44. package/cjs/fetch/fetchRequest.js.map +1 -1
  45. package/cjs/http/headers.js.map +1 -1
  46. package/cjs/http/index.js +4 -2
  47. package/cjs/http/index.js.map +1 -1
  48. package/cjs/http/request.js +9 -5
  49. package/cjs/http/request.js.map +1 -1
  50. package/cjs/idx/authenticate.js.map +1 -1
  51. package/cjs/idx/authenticator/Authenticator.js.map +1 -1
  52. package/cjs/idx/authenticator/OktaPassword.js.map +1 -1
  53. package/cjs/idx/authenticator/SecurityQuestionEnrollment.js +1 -1
  54. package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map +1 -1
  55. package/cjs/idx/authenticator/SecurityQuestionVerification.js +1 -1
  56. package/cjs/idx/authenticator/SecurityQuestionVerification.js.map +1 -1
  57. package/cjs/idx/authenticator/VerificationCodeAuthenticator.js +1 -1
  58. package/cjs/idx/authenticator/VerificationCodeAuthenticator.js.map +1 -1
  59. package/cjs/idx/authenticator/WebauthnEnrollment.js +46 -0
  60. package/cjs/idx/authenticator/WebauthnEnrollment.js.map +1 -0
  61. package/cjs/idx/authenticator/WebauthnVerification.js +55 -0
  62. package/cjs/idx/authenticator/WebauthnVerification.js.map +1 -0
  63. package/cjs/idx/authenticator/getAuthenticator.js +13 -1
  64. package/cjs/idx/authenticator/getAuthenticator.js.map +1 -1
  65. package/cjs/idx/authenticator/index.js +34 -6
  66. package/cjs/idx/authenticator/index.js.map +1 -1
  67. package/cjs/idx/cancel.js.map +1 -1
  68. package/cjs/idx/emailVerify.js +1 -1
  69. package/cjs/idx/emailVerify.js.map +1 -1
  70. package/cjs/idx/flow/AccountUnlockFlow.js +30 -0
  71. package/cjs/idx/flow/AccountUnlockFlow.js.map +1 -0
  72. package/cjs/idx/flow/FlowSpecification.js +8 -0
  73. package/cjs/idx/flow/FlowSpecification.js.map +1 -1
  74. package/cjs/idx/flow/PasswordRecoveryFlow.js +4 -1
  75. package/cjs/idx/flow/PasswordRecoveryFlow.js.map +1 -1
  76. package/cjs/idx/flow/index.js +20 -5
  77. package/cjs/idx/flow/index.js.map +1 -1
  78. package/cjs/idx/handleInteractionCodeRedirect.js +5 -1
  79. package/cjs/idx/handleInteractionCodeRedirect.js.map +1 -1
  80. package/cjs/idx/headers.js +21 -5
  81. package/cjs/idx/headers.js.map +1 -1
  82. package/cjs/idx/idx-js/client.js +91 -0
  83. package/cjs/idx/idx-js/client.js.map +1 -0
  84. package/cjs/idx/idx-js/index.js +162 -0
  85. package/cjs/idx/idx-js/index.js.map +1 -0
  86. package/cjs/idx/idx-js/interact.js +83 -0
  87. package/cjs/idx/idx-js/interact.js.map +1 -0
  88. package/cjs/idx/idx-js/introspect.js +58 -0
  89. package/cjs/idx/idx-js/introspect.js.map +1 -0
  90. package/cjs/idx/idx-js/parsers.js +41 -0
  91. package/cjs/idx/idx-js/parsers.js.map +1 -0
  92. package/cjs/idx/idx-js/util.js +34 -0
  93. package/cjs/idx/idx-js/util.js.map +1 -0
  94. package/cjs/idx/idx-js/v1/actionParser.js +90 -0
  95. package/cjs/idx/idx-js/v1/actionParser.js.map +1 -0
  96. package/cjs/idx/idx-js/v1/generateIdxAction.js +117 -0
  97. package/cjs/idx/idx-js/v1/generateIdxAction.js.map +1 -0
  98. package/cjs/idx/idx-js/v1/idxResponseParser.js +137 -0
  99. package/cjs/idx/idx-js/v1/idxResponseParser.js.map +1 -0
  100. package/cjs/idx/idx-js/v1/makeIdxState.js +64 -0
  101. package/cjs/idx/idx-js/v1/makeIdxState.js.map +1 -0
  102. package/cjs/idx/idx-js/v1/parsers.js +24 -0
  103. package/cjs/idx/idx-js/v1/parsers.js.map +1 -0
  104. package/cjs/idx/idx-js/v1/remediationParser.js +32 -0
  105. package/cjs/idx/idx-js/v1/remediationParser.js.map +1 -0
  106. package/cjs/idx/index.js +120 -121
  107. package/cjs/idx/index.js.map +1 -1
  108. package/cjs/idx/interact.js +9 -4
  109. package/cjs/idx/interact.js.map +1 -1
  110. package/cjs/idx/introspect.js +6 -6
  111. package/cjs/idx/introspect.js.map +1 -1
  112. package/cjs/idx/poll.js +13 -3
  113. package/cjs/idx/poll.js.map +1 -1
  114. package/cjs/idx/proceed.js.map +1 -1
  115. package/cjs/idx/recoverPassword.js.map +1 -1
  116. package/cjs/idx/register.js +5 -1
  117. package/cjs/idx/register.js.map +1 -1
  118. package/cjs/idx/remediate.js +60 -29
  119. package/cjs/idx/remediate.js.map +1 -1
  120. package/cjs/idx/remediators/AuthenticatorEnrollmentData.js +10 -4
  121. package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
  122. package/cjs/idx/remediators/AuthenticatorVerificationData.js +10 -6
  123. package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
  124. package/cjs/idx/remediators/Base/AuthenticatorData.js +28 -12
  125. package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
  126. package/cjs/idx/remediators/Base/Remediator.js +65 -31
  127. package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
  128. package/cjs/idx/remediators/Base/SelectAuthenticator.js +42 -27
  129. package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  130. package/cjs/idx/remediators/Base/VerifyAuthenticator.js +16 -4
  131. package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  132. package/cjs/idx/remediators/ChallengeAuthenticator.js +2 -2
  133. package/cjs/idx/remediators/ChallengePoll.js +2 -2
  134. package/cjs/idx/remediators/EnrollAuthenticator.js +2 -2
  135. package/cjs/idx/remediators/EnrollPoll.js +16 -6
  136. package/cjs/idx/remediators/EnrollPoll.js.map +1 -1
  137. package/cjs/idx/remediators/EnrollProfile.js +20 -8
  138. package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
  139. package/cjs/idx/remediators/EnrollmentChannelData.js +25 -9
  140. package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -1
  141. package/cjs/idx/remediators/Identify.js +5 -3
  142. package/cjs/idx/remediators/Identify.js.map +1 -1
  143. package/cjs/idx/remediators/ReEnrollAuthenticator.js +5 -3
  144. package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
  145. package/cjs/idx/remediators/RedirectIdp.js +2 -2
  146. package/cjs/idx/remediators/ResetAuthenticator.js +2 -2
  147. package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js +6 -4
  148. package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
  149. package/cjs/idx/remediators/SelectAuthenticatorEnroll.js +2 -2
  150. package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js +72 -0
  151. package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js.map +1 -0
  152. package/cjs/idx/remediators/SelectEnrollProfile.js +2 -2
  153. package/cjs/idx/remediators/SelectEnrollmentChannel.js +22 -10
  154. package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -1
  155. package/cjs/idx/remediators/Skip.js +5 -3
  156. package/cjs/idx/remediators/Skip.js.map +1 -1
  157. package/cjs/idx/remediators/index.js +33 -18
  158. package/cjs/idx/remediators/index.js.map +1 -1
  159. package/cjs/idx/remediators/util.js +13 -3
  160. package/cjs/idx/remediators/util.js.map +1 -1
  161. package/cjs/idx/run.js +30 -6
  162. package/cjs/idx/run.js.map +1 -1
  163. package/cjs/idx/startTransaction.js.map +1 -1
  164. package/cjs/idx/transactionMeta.js.map +1 -1
  165. package/cjs/idx/types/idx-js.js.map +1 -1
  166. package/cjs/idx/types/index.js +45 -9
  167. package/cjs/idx/types/index.js.map +1 -1
  168. package/cjs/idx/unlockAccount.js +48 -0
  169. package/cjs/idx/unlockAccount.js.map +1 -0
  170. package/cjs/index.js +20 -14
  171. package/cjs/index.js.map +1 -1
  172. package/cjs/oidc/endpoints/authorize.js +8 -2
  173. package/cjs/oidc/endpoints/authorize.js.map +1 -1
  174. package/cjs/oidc/endpoints/index.js +5 -3
  175. package/cjs/oidc/endpoints/index.js.map +1 -1
  176. package/cjs/oidc/endpoints/token.js +15 -3
  177. package/cjs/oidc/endpoints/token.js.map +1 -1
  178. package/cjs/oidc/endpoints/well-known.js +7 -3
  179. package/cjs/oidc/endpoints/well-known.js.map +1 -1
  180. package/cjs/oidc/exchangeCodeForTokens.js +10 -2
  181. package/cjs/oidc/exchangeCodeForTokens.js.map +1 -1
  182. package/cjs/oidc/getToken.js +9 -5
  183. package/cjs/oidc/getToken.js.map +1 -1
  184. package/cjs/oidc/getUserInfo.js +7 -3
  185. package/cjs/oidc/getUserInfo.js.map +1 -1
  186. package/cjs/oidc/getWithPopup.js +8 -2
  187. package/cjs/oidc/getWithPopup.js.map +1 -1
  188. package/cjs/oidc/getWithRedirect.js +5 -1
  189. package/cjs/oidc/getWithRedirect.js.map +1 -1
  190. package/cjs/oidc/getWithoutPrompt.js +8 -2
  191. package/cjs/oidc/getWithoutPrompt.js.map +1 -1
  192. package/cjs/oidc/handleOAuthResponse.js +9 -3
  193. package/cjs/oidc/handleOAuthResponse.js.map +1 -1
  194. package/cjs/oidc/index.js +4 -2
  195. package/cjs/oidc/index.js.map +1 -1
  196. package/cjs/oidc/parseFromUrl.js +9 -3
  197. package/cjs/oidc/parseFromUrl.js.map +1 -1
  198. package/cjs/oidc/renewToken.js.map +1 -1
  199. package/cjs/oidc/renewTokens.js +5 -1
  200. package/cjs/oidc/renewTokens.js.map +1 -1
  201. package/cjs/oidc/renewTokensWithRefresh.js +5 -1
  202. package/cjs/oidc/renewTokensWithRefresh.js.map +1 -1
  203. package/cjs/oidc/revokeToken.js +7 -3
  204. package/cjs/oidc/revokeToken.js.map +1 -1
  205. package/cjs/oidc/util/browser.js +5 -1
  206. package/cjs/oidc/util/browser.js.map +1 -1
  207. package/cjs/oidc/util/defaultTokenParams.js.map +1 -1
  208. package/cjs/oidc/util/errors.js.map +1 -1
  209. package/cjs/oidc/util/index.js +14 -12
  210. package/cjs/oidc/util/index.js.map +1 -1
  211. package/cjs/oidc/util/loginRedirect.js +5 -1
  212. package/cjs/oidc/util/loginRedirect.js.map +1 -1
  213. package/cjs/oidc/util/oauth.js +4 -2
  214. package/cjs/oidc/util/oauth.js.map +1 -1
  215. package/cjs/oidc/util/oauthMeta.js.map +1 -1
  216. package/cjs/oidc/util/pkce.js +11 -3
  217. package/cjs/oidc/util/pkce.js.map +1 -1
  218. package/cjs/oidc/util/prepareTokenParams.js +7 -5
  219. package/cjs/oidc/util/prepareTokenParams.js.map +1 -1
  220. package/cjs/oidc/util/validateClaims.js +1 -1
  221. package/cjs/oidc/util/validateClaims.js.map +1 -1
  222. package/cjs/oidc/verifyToken.js +11 -3
  223. package/cjs/oidc/verifyToken.js.map +1 -1
  224. package/cjs/options.js +6 -4
  225. package/cjs/options.js.map +1 -1
  226. package/cjs/server/serverStorage.js +1 -0
  227. package/cjs/server/serverStorage.js.map +1 -1
  228. package/cjs/tx/AuthTransaction.js +15 -9
  229. package/cjs/tx/AuthTransaction.js.map +1 -1
  230. package/cjs/tx/api.js +8 -4
  231. package/cjs/tx/api.js.map +1 -1
  232. package/cjs/tx/index.js +7 -5
  233. package/cjs/tx/index.js.map +1 -1
  234. package/cjs/tx/poll.js +6 -4
  235. package/cjs/tx/poll.js.map +1 -1
  236. package/cjs/tx/util.js +5 -1
  237. package/cjs/tx/util.js.map +1 -1
  238. package/cjs/types/Transaction.js +10 -2
  239. package/cjs/types/Transaction.js.map +1 -1
  240. package/cjs/types/index.js +16 -14
  241. package/cjs/types/index.js.map +1 -1
  242. package/cjs/util/index.js +7 -5
  243. package/cjs/util/index.js.map +1 -1
  244. package/cjs/util/misc.js +5 -1
  245. package/cjs/util/misc.js.map +1 -1
  246. package/cjs/util/object.js +16 -6
  247. package/cjs/util/object.js.map +1 -1
  248. package/cjs/util/sharedStorage.js +5 -1
  249. package/cjs/util/sharedStorage.js.map +1 -1
  250. package/dist/okta-auth-js.min.js +1 -1
  251. package/dist/okta-auth-js.min.js.LICENSE.txt +0 -12
  252. package/dist/okta-auth-js.min.js.map +1 -1
  253. package/dist/okta-auth-js.polyfill.js +1 -1
  254. package/dist/okta-auth-js.polyfill.js.map +1 -1
  255. package/dist/okta-auth-js.umd.js +1 -1
  256. package/dist/okta-auth-js.umd.js.LICENSE.txt +0 -12
  257. package/dist/okta-auth-js.umd.js.map +1 -1
  258. package/esm/index.js +1601 -377
  259. package/esm/index.js.map +1 -1
  260. package/lib/OktaAuth.d.ts +6 -3
  261. package/lib/StorageManager.d.ts +1 -1
  262. package/lib/TokenManager.d.ts +2 -2
  263. package/lib/TransactionManager.d.ts +1 -1
  264. package/lib/browser/fingerprint.d.ts +2 -3
  265. package/lib/crypto/base64.d.ts +2 -0
  266. package/lib/crypto/webauthn.d.ts +25 -0
  267. package/lib/http/headers.d.ts +2 -2
  268. package/lib/http/request.d.ts +4 -4
  269. package/lib/idx/authenticate.d.ts +2 -2
  270. package/lib/idx/authenticator/Authenticator.d.ts +4 -5
  271. package/lib/idx/authenticator/OktaPassword.d.ts +7 -9
  272. package/lib/idx/authenticator/SecurityQuestionEnrollment.d.ts +9 -8
  273. package/lib/idx/authenticator/SecurityQuestionVerification.d.ts +7 -7
  274. package/lib/idx/authenticator/VerificationCodeAuthenticator.d.ts +6 -2
  275. package/lib/idx/authenticator/WebauthnEnrollment.d.ts +16 -0
  276. package/lib/idx/authenticator/WebauthnVerification.d.ts +17 -0
  277. package/lib/idx/authenticator/getAuthenticator.d.ts +1 -1
  278. package/lib/idx/authenticator/index.d.ts +9 -0
  279. package/lib/idx/cancel.d.ts +2 -2
  280. package/lib/idx/emailVerify.d.ts +2 -2
  281. package/lib/idx/flow/AccountUnlockFlow.d.ts +13 -0
  282. package/lib/idx/flow/FlowSpecification.d.ts +2 -2
  283. package/lib/idx/flow/index.d.ts +1 -0
  284. package/lib/idx/headers.d.ts +3 -2
  285. package/lib/idx/idx-js/client.d.ts +36 -0
  286. package/lib/idx/idx-js/index.d.ts +51 -0
  287. package/lib/idx/idx-js/interact.d.ts +25 -0
  288. package/lib/idx/idx-js/introspect.d.ts +20 -0
  289. package/lib/idx/idx-js/parsers.d.ts +15 -0
  290. package/lib/idx/idx-js/util.d.ts +12 -0
  291. package/lib/idx/idx-js/v1/actionParser.d.ts +16 -0
  292. package/lib/idx/idx-js/v1/generateIdxAction.d.ts +13 -0
  293. package/lib/idx/idx-js/v1/idxResponseParser.d.ts +20 -0
  294. package/lib/idx/idx-js/v1/makeIdxState.d.ts +13 -0
  295. package/lib/idx/idx-js/v1/parsers.d.ts +16 -0
  296. package/lib/idx/idx-js/v1/remediationParser.d.ts +12 -0
  297. package/lib/idx/index.d.ts +12 -11
  298. package/lib/idx/interact.d.ts +3 -2
  299. package/lib/idx/introspect.d.ts +2 -2
  300. package/lib/idx/poll.d.ts +2 -2
  301. package/lib/idx/proceed.d.ts +5 -4
  302. package/lib/idx/recoverPassword.d.ts +2 -2
  303. package/lib/idx/register.d.ts +2 -2
  304. package/lib/idx/remediators/Base/AuthenticatorData.d.ts +2 -1
  305. package/lib/idx/remediators/Base/Remediator.d.ts +1 -1
  306. package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +3 -0
  307. package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +7 -12
  308. package/lib/idx/remediators/EnrollmentChannelData.d.ts +1 -0
  309. package/lib/idx/remediators/SelectAuthenticatorUnlockAccount.d.ts +38 -0
  310. package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +1 -0
  311. package/lib/idx/remediators/index.d.ts +1 -0
  312. package/lib/idx/run.d.ts +2 -2
  313. package/lib/idx/startTransaction.d.ts +2 -2
  314. package/lib/idx/transactionMeta.d.ts +7 -7
  315. package/lib/idx/types/FlowIdentifier.d.ts +1 -1
  316. package/lib/idx/types/idx-js.d.ts +36 -0
  317. package/lib/idx/types/index.d.ts +21 -5
  318. package/lib/idx/unlockAccount.d.ts +15 -0
  319. package/lib/oidc/endpoints/well-known.d.ts +3 -3
  320. package/lib/oidc/exchangeCodeForTokens.d.ts +2 -2
  321. package/lib/oidc/getToken.d.ts +2 -2
  322. package/lib/oidc/getWithPopup.d.ts +2 -2
  323. package/lib/oidc/getWithRedirect.d.ts +2 -2
  324. package/lib/oidc/getWithoutPrompt.d.ts +2 -2
  325. package/lib/oidc/handleOAuthResponse.d.ts +2 -2
  326. package/lib/oidc/renewToken.d.ts +2 -2
  327. package/lib/oidc/renewTokensWithRefresh.d.ts +2 -2
  328. package/lib/oidc/revokeToken.d.ts +2 -2
  329. package/lib/oidc/util/browser.d.ts +2 -2
  330. package/lib/oidc/util/defaultTokenParams.d.ts +2 -2
  331. package/lib/oidc/util/errors.d.ts +2 -2
  332. package/lib/oidc/util/loginRedirect.d.ts +4 -4
  333. package/lib/oidc/util/oauth.d.ts +4 -4
  334. package/lib/oidc/util/oauthMeta.d.ts +2 -2
  335. package/lib/oidc/util/prepareTokenParams.d.ts +5 -5
  336. package/lib/oidc/util/validateClaims.d.ts +2 -2
  337. package/lib/oidc/verifyToken.d.ts +2 -2
  338. package/lib/types/OktaAuthOptions.d.ts +1 -2
  339. package/lib/types/Transaction.d.ts +2 -10
  340. package/lib/types/api.d.ts +17 -5
  341. package/lib/types/index.d.ts +0 -1
  342. package/lib/util/sharedStorage.d.ts +1 -1
  343. package/package.json +10 -7
  344. package/polyfill/index.js +1 -0
package/cjs/OktaAuth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/OktaAuth.ts"],"names":["Emitter","require","OktaAuth","constructor","args","options","storageManager","StorageManager","cookies","storageUtil","transactionManager","TransactionManager","Object","assign","_oktaUserAgent","OktaUserAgent","tx","status","transactionStatus","bind","resume","resumeTransaction","exists","transactionExists","_get","name","storage","get","introspect","introspectAuthn","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","getPKCEStorage","getLegacyPKCEStorage","getHttpCache","_pending","handleLogin","redirectUri","window","location","origin","maxClockSkew","DEFAULT_MAX_CLOCK_SKEW","ignoreLifetime","session","close","closeSession","sessionExists","getSession","refresh","refreshSession","setCookieAndRedirect","_tokenQueue","PromiseQueue","useQueue","method","prototype","push","getWithRedirectFn","getWithRedirect","getWithRedirectApi","_setLocation","url","parseFromUrlFn","parseFromUrl","parseFromUrlApi","_getHistory","history","_getLocation","_getDocument","document","token","prepareTokenParams","exchangeCodeForTokens","getWithoutPrompt","getWithPopup","decode","decodeToken","revoke","revokeToken","renew","renewToken","renewTokensWithRefresh","renewTokens","getUserInfo","verify","verifyToken","isLoginRedirect","syncMethods","keys","forEach","key","indexOf","boundStartTransaction","startTransaction","idx","interact","authenticate","register","start","poll","proceed","cancel","recoverPassword","handleInteractionCodeRedirect","isInteractionRequired","isInteractionRequiredError","handleEmailVerifyCallback","isEmailVerifyCallback","parseEmailVerifyCallback","isEmailVerifyCallbackError","getSavedTransactionMeta","createTransactionMeta","getTransactionMeta","saveTransactionMeta","clearTransactionMeta","isTransactionMetaValid","setFlow","flow","getFlow","canProceed","http","setRequestHeader","fingerprint","emitter","tokenManager","TokenManager","authStateManager","AuthStateManager","updateAuthState","stop","setHeaders","headers","signIn","opts","signInWithCredentials","_postToTransaction","sendFingerprint","then","signInWithRedirect","originalUri","additionalParams","setOriginalUri","params","scopes","clear","catch","e","errorCode","revokeAccessToken","accessToken","getTokens","accessTokenKey","getStorageKeyByType","remove","Promise","resolve","revokeRefreshToken","refreshToken","refreshTokenKey","getSignOutRedirectUrl","idToken","postLogoutRedirectUri","state","getTokensSync","logoutUrl","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","currentUri","href","reload","clearTokensBeforeRedirect","addPendingRemoveFlags","webfinger","isAuthenticated","autoRenew","autoRemove","getOptions","hasExpired","undefined","getUser","getIdToken","getAccessToken","getRefreshToken","storeTokensFromRedirect","tokens","setTokens","sessionStorage","browserStorage","getSessionStorage","setItem","REFERRER_PATH_STORAGE_KEY","sharedStorage","getOriginalUriStorage","getOriginalUri","getItem","removeOriginalUri","removeItem","handleLoginRedirect","