@okta/okta-auth-js 6.0.0 → 6.3.0

package/cjs/idx/run.js

@@ -10,17 +10,15 @@ var _remediate = require("./remediate");
 
 var _flow = require("./flow");
 
-var remediators = _interopRequireWildcard(require("./remediators"));
-
 var _types = require("../types");
 
 var _idxJs = require("./types/idx-js");
 
 var _transactionMeta = require("./transactionMeta");
 
-function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+var _util = require("./util");
 
-function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+/* eslint-disable @typescript-eslint/no-non-null-assertion */
 
 /*!
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
@@ -35,103 +33,83 @@ function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj &&
  */
 
 /* eslint-disable max-statements, complexity, max-depth */
-function getEnabledFeatures(idxResponse) {
-  const res = [];
-  const {
-    actions,
-    neededToProceed
-  } = idxResponse;
-
-  if (actions['currentAuthenticator-recover']) {
-    res.push(_types.IdxFeature.PASSWORD_RECOVERY);
-  }
-
-  if (neededToProceed.some(({
-    name
-  }) => name === 'select-enroll-profile')) {
-    res.push(_types.IdxFeature.REGISTRATION);
-  }
-
-  if (neededToProceed.some(({
-    name
-  }) => name === 'redirect-idp')) {
-    res.push(_types.IdxFeature.SOCIAL_IDP);
-  }
-
-  return res;
+function initializeValues(options) {
+  // remove known options, everything else is assumed to be a value
+  const knownOptions = ['flow', 'remediators', 'actions', 'withCredentials', 'step'];
+  const values = { ...options
+  };
+  knownOptions.forEach(option => {
+    delete values[option];
+  });
+  return values;
 }
 
-function getAvailableSteps(idxResponse) {
-  const res = [];
-  const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {
-    // Only add concrete subclasses to the map
-    if (remediatorClass.remediationName) {
-      map[remediatorClass.remediationName] = remediatorClass;
-    }
-
-    return map;
-  }, {});
-
-  for (let remediation of idxResponse.neededToProceed) {
-    const T = remediatorMap[remediation.name];
-
-    if (T) {
-      const remediator = new T(remediation);
-      res.push(remediator.getNextStep(idxResponse.context));
-    }
+function initializeData(authClient, data) {
+  const {
+    options
+  } = data;
+  let {
+    flow,
+    withCredentials,
+    remediators,
+    actions
+  } = options;
+  const status = _types.IdxStatus.PENDING; // certain options can be set by the flow specification
+
+  flow = flow || authClient.idx.getFlow() || 'default';
+
+  if (flow) {
+    authClient.idx.setFlow(flow);
+    const flowSpec = (0, _flow.getFlowSpecification)(authClient, flow); // Favor option values over flow spec
+
+    withCredentials = typeof withCredentials !== 'undefined' ? withCredentials : flowSpec.withCredentials;
+    remediators = remediators || flowSpec.remediators;
+    actions = actions || flowSpec.actions;
   }
 
-  return res;
+  return { ...data,
+    options: { ...options,
+      flow,
+      withCredentials,
+      remediators,
+      actions
+    },
+    status
+  };
 }
 
-async function run(authClient, options = {}) {
-  let tokens;
-  let nextStep;
-  let messages;
-  let error;
-  let meta;
-  let enabledFeatures;
-  let availableSteps;
-  let status = _types.IdxStatus.PENDING;
-  let shouldClearTransaction = false;
-  let clearSharedStorage = true;
+async function getDataFromIntrospect(authClient, data) {
+  const {
+    options
+  } = data;
+  const {
+    stateHandle,
+    withCredentials,
+    version,
+    state,
+    scopes,
+    recoveryToken,
+    activationToken
+  } = options;
   let idxResponse;
-  let interactionHandle;
-  let metaFromResp;
-  let interactionCode;
-
-  try {
-    var _metaFromResp;
+  let meta;
 
-    let {
-      flow,
-      state,
-      scopes,
-      version,
-      remediators,
-      actions,
+  if (stateHandle) {
+    idxResponse = await (0, _introspect.introspect)(authClient, {
       withCredentials,
-      exchangeCodeForTokens,
-      autoRemediate,
-      step
-    } = options; // Only one flow can be operating at a time
-
-    flow = flow || authClient.idx.getFlow() || 'default';
-
-    if (flow) {
-      authClient.idx.setFlow(flow);
-      const flowSpec = (0, _flow.getFlowSpecification)(authClient, flow); // Favor option values over flow spec
-
-      withCredentials = typeof withCredentials !== 'undefined' ? withCredentials : flowSpec.withCredentials;
-      remediators = remediators || flowSpec.remediators;
-      actions = actions || flowSpec.actions;
-    } // Try to resume saved transaction
-
+      version,
+      stateHandle
+    });
+  } else {
+    var _meta;
 
-    metaFromResp = (0, _transactionMeta.getSavedTransactionMeta)(authClient, {
-      state
+    // Try to resume saved transaction
+    meta = (0, _transactionMeta.getSavedTransactionMeta)(authClient, {
+      state,
+      recoveryToken,
+      activationToken
     });
-    interactionHandle = (_metaFromResp = metaFromResp) === null || _metaFromResp === void 0 ? void 0 : _metaFromResp.interactionHandle; // may be undefined
+    let interactionHandle = (_meta = meta) === null || _meta === void 0 ? void 0 : _meta.interactionHandle; // may be undefined
 
     if (!interactionHandle) {
       // start a new transaction
@@ -139,11 +117,12 @@ async function run(authClient, options = {}) {
       const interactResponse = await (0, _interact.interact)(authClient, {
         withCredentials,
         state,
-        scopes
+        scopes,
+        activationToken,
+        recoveryToken
       });
       interactionHandle = interactResponse.interactionHandle;
-      metaFromResp = interactResponse.meta;
-      withCredentials = metaFromResp.withCredentials;
+      meta = interactResponse.meta;
     } // Introspect to get idx response
 
 
@@ -152,94 +131,214 @@ async function run(authClient, options = {}) {
       version,
       interactionHandle
     });
-    enabledFeatures = getEnabledFeatures(idxResponse);
-    availableSteps = getAvailableSteps(idxResponse); // Include meta in the transaction response
+  }
 
-    meta = metaFromResp;
+  return { ...data,
+    idxResponse,
+    meta
+  };
+}
 
-    if (autoRemediate !== false && (remediators || actions)) {
-      var _idxResponse;
+async function getDataFromRemediate(data) {
+  let {
+    idxResponse,
+    options,
+    values
+  } = data;
+  const {
+    autoRemediate,
+    remediators,
+    actions,
+    flow,
+    step
+  } = options;
+  const shouldRemediate = autoRemediate !== false && (remediators || actions || step);
 
-      const values = { ...options,
-        stateHandle: idxResponse.rawIdxState.stateHandle
-      }; // Can we handle the remediations?
+  if (!shouldRemediate) {
+    return data;
+  }
 
