@okta/okta-auth-js 6.0.0 → 6.3.0

package/cjs/idx/transactionMeta.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","options","tokenParams","token","prepareTokenParams","pkceMeta","flow","withCredentials","activationToken","undefined","recoveryToken","meta","hasSavedInteractionHandle","savedMeta","getSavedTransactionMeta","interactionHandle","transactionManager","load","e","isTransactionMetaValid","getTransactionMeta","validExistingMeta","saveTransactionMeta","save","muteWarning","clearTransactionMeta","clear","keys","isTransactionMetaValidForOptions","isTransactionMetaValidForFlow","shouldValidateFlow","mismatch","some","key","value"],"mappings":";;;;;;;;;;;;AAcA;;AACA;;AAfA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,qBAAf,CACLC,UADK,EAELC,OAA+B,GAAG,EAF7B,EAGwB;AAC7B,QAAMC,WAAW,GAAG,MAAMF,UAAU,CAACG,KAAX,CAAiBC,kBAAjB,CAAoCH,OAApC,CAA1B;AACA,QAAMI,QAAQ,GAAG,2BAAgBL,UAAhB,EAA4BE,WAA5B,CAAjB;AACA,MAAI;AACFI,IAAAA,IAAI,GAAG,SADL;AAEFC,IAAAA,eAAe,GAAG,IAFhB;AAGFC,IAAAA,eAAe,GAAGC,SAHhB;AAIFC,IAAAA,aAAa,GAAGD;AAJd,MAKA,EAAE,GAAGT,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GALJ,CAH6B,CAQc;;AAE3C,QAAMU,IAAwB,GAAG,EAC/B,GAAGN,QAD4B;AAE/BC,IAAAA,IAF+B;AAG/BC,IAAAA,eAH+B;AAI/BC,IAAAA,eAJ+B;AAK/BE,IAAAA;AAL+B,GAAjC;AAOA,SAAOC,IAAP;AACD;;AAEM,SAASC,yBAAT,CAAmCZ,UAAnC,EAAyDC,OAAzD,EAAoG;AACzG,QAAMY,SAAS,GAAGC,uBAAuB,CAACd,UAAD,EAAaC,OAAb,CAAzC;;AACA,MAAIY,SAAJ,aAAIA,SAAJ,eAAIA,SAAS,CAAEE,iBAAf,EAAkC;AAChC,WAAO,IAAP;AACD;;AACD,SAAO,KAAP;AACD,C,CAED;;;AACO,SAASD,uBAAT,CACLd,UADK,EAELC,OAFK,EAG2B;AAChCA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AACAA,EAAAA,OAAO,GAAG,EAAE,GAAGD,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GAAV,CAFgC,CAEiB;;AACjD,MAAIY,SAAJ;;AACA,MAAI;AACFA,IAAAA,SAAS,GAAGb,UAAU,CAACgB,kBAAX,CAA8BC,IAA9B,CAAmChB,OAAnC,CAAZ;AACD,GAFD,CAEE,OAAOiB,CAAP,EAAU,CACV;AACD;;AAED,MAAI,CAACL,SAAL,EAAgB;AACd;AACD;;AAED,MAAIM,sBAAsB,CAACN,SAAD,EAAYZ,OAAZ,CAA1B,EAAgD;AAC9C,WAAOY,SAAP;AACD,GAhB+B,CAkBhC;AACA;AACA;;;AACA,kBAAK,sEACH,4DADF;AAGD;;AAEM,eAAeO,kBAAf,CACLpB,UADK,EAELC,OAFK,EAGwB;AAC7BA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AACAA,EAAAA,OAAO,GAAG,EAAE,GAAGD,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GAAV,CAF6B,CAEoB;AACjD;;AACA,QAAMoB,iBAAiB,GAAGP,uBAAuB,CAACd,UAAD,EAAaC,OAAb,CAAjD;;AACA,MAAIoB,iBAAJ,EAAuB;AACrB,WAAOA,iBAAP;AACD,GAP4B,CAQ7B;;;AACA,SAAOtB,qBAAqB,CAACC,UAAD,EAAaC,OAAb,CAA5B;AACD;;AAEM,SAASqB,mBAAT,CAA8BtB,UAA9B,EAAoDW,IAApD,EAAgE;AACrEX,EAAAA,UAAU,CAACgB,kBAAX,CAA8BO,IAA9B,CAAmCZ,IAAnC,EAAyC;AAAEa,IAAAA,WAAW,EAAE;AAAf,GAAzC;AACD;;AAEM,SAASC,oBAAT,CAA+BzB,UAA/B,EAA2D;AAChEA,EAAAA,UAAU,CAACgB,kBAAX,CAA8BU,KAA9B;AACD;;AAEM,SAASP,sBAAT,CAAiCR,IAAjC,EAAuCV,OAA+B,GAAI,EAA1E,EAAuF;AAC5F;AACA,QAAM0B,IAAI,GAAG,CACX,QADW,EAEX,UAFW,EAGX,aAHW,EAIX,OAJW,EAKX,eALW,EAMX,qBANW,EAOX,iBAPW,EAQX,eARW,CAAb;;AAUA,MAAIC,gCAAgC,CAACjB,IAAD,EAAOV,OAAP,EAAgB0B,IAAhB,CAAhC,KAA0D,KAA9D,EAAqE;AACnE,WAAO,KAAP;AACD,GAd2F,CAgB5F;;;AACA,QAAM;AAAErB,IAAAA;AAAF,MAAWL,OAAjB;;AACA,MAAI4B,6BAA6B,CAAClB,IAAD,EAAOL,IAAP,CAA7B,KAA8C,KAAlD,EAAyD;AACvD,WAAO,KAAP;AACD;;AAED,SAAO,IAAP;AACD;;AAEM,SAASuB,6BAAT,CAAuClB,IAAvC,EAA6CL,IAA7C,EAAmD;AACxD;AACA,QAAMwB,kBAAkB,GAAGxB,IAAI,IAAIA,IAAI,KAAK,SAAjB,IAA8BA,IAAI,KAAK,SAAlE;;AACA,MAAIwB,kBAAJ,EAAwB;AACtB,QAAIxB,IAAI,KAAKK,IAAI,CAACL,IAAlB,EAAwB;AACtB;AACA,aAAO,KAAP;AACD;AACF;;AACD,SAAO,IAAP;AACD;;AAEM,SAASsB,gCAAT,CAA0CjB,IAA1C,EAAgDV,OAAhD,EAAyD0B,IAAzD,EAA+D;AACpE;AACA;AACA,QAAMI,QAAQ,GAAGJ,IAAI,CAACK,IAAL,CAAUC,GAAG,IAAI;AAChC,UAAMC,KAAK,GAAGjC,OAAO,CAACgC,GAAD,CAArB;;AACA,QAAIC,KAAK,IAAIA,KAAK,KAAKvB,IAAI,CAACsB,GAAD,CAA3B,EAAkC;AAChC,aAAO,IAAP;AACD;AACF,GALgB,CAAjB;AAMA,SAAO,CAACF,QAAR;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuth, IdxTransactionMeta, TransactionMetaOptions, PKCETransactionMeta } from '../types';\nimport { removeNils, warn } from '../util';\nimport { createOAuthMeta } from '../oidc';\n\n// Calculate new values\nexport async function createTransactionMeta(\n  authClient: OktaAuth,\n  options: TransactionMetaOptions = {}\n): Promise<IdxTransactionMeta> {\n  const tokenParams = await authClient.token.prepareTokenParams(options);\n  const pkceMeta = createOAuthMeta(authClient, tokenParams) as PKCETransactionMeta;\n  let {\n    flow = 'default',\n    withCredentials = true,\n    activationToken = undefined,\n    recoveryToken = undefined,\n  } = { ...authClient.options, ...options }; // local options override SDK options\n\n  const meta: IdxTransactionMeta = {\n    ...pkceMeta,\n    flow,\n    withCredentials,\n    activationToken,\n    recoveryToken,\n  };\n  return meta;\n}\n\nexport function hasSavedInteractionHandle(authClient: OktaAuth, options?: TransactionMetaOptions): boolean {\n  const savedMeta = getSavedTransactionMeta(authClient, options);\n  if (savedMeta?.interactionHandle) {\n    return true;\n  }\n  return false;\n}\n\n// Returns the saved transaction meta, if it exists and is valid\nexport function getSavedTransactionMeta(\n  authClient: OktaAuth,\n  options?: TransactionMetaOptions\n): IdxTransactionMeta | undefined {\n  options = removeNils(options);\n  options = { ...authClient.options, ...options }; // local options override SDK options\n  let savedMeta;\n  try {\n    savedMeta = authClient.transactionManager.load(options) as IdxTransactionMeta;\n  } catch (e) {\n    // ignore errors here\n  }\n\n  if (!savedMeta) {\n    return;\n  }\n\n  if (isTransactionMetaValid(savedMeta, options)) {\n    return savedMeta;\n  }\n\n  // existing meta is not valid for this configuration\n  // this is common when changing configuration in local development environment\n  // in a production environment, this may indicate that two apps are sharing a storage key\n  warn('Saved transaction meta does not match the current configuration. ' + \n    'This may indicate that two apps are sharing a storage key.');\n\n}\n\nexport async function getTransactionMeta(\n  authClient: OktaAuth,\n  options?: TransactionMetaOptions\n): Promise<IdxTransactionMeta> {\n  options = removeNils(options);\n  options = { ...authClient.options, ...options }; // local options override SDK options\n  // Load existing transaction meta from storage\n  const validExistingMeta = getSavedTransactionMeta(authClient, options);\n  if (validExistingMeta) {\n    return validExistingMeta;\n  }\n  // No existing? Create new transaction meta.\n  return createTransactionMeta(authClient, options);\n}\n\nexport function saveTransactionMeta (authClient: OktaAuth, meta): void {\n  authClient.transactionManager.save(meta, { muteWarning: true });\n}\n\nexport function clearTransactionMeta (authClient: OktaAuth): void {\n  authClient.transactionManager.clear();\n}\n\nexport function isTransactionMetaValid (meta, options: TransactionMetaOptions  = {}): boolean {\n  // Validate against certain options. If these exist in options, they must match in meta\n  const keys = [\n    'issuer',\n    'clientId',\n    'redirectUri',\n    'state',\n    'codeChallenge',\n    'codeChallengeMethod',\n    'activationToken',\n    'recoveryToken'\n  ];\n  if (isTransactionMetaValidForOptions(meta, options, keys) === false) {\n    return false;\n  }\n\n  // Validate configured flow\n  const { flow } = options;\n  if (isTransactionMetaValidForFlow(meta, flow) === false) {\n    return false;\n  }\n\n  return true;\n}\n\nexport function isTransactionMetaValidForFlow(meta, flow) {\n  // Specific flows should not share transaction data\n  const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';\n  if (shouldValidateFlow) {\n    if (flow !== meta.flow) {\n      // The flow has changed; abandon the old transaction\n      return false;\n    }\n  }\n  return true;\n}\n\nexport function isTransactionMetaValidForOptions(meta, options, keys) {\n  // returns false if values in meta do not match options\n  // if the option does not have a value for a specific key, it is ignored\n  const mismatch = keys.some(key => {\n    const value = options[key];\n    if (value && value !== meta[key]) {\n      return true;\n    }\n  });\n  return !mismatch;\n}\n"],"file":"transactionMeta.js"}
+{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","options","tokenParams","token","prepareTokenParams","pkceMeta","flow","withCredentials","activationToken","undefined","recoveryToken","meta","hasSavedInteractionHandle","savedMeta","getSavedTransactionMeta","interactionHandle","transactionManager","load","e","isTransactionMetaValid","getTransactionMeta","validExistingMeta","saveTransactionMeta","save","muteWarning","clearTransactionMeta","clear","keys","isTransactionMetaValidForOptions","isTransactionMetaValidForFlow","shouldValidateFlow","mismatch","some","key","value"],"mappings":";;;;;;;;;;;;AAcA;;AACA;;AAfA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,qBAAf,CACLC,UADK,EAELC,OAA+B,GAAG,EAF7B,EAGwB;AAC7B,QAAMC,WAAW,GAAG,MAAMF,UAAU,CAACG,KAAX,CAAiBC,kBAAjB,CAAoCH,OAApC,CAA1B;AACA,QAAMI,QAAQ,GAAG,2BAAgBL,UAAhB,EAA4BE,WAA5B,CAAjB;AACA,MAAI;AACFI,IAAAA,IAAI,GAAG,SADL;AAEFC,IAAAA,eAAe,GAAG,IAFhB;AAGFC,IAAAA,eAAe,GAAGC,SAHhB;AAIFC,IAAAA,aAAa,GAAGD;AAJd,MAKA,EAAE,GAAGT,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GALJ,CAH6B,CAQc;;AAE3C,QAAMU,IAAwB,GAAG,EAC/B,GAAGN,QAD4B;AAE/BC,IAAAA,IAF+B;AAG/BC,IAAAA,eAH+B;AAI/BC,IAAAA,eAJ+B;AAK/BE,IAAAA;AAL+B,GAAjC;AAOA,SAAOC,IAAP;AACD;;AAEM,SAASC,yBAAT,CAAmCZ,UAAnC,EAAkEC,OAAlE,EAA6G;AAClH,QAAMY,SAAS,GAAGC,uBAAuB,CAACd,UAAD,EAAaC,OAAb,CAAzC;;AACA,MAAIY,SAAJ,aAAIA,SAAJ,eAAIA,SAAS,CAAEE,iBAAf,EAAkC;AAChC,WAAO,IAAP;AACD;;AACD,SAAO,KAAP;AACD,C,CAED;;;AACO,SAASD,uBAAT,CACLd,UADK,EAELC,OAFK,EAG2B;AAChCA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AACAA,EAAAA,OAAO,GAAG,EAAE,GAAGD,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GAAV,CAFgC,CAEiB;;AACjD,MAAIY,SAAJ;;AACA,MAAI;AACFA,IAAAA,SAAS,GAAGb,UAAU,CAACgB,kBAAX,CAA8BC,IAA9B,CAAmChB,OAAnC,CAAZ;AACD,GAFD,CAEE,OAAOiB,CAAP,EAAU,CACV;AACD;;AAED,MAAI,CAACL,SAAL,EAAgB;AACd;AACD;;AAED,MAAIM,sBAAsB,CAACN,SAAD,EAAYZ,OAAZ,CAA1B,EAAgD;AAC9C,WAAOY,SAAP;AACD,GAhB+B,CAkBhC;AACA;AACA;;;AACA,kBAAK,sEACH,4DADF;AAGD;;AAEM,eAAeO,kBAAf,CACLpB,UADK,EAELC,OAFK,EAGwB;AAC7BA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AACAA,EAAAA,OAAO,GAAG,EAAE,GAAGD,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GAAV,CAF6B,CAEoB;AACjD;;AACA,QAAMoB,iBAAiB,GAAGP,uBAAuB,CAACd,UAAD,EAAaC,OAAb,CAAjD;;AACA,MAAIoB,iBAAJ,EAAuB;AACrB,WAAOA,iBAAP;AACD,GAP4B,CAQ7B;;;AACA,SAAOtB,qBAAqB,CAACC,UAAD,EAAaC,OAAb,CAA5B;AACD;;AAEM,SAASqB,mBAAT,CAA8BtB,UAA9B,EAA6DW,IAA7D,EAAyE;AAC9EX,EAAAA,UAAU,CAACgB,kBAAX,CAA8BO,IAA9B,CAAmCZ,IAAnC,EAAyC;AAAEa,IAAAA,WAAW,EAAE;AAAf,GAAzC;AACD;;AAEM,SAASC,oBAAT,CAA+BzB,UAA/B,EAAoE;AACzEA,EAAAA,UAAU,CAACgB,kBAAX,CAA8BU,KAA9B;AACD;;AAEM,SAASP,sBAAT,CAAiCR,IAAjC,EAAuCV,OAA+B,GAAI,EAA1E,EAAuF;AAC5F;AACA,QAAM0B,IAAI,GAAG,CACX,QADW,EAEX,UAFW,EAGX,aAHW,EAIX,OAJW,EAKX,eALW,EAMX,qBANW,EAOX,iBAPW,EAQX,eARW,CAAb;;AAUA,MAAIC,gCAAgC,CAACjB,IAAD,EAAOV,OAAP,EAAgB0B,IAAhB,CAAhC,KAA0D,KAA9D,EAAqE;AACnE,WAAO,KAAP;AACD,GAd2F,CAgB5F;;;AACA,QAAM;AAAErB,IAAAA;AAAF,MAAWL,OAAjB;;AACA,MAAI4B,6BAA6B,CAAClB,IAAD,EAAOL,IAAP,CAA7B,KAA8C,KAAlD,EAAyD;AACvD,WAAO,KAAP;AACD;;AAED,SAAO,IAAP;AACD;;AAEM,SAASuB,6BAAT,CAAuClB,IAAvC,EAA6CL,IAA7C,EAAmD;AACxD;AACA,QAAMwB,kBAAkB,GAAGxB,IAAI,IAAIA,IAAI,KAAK,SAAjB,IAA8BA,IAAI,KAAK,SAAlE;;AACA,MAAIwB,kBAAJ,EAAwB;AACtB,QAAIxB,IAAI,KAAKK,IAAI,CAACL,IAAlB,EAAwB;AACtB;AACA,aAAO,KAAP;AACD;AACF;;AACD,SAAO,IAAP;AACD;;AAEM,SAASsB,gCAAT,CAA0CjB,IAA1C,EAAgDV,OAAhD,EAAyD0B,IAAzD,EAA+D;AACpE;AACA;AACA,QAAMI,QAAQ,GAAGJ,IAAI,CAACK,IAAL,CAAUC,GAAG,IAAI;AAChC,UAAMC,KAAK,GAAGjC,OAAO,CAACgC,GAAD,CAArB;;AACA,QAAIC,KAAK,IAAIA,KAAK,KAAKvB,IAAI,CAACsB,GAAD,CAA3B,EAAkC;AAChC,aAAO,IAAP;AACD;AACF,GALgB,CAAjB;AAMA,SAAO,CAACF,QAAR;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuthInterface, IdxTransactionMeta, TransactionMetaOptions, PKCETransactionMeta } from '../types';\nimport { removeNils, warn } from '../util';\nimport { createOAuthMeta } from '../oidc';\n\n// Calculate new values\nexport async function createTransactionMeta(\n  authClient: OktaAuthInterface,\n  options: TransactionMetaOptions = {}\n): Promise<IdxTransactionMeta> {\n  const tokenParams = await authClient.token.prepareTokenParams(options);\n  const pkceMeta = createOAuthMeta(authClient, tokenParams) as PKCETransactionMeta;\n  let {\n    flow = 'default',\n    withCredentials = true,\n    activationToken = undefined,\n    recoveryToken = undefined,\n  } = { ...authClient.options, ...options }; // local options override SDK options\n\n  const meta: IdxTransactionMeta = {\n    ...pkceMeta,\n    flow,\n    withCredentials,\n    activationToken,\n    recoveryToken,\n  };\n  return meta;\n}\n\nexport function hasSavedInteractionHandle(authClient: OktaAuthInterface, options?: TransactionMetaOptions): boolean {\n  const savedMeta = getSavedTransactionMeta(authClient, options);\n  if (savedMeta?.interactionHandle) {\n    return true;\n  }\n  return false;\n}\n\n// Returns the saved transaction meta, if it exists and is valid\nexport function getSavedTransactionMeta(\n  authClient: OktaAuthInterface,\n  options?: TransactionMetaOptions\n): IdxTransactionMeta | undefined {\n  options = removeNils(options);\n  options = { ...authClient.options, ...options }; // local options override SDK options\n  let savedMeta;\n  try {\n    savedMeta = authClient.transactionManager.load(options) as IdxTransactionMeta;\n  } catch (e) {\n    // ignore errors here\n  }\n\n  if (!savedMeta) {\n    return;\n  }\n\n  if (isTransactionMetaValid(savedMeta, options)) {\n    return savedMeta;\n  }\n\n  // existing meta is not valid for this configuration\n  // this is common when changing configuration in local development environment\n  // in a production environment, this may indicate that two apps are sharing a storage key\n  warn('Saved transaction meta does not match the current configuration. ' + \n    'This may indicate that two apps are sharing a storage key.');\n\n}\n\nexport async function getTransactionMeta(\n  authClient: OktaAuthInterface,\n  options?: TransactionMetaOptions\n): Promise<IdxTransactionMeta> {\n  options = removeNils(options);\n  options = { ...authClient.options, ...options }; // local options override SDK options\n  // Load existing transaction meta from storage\n  const validExistingMeta = getSavedTransactionMeta(authClient, options);\n  if (validExistingMeta) {\n    return validExistingMeta;\n  }\n  // No existing? Create new transaction meta.\n  return createTransactionMeta(authClient, options);\n}\n\nexport function saveTransactionMeta (authClient: OktaAuthInterface, meta): void {\n  authClient.transactionManager.save(meta, { muteWarning: true });\n}\n\nexport function clearTransactionMeta (authClient: OktaAuthInterface): void {\n  authClient.transactionManager.clear();\n}\n\nexport function isTransactionMetaValid (meta, options: TransactionMetaOptions  = {}): boolean {\n  // Validate against certain options. If these exist in options, they must match in meta\n  const keys = [\n    'issuer',\n    'clientId',\n    'redirectUri',\n    'state',\n    'codeChallenge',\n    'codeChallengeMethod',\n    'activationToken',\n    'recoveryToken'\n  ];\n  if (isTransactionMetaValidForOptions(meta, options, keys) === false) {\n    return false;\n  }\n\n  // Validate configured flow\n  const { flow } = options;\n  if (isTransactionMetaValidForFlow(meta, flow) === false) {\n    return false;\n  }\n\n  return true;\n}\n\nexport function isTransactionMetaValidForFlow(meta, flow) {\n  // Specific flows should not share transaction data\n  const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';\n  if (shouldValidateFlow) {\n    if (flow !== meta.flow) {\n      // The flow has changed; abandon the old transaction\n      return false;\n    }\n  }\n  return true;\n}\n\nexport function isTransactionMetaValidForOptions(meta, options, keys) {\n  // returns false if values in meta do not match options\n  // if the option does not have a value for a specific key, it is ignored\n  const mismatch = keys.some(key => {\n    const value = options[key];\n    if (value && value !== meta[key]) {\n      return true;\n    }\n  });\n  return !mismatch;\n}\n"],"file":"transactionMeta.js"}