oAuthResponse","restoreOriginalUri","replace","isPKCE","hasResponseType","responseType","Array","isArray","length","isAuthorizationCodeFlow","getIssuerOrigin","issuer","split","forgotPassword","unlockAccount","verifyRecoveryToken","features","constants"],"mappings":";;;;;;AAeA;;AAmCA;;AAQA;;AACA;;AAOA;;AAmBA;;AAEA;;AACA;;AAKA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAiBA;;AACA;;AACA;;AACA;;;;;;AAzHA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AAqHA,MAAMA,OAAO,GAAGC,OAAO,CAAC,cAAD,CAAvB;;AAEA,MAAMC,QAAN,CAA8D;AAmB5DC,EAAAA,WAAW,CAACC,IAAD,EAAwB;AACjC,UAAMC,OAAO,GAAG,KAAKA,OAAL,GAAe,2BAAaD,IAAb,CAA/B,CADiC,CAEjC;;AACA,SAAKE,cAAL,GAAsB,IAAIC,uBAAJ,CAAmBF,OAAO,CAACC,cAA3B,EAA4CD,OAAO,CAACG,OAApD,EAA8DH,OAAO,CAACI,WAAtE,CAAtB;AACA,SAAKC,kBAAL,GAA0B,IAAIC,2BAAJ,CAAuBC,MAAM,CAACC,MAAP,CAAc;AAC7DP,MAAAA,cAAc,EAAE,KAAKA;AADwC,KAAd,EAE9CD,OAAO,CAACK,kBAFsC,CAAvB,CAA1B;AAGA,SAAKI,cAAL,GAAsB,IAAIC,4BAAJ,EAAtB;AAEA,SAAKC,EAAL,GAAU;AACRC,MAAAA,MAAM,EAAEC,sBAAkBC,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CADA;AAERC,MAAAA,MAAM,EAAEC,sBAAkBF,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAFA;AAGRG,MAAAA,MAAM,EAAEV,MAAM,CAACC,MAAP,CAAcU,sBAAkBJ,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAAd,EAAkD;AACxDK,QAAAA,IAAI,EAAGC,IAAD,IAAU;AACd;AACA,gBAAMC,OAAO,GAAGrB,OAAO,CAACI,WAAR,CAAqBiB,OAArC;AACA,iBAAOA,OAAO,CAACC,GAAR,CAAYF,IAAZ,CAAP;AACD;AALuD,OAAlD,CAHA;AAURG,MAAAA,UAAU,EAAEC,oBAAgBV,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAVJ,KAAV;AAaA,SAAKW,IAAL,GAAY;AACVC,MAAAA,6BAA6B,EAAEC,cAAKD,6BAD1B;AAEVE,MAAAA,gBAAgB,EAAED,cAAKC,gBAFb;AAGVC,MAAAA,gBAAgB,EAAEF,cAAKE;AAHb,KAAZ,CAtBiC,CA4BjC;;AACAtB,IAAAA,MAAM,CAACC,MAAP,CAAc,KAAKR,OAAL,CAAaI,WAA3B,EAAwC;AACtC0B,MAAAA,cAAc,EAAE,KAAK7B,cAAL,CAAoB8B,oBAApB,CAAyCjB,IAAzC,CAA8C,KAAKb,cAAnD,CADsB;AAEtC+B,MAAAA,YAAY,EAAE,KAAK/B,cAAL,CAAoB+B,YAApB,CAAiClB,IAAjC,CAAsC,KAAKb,cAA3C;AAFwB,KAAxC;AAKA,SAAKgC,QAAL,GAAgB;AAAEC,MAAAA,WAAW,EAAE;AAAf,KAAhB;;AAEA,QAAI,yBAAJ,EAAiB;AACf,WAAKlC,OAAL,GAAeO,MAAM,CAACC,MAAP,CAAc,KAAKR,OAAnB,EAA4B;AACzCmC,QAAAA,WAAW,EAAE,yBAAcpC,IAAI,CAACoC,WAAnB,EAAgCC,MAAM,CAACC,QAAP,CAAgBC,MAAhD,CAD4B,CAC6B;;AAD7B,OAA5B,CAAf;AAGD,KAxCgC,CA0CjC;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,QAAI,CAACvC,IAAI,CAACwC,YAAN,IAAsBxC,IAAI,CAACwC,YAAL,KAAsB,CAAhD,EAAmD;AACjD,WAAKvC,OAAL,CAAauC,YAAb,GAA4BC,gCAA5B;AACD,KAFD,MAEO;AACL,WAAKxC,OAAL,CAAauC,YAAb,GAA4BxC,IAAI,CAACwC,YAAjC;AACD,KArDgC,CAuDjC;AACA;AACA;;;AACA,SAAKvC,OAAL,CAAayC,cAAb,GAA8B,CAAC,CAAC1C,IAAI,CAAC0C,cAArC;AAEA,SAAKC,OAAL,GAAe;AACbC,MAAAA,KAAK,EAAEC,sBAAa9B,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CADM;AAEbG,MAAAA,MAAM,EAAE4B,uBAAc/B,IAAd,CAAmB,IAAnB,EAAyB,IAAzB,CAFK;AAGbQ,MAAAA,GAAG,EAAEwB,oBAAWhC,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAHQ;AAIbiC,MAAAA,OAAO,EAAEC,wBAAelC,IAAf,CAAoB,IAApB,EAA0B,IAA1B,CAJI;AAKbmC,MAAAA,oBAAoB,EAAEA,8BAAqBnC,IAArB,CAA0B,IAA1B,EAAgC,IAAhC;AALT,KAAf;AAQA,SAAKoC,WAAL,GAAmB,IAAIC,qBAAJ,EAAnB;;AACA,UAAMC,QAAQ,GAAIC,MAAD,IAAY;AAC3B,aAAOF,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4BzC,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAP;AACD,KAFD,CArEiC,CAyEjC;;;AACA,UAAMG,iBAAiB,GAAGJ,QAAQ,CAACK,sBAAgB3C,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAAD,CAAlC;AACA,UAAM4C,kBAAsC,GAAGnD,MAAM,CAACC,MAAP,CAAcgD,iBAAd,EAAiC;AAC9E;AACAG,MAAAA,YAAY,EAAE,UAASC,GAAT,EAAc;AAC1BxB,QAAAA,MAAM,CAACC,QAAP,GAAkBuB,GAAlB;AACD;AAJ6E,KAAjC,CAA/C,CA3EiC,CAiFjC;;AACA,UAAMC,cAAc,GAAGT,QAAQ,CAACU,mBAAahD,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAAD,CAA/B;AACA,UAAMiD,eAAsC,GAAGxD,MAAM,CAACC,MAAP,CAAcqD,cAAd,EAA8B;AAC3E;AACAG,MAAAA,WAAW,EAAE,YAAW;AACtB,eAAO5B,MAAM,CAAC6B,OAAd;AACD,OAJ0E;AAM3E;AACAC,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO9B,MAAM,CAACC,QAAd;AACD,OAT0E;AAW3E;AACA8B,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO/B,MAAM,CAACgC,QAAd;AACD;AAd0E,KAA9B,CAA/C;AAgBA,SAAKC,KAAL,GAAa;AACXC,MAAAA,kBAAkB,EAAEA,yBAAmBxD,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CADT;AAEXyD,MAAAA,qBAAqB,EAAEA,4BAAsBzD,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAFZ;AAGX0D,MAAAA,gBAAgB,EAAEA,uBAAiB1D,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAHP;AAIX2D,MAAAA,YAAY,EAAEA,mBAAa3D,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAJH;AAKX2C,MAAAA,eAAe,EAAEC,kBALN;AAMXI,MAAAA,YAAY,EAAEC,eANH;AAOXW,MAAAA,MAAM,EAAEC,iBAPG;AAQXC,MAAAA,MAAM,EAAEC,kBAAY/D,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CARG;AASXgE,MAAAA,KAAK,EAAEC,iBAAWjE,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CATI;AAUXkE,MAAAA,sBAAsB,EAAEA,6BAAuBlE,IAAvB,CAA4B,IAA5B,EAAkC,IAAlC,CAVb;AAWXmE,MAAAA,WAAW,EAAEA,kBAAYnE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAXF;AAYXoE,MAAAA,WAAW,EAAEA,kBAAYpE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAZF;AAaXqE,MAAAA,MAAM,EAAEC,kBAAYtE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAbG;AAcXuE,MAAAA,eAAe,EAAEA,sBAAgBvE,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAdN,KAAb,CAnGiC,CAmHjC;;AACA,UAAMwE,WAAW,GAAG,CAClB;AACA,YAFkB,EAGlB,iBAHkB,EAIlB;AACA,qBALkB,EAMlB,cANkB,CAApB;AAQA/E,IAAAA,MAAM,CAACgF,IAAP,CAAY,KAAKlB,KAAjB,EAAwBmB,OAAxB,CAAgCC,GAAG,IAAI;AACrC,UAAIH,WAAW,CAACI,OAAZ,CAAoBD,GAApB,KAA4B,CAAhC,EAAmC;AAAE;AACnC;AACD;;AACD,UAAIpC,MAAM,GAAG,KAAKgB,KAAL,CAAWoB,GAAX,CAAb;AACA,WAAKpB,KAAL,CAAWoB,GAAX,IAAkBtC,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4BzC,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAlB;AACD,KAND,EA5HiC,CAoIjC;;AACA,UAAMsC,qBAAqB,GAAGC,sBAAiB9E,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAA9B;;AACA,SAAK+E,GAAL,GAAW;AACTC,MAAAA,QAAQ,EAAEA,cAAShF,IAAT,CAAc,IAAd,EAAoB,IAApB,CADD;AAETS,MAAAA,UAAU,EAAEA,gBAAWT,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAFH;AAGTiF,MAAAA,YAAY,EAAEA,kBAAajF,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAHL;AAITkF,MAAAA,QAAQ,EAAEA,cAASlF,IAAT,CAAc,IAAd,EAAoB,IAApB,CAJD;AAKTmF,MAAAA,KAAK,EAAEN,qBALE;AAMTC,MAAAA,gBAAgB,EAAED,qBANT;AAMgC;AACzCO,MAAAA,IAAI,EAAEA,UAAKpF,IAAL,CAAU,IAAV,EAAgB,IAAhB,CAPG;AAQTqF,MAAAA,OAAO,EAAEA,aAAQrF,IAAR,CAAa,IAAb,EAAmB,IAAnB,CARA;AASTsF,MAAAA,MAAM,EAAEA,YAAOtF,IAAP,CAAY,IAAZ,EAAkB,IAAlB,CATC;AAUTuF,MAAAA,eAAe,EAAEA,qBAAgBvF,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAVR;AAYT;AACAwF,MAAAA,6BAA6B,EAAEA,mCAA8BxF,IAA9B,CAAmC,IAAnC,EAAyC,IAAzC,CAbtB;AAeT;AACAyF,MAAAA,qBAAqB,EAAEA,4BAAsBzF,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAhBd;AAiBT0F,MAAAA,0BAA0B,EAA1BA,gCAjBS;AAmBT;AACAC,MAAAA,yBAAyB,EAAEA,+BAA0B3F,IAA1B,CAA+B,IAA/B,EAAqC,IAArC,CApBlB;AAqBT4F,MAAAA,qBAAqB,EAArBA,0BArBS;AAsBTC,MAAAA,wBAAwB,EAAxBA,6BAtBS;AAuBTC,MAAAA,0BAA0B,EAA1BA,+BAvBS;AAyBTC,MAAAA,uBAAuB,EAAEA,yCAAwB/F,IAAxB,CAA6B,IAA7B,EAAmC,IAAnC,CAzBhB;AA0BTgG,MAAAA,qBAAqB,EAAEA,uCAAsBhG,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CA1Bd;AA2BTiG,MAAAA,kBAAkB,EAAEA,oCAAmBjG,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CA3BX;AA4BTkG,MAAAA,mBAAmB,EAAEA,qCAAoBlG,IAApB,CAAyB,IAAzB,EAA+B,IAA/B,CA5BZ;AA6BTmG,MAAAA,oBAAoB,EAAEA,sCAAqBnG,IAArB,CAA0B,IAA1B,EAAgC,IAAhC,CA7Bb;AA8BToG,MAAAA,sBAAsB,EAAtBA,uCA9BS;AA+BTC,MAAAA,OAAO,EAAGC,IAAD,IAA0B;AACjC,aAAKpH,OAAL,CAAaoH,IAAb,GAAoBA,IAApB;AACD,OAjCQ;AAkCTC,MAAAA,OAAO,EAAE,MAAkC;AACzC,eAAO,KAAKrH,OAAL,CAAaoH,IAApB;AACD,OApCQ;AAqCTE,MAAAA,UAAU,EAAEA,gBAAWxG,IAAX,CAAgB,IAAhB,EAAsB,IAAtB;AArCH,KAAX;AAwCA,8CAA4B,6CAA+B,IAA/B,CAA5B,EA9KiC,CA8KkC;AAEnE;;AACA,SAAKyG,IAAL,GAAY;AACVC,MAAAA,gBAAgB,EAAEA,uBAAiB1G,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AADR,KAAZ,CAjLiC,CAqLjC;;AACA,SAAK2G,WAAL,GAAmBA,qBAAY3G,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAAnB;AAEA,SAAK4G,OAAL,GAAe,IAAI/H,OAAJ,EAAf,CAxLiC,CA0LjC;;AACA,SAAKgI,YAAL,GAAoB,IAAIC,0BAAJ,CAAiB,IAAjB,EAAuB7H,IAAI,CAAC4H,YAA5B,CAApB,CA3LiC,CA6LjC;;AACA,SAAKE,gBAAL,GAAwB,IAAIC,kCAAJ,CAAqB,IAArB,CAAxB;AACD;;AAED7B,EAAAA,KAAK,GAAG;AACN,SAAK0B,YAAL,CAAkB1B,KAAlB;;AACA,QAAI,CAAC,KAAK5B,KAAL,CAAWgB,eAAX,EAAL,EAAmC;AACjC,WAAKwC,gBAAL,CAAsBE,eAAtB;AACD;AACF;;AAEDC,EAAAA,IAAI,GAAG;AACL,SAAKL,YAAL,CAAkBK,IAAlB;AACD;;AAEDC,EAAAA,UAAU,CAACC,OAAD,EAAU;AAClB,SAAKlI,OAAL,CAAakI,OAAb,GAAuB3H,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,KAAKR,OAAL,CAAakI,OAA/B,EAAwCA,OAAxC,CAAvB;AACD,GAjO2D,CAoO5D;;;AACY,QAANC,MAAM,CAACC,IAAD,EAAgD;AAC1D,WAAO,KAAKC,qBAAL,CAA2BD,IAA3B,CAAP;AACD,GAvO2D,CAyO5D;;;AAC2B,QAArBC,qBAAqB,CAACD,IAAD,EAA+D;AACxFA,IAAAA,IAAI,GAAG,iBAAMA,IAAI,IAAI,EAAd,CAAP;;AACA,UAAME,kBAAkB,GAAItI,OAAD,IAAc;AACvC,aAAOoI,IAAI,CAACG,eAAZ;AACA,aAAO,2BAAkB,IAAlB,EAAwB,eAAxB,EAAyCH,IAAzC,EAA+CpI,OAA/C,CAAP;AACD,KAHD;;AAIA,QAAI,CAACoI,IAAI,CAACG,eAAV,EAA2B;AACzB,aAAOD,kBAAkB,EAAzB;AACD;;AACD,WAAO,KAAKb,WAAL,GACNe,IADM,CACD,UAASf,WAAT,EAAsB;AAC1B,aAAOa,kBAAkB,CAAC;AACxBJ,QAAAA,OAAO,EAAE;AACP,kCAAwBT;AADjB;AADe,OAAD,CAAzB;AAKD,KAPM,CAAP;AAQD;;AAEuB,QAAlBgB,kBAAkB,CAACL,IAA+B,GAAG,EAAnC,EAAuC;AAC7D,UAAM;AAAEM,MAAAA,WAAF;AAAe,SAAGC;AAAlB,QAAuCP,IAA7C;;AACA,QAAG,KAAKnG,QAAL,CAAcC,WAAjB,EAA8B;AAC5B;AACA;AACD;;AAED,SAAKD,QAAL,CAAcC,WAAd,GAA4B,IAA5B;;AACA,QAAI;AACF;AACA,UAAIwG,WAAJ,EAAiB;AACf,aAAKE,cAAL,CAAoBF,WAApB;AACD;;AACD,YAAMG,MAAM,GAAGtI,MAAM,CAACC,MAAP,CAAc;AAC3B;AACAsI,QAAAA,MAAM,EAAE,KAAK9I,OAAL,CAAa8I,MAAb,IAAuB,CAAC,QAAD,EAAW,OAAX,EAAoB,SAApB;AAFJ,OAAd,EAGZH,gBAHY,CAAf;AAIA,YAAM,KAAKtE,KAAL,CAAWZ,eAAX,CAA2BoF,MAA3B,CAAN;AACD,KAVD,SAUU;AACR,WAAK5G,QAAL,CAAcC,WAAd,GAA4B,KAA5B;AACD;AACF,GAlR2D,CAoR5D;;;AACAU,EAAAA,YAAY,GAAqB;AAC/B,WAAO,KAAKF,OAAL,CAAaC,KAAb,GAAqB;AAArB,KACN6F,IADM,CACD,YAAY;AAChB;AACA,WAAKb,YAAL,CAAkBoB,KAAlB;AACD,KAJM,EAKNC,KALM,CAKA,UAASC,CAAT,EAAY;AACjB,UAAIA,CAAC,CAAC7H,IAAF,KAAW,cAAX,IAA6B6H,CAAC,CAACC,SAAF,KAAgB,UAAjD,EAA6D;AAC3D;AACA,eAAO,IAAP;AACD;;AACD,YAAMD,CAAN;AACD,KAXM,CAAP;AAYD,GAlS2D,CAoS5D;;;AACuB,QAAjBE,iBAAiB,CAACC,WAAD,EAA8C;AACnE,QAAI,CAACA,WAAL,EAAkB;AAChBA,MAAAA,WAAW,GAAG,CAAC,MAAM,KAAKzB,YAAL,CAAkB0B,SAAlB,EAAP,EAAsCD,WAApD;AACA,YAAME,cAAc,GAAG,KAAK3B,YAAL,CAAkB4B,mBAAlB,CAAsC,aAAtC,CAAvB;AACA,WAAK5B,YAAL,CAAkB6B,MAAlB,CAAyBF,cAAzB;AACD,KALkE,CAMnE;;;AACA,QAAI,CAACF,WAAL,EAAkB;AAChB,aAAOK,OAAO,CAACC,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKrF,KAAL,CAAWO,MAAX,CAAkBwE,WAAlB,CAAP;AACD,GAhT2D,CAkT5D;;;AACwB,QAAlBO,kBAAkB,CAACC,YAAD,EAAgD;AACtE,QAAI,CAACA,YAAL,EAAmB;AACjBA,MAAAA,YAAY,GAAG,CAAC,MAAM,KAAKjC,YAAL,CAAkB0B,SAAlB,EAAP,EAAsCO,YAArD;AACA,YAAMC,eAAe,GAAG,KAAKlC,YAAL,CAAkB4B,mBAAlB,CAAsC,cAAtC,CAAxB;AACA,WAAK5B,YAAL,CAAkB6B,MAAlB,CAAyBK,eAAzB;AACD,KALqE,CAMtE;;;AACA,QAAI,CAACD,YAAL,EAAmB;AACjB,aAAOH,OAAO,CAACC,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKrF,KAAL,CAAWO,MAAX,CAAkBgF,YAAlB,CAAP;AACD;;AAEDE,EAAAA,qBAAqB,CAAC9J,OAAkC,GAAG,EAAtC,EAA0C;AAC7D,QAAI;AACF+J,MAAAA,OADE;AAEFC,MAAAA,qBAFE;AAGFC,MAAAA;AAHE,QAIAjK,OAJJ;;AAKA,QAAI,CAAC+J,OAAL,EAAc;AACZA,MAAAA,OAAO,GAAG,KAAKpC,YAAL,CAAkBuC,aAAlB,GAAkCH,OAA5C;AACD;;AACD,QAAI,CAACA,OAAL,EAAc;AACZ,aAAO,EAAP;AACD;;AACD,QAAI,CAACC,qBAAL,EAA4B;AAC1BA,MAAAA,qBAAqB,GAAG,KAAKhK,OAAL,CAAagK,qBAArC;AACD;;AAED,UAAMG,SAAS,GAAG,wBAAa,IAAb,EAAmBA,SAArC;AACA,UAAMC,WAAW,GAAGL,OAAO,CAACA,OAA5B,CAjB6D,CAiBxB;;AACrC,QAAIM,SAAS,GAAGF,SAAS,GAAG,iBAAZ,GAAgCG,kBAAkB,CAACF,WAAD,CAAlE;;AACA,QAAIJ,qBAAJ,EAA2B;AACzBK,MAAAA,SAAS,IAAI,+BAA+BC,kBAAkB,CAACN,qBAAD,CAA9D;AACD,KArB4D,CAsB7D;;;AACA,QAAIC,KAAJ,EAAW;AACTI,MAAAA,SAAS,IAAI,YAAYC,kBAAkB,CAACL,KAAD,CAA3C;AACD;;AAED,WAAOI,SAAP;AACD,GA5V2D,CA8V5D;;;AACa,QAAPE,OAAO,CAACvK,OAAD,EAA2B;AACtCA,IAAAA,OAAO,GAAGO,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBR,OAAlB,CAAV,CADsC,CAGtC;;AACA,QAAIwK,UAAU,GAAGpI,MAAM,CAACC,QAAP,CAAgBC,MAAjC;AACA,QAAImI,UAAU,GAAGrI,MAAM,CAACC,QAAP,CAAgBqI,IAAjC;AACA,QAAIV,qBAAqB,GAAGhK,OAAO,CAACgK,qBAAR,IACvB,KAAKhK,OAAL,CAAagK,qBADU,IAEvBQ,UAFL;AAIA,QAAIpB,WAAW,GAAGpJ,OAAO,CAACoJ,WAA1B;AACA,QAAIQ,YAAY,GAAG5J,OAAO,CAAC4J,YAA3B;AACA,QAAIT,iBAAiB,GAAGnJ,OAAO,CAACmJ,iBAAR,KAA8B,KAAtD;AACA,QAAIQ,kBAAkB,GAAG3J,OAAO,CAAC2J,kBAAR,KAA+B,KAAxD;;AAEA,QAAIA,kBAAkB,IAAI,OAAOC,YAAP,KAAwB,WAAlD,EAA+D;AAC7DA,MAAAA,YAAY,GAAG,KAAKjC,YAAL,CAAkBuC,aAAlB,GAAkCN,YAAjD;AACD;;AAED,QAAIT,iBAAiB,IAAI,OAAOC,WAAP,KAAuB,WAAhD,EAA6D;AAC3DA,MAAAA,WAAW,GAAG,KAAKzB,YAAL,CAAkBuC,aAAlB,GAAkCd,WAAhD;AACD;;AAED,QAAI,CAACpJ,OAAO,CAAC+J,OAAb,EAAsB;AACpB/J,MAAAA,OAAO,CAAC+J,OAAR,GAAkB,KAAKpC,YAAL,CAAkBuC,aAAlB,GAAkCH,OAApD;AACD;;AAED,QAAIJ,kBAAkB,IAAIC,YAA1B,EAAwC;AACtC,YAAM,KAAKD,kBAAL,CAAwBC,YAAxB,CAAN;AACD;;AAED,QAAIT,iBAAiB,IAAIC,WAAzB,EAAsC;AACpC,YAAM,KAAKD,iBAAL,CAAuBC,WAAvB,CAAN;AACD;;AAED,UAAMiB,SAAS,GAAG,KAAKP,qBAAL,CAA2B,EAAE,GAAG9J,OAAL;AAAcgK,MAAAA;AAAd,KAA3B,CAAlB,CAnCsC,CAoCtC;AACA;;AACA,QAAI,CAACK,SAAL,EAAgB;AACd;AACA,aAAO,KAAKzH,YAAL,GAAoB;AAApB,OACN4F,IADM,CACD,YAAW;AACf,YAAIwB,qBAAqB,KAAKS,UAA9B,EAA0C;AACxCrI,UAAAA,MAAM,CAACC,QAAP,CAAgBsI,MAAhB,GADwC,CACd;AAC3B,SAFD,MAEO;AACLvI,UAAAA,MAAM,CAACC,QAAP,CAAgB7B,MAAhB,CAAuBwJ,qBAAvB;AACD;AACF,OAPM,CAAP;AAQD,KAVD,MAUO;AACL,UAAIhK,OAAO,CAAC4K,yBAAZ,EAAuC;AACrC;AACA,aAAKjD,YAAL,CAAkBoB,KAAlB;AACD,OAHD,MAGO;AACL,aAAKpB,YAAL,CAAkBkD,qBAAlB;AACD,OANI,CAOL;;;AACAzI,MAAAA,MAAM,CAACC,QAAP,CAAgB7B,MAAhB,CAAuB6J,SAAvB;AACD;AACF;;AAEDS,EAAAA,SAAS,CAAC1C,IAAD,EAAwB;AAC/B,QAAIxE,GAAG,GAAG,2BAA2B,yBAAcwE,IAAd,CAArC;AACA,QAAIpI,OAAO,GAAG;AACZkI,MAAAA,OAAO,EAAE;AACP,kBAAU;AADH;AADG,KAAd;AAKA,WAAO,eAAI,IAAJ,EAAUtE,GAAV,EAAe5D,OAAf,CAAP;AACD,GAna2D,CAqa5D;AACA;AACA;AAEA;AACA;;;AACqB,QAAf+K,eAAe,GAAqB;AAExC,QAAI;AAAE3B,MAAAA,WAAF;AAAeW,MAAAA;AAAf,QAA2B,KAAKpC,YAAL,CAAkBuC,aAAlB,EAA/B;AACA,UAAM;AAAEc,MAAAA,SAAF;AAAaC,MAAAA;AAAb,QAA4B,KAAKtD,YAAL,CAAkBuD,UAAlB,EAAlC;;AAEA,QAAI9B,WAAW,IAAI,KAAKzB,YAAL,CAAkBwD,UAAlB,CAA6B/B,WAA7B,CAAnB,EAA8D;AAC5DA,MAAAA,WAAW,GAAGgC,SAAd;;AACA,UAAIJ,SAAJ,EAAe;AACb,YAAI;AACF5B,UAAAA,WAAW,GAAG,MAAM,KAAKzB,YAAL,CAAkB7C,KAAlB,CAAwB,aAAxB,CAApB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAImG,UAAJ,EAAgB;AACrB,aAAKtD,YAAL,CAAkB6B,MAAlB,CAAyB,aAAzB;AACD;AACF;;AAED,QAAIO,OAAO,IAAI,KAAKpC,YAAL,CAAkBwD,UAAlB,CAA6BpB,OAA7B,CAAf,EAAsD;AACpDA,MAAAA,OAAO,GAAGqB,SAAV;;AACA,UAAIJ,SAAJ,EAAe;AACb,YAAI;AACFjB,UAAAA,OAAO,GAAG,MAAM,KAAKpC,YAAL,CAAkB7C,KAAlB,CAAwB,SAAxB,CAAhB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAImG,UAAJ,EAAgB;AACrB,aAAKtD,YAAL,CAAkB6B,MAAlB,CAAyB,SAAzB;AACD;AACF;;AAED,WAAO,CAAC,EAAEJ,WAAW,IAAIW,OAAjB,CAAR;AACD;;AAEY,QAAPsB,OAAO,GAAwB;AACnC,UAAM;AAAEtB,MAAAA,OAAF;AAAWX,MAAAA;AAAX,QAA2B,KAAKzB,YAAL,CAAkBuC,aAAlB,EAAjC;AACA,WAAO,KAAK7F,KAAL,CAAWa,WAAX,CAAuBkE,WAAvB,EAAoCW,OAApC,CAAP;AACD;;AAEDuB,EAAAA,UAAU,GAAuB;AAC/B,UAAM;AAAEvB,MAAAA;AAAF,QAAc,KAAKpC,YAAL,CAAkBuC,aAAlB,EAApB;AACA,WAAOH,OAAO,GAAGA,OAAO,CAACA,OAAX,GAAqBqB,SAAnC;AACD;;AAEDG,EAAAA,cAAc,GAAuB;AACnC,UAAM;AAAEnC,MAAAA;AAAF,QAAkB,KAAKzB,YAAL,CAAkBuC,aAAlB,EAAxB;AACA,WAAOd,WAAW,GAAGA,WAAW,CAACA,WAAf,GAA6BgC,SAA/C;AACD;;AAEDI,EAAAA,eAAe,GAAuB;AACpC,UAAM;AAAE5B,MAAAA;AAAF,QAAmB,KAAKjC,YAAL,CAAkBuC,aAAlB,EAAzB;AACA,WAAON,YAAY,GAAGA,YAAY,CAACA,YAAhB,GAA+BwB,SAAlD;AACD;AAED;AACF;AACA;;;AAC+B,QAAvBK,uBAAuB,GAAkB;AAC7C,UAAM;AAAEC,MAAAA;AAAF,QAAa,MAAM,KAAKrH,KAAL,CAAWP,YAAX,EAAzB;AACA,SAAK6D,YAAL,CAAkBgE,SAAlB,CAA4BD,MAA5B;AACD;;AAED9C,EAAAA,cAAc,CAACF,WAAD,EAAsBuB,KAAtB,EAA4C;AACxD;AACA,UAAM2B,cAAc,GAAGC,wBAAeC,iBAAf,EAAvB;;AACAF,IAAAA,cAAc,CAACG,OAAf,CAAuBC,mCAAvB,EAAkDtD,WAAlD,EAHwD,CAKxD;;AACAuB,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMgC,aAAa,GAAG,KAAKhM,cAAL,CAAoBiM,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACF,OAAd,CAAsB9B,KAAtB,EAA6BvB,WAA7B;AACD;AACF;;AAEDyD,EAAAA,cAAc,CAAClC,KAAD,EAAqC;AACjD;AACAA,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMgC,aAAa,GAAG,KAAKhM,cAAL,CAAoBiM,qBAApB,EAAtB;AACA,YAAMxD,WAAW,GAAGuD,aAAa,CAACG,OAAd,CAAsBnC,KAAtB,CAApB;;AACA,UAAIvB,WAAJ,EAAiB;AACf,eAAOA,WAAP;AACD;AACF,KATgD,CAWjD;;;AACA,UAAMrH,OAAO,GAAGwK,wBAAeC,iBAAf,EAAhB;;AACA,WAAOzK,OAAO,GAAGA,OAAO,CAAC+K,OAAR,CAAgBJ,mCAAhB,KAA8CZ,SAAjD,GAA6DA,SAA3E;AACD;;AAEDiB,EAAAA,iBAAiB,CAACpC,KAAD,EAAuB;AACtC;AACA,UAAM5I,OAAO,GAAGwK,wBAAeC,iBAAf,EAAhB;;AACAzK,IAAAA,OAAO,CAACiL,UAAR,CAAmBN,mCAAnB,EAHsC,CAKtC;;AACA/B,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMgC,aAAa,GAAG,KAAKhM,cAAL,CAAoBiM,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACK,UAAd,IAA4BL,aAAa,CAACK,UAAd,CAAyBrC,KAAzB,CAA5B;AACD;AACF;;AAED5E,EAAAA,eAAe,GAAY;AACzB,WAAO,2BAAgB,IAAhB,CAAP;AACD;;AAEwB,QAAnBkH,mBAAmB,CAACb,MAAD,EAAkBhD,WAAlB,EAAuD;AAC9E,QAAIuB,KAAK,GAAG,KAAKjK,OAAL,CAAaiK,KAAzB,CAD8E,CAG9E;;AACA,QAAIyB,MAAJ,EAAY;AACV,WAAK/D,YAAL,CAAkBgE,SAAlB,CAA4BD,MAA5B;AACAhD,MAAAA,WAAW,GAAGA,WAAW,IAAI,KAAKyD,cAAL,CAAoB,KAAKnM,OAAL,CAAaiK,KAAjC,CAA7B;AACD,KAHD,MAGO,IAAI,KAAK5E,eAAL,EAAJ,EAA4B;AACjC;AACA,YAAMmH,aAAa,GAAG,MAAM,6CAA0B,IAA1B,EAAgC,EAAhC,CAA5B;AACAvC,MAAAA,KAAK,GAAGuC,aAAa,CAACvC,KAAtB;AACAvB,MAAAA,WAAW,GAAGA,WAAW,IAAI,KAAKyD,cAAL,CAAoBlC,KAApB,CAA7B;AACA,YAAM,KAAKwB,uBAAL,EAAN;AACD,KANM,MAMA;AACL,aADK,CACG;AACT,KAf6E,CAiB9E;;;AACA,UAAM,KAAK5D,gBAAL,CAAsBE,eAAtB,EAAN,CAlB8E,CAoB9E;;AACA,SAAKsE,iBAAL,CAAuBpC,KAAvB,EArB8E,CAuB9E;;AACA,UAAM;AAAEwC,MAAAA;AAAF,QAAyB,KAAKzM,OAApC;;AACA,QAAIyM,kBAAJ,EAAwB;AACtB,YAAMA,kBAAkB,CAAC,IAAD,EAAO/D,WAAP,CAAxB;AACD,KAFD,MAEO,IAAIA,WAAJ,EAAiB;AACtBtG,MAAAA,MAAM,CAACC,QAAP,CAAgBqK,OAAhB,CAAwBhE,WAAxB;AACD;AACF;;AAEDiE,EAAAA,MAAM,GAAY;AAChB,WAAO,CAAC,CAAC,KAAK3M,OAAL,CAAayB,IAAtB;AACD;;AAEDmL,EAAAA,eAAe,CAACC,YAAD,EAAgC;AAC7C,QAAID,eAAe,GAAG,KAAtB;;AACA,QAAIE,KAAK,CAACC,OAAN,CAAc,KAAK/M,OAAL,CAAa6M,YAA3B,KAA4C,KAAK7M,OAAL,CAAa6M,YAAb,CAA0BG,MAA1E,EAAkF;AAChFJ,MAAAA,eAAe,GAAG,KAAK5M,OAAL,CAAa6M,YAAb,CAA0BnH,OAA1B,CAAkCmH,YAAlC,KAAmD,CAArE;AACD,KAFD,MAEO;AACLD,MAAAA,eAAe,GAAG,KAAK5M,OAAL,CAAa6M,YAAb,KAA8BA,YAAhD;AACD;;AACD,WAAOD,eAAP;AACD;;AAEDK,EAAAA,uBAAuB,GAAY;AACjC,WAAO,KAAKL,eAAL,CAAqB,MAArB,CAAP;AACD,GAvkB2D,CAykB5D;AACA;AACA;AACA;;;AAEAM,EAAAA,eAAe,GAAW;AACxB;AACA;AACA,WAAO,KAAKlN,OAAL,CAAamN,MAAb,CAAqBC,KAArB,CAA2B,UAA3B,EAAuC,CAAvC,CAAP;AACD,GAllB2D,CAolB5D;;;AACAC,EAAAA,cAAc,CAACjF,IAAD,EAAiC;AAC7C,WAAO,2BAAkB,IAAlB,EAAwB,iCAAxB,EAA2DA,IAA3D,CAAP;AACD,GAvlB2D,CAylB5D;;;AACAkF,EAAAA,aAAa,CAAClF,IAAD,EAAwD;AACnE,WAAO,2BAAkB,IAAlB,EAAwB,+BAAxB,EAAyDA,IAAzD,CAAP;AACD,GA5lB2D,CA8lB5D;;;AACAmF,EAAAA,mBAAmB,CAACnF,IAAD,EAA6D;AAC9E,WAAO,2BAAkB,IAAlB,EAAwB,8BAAxB,EAAwDA,IAAxD,CAAP;AACD;;AAjmB2D,C,CAomB9D;;;AACAvI,QAAQ,CAAC2N,QAAT,GAAoB3N,QAAQ,CAACyD,SAAT,CAAmBkK,QAAnB,GAA8BA,QAAlD,C,CAEA;;AACAjN,MAAM,CAACC,MAAP,CAAcX,QAAd,EAAwB;AACtB4N,EAAAA;AADsB,CAAxB;eAIe5N,Q","sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* global window */\n\nimport { \n DEFAULT_MAX_CLOCK_SKEW, \n REFERRER_PATH_STORAGE_KEY\n} from './constants';\nimport * as constants from './constants';\nimport {\n OktaAuth as SDKInterface,\n OktaAuthOptions, \n AccessToken, \n IDToken,\n RefreshToken,\n TokenAPI, \n FeaturesAPI, \n SignoutAPI, \n FingerprintAPI,\n UserClaims, \n SigninWithRedirectOptions,\n SigninWithCredentialsOptions,\n SignoutOptions,\n Tokens,\n ForgotPasswordOptions,\n VerifyRecoveryTokenOptions,\n TransactionAPI,\n SessionAPI,\n SigninAPI,\n PkceAPI,\n SigninOptions,\n IdxAPI,\n SignoutRedirectUrlOptions,\n HttpAPI,\n FlowIdentifier,\n GetWithRedirectAPI,\n ParseFromUrlInterface,\n GetWithRedirectFunction,\n} from './types';\nimport {\n transactionStatus,\n resumeTransaction,\n transactionExists,\n introspectAuthn,\n postToTransaction,\n AuthTransaction\n} from './tx';\nimport PKCE from './oidc/util/pkce';\nimport {\n closeSession,\n