-      const {
-        idxResponse: idxResponseFromResp,
-        nextStep: nextStepFromResp,
-        terminal,
-        canceled,
-        messages: messagesFromResp
-      } = await (0, _remediate.remediate)(idxResponse, values, {
-        remediators,
-        actions,
-        flow,
-        step
-      });
-      idxResponse = idxResponseFromResp || idxResponse; // Track fields from remediation response
-
-      nextStep = nextStepFromResp;
-      messages = messagesFromResp; // Save intermediate idx response in storage to reduce introspect call
-
-      if (nextStep) {
-        authClient.transactionManager.saveIdxResponse(idxResponse.rawIdxState);
-        availableSteps = getAvailableSteps(idxResponse);
-      }
-
-      if (terminal) {
-        status = _types.IdxStatus.TERMINAL;
-        shouldClearTransaction = true;
-        clearSharedStorage = false; // transaction may be continued in another tab
-      }
-
-      if (canceled) {
-        status = _types.IdxStatus.CANCELED;
-        shouldClearTransaction = true;
-      } else if ((_idxResponse = idxResponse) !== null && _idxResponse !== void 0 && _idxResponse.interactionCode) {
-        interactionCode = idxResponse.interactionCode;
-
-        if (exchangeCodeForTokens === false) {
-          status = _types.IdxStatus.SUCCESS;
-          shouldClearTransaction = false;
-        } else {
-          // exchange the interaction code for tokens
-          const {
-            clientId,
-            codeVerifier,
-            ignoreSignature,
-            redirectUri,
-            urls,
-            scopes
-          } = metaFromResp;
-          tokens = await authClient.token.exchangeCodeForTokens({
-            interactionCode,
-            clientId,
-            codeVerifier,
-            ignoreSignature,
-            redirectUri,
-            scopes
-          }, urls);
-          status = _types.IdxStatus.SUCCESS;
-          shouldClearTransaction = true;
-        }
-      }
-    }
-  } catch (err) {
-    // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors
-    if ((0, _idxJs.isIdxResponse)(err)) {
-      error = err;
-      status = _types.IdxStatus.FAILURE;
-      shouldClearTransaction = true;
+  values = { ...values,
+    stateHandle: idxResponse.rawIdxState.stateHandle
+  }; // Can we handle the remediations?
+
+  const {
+    idxResponse: idxResponseFromRemediation,
+    nextStep,
+    canceled
+  } = await (0, _remediate.remediate)(idxResponse, values, {
+    remediators,
+    actions,
+    flow,
+    step
+  });
+  idxResponse = idxResponseFromRemediation;
+  return { ...data,
+    idxResponse,
+    nextStep,
+    canceled
+  };
+}
+
+async function getTokens(authClient, data) {
+  let {
+    meta,
+    idxResponse
+  } = data;
+  const {
+    interactionCode
+  } = idxResponse;
+  const {
+    clientId,
+    codeVerifier,
+    ignoreSignature,
+    redirectUri,
+    urls,
+    scopes
+  } = meta;
+  const tokenResponse = await authClient.token.exchangeCodeForTokens({
+    interactionCode,
+    clientId,
+    codeVerifier,
+    ignoreSignature,
+    redirectUri,
+    scopes
+  }, urls);
+  return tokenResponse.tokens;
+}
+
+async function finalizeData(authClient, data) {
+  let {
+    options,
+    idxResponse,
+    canceled,
+    status
+  } = data;
+  const {
+    exchangeCodeForTokens
+  } = options;
+  let shouldClearTransaction = false;
+  let clearSharedStorage = true;
+  let interactionCode;
+  let tokens;
+  let enabledFeatures;
+  let availableSteps;
+  let messages;
+  let terminal;
+
+  if (idxResponse) {
+    enabledFeatures = (0, _util.getEnabledFeatures)(idxResponse);
+    availableSteps = (0, _util.getAvailableSteps)(idxResponse);
+    messages = (0, _util.getMessagesFromResponse)(idxResponse);
+    terminal = (0, _util.isTerminalResponse)(idxResponse);
+  }
+
+  if (terminal) {
+    status = _types.IdxStatus.TERMINAL;
+    shouldClearTransaction = true;
+    clearSharedStorage = false;
+  } else if (canceled) {
+    status = _types.IdxStatus.CANCELED;
+    shouldClearTransaction = true;
+  } else if (idxResponse !== null && idxResponse !== void 0 && idxResponse.interactionCode) {
+    interactionCode = idxResponse.interactionCode;
+
+    if (exchangeCodeForTokens === false) {
+      status = _types.IdxStatus.SUCCESS;
+      shouldClearTransaction = false;
     } else {
-      // error is not an IDX response, throw it like a regular error
-      throw err;
+      tokens = await getTokens(authClient, data);
+      status = _types.IdxStatus.SUCCESS;
+      shouldClearTransaction = true;
     }
   }
 
+  return { ...data,
+    status,
+    interactionCode,
+    tokens,
+    shouldClearTransaction,
+    clearSharedStorage,
+    enabledFeatures,
+    availableSteps,
+    messages,
+    terminal
+  };
+}
+
+function handleError(err, data) {
+  let {
+    error,
+    status,
+    shouldClearTransaction
+  } = data; // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors
+
+  if ((0, _idxJs.isIdxResponse)(err)) {
+    error = err;
+    status = _types.IdxStatus.FAILURE;
+    shouldClearTransaction = true;
+  } else {
+    // error is not an IDX response, throw it like a regular error
+    throw err;
+  }
+
+  return { ...data,
+    error,
+    status,
+    shouldClearTransaction
+  };
+}
+
+async function run(authClient, options = {}) {
+  let data = {
+    options,
+    values: initializeValues(options)
+  };
+  data = initializeData(authClient, data);
+
+  try {
+    data = await getDataFromIntrospect(authClient, data);
+    data = await getDataFromRemediate(data);
+  } catch (err) {
+    data = handleError(err, data);
+  }
+
+  data = await finalizeData(authClient, data);
+  const {
+    idxResponse,
+    meta,
+    shouldClearTransaction,
+    clearSharedStorage,
+    status,
+    enabledFeatures,
+    availableSteps,
+    tokens,
+    nextStep,
+    messages,
+    error,
+    interactionCode
+  } = data;
+
   if (shouldClearTransaction) {
     authClient.transactionManager.clear({
       clearSharedStorage
     });
+  } else {
+    // ensures state is saved to sessionStorage
+    (0, _transactionMeta.saveTransactionMeta)(authClient, { ...meta
+    });
+
+    if (idxResponse) {
+      // Save intermediate idx response in storage to reduce introspect call
+      const {
+        rawIdxState: rawIdxResponse,
+        requestDidSucceed
+      } = idxResponse;
+      authClient.transactionManager.saveIdxResponse({
+        rawIdxResponse,
+        requestDidSucceed
+      });
+    }
   } // from idx-js, used by the widget
 
 
@@ -251,7 +350,7 @@ async function run(authClient, options = {}) {
     rawIdxState
   } = idxResponse || {};
   return {
-    status,
+    status: status,
     ...(meta && {
       meta
     }),
@@ -262,12 +361,12 @@ async function run(authClient, options = {}) {
       availableSteps
     }),
     ...(tokens && {
-      tokens: tokens.tokens
+      tokens
     }),
     ...(nextStep && {
       nextStep
     }),
-    ...(messages && {
+    ...(messages && messages.length && {
       messages
     }),
     ...(error && {
@@ -276,11 +375,11 @@ async function run(authClient, options = {}) {
     interactionCode,
     // if options.exchangeCodeForTokens is false
     // from idx-js
-    actions,
-    context,
-    neededToProceed,
-    proceed,
-    rawIdxState
+    actions: actions,
+    context: context,
+    neededToProceed: neededToProceed,
+    proceed: proceed,
+    rawIdxState: rawIdxState
   };
 }
 //# sourceMappingURL=run.js.map