package/cjs/idx/types/idx-js.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/idx/types/idx-js.ts"],"names":["isRawIdxResponse","obj","version","isIdxResponse","rawIdxState"],"mappings":";;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA;AAsIA;AAaO,SAASA,gBAAT,CAA0BC,GAA1B,EAA2D;AAChE,SAAOA,GAAG,IAAIA,GAAG,CAACC,OAAlB;AACD;;AAoBM,SAASC,aAAT,CAAuBF,GAAvB,EAAqD;AAC1D,SAAOA,GAAG,IAAID,gBAAgB,CAACC,GAAG,CAACG,WAAL,CAA9B;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n// TODO: remove when idx-js provides type information\n\nexport interface IdxAuthenticatorMethod {\n  type: string;\n}\nexport interface IdxAuthenticator {\n  displayName: string;\n  id: string;\n  key: string;\n  methods: IdxAuthenticatorMethod[];\n  type: string;\n  settings?: {\n    complexity?: unknown;\n    age?: unknown;\n  };\n  contextualData?: {\n    enrolledQuestion?: {\n      question: string;\n      questionKey: string;\n    };\n    qrcode?: { \n      href: string; \n      method: string; \n      type: string; \n    };\n    sharedSecret?: string;\n    questions?: {\n      questionKey: string;\n      question: string;\n    }[];\n    questionKeys?: string[];\n    selectedChannel?: string;\n  };\n}\n\nexport interface IdxForm {\n  value: IdxRemediationValue[];\n}\n\nexport interface IdxOption {\n  value: string | { form: IdxForm };\n  label: string;\n  relatesTo?: IdxAuthenticator;\n}\n\nexport interface IdpConfig {\n  id: string;\n  name: string;\n}\n\nexport interface IdxRemediationValueForm {\n  form: IdxForm;\n}\n\nexport interface IdxRemediationValue {\n  name: string;\n  type?: string;\n  required?: boolean;\n  secret?: boolean;\n  visible?: boolean;\n  mutable?: boolean;\n  value?: string | IdxRemediationValueForm;\n  label?: string;\n  form?: IdxForm;\n  options?: IdxOption[];\n  messages?: IdxMessages;\n  minLength?: number;\n  maxLength?: number;\n}\n\nexport interface IdxRemediation {\n  name: string;\n  label?: string;\n  value?: IdxRemediationValue[];\n  relatesTo?: {\n    type?: string;\n    value: IdxAuthenticator;\n  };\n  idp?: IdpConfig;\n  href?: string;\n  method?: string;\n  type?: string;\n  accepts?: string;\n  refresh?: number;\n}\n\nexport interface IdxContext {\n  version: string;\n  stateHandle: string;\n  expiresAt: string;\n  intent: string;\n  currentAuthenticator: {\n    type: string;\n    value: IdxAuthenticator;\n  };\n  authenticators: {\n    type: string;\n    value: IdxAuthenticator[];\n  };\n  authenticatorEnrollments: {\n    type: string;\n    value: IdxAuthenticator[];\n  };\n  enrollmentAuthenticator: {\n    type: string;\n    value: IdxAuthenticator;\n  };\n  user: {\n    type: string;\n    value: Record<string, unknown>;\n  };\n  app: {\n    type: string;\n    value: Record<string, unknown>;\n  };\n  messages?: IdxMessages;\n  success?: IdxRemediation;\n  failure?: IdxRemediation;\n}\n\nexport interface IdxMessage {\n  message: string;\n  class: string;\n  i18n: {\n    key: string;\n    params?: unknown[];\n  };\n}\n\nexport interface IdxMessages {\n  type: 'array';\n  value: IdxMessage[];\n}\n\n// JSON response from the server\nexport interface RawIdxResponse {\n  version: string;\n  stateHandle: string;\n  intent?: string;\n  expiresAt?: string;\n  remediation?: {\n    type: 'array';\n    value: IdxRemediation[];\n  };\n  messages?: IdxMessages;\n}\n\nexport function isRawIdxResponse(obj: any): obj is RawIdxResponse {\n  return obj && obj.version;\n}\n\n\nexport interface IdxActions {\n  [key: string]: Function;\n}\n\n// Object returned from idx-js\nexport interface IdxResponse {\n  proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n  neededToProceed: IdxRemediation[];\n  rawIdxState: RawIdxResponse;\n  interactionCode?: string;\n  actions: IdxActions;\n  toPersist: {\n    interactionHandle?: string;\n  };\n  context?: IdxContext;\n}\n\nexport function isIdxResponse(obj: any): obj is IdxResponse {\n  return obj && isRawIdxResponse(obj.rawIdxState);\n}\n"],"file":"idx-js.js"}
+{"version":3,"sources":["../../../../lib/idx/types/idx-js.ts"],"names":["isRawIdxResponse","obj","version","isIdxResponse","rawIdxState"],"mappings":";;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA;AA2KA;AAeO,SAASA,gBAAT,CAA0BC,GAA1B,EAA2D;AAChE,SAAOA,GAAG,IAAIA,GAAG,CAACC,OAAlB;AACD;;AAqBM,SAASC,aAAT,CAAuBF,GAAvB,EAAqD;AAC1D,SAAOA,GAAG,IAAID,gBAAgB,CAACC,GAAG,CAACG,WAAL,CAA9B;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n// TODO: remove when idx-js provides type information\n\nexport interface ChallengeData {\n  challenge: string; \n  userVerification: string; \n  extensions?: {\n    appid: string;\n  };\n}\nexport interface ActivationData {\n  challenge: string;\n  rp: {\n    name: string;\n  };\n  user: {\n    id: string;\n    name: string;\n    displayName: string;\n  };\n  pubKeyCredParams: {\n    type: string;\n    alg: number;\n  }[];\n  attestation?: string;\n  authenticatorSelection?: {\n    userVerification?: string;\n    authenticatorAttachment?: string;\n    requireResidentKey?: boolean;\n    residentKey?: string;\n  };\n  excludeCredentials?: {\n    id: string;\n    type: string;\n  }[];\n}\nexport interface IdxAuthenticatorMethod {\n  type: string;\n}\nexport interface IdxAuthenticator {\n  displayName: string;\n  id: string;\n  key: string;\n  methods: IdxAuthenticatorMethod[];\n  type: string;\n  settings?: {\n    complexity?: unknown;\n    age?: unknown;\n  };\n  contextualData?: {\n    enrolledQuestion?: {\n      question: string;\n      questionKey: string;\n    };\n    qrcode?: { \n      href: string; \n      method: string; \n      type: string; \n    };\n    sharedSecret?: string;\n    questions?: {\n      questionKey: string;\n      question: string;\n    }[];\n    questionKeys?: string[];\n    selectedChannel?: string;\n    activationData?: ActivationData;\n    challengeData?: ChallengeData;\n  };\n  credentialId?: string;\n  enrollmentId?: string;\n}\n\nexport interface IdxForm {\n  value: IdxRemediationValue[];\n}\n\nexport interface IdxOption {\n  value: string | { form: IdxForm };\n  label: string;\n  relatesTo?: IdxAuthenticator;\n}\n\nexport interface IdpConfig {\n  id: string;\n  name: string;\n}\n\nexport interface IdxRemediationValueForm {\n  form: IdxForm;\n}\n\nexport interface IdxRemediationValue {\n  name: string;\n  type?: string;\n  required?: boolean;\n  secret?: boolean;\n  visible?: boolean;\n  mutable?: boolean;\n  value?: string | IdxRemediationValueForm;\n  label?: string;\n  form?: IdxForm;\n  options?: IdxOption[];\n  messages?: IdxMessages;\n  minLength?: number;\n  maxLength?: number;\n}\n\nexport interface IdxRemediation {\n  name: string;\n  label?: string;\n  value?: IdxRemediationValue[];\n  relatesTo?: {\n    type?: string;\n    value: IdxAuthenticator;\n  };\n  idp?: IdpConfig;\n  href?: string;\n  method?: string;\n  type?: string;\n  accepts?: string;\n  refresh?: number;\n}\n\nexport interface IdxContext {\n  version: string;\n  stateHandle: string;\n  expiresAt: string;\n  intent: string;\n  currentAuthenticator: {\n    type: string;\n    value: IdxAuthenticator;\n  };\n  authenticators: {\n    type: string;\n    value: IdxAuthenticator[];\n  };\n  authenticatorEnrollments: {\n    type: string;\n    value: IdxAuthenticator[];\n  };\n  enrollmentAuthenticator: {\n    type: string;\n    value: IdxAuthenticator;\n  };\n  user: {\n    type: string;\n    value: Record<string, unknown>;\n  };\n  app: {\n    type: string;\n    value: Record<string, unknown>;\n  };\n  messages?: IdxMessages;\n  success?: IdxRemediation;\n  failure?: IdxRemediation;\n}\n\nexport interface IdxMessage {\n  message: string;\n  class: string;\n  i18n: {\n    key: string;\n    params?: unknown[];\n  };\n}\n\nexport interface IdxMessages {\n  type: 'array';\n  value: IdxMessage[];\n}\n\n// JSON response from the server\nexport interface RawIdxResponse {\n  version: string;\n  stateHandle: string;\n  intent?: string;\n  expiresAt?: string;\n  remediation?: {\n    type: 'array';\n    value: IdxRemediation[];\n  };\n  messages?: IdxMessages;\n  success?: boolean;\n  successWithInteractionCode?: IdxRemediation;\n}\n\nexport function isRawIdxResponse(obj: any): obj is RawIdxResponse {\n  return obj && obj.version;\n}\n\n\nexport interface IdxActions {\n  [key: string]: () => Promise<IdxResponse>;\n}\n\n// Object returned from auth-js\nexport interface IdxResponse {\n  proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n  neededToProceed: IdxRemediation[];\n  rawIdxState: RawIdxResponse;\n  interactionCode?: string;\n  actions: IdxActions;\n  toPersist: {\n    interactionHandle?: string;\n  };\n  context?: IdxContext;\n  requestDidSucceed?: boolean;\n}\n\nexport function isIdxResponse(obj: any): obj is IdxResponse {\n  return obj && isRawIdxResponse(obj.rawIdxState);\n}\n"],"file":"idx-js.js"}