sessionExists,\n getSession,\n refreshSession,\n setCookieAndRedirect\n} from './session';\nimport {\n getOAuthUrls,\n getWithoutPrompt,\n getWithPopup,\n getWithRedirect,\n isLoginRedirect,\n parseFromUrl,\n decodeToken,\n revokeToken,\n renewToken,\n renewTokens,\n renewTokensWithRefresh,\n getUserInfo,\n verifyToken,\n prepareTokenParams,\n exchangeCodeForTokens,\n isInteractionRequiredError,\n isInteractionRequired,\n} from './oidc';\nimport { isBrowser } from './features';\nimport * as features from './features';\nimport browserStorage from './browser/browserStorage';\nimport { \n toQueryString, \n toAbsoluteUrl,\n clone,\n} from './util';\nimport { TokenManager } from './TokenManager';\nimport { get, setRequestHeader } from './http';\nimport PromiseQueue from './PromiseQueue';\nimport fingerprint from './browser/fingerprint';\nimport { AuthStateManager } from './AuthStateManager';\nimport StorageManager from './StorageManager';\nimport TransactionManager from './TransactionManager';\nimport { buildOptions } from './options';\nimport {\n interact,\n introspect,\n authenticate,\n cancel,\n poll,\n proceed,\n register,\n recoverPassword,\n startTransaction,\n handleInteractionCodeRedirect,\n canProceed,\n handleEmailVerifyCallback,\n isEmailVerifyCallback,\n parseEmailVerifyCallback,\n isEmailVerifyCallbackError\n} from './idx';\nimport { createGlobalRequestInterceptor, setGlobalRequestInterceptor } from './idx/headers';\nimport { OktaUserAgent } from './OktaUserAgent';\nimport { parseOAuthResponseFromUrl } from './oidc/parseFromUrl';\nimport {\n getSavedTransactionMeta,\n createTransactionMeta,\n getTransactionMeta,\n saveTransactionMeta,\n clearTransactionMeta,\n isTransactionMetaValid\n} from './idx/transactionMeta';\n\nconst Emitter = require('tiny-emitter');\n\nclass OktaAuth implements SDKInterface, SigninAPI, SignoutAPI {\n options: OktaAuthOptions;\n storageManager: StorageManager;\n transactionManager: TransactionManager;\n tx: TransactionAPI;\n idx: IdxAPI;\n session: SessionAPI;\n pkce: PkceAPI;\n static features: FeaturesAPI;\n features!: FeaturesAPI;\n token: TokenAPI;\n _tokenQueue: PromiseQueue;\n emitter: typeof Emitter;\n tokenManager: TokenManager;\n authStateManager: AuthStateManager;\n http: HttpAPI;\n fingerprint: FingerprintAPI;\n _oktaUserAgent: OktaUserAgent;\n _pending: { handleLogin: boolean };\n constructor(args: OktaAuthOptions) {\n const options = this.options = buildOptions(args);\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.storageManager = new StorageManager(options.storageManager!, options.cookies!, options.storageUtil!);\n this.transactionManager = new TransactionManager(Object.assign({\n storageManager: this.storageManager,\n }, options.transactionManager));\n this._oktaUserAgent = new OktaUserAgent();\n\n this.tx = {\n status: transactionStatus.bind(null, this),\n resume: resumeTransaction.bind(null, this),\n exists: Object.assign(transactionExists.bind(null, this), {\n _get: (name) => {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const storage = options.storageUtil!.storage;\n return storage.get(name);\n }\n }),\n introspect: introspectAuthn.bind(null, this)\n };\n\n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n\n // Add shims for compatibility, these will be removed in next major version. OKTA-362589\n Object.assign(this.options.storageUtil, {\n getPKCEStorage: this.storageManager.getLegacyPKCEStorage.bind(this.storageManager),\n getHttpCache: this.storageManager.getHttpCache.bind(this.storageManager),\n });\n\n this._pending = { handleLogin: false };\n\n if (isBrowser()) {\n this.options = Object.assign(this.options, {\n redirectUri: toAbsoluteUrl(args.redirectUri, window.location.origin), // allow relative URIs\n });\n }\n\n // Digital clocks will drift over time, so the server\n // can misalign with the time reported by the browser.\n // The maxClockSkew allows relaxing the time-based\n // validation of tokens (in seconds, not milliseconds).\n // It currently defaults to 300, because 5 min is the\n // default maximum tolerance allowed by Kerberos.\n // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n if (!args.maxClockSkew && args.maxClockSkew !== 0) {\n this.options.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n } else {\n this.options.maxClockSkew = args.maxClockSkew;\n }\n\n // As some end user's devices can have their date \n // and time incorrectly set, allow for the disabling\n // of the jwt liftetime validation\n this.options.ignoreLifetime = !!args.ignoreLifetime;\n\n this.session = {\n close: closeSession.bind(null, this),\n exists: sessionExists.bind(null, this),\n get: getSession.bind(null, this),\n refresh: refreshSession.bind(null, this),\n setCookieAndRedirect: setCookieAndRedirect.bind(null, this)\n };\n\n this._tokenQueue = new PromiseQueue();\n const useQueue = (method) => {\n return PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n };\n\n // eslint-disable-next-line max-len\n const getWithRedirectFn = useQueue(getWithRedirect.bind(null, this)) as GetWithRedirectFunction;\n const getWithRedirectApi: GetWithRedirectAPI = Object.assign(getWithRedirectFn, {\n // This is exposed so we can set window.location in our tests\n _setLocation: function(url) {\n window.location = url;\n }\n });\n // eslint-disable-next-line max-len\n const parseFromUrlFn = useQueue(parseFromUrl.bind(null, this)) as ParseFromUrlInterface;\n const parseFromUrlApi: ParseFromUrlInterface = Object.assign(parseFromUrlFn, {\n // This is exposed so we can mock getting window.history in our tests\n _getHistory: function() {\n return window.history;\n },\n\n // This is exposed so we can mock getting window.location in our tests\n _getLocation: function() {\n return window.location;\n },\n\n // This is exposed so we can mock getting window.document in our tests\n _getDocument: function() {\n return window.document;\n }\n });\n this.token = {\n prepareTokenParams: prepareTokenParams.bind(null, this),\n exchangeCodeForTokens: exchangeCodeForTokens.bind(null, this),\n getWithoutPrompt: getWithoutPrompt.bind(null, this),\n getWithPopup: getWithPopup.bind(null, this),\n getWithRedirect: getWithRedirectApi,\n parseFromUrl: parseFromUrlApi,\n decode: decodeToken,\n revoke: revokeToken.bind(null, this),\n renew: renewToken.bind(null, this),\n renewTokensWithRefresh: renewTokensWithRefresh.bind(null, this),\n renewTokens: renewTokens.bind(null, this),\n getUserInfo: getUserInfo.bind(null, this),\n verify: verifyToken.bind(null, this),\n isLoginRedirect: isLoginRedirect.bind(null, this)\n };\n // Wrap all async token API methods using MethodQueue to avoid issues with concurrency\n const syncMethods = [\n // sync methods\n 'decode',\n 'isLoginRedirect',\n // already bound\n 'getWithRedirect',\n 'parseFromUrl'\n ];\n Object.keys(this.token).forEach(key => {\n if (syncMethods.indexOf(key) >= 0) { // sync methods should not be wrapped\n return;\n }\n var method = this.token[key];\n this.token[key] = PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n });\n\n // IDX\n const boundStartTransaction = startTransaction.bind(null, this);\n this.idx = {\n interact: interact.bind(null, this),\n introspect: introspect.bind(null, this),\n authenticate: authenticate.bind(null, this),\n register: register.bind(null, this),\n start: boundStartTransaction,\n startTransaction: boundStartTransaction, // Use `start` instead. `startTransaction` will be removed in 7.0\n poll: poll.bind(null, this),\n proceed: proceed.bind(null, this),\n cancel: cancel.bind(null, this),\n recoverPassword: recoverPassword.bind(null, this),\n\n // oauth redirect callback\n handleInteractionCodeRedirect: handleInteractionCodeRedirect.bind(null, this),\n\n // interaction required callback\n isInteractionRequired: isInteractionRequired.bind(null, this),\n isInteractionRequiredError,\n\n // email verify callback\n handleEmailVerifyCallback: handleEmailVerifyCallback.bind(null, this),\n isEmailVerifyCallback,\n parseEmailVerifyCallback,\n isEmailVerifyCallbackError,\n \n getSavedTransactionMeta: getSavedTransactionMeta.bind(null, this),\n createTransactionMeta: createTransactionMeta.bind(null, this),\n getTransactionMeta: getTransactionMeta.bind(null, this),\n saveTransactionMeta: saveTransactionMeta.bind(null, this),\n clearTransactionMeta: clearTransactionMeta.bind(null, this),\n isTransactionMetaValid,\n setFlow: (flow: FlowIdentifier) => {\n this.options.flow = flow;\n },\n getFlow: (): FlowIdentifier | undefined => {\n return this.options.flow;\n },\n canProceed: canProceed.bind(null, this),\n };\n\n setGlobalRequestInterceptor(createGlobalRequestInterceptor(this)); // to pass custom headers to IDX endpoints\n\n // HTTP\n this.http = {\n setRequestHeader: setRequestHeader.bind(null, this)\n };\n\n // Fingerprint API\n this.fingerprint = fingerprint.bind(null, this);\n\n this.emitter = new Emitter();\n\n // TokenManager\n this.tokenManager = new TokenManager(this, args.tokenManager);\n\n // AuthStateManager\n this.authStateManager = new AuthStateManager(this);\n }\n\n start() {\n this.tokenManager.start();\n if (!this.token.isLoginRedirect()) {\n this.authStateManager.updateAuthState();\n }\n }\n\n stop() {\n this.tokenManager.stop();\n }\n\n setHeaders(headers) {\n this.options.headers = Object.assign({}, this.options.headers, headers);\n }\n\n\n // Authn V1\n async signIn(opts: SigninOptions): Promise<AuthTransaction> {\n return this.signInWithCredentials(opts as SigninWithCredentialsOptions);\n }\n\n // Authn V1\n async signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthTransaction> {\n opts = clone(opts || {});\n const _postToTransaction = (options?) => {\n delete opts.sendFingerprint;\n return postToTransaction(this, '/api/v1/authn', opts, options);\n };\n if (!opts.sendFingerprint) {\n return _postToTransaction();\n }\n return this.fingerprint()\n .then(function(fingerprint) {\n return _postToTransaction({\n headers: {\n 'X-Device-Fingerprint': fingerprint\n }\n });\n });\n }\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n\n // Ends the current Okta SSO session without redirecting to Okta.\n closeSession(): Promise<unknown> {\n return this.session.close() // DELETE /api/v1/sessions/me\n .then(async () => {\n // Clear all local tokens\n this.tokenManager.clear();\n })\n .catch(function(e) {\n if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n // Session does not exist or has already been closed\n return null;\n }\n throw e;\n });\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n if (!accessToken) {\n accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n if (!refreshToken) {\n refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (!postLogoutRedirectUri) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n async signOut(options?: SignoutOptions) {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n var defaultUri = window.location.origin;\n var currentUri = window.location.href;\n var postLogoutRedirectUri = options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri;\n \n var accessToken = options.accessToken;\n var refreshToken = options.refreshToken;\n var revokeAccessToken = options.revokeAccessToken !== false;\n var revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n // local tokens are cleared once session is closed\n return this.closeSession() // can throw if the user cannot be signed out\n .then(function() {\n if (postLogoutRedirectUri === currentUri) {\n window.location.reload(); // force a hard reload if URI is not changing\n } else {\n window.location.assign(postLogoutRedirectUri);\n }\n });\n } else {\n if (options.clearTokensBeforeRedirect) {\n // Clear all local tokens\n this.tokenManager.clear();\n } else {\n this.tokenManager.addPendingRemoveFlags();\n }\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n }\n }\n\n webfinger(opts): Promise<object> {\n var url = '/.well-known/webfinger' + toQueryString(opts);\n var options = {\n headers: {\n 'Accept': 'application/jrd+json'\n }\n };\n return get(this, url, options);\n }\n\n //\n // Common Methods from downstream SDKs\n //\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n async isAuthenticated(): Promise<boolean> {\n\n let { accessToken, idToken } = this.tokenManager.getTokensSync();\n const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = undefined;\n if (autoRenew) {\n try {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (autoRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = undefined;\n if (autoRenew) {\n try {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (autoRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n async getUser(): Promise<UserClaims> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n\n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n\n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n\n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n\n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens } = await this.token.parseFromUrl();\n this.tokenManager.setTokens(tokens);\n }\n\n setOriginalUri(originalUri: string, state?: string): void {\n // always store in session storage\n const sessionStorage = browserStorage.getSessionStorage();\n sessionStorage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n\n // to support multi-tab flows, set a state in constructor or pass as param\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n sharedStorage.setItem(state, originalUri);\n }\n }\n\n getOriginalUri(state?: string): string | undefined {\n // Prefer shared storage (if state is available)\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n const originalUri = sharedStorage.getItem(state);\n if (originalUri) {\n return originalUri;\n }\n }\n\n // Try to load from session storage\n const storage = browserStorage.getSessionStorage();\n return storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) || undefined : undefined;\n }\n\n removeOriginalUri(state?: string): void {\n // Remove from sessionStorage\n const storage = browserStorage.getSessionStorage();\n storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n\n // Also remove from shared storage\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n sharedStorage.removeItem && sharedStorage.removeItem(state);\n }\n }\n\n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n let state = this.options.state;\n\n // Store tokens and update AuthState by the emitted events\n if (tokens) {\n this.tokenManager.setTokens(tokens);\n originalUri = originalUri || this.getOriginalUri(this.options.state);\n } else if (this.isLoginRedirect()) {\n // For redirect flow, get state from the URL and use it to retrieve the originalUri\n const oAuthResponse = await parseOAuthResponseFromUrl(this, {});\n state = oAuthResponse.state;\n originalUri = originalUri || this.getOriginalUri(state);\n await this.storeTokensFromRedirect();\n } else {\n return; // nothing to do\n }\n \n // ensure auth state has been updated\n await this.authStateManager.updateAuthState();\n\n // clear originalUri from storage\n this.removeOriginalUri(state);\n\n // Redirect to originalUri\n const { restoreOriginalUri } = this.options;\n if (restoreOriginalUri) {\n await restoreOriginalUri(this, originalUri);\n } else if (originalUri) {\n window.location.replace(originalUri);\n }\n }\n\n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n\n hasResponseType(responseType: string): boolean {\n let hasResponseType = false;\n if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = this.options.responseType === responseType;\n }\n return hasResponseType;\n }\n\n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // { username, password, (relayState), (context) }\n // signIn(opts: SignInWithCredentialsOptions): Promise<AuthTransaction> {\n // return postToTransaction(this, '/api/v1/authn', opts);\n // }\n\n getIssuerOrigin(): string {\n // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return this.options.issuer!.split('/oauth2/')[0];\n }\n\n // { username, (relayState) }\n forgotPassword(opts): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/password', opts);\n }\n\n // { username, (relayState) }\n unlockAccount(opts: ForgotPasswordOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/unlock', opts);\n }\n\n // { recoveryToken }\n verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/token', opts);\n }\n}\n\n// Hoist feature detection functions to static type\nOktaAuth.features = OktaAuth.prototype.features = features;\n\n// Also hoist constants for CommonJS users\nObject.assign(OktaAuth, {\n constants\n});\n\nexport default OktaAuth;"],"file":"OktaAuth.js"}
1