package/cjs/idx/run.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","getAvailableSteps","remediatorMap","Object","values","remediators","reduce","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","context","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","clearSharedStorage","interactionHandle","metaFromResp","interactionCode","flow","state","scopes","version","withCredentials","exchangeCodeForTokens","autoRemediate","step","idx","getFlow","setFlow","flowSpec","transactionManager","clear","interactResponse","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","saveIdxResponse","TERMINAL","CANCELED","SUCCESS","clientId","codeVerifier","ignoreSignature","redirectUri","urls","token","err","FAILURE","proceed"],"mappings":";;;;AAcA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAQA;;AACA;;;;;;AA5BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAyBA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,SAAOT,GAAP;AACD;;AAED,SAASU,iBAAT,CAA2BX,WAA3B,EAAiE;AAC/D,QAAMC,GAAG,GAAG,EAAZ;AAEA,QAAMW,aAAa,GAAGC,MAAM,CAACC,MAAP,CAAcC,WAAd,EAA2BC,MAA3B,CAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBpB,WAAW,CAACG,eAApC,EAAqD;AACnD,UAAMkB,CAAC,GAAGT,aAAa,CAACQ,WAAW,CAACZ,IAAb,CAAvB;;AACA,QAAIa,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACAnB,MAAAA,GAAG,CAACG,IAAJ,CAAUkB,UAAU,CAACC,WAAX,CAAuBvB,WAAW,CAACwB,OAAnC,CAAV;AACD;AACF;;AAED,SAAOvB,GAAP;AACD;;AAEM,eAAewB,GAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAIC,kBAAkB,GAAG,IAAzB;AACA,MAAIvC,WAAJ;AACA,MAAIwC,iBAAJ;AACA,MAAIC,YAAJ;AACA,MAAIC,eAAJ;;AAEA,MAAI;AAAA;;AAEF,QAAI;AACFC,MAAAA,IADE;AAEFC,MAAAA,KAFE;AAGFC,MAAAA,MAHE;AAIFC,MAAAA,OAJE;AAKF/B,MAAAA,WALE;AAMFb,MAAAA,OANE;AAOF6C,MAAAA,eAPE;AAQFC,MAAAA,qBARE;AASFC,MAAAA,aATE;AAUFC,MAAAA;AAVE,QAWAvB,OAXJ,CAFE,CAeF;;AACAgB,IAAAA,IAAI,GAAGA,IAAI,IAAIjB,UAAU,CAACyB,GAAX,CAAeC,OAAf,EAAR,IAAoC,SAA3C;;AACA,QAAIT,IAAJ,EAAU;AACRjB,MAAAA,UAAU,CAACyB,GAAX,CAAeE,OAAf,CAAuBV,IAAvB;AACA,YAAMW,QAAQ,GAAG,gCAAqB5B,UAArB,EAAiCiB,IAAjC,CAAjB,CAFQ,CAGR;;AACAI,MAAAA,eAAe,GAAI,OAAOA,eAAP,KAA2B,WAA5B,GAA2CA,eAA3C,GAA6DO,QAAQ,CAACP,eAAxF;AACAhC,MAAAA,WAAW,GAAGA,WAAW,IAAIuC,QAAQ,CAACvC,WAAtC;AACAb,MAAAA,OAAO,GAAGA,OAAO,IAAIoD,QAAQ,CAACpD,OAA9B;AACD,KAxBC,CA0BF;;;AACAuC,IAAAA,YAAY,GAAG,8CAAwBf,UAAxB,EAAoC;AAAEkB,MAAAA;AAAF,KAApC,CAAf;AACAJ,IAAAA,iBAAiB,oBAAGC,YAAH,kDAAG,cAAcD,iBAAlC,CA5BE,CA4BmD;;AAErD,QAAI,CAACA,iBAAL,EAAwB;AACtB;AACAd,MAAAA,UAAU,CAAC6B,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAAS/B,UAAT,EAAqB;AAAEqB,QAAAA,eAAF;AAAmBH,QAAAA,KAAnB;AAA0BC,QAAAA;AAA1B,OAArB,CAA/B;AACAL,MAAAA,iBAAiB,GAAGiB,gBAAgB,CAACjB,iBAArC;AACAC,MAAAA,YAAY,GAAGgB,gBAAgB,CAACzB,IAAhC;AACAe,MAAAA,eAAe,GAAGN,YAAY,CAACM,eAA/B;AACD,KArCC,CAuCF;;;AACA/C,IAAAA,WAAW,GAAG,MAAM,4BAAW0B,UAAX,EAAuB;AAAEqB,MAAAA,eAAF;AAAmBD,MAAAA,OAAnB;AAA4BN,MAAAA;AAA5B,KAAvB,CAApB;AACAP,IAAAA,eAAe,GAAGlC,kBAAkB,CAACC,WAAD,CAApC;AACAkC,IAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAD,CAAlC,CA1CE,CA4CF;;AACAgC,IAAAA,IAAI,GAAGS,YAAP;;AAEA,QAAIQ,aAAa,KAAK,KAAlB,KAA4BlC,WAAW,IAAIb,OAA3C,CAAJ,EAAyD;AAAA;;AACvD,YAAMY,MAAqC,GAAG,EAC5C,GAAGa,OADyC;AAE5C+B,QAAAA,WAAW,EAAE1D,WAAW,CAAC2D,WAAZ,CAAwBD;AAFO,OAA9C,CADuD,CAMvD;;AACA,YAAM;AACJ1D,QAAAA,WAAW,EAAE4D,mBADT;AAEJ/B,QAAAA,QAAQ,EAAEgC,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJjC,QAAAA,QAAQ,EAAEkC;AALN,UAMF,MAAM,0BAAUhE,WAAV,EAAuBc,MAAvB,EAA+B;AAAEC,QAAAA,WAAF;AAAeb,QAAAA,OAAf;AAAwByC,QAAAA,IAAxB;AAA8BO,QAAAA;AAA9B,OAA/B,CANV;AAOAlD,MAAAA,WAAW,GAAG4D,mBAAmB,IAAI5D,WAArC,CAduD,CAgBvD;;AACA6B,MAAAA,QAAQ,GAAGgC,gBAAX;AACA/B,MAAAA,QAAQ,GAAGkC,gBAAX,CAlBuD,CAoBvD;;AACA,UAAInC,QAAJ,EAAc;AACZH,QAAAA,UAAU,CAAC6B,kBAAX,CAA8BU,eAA9B,CAA8CjE,WAAW,CAAC2D,WAA1D;AACAzB,QAAAA,cAAc,GAAGvB,iBAAiB,CAACX,WAAD,CAAlC;AACD;;AAED,UAAI8D,QAAJ,EAAc;AACZ3B,QAAAA,MAAM,GAAGC,iBAAU8B,QAAnB;AACA5B,QAAAA,sBAAsB,GAAG,IAAzB;AACAC,QAAAA,kBAAkB,GAAG,KAArB,CAHY,CAGgB;AAC7B;;AAAC,UAAIwB,QAAJ,EAAc;AACd5B,QAAAA,MAAM,GAAGC,iBAAU+B,QAAnB;AACA7B,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,oBAAItC,WAAJ,yCAAI,aAAa0C,eAAjB,EAAkC;AACvCA,QAAAA,eAAe,GAAG1C,WAAW,CAAC0C,eAA9B;;AAEA,YAAIM,qBAAqB,KAAK,KAA9B,EAAqC;AACnCb,UAAAA,MAAM,GAAGC,iBAAUgC,OAAnB;AACA9B,UAAAA,sBAAsB,GAAG,KAAzB;AACD,SAHD,MAGO;AACL;AACA,gBAAM;AACJ+B,YAAAA,QADI;AAEJC,YAAAA,YAFI;AAGJC,YAAAA,eAHI;AAIJC,YAAAA,WAJI;AAKJC,YAAAA,IALI;AAMJ5B,YAAAA;AANI,cAOFJ,YAPJ;AAQAb,UAAAA,MAAM,GAAG,MAAMF,UAAU,CAACgD,KAAX,CAAiB1B,qBAAjB,CAAuC;AACpDN,YAAAA,eADoD;AAEpD2B,YAAAA,QAFoD;AAGpDC,YAAAA,YAHoD;AAIpDC,YAAAA,eAJoD;AAKpDC,YAAAA,WALoD;AAMpD3B,YAAAA;AANoD,WAAvC,EAOZ4B,IAPY,CAAf;AASAtC,UAAAA,MAAM,GAAGC,iBAAUgC,OAAnB;AACA9B,UAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF;AACF,GA9GD,CA8GE,OAAOqC,GAAP,EAAY;AACZ;AACA,QAAI,0BAAcA,GAAd,CAAJ,EAAwB;AACtB5C,MAAAA,KAAK,GAAG4C,GAAR;AACAxC,MAAAA,MAAM,GAAGC,iBAAUwC,OAAnB;AACAtC,MAAAA,sBAAsB,GAAG,IAAzB;AACD,KAJD,MAIO;AACL;AACA,YAAMqC,GAAN;AACD;AAEF;;AAED,MAAIrC,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAAC6B,kBAAX,CAA8BC,KAA9B,CAAoC;AAAEjB,MAAAA;AAAF,KAApC;AACD,GA7IwB,CA+IzB;;;AACA,QAAM;AAAErC,IAAAA,OAAF;AAAWsB,IAAAA,OAAX;AAAoBrB,IAAAA,eAApB;AAAqC0E,IAAAA,OAArC;AAA8ClB,IAAAA;AAA9C,MAA8D3D,WAAW,IAAI,EAAnF;AACA,SAAO;AACLmC,IAAAA,MADK;AAEL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAFK;AAGL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAHK;AAIL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CAJK;AAKL,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CALK;AAML,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb,CARK;AASLW,IAAAA,eATK;AASY;AAEjB;AACAxC,IAAAA,OAZK;AAaLsB,IAAAA,OAbK;AAcLrB,IAAAA,eAdK;AAeL0E,IAAAA,OAfK;AAgBLlB,IAAAA;AAhBK,GAAP;AAkBD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate, RemediateOptions } from './remediate';\nimport { getFlowSpecification, RemediationFlow } from './flow';\nimport * as remediators from './remediators';\nimport { \n  OktaAuth,\n  IdxStatus,\n  IdxTransaction,\n  IdxFeature,\n  NextStep,\n  FlowIdentifier,\n} from '../types';\nimport { IdxResponse, isIdxResponse } from './types/idx-js';\nimport { getSavedTransactionMeta } from './transactionMeta';\nimport { ProceedOptions } from './proceed';\n\nexport type RunOptions = ProceedOptions & RemediateOptions & {\n  flow?: FlowIdentifier;\n  remediators?: RemediationFlow;\n  actions?: string[];\n  withCredentials?: boolean;\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n  const res = [];\n  const { actions, neededToProceed } = idxResponse;\n\n  if (actions['currentAuthenticator-recover']) {\n    res.push(IdxFeature.PASSWORD_RECOVERY as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n    res.push(IdxFeature.REGISTRATION as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n    res.push(IdxFeature.SOCIAL_IDP as never);\n  }\n\n  return res;\n}\n\nfunction getAvailableSteps(idxResponse: IdxResponse): NextStep[] {\n  const res = [];\n\n  const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n    // Only add concrete subclasses to the map\n    if (remediatorClass.remediationName) {\n      map[remediatorClass.remediationName] = remediatorClass;\n    }\n    return map;\n  }, {});\n\n  for (let remediation of idxResponse.neededToProceed) {\n    const T = remediatorMap[remediation.name];\n    if (T) {\n      const remediator = new T(remediation);\n      res.push (remediator.getNextStep(idxResponse.context) as never);\n    }\n  }\n\n  return res;\n}\n\nexport async function run(\n  authClient: OktaAuth, \n  options: RunOptions = {},\n): Promise<IdxTransaction> {\n  let tokens;\n  let nextStep;\n  let messages;\n  let error;\n  let meta;\n  let enabledFeatures;\n  let availableSteps;\n  let status = IdxStatus.PENDING;\n  let shouldClearTransaction = false;\n  let clearSharedStorage = true;\n  let idxResponse;\n  let interactionHandle;\n  let metaFromResp;\n  let interactionCode;\n\n  try {\n\n    let {\n      flow,\n      state,\n      scopes,\n      version,\n      remediators,\n      actions,\n      withCredentials,\n      exchangeCodeForTokens,\n      autoRemediate,\n      step\n    } = options;\n\n    // Only one flow can be operating at a time\n    flow = flow || authClient.idx.getFlow() || 'default';\n    if (flow) {\n      authClient.idx.setFlow(flow);\n      const flowSpec = getFlowSpecification(authClient, flow);\n      // Favor option values over flow spec\n      withCredentials = (typeof withCredentials !== 'undefined') ? withCredentials : flowSpec.withCredentials;\n      remediators = remediators || flowSpec.remediators;\n      actions = actions || flowSpec.actions;\n    }\n\n    // Try to resume saved transaction\n    metaFromResp = getSavedTransactionMeta(authClient, { state });\n    interactionHandle = metaFromResp?.interactionHandle; // may be undefined\n\n    if (!interactionHandle) {\n      // start a new transaction\n      authClient.transactionManager.clear();\n      const interactResponse = await interact(authClient, { withCredentials, state, scopes }); \n      interactionHandle = interactResponse.interactionHandle;\n      metaFromResp = interactResponse.meta;\n      withCredentials = metaFromResp.withCredentials;\n    }\n\n    // Introspect to get idx response\n    idxResponse = await introspect(authClient, { withCredentials, version, interactionHandle });\n    enabledFeatures = getEnabledFeatures(idxResponse);\n    availableSteps = getAvailableSteps(idxResponse);\n    \n    // Include meta in the transaction response\n    meta = metaFromResp;\n\n    if (autoRemediate !== false && (remediators || actions)) {\n      const values: remediators.RemediationValues = { \n        ...options, \n        stateHandle: idxResponse.rawIdxState.stateHandle \n      };\n\n      // Can we handle the remediations?\n      const { \n        idxResponse: idxResponseFromResp, \n        nextStep: nextStepFromResp,\n        terminal,\n        canceled,\n        messages: messagesFromResp,\n      } = await remediate(idxResponse, values, { remediators, actions, flow, step });\n      idxResponse = idxResponseFromResp || idxResponse;\n\n      // Track fields from remediation response\n      nextStep = nextStepFromResp;\n      messages = messagesFromResp;\n\n      // Save intermediate idx response in storage to reduce introspect call\n      if (nextStep) {\n        authClient.transactionManager.saveIdxResponse(idxResponse.rawIdxState);\n        availableSteps = getAvailableSteps(idxResponse);\n      }\n\n      if (terminal) {\n        status = IdxStatus.TERMINAL;\n        shouldClearTransaction = true;\n        clearSharedStorage = false; // transaction may be continued in another tab\n      } if (canceled) {\n        status = IdxStatus.CANCELED;\n        shouldClearTransaction = true;\n      } else if (idxResponse?.interactionCode) { \n        interactionCode = idxResponse.interactionCode;\n\n        if (exchangeCodeForTokens === false) {\n          status = IdxStatus.SUCCESS;\n          shouldClearTransaction = false;\n        } else {\n          // exchange the interaction code for tokens\n          const {\n            clientId,\n            codeVerifier,\n            ignoreSignature,\n            redirectUri,\n            urls,\n            scopes,\n          } = metaFromResp;\n          tokens = await authClient.token.exchangeCodeForTokens({\n            interactionCode,\n            clientId,\n            codeVerifier,\n            ignoreSignature,\n            redirectUri,\n            scopes\n          }, urls);\n\n          status = IdxStatus.SUCCESS;\n          shouldClearTransaction = true;\n        }\n      }\n    }\n  } catch (err) {\n    // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors\n    if (isIdxResponse(err)) {\n      error = err;\n      status = IdxStatus.FAILURE;\n      shouldClearTransaction = true;\n    } else {\n      // error is not an IDX response, throw it like a regular error\n      throw err;\n    }\n\n  }\n\n  if (shouldClearTransaction) {\n    authClient.transactionManager.clear({ clearSharedStorage });\n  }\n  \n  // from idx-js, used by the widget\n  const { actions, context, neededToProceed, proceed, rawIdxState } = idxResponse || {};\n  return {\n    status,\n    ...(meta && { meta }),\n    ...(enabledFeatures && { enabledFeatures }),\n    ...(availableSteps && { availableSteps }),\n    ...(tokens && { tokens: tokens.tokens }),\n    ...(nextStep && { nextStep }),\n    ...(messages && { messages }),\n    ...(error && { error }),\n    interactionCode, // if options.exchangeCodeForTokens is false\n\n    // from idx-js\n    actions,\n    context,\n    neededToProceed,\n    proceed,\n    rawIdxState,\n  };\n}\n"],"file":"run.js"}