package/cjs/idx/types/index.js

@@ -1,21 +1,58 @@
 "use strict";
 
-Object.defineProperty(exports, "IdxTransactionMeta", {
+exports.isAuthenticator = isAuthenticator;
+Object.defineProperty(exports, "IdxAuthenticator", {
   enumerable: true,
   get: function () {
-    return _Transaction.IdxTransactionMeta;
+    return _idxJs.IdxAuthenticator;
   }
 });
-Object.defineProperty(exports, "FlowIdentifier", {
+Object.defineProperty(exports, "IdxMessage", {
   enumerable: true,
   get: function () {
-    return _FlowIdentifier.FlowIdentifier;
+    return _idxJs.IdxMessage;
   }
 });
-Object.defineProperty(exports, "IdxMessage", {
+Object.defineProperty(exports, "IdxMessages", {
   enumerable: true,
   get: function () {
-    return _idxJs.IdxMessage;
+    return _idxJs.IdxMessages;
+  }
+});
+Object.defineProperty(exports, "ChallengeData", {
+  enumerable: true,
+  get: function () {
+    return _idxJs.ChallengeData;
+  }
+});
+Object.defineProperty(exports, "ActivationData", {
+  enumerable: true,
+  get: function () {
+    return _idxJs.ActivationData;
+  }
+});
+Object.defineProperty(exports, "IdxResponse", {
+  enumerable: true,
+  get: function () {
+    return _idxJs.IdxResponse;
+  }
+});
+Object.defineProperty(exports, "IdxContext", {
+  enumerable: true,
+  get: function () {
+    return _idxJs.IdxContext;
+  }
+});
+Object.defineProperty(exports, "RawIdxResponse", {
+  enumerable: true,
+  get: function () {
+    return _idxJs.RawIdxResponse;
+  }
+});
+Object.defineProperty(exports, "FlowIdentifier", {
+  enumerable: true,
+  get: function () {
+    return _FlowIdentifier.FlowIdentifier;
   }
 });
 Object.defineProperty(exports, "AuthenticationOptions", {
@@ -36,6 +73,12 @@ Object.defineProperty(exports, "PasswordRecoveryOptions", {
     return _recoverPassword.PasswordRecoveryOptions;
   }
 });
+Object.defineProperty(exports, "AccountUnlockOptions", {
+  enumerable: true,
+  get: function () {
+    return _unlockAccount.AccountUnlockOptions;
+  }
+});
 Object.defineProperty(exports, "ProceedOptions", {
   enumerable: true,
   get: function () {
@@ -48,32 +91,56 @@ Object.defineProperty(exports, "CancelOptions", {
     return _cancel.CancelOptions;
   }
 });
+Object.defineProperty(exports, "RemediateOptions", {
+  enumerable: true,
+  get: function () {
+    return _remediate.RemediateOptions;
+  }
+});
 Object.defineProperty(exports, "EmailVerifyCallbackResponse", {
   enumerable: true,
   get: function () {
     return _emailVerify.EmailVerifyCallbackResponse;
   }
 });
+Object.defineProperty(exports, "WebauthnEnrollValues", {
+  enumerable: true,
+  get: function () {
+    return _WebauthnEnrollment.WebauthnEnrollValues;
+  }
+});
+Object.defineProperty(exports, "WebauthnVerificationValues", {
+  enumerable: true,
+  get: function () {
+    return _WebauthnVerification.WebauthnVerificationValues;
+  }
+});
 exports.IdxFeature = exports.AuthenticatorKey = exports.IdxStatus = void 0;
 
-var _Transaction = require("../../types/Transaction");
+var _idxJs = require("./idx-js");
 
 var _FlowIdentifier = require("./FlowIdentifier");
 
-var _idxJs = require("./idx-js");
-
 var _authenticate = require("../authenticate");
 
 var _register = require("../register");
 
 var _recoverPassword = require("../recoverPassword");
 
+var _unlockAccount = require("../unlockAccount");
+
 var _proceed = require("../proceed");
 
 var _cancel = require("../cancel");
 
+var _remediate = require("../remediate");
+
 var _emailVerify = require("../emailVerify");
 
+var _WebauthnEnrollment = require("../authenticator/WebauthnEnrollment");
+
+var _WebauthnVerification = require("../authenticator/WebauthnVerification");
+
 /*!
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -106,6 +173,7 @@ exports.AuthenticatorKey = AuthenticatorKey;
   AuthenticatorKey["GOOGLE_AUTHENTICATOR"] = "google_otp";
   AuthenticatorKey["SECURITY_QUESTION"] = "security_question";
   AuthenticatorKey["OKTA_VERIFY"] = "okta_verify";
+  AuthenticatorKey["WEBAUTHN"] = "webauthn";
 })(AuthenticatorKey || (exports.AuthenticatorKey = AuthenticatorKey = {}));
 
 let IdxFeature;
@@ -115,5 +183,10 @@ exports.IdxFeature = IdxFeature;
   IdxFeature["PASSWORD_RECOVERY"] = "recover-password";
   IdxFeature["REGISTRATION"] = "enroll-profile";
   IdxFeature["SOCIAL_IDP"] = "redirect-idp";
+  IdxFeature["ACCOUNT_UNLOCK"] = "unlock-account";
 })(IdxFeature || (exports.IdxFeature = IdxFeature = {}));
+
+function isAuthenticator(obj) {
+  return obj && (obj.key || obj.id);
+}
 //# sourceMappingURL=index.js.map