+ {"version":3,"sources":["../../lib/OktaAuth.ts"],"names":["Emitter","require","OktaAuth","constructor","args","options","storageManager","StorageManager","cookies","storageUtil","transactionManager","TransactionManager","_oktaUserAgent","OktaUserAgent","tx","status","transactionStatus","bind","resume","resumeTransaction","exists","transactionExists","_get","name","storage","get","introspect","introspectAuthn","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","getPKCEStorage","getLegacyPKCEStorage","getHttpCache","_pending","handleLogin","redirectUri","window","location","origin","maxClockSkew","DEFAULT_MAX_CLOCK_SKEW","ignoreLifetime","session","close","closeSession","sessionExists","getSession","refresh","refreshSession","setCookieAndRedirect","_tokenQueue","PromiseQueue","useQueue","method","prototype","push","getWithRedirectFn","getWithRedirect","getWithRedirectApi","_setLocation","url","parseFromUrlFn","parseFromUrl","parseFromUrlApi","_getHistory","history","_getLocation","_getDocument","document","token","prepareTokenParams","exchangeCodeForTokens","getWithoutPrompt","getWithPopup","decode","decodeToken","revoke","revokeToken","renew","renewToken","renewTokensWithRefresh","renewTokens","getUserInfo","verify","verifyToken","isLoginRedirect","syncMethods","forEach","key","boundStartTransaction","startTransaction","idx","interact","authenticate","register","start","poll","proceed","cancel","recoverPassword","handleInteractionCodeRedirect","isInteractionRequired","isInteractionRequiredError","handleEmailVerifyCallback","isEmailVerifyCallback","parseEmailVerifyCallback","isEmailVerifyCallbackError","getSavedTransactionMeta","createTransactionMeta","getTransactionMeta","saveTransactionMeta","clearTransactionMeta","isTransactionMetaValid","setFlow","flow","getFlow","canProceed","unlockAccount","http","setRequestHeader","fingerprint","emitter","tokenManager","TokenManager","authStateManager","AuthStateManager","updateAuthState","stop","setHeaders","headers","signIn","opts","signInWithCredentials","_postToTransaction","sendFingerprint","then","signInWithRedirect","originalUri","additionalParams","setOriginalUri","params","scopes","clear","catch","e","errorCode","revokeAccessToken","accessToken","getTokens","accessTokenKey","getStorageKeyByType","remove","resolve","revokeRefreshToken","refreshToken","refreshTokenKey","getSignOutRedirectUrl","idToken","postLogoutRedirectUri","state","getTokensSync","logoutUrl","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","currentUri","href","reload","assign","clearTokensBeforeRedirect","addPendingRemoveFlags","webfinger","isAuthenticated","autoRenew","autoRemove","getOptions","hasExpired","undefined","getUser","getIdToken","getAccessToken","getRefreshToken","storeTokensFromRedirect","tokens","setTokens","sessionStorage","browserStorage","getSessionStorage","setItem","REFERRER_PATH_STORAGE_KEY","sharedStorage","getOriginalUriStorage","getOriginalUri","getItem","removeOriginalUri","removeItem","handleLoginRedirect","oAuthResponse","restoreOriginalUri","replace","isPKCE","hasResponseType","responseType","Array","isArray","length","isAuthorizationCodeFlow","getIssuerOrigin","issuer","split","forgotPassword","verifyRecoveryToken","invokeApiMethod","features","crypto","webauthn","constants"],"mappings":";;;;;;;;;;;;;;;;;;AAeA;;AAsCA;;AAQA;;AACA;;AAOA;;AAmBA;;AAEA;;AACA;;AACA;;AACA;;AAKA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAkBA;;AACA;;AACA;;AACA;;;;;;AA/HA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AA2HA;AACA,MAAMA,OAAO,GAAGC,OAAO,CAAC,cAAD,CAAvB;;AAEA,MAAMC,QAAN,CAAmE;AAqBjEC,EAAAA,WAAW,CAACC,IAAD,EAAwB;AACjC,UAAMC,OAAO,GAAG,KAAKA,OAAL,GAAe,2BAAaD,IAAb,CAA/B,CADiC,CAEjC;;AACA,SAAKE,cAAL,GAAsB,IAAIC,8BAAJ,CAAmBF,OAAO,CAACC,cAA3B,EAA4CD,OAAO,CAACG,OAApD,EAA8DH,OAAO,CAACI,WAAtE,CAAtB;AACA,SAAKC,kBAAL,GAA0B,IAAIC,2BAAJ,CAAuB,qBAAc;AAC7DL,MAAAA,cAAc,EAAE,KAAKA;AADwC,KAAd,EAE9CD,OAAO,CAACK,kBAFsC,CAAvB,CAA1B;AAGA,SAAKE,cAAL,GAAsB,IAAIC,4BAAJ,EAAtB;AAEA,SAAKC,EAAL,GAAU;AACRC,MAAAA,MAAM,EAAEC,sBAAkBC,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CADA;AAERC,MAAAA,MAAM,EAAEC,sBAAkBF,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAFA;AAGRG,MAAAA,MAAM,EAAE,qBAAcC,sBAAkBJ,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAAd,EAAkD;AACxDK,QAAAA,IAAI,EAAGC,IAAD,IAAU;AACd;AACA,gBAAMC,OAAO,GAAGnB,OAAO,CAACI,WAAR,CAAqBe,OAArC;AACA,iBAAOA,OAAO,CAACC,GAAR,CAAYF,IAAZ,CAAP;AACD;AALuD,OAAlD,CAHA;AAURG,MAAAA,UAAU,EAAEC,oBAAgBV,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAVJ,KAAV;AAaA,SAAKW,IAAL,GAAY;AACVC,MAAAA,6BAA6B,EAAEC,cAAKD,6BAD1B;AAEVE,MAAAA,gBAAgB,EAAED,cAAKC,gBAFb;AAGVC,MAAAA,gBAAgB,EAAEF,cAAKE;AAHb,KAAZ,CAtBiC,CA4BjC;;AACA,yBAAc,KAAK3B,OAAL,CAAaI,WAA3B,EAAwC;AACtCwB,MAAAA,cAAc,EAAE,KAAK3B,cAAL,CAAoB4B,oBAApB,CAAyCjB,IAAzC,CAA8C,KAAKX,cAAnD,CADsB;AAEtC6B,MAAAA,YAAY,EAAE,KAAK7B,cAAL,CAAoB6B,YAApB,CAAiClB,IAAjC,CAAsC,KAAKX,cAA3C;AAFwB,KAAxC;AAKA,SAAK8B,QAAL,GAAgB;AAAEC,MAAAA,WAAW,EAAE;AAAf,KAAhB;;AAEA,QAAI,yBAAJ,EAAiB;AACf,WAAKhC,OAAL,GAAe,qBAAc,KAAKA,OAAnB,EAA4B;AACzCiC,QAAAA,WAAW,EAAE,yBAAclC,IAAI,CAACkC,WAAnB,EAAgCC,MAAM,CAACC,QAAP,CAAgBC,MAAhD,CAD4B,CAC6B;;AAD7B,OAA5B,CAAf;AAGD,KAxCgC,CA0CjC;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,QAAI,CAACrC,IAAI,CAACsC,YAAN,IAAsBtC,IAAI,CAACsC,YAAL,KAAsB,CAAhD,EAAmD;AACjD,WAAKrC,OAAL,CAAaqC,YAAb,GAA4BC,gCAA5B;AACD,KAFD,MAEO;AACL,WAAKtC,OAAL,CAAaqC,YAAb,GAA4BtC,IAAI,CAACsC,YAAjC;AACD,KArDgC,CAuDjC;AACA;AACA;;;AACA,SAAKrC,OAAL,CAAauC,cAAb,GAA8B,CAAC,CAACxC,IAAI,CAACwC,cAArC;AAEA,SAAKC,OAAL,GAAe;AACbC,MAAAA,KAAK,EAAEC,sBAAa9B,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CADM;AAEbG,MAAAA,MAAM,EAAE4B,uBAAc/B,IAAd,CAAmB,IAAnB,EAAyB,IAAzB,CAFK;AAGbQ,MAAAA,GAAG,EAAEwB,oBAAWhC,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAHQ;AAIbiC,MAAAA,OAAO,EAAEC,wBAAelC,IAAf,CAAoB,IAApB,EAA0B,IAA1B,CAJI;AAKbmC,MAAAA,oBAAoB,EAAEA,8BAAqBnC,IAArB,CAA0B,IAA1B,EAAgC,IAAhC;AALT,KAAf;AAQA,SAAKoC,WAAL,GAAmB,IAAIC,qBAAJ,EAAnB;;AACA,UAAMC,QAAQ,GAAIC,MAAD,IAAY;AAC3B,aAAOF,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4BzC,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAP;AACD,KAFD,CArEiC,CAyEjC;;;AACA,UAAMG,iBAAiB,GAAGJ,QAAQ,CAACK,sBAAgB3C,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAAD,CAAlC;AACA,UAAM4C,kBAAsC,GAAG,qBAAcF,iBAAd,EAAiC;AAC9E;AACAG,MAAAA,YAAY,EAAE,UAASC,GAAT,EAAc;AAC1BxB,QAAAA,MAAM,CAACC,QAAP,GAAkBuB,GAAlB;AACD;AAJ6E,KAAjC,CAA/C,CA3EiC,CAiFjC;;AACA,UAAMC,cAAc,GAAGT,QAAQ,CAACU,mBAAahD,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAAD,CAA/B;AACA,UAAMiD,eAAsC,GAAG,qBAAcF,cAAd,EAA8B;AAC3E;AACAG,MAAAA,WAAW,EAAE,YAAW;AACtB,eAAO5B,MAAM,CAAC6B,OAAd;AACD,OAJ0E;AAM3E;AACAC,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO9B,MAAM,CAACC,QAAd;AACD,OAT0E;AAW3E;AACA8B,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO/B,MAAM,CAACgC,QAAd;AACD;AAd0E,KAA9B,CAA/C;AAgBA,SAAKC,KAAL,GAAa;AACXC,MAAAA,kBAAkB,EAAEA,yBAAmBxD,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CADT;AAEXyD,MAAAA,qBAAqB,EAAEA,4BAAsBzD,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAFZ;AAGX0D,MAAAA,gBAAgB,EAAEA,uBAAiB1D,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAHP;AAIX2D,MAAAA,YAAY,EAAEA,mBAAa3D,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAJH;AAKX2C,MAAAA,eAAe,EAAEC,kBALN;AAMXI,MAAAA,YAAY,EAAEC,eANH;AAOXW,MAAAA,MAAM,EAAEC,iBAPG;AAQXC,MAAAA,MAAM,EAAEC,kBAAY/D,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CARG;AASXgE,MAAAA,KAAK,EAAEC,iBAAWjE,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CATI;AAUXkE,MAAAA,sBAAsB,EAAEA,6BAAuBlE,IAAvB,CAA4B,IAA5B,EAAkC,IAAlC,CAVb;AAWXmE,MAAAA,WAAW,EAAEA,kBAAYnE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAXF;AAYXoE,MAAAA,WAAW,EAAEA,kBAAYpE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAZF;AAaXqE,MAAAA,MAAM,EAAEC,kBAAYtE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAbG;AAcXuE,MAAAA,eAAe,EAAEA,sBAAgBvE,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAdN,KAAb,CAnGiC,CAmHjC;;AACA,UAAMwE,WAAW,GAAG,CAClB;AACA,YAFkB,EAGlB,iBAHkB,EAIlB;AACA,qBALkB,EAMlB,cANkB,CAApB;AAQA,uBAAY,KAAKjB,KAAjB,EAAwBkB,OAAxB,CAAgCC,GAAG,IAAI;AACrC,UAAI,sBAAAF,WAAW,MAAX,CAAAA,WAAW,EAASE,GAAT,CAAX,IAA4B,CAAhC,EAAmC;AAAE;AACnC;AACD;;AACD,UAAInC,MAAM,GAAG,KAAKgB,KAAL,CAAWmB,GAAX,CAAb;AACA,WAAKnB,KAAL,CAAWmB,GAAX,IAAkBrC,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4BzC,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAlB;AACD,KAND,EA5HiC,CAoIjC;;AACA,UAAMoC,qBAAqB,GAAGC,sBAAiB5E,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAA9B;;AACA,SAAK6E,GAAL,GAAW;AACTC,MAAAA,QAAQ,EAAEA,cAAS9E,IAAT,CAAc,IAAd,EAAoB,IAApB,CADD;AAETS,MAAAA,UAAU,EAAEA,gBAAWT,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAFH;AAGT+E,MAAAA,YAAY,EAAEA,kBAAa/E,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAHL;AAITgF,MAAAA,QAAQ,EAAEA,cAAShF,IAAT,CAAc,IAAd,EAAoB,IAApB,CAJD;AAKTiF,MAAAA,KAAK,EAAEN,qBALE;AAMTC,MAAAA,gBAAgB,EAAED,qBANT;AAMgC;AACzCO,MAAAA,IAAI,EAAEA,UAAKlF,IAAL,CAAU,IAAV,EAAgB,IAAhB,CAPG;AAQTmF,MAAAA,OAAO,EAAEA,aAAQnF,IAAR,CAAa,IAAb,EAAmB,IAAnB,CARA;AASToF,MAAAA,MAAM,EAAEA,YAAOpF,IAAP,CAAY,IAAZ,EAAkB,IAAlB,CATC;AAUTqF,MAAAA,eAAe,EAAEA,qBAAgBrF,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAVR;AAYT;AACAsF,MAAAA,6BAA6B,EAAEA,mCAA8BtF,IAA9B,CAAmC,IAAnC,EAAyC,IAAzC,CAbtB;AAeT;AACAuF,MAAAA,qBAAqB,EAAEA,4BAAsBvF,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAhBd;AAiBTwF,MAAAA,0BAA0B,EAA1BA,gCAjBS;AAmBT;AACAC,MAAAA,yBAAyB,EAAEA,+BAA0BzF,IAA1B,CAA+B,IAA/B,EAAqC,IAArC,CApBlB;AAqBT0F,MAAAA,qBAAqB,EAArBA,0BArBS;AAsBTC,MAAAA,wBAAwB,EAAxBA,6BAtBS;AAuBTC,MAAAA,0BAA0B,EAA1BA,+BAvBS;AAyBTC,MAAAA,uBAAuB,EAAEA,yCAAwB7F,IAAxB,CAA6B,IAA7B,EAAmC,IAAnC,CAzBhB;AA0BT8F,MAAAA,qBAAqB,EAAEA,uCAAsB9F,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CA1Bd;AA2BT+F,MAAAA,kBAAkB,EAAEA,oCAAmB/F,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CA3BX;AA4BTgG,MAAAA,mBAAmB,EAAEA,qCAAoBhG,IAApB,CAAyB,IAAzB,EAA+B,IAA/B,CA5BZ;AA6BTiG,MAAAA,oBAAoB,EAAEA,sCAAqBjG,IAArB,CAA0B,IAA1B,EAAgC,IAAhC,CA7Bb;AA8BTkG,MAAAA,sBAAsB,EAAtBA,uCA9BS;AA+BTC,MAAAA,OAAO,EAAGC,IAAD,IAA0B;AACjC,aAAKhH,OAAL,CAAagH,IAAb,GAAoBA,IAApB;AACD,OAjCQ;AAkCTC,MAAAA,OAAO,EAAE,MAAkC;AACzC,eAAO,KAAKjH,OAAL,CAAagH,IAApB;AACD,OApCQ;AAqCTE,MAAAA,UAAU,EAAEA,gBAAWtG,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CArCH;AAsCTuG,MAAAA,aAAa,EAAEA,mBAAcvG,IAAd,CAAmB,IAAnB,EAAyB,IAAzB;AAtCN,KAAX;AAyCA,8CAA4B,6CAA+B,IAA/B,CAA5B,EA/KiC,CA+KkC;AAEnE;;AACA,SAAKwG,IAAL,GAAY;AACVC,MAAAA,gBAAgB,EAAEA,uBAAiBzG,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AADR,KAAZ,CAlLiC,CAsLjC;;AACA,SAAK0G,WAAL,GAAmBA,qBAAY1G,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAAnB;AAEA,SAAK2G,OAAL,GAAe,IAAI5H,OAAJ,EAAf,CAzLiC,CA2LjC;;AACA,SAAK6H,YAAL,GAAoB,IAAIC,0BAAJ,CAAiB,IAAjB,EAAuB1H,IAAI,CAACyH,YAA5B,CAApB,CA5LiC,CA8LjC;;AACA,SAAKE,gBAAL,GAAwB,IAAIC,kCAAJ,CAAqB,IAArB,CAAxB;AACD;;AAED9B,EAAAA,KAAK,GAAG;AACN,SAAK2B,YAAL,CAAkB3B,KAAlB;;AACA,QAAI,CAAC,KAAK1B,KAAL,CAAWgB,eAAX,EAAL,EAAmC;AACjC,WAAKuC,gBAAL,CAAsBE,eAAtB;AACD;AACF;;AAEDC,EAAAA,IAAI,GAAG;AACL,SAAKL,YAAL,CAAkBK,IAAlB;AACD;;AAEDC,EAAAA,UAAU,CAACC,OAAD,EAAU;AAClB,SAAK/H,OAAL,CAAa+H,OAAb,GAAuB,qBAAc,EAAd,EAAkB,KAAK/H,OAAL,CAAa+H,OAA/B,EAAwCA,OAAxC,CAAvB;AACD,GApOgE,CAuOjE;;;AACY,QAANC,MAAM,CAACC,IAAD,EAAgD;AAC1D,WAAO,KAAKC,qBAAL,CAA2BD,IAA3B,CAAP;AACD,GA1OgE,CA4OjE;;;AAC2B,QAArBC,qBAAqB,CAACD,IAAD,EAA+D;AACxFA,IAAAA,IAAI,GAAG,iBAAMA,IAAI,IAAI,EAAd,CAAP;;AACA,UAAME,kBAAkB,GAAInI,OAAD,IAAc;AACvC,aAAOiI,IAAI,CAACG,eAAZ;AACA,aAAO,2BAAkB,IAAlB,EAAwB,eAAxB,EAAyCH,IAAzC,EAA+CjI,OAA/C,CAAP;AACD,KAHD;;AAIA,QAAI,CAACiI,IAAI,CAACG,eAAV,EAA2B;AACzB,aAAOD,kBAAkB,EAAzB;AACD;;AACD,WAAO,KAAKb,WAAL,GACNe,IADM,CACD,UAASf,WAAT,EAAsB;AAC1B,aAAOa,kBAAkB,CAAC;AACxBJ,QAAAA,OAAO,EAAE;AACP,kCAAwBT;AADjB;AADe,OAAD,CAAzB;AAKD,KAPM,CAAP;AAQD;;AAEuB,QAAlBgB,kBAAkB,CAACL,IAA+B,GAAG,EAAnC,EAAuC;AAC7D,UAAM;AAAEM,MAAAA,WAAF;AAAe,SAAGC;AAAlB,QAAuCP,IAA7C;;AACA,QAAG,KAAKlG,QAAL,CAAcC,WAAjB,EAA8B;AAC5B;AACA;AACD;;AAED,SAAKD,QAAL,CAAcC,WAAd,GAA4B,IAA5B;;AACA,QAAI;AACF;AACA,UAAIuG,WAAJ,EAAiB;AACf,aAAKE,cAAL,CAAoBF,WAApB;AACD;;AACD,YAAMG,MAAM,GAAG,qBAAc;AAC3B;AACAC,QAAAA,MAAM,EAAE,KAAK3I,OAAL,CAAa2I,MAAb,IAAuB,CAAC,QAAD,EAAW,OAAX,EAAoB,SAApB;AAFJ,OAAd,EAGZH,gBAHY,CAAf;AAIA,YAAM,KAAKrE,KAAL,CAAWZ,eAAX,CAA2BmF,MAA3B,CAAN;AACD,KAVD,SAUU;AACR,WAAK3G,QAAL,CAAcC,WAAd,GAA4B,KAA5B;AACD;AACF,GArRgE,CAuRjE;;;AACAU,EAAAA,YAAY,GAAqB;AAC/B,WAAO,KAAKF,OAAL,CAAaC,KAAb,GAAqB;AAArB,KACN4F,IADM,CACD,YAAY;AAChB;AACA,WAAKb,YAAL,CAAkBoB,KAAlB;AACD,KAJM,EAKNC,KALM,CAKA,UAASC,CAAT,EAAY;AACjB,UAAIA,CAAC,CAAC5H,IAAF,KAAW,cAAX,IAA6B4H,CAAC,CAACC,SAAF,KAAgB,UAAjD,EAA6D;AAC3D;AACA,eAAO,IAAP;AACD;;AACD,YAAMD,CAAN;AACD,KAXM,CAAP;AAYD,GArSgE,CAuSjE;;;AACuB,QAAjBE,iBAAiB,CAACC,WAAD,EAA8C;AACnE,QAAI,CAACA,WAAL,EAAkB;AAChBA,MAAAA,WAAW,GAAG,CAAC,MAAM,KAAKzB,YAAL,CAAkB0B,SAAlB,EAAP,EAAsCD,WAApD;AACA,YAAME,cAAc,GAAG,KAAK3B,YAAL,CAAkB4B,mBAAlB,CAAsC,aAAtC,CAAvB;AACA,WAAK5B,YAAL,CAAkB6B,MAAlB,CAAyBF,cAAzB;AACD,KALkE,CAMnE;;;AACA,QAAI,CAACF,WAAL,EAAkB;AAChB,aAAO,iBAAQK,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKnF,KAAL,CAAWO,MAAX,CAAkBuE,WAAlB,CAAP;AACD,GAnTgE,CAqTjE;;;AACwB,QAAlBM,kBAAkB,CAACC,YAAD,EAAgD;AACtE,QAAI,CAACA,YAAL,EAAmB;AACjBA,MAAAA,YAAY,GAAG,CAAC,MAAM,KAAKhC,YAAL,CAAkB0B,SAAlB,EAAP,EAAsCM,YAArD;AACA,YAAMC,eAAe,GAAG,KAAKjC,YAAL,CAAkB4B,mBAAlB,CAAsC,cAAtC,CAAxB;AACA,WAAK5B,YAAL,CAAkB6B,MAAlB,CAAyBI,eAAzB;AACD,KALqE,CAMtE;;;AACA,QAAI,CAACD,YAAL,EAAmB;AACjB,aAAO,iBAAQF,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKnF,KAAL,CAAWO,MAAX,CAAkB8E,YAAlB,CAAP;AACD;;AAEDE,EAAAA,qBAAqB,CAAC1J,OAAkC,GAAG,EAAtC,EAA0C;AAC7D,QAAI;AACF2J,MAAAA,OADE;AAEFC,MAAAA,qBAFE;AAGFC,MAAAA;AAHE,QAIA7J,OAJJ;;AAKA,QAAI,CAAC2J,OAAL,EAAc;AACZA,MAAAA,OAAO,GAAG,KAAKnC,YAAL,CAAkBsC,aAAlB,GAAkCH,OAA5C;AACD;;AACD,QAAI,CAACA,OAAL,EAAc;AACZ,aAAO,EAAP;AACD;;AACD,QAAI,CAACC,qBAAL,EAA4B;AAC1BA,MAAAA,qBAAqB,GAAG,KAAK5J,OAAL,CAAa4J,qBAArC;AACD;;AAED,UAAMG,SAAS,GAAG,wBAAa,IAAb,EAAmBA,SAArC;AACA,UAAMC,WAAW,GAAGL,OAAO,CAACA,OAA5B,CAjB6D,CAiBxB;;AACrC,QAAIM,SAAS,GAAGF,SAAS,GAAG,iBAAZ,GAAgCG,kBAAkB,CAACF,WAAD,CAAlE;;AACA,QAAIJ,qBAAJ,EAA2B;AACzBK,MAAAA,SAAS,IAAI,+BAA+BC,kBAAkB,CAACN,qBAAD,CAA9D;AACD,KArB4D,CAsB7D;;;AACA,QAAIC,KAAJ,EAAW;AACTI,MAAAA,SAAS,IAAI,YAAYC,kBAAkB,CAACL,KAAD,CAA3C;AACD;;AAED,WAAOI,SAAP;AACD,GA/VgE,CAiWjE;;;AACa,QAAPE,OAAO,CAACnK,OAAD,EAA2B;AACtCA,IAAAA,OAAO,GAAG,qBAAc,EAAd,EAAkBA,OAAlB,CAAV,CADsC,CAGtC;;AACA,QAAIoK,UAAU,GAAGlI,MAAM,CAACC,QAAP,CAAgBC,MAAjC;AACA,QAAIiI,UAAU,GAAGnI,MAAM,CAACC,QAAP,CAAgBmI,IAAjC;AACA,QAAIV,qBAAqB,GAAG5J,OAAO,CAAC4J,qBAAR,IACvB,KAAK5J,OAAL,CAAa4J,qBADU,IAEvBQ,UAFL;AAIA,QAAInB,WAAW,GAAGjJ,OAAO,CAACiJ,WAA1B;AACA,QAAIO,YAAY,GAAGxJ,OAAO,CAACwJ,YAA3B;AACA,QAAIR,iBAAiB,GAAGhJ,OAAO,CAACgJ,iBAAR,KAA8B,KAAtD;AACA,QAAIO,kBAAkB,GAAGvJ,OAAO,CAACuJ,kBAAR,KAA+B,KAAxD;;AAEA,QAAIA,kBAAkB,IAAI,OAAOC,YAAP,KAAwB,WAAlD,EAA+D;AAC7DA,MAAAA,YAAY,GAAG,KAAKhC,YAAL,CAAkBsC,aAAlB,GAAkCN,YAAjD;AACD;;AAED,QAAIR,iBAAiB,IAAI,OAAOC,WAAP,KAAuB,WAAhD,EAA6D;AAC3DA,MAAAA,WAAW,GAAG,KAAKzB,YAAL,CAAkBsC,aAAlB,GAAkCb,WAAhD;AACD;;AAED,QAAI,CAACjJ,OAAO,CAAC2J,OAAb,EAAsB;AACpB3J,MAAAA,OAAO,CAAC2J,OAAR,GAAkB,KAAKnC,YAAL,CAAkBsC,aAAlB,GAAkCH,OAApD;AACD;;AAED,QAAIJ,kBAAkB,IAAIC,YAA1B,EAAwC;AACtC,YAAM,KAAKD,kBAAL,CAAwBC,YAAxB,CAAN;AACD;;AAED,QAAIR,iBAAiB,IAAIC,WAAzB,EAAsC;AACpC,YAAM,KAAKD,iBAAL,CAAuBC,WAAvB,CAAN;AACD;;AAED,UAAMgB,SAAS,GAAG,KAAKP,qBAAL,CAA2B,EAAE,GAAG1J,OAAL;AAAc4J,MAAAA;AAAd,KAA3B,CAAlB,CAnCsC,CAoCtC;AACA;;AACA,QAAI,CAACK,SAAL,EAAgB;AACd;AACA,aAAO,KAAKvH,YAAL,GAAoB;AAApB,OACN2F,IADM,CACD,YAAW;AACf,YAAIuB,qBAAqB,KAAKS,UAA9B,EAA0C;AACxCnI,UAAAA,MAAM,CAACC,QAAP,CAAgBoI,MAAhB,GADwC,CACd;AAC3B,SAFD,MAEO;AACLrI,UAAAA,MAAM,CAACC,QAAP,CAAgBqI,MAAhB,CAAuBZ,qBAAvB;AACD;AACF,OAPM,CAAP;AAQD,KAVD,MAUO;AACL,UAAI5J,OAAO,CAACyK,yBAAZ,EAAuC;AACrC;AACA,aAAKjD,YAAL,CAAkBoB,KAAlB;AACD,OAHD,MAGO;AACL,aAAKpB,YAAL,CAAkBkD,qBAAlB;AACD,OANI,CAOL;;;AACAxI,MAAAA,MAAM,CAACC,QAAP,CAAgBqI,MAAhB,CAAuBP,SAAvB;AACD;AACF;;AAEDU,EAAAA,SAAS,CAAC1C,IAAD,EAAwB;AAC/B,QAAIvE,GAAG,GAAG,2BAA2B,yBAAcuE,IAAd,CAArC;AACA,QAAIjI,OAAO,GAAG;AACZ+H,MAAAA,OAAO,EAAE;AACP,kBAAU;AADH;AADG,KAAd;AAKA,WAAO,eAAI,IAAJ,EAAUrE,GAAV,EAAe1D,OAAf,CAAP;AACD,GAtagE,CAwajE;AACA;AACA;AAEA;AACA;;;AACqB,QAAf4K,eAAe,GAAqB;AAExC,QAAI;AAAE3B,MAAAA,WAAF;AAAeU,MAAAA;AAAf,QAA2B,KAAKnC,YAAL,CAAkBsC,aAAlB,EAA/B;AACA,UAAM;AAAEe,MAAAA,SAAF;AAAaC,MAAAA;AAAb,QAA4B,KAAKtD,YAAL,CAAkBuD,UAAlB,EAAlC;;AAEA,QAAI9B,WAAW,IAAI,KAAKzB,YAAL,CAAkBwD,UAAlB,CAA6B/B,WAA7B,CAAnB,EAA8D;AAC5DA,MAAAA,WAAW,GAAGgC,SAAd;;AACA,UAAIJ,SAAJ,EAAe;AACb,YAAI;AACF5B,UAAAA,WAAW,GAAG,MAAM,KAAKzB,YAAL,CAAkB5C,KAAlB,CAAwB,aAAxB,CAApB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAIkG,UAAJ,EAAgB;AACrB,aAAKtD,YAAL,CAAkB6B,MAAlB,CAAyB,aAAzB;AACD;AACF;;AAED,QAAIM,OAAO,IAAI,KAAKnC,YAAL,CAAkBwD,UAAlB,CAA6BrB,OAA7B,CAAf,EAAsD;AACpDA,MAAAA,OAAO,GAAGsB,SAAV;;AACA,UAAIJ,SAAJ,EAAe;AACb,YAAI;AACFlB,UAAAA,OAAO,GAAG,MAAM,KAAKnC,YAAL,CAAkB5C,KAAlB,CAAwB,SAAxB,CAAhB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAIkG,UAAJ,EAAgB;AACrB,aAAKtD,YAAL,CAAkB6B,MAAlB,CAAyB,SAAzB;AACD;AACF;;AAED,WAAO,CAAC,EAAEJ,WAAW,IAAIU,OAAjB,CAAR;AACD;;AAEY,QAAPuB,OAAO,GAAwB;AACnC,UAAM;AAAEvB,MAAAA,OAAF;AAAWV,MAAAA;AAAX,QAA2B,KAAKzB,YAAL,CAAkBsC,aAAlB,EAAjC;AACA,WAAO,KAAK3F,KAAL,CAAWa,WAAX,CAAuBiE,WAAvB,EAAoCU,OAApC,CAAP;AACD;;AAEDwB,EAAAA,UAAU,GAAuB;AAC/B,UAAM;AAAExB,MAAAA;AAAF,QAAc,KAAKnC,YAAL,CAAkBsC,aAAlB,EAApB;AACA,WAAOH,OAAO,GAAGA,OAAO,CAACA,OAAX,GAAqBsB,SAAnC;AACD;;AAEDG,EAAAA,cAAc,GAAuB;AACnC,UAAM;AAAEnC,MAAAA;AAAF,QAAkB,KAAKzB,YAAL,CAAkBsC,aAAlB,EAAxB;AACA,WAAOb,WAAW,GAAGA,WAAW,CAACA,WAAf,GAA6BgC,SAA/C;AACD;;AAEDI,EAAAA,eAAe,GAAuB;AACpC,UAAM;AAAE7B,MAAAA;AAAF,QAAmB,KAAKhC,YAAL,CAAkBsC,aAAlB,EAAzB;AACA,WAAON,YAAY,GAAGA,YAAY,CAACA,YAAhB,GAA+ByB,SAAlD;AACD;AAED;AACF;AACA;;;AAC+B,QAAvBK,uBAAuB,GAAkB;AAC7C,UAAM;AAAEC,MAAAA;AAAF,QAAa,MAAM,KAAKpH,KAAL,CAAWP,YAAX,EAAzB;AACA,SAAK4D,YAAL,CAAkBgE,SAAlB,CAA4BD,MAA5B;AACD;;AAED9C,EAAAA,cAAc,CAACF,WAAD,EAAsBsB,KAAtB,EAA4C;AACxD;AACA,UAAM4B,cAAc,GAAGC,wBAAeC,iBAAf,EAAvB;;AACAF,IAAAA,cAAc,CAACG,OAAf,CAAuBC,mCAAvB,EAAkDtD,WAAlD,EAHwD,CAKxD;;AACAsB,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAK7J,OAAL,CAAa6J,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMiC,aAAa,GAAG,KAAK7L,cAAL,CAAoB8L,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACF,OAAd,CAAsB/B,KAAtB,EAA6BtB,WAA7B;AACD;AACF;;AAEDyD,EAAAA,cAAc,CAACnC,KAAD,EAAqC;AACjD;AACAA,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAK7J,OAAL,CAAa6J,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMiC,aAAa,GAAG,KAAK7L,cAAL,CAAoB8L,qBAApB,EAAtB;AACA,YAAMxD,WAAW,GAAGuD,aAAa,CAACG,OAAd,CAAsBpC,KAAtB,CAApB;;AACA,UAAItB,WAAJ,EAAiB;AACf,eAAOA,WAAP;AACD;AACF,KATgD,CAWjD;;;AACA,UAAMpH,OAAO,GAAGuK,wBAAeC,iBAAf,EAAhB;;AACA,WAAOxK,OAAO,GAAGA,OAAO,CAAC8K,OAAR,CAAgBJ,mCAAhB,KAA8CZ,SAAjD,GAA6DA,SAA3E;AACD;;AAEDiB,EAAAA,iBAAiB,CAACrC,KAAD,EAAuB;AACtC;AACA,UAAM1I,OAAO,GAAGuK,wBAAeC,iBAAf,EAAhB;;AACAxK,IAAAA,OAAO,CAACgL,UAAR,CAAmBN,mCAAnB,EAHsC,CAKtC;;AACAhC,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAK7J,OAAL,CAAa6J,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMiC,aAAa,GAAG,KAAK7L,cAAL,CAAoB8L,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACK,UAAd,IAA4BL,aAAa,CAACK,UAAd,CAAyBtC,KAAzB,CAA5B;AACD;AACF;;AAED1E,EAAAA,eAAe,GAAY;AACzB,WAAO,2BAAgB,IAAhB,CAAP;AACD;;AAEwB,QAAnBiH,mBAAmB,CAACb,MAAD,EAAkBhD,WAAlB,EAAuD;AAC9E,QAAIsB,KAAK,GAAG,KAAK7J,OAAL,CAAa6J,KAAzB,CAD8E,CAG9E;;AACA,QAAI0B,MAAJ,EAAY;AACV,WAAK/D,YAAL,CAAkBgE,SAAlB,CAA4BD,MAA5B;AACAhD,MAAAA,WAAW,GAAGA,WAAW,IAAI,KAAKyD,cAAL,CAAoB,KAAKhM,OAAL,CAAa6J,KAAjC,CAA7B;AACD,KAHD,MAGO,IAAI,KAAK1E,eAAL,EAAJ,EAA4B;AACjC,UAAI;AACF;AACA,cAAMkH,aAAa,GAAG,MAAM,6CAA0B,IAA1B,EAAgC,EAAhC,CAA5B;AACAxC,QAAAA,KAAK,GAAGwC,aAAa,CAACxC,KAAtB;AACAtB,QAAAA,WAAW,GAAGA,WAAW,IAAI,KAAKyD,cAAL,CAAoBnC,KAApB,CAA7B;AACA,cAAM,KAAKyB,uBAAL,EAAN;AACD,OAND,CAME,OAAMxC,CAAN,EAAS;AACT;AACA,cAAM,KAAKpB,gBAAL,CAAsBE,eAAtB,EAAN;AACA,cAAMkB,CAAN;AACD;AACF,KAZM,MAYA;AACL,aADK,CACG;AACT,KArB6E,CAuB9E;;;AACA,UAAM,KAAKpB,gBAAL,CAAsBE,eAAtB,EAAN,CAxB8E,CA0B9E;;AACA,SAAKsE,iBAAL,CAAuBrC,KAAvB,EA3B8E,CA6B9E;;AACA,UAAM;AAAEyC,MAAAA;AAAF,QAAyB,KAAKtM,OAApC;;AACA,QAAIsM,kBAAJ,EAAwB;AACtB,YAAMA,kBAAkB,CAAC,IAAD,EAAO/D,WAAP,CAAxB;AACD,KAFD,MAEO,IAAIA,WAAJ,EAAiB;AACtBrG,MAAAA,MAAM,CAACC,QAAP,CAAgBoK,OAAhB,CAAwBhE,WAAxB;AACD;AACF;;AAEDiE,EAAAA,MAAM,GAAY;AAChB,WAAO,CAAC,CAAC,KAAKxM,OAAL,CAAauB,IAAtB;AACD;;AAEDkL,EAAAA,eAAe,CAACC,YAAD,EAAgC;AAC7C,QAAID,eAAe,GAAG,KAAtB;;AACA,QAAIE,KAAK,CAACC,OAAN,CAAc,KAAK5M,OAAL,CAAa0M,YAA3B,KAA4C,KAAK1M,OAAL,CAAa0M,YAAb,CAA0BG,MAA1E,EAAkF;AAAA;;AAChFJ,MAAAA,eAAe,GAAG,sCAAKzM,OAAL,CAAa0M,YAAb,iBAAkCA,YAAlC,KAAmD,CAArE;AACD,KAFD,MAEO;AACLD,MAAAA,eAAe,GAAG,KAAKzM,OAAL,CAAa0M,YAAb,KAA8BA,YAAhD;AACD;;AACD,WAAOD,eAAP;AACD;;AAEDK,EAAAA,uBAAuB,GAAY;AACjC,WAAO,KAAKL,eAAL,CAAqB,MAArB,CAAP;AACD,GAhlBgE,CAklBjE;AACA;AACA;AACA;;;AAEAM,EAAAA,eAAe,GAAW;AACxB;AACA;AACA,WAAO,KAAK/M,OAAL,CAAagN,MAAb,CAAqBC,KAArB,CAA2B,UAA3B,EAAuC,CAAvC,CAAP;AACD,GA3lBgE,CA6lBjE;;;AACAC,EAAAA,cAAc,CAACjF,IAAD,EAAiC;AAC7C,WAAO,2BAAkB,IAAlB,EAAwB,iCAAxB,EAA2DA,IAA3D,CAAP;AACD,GAhmBgE,CAkmBjE;;;AACAd,EAAAA,aAAa,CAACc,IAAD,EAAwD;AACnE,WAAO,2BAAkB,IAAlB,EAAwB,+BAAxB,EAAyDA,IAAzD,CAAP;AACD,GArmBgE,CAumBjE;;;AACAkF,EAAAA,mBAAmB,CAAClF,IAAD,EAA6D;AAC9E,WAAO,2BAAkB,IAAlB,EAAwB,8BAAxB,EAAwDA,IAAxD,CAAP;AACD,GA1mBgE,CA4mBjE;;;AACqB,QAAfmF,eAAe,CAACpN,OAAD,EAA4C;AAC/D,QAAI,CAACA,OAAO,CAACiJ,WAAb,EAA0B;AACxB,YAAMA,WAAW,GAAG,CAAC,MAAM,KAAKzB,YAAL,CAAkB0B,SAAlB,EAAP,EAAsCD,WAA1D;AACAjJ,MAAAA,OAAO,CAACiJ,WAAR,GAAsBA,WAAtB,aAAsBA,WAAtB,uBAAsBA,WAAW,CAAEA,WAAnC;AACD;;AACD,WAAO,uBAAY,IAAZ,EAAkBjJ,OAAlB,CAAP;AACD;;AAnnBgE,C,CAsnBnE;;;AACAH,QAAQ,CAACwN,QAAT,GAAoBxN,QAAQ,CAACuD,SAAT,CAAmBiK,QAAnB,GAA8BA,QAAlD,C,CAEA;;AACAxN,QAAQ,CAACyN,MAAT,GAAkBA,MAAlB,C,CAEA;;AACAzN,QAAQ,CAAC0N,QAAT,GAAoBA,QAApB,C,CAEA;;AACA,qBAAc1N,QAAd,EAAwB;AACtB2N,EAAAA;AADsB,CAAxB;eAIe3N,Q","sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* global