+{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["initializeValues","options","knownOptions","values","forEach","option","initializeData","authClient","data","flow","withCredentials","remediators","actions","status","IdxStatus","PENDING","idx","getFlow","setFlow","flowSpec","getDataFromIntrospect","stateHandle","version","state","scopes","recoveryToken","activationToken","idxResponse","meta","interactionHandle","transactionManager","clear","interactResponse","getDataFromRemediate","autoRemediate","step","shouldRemediate","rawIdxState","idxResponseFromRemediation","nextStep","canceled","getTokens","interactionCode","clientId","codeVerifier","ignoreSignature","redirectUri","urls","tokenResponse","token","exchangeCodeForTokens","tokens","finalizeData","shouldClearTransaction","clearSharedStorage","enabledFeatures","availableSteps","messages","terminal","TERMINAL","CANCELED","SUCCESS","handleError","err","error","FAILURE","run","rawIdxResponse","requestDidSucceed","saveIdxResponse","context","neededToProceed","proceed","length"],"mappings":";;;;AAeA;;AACA;;AACA;;AACA;;AAEA;;AAWA;;AACA;;AAEA;;AAlCA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAgDA,SAASA,gBAAT,CAA0BC,OAA1B,EAA+C;AAC7C;AACA,QAAMC,YAAY,GAAG,CAAC,MAAD,EAAS,aAAT,EAAwB,SAAxB,EAAmC,iBAAnC,EAAsD,MAAtD,CAArB;AACA,QAAMC,MAAM,GAAG,EAAE,GAAGF;AAAL,GAAf;AACAC,EAAAA,YAAY,CAACE,OAAb,CAAqBC,MAAM,IAAI;AAC7B,WAAOF,MAAM,CAACE,MAAD,CAAb;AACD,GAFD;AAGA,SAAOF,MAAP;AACD;;AAED,SAASG,cAAT,CAAwBC,UAAxB,EAAoCC,IAApC,EAA4D;AAC1D,QAAM;AAAEP,IAAAA;AAAF,MAAcO,IAApB;AACA,MAAI;AACFC,IAAAA,IADE;AAEFC,IAAAA,eAFE;AAGFC,IAAAA,WAHE;AAIFC,IAAAA;AAJE,MAKAX,OALJ;AAOA,QAAMY,MAAM,GAAGC,iBAAUC,OAAzB,CAT0D,CAW1D;;AACAN,EAAAA,IAAI,GAAGA,IAAI,IAAIF,UAAU,CAACS,GAAX,CAAeC,OAAf,EAAR,IAAoC,SAA3C;;AACA,MAAIR,IAAJ,EAAU;AACRF,IAAAA,UAAU,CAACS,GAAX,CAAeE,OAAf,CAAuBT,IAAvB;AACA,UAAMU,QAAQ,GAAG,gCAAqBZ,UAArB,EAAiCE,IAAjC,CAAjB,CAFQ,CAGR;;AACAC,IAAAA,eAAe,GAAI,OAAOA,eAAP,KAA2B,WAA5B,GAA2CA,eAA3C,GAA6DS,QAAQ,CAACT,eAAxF;AACAC,IAAAA,WAAW,GAAGA,WAAW,IAAIQ,QAAQ,CAACR,WAAtC;AACAC,IAAAA,OAAO,GAAGA,OAAO,IAAIO,QAAQ,CAACP,OAA9B;AACD;;AACD,SAAO,EACL,GAAGJ,IADE;AAELP,IAAAA,OAAO,EAAE,EAAE,GAAGA,OAAL;AAAcQ,MAAAA,IAAd;AAAoBC,MAAAA,eAApB;AAAqCC,MAAAA,WAArC;AAAkDC,MAAAA;AAAlD,KAFJ;AAGLC,IAAAA;AAHK,GAAP;AAKD;;AAED,eAAeO,qBAAf,CAAqCb,UAArC,EAAiDC,IAAjD,EAAkF;AAChF,QAAM;AAAEP,IAAAA;AAAF,MAAcO,IAApB;AACA,QAAM;AACJa,IAAAA,WADI;AAEJX,IAAAA,eAFI;AAGJY,IAAAA,OAHI;AAIJC,IAAAA,KAJI;AAKJC,IAAAA,MALI;AAMJC,IAAAA,aANI;AAOJC,IAAAA;AAPI,MAQFzB,OARJ;AAUA,MAAI0B,WAAJ;AACA,MAAIC,IAAJ;;AAEA,MAAIP,WAAJ,EAAiB;AACfM,IAAAA,WAAW,GAAG,MAAM,4BAAWpB,UAAX,EAAuB;AAAEG,MAAAA,eAAF;AAAmBY,MAAAA,OAAnB;AAA4BD,MAAAA;AAA5B,KAAvB,CAApB;AACD,GAFD,MAEO;AAAA;;AACL;AACAO,IAAAA,IAAI,GAAG,8CAAwBrB,UAAxB,EAAoC;AAAEgB,MAAAA,KAAF;AAASE,MAAAA,aAAT;AAAwBC,MAAAA;AAAxB,KAApC,CAAP;AACA,QAAIG,iBAAiB,YAAGD,IAAH,0CAAG,MAAMC,iBAA9B,CAHK,CAG4C;;AAEjD,QAAI,CAACA,iBAAL,EAAwB;AACtB;AACAtB,MAAAA,UAAU,CAACuB,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAASzB,UAAT,EAAqB;AAClDG,QAAAA,eADkD;AAElDa,QAAAA,KAFkD;AAGlDC,QAAAA,MAHkD;AAIlDE,QAAAA,eAJkD;AAKlDD,QAAAA;AALkD,OAArB,CAA/B;AAOAI,MAAAA,iBAAiB,GAAGG,gBAAgB,CAACH,iBAArC;AACAD,MAAAA,IAAI,GAAGI,gBAAgB,CAACJ,IAAxB;AACD,KAjBI,CAmBL;;;AACAD,IAAAA,WAAW,GAAG,MAAM,4BAAWpB,UAAX,EAAuB;AAAEG,MAAAA,eAAF;AAAmBY,MAAAA,OAAnB;AAA4BO,MAAAA;AAA5B,KAAvB,CAApB;AACD;;AACD,SAAO,EAAE,GAAGrB,IAAL;AAAWmB,IAAAA,WAAX;AAAwBC,IAAAA;AAAxB,GAAP;AACD;;AAED,eAAeK,oBAAf,CAAoCzB,IAApC,EAAqE;AACnE,MAAI;AACFmB,IAAAA,WADE;AAEF1B,IAAAA,OAFE;AAGFE,IAAAA;AAHE,MAIAK,IAJJ;AAMA,QAAM;AACJ0B,IAAAA,aADI;AAEJvB,IAAAA,WAFI;AAGJC,IAAAA,OAHI;AAIJH,IAAAA,IAJI;AAKJ0B,IAAAA;AALI,MAMFlC,OANJ;AAQA,QAAMmC,eAAe,GAAIF,aAAa,KAAK,KAAlB,KAA4BvB,WAAW,IAAIC,OAAf,IAA0BuB,IAAtD,CAAzB;;AACA,MAAI,CAACC,eAAL,EAAsB;AACpB,WAAO5B,IAAP;AACD;;AAEDL,EAAAA,MAAM,GAAG,EACP,GAAGA,MADI;AAEPkB,IAAAA,WAAW,EAAEM,WAAW,CAAEU,WAAb,CAAyBhB;AAF/B,GAAT,CApBmE,CAyBnE;;AACA,QAAM;AACJM,IAAAA,WAAW,EAAEW,0BADT;AAEJC,IAAAA,QAFI;AAGJC,IAAAA;AAHI,MAIF,MAAM,0BAAUb,WAAV,EAAwBxB,MAAxB,EAAgC;AAAEQ,IAAAA,WAAF;AAAeC,IAAAA,OAAf;AAAwBH,IAAAA,IAAxB;AAA8B0B,IAAAA;AAA9B,GAAhC,CAJV;AAKAR,EAAAA,WAAW,GAAGW,0BAAd;AAEA,SAAO,EAAE,GAAG9B,IAAL;AAAWmB,IAAAA,WAAX;AAAwBY,IAAAA,QAAxB;AAAkCC,IAAAA;AAAlC,GAAP;AACD;;AAED,eAAeC,SAAf,CAAyBlC,UAAzB,EAAqCC,IAArC,EAAqE;AACnE,MAAI;AAAEoB,IAAAA,IAAF;AAAQD,IAAAA;AAAR,MAAwBnB,IAA5B;AACA,QAAM;AAAEkC,IAAAA;AAAF,MAAsBf,WAA5B;AACA,QAAM;AACJgB,IAAAA,QADI;AAEJC,IAAAA,YAFI;AAGJC,IAAAA,eAHI;AAIJC,IAAAA,WAJI;AAKJC,IAAAA,IALI;AAMJvB,IAAAA;AANI,MAOFI,IAPJ;AAQA,QAAMoB,aAAa,GAAG,MAAMzC,UAAU,CAAC0C,KAAX,CAAiBC,qBAAjB,CAAuC;AACjER,IAAAA,eADiE;AAEjEC,IAAAA,QAFiE;AAGjEC,IAAAA,YAHiE;AAIjEC,IAAAA,eAJiE;AAKjEC,IAAAA,WALiE;AAMjEtB,IAAAA;AANiE,GAAvC,EAOzBuB,IAPyB,CAA5B;AAQA,SAAOC,aAAa,CAACG,MAArB;AACD;;AAED,eAAeC,YAAf,CAA4B7C,UAA5B,EAAwCC,IAAxC,EAAyE;AACvE,MAAI;AACFP,IAAAA,OADE;AAEF0B,IAAAA,WAFE;AAGFa,IAAAA,QAHE;AAIF3B,IAAAA;AAJE,MAKAL,IALJ;AAMA,QAAM;AAAE0C,IAAAA;AAAF,MAA4BjD,OAAlC;AACA,MAAIoD,sBAAsB,GAAG,KAA7B;AACA,MAAIC,kBAAkB,GAAG,IAAzB;AACA,MAAIZ,eAAJ;AACA,MAAIS,MAAJ;AACA,MAAII,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;;AAEA,MAAI/B,WAAJ,EAAiB;AACf4B,IAAAA,eAAe,GAAG,8BAAmB5B,WAAnB,CAAlB;AACA6B,IAAAA,cAAc,GAAG,6BAAkB7B,WAAlB,CAAjB;AACA8B,IAAAA,QAAQ,GAAG,mCAAwB9B,WAAxB,CAAX;AACA+B,IAAAA,QAAQ,GAAG,8BAAmB/B,WAAnB,CAAX;AACD;;AAED,MAAI+B,QAAJ,EAAc;AACZ7C,IAAAA,MAAM,GAAGC,iBAAU6C,QAAnB;AACAN,IAAAA,sBAAsB,GAAG,IAAzB;AACAC,IAAAA,kBAAkB,GAAG,KAArB;AACD,GAJD,MAIO,IAAId,QAAJ,EAAc;AACnB3B,IAAAA,MAAM,GAAGC,iBAAU8C,