package/cjs/idx/types/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/idx/types/index.ts"],"names":["IdxStatus","AuthenticatorKey","IdxFeature"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgBA;;AAYA;;AAEA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAGA;;AAtCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IA8BYA,S;;;WAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;GAAAA,S,yBAAAA,S;;IAQAC,gB;;;WAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;GAAAA,gB,gCAAAA,gB;;IA4BAC,U;;;WAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;GAAAA,U,0BAAAA,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { InteractOptions } from '../interact';\nimport { IntrospectOptions } from '../introspect';\nimport { APIError, Tokens } from '../../types';\nimport { IdxTransactionMeta } from '../../types/Transaction';\nimport { \n  IdxActions, \n  IdxAuthenticator, \n  IdxContext,\n  IdxForm,\n  IdxMessage, \n  IdxOption, \n  IdxRemediation, \n  IdxResponse, \n  RawIdxResponse \n} from './idx-js';\nimport { FlowIdentifier } from './FlowIdentifier';\n\nexport { IdxMessage } from './idx-js';\nexport { AuthenticationOptions } from '../authenticate';\nexport { RegistrationOptions } from '../register';\nexport { PasswordRecoveryOptions } from '../recoverPassword';\nexport { ProceedOptions } from '../proceed';\nexport { CancelOptions } from '../cancel';\nexport { FlowIdentifier };\nexport { IdxTransactionMeta };\nexport { EmailVerifyCallbackResponse } from '../emailVerify';\n\nexport enum IdxStatus {\n  SUCCESS = 'SUCCESS',\n  PENDING = 'PENDING',\n  FAILURE = 'FAILURE',\n  TERMINAL = 'TERMINAL',\n  CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n  OKTA_PASSWORD = 'okta_password',\n  OKTA_EMAIL = 'okta_email',\n  PHONE_NUMBER = 'phone_number',\n  GOOGLE_AUTHENTICATOR = 'google_otp',\n  SECURITY_QUESTION = 'security_question',\n  OKTA_VERIFY = 'okta_verify'\n}\n\nexport type Input = {\n  name: string;\n  type?: string;\n  label?: string;\n  value?: string | {form: IdxForm};\n  secret?: boolean;\n  required?: boolean;\n}\n\nexport type NextStep = {\n  name: string;\n  authenticator?: IdxAuthenticator;\n  canSkip?: boolean;\n  canResend?: boolean;\n  inputs?: Input[];\n  options?: IdxOption[];\n  poll?: IdxPollOptions;\n}\n\nexport enum IdxFeature {\n  PASSWORD_RECOVERY = 'recover-password',\n  REGISTRATION = 'enroll-profile',\n  SOCIAL_IDP = 'redirect-idp',\n}\n\nexport interface IdxTransaction {\n  status: IdxStatus;\n  tokens?: Tokens;\n  nextStep?: NextStep;\n  messages?: IdxMessage[];\n  error?: APIError;\n  meta?: IdxTransactionMeta;\n  enabledFeatures?: IdxFeature[];\n  availableSteps?: NextStep[];\n\n  // from idx-js, used by signin widget\n  proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n  neededToProceed: IdxRemediation[];\n  rawIdxState: RawIdxResponse;\n  interactionCode?: string;\n  actions: IdxActions;\n  context: IdxContext;\n}\n\nexport type IdxOptions = InteractOptions & IntrospectOptions & {\n  flow?: FlowIdentifier;\n  exchangeCodeForTokens?: boolean;\n  autoRemediate?: boolean;\n};\n\nexport interface IdxPollOptions {\n  required?: boolean;\n  refresh?: number;\n}\n\nexport type Authenticator = {\n  key: string;\n  methodType?: string;\n  phoneNumber?: string;\n};\n"],"file":"index.js"}
+{"version":3,"sources":["../../../../lib/idx/types/index.ts"],"names":["IdxStatus","AuthenticatorKey","IdxFeature","isAuthenticator","obj","key","id"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiBA;;AAWA;;AAWA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAGA;;AACA;;AACA;;AAlDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IA0CYA,S;;;WAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;GAAAA,S,yBAAAA,S;;IAQAC,gB;;;WAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;GAAAA,gB,gCAAAA,gB;;IAgCAC,U;;;WAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;GAAAA,U,0BAAAA,U;;AAsDL,SAASC,eAAT,CAAyBC,GAAzB,EAAyD;AAC9D,SAAOA,GAAG,KAAKA,GAAG,CAACC,GAAJ,IAAWD,GAAG,CAACE,EAApB,CAAV;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { InteractOptions } from '../interact';\nimport { IntrospectOptions } from '../introspect';\nimport { APIError, Tokens } from '../../types';\nimport { PKCETransactionMeta } from '../../types/Transaction';\nimport { \n  IdxActions, \n  IdxAuthenticator, \n  IdxContext,\n  IdxForm,\n  IdxMessage, \n  IdxOption, \n  IdxRemediation, \n  IdxResponse, \n  RawIdxResponse \n} from './idx-js';\nimport { FlowIdentifier } from './FlowIdentifier';\n\nexport {\n  IdxMessage,\n  IdxMessages,\n  ChallengeData,\n  ActivationData,\n  IdxResponse,\n  IdxContext,\n  RawIdxResponse\n} from './idx-js';\nexport { AuthenticationOptions } from '../authenticate';\nexport { RegistrationOptions } from '../register';\nexport { PasswordRecoveryOptions } from '../recoverPassword';\nexport { AccountUnlockOptions } from '../unlockAccount';\nexport { ProceedOptions } from '../proceed';\nexport { CancelOptions } from '../cancel';\nexport { RemediateOptions } from '../remediate';\nexport { FlowIdentifier };\nexport { IdxAuthenticator };\nexport { EmailVerifyCallbackResponse } from '../emailVerify';\nexport { WebauthnEnrollValues } from '../authenticator/WebauthnEnrollment';\nexport { WebauthnVerificationValues } from '../authenticator/WebauthnVerification';\n\nexport enum IdxStatus {\n  SUCCESS = 'SUCCESS',\n  PENDING = 'PENDING',\n  FAILURE = 'FAILURE',\n  TERMINAL = 'TERMINAL',\n  CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n  OKTA_PASSWORD = 'okta_password',\n  OKTA_EMAIL = 'okta_email',\n  PHONE_NUMBER = 'phone_number',\n  GOOGLE_AUTHENTICATOR = 'google_otp',\n  SECURITY_QUESTION = 'security_question',\n  OKTA_VERIFY = 'okta_verify',\n  WEBAUTHN = 'webauthn',\n}\n\nexport type Input = {\n  name: string;\n  type?: string;\n  label?: string;\n  value?: string | {form: IdxForm};\n  minLength?: number;\n  maxLength?: number;\n  secret?: boolean;\n  required?: boolean;\n}\n\nexport type NextStep = {\n  name: string;\n  authenticator?: IdxAuthenticator;\n  canSkip?: boolean;\n  canResend?: boolean;\n  inputs?: Input[];\n  options?: IdxOption[];\n  poll?: IdxPollOptions;\n  authenticatorEnrollments?: IdxAuthenticator[];\n}\n\nexport enum IdxFeature {\n  PASSWORD_RECOVERY = 'recover-password',\n  REGISTRATION = 'enroll-profile',\n  SOCIAL_IDP = 'redirect-idp',\n  ACCOUNT_UNLOCK = 'unlock-account',\n}\n\nexport interface IdxTransactionMeta extends PKCETransactionMeta {\n  interactionHandle?: string;\n  remediations?: string[];\n  flow?: FlowIdentifier;\n  withCredentials?: boolean;\n  activationToken?: string;\n  recoveryToken?: string;\n}\n\nexport interface IdxTransaction {\n  status: IdxStatus;\n  tokens?: Tokens;\n  nextStep?: NextStep;\n  messages?: IdxMessage[];\n  error?: APIError | IdxResponse;\n  meta?: IdxTransactionMeta;\n  enabledFeatures?: IdxFeature[];\n  availableSteps?: NextStep[];\n\n  // from idx-js, used by signin widget\n  proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n  neededToProceed: IdxRemediation[];\n  rawIdxState: RawIdxResponse;\n  interactionCode?: string;\n  actions: IdxActions;\n  context: IdxContext;\n}\n\nexport type IdxOptions = InteractOptions & IntrospectOptions & {\n  flow?: FlowIdentifier;\n  exchangeCodeForTokens?: boolean;\n  autoRemediate?: boolean;\n  step?: string;\n};\n\nexport interface IdxPollOptions {\n  required?: boolean;\n  refresh?: number;\n}\n\nexport type Authenticator = {\n  id?: string;\n  key?: string;\n  methodType?: string;\n  phoneNumber?: string;\n};\n\nexport function isAuthenticator(obj: any): obj is Authenticator {\n  return obj && (obj.key || obj.id);\n}\n"],"file":"index.js"}

package/cjs/idx/unlockAccount.js

@@ -0,0 +1,48 @@
+"use strict";
+
+var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
+
+exports.unlockAccount = unlockAccount;
+
+var _includes = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/includes"));
+
+var _run = require("./run");
+
+var _transactionMeta = require("./transactionMeta");
+
+var _startTransaction = require("./startTransaction");
+
+var _errors = require("../errors");
+
+var _types = require("../types");
+
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * 
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+async function unlockAccount(authClient, options = {}) {
+  options.flow = 'unlockAccount'; // Only check at the beginning of the transaction
+
+  if (!(0, _transactionMeta.hasSavedInteractionHandle)(authClient)) {
+    const {
+      enabledFeatures
+    } = await (0, _startTransaction.startTransaction)(authClient, { ...options,
+      autoRemediate: false
+    });
+
+    if (enabledFeatures && !(0, _includes.default)(enabledFeatures).call(enabledFeatures, _types.IdxFeature.ACCOUNT_UNLOCK)) {
+      throw new _errors.AuthSdkError('Self Service Account Unlock is not supported based on your current org configuration.');
+    }
+  }
+
+  return (0, _run.run)(authClient, { ...options
+  });
+}
+//# sourceMappingURL=unlockAccount.js.map