window */\n\nimport { \n DEFAULT_MAX_CLOCK_SKEW, \n REFERRER_PATH_STORAGE_KEY\n} from './constants';\nimport * as constants from './constants';\nimport {\n OktaAuthInterface,\n OktaAuthOptions, \n AccessToken, \n IDToken,\n RefreshToken,\n TokenAPI, \n FeaturesAPI, \n CryptoAPI,\n WebauthnAPI,\n SignoutAPI, \n FingerprintAPI,\n UserClaims, \n SigninWithRedirectOptions,\n SigninWithCredentialsOptions,\n SignoutOptions,\n Tokens,\n ForgotPasswordOptions,\n VerifyRecoveryTokenOptions,\n TransactionAPI,\n SessionAPI,\n SigninAPI,\n PkceAPI,\n SigninOptions,\n IdxAPI,\n SignoutRedirectUrlOptions,\n HttpAPI,\n FlowIdentifier,\n GetWithRedirectAPI,\n ParseFromUrlInterface,\n GetWithRedirectFunction,\n RequestOptions,\n} from './types';\nimport {\n transactionStatus,\n resumeTransaction,\n transactionExists,\n introspectAuthn,\n postToTransaction,\n AuthTransaction\n} from './tx';\nimport PKCE from './oidc/util/pkce';\nimport {\n closeSession,\n sessionExists,\n getSession,\n refreshSession,\n setCookieAndRedirect\n} from './session';\nimport {\n getOAuthUrls,\n getWithoutPrompt,\n getWithPopup,\n getWithRedirect,\n isLoginRedirect,\n parseFromUrl,\n decodeToken,\n revokeToken,\n renewToken,\n renewTokens,\n renewTokensWithRefresh,\n getUserInfo,\n verifyToken,\n prepareTokenParams,\n exchangeCodeForTokens,\n isInteractionRequiredError,\n isInteractionRequired,\n} from './oidc';\nimport { isBrowser } from './features';\nimport * as features from './features';\nimport * as crypto from './crypto';\nimport * as webauthn from './crypto/webauthn';\nimport browserStorage from './browser/browserStorage';\nimport { \n toQueryString, \n toAbsoluteUrl,\n clone,\n} from './util';\nimport { TokenManager } from './TokenManager';\nimport { get, httpRequest, setRequestHeader } from './http';\nimport PromiseQueue from './PromiseQueue';\nimport fingerprint from './browser/fingerprint';\nimport { AuthStateManager } from './AuthStateManager';\nimport { StorageManager } from './StorageManager';\nimport TransactionManager from './TransactionManager';\nimport { buildOptions } from './options';\nimport {\n interact,\n introspect,\n authenticate,\n cancel,\n poll,\n proceed,\n register,\n recoverPassword,\n unlockAccount,\n startTransaction,\n handleInteractionCodeRedirect,\n canProceed,\n handleEmailVerifyCallback,\n isEmailVerifyCallback,\n parseEmailVerifyCallback,\n isEmailVerifyCallbackError\n} from './idx';\nimport { createGlobalRequestInterceptor, setGlobalRequestInterceptor } from './idx/headers';\nimport { OktaUserAgent } from './OktaUserAgent';\nimport { parseOAuthResponseFromUrl } from './oidc/parseFromUrl';\nimport {\n getSavedTransactionMeta,\n createTransactionMeta,\n getTransactionMeta,\n saveTransactionMeta,\n clearTransactionMeta,\n isTransactionMetaValid\n} from './idx/transactionMeta';\n\n// eslint-disable-next-line import/no-commonjs\nconst Emitter = require('tiny-emitter');\n\nclass OktaAuth implements OktaAuthInterface, SigninAPI, SignoutAPI {\n options: OktaAuthOptions;\n storageManager: StorageManager;\n transactionManager: TransactionManager;\n tx: TransactionAPI;\n idx: IdxAPI;\n session: SessionAPI;\n pkce: PkceAPI;\n static features: FeaturesAPI;\n static crypto: CryptoAPI;\n static webauthn: WebauthnAPI;\n features!: FeaturesAPI;\n token: TokenAPI;\n _tokenQueue: PromiseQueue;\n emitter: typeof Emitter;\n tokenManager: TokenManager;\n authStateManager: AuthStateManager;\n http: HttpAPI;\n fingerprint: FingerprintAPI;\n _oktaUserAgent: OktaUserAgent;\n _pending: { handleLogin: boolean };\n constructor(args: OktaAuthOptions) {\n const options = this.options = buildOptions(args);\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.storageManager = new StorageManager(options.storageManager!, options.cookies!, options.storageUtil!);\n this.transactionManager = new TransactionManager(Object.assign({\n storageManager: this.storageManager,\n }, options.transactionManager));\n this._oktaUserAgent = new OktaUserAgent();\n\n this.tx = {\n status: transactionStatus.bind(null, this),\n resume: resumeTransaction.bind(null, this),\n exists: Object.assign(transactionExists.bind(null, this), {\n _get: (name) => {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const storage = options.storageUtil!.storage;\n return storage.get(name);\n }\n }),\n introspect: introspectAuthn.bind(null, this)\n };\n\n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n\n // Add shims for compatibility, these will be removed in next major version. OKTA-362589\n Object.assign(this.options.storageUtil, {\n getPKCEStorage: this.storageManager.getLegacyPKCEStorage.bind(this.storageManager),\n getHttpCache: this.storageManager.getHttpCache.bind(this.storageManager),\n });\n\n this._pending = { handleLogin: false };\n\n if (isBrowser()) {\n this.options = Object.assign(this.options, {\n redirectUri: toAbsoluteUrl(args.redirectUri, window.location.origin), // allow relative URIs\n });\n }\n\n // Digital clocks will drift over time, so the server\n // can misalign with the time reported by the browser.\n // The maxClockSkew allows relaxing the time-based\n // validation of tokens (in seconds, not milliseconds).\n // It currently defaults to 300, because 5 min is the\n // default maximum tolerance allowed by Kerberos.\n // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n if (!args.maxClockSkew && args.maxClockSkew !== 0) {\n this.options.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n } else {\n this.options.maxClockSkew = args.maxClockSkew;\n }\n\n // As some end user's devices can have their date \n // and time incorrectly set, allow for the disabling\n // of the jwt liftetime validation\n this.options.ignoreLifetime = !!args.ignoreLifetime;\n\n this.session = {\n close: closeSession.bind(null, this),\n exists: sessionExists.bind(null, this),\n get: getSession.bind(null, this),\n refresh: refreshSession.bind(null, this),\n setCookieAndRedirect: setCookieAndRedirect.bind(null, this)\n };\n\n this._tokenQueue = new PromiseQueue();\n const useQueue = (method) => {\n return PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n };\n\n // eslint-disable-next-line max-len\n const getWithRedirectFn = useQueue(getWithRedirect.bind(null, this)) as GetWithRedirectFunction;\n const getWithRedirectApi: GetWithRedirectAPI = Object.assign(getWithRedirectFn, {\n // This is exposed so we can set window.location in our tests\n _setLocation: function(url) {\n window.location = url;\n }\n });\n // eslint-disable-next-line max-len\n const parseFromUrlFn = useQueue(parseFromUrl.bind(null, this)) as ParseFromUrlInterface;\n const parseFromUrlApi: ParseFromUrlInterface = Object.assign(parseFromUrlFn, {\n // This is exposed so we can mock getting window.history in our tests\n _getHistory: function() {\n return window.history;\n },\n\n // This is exposed so we can mock getting window.location in our tests\n _getLocation: function() {\n return window.location;\n },\n\n // This is exposed so we can mock getting window.document in our tests\n _getDocument: function() {\n return window.document;\n }\n });\n this.token = {\n prepareTokenParams: prepareTokenParams.bind(null, this),\n exchangeCodeForTokens: exchangeCodeForTokens.bind(null, this),\n getWithoutPrompt: getWithoutPrompt.bind(null, this),\n getWithPopup: getWithPopup.bind(null, this),\n getWithRedirect: getWithRedirectApi,\n parseFromUrl: parseFromUrlApi,\n decode: decodeToken,\n revoke: revokeToken.bind(null, this),\n renew: renewToken.bind(null, this),\n renewTokensWithRefresh: renewTokensWithRefresh.bind(null, this),\n renewTokens: renewTokens.bind(null, this),\n getUserInfo: getUserInfo.bind(null, this),\n verify: verifyToken.bind(null, this),\n isLoginRedirect: isLoginRedirect.bind(null, this)\n };\n // Wrap all async token API methods using MethodQueue to avoid issues with concurrency\n const syncMethods = [\n // sync methods\n 'decode',\n 'isLoginRedirect',\n // already bound\n 'getWithRedirect',\n 'parseFromUrl'\n ];\n Object.keys(this.token).forEach(key => {\n if (syncMethods.indexOf(key) >= 0) { // sync methods should not be wrapped\n return;\n }\n var method = this.token[key];\n this.token[key] = PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n });\n\n // IDX\n const boundStartTransaction = startTransaction.bind(null, this);\n this.idx = {\n interact: interact.bind(null, this),\n introspect: introspect.bind(null, this),\n authenticate: authenticate.bind(null, this),\n register: register.bind(null, this),\n start: boundStartTransaction,\n startTransaction: boundStartTransaction, // Use `start` instead. `startTransaction` will be removed in 7.0\n poll: poll.bind(null, this),\n proceed: proceed.bind(null, this),\n cancel: cancel.bind(null, this),\n recoverPassword: recoverPassword.bind(null, this),\n\n // oauth redirect callback\n handleInteractionCodeRedirect: handleInteractionCodeRedirect.bind(null, this),\n\n // interaction required callback\n isInteractionRequired: isInteractionRequired.bind(null, this),\n isInteractionRequiredError,\n\n // email verify callback\n handleEmailVerifyCallback: handleEmailVerifyCallback.bind(null, this),\n isEmailVerifyCallback,\n parseEmailVerifyCallback,\n isEmailVerifyCallbackError,\n \n getSavedTransactionMeta: getSavedTransactionMeta.bind(null, this),\n createTransactionMeta: createTransactionMeta.bind(null, this),\n getTransactionMeta: getTransactionMeta.bind(null, this),\n saveTransactionMeta: saveTransactionMeta.bind(null, this),\n clearTransactionMeta: clearTransactionMeta.bind(null, this),\n isTransactionMetaValid,\n setFlow: (flow: FlowIdentifier) => {\n this.options.flow = flow;\n },\n getFlow: (): FlowIdentifier | undefined => {\n return this.options.flow;\n },\n canProceed: canProceed.bind(null, this),\n unlockAccount: unlockAccount.bind(null, this),\n };\n\n setGlobalRequestInterceptor(createGlobalRequestInterceptor(this)); // to pass custom headers to IDX endpoints\n\n // HTTP\n this.http = {\n setRequestHeader: setRequestHeader.bind(null, this)\n };\n\n // Fingerprint API\n this.fingerprint = fingerprint.bind(null, this);\n\n this.emitter = new Emitter();\n\n // TokenManager\n this.tokenManager = new TokenManager(this, args.tokenManager);\n\n // AuthStateManager\n this.authStateManager = new AuthStateManager(this);\n }\n\n start() {\n this.tokenManager.start();\n if (!this.token.isLoginRedirect()) {\n this.authStateManager.updateAuthState();\n }\n }\n\n stop() {\n this.tokenManager.stop();\n }\n\n setHeaders(headers) {\n this.options.headers = Object.assign({}, this.options.headers, headers);\n }\n\n\n // Authn V1\n async signIn(opts: SigninOptions): Promise<AuthTransaction> {\n return this.signInWithCredentials(opts as SigninWithCredentialsOptions);\n }\n\n // Authn V1\n async signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthTransaction> {\n opts = clone(opts || {});\n const _postToTransaction = (options?) => {\n delete opts.sendFingerprint;\n return postToTransaction(this, '/api/v1/authn', opts, options);\n };\n if (!opts.sendFingerprint) {\n return _postToTransaction();\n }\n return this.fingerprint()\n .then(function(fingerprint) {\n return _postToTransaction({\n headers: {\n 'X-Device-Fingerprint': fingerprint\n }\n });\n });\n }\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n\n // Ends the current Okta SSO session without redirecting to Okta.\n closeSession(): Promise<unknown> {\n return this.session.close() // DELETE /api/v1/sessions/me\n .then(async () => {\n // Clear all local tokens\n this.tokenManager.clear();\n })\n .catch(function(e) {\n if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n // Session does not exist or has already been closed\n return null;\n }\n throw e;\n });\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n if (!accessToken) {\n accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n if (!refreshToken) {\n refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (!postLogoutRedirectUri) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n async signOut(options?: SignoutOptions) {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n var defaultUri = window.location.origin;\n var currentUri = window.location.href;\n var postLogoutRedirectUri = options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri;\n \n var accessToken = options.accessToken;\n var refreshToken = options.refreshToken;\n var revokeAccessToken = options.revokeAccessToken !== false;\n var revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n // local tokens are cleared once session is closed\n return this.closeSession() // can throw if the user cannot be signed out\n .then(function() {\n if (postLogoutRedirectUri === currentUri) {\n window.location.reload(); // force a hard reload if URI is not changing\n } else {\n window.location.assign(postLogoutRedirectUri);\n }\n });\n } else {\n if (options.clearTokensBeforeRedirect) {\n // Clear all local tokens\n this.tokenManager.clear();\n } else {\n this.tokenManager.addPendingRemoveFlags();\n }\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n }\n }\n\n webfinger(opts): Promise<object> {\n var url = '/.well-known/webfinger' + toQueryString(opts);\n var options = {\n headers: {\n 'Accept': 'application/jrd+json'\n }\n };\n return get(this, url, options);\n }\n\n //\n // Common Methods from downstream SDKs\n //\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n async isAuthenticated(): Promise<boolean> {\n\n let { accessToken, idToken } = this.tokenManager.getTokensSync();\n const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = undefined;\n if (autoRenew) {\n try {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (autoRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = undefined;\n if (autoRenew) {\n try {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (autoRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n async getUser(): Promise<UserClaims> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n\n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n\n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n\n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n\n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens } = await this.token.parseFromUrl();\n this.tokenManager.setTokens(tokens);\n }\n\n setOriginalUri(originalUri: string, state?: string): void {\n // always store in session storage\n const sessionStorage = browserStorage.getSessionStorage();\n sessionStorage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n\n // to support multi-tab flows, set a state in constructor or pass as param\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n sharedStorage.setItem(state, originalUri);\n }\n }\n\n getOriginalUri(state?: string): string | undefined {\n // Prefer shared storage (if state is available)\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n const originalUri = sharedStorage.getItem(state);\n if (originalUri) {\n return originalUri;\n }\n }\n\n // Try to load from session storage\n const storage = browserStorage.getSessionStorage();\n return storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) || undefined : undefined;\n }\n\n removeOriginalUri(state?: string): void {\n // Remove from sessionStorage\n const storage = browserStorage.getSessionStorage();\n storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n\n // Also remove from shared storage\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n sharedStorage.removeItem && sharedStorage.removeItem(state);\n }\n }\n\n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n let state = this.options.state;\n\n // Store tokens and update AuthState by the emitted events\n if (tokens) {\n this.tokenManager.setTokens(tokens);\n originalUri = originalUri || this.getOriginalUri(this.options.state);\n } else if (this.isLoginRedirect()) {\n try {\n // For redirect flow, get state from the URL and use it to retrieve the originalUri\n const oAuthResponse = await parseOAuthResponseFromUrl(this, {});\n state = oAuthResponse.state;\n originalUri = originalUri || this.getOriginalUri(state);\n await this.storeTokensFromRedirect();\n } catch(e) {\n // auth state should be updated\n await this.authStateManager.updateAuthState();\n throw e;\n }\n } else {\n return; // nothing to do\n }\n \n // ensure auth state has been updated\n await this.authStateManager.updateAuthState();\n\n // clear originalUri from storage\n this.removeOriginalUri(state);\n\n // Redirect to originalUri\n const { restoreOriginalUri } = this.options;\n if (restoreOriginalUri) {\n await restoreOriginalUri(this, originalUri);\n } else if (originalUri) {\n window.location.replace(originalUri);\n }\n }\n\n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n\n hasResponseType(responseType: string): boolean {\n let hasResponseType = false;\n if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = this.options.responseType === responseType;\n }\n return hasResponseType;\n }\n\n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // { username, password, (relayState), (context) }\n // signIn(opts: SignInWithCredentialsOptions): Promise<AuthTransaction> {\n // return postToTransaction(this, '/api/v1/authn', opts);\n // }\n\n getIssuerOrigin(): string {\n // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return this.options.issuer!.split('/oauth2/')[0];\n }\n\n // { username, (relayState) }\n forgotPassword(opts): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/password', opts);\n }\n\n // { username, (relayState) }\n unlockAccount(opts: ForgotPasswordOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/unlock', opts);\n }\n\n // { recoveryToken }\n verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/token', opts);\n }\n\n // Escape hatch method to make arbitrary OKTA API call\n async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n if (!options.accessToken) {\n const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n options.accessToken = accessToken?.accessToken;\n }\n return httpRequest(this, options);\n }\n}\n\n// Hoist feature detection functions to static type\nOktaAuth.features = OktaAuth.prototype.features = features;\n\n// Hoist crypto utils to static type\nOktaAuth.crypto = crypto;\n\n// Hoist webauthn utils to static type\nOktaAuth.webauthn = webauthn;\n\n// Also hoist constants for CommonJS users\nObject.assign(OktaAuth, {\n constants\n});\n\nexport default OktaAuth;"],"file":"OktaAuth.js"}
package/cjs/OktaUserAgent.js CHANGED
@@ -21,7 +21,7 @@ var _features = require("./features");
21
21
  class OktaUserAgent {
22
22
  constructor() {
23
23
  // add base sdk env
24
- this.environments = [`okta-auth-js/${"6.0.0"}`];
24
+ this.environments = [`okta-auth-js/${"6.1.0"}`];
25
25
  }
26
26
 