QAAnB;AACAP,IAAAA,sBAAsB,GAAG,IAAzB;AACD,GAHM,MAGA,IAAI1B,WAAJ,aAAIA,WAAJ,eAAIA,WAAW,CAAEe,eAAjB,EAAkC;AACvCA,IAAAA,eAAe,GAAGf,WAAW,CAACe,eAA9B;;AACA,QAAIQ,qBAAqB,KAAK,KAA9B,EAAqC;AACnCrC,MAAAA,MAAM,GAAGC,iBAAU+C,OAAnB;AACAR,MAAAA,sBAAsB,GAAG,KAAzB;AACD,KAHD,MAGO;AACLF,MAAAA,MAAM,GAAG,MAAMV,SAAS,CAAClC,UAAD,EAAaC,IAAb,CAAxB;AACAK,MAAAA,MAAM,GAAGC,iBAAU+C,OAAnB;AACAR,MAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;;AACD,SAAO,EACL,GAAG7C,IADE;AAELK,IAAAA,MAFK;AAGL6B,IAAAA,eAHK;AAILS,IAAAA,MAJK;AAKLE,IAAAA,sBALK;AAMLC,IAAAA,kBANK;AAOLC,IAAAA,eAPK;AAQLC,IAAAA,cARK;AASLC,IAAAA,QATK;AAULC,IAAAA;AAVK,GAAP;AAYD;;AAED,SAASI,WAAT,CAAqBC,GAArB,EAA0BvD,IAA1B,EAAkD;AAChD,MAAI;AAAEwD,IAAAA,KAAF;AAASnD,IAAAA,MAAT;AAAiBwC,IAAAA;AAAjB,MAA4C7C,IAAhD,CADgD,CAGhD;;AACA,MAAI,0BAAcuD,GAAd,CAAJ,EAAwB;AACtBC,IAAAA,KAAK,GAAGD,GAAR;AACAlD,IAAAA,MAAM,GAAGC,iBAAUmD,OAAnB;AACAZ,IAAAA,sBAAsB,GAAG,IAAzB;AACD,GAJD,MAIO;AACL;AACA,UAAMU,GAAN;AACD;;AAED,SAAO,EAAE,GAAGvD,IAAL;AAAWwD,IAAAA,KAAX;AAAkBnD,IAAAA,MAAlB;AAA0BwC,IAAAA;AAA1B,GAAP;AACD;;AAEM,eAAea,GAAf,CACL3D,UADK,EAELN,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIO,IAAa,GAAG;AAClBP,IAAAA,OADkB;AAElBE,IAAAA,MAAM,EAAEH,gBAAgB,CAACC,OAAD;AAFN,GAApB;AAKAO,EAAAA,IAAI,GAAGF,cAAc,CAACC,UAAD,EAAaC,IAAb,CAArB;;AACA,MAAI;AACFA,IAAAA,IAAI,GAAG,MAAMY,qBAAqB,CAACb,UAAD,EAAaC,IAAb,CAAlC;AACAA,IAAAA,IAAI,GAAG,MAAMyB,oBAAoB,CAACzB,IAAD,CAAjC;AACD,GAHD,CAGE,OAAOuD,GAAP,EAAY;AACZvD,IAAAA,IAAI,GAAGsD,WAAW,CAACC,GAAD,EAAMvD,IAAN,CAAlB;AACD;;AACDA,EAAAA,IAAI,GAAG,MAAM4C,YAAY,CAAC7C,UAAD,EAAaC,IAAb,CAAzB;AAEA,QAAM;AACJmB,IAAAA,WADI;AAEJC,IAAAA,IAFI;AAGJyB,IAAAA,sBAHI;AAIJC,IAAAA,kBAJI;AAKJzC,IAAAA,MALI;AAMJ0C,IAAAA,eANI;AAOJC,IAAAA,cAPI;AAQJL,IAAAA,MARI;AASJZ,IAAAA,QATI;AAUJkB,IAAAA,QAVI;AAWJO,IAAAA,KAXI;AAYJtB,IAAAA;AAZI,MAaFlC,IAbJ;;AAeA,MAAI6C,sBAAJ,EAA4B;AAC1B9C,IAAAA,UAAU,CAACuB,kBAAX,CAA8BC,KAA9B,CAAoC;AAAEuB,MAAAA;AAAF,KAApC;AACD,GAFD,MAGK;AACH;AACA,8CAAoB/C,UAApB,EAAgC,EAAE,GAAGqB;AAAL,KAAhC;;AAEA,QAAID,WAAJ,EAAiB;AACf;AACA,YAAM;AAAEU,QAAAA,WAAW,EAAE8B,cAAf;AAA+BC,QAAAA;AAA/B,UAAqDzC,WAA3D;AACApB,MAAAA,UAAU,CAACuB,kBAAX,CAA8BuC,eAA9B,CAA8C;AAC5CF,QAAAA,cAD4C;AAE5CC,QAAAA;AAF4C,OAA9C;AAID;AAEF,GA9CwB,CAgDzB;;;AACA,QAAM;AAAExD,IAAAA,OAAF;AAAW0D,IAAAA,OAAX;AAAoBC,IAAAA,eAApB;AAAqCC,IAAAA,OAArC;AAA8CnC,IAAAA;AAA9C,MAA8DV,WAAW,IAAI,EAAnF;AACA,SAAO;AACLd,IAAAA,MAAM,EAAEA,MADH;AAEL,QAAIe,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAFK;AAGL,QAAI2B,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAHK;AAIL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CAJK;AAKL,QAAIL,MAAM,IAAI;AAAEA,MAAAA;AAAF,KAAd,CALK;AAML,QAAIZ,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CANK;AAOL,QAAIkB,QAAQ,IAAIA,QAAQ,CAACgB,MAArB,IAA+B;AAAEhB,MAAAA;AAAF,KAAnC,CAPK;AAQL,QAAIO,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb,CARK;AASLtB,IAAAA,eATK;AASY;AAEjB;AACA9B,IAAAA,OAAO,EAAEA,OAZJ;AAaL0D,IAAAA,OAAO,EAAEA,OAbJ;AAcLC,IAAAA,eAAe,EAAEA,eAdZ;AAeLC,IAAAA,OAAO,EAAEA,OAfJ;AAgBLnC,IAAAA,WAAW,EAAEA;AAhBR,GAAP;AAkBD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate, RemediateOptions } from './remediate';\nimport { getFlowSpecification, RemediationFlow } from './flow';\nimport * as remediators from './remediators';\nimport { \n  OktaAuthInterface,\n  IdxStatus,\n  IdxTransaction,\n  IdxFeature,\n  NextStep,\n  FlowIdentifier,\n  IdxTransactionMeta,\n  Tokens,\n  APIError,\n} from '../types';\nimport { IdxMessage, IdxResponse, isIdxResponse } from './types/idx-js';\nimport { getSavedTransactionMeta, saveTransactionMeta } from './transactionMeta';\nimport { ProceedOptions } from './proceed';\nimport { getAvailableSteps, getEnabledFeatures, getMessagesFromResponse, isTerminalResponse } from './util';\n\nexport type RunOptions = ProceedOptions & RemediateOptions & {\n  flow?: FlowIdentifier;\n  remediators?: RemediationFlow;\n  actions?: string[];\n  withCredentials?: boolean;\n}\n\ndeclare interface RunData {\n  options: RunOptions;\n  values: remediators.RemediationValues;\n  status?: IdxStatus;\n  tokens?: Tokens;\n  nextStep?: NextStep;\n  messages?: IdxMessage[];\n  error?: APIError | IdxResponse;\n  meta?: IdxTransactionMeta;\n  enabledFeatures?: IdxFeature[];\n  availableSteps?: NextStep[];\n  idxResponse?: IdxResponse;\n  canceled?: boolean;\n  interactionCode?: string;\n  shouldClearTransaction?: boolean;\n  clearSharedStorage?: boolean;\n  terminal?: boolean;\n}\n\nfunction initializeValues(options: RunOptions) {\n  // remove known options, everything else is assumed to be a value\n  const knownOptions = ['flow', 'remediators', 'actions', 'withCredentials', 'step'];\n  const values = { ...options };\n  knownOptions.forEach(option => {\n    delete values[option];\n  });\n  return values;\n}\n\nfunction initializeData(authClient, data: RunData): RunData {\n  const { options } = data;\n  let {\n    flow,\n    withCredentials,\n    remediators,\n    actions\n  } = options;\n\n  const status = IdxStatus.PENDING;\n\n  // certain options can be set by the flow specification\n  flow = flow || authClient.idx.getFlow() || 'default';\n  if (flow) {\n    authClient.idx.setFlow(flow);\n    const flowSpec = getFlowSpecification(authClient, flow);\n    // Favor option values over flow spec\n    withCredentials = (typeof withCredentials !