package/cjs/idx/unlockAccount.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../lib/idx/unlockAccount.ts"],"names":["unlockAccount","authClient","options","flow","enabledFeatures","autoRemediate","IdxFeature","ACCOUNT_UNLOCK","AuthSdkError"],"mappings":";;;;;;;;AAaA;;AACA;;AACA;;AAQA;;AACA;;AAxBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA4BO,eAAeA,aAAf,CACLC,UADK,EAC0BC,OAA6B,GAAG,EAD1D,EAEoB;AACzBA,EAAAA,OAAO,CAACC,IAAR,GAAe,eAAf,CADyB,CAGzB;;AACA,MAAI,CAAC,gDAA0BF,UAA1B,CAAL,EAA4C;AAC1C,UAAM;AAAEG,MAAAA;AAAF,QAAsB,MAAM,wCAAiBH,UAAjB,EAA6B,EAAE,GAAGC,OAAL;AAAcG,MAAAA,aAAa,EAAE;AAA7B,KAA7B,CAAlC;;AACA,QAAID,eAAe,IAAI,CAAC,uBAAAA,eAAe,MAAf,CAAAA,eAAe,EAAUE,kBAAWC,cAArB,CAAvC,EAA6E;AAC3E,YAAM,IAAIC,oBAAJ,CACJ,uFADI,CAAN;AAGD;AACF;;AAED,SAAO,cAAIP,UAAJ,EAAgB,EAAE,GAAGC;AAAL,GAAhB,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { hasSavedInteractionHandle } from './transactionMeta';\nimport { startTransaction } from './startTransaction';\nimport {\n  IdentifyValues,\n  SelectAuthenticatorUnlockAccountValues,\n  SelectAuthenticatorAuthenticateValues,\n  ChallengeAuthenticatorValues,\n  AuthenticatorVerificationDataValues\n} from './remediators';\nimport { AuthSdkError } from '../errors';\nimport { \n  OktaAuthInterface, \n  IdxOptions, \n  IdxTransaction,\n  IdxFeature,\n} from '../types';\n\nexport type AccountUnlockOptions = IdxOptions\n  & IdentifyValues\n  & SelectAuthenticatorUnlockAccountValues\n  & SelectAuthenticatorAuthenticateValues\n  & ChallengeAuthenticatorValues\n  & AuthenticatorVerificationDataValues;\n\nexport async function unlockAccount(\n  authClient: OktaAuthInterface, options: AccountUnlockOptions = {}\n): Promise<IdxTransaction> {\n  options.flow = 'unlockAccount';\n\n  // Only check at the beginning of the transaction\n  if (!hasSavedInteractionHandle(authClient)) {\n    const { enabledFeatures } = await startTransaction(authClient, { ...options, autoRemediate: false });\n    if (enabledFeatures && !enabledFeatures.includes(IdxFeature.ACCOUNT_UNLOCK)) {\n      throw new AuthSdkError(\n        'Self Service Account Unlock is not supported based on your current org configuration.'\n      );\n    }\n  }\n\n  return run(authClient, { ...options });\n}\n"],"file":"unlockAccount.js"}

package/cjs/idx/util.js

@@ -0,0 +1,198 @@
+"use strict";
+
+var _WeakMap = require("@babel/runtime-corejs3/core-js-stable/weak-map");
+
+var _Object$getOwnPropertyDescriptor = require("@babel/runtime-corejs3/core-js-stable/object/get-own-property-descriptor");
+
+var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
+
+exports.isTerminalResponse = isTerminalResponse;
+exports.canSkipFn = canSkipFn;
+exports.canResendFn = canResendFn;
+exports.getMessagesFromIdxRemediationValue = getMessagesFromIdxRemediationValue;
+exports.getMessagesFromResponse = getMessagesFromResponse;
+exports.getEnabledFeatures = getEnabledFeatures;
+exports.getAvailableSteps = getAvailableSteps;
+exports.filterValuesForRemediation = filterValuesForRemediation;
+
+var _keys = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/keys"));
+
+var _includes = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/includes"));
+
+var _reduce = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/reduce"));
+
+var _map = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/map"));
+
+var _values = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/values"));
+
+var remediators = _interopRequireWildcard(require("./remediators"));
+
+var _types = require("./types");
+
+function _getRequireWildcardCache(nodeInterop) { if (typeof _WeakMap !== "function") return null; var cacheBabelInterop = new _WeakMap(); var cacheNodeInterop = new _WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && _Object$getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? _Object$getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+
+function isTerminalResponse(idxResponse) {
+  const {
+    neededToProceed,
+    interactionCode
+  } = idxResponse;
+  return !neededToProceed.length && !interactionCode;
+}
+
+function canSkipFn(idxResponse) {
+  return idxResponse.neededToProceed.some(({
+    name
+  }) => name === 'skip');
+}
+
+function canResendFn(idxResponse) {
+  return (0, _keys.default)(idxResponse.actions).some(actionName => (0, _includes.default)(actionName).call(actionName, 'resend'));
+}
+
+function getMessagesFromIdxRemediationValue(value) {
+  if (!value || !Array.isArray(value)) {
+    return;
+  }
+
+  return (0, _reduce.default)(value).call(value, (messages, value) => {
+    if (value.messages) {
+      messages = [...messages, ...value.messages.value];
+    }
+
+    if (value.form) {
+      const messagesFromForm = getMessagesFromIdxRemediationValue(value.form.value) || [];
+      messages = [...messages, ...messagesFromForm];
+    }
+
+    if (value.options) {
+      let optionValues = [];
+      value.options.forEach(option => {
+        if (!option.value || typeof option.value === 'string') {
+          return;
+        }
+
+        optionValues = [...optionValues, option.value];
+      });
+      const messagesFromOptions = getMessagesFromIdxRemediationValue(optionValues) || [];
+      messages = [...messages, ...messagesFromOptions];
+    }
+
+    return messages;
+  }, []);
+}
+
+function getMessagesFromResponse(idxResponse) {
+  var _rawIdxState$messages, _context;
+
+  let messages = [];
+  const {
+    rawIdxState,
+    neededToProceed
+  } = idxResponse; // Handle global messages
+
+  const globalMessages = (_rawIdxState$messages = rawIdxState.messages) === null || _rawIdxState$messages === void 0 ? void 0 : (0, _map.default)(_context = _rawIdxState$messages.value).call(_context, message => message);
+
+  if (globalMessages) {
+    messages = [...messages, ...globalMessages];
+  } // Handle field messages for current flow
+
+
+  for (let remediation of neededToProceed) {
+    const fieldMessages = getMessagesFromIdxRemediationValue(remediation.value);
+
+    if (fieldMessages) {
+      messages = [...messages, ...fieldMessages];
+    }
+  } // API may return identical error on same field, filter by i18n key
+
+
+  const seen = {};
+  messages = (0, _reduce.default)(messages).call(messages, (filtered, message) => {
+    var _message$i18n;
+
+    const key = (_message$i18n = message.i18n) === null || _message$i18n === void 0 ? void 0 : _message$i18n.key;
+
+    if (key && seen[key]) {
+      return filtered;
+    }
+
+    seen[key] = message;
+    filtered = [...filtered, message];
+    return filtered;
+  }, []);
+  return messages;
+}
+
+function getEnabledFeatures(idxResponse) {
+  const res = [];
+  const {
+    actions,
+    neededToProceed
+  } = idxResponse;
+
+  if (actions['currentAuthenticator-recover']) {
+    res.push(_types.IdxFeature.PASSWORD_RECOVERY);
+  }
+
+  if (neededToProceed.some(({
+    name
+  }) => name === 'select-enroll-profile')) {
+    res.push(_types.IdxFeature.REGISTRATION);
+  }
+
+  if (neededToProceed.some(({
+    name
+  }) => name === 'redirect-idp')) {
+    res.push(_types.IdxFeature.SOCIAL_IDP);
+  }
+
+  if (neededToProceed.some(({
+    name
+  }) => name === 'unlock-account')) {
+    res.push(_types.IdxFeature.ACCOUNT_UNLOCK);
+  }
+
+  return res;
+}
+
+function getAvailableSteps(idxResponse) {
+  var _context2;
+
+  const res = [];
+  const remediatorMap = (0, _reduce.default)(_context2 = (0, _values.default)(remediators)).call(_context2, (map, remediatorClass) => {
+    // Only add concrete subclasses to the map
+    if (remediatorClass.remediationName) {
+      map[remediatorClass.remediationName] = remediatorClass;
+    }
+
+    return map;
+  }, {});
+
+  for (let remediation of idxResponse.neededToProceed) {
+    const T = remediatorMap[remediation.name];
+
+    if (T) {
+      const remediator = new T(remediation);
+      res.push(remediator.getNextStep(idxResponse.context));
+    }
+  }
+
+  return res;
+}
+
+function filterValuesForRemediation(idxResponse, values) {
+  var _context3;
+
+  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+  const valuesForRemediation = (0, _reduce.default)(_context3 = idxResponse.neededToProceed[0].value).call(_context3, (res, entry) => {
+    const {
+      name
+    } = entry;
+    res[name] = values[name];
+    return res;
+  }, {});
+  return valuesForRemediation;
+}
+//# sourceMappingURL=util.js.map