27
27
  addEnvironment(env) {
@@ -36,7 +36,7 @@ class OktaUserAgent {
36
36
  }
37
37
 
38
38
  getVersion() {
39
- return "6.0.0";
39
+ return "6.1.0";
40
40
  }
41
41
 
42
42
  maybeAddNodeEnvironment() {
package/cjs/PromiseQueue.js CHANGED
@@ -1,7 +1,11 @@
1
1
  "use strict";
2
2
 
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
+
3
5
  exports.default = void 0;
4
6
 
7
+ var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));
8
+
5
9
  var _util = require("./util");
6
10
 
7
11
  /*!
@@ -28,7 +32,7 @@ class PromiseQueue {
28
32
 
29
33
 
30
34
  push(method, thisObject, ...args) {
31
- return new Promise((resolve, reject) => {
35
+ return new _promise.default((resolve, reject) => {
32
36
  if (this.queue.length > 0) {
33
37
  (0, _util.warn)('Async method is being called but another async method is already running. ' + 'The new method will be delayed until the previous method completes.');
34
38
  }
package/cjs/PromiseQueue.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/PromiseQueue.ts"],"names":["PromiseQueue","constructor","queue","running","push","method","thisObject","args","Promise","resolve","reject","length","run","queueItem","shift","res","apply","then","finally"],"mappings":";;;;AAgBA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AAYA,MAAMA,YAAN,CAAmB;AAIjBC,EAAAA,WAAW,GAAG;AACZ,SAAKC,KAAL,GAAa,EAAb;AACA,SAAKC,OAAL,GAAe,KAAf;AACD,GAPgB,CASjB;AACA;AACA;;;AACAC,EAAAA,IAAI,CAACC,MAAD,EAAqBC,UAArB,EAAyC,GAAGC,IAA5C,EAAyD;AAC3D,WAAO,IAAIC,OAAJ,CAAY,CAACC,OAAD,EAAUC,MAAV,KAAqB;AACtC,UAAI,KAAKR,KAAL,CAAWS,MAAX,GAAoB,CAAxB,EAA2B;AACzB,wBACE,+EACA,qEAFF;AAID;;AACD,WAAKT,KAAL,CAAWE,IAAX,CAAgB;AACdC,QAAAA,MADc;AAEdC,QAAAA,UAFc;AAGdC,QAAAA,IAHc;AAIdE,QAAAA,OAJc;AAKdC,QAAAA;AALc,OAAhB;AAOA,WAAKE,GAAL;AACD,KAfM,CAAP;AAgBD;;AAEDA,EAAAA,GAAG,GAAG;AACJ,QAAI,KAAKT,OAAT,EAAkB;AAChB;AACD;;AACD,QAAI,KAAKD,KAAL,CAAWS,MAAX,KAAsB,CAA1B,EAA6B;AAC3B;AACD;;AACD,SAAKR,OAAL,GAAe,IAAf,CAPI,CAQJ;;AACA,QAAIU,SAAS,GAAG,KAAKX,KAAL,CAAWY,KAAX,EAAhB;AACA,QAAIC,GAAG,GAAGF,SAAS,CAACR,MAAV,CAAiBW,KAAjB,CAAuBH,SAAS,CAACP,UAAjC,EAA6CO,SAAS,CAACN,IAAvD,CAAV;;AACA,QAAI,qBAAUQ,GAAV,CAAJ,EAAoB;AACjBA,MAAAA,GAAD,CAA0BE,IAA1B,CAA+BJ,SAAS,CAACJ,OAAzC,EAAkDI,SAAS,CAACH,MAA5D,EAAoEQ,OAApE,CAA4E,MAAM;AAChF,aAAKf,OAAL,GAAe,KAAf;AACA,aAAKS,GAAL;AACD,OAHD;AAID,KALD,MAKO;AACLC,MAAAA,SAAS,CAACJ,OAAV,CAAkBM,GAAlB;AACA,WAAKZ,OAAL,GAAe,KAAf;AACA,WAAKS,GAAL;AACD;AACF;;AApDgB;;eAuDJZ,Y","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n// Implements a queue for synchronous or asynchronous methods\n// Methods will be wrapped in a promise and execute sequentially\n// This can be used to prevent concurrent calls to a single method or a set of methods\n\nimport { isPromise, warn } from './util';\n\ninterface QueueItem {\n method: () => void;\n thisObject: object;\n args: any[];\n resolve: (value?: unknown) => void;\n reject: (reason?: unknown) => void;\n}\n\nclass PromiseQueue {\n queue: QueueItem[];\n running: boolean;\n\n constructor() {\n this.queue = [];\n this.running = false;\n }\n\n // Returns a promise\n // If the method is synchronous, it will resolve when the method completes\n // If the method returns a promise, it will resolve (or reject) with the value from the method's promise\n push(method: () => void, thisObject: object, ...args: any[]) {\n return new Promise((resolve, reject) => {\n if (this.queue.length > 0) {\n warn(\n 'Async method is being called but another async method is already running. ' +\n 'The new method will be delayed until the previous method completes.'\n );\n }\n this.queue.push({\n method,\n thisObject,\n args,\n resolve,\n reject\n });\n this.run();\n });\n }\n\n run() {\n if (this.running) {\n return;\n }\n if (this.queue.length === 0) {\n return;\n }\n this.running = true;\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n var queueItem = this.queue.shift()!;\n var res = queueItem.method.apply(queueItem.thisObject, queueItem.args as never) as unknown;\n if (isPromise(res)) {\n (res as Promise<unknown>).then(queueItem.resolve, queueItem.reject).finally(() => {\n this.running = false;\n this.run();\n });\n } else {\n queueItem.resolve(res);\n this.running = false;\n this.run();\n }\n }\n}\n\nexport default PromiseQueue;"],"file":"PromiseQueue.js"}
1
+ {"version":3,"sources":["../../lib/PromiseQueue.ts"],"names":["PromiseQueue","constructor","queue","running","push","method","thisObject","args","resolve","reject","length","run","queueItem","shift","res","apply","then","finally"],"mappings":";;;;;;;;AAgBA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AAYA,MAAMA,YAAN,CAAmB;AAIjBC,EAAAA,WAAW,GAAG;AACZ,SAAKC,KAAL,GAAa,EAAb;AACA,SAAKC,OAAL,GAAe,KAAf;AACD,GAPgB,CASjB;AACA;AACA;;;AACAC,EAAAA,IAAI,CAACC,MAAD,EAAqBC,UAArB,EAAyC,GAAGC,IAA5C,EAAyD;AAC3D,WAAO,qBAAY,CAACC,OAAD,EAAUC,MAAV,KAAqB;AACtC,UAAI,KAAKP,KAAL,CAAWQ,MAAX,GAAoB,CAAxB,EAA2B;AACzB,wBACE,+EACA,qEAFF;AAID;;AACD,WAAKR,KAAL,CAAWE,IAAX,CAAgB;AACdC,QAAAA,MADc;AAEdC,QAAAA,UAFc;AAGdC,QAAAA,IAHc;AAIdC,QAAAA,OAJc;AAKdC,QAAAA;AALc,OAAhB;AAOA,WAAKE,GAAL;AACD,KAfM,CAAP;AAgBD;;AAEDA,EAAAA,GAAG,GAAG;AACJ,QAAI,KAAKR,OAAT,EAAkB;AAChB;AACD;;AACD,QAAI,KAAKD,KAAL,CAAWQ,MAAX,KAAsB,CAA1B,EAA6B;AAC3B;AACD;;AACD,SAAKP,OAAL,GAAe,IAAf,CAPI,CAQJ;;AACA,QAAIS,SAAS,GAAG,KAAKV,KAAL,CAAWW,KAAX,EAAhB;AACA,QAAIC,GAAG,GAAGF,SAAS,CAACP,MAAV,CAAiBU,KAAjB,CAAuBH,SAAS,CAACN,UAAjC,EAA6CM,SAAS,CAACL,IAAvD,CAAV;;AACA,QAAI,qBAAUO,GAAV,CAAJ,EAAoB;AACjBA,MAAAA,GAAD,CAA0BE,IAA1B,CAA+BJ,SAAS,CAACJ,OAAzC,EAAkDI,SAAS,CAACH,MAA5D,EAAoEQ,OAApE,CAA4E,MAAM;AAChF,aAAKd,OAAL,GAAe,KAAf;AACA,aAAKQ,GAAL;AACD,OAHD;AAID,KALD,MAKO;AACLC,MAAAA,SAAS,CAACJ,OAAV,CAAkBM,GAAlB;AACA,WAAKX,OAAL,GAAe,KAAf;AACA,WAAKQ,GAAL;AACD;AACF;;AApDgB;;eAuDJX,Y","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n// Implements a queue for synchronous or asynchronous methods\n// Methods will be wrapped in a promise and execute sequentially\n// This can be used to prevent concurrent calls to a single method or a set of methods\n\nimport { isPromise, warn } from './util';\n\ninterface QueueItem {\n method: () => void;\n thisObject: object;\n args: any[];\n resolve: (value?: unknown) => void;\n reject: (reason?: unknown) => void;\n}\n\nclass PromiseQueue {\n queue: QueueItem[];\n running: boolean;\n\n constructor() {\n this.queue = [];\n this.running = false;\n }\n\n // Returns a promise\n // If the method is synchronous, it will resolve when the method completes\n // If the method returns a promise, it will resolve (or reject) with the value from the method's promise\n push(method: () => void, thisObject: object, ...args: any[]) {\n return new Promise((resolve, reject) => {\n if (this.queue.length > 0) {\n warn(\n 'Async method is being called but another async method is already running. ' +\n 'The new method will be delayed until the previous method completes.'\n );\n }\n this.queue.push({\n method,\n thisObject,\n args,\n resolve,\n reject\n });\n this.run();\n });\n }\n\n run() {\n if (this.running) {\n return;\n }\n if (this.queue.length === 0) {\n return;\n }\n this.running = true;\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n var queueItem = this.queue.shift()!;\n var res = queueItem.method.apply(queueItem.thisObject, queueItem.args as never) as unknown;\n if (isPromise(res)) {\n (res as Promise<unknown>).then(queueItem.resolve, queueItem.reject).finally(() => {\n this.running = false;\n this.run();\n });\n } else {\n queueItem.resolve(res);\n this.running = false;\n this.run();\n }\n }\n}\n\nexport default PromiseQueue;"],"file":"PromiseQueue.js"}
package/cjs/SavedObject.js CHANGED
@@ -1,9 +1,11 @@
1
1
  "use strict";
2
2
 
3
- var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
4
 
5
5
  exports.default = void 0;
6
6
 
7
+ var _stringify = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/json/stringify"));
8
+
7
9
  var _AuthSdkError = _interopRequireDefault(require("./errors/AuthSdkError"));
8
10
 