== 'undefined') ? withCredentials : flowSpec.withCredentials;\n    remediators = remediators || flowSpec.remediators;\n    actions = actions || flowSpec.actions;\n  }\n  return { \n    ...data,\n    options: { ...options, flow, withCredentials, remediators, actions },\n    status\n  };\n}\n\nasync function getDataFromIntrospect(authClient, data: RunData): Promise<RunData> {\n  const { options } = data;\n  const {\n    stateHandle,\n    withCredentials,\n    version,\n    state,\n    scopes,\n    recoveryToken,\n    activationToken\n  } = options;\n\n  let idxResponse;\n  let meta;\n\n  if (stateHandle) {\n    idxResponse = await introspect(authClient, { withCredentials, version, stateHandle });\n  } else {\n    // Try to resume saved transaction\n    meta = getSavedTransactionMeta(authClient, { state, recoveryToken, activationToken });\n    let interactionHandle = meta?.interactionHandle; // may be undefined\n\n    if (!interactionHandle) {\n      // start a new transaction\n      authClient.transactionManager.clear();\n      const interactResponse = await interact(authClient, {\n        withCredentials,\n        state,\n        scopes,\n        activationToken,\n        recoveryToken\n      }); \n      interactionHandle = interactResponse.interactionHandle;\n      meta = interactResponse.meta;\n    }\n  \n    // Introspect to get idx response\n    idxResponse = await introspect(authClient, { withCredentials, version, interactionHandle });\n  }\n  return { ...data, idxResponse, meta };\n}\n\nasync function getDataFromRemediate(data: RunData): Promise<RunData> {\n  let {\n    idxResponse,\n    options,\n    values\n  } = data;\n\n  const {\n    autoRemediate,\n    remediators,\n    actions,\n    flow,\n    step,\n  } = options;\n  \n  const shouldRemediate = (autoRemediate !== false && (remediators || actions || step));\n  if (!shouldRemediate) {\n    return data;\n  }\n\n  values = { \n    ...values, \n    stateHandle: idxResponse!.rawIdxState.stateHandle \n  };\n\n  // Can we handle the remediations?\n  const { \n    idxResponse: idxResponseFromRemediation, \n    nextStep,\n    canceled,\n  } = await remediate(idxResponse!, values, { remediators, actions, flow, step });\n  idxResponse = idxResponseFromRemediation;\n\n  return { ...data, idxResponse, nextStep, canceled };\n}\n\nasync function getTokens(authClient, data: RunData): Promise<Tokens> {\n  let { meta, idxResponse } = data;\n  const { interactionCode } = idxResponse as IdxResponse;\n  const {\n    clientId,\n    codeVerifier,\n    ignoreSignature,\n    redirectUri,\n    urls,\n    scopes,\n  } = meta as IdxTransactionMeta;\n  const tokenResponse = await authClient.token.exchangeCodeForTokens({\n    interactionCode,\n    clientId,\n    codeVerifier,\n    ignoreSignature,\n    redirectUri,\n    scopes\n  }, urls);\n  return tokenResponse.tokens;\n}\n\nasync function finalizeData(authClient, data: RunData): Promise<RunData> {\n  let {\n    options,\n    idxResponse,\n    canceled,\n    status,\n  } = data;\n  const { exchangeCodeForTokens } = options;\n  let shouldClearTransaction = false;\n  let clearSharedStorage = true;\n  let interactionCode;\n  let tokens;\n  let enabledFeatures;\n  let availableSteps;\n  let messages;\n  let terminal;\n\n  if (idxResponse) {\n    enabledFeatures = getEnabledFeatures(idxResponse);\n    availableSteps = getAvailableSteps(idxResponse);\n    messages = getMessagesFromResponse(idxResponse);\n    terminal = isTerminalResponse(idxResponse);\n  }\n\n  if (terminal) {\n    status = IdxStatus.TERMINAL;\n    shouldClearTransaction = true;\n    clearSharedStorage = false;\n  } else if (canceled) {\n    status = IdxStatus.CANCELED;\n    shouldClearTransaction = true;\n  } else if (idxResponse?.interactionCode) { \n    interactionCode = idxResponse.interactionCode;\n    if (exchangeCodeForTokens === false) {\n      status = IdxStatus.SUCCESS;\n      shouldClearTransaction = false;\n    } else {\n      tokens = await getTokens(authClient, data);\n      status = IdxStatus.SUCCESS;\n      shouldClearTransaction = true;\n    }\n  }\n  return {\n    ...data,\n    status,\n    interactionCode,\n    tokens,\n    shouldClearTransaction,\n    clearSharedStorage,\n    enabledFeatures,\n    availableSteps,\n    messages,\n    terminal\n  };\n}\n\nfunction handleError(err, data: RunData): RunData {\n  let { error, status, shouldClearTransaction } = data;\n\n  // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors\n  if (isIdxResponse(err)) {\n    error = err;\n    status = IdxStatus.FAILURE;\n    shouldClearTransaction = true;\n  } else {\n    // error is not an IDX response, throw it like a regular error\n    throw err;\n  }\n\n  return { ...data, error, status, shouldClearTransaction };\n}\n\nexport async function run(\n  authClient: OktaAuthInterface, \n  options: RunOptions = {},\n): Promise<IdxTransaction> {\n  let data: RunData = {\n    options,\n    values: initializeValues(options)\n  };\n\n  data = initializeData(authClient, data);\n  try {\n    data = await getDataFromIntrospect(authClient, data);\n    data = await getDataFromRemediate(data);\n  } catch (err) {\n    data = handleError(err, data);\n  }\n  data = await finalizeData(authClient, data);\n\n  const {\n    idxResponse,\n    meta,\n    shouldClearTransaction,\n    clearSharedStorage,\n    status,\n    enabledFeatures,\n    availableSteps,\n    tokens,\n    nextStep,\n    messages,\n    error,\n    interactionCode\n  } = data;\n\n  if (shouldClearTransaction) {\n    authClient.transactionManager.clear({ clearSharedStorage });\n  }\n  else {\n    // ensures state is saved to sessionStorage\n    saveTransactionMeta(authClient, { ...meta });\n\n    if (idxResponse) {\n      // Save intermediate idx response in storage to reduce introspect call\n      const { rawIdxState: rawIdxResponse, requestDidSucceed } = idxResponse;\n      authClient.transactionManager.saveIdxResponse({\n        rawIdxResponse,\n        requestDidSucceed\n      });\n    }\n\n  }\n  \n  // from idx-js, used by the widget\n  const { actions, context, neededToProceed, proceed, rawIdxState } = idxResponse || {};\n  return {\n    status: status!,\n    ...(meta && { meta }),\n    ...(enabledFeatures && { enabledFeatures }),\n    ...(availableSteps && { availableSteps }),\n    ...(tokens && { tokens }),\n    ...(nextStep && { nextStep }),\n    ...(messages && messages.length && { messages }),\n    ...(error && { error }),\n    interactionCode, // if options.exchangeCodeForTokens is false\n\n    // from idx-js\n    actions: actions!,\n    context: context!,\n    neededToProceed: neededToProceed!,\n    proceed: proceed!,\n    rawIdxState: rawIdxState!,\n  };\n}\n"],"file":"run.js"}