9
11
  /*!
@@ -64,7 +66,7 @@ class SavedObject {
64
66
 
65
67
  setStorage(obj) {
66
68
  try {
67
- var storageString = obj ? JSON.stringify(obj) : '{}';
69
+ var storageString = obj ? (0, _stringify.default)(obj) : '{}';
68
70
  this.storageProvider.setItem(this.storageName, storageString);
69
71
  } catch (e) {
70
72
  throw new _AuthSdkError.default('Unable to set storage: ' + this.storageName);
package/cjs/SavedObject.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/SavedObject.ts"],"names":["SavedObject","constructor","storage","storageName","AuthSdkError","length","storageProvider","getItem","key","getStorage","setItem","value","updateStorage","removeItem","clearStorage","storageString","JSON","parse","e","setStorage","obj","stringify"],"mappings":";;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACe,MAAMA,WAAN,CAA6C;AAI1DC,EAAAA,WAAW,CAACC,OAAD,EAAyBC,WAAzB,EAA8C;AACvD,QAAI,CAACD,OAAL,EAAc;AACZ,YAAM,IAAIE,qBAAJ,CAAiB,uBAAjB,CAAN;AACD;;AAED,QAAI,OAAOD,WAAP,KAAuB,QAAvB,IAAmC,CAACA,WAAW,CAACE,MAApD,EAA4D;AAC1D,YAAM,IAAID,qBAAJ,CAAiB,2BAAjB,CAAN;AACD;;AAED,SAAKD,WAAL,GAAmBA,WAAnB;AACA,SAAKG,eAAL,GAAuBJ,OAAvB;AACD,GAfyD,CAiB1D;AACA;AACA;;;AAEAK,EAAAA,OAAO,CAACC,GAAD,EAAc;AACnB,WAAO,KAAKC,UAAL,GAAkBD,GAAlB,CAAP;AACD;;AAEDE,EAAAA,OAAO,CAACF,GAAD,EAAcG,KAAd,EAA0B;AAC/B,WAAO,KAAKC,aAAL,CAAmBJ,GAAnB,EAAwBG,KAAxB,CAAP;AACD;;AAEDE,EAAAA,UAAU,CAACL,GAAD,EAAc;AACtB,WAAO,KAAKM,YAAL,CAAkBN,GAAlB,CAAP;AACD,GA/ByD,CAiC1D;AACA;AACA;;;AAEAC,EAAAA,UAAU,GAAG;AACX,QAAIM,aAAa,GAAG,KAAKT,eAAL,CAAqBC,OAArB,CAA6B,KAAKJ,WAAlC,CAApB;AACAY,IAAAA,aAAa,GAAGA,aAAa,IAAI,IAAjC;;AACA,QAAI;AACF,aAAOC,IAAI,CAACC,KAAL,CAAWF,aAAX,CAAP;AACD,KAFD,CAEE,OAAMG,CAAN,EAAS;AACT,YAAM,IAAId,qBAAJ,CAAiB,qCAAqC,KAAKD,WAA3D,CAAN;AACD;AACF;;AAEDgB,EAAAA,UAAU,CAACC,GAAD,EAAY;AACpB,QAAI;AACF,UAAIL,aAAa,GAAGK,GAAG,GAAGJ,IAAI,CAACK,SAAL,CAAeD,GAAf,CAAH,GAAyB,IAAhD;AACA,WAAKd,eAAL,CAAqBI,OAArB,CAA6B,KAAKP,WAAlC,EAA+CY,aAA/C;AACD,KAHD,CAGE,OAAMG,CAAN,EAAS;AACT,YAAM,IAAId,qBAAJ,CAAiB,4BAA4B,KAAKD,WAAlD,CAAN;AACD;AACF;;AAEDW,EAAAA,YAAY,CAACN,GAAD,EAAe;AACzB,QAAI,CAACA,GAAL,EAAU;AACR;AACA,UAAI,KAAKF,eAAL,CAAqBO,UAAzB,EAAqC;AACnC,aAAKP,eAAL,CAAqBO,UAArB,CAAgC,KAAKV,WAArC;AACD,OAFD,MAEO;AACL,aAAKgB,UAAL;AACD;;AACD;AACD;;AAED,QAAIC,GAAG,GAAG,KAAKX,UAAL,EAAV;AACA,WAAOW,GAAG,CAACZ,GAAD,CAAV;AACA,SAAKW,UAAL,CAAgBC,GAAhB;AACD;;AAEDR,EAAAA,aAAa,CAACJ,GAAD,EAAMG,KAAN,EAAa;AACxB,QAAIS,GAAG,GAAG,KAAKX,UAAL,EAAV;AACAW,IAAAA,GAAG,CAACZ,GAAD,CAAH,GAAWG,KAAX;AACA,SAAKQ,UAAL,CAAgBC,GAAhB;AACD;;AA5EyD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { StorageProvider, SimpleStorage } from './types';\n\n// formerly known as \"storageBuilder\". Represents an object saved under a key/name.\nexport default class SavedObject implements StorageProvider {\n storageProvider: SimpleStorage;\n storageName: string;\n\n constructor(storage: SimpleStorage, storageName: string) {\n if (!storage) {\n throw new AuthSdkError('\"storage\" is required');\n }\n\n if (typeof storageName !== 'string' || !storageName.length) {\n throw new AuthSdkError('\"storageName\" is required');\n }\n\n this.storageName = storageName;\n this.storageProvider = storage;\n }\n\n //\n // SimpleStorage interface\n //\n\n getItem(key: string) {\n return this.getStorage()[key];\n }\n\n setItem(key: string, value: any) {\n return this.updateStorage(key, value);\n }\n\n removeItem(key: string) {\n return this.clearStorage(key);\n }\n\n //\n // StorageProvider interface\n //\n\n getStorage() {\n var storageString = this.storageProvider.getItem(this.storageName);\n storageString = storageString || '{}';\n try {\n return JSON.parse(storageString);\n } catch(e) {\n throw new AuthSdkError('Unable to parse storage string: ' + this.storageName);\n }\n }\n\n setStorage(obj?: any) {\n try {\n var storageString = obj ? JSON.stringify(obj) : '{}';\n this.storageProvider.setItem(this.storageName, storageString);\n } catch(e) {\n throw new AuthSdkError('Unable to set storage: ' + this.storageName);\n }\n }\n\n clearStorage(key?: string) {\n if (!key) {\n // clear all\n if (this.storageProvider.removeItem) {\n this.storageProvider.removeItem(this.storageName);\n } else {\n this.setStorage();\n }\n return;\n }\n\n var obj = this.getStorage();\n delete obj[key];\n this.setStorage(obj);\n }\n\n updateStorage(key, value) {\n var obj = this.getStorage();\n obj[key] = value;\n this.setStorage(obj);\n }\n}\n"],"file":"SavedObject.js"}
1
+ {"version":3,"sources":["../../lib/SavedObject.ts"],"names":["SavedObject","constructor","storage","storageName","AuthSdkError","length","storageProvider","getItem","key","getStorage","setItem","value","updateStorage","removeItem","clearStorage","storageString","JSON","parse","e","setStorage","obj"],"mappings":";;;;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACe,MAAMA,WAAN,CAA6C;AAI1DC,EAAAA,WAAW,CAACC,OAAD,EAAyBC,WAAzB,EAA8C;AACvD,QAAI,CAACD,OAAL,EAAc;AACZ,YAAM,IAAIE,qBAAJ,CAAiB,uBAAjB,CAAN;AACD;;AAED,QAAI,OAAOD,WAAP,KAAuB,QAAvB,IAAmC,CAACA,WAAW,CAACE,MAApD,EAA4D;AAC1D,YAAM,IAAID,qBAAJ,CAAiB,2BAAjB,CAAN;AACD;;AAED,SAAKD,WAAL,GAAmBA,WAAnB;AACA,SAAKG,eAAL,GAAuBJ,OAAvB;AACD,GAfyD,CAiB1D;AACA;AACA;;;AAEAK,EAAAA,OAAO,CAACC,GAAD,EAAc;AACnB,WAAO,KAAKC,UAAL,GAAkBD,GAAlB,CAAP;AACD;;AAEDE,EAAAA,OAAO,CAACF,GAAD,EAAcG,KAAd,EAA0B;AAC/B,WAAO,KAAKC,aAAL,CAAmBJ,GAAnB,EAAwBG,KAAxB,CAAP;AACD;;AAEDE,EAAAA,UAAU,CAACL,GAAD,EAAc;AACtB,WAAO,KAAKM,YAAL,CAAkBN,GAAlB,CAAP;AACD,GA/ByD,CAiC1D;AACA;AACA;;;AAEAC,EAAAA,UAAU,GAAG;AACX,QAAIM,aAAa,GAAG,KAAKT,eAAL,CAAqBC,OAArB,CAA6B,KAAKJ,WAAlC,CAApB;AACAY,IAAAA,aAAa,GAAGA,aAAa,IAAI,IAAjC;;AACA,QAAI;AACF,aAAOC,IAAI,CAACC,KAAL,CAAWF,aAAX,CAAP;AACD,KAFD,CAEE,OAAMG,CAAN,EAAS;AACT,YAAM,IAAId,qBAAJ,CAAiB,qCAAqC,KAAKD,WAA3D,CAAN;AACD;AACF;;AAEDgB,EAAAA,UAAU,CAACC,GAAD,EAAY;AACpB,QAAI;AACF,UAAIL,aAAa,GAAGK,GAAG,GAAG,wBAAeA,GAAf,CAAH,GAAyB,IAAhD;AACA,WAAKd,eAAL,CAAqBI,OAArB,CAA6B,KAAKP,WAAlC,EAA+CY,aAA/C;AACD,KAHD,CAGE,OAAMG,CAAN,EAAS;AACT,YAAM,IAAId,qBAAJ,CAAiB,4BAA4B,KAAKD,WAAlD,CAAN;AACD;AACF;;AAEDW,EAAAA,YAAY,CAACN,GAAD,EAAe;AACzB,QAAI,CAACA,GAAL,EAAU;AACR;AACA,UAAI,KAAKF,eAAL,CAAqBO,UAAzB,EAAqC;AACnC,aAAKP,eAAL,CAAqBO,UAArB,CAAgC,KAAKV,WAArC;AACD,OAFD,MAEO;AACL,aAAKgB,UAAL;AACD;;AACD;AACD;;AAED,QAAIC,GAAG,GAAG,KAAKX,UAAL,EAAV;AACA,WAAOW,GAAG,CAACZ,GAAD,CAAV;AACA,SAAKW,UAAL,CAAgBC,GAAhB;AACD;;AAEDR,EAAAA,aAAa,CAACJ,GAAD,EAAMG,KAAN,EAAa;AACxB,QAAIS,GAAG,GAAG,KAAKX,UAAL,EAAV;AACAW,IAAAA,GAAG,CAACZ,GAAD,CAAH,GAAWG,KAAX;AACA,SAAKQ,UAAL,CAAgBC,GAAhB;AACD;;AA5EyD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { StorageProvider, SimpleStorage } from './types';\n\n// formerly known as \"storageBuilder\". Represents an object saved under a key/name.\nexport default class SavedObject implements StorageProvider {\n storageProvider: SimpleStorage;\n storageName: string;\n\n constructor(storage: SimpleStorage, storageName: string) {\n if (!storage) {\n throw new AuthSdkError('\"storage\" is required');\n }\n\n if (typeof storageName !== 'string' || !storageName.length) {\n throw new AuthSdkError('\"storageName\" is required');\n }\n\n this.storageName = storageName;\n this.storageProvider = storage;\n }\n\n //\n // SimpleStorage interface\n //\n\n getItem(key: string) {\n return this.getStorage()[key];\n }\n\n setItem(key: string, value: any) {\n return this.updateStorage(key, value);\n }\n\n removeItem(key: string) {\n return this.clearStorage(key);\n }\n\n //\n // StorageProvider interface\n //\n\n getStorage() {\n var storageString = this.storageProvider.getItem(this.storageName);\n storageString = storageString || '{}';\n try {\n return JSON.parse(storageString);\n } catch(e) {\n throw new AuthSdkError('Unable to parse storage string: ' + this.storageName);\n }\n }\n\n setStorage(obj?: any) {\n try {\n var storageString = obj ? JSON.stringify(obj) : '{}';\n this.storageProvider.setItem(this.storageName, storageString);\n } catch(e) {\n throw new AuthSdkError('Unable to set storage: ' + this.storageName);\n }\n }\n\n clearStorage(key?: string) {\n if (!key) {\n // clear all\n if (this.storageProvider.removeItem) {\n this.storageProvider.removeItem(this.storageName);\n } else {\n this.setStorage();\n }\n return;\n }\n\n var obj = this.getStorage();\n delete obj[key];\n this.setStorage(obj);\n }\n\n updateStorage(key, value) {\n var obj = this.getStorage();\n obj[key] = value;\n this.setStorage(obj);\n }\n}\n"],"file":"SavedObject.js"}
package/cjs/StorageManager.js CHANGED
@@ -1,8 +1,14 @@
1
1
  "use strict";
2
2
 
3
- var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
4
 
5
- exports.default = void 0;
5
+ exports.StorageManager = void 0;
6
+
7
+ var _assign = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/assign"));
8
+
9
+ var _indexOf = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/index-of"));
10
+
11
+ var _slice = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/slice"));
6
12
 
7
13
  var _constants = require("./constants");
8
14
 
@@ -41,13 +47,13 @@ class StorageManager {
41
47
 
42
48
 
43
49
  getOptionsForSection(sectionName, overrideOptions) {
44
- return Object.assign({}, this.storageManagerOptions[sectionName], overrideOptions);
50
+ return (0, _assign.default)({}, this.storageManagerOptions[sectionName], overrideOptions);
45
51
  } // generic method to get any available storage provider
46
52
  // eslint-disable-next-line complexity
47
53
 
48
54
 
49
55
  getStorage(options) {
50
- options = Object.assign({}, this.cookieOptions, options); // set defaults
56
+ options = (0, _assign.default)({}, this.cookieOptions, options); // set defaults
51
57
 
52
58
  if (options.storageProvider) {
53
59
  return options.storageProvider;
@@ -64,10 +70,10 @@ class StorageManager {
64
70
 
65
71
 
66
72
  if (storageType && storageTypes) {
67
- const idx = storageTypes.indexOf(storageType);
73
+ const idx = (0, _indexOf.default)(storageTypes).call(storageTypes, storageType);
68
74
 
69
75
  if (idx >= 0) {
70
- storageTypes = storageTypes.slice(idx);
76
+ storageTypes = (0, _slice.default)(storageTypes).call(storageTypes, idx);
71
77
  storageType = undefined;
72
78
  }
73
79
  }
@@ -200,6 +206,5 @@ class StorageManager {
200
206
 
201
207
  }
202
208
 
203
- exports.default = StorageManager;
204
- module.exports = exports.default;
209
+ exports.StorageManager = StorageManager;
205
210
  //# sourceMappingURL=StorageManager.js.map
package/cjs/StorageManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/StorageManager.ts"],"names":["logServerSideMemoryStorageWarning","options","storageProvider","StorageManager","constructor","storageManagerOptions","cookieOptions","storageUtil","getOptionsForSection","sectionName","overrideOptions","Object","assign","getStorage","storageType","storageTypes","sessionCookie","idx","indexOf","slice","undefined","findStorageType","getStorageByType","getTransactionStorage","storage","storageKey","TRANSACTION_STORAGE_NAME","SavedObject","getSharedTansactionStorage","SHARED_TRANSACTION_STORAGE_NAME","getOriginalUriStorage","ORIGINAL_URI_STORAGE_NAME","getIdxResponseStorage","e","transactionStorage","getItem","key","transaction","setItem","val","AuthSdkError","setStorage","removeItem","IDX_RESPONSE_STORAGE_NAME","getTokenStorage","TOKEN_STORAGE_NAME","getHttpCache","CACHE_STORAGE_NAME","getLegacyPKCEStorage","PKCE_STORAGE_NAME","getLegacyOAuthParamsStorage","REDIRECT_OAUTH_PARAMS_NAME"],"mappings":";;;;;;AAcA;;AAqBA;;AACA;;AACA;;AACA;;AAtCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA8BA,SAASA,iCAAT,CAA2CC,OAA3C,EAAoE;AAClE,MAAI,CAAC,0BAAD,IAAgB,CAACA,OAAO,CAACC,eAAzB,IAA4C,CAACD,OAAO,CAACC,eAAzD,EAA0E;AACxE;AACA,oBAAK,6KAAL;AACD;AACF;;AAEc,MAAMC,cAAN,CAAqB;AAKlCC,EAAAA,WAAW,CAACC,qBAAD,EAA+CC,aAA/C,EAA6EC,WAA7E,EAAuG;AAChH,SAAKF,qBAAL,GAA6BA,qBAA7B;AACA,SAAKC,aAAL,GAAqBA,aAArB;AACA,SAAKC,WAAL,GAAmBA,WAAnB;AACD,GATiC,CAWlC;;;AACAC,EAAAA,oBAAoB,CAACC,WAAD,EAAsBC,eAAtB,EAAwD;AAC1E,WAAOC,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,KAAKP,qBAAL,CAA2BI,WAA3B,CAAlB,EAA2DC,eAA3D,CAAP;AACD,GAdiC,CAgBlC;AACA;;;AACAG,EAAAA,UAAU,CAACZ,OAAD,EAAyC;AACjDA,IAAAA,OAAO,GAAGU,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,KAAKN,aAAvB,EAAsCL,OAAtC,CAAV,CADiD,CACS;;AAE1D,QAAIA,OAAO,CAACC,eAAZ,EAA6B;AAC3B,aAAOD,OAAO,CAACC,eAAf;AACD;;AAED,QAAI;AAAEY,MAAAA,WAAF;AAAeC,MAAAA;AAAf,QAAgCd,OAApC;;AAEA,QAAGa,WAAW,KAAK,gBAAnB,EAAqC;AACnCb,MAAAA,OAAO,CAACe,aAAR,GAAwB,IAAxB;AACD,KAXgD,CAajD;;;AACA,QAAIF,WAAW,IAAIC,YAAnB,EAAiC;AAC/B,YAAME,GAAG,GAAGF,YAAY,CAACG,OAAb,CAAqBJ,WAArB,CAAZ;;AACA,UAAIG,GAAG,IAAI,CAAX,EAAc;AACZF,QAAAA,YAAY,GAAGA,YAAY,CAACI,KAAb,CAAmBF,GAAnB,CAAf;AACAH,QAAAA,WAAW,GAAGM,SAAd;AACD;AACF;;AAED,QAAI,CAACN,WAAL,EAAkB;AAChB;AACAA,MAAAA,WAAW,GAAG,KAAKP,WAAL,CAAiBc,eAAjB,CAAiCN,YAAjC,CAAd;AACD;;AACD,WAAO,KAAKR,WAAL,CAAiBe,gBAAjB,CAAkCR,WAAlC,EAA+Cb,OAA/C,CAAP;AACD,GA7CiC,CA+ClC;;;AACAsB,EAAAA,qBAAqB,CAACtB,OAAD,EAA+C;AAClEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,aAA1B,EAAyCP,OAAzC,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMuB,OAAO,GAAG,KAAKX,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMwB,UAAU,GAAGxB,OAAO,CAACwB,UAAR,IAAsBC,mCAAzC;AACA,WAAO,IAAIC,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDG,EAAAA,0BAA0B,CAAC3B,OAAD,EAA+C;AACvEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,oBAA1B,EAAgDP,OAAhD,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMuB,OAAO,GAAG,KAAKX,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMwB,UAAU,GAAGxB,OAAO,CAACwB,UAAR,IAAsBI,0CAAzC;AACA,WAAO,IAAIF,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDK,EAAAA,qBAAqB,CAAC7B,OAAD,EAA+C;AAClEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,cAA1B,EAA0CP,OAA1C,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMuB,OAAO,GAAG,KAAKX,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMwB,UAAU,GAAGxB,OAAO,CAACwB,UAAR,IAAsBM,oCAAzC;AACA,WAAO,IAAIJ,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GAtEiC,CAwElC;AACA;AACA;;;AACAO,EAAAA,qBAAqB,CAAC/B,OAAD,EAAsD;AACzE,QAAIuB,OAAJ;;AACA,QAAI,0BAAJ,EAAiB;AACf;AACA,UAAI;AACFA,QAAAA,OAAO,GAAG,KAAKjB,WAAL,CAAiBe,gBAAjB,CAAkC,QAAlC,EAA4CrB,OAA5C,CAAV;AACD,OAFD,CAEE,OAAOgC,CAAP,EAAU;AACV;AACA;AACA,wBAAK,yIAAL;AACD;AACF,KATD,MASO;AACL;AACA,YAAMC,kBAAkB,GAAG,KAAKX,qBAAL,CAA2BtB,OAA3B,CAA3B;;AACA,UAAIiC,kBAAJ,EAAwB;AACtBV,QAAAA,OAAO,GAAG;AACRW,UAAAA,OAAO,EAAGC,GAAD,IAAS;AAChB,kBAAMC,WAAW,GAAGH,kBAAkB,CAACrB,UAAnB,EAApB;;AACA,gBAAIwB,WAAW,IAAIA,WAAW,CAACD,GAAD,CAA9B,EAAqC;AACnC,qBAAOC,WAAW,CAACD,GAAD,CAAlB;AACD;;AACD,mBAAO,IAAP;AACD,WAPO;AAQRE,UAAAA,OAAO,EAAE,CAACF,GAAD,EAAMG,GAAN,KAAc;AACrB,kBAAMF,WAAW,GAAGH,kBAAkB,CAACrB,UAAnB,EAApB;;AACA,gBAAI,CAACwB,WAAL,EAAkB;AAChB,oBAAM,IAAIG,oBAAJ,CAAiB,uDAAjB,CAAN;AACD;;AACDH,YAAAA,WAAW,CAACD,GAAD,CAAX,GAAmBG,GAAnB;AACAL,YAAAA,kBAAkB,CAACO,UAAnB,CAA8BJ,WAA9B;AACD,WAfO;AAgBRK,UAAAA,UAAU,EAAGN,GAAD,IAAS;AACnB,kBAAMC,WAAW,GAAGH,kBAAkB,CAACrB,UAAnB,EAApB;;AACA,gBAAI,CAACwB,WAAL,EAAkB;AAChB;AACD;;AACD,mBAAOA,WAAW,CAACD,GAAD,CAAlB;AACAF,YAAAA,kBAAkB,CAACO,UAAnB,CAA8BJ,WAA9B;AACD;AAvBO,SAAV;AAyBD;AACF;;AAED,QAAI,CAACb,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AAED,WAAO,IAAIG,oBAAJ,CAAgBH,OAAhB,EAAyBmB,oCAAzB,CAAP;AACD,GA3HiC,CA6HlC;;;AACAC,EAAAA,eAAe,CAAC3C,OAAD,EAA4C;AACzDA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,OAA1B,EAAmCP,OAAnC,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMuB,OAAO,GAAG,KAAKX,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMwB,UAAU,GAAGxB,OAAO,CAACwB,UAAR,IAAsBoB,6BAAzC;AACA,WAAO,IAAIlB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GApIiC,CAsIlC;;;AACAqB,EAAAA,YAAY,CAAC7C,OAAD,EAA4C;AACtDA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,OAA1B,EAAmCP,OAAnC,CAAV;AACA,UAAMuB,OAAO,GAAG,KAAKX,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMwB,UAAU,GAAGxB,OAAO,CAACwB,UAAR,IAAsBsB,6BAAzC;AACA,WAAO,IAAIpB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GA5IiC,CA8IlC;;;AACAuB,EAAAA,oBAAoB,CAAC/C,OAAD,EAAwC;AAC1DA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,aAA1B,EAAyCP,OAAzC,CAAV;AACA,UAAMuB,OAAO,GAAG,KAAKX,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMwB,UAAU,GAAGxB,OAAO,CAACwB,UAAR,IAAsBwB,4BAAzC;AACA,WAAO,IAAItB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDyB,EAAAA,2BAA2B,CAACjD,OAAD,EAA4C;AACrEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,qBAA1B,EAAiDP,OAAjD,CAAV;AACA,UAAMuB,OAAO,GAAG,KAAKX,UAAL,CAAgBZ,OAAhB,CAAhB;AACA,UAAMwB,UAAU,GAAGxB,OAAO,CAACwB,UAAR,IAAsB0B,qCAAzC;AACA,WAAO,IAAIxB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AA3JiC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n\nimport {\n PKCE_STORAGE_NAME,\n TOKEN_STORAGE_NAME,\n TRANSACTION_STORAGE_NAME,\n SHARED_TRANSACTION_STORAGE_NAME,\n ORIGINAL_URI_STORAGE_NAME,\n IDX_RESPONSE_STORAGE_NAME,\n CACHE_STORAGE_NAME,\n REDIRECT_OAUTH_PARAMS_NAME\n} from './constants';\nimport {\n StorageUtil,\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n TransactionStorage,\n IdxResponseStorage,\n StorageManagerOptions,\n SimpleStorage\n} from './types';\nimport SavedObject from './SavedObject';\nimport { isBrowser } from './features';\nimport { warn } from './util';\nimport { AuthSdkError } from './errors';\n\nfunction logServerSideMemoryStorageWarning(options: StorageOptions) {\n if (!isBrowser() && !options.storageProvider && !options.storageProvider) {\n // eslint-disable-next-line max-len\n warn('Memory storage can only support simple single user use case on server side, please provide custom storageProvider or storageKey if advanced scenarios need to be supported.');\n }\n}\n\nexport default class StorageManager {\n storageManagerOptions: StorageManagerOptions;\n cookieOptions: CookieOptions;\n storageUtil: StorageUtil;\n\n constructor(storageManagerOptions: StorageManagerOptions, cookieOptions: CookieOptions, storageUtil: StorageUtil) {\n this.storageManagerOptions = storageManagerOptions;\n this.cookieOptions = cookieOptions;\n this.storageUtil = storageUtil;\n }\n\n // combines defaults in order\n getOptionsForSection(sectionName: string, overrideOptions?: StorageOptions) {\n return Object.assign({}, this.storageManagerOptions[sectionName], overrideOptions);\n }\n \n // generic method to get any available storage provider\n // eslint-disable-next-line complexity\n getStorage(options: StorageOptions): SimpleStorage {\n options = Object.assign({}, this.cookieOptions, options); // set defaults\n\n if (options.storageProvider) {\n return options.storageProvider;\n }\n\n let { storageType, storageTypes } = options;\n\n if(storageType === 'sessionStorage') {\n options.sessionCookie = true;\n }\n\n // Maintain compatibility. Automatically fallback. May change in next major version. OKTA-362589\n if (storageType && storageTypes) {\n const idx = storageTypes.indexOf(storageType);\n if (idx >= 0) {\n storageTypes = storageTypes.slice(idx);\n storageType = undefined;\n }\n }\n\n if (!storageType) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n storageType = this.storageUtil.findStorageType(storageTypes!);\n }\n return this.storageUtil.getStorageByType(storageType, options);\n }\n\n // stateToken, interactionHandle\n getTransactionStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getSharedTansactionStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('shared-transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || SHARED_TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getOriginalUriStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('original-uri', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || ORIGINAL_URI_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // intermediate idxResponse\n // store for network traffic optimazation purpose\n // TODO: revisit in auth-js 6.0 epic JIRA: OKTA-399791\n getIdxResponseStorage(options?: StorageOptions): IdxResponseStorage | null {\n let storage;\n if (isBrowser()) {\n // on browser side only use memory storage \n try {\n storage = this.storageUtil.getStorageByType('memory', options);\n } catch (e) {\n // it's ok to miss response storage\n // eslint-disable-next-line max-len\n warn('No response storage found, you may want to provide custom implementation for intermediate idx responses to optimize the network traffic');\n }\n } else {\n // on server side re-use transaction custom storage\n const transactionStorage = this.getTransactionStorage(options);\n if (transactionStorage) {\n storage = {\n getItem: (key) => {\n const transaction = transactionStorage.getStorage();\n if (transaction && transaction[key]) {\n return transaction[key];\n }\n return null;\n },\n setItem: (key, val) => {\n const transaction = transactionStorage.getStorage();\n if (!transaction) {\n throw new AuthSdkError('Transaction has been cleared, failed to save idxState');\n }\n transaction[key] = val;\n transactionStorage.setStorage(transaction);\n },\n removeItem: (key) => {\n const transaction = transactionStorage.getStorage();\n if (!transaction) {\n return;\n }\n delete transaction[key];\n transactionStorage.setStorage(transaction);\n }\n };\n }\n }\n\n if (!storage) {\n return null;\n }\n\n return new SavedObject(storage, IDX_RESPONSE_STORAGE_NAME);\n }\n\n // access_token, id_token, refresh_token\n getTokenStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('token', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TOKEN_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // caches well-known response, among others\n getHttpCache(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('cache', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || CACHE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // Will be removed in an upcoming major version. OKTA-362589\n getLegacyPKCEStorage(options?: StorageOptions): PKCEStorage {\n options = this.getOptionsForSection('legacy-pkce', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || PKCE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getLegacyOAuthParamsStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('legacy-oauth-params', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || REDIRECT_OAUTH_PARAMS_NAME;\n return new SavedObject(storage, storageKey);\n }\n}\n"],"file":"StorageManager.js"}
1
+ {"version":3,"sources":["../../lib/StorageManager.ts"],"names":["logServerSideMemoryStorageWarning","options","storageProvider","StorageManager","constructor","storageManagerOptions","cookieOptions","storageUtil","getOptionsForSection","sectionName","overrideOptions","getStorage","storageType","storageTypes","sessionCookie","idx","undefined","findStorageType","getStorageByType","getTransactionStorage","storage","storageKey","TRANSACTION_STORAGE_NAME","SavedObject","getSharedTansactionStorage","SHARED_TRANSACTION_STORAGE_NAME","getOriginalUriStorage","ORIGINAL_URI_STORAGE_NAME","getIdxResponseStorage","e","transactionStorage","getItem","key","transaction","setItem","val","AuthSdkError","setStorage","removeItem","IDX_RESPONSE_STORAGE_NAME","getTokenStorage","TOKEN_STORAGE_NAME","getHttpCache","CACHE_STORAGE_NAME","getLegacyPKCEStorage","PKCE_STORAGE_NAME","getLegacyOAuthParamsStorage","REDIRECT_OAUTH_PARAMS_NAME"],"mappings":";;;;;;;;;;;;AAcA;;AAqBA;;AACA;;AACA;;AACA;;AAtCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA8BA,SAASA,iCAAT,CAA2CC,OAA3C,EAAoE;AAClE,MAAI,CAAC,0BAAD,IAAgB,CAACA,OAAO,CAACC,eAAzB,IAA4C,CAACD,OAAO,CAACC,eAAzD,EAA0E;AACxE;AACA,oBAAK,6KAAL;AACD;AACF;;AAEM,MAAMC,cAAN,CAAqB;AAK1BC,EAAAA,WAAW,CAACC,qBAAD,EAA+CC,aAA/C,EAA6EC,WAA7E,EAAuG;AAChH,SAAKF,qBAAL,GAA6BA,qBAA7B;AACA,SAAKC,aAAL,GAAqBA,aAArB;AACA,SAAKC,WAAL,GAAmBA,WAAnB;AACD,GATyB,CAW1B;;;AACAC,EAAAA,oBAAoB,CAACC,WAAD,EAAsBC,eAAtB,EAAwD;AAC1E,WAAO,qBAAc,EAAd,EAAkB,KAAKL,qBAAL,CAA2BI,WAA3B,CAAlB,EAA2DC,eAA3D,CAAP;AACD,GAdyB,CAgB1B;AACA;;;AACAC,EAAAA,UAAU,CAACV,OAAD,EAAyC;AACjDA,IAAAA,OAAO,GAAG,qBAAc,EAAd,EAAkB,KAAKK,aAAvB,EAAsCL,OAAtC,CAAV,CADiD,CACS;;AAE1D,QAAIA,OAAO,CAACC,eAAZ,EAA6B;AAC3B,aAAOD,OAAO,CAACC,eAAf;AACD;;AAED,QAAI;AAAEU,MAAAA,WAAF;AAAeC,MAAAA;AAAf,QAAgCZ,OAApC;;AAEA,QAAGW,WAAW,KAAK,gBAAnB,EAAqC;AACnCX,MAAAA,OAAO,CAACa,aAAR,GAAwB,IAAxB;AACD,KAXgD,CAajD;;;AACA,QAAIF,WAAW,IAAIC,YAAnB,EAAiC;AAC/B,YAAME,GAAG,GAAG,sBAAAF,YAAY,MAAZ,CAAAA,YAAY,EAASD,WAAT,CAAxB;;AACA,UAAIG,GAAG,IAAI,CAAX,EAAc;AACZF,QAAAA,YAAY,GAAG,oBAAAA,YAAY,MAAZ,CAAAA,YAAY,EAAOE,GAAP,CAA3B;AACAH,QAAAA,WAAW,GAAGI,SAAd;AACD;AACF;;AAED,QAAI,CAACJ,WAAL,EAAkB;AAChB;AACAA,MAAAA,WAAW,GAAG,KAAKL,WAAL,CAAiBU,eAAjB,CAAiCJ,YAAjC,CAAd;AACD;;AACD,WAAO,KAAKN,WAAL,CAAiBW,gBAAjB,CAAkCN,WAAlC,EAA+CX,OAA/C,CAAP;AACD,GA7CyB,CA+C1B;;;AACAkB,EAAAA,qBAAqB,CAAClB,OAAD,EAA+C;AAClEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,aAA1B,EAAyCP,OAAzC,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMmB,OAAO,GAAG,KAAKT,UAAL,CAAgBV,OAAhB,CAAhB;AACA,UAAMoB,UAAU,GAAGpB,OAAO,CAACoB,UAAR,IAAsBC,mCAAzC;AACA,WAAO,IAAIC,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDG,EAAAA,0BAA0B,CAACvB,OAAD,EAA+C;AACvEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,oBAA1B,EAAgDP,OAAhD,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMmB,OAAO,GAAG,KAAKT,UAAL,CAAgBV,OAAhB,CAAhB;AACA,UAAMoB,UAAU,GAAGpB,OAAO,CAACoB,UAAR,IAAsBI,0CAAzC;AACA,WAAO,IAAIF,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDK,EAAAA,qBAAqB,CAACzB,OAAD,EAA+C;AAClEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,cAA1B,EAA0CP,OAA1C,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMmB,OAAO,GAAG,KAAKT,UAAL,CAAgBV,OAAhB,CAAhB;AACA,UAAMoB,UAAU,GAAGpB,OAAO,CAACoB,UAAR,IAAsBM,oCAAzC;AACA,WAAO,IAAIJ,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GAtEyB,CAwE1B;AACA;AACA;;;AACAO,EAAAA,qBAAqB,CAAC3B,OAAD,EAAsD;AACzE,QAAImB,OAAJ;;AACA,QAAI,0BAAJ,EAAiB;AACf;AACA,UAAI;AACFA,QAAAA,OAAO,GAAG,KAAKb,WAAL,CAAiBW,gBAAjB,CAAkC,QAAlC,EAA4CjB,OAA5C,CAAV;AACD,OAFD,CAEE,OAAO4B,CAAP,EAAU;AACV;AACA;AACA,wBAAK,yIAAL;AACD;AACF,KATD,MASO;AACL;AACA,YAAMC,kBAAkB,GAAG,KAAKX,qBAAL,CAA2BlB,OAA3B,CAA3B;;AACA,UAAI6B,kBAAJ,EAAwB;AACtBV,QAAAA,OAAO,GAAG;AACRW,UAAAA,OAAO,EAAGC,GAAD,IAAS;AAChB,kBAAMC,WAAW,GAAGH,kBAAkB,CAACnB,UAAnB,EAApB;;AACA,gBAAIsB,WAAW,IAAIA,WAAW,CAACD,GAAD,CAA9B,EAAqC;AACnC,qBAAOC,WAAW,CAACD,GAAD,CAAlB;AACD;;AACD,mBAAO,IAAP;AACD,WAPO;AAQRE,UAAAA,OAAO,EAAE,CAACF,GAAD,EAAMG,GAAN,KAAc;AACrB,kBAAMF,WAAW,GAAGH,kBAAkB,CAACnB,UAAnB,EAApB;;AACA,gBAAI,CAACsB,WAAL,EAAkB;AAChB,oBAAM,IAAIG,oBAAJ,CAAiB,uDAAjB,CAAN;AACD;;AACDH,YAAAA,WAAW,CAACD,GAAD,CAAX,GAAmBG,GAAnB;AACAL,YAAAA,kBAAkB,CAACO,UAAnB,CAA8BJ,WAA9B;AACD,WAfO;AAgBRK,UAAAA,UAAU,EAAGN,GAAD,IAAS;AACnB,kBAAMC,WAAW,GAAGH,kBAAkB,CAACnB,UAAnB,EAApB;;AACA,gBAAI,CAACsB,WAAL,EAAkB;AAChB;AACD;;AACD,mBAAOA,WAAW,CAACD,GAAD,CAAlB;AACAF,YAAAA,kBAAkB,CAACO,UAAnB,CAA8BJ,WAA9B;AACD;AAvBO,SAAV;AAyBD;AACF;;AAED,QAAI,CAACb,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AAED,WAAO,IAAIG,oBAAJ,CAAgBH,OAAhB,EAAyBmB,oCAAzB,CAAP;AACD,GA3HyB,CA6H1B;;;AACAC,EAAAA,eAAe,CAACvC,OAAD,EAA4C;AACzDA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,OAA1B,EAAmCP,OAAnC,CAAV;AACAD,IAAAA,iCAAiC,CAACC,OAAD,CAAjC;AACA,UAAMmB,OAAO,GAAG,KAAKT,UAAL,CAAgBV,OAAhB,CAAhB;AACA,UAAMoB,UAAU,GAAGpB,OAAO,CAACoB,UAAR,IAAsBoB,6BAAzC;AACA,WAAO,IAAIlB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GApIyB,CAsI1B;;;AACAqB,EAAAA,YAAY,CAACzC,OAAD,EAA4C;AACtDA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,OAA1B,EAAmCP,OAAnC,CAAV;AACA,UAAMmB,OAAO,GAAG,KAAKT,UAAL,CAAgBV,OAAhB,CAAhB;AACA,UAAMoB,UAAU,GAAGpB,OAAO,CAACoB,UAAR,IAAsBsB,6BAAzC;AACA,WAAO,IAAIpB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD,GA5IyB,CA8I1B;;;AACAuB,EAAAA,oBAAoB,CAAC3C,OAAD,EAAwC;AAC1DA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,aAA1B,EAAyCP,OAAzC,CAAV;AACA,UAAMmB,OAAO,GAAG,KAAKT,UAAL,CAAgBV,OAAhB,CAAhB;AACA,UAAMoB,UAAU,GAAGpB,OAAO,CAACoB,UAAR,IAAsBwB,4BAAzC;AACA,WAAO,IAAItB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AAEDyB,EAAAA,2BAA2B,CAAC7C,OAAD,EAA4C;AACrEA,IAAAA,OAAO,GAAG,KAAKO,oBAAL,CAA0B,qBAA1B,EAAiDP,OAAjD,CAAV;AACA,UAAMmB,OAAO,GAAG,KAAKT,UAAL,CAAgBV,OAAhB,CAAhB;AACA,UAAMoB,UAAU,GAAGpB,OAAO,CAACoB,UAAR,IAAsB0B,qCAAzC;AACA,WAAO,IAAIxB,oBAAJ,CAAgBH,OAAhB,EAAyBC,UAAzB,CAAP;AACD;;AA3JyB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n\nimport {\n PKCE_STORAGE_NAME,\n TOKEN_STORAGE_NAME,\n TRANSACTION_STORAGE_NAME,\n SHARED_TRANSACTION_STORAGE_NAME,\n ORIGINAL_URI_STORAGE_NAME,\n IDX_RESPONSE_STORAGE_NAME,\n CACHE_STORAGE_NAME,\n REDIRECT_OAUTH_PARAMS_NAME\n} from './constants';\nimport {\n StorageUtil,\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n TransactionStorage,\n IdxResponseStorage,\n StorageManagerOptions,\n SimpleStorage\n} from './types';\nimport SavedObject from './SavedObject';\nimport { isBrowser } from './features';\nimport { warn } from './util';\nimport { AuthSdkError } from './errors';\n\nfunction logServerSideMemoryStorageWarning(options: StorageOptions) {\n if (!isBrowser() && !options.storageProvider && !options.storageProvider) {\n // eslint-disable-next-line max-len\n warn('Memory storage can only support simple single user use case on server side, please provide custom storageProvider or storageKey if advanced scenarios need to be supported.');\n }\n}\n\nexport class StorageManager {\n storageManagerOptions: StorageManagerOptions;\n cookieOptions: CookieOptions;\n storageUtil: StorageUtil;\n\n constructor(storageManagerOptions: StorageManagerOptions, cookieOptions: CookieOptions, storageUtil: StorageUtil) {\n this.storageManagerOptions = storageManagerOptions;\n this.cookieOptions = cookieOptions;\n this.storageUtil = storageUtil;\n }\n\n // combines defaults in order\n getOptionsForSection(sectionName: string, overrideOptions?: StorageOptions) {\n return Object.assign({}, this.storageManagerOptions[sectionName], overrideOptions);\n }\n \n // generic method to get any available storage provider\n // eslint-disable-next-line complexity\n getStorage(options: StorageOptions): SimpleStorage {\n options = Object.assign({}, this.cookieOptions, options); // set defaults\n\n if (options.storageProvider) {\n return options.storageProvider;\n }\n\n let { storageType, storageTypes } = options;\n\n if(storageType === 'sessionStorage') {\n options.sessionCookie = true;\n }\n\n // Maintain compatibility. Automatically fallback. May change in next major version. OKTA-362589\n if (storageType && storageTypes) {\n const idx = storageTypes.indexOf(storageType);\n if (idx >= 0) {\n storageTypes = storageTypes.slice(idx);\n storageType = undefined;\n }\n }\n\n if (!storageType) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n storageType = this.storageUtil.findStorageType(storageTypes!);\n }\n return this.storageUtil.getStorageByType(storageType, options);\n }\n\n // stateToken, interactionHandle\n getTransactionStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getSharedTansactionStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('shared-transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || SHARED_TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getOriginalUriStorage(options?: StorageOptions): TransactionStorage {\n options = this.getOptionsForSection('original-uri', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || ORIGINAL_URI_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // intermediate idxResponse\n // store for network traffic optimazation purpose\n // TODO: revisit in auth-js 6.0 epic JIRA: OKTA-399791\n getIdxResponseStorage(options?: StorageOptions): IdxResponseStorage | null {\n let storage;\n if (isBrowser()) {\n // on browser side only use memory storage \n try {\n storage = this.storageUtil.getStorageByType('memory', options);\n } catch (e) {\n // it's ok to miss response storage\n // eslint-disable-next-line max-len\n warn('No response storage found, you may want to provide custom implementation for intermediate idx responses to optimize the network traffic');\n }\n } else {\n // on server side re-use transaction custom storage\n const transactionStorage = this.getTransactionStorage(options);\n if (transactionStorage) {\n storage = {\n getItem: (key) => {\n const transaction = transactionStorage.getStorage();\n if (transaction && transaction[key]) {\n return transaction[key];\n }\n return null;\n },\n setItem: (key, val) => {\n const transaction = transactionStorage.getStorage();\n if (!transaction) {\n throw new AuthSdkError('Transaction has been cleared, failed to save idxState');\n }\n transaction[key] = val;\n transactionStorage.setStorage(transaction);\n },\n removeItem: (key) => {\n const transaction = transactionStorage.getStorage();\n if (!transaction) {\n return;\n }\n delete transaction[key];\n transactionStorage.setStorage(transaction);\n }\n };\n }\n }\n\n if (!storage) {\n return null;\n }\n\n return new SavedObject(storage, IDX_RESPONSE_STORAGE_NAME);\n }\n\n // access_token, id_token, refresh_token\n getTokenStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('token', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TOKEN_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // caches well-known response, among others\n getHttpCache(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('cache', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || CACHE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // Will be removed in an upcoming major version. OKTA-362589\n getLegacyPKCEStorage(options?: StorageOptions): PKCEStorage {\n options = this.getOptionsForSection('legacy-pkce', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || PKCE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getLegacyOAuthParamsStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('legacy-oauth-params', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || REDIRECT_OAUTH_PARAMS_NAME;\n return new SavedObject(storage, storageKey);\n }\n}\n"],"file":"StorageManager.js"}
package/cjs/TokenManager.js CHANGED
@@ -1,9 +1,21 @@
1
1
  "use strict";
2
2
 
3
- var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
4
 
5
5
  exports.TokenManager = exports.EVENT_ERROR = exports.EVENT_REMOVED = exports.EVENT_ADDED = exports.EVENT_RENEWED = exports.EVENT_EXPIRED = void 0;
6
6
 
7
+ var _assign = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/assign"));
8
+
9
+ var _keys = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/keys"));
10
+
11
+ var _stringify = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/json/stringify"));
12
+
13
+ var _filter = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/filter"));
14
+
15
+ var _reduce = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/reduce"));
16
+
17
+ var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));
18
+
7
19
  var _util = require("./util");
8
20
 
9
21
  var _errors = require("./errors");
@@ -12,12 +24,12 @@ var _util2 = require("./oidc/util");
12
24
 
13
25
  var _features = require("./features");
14
26
 
15
- var _constants = require("./constants");
16
-
17
27
  var _clock = _interopRequireDefault(require("./clock"));
18
28
 
19
29
  var _types = require("./types");
20
30
 
31
+ var _constants = require("./constants");
32
+
21
33
  var _TokenService = require("./services/TokenService");
22
34
 
23
35
  /*!
@@ -71,7 +83,7 @@ class TokenManager {
71
83
  }
72
84
 
73
85
  this.service = null;
74
- options = Object.assign({}, DEFAULT_OPTIONS, (0, _util.removeNils)(options));
86
+ options = (0, _assign.default)({}, DEFAULT_OPTIONS, (0, _util.removeNils)(options));
75
87
 
76
88
  if ((0, _features.isIE11OrLess)()) {
77
89
  options._storageEventDelay = options._storageEventDelay || 1000;
@@ -161,15 +173,15 @@ class TokenManager {
161
173
  emitEventsForCrossTabsStorageUpdate(newValue, oldValue) {
162
174
  const oldTokens = this.getTokensFromStorageValue(oldValue);
163
175
  const newTokens = this.getTokensFromStorageValue(newValue);
164
- Object.keys(newTokens).forEach(key => {
176
+ (0, _keys.default)(newTokens).forEach(key => {
165
177
  const oldToken = oldTokens[key];
166
178
  const newToken = newTokens[key];
167
179
 
168
- if (JSON.stringify(oldToken) !== JSON.stringify(newToken)) {
180
+ if ((0, _stringify.default)(oldToken) !== (0, _stringify.default)(newToken)) {
169
181
  this.emitAdded(key, newToken);
170
182
  }
171
183
  });
172
- Object.keys(oldTokens).forEach(key => {
184
+ (0, _keys.default)(oldTokens).forEach(key => {
173
185
  const oldToken = oldTokens[key];
174
186
  const newToken = newTokens[key];
175
187
 
@@ -254,7 +266,7 @@ class TokenManager {
254
266
  getTokensSync() {
255
267
  const tokens = {};
256
268
  const tokenStorage = this.storage.getStorage();
257
- Object.keys(tokenStorage).forEach(key => {
269
+ (0, _keys.default)(tokenStorage).forEach(key => {
258
270
  const token = tokenStorage[key];
259
271
 
260
272
  if ((0, _types.isAccessToken)(token)) {
@@ -273,8 +285,10 @@ class TokenManager {
273
285
  }
274
286
 
275
287
  getStorageKeyByType(type) {
288
+ var _context;
289
+
276
290
  const tokenStorage = this.storage.getStorage();
277
- const key = Object.keys(tokenStorage).filter(key => {
291
+ const key = (0, _filter.default)(_context = (0, _keys.default)(tokenStorage)).call(_context, key => {
278
292
  const token = tokenStorage[key];
279
293
  return (0, _types.isAccessToken)(token) && type === 'accessToken' || (0, _types.isIDToken)(token) && type === 'idToken' || (0, _types.isRefreshToken)(token) && type === 'refreshToken';
280
294
  })[0];
@@ -341,7 +355,7 @@ class TokenManager {
341
355
  }
342
356
  }); // add token to storage
343
357
 
344
- const storage = types.reduce((storage, type) => {
358
+ const storage = (0, _reduce.default)(types).call(types, (storage, type) => {
345
359
  const token = tokens[type];
346
360
 
347
361
  if (token) {
@@ -410,7 +424,7 @@ class TokenManager {
410
424
  throw new _errors.AuthSdkError('The tokenManager has no token for the key: ' + key);
411
425
  }
412
426
  } catch (e) {
413
- return Promise.reject(e);
427
+ return _promise.default.reject(e);
414
428
  } // Remove existing autoRenew timeout
415
429
 
416
430
 
@@ -423,12 +437,8 @@ class TokenManager {
423
437
  const tokenType = this.getTokenType(token);
424
438
  return tokens[tokenType];
425
439
  }).catch(err => {
426
- // If renew fails, remove token and emit error
427
- if ((0, _util2.isRefreshTokenError)(err) || err.name === 'OAuthError' || err.name === 'AuthSdkError') {
428
- // remove token from storage
429
- this.remove(key);
430
- }
431
-
440
+ // If renew fails, remove token from storage and emit error
441
+ this.remove(key);
432
442
  err.tokenKey = key;
433
443
  this.emitError(err);
434
444
  throw err;
@@ -446,7 +456,7 @@ class TokenManager {
446
456
 
447
457
  clearPendingRemoveTokens() {
448
458
  const tokens = this.getTokensSync();
449
- Object.keys(tokens).forEach(key => {
459
+ (0, _keys.default)(tokens).forEach(key => {
450
460
  if (tokens[key].pendingRemove) {
451
461
  this.remove(key);
452
462
  }
@@ -477,7 +487,7 @@ class TokenManager {
477
487
 
478
488
  addPendingRemoveFlags() {
479
489
  const tokens = this.getTokensSync();
480
- Object.keys(tokens).forEach(key => {
490
+ (0, _keys.default)(tokens).forEach(key => {
481
491
  tokens[key].pendingRemove = true;
482
492
  });
483
493
  this.setTokens(tokens);