package/cjs/idx/startTransaction.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear","exchangeCodeForTokens"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB;AACAD,EAAAA,UAAU,CAACE,kBAAX,CAA8BC,KAA9B;AAEA,SAAO,cAAIH,UAAJ,EAAgB;AACrBI,IAAAA,qBAAqB,EAAE,KADF;AAErB,OAAGH;AAFkB,GAAhB,CAAP;AAID","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run, RunOptions } from './run';\nimport { OktaAuth, IdxTransaction } from '../types';\n\nexport async function startTransaction(\n  authClient: OktaAuth, \n  options: RunOptions = {}\n): Promise<IdxTransaction> {\n  // Clear IDX response cache and saved transaction meta (if any)\n  authClient.transactionManager.clear();\n\n  return run(authClient, {\n    exchangeCodeForTokens: false,\n    ...options\n  });\n}\n"],"file":"startTransaction.js"}
+{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear","exchangeCodeForTokens"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AACzB;AACAD,EAAAA,UAAU,CAACE,kBAAX,CAA8BC,KAA9B;AAEA,SAAO,cAAIH,UAAJ,EAAgB;AACrBI,IAAAA,qBAAqB,EAAE,KADF;AAErB,OAAGH;AAFkB,GAAhB,CAAP;AAID","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run, RunOptions } from './run';\nimport { OktaAuthInterface, IdxTransaction } from '../types';\n\nexport async function startTransaction(\n  authClient: OktaAuthInterface, \n  options: RunOptions = {}\n): Promise<IdxTransaction> {\n  // Clear IDX response cache and saved transaction meta (if any)\n  authClient.transactionManager.clear();\n\n  return run(authClient, {\n    exchangeCodeForTokens: false,\n    ...options\n  });\n}\n"],"file":"startTransaction.js"}