package/cjs/idx/util.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../lib/idx/util.ts"],"names":["isTerminalResponse","idxResponse","neededToProceed","interactionCode","length","canSkipFn","some","name","canResendFn","actions","actionName","getMessagesFromIdxRemediationValue","value","Array","isArray","messages","form","messagesFromForm","options","optionValues","forEach","option","messagesFromOptions","getMessagesFromResponse","rawIdxState","globalMessages","message","remediation","fieldMessages","seen","filtered","key","i18n","getEnabledFeatures","res","push","IdxFeature","PASSWORD_RECOVERY","REGISTRATION","SOCIAL_IDP","ACCOUNT_UNLOCK","getAvailableSteps","remediatorMap","remediators","map","remediatorClass","remediationName","T","remediator","getNextStep","context","filterValuesForRemediation","values","valuesForRemediation","entry"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;AAEA;;;;;;AAGO,SAASA,kBAAT,CAA4BC,WAA5B,EAAsD;AAC3D,QAAM;AAAEC,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA7C;AACA,SAAO,CAACC,eAAe,CAACE,MAAjB,IAA2B,CAACD,eAAnC;AACD;;AAEM,SAASE,SAAT,CAAmBJ,WAAnB,EAA6C;AAClD,SAAOA,WAAW,CAACC,eAAZ,CAA4BI,IAA5B,CAAiC,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,MAAxD,CAAP;AACD;;AAEM,SAASC,WAAT,CAAqBP,WAArB,EAA+C;AACpD,SAAO,mBAAYA,WAAW,CAACQ,OAAxB,EAAiCH,IAAjC,CAAsCI,UAAU,IAAI,uBAAAA,UAAU,MAAV,CAAAA,UAAU,EAAU,QAAV,CAA9D,CAAP;AACD;;AAEM,SAASC,kCAAT,CACLC,KADK,EAEqB;AAC1B,MAAI,CAACA,KAAD,IAAU,CAACC,KAAK,CAACC,OAAN,CAAcF,KAAd,CAAf,EAAqC;AACnC;AACD;;AACD,SAAO,qBAAAA,KAAK,MAAL,CAAAA,KAAK,EAAQ,CAACG,QAAD,EAAWH,KAAX,KAAqB;AACvC,QAAIA,KAAK,CAACG,QAAV,EAAoB;AAClBA,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGH,KAAK,CAACG,QAAN,CAAeH,KAAhC,CAAX;AACD;;AACD,QAAIA,KAAK,CAACI,IAAV,EAAgB;AACd,YAAMC,gBAAgB,GAAGN,kCAAkC,CAACC,KAAK,CAACI,IAAN,CAAWJ,KAAZ,CAAlC,IAAwD,EAAjF;AACAG,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGE,gBAAjB,CAAX;AACD;;AACD,QAAIL,KAAK,CAACM,OAAV,EAAmB;AACjB,UAAIC,YAAY,GAAG,EAAnB;AACAP,MAAAA,KAAK,CAACM,OAAN,CAAcE,OAAd,CAAsBC,MAAM,IAAI;AAC9B,YAAI,CAACA,MAAM,CAACT,KAAR,IAAiB,OAAOS,MAAM,CAACT,KAAd,KAAwB,QAA7C,EAAuD;AACrD;AACD;;AACDO,QAAAA,YAAY,GAAG,CAAC,GAAGA,YAAJ,EAAkBE,MAAM,CAACT,KAAzB,CAAf;AACD,OALD;AAMA,YAAMU,mBAAmB,GAAGX,kCAAkC,CAACQ,YAAD,CAAlC,IAAoD,EAAhF;AACAJ,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGO,mBAAjB,CAAX;AACD;;AACD,WAAOP,QAAP;AACD,GApBW,EAoBT,EApBS,CAAZ;AAqBD;;AAEM,SAASQ,uBAAT,CAAiCtB,WAAjC,EAAyE;AAAA;;AAC9E,MAAIc,QAAsB,GAAG,EAA7B;AACA,QAAM;AAAES,IAAAA,WAAF;AAAetB,IAAAA;AAAf,MAAmCD,WAAzC,CAF8E,CAI9E;;AACA,QAAMwB,cAAc,4BAAGD,WAAW,CAACT,QAAf,0DAAG,mDAAsBH,KAAtB,iBAAgCc,OAAO,IAAIA,OAA3C,CAAvB;;AACA,MAAID,cAAJ,EAAoB;AAClBV,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGU,cAAjB,CAAX;AACD,GAR6E,CAU9E;;;AACA,OAAK,IAAIE,WAAT,IAAwBzB,eAAxB,EAAyC;AACvC,UAAM0B,aAAa,GAAGjB,kCAAkC,CAACgB,WAAW,CAACf,KAAb,CAAxD;;AACA,QAAIgB,aAAJ,EAAmB;AACjBb,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGa,aAAjB,CAAX;AACD;AACF,GAhB6E,CAkB9E;;;AACA,QAAMC,IAAI,GAAG,EAAb;AACAd,EAAAA,QAAQ,GAAG,qBAAAA,QAAQ,MAAR,CAAAA,QAAQ,EAAQ,CAACe,QAAD,EAAWJ,OAAX,KAAuB;AAAA;;AAChD,UAAMK,GAAG,oBAAGL,OAAO,CAACM,IAAX,kDAAG,cAAcD,GAA1B;;AACA,QAAIA,GAAG,IAAIF,IAAI,CAACE,GAAD,CAAf,EAAsB;AACpB,aAAOD,QAAP;AACD;;AACDD,IAAAA,IAAI,CAACE,GAAD,CAAJ,GAAYL,OAAZ;AACAI,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAcJ,OAAd,CAAX;AACA,WAAOI,QAAP;AACD,GARkB,EAQhB,EARgB,CAAnB;AASA,SAAOf,QAAP;AACD;;AAGM,SAASkB,kBAAT,CAA4BhC,WAA5B,EAAoE;AACzE,QAAMiC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEzB,IAAAA,OAAF;AAAWP,IAAAA;AAAX,MAA+BD,WAArC;;AAEA,MAAIQ,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CyB,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAInC,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxE2B,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWE,YAApB;AACD;;AAED,MAAIpC,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/D2B,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWG,UAApB;AACD;;AAED,MAAIrC,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,gBAA5C,CAAJ,EAAmE;AACjE2B,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWI,cAApB;AACD;;AAED,SAAON,GAAP;AACD;;AAEM,SAASO,iBAAT,CAA2BxC,WAA3B,EAAiE;AAAA;;AACtE,QAAMiC,GAAG,GAAG,EAAZ;AAEA,QAAMQ,aAAa,GAAG,sDAAcC,WAAd,mBAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIjB,WAAT,IAAwB1B,WAAW,CAACC,eAApC,EAAqD;AACnD,UAAM6C,CAAC,GAAGL,aAAa,CAACf,WAAW,CAACpB,IAAb,CAAvB;;AACA,QAAIwC,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMpB,WAAN,CAAnB;AACAO,MAAAA,GAAG,CAACC,IAAJ,CAAUa,UAAU,CAACC,WAAX,CAAuBhD,WAAW,CAACiD,OAAnC,CAAV;AACD;AACF;;AAED,SAAOhB,GAAP;AACD;;AAEM,SAASiB,0BAAT,CAAoClD,WAApC,EAA8DmD,MAA9D,EAA4G;AAAA;;AACjH;AACA,QAAMC,oBAAoB,GAAG,iCAAApD,WAAW,CAACC,eAAZ,CAA6B,CAA7B,EAAiCU,KAAjC,kBAA+C,CAACsB,GAAD,EAAMoB,KAAN,KAAgB;AAC1F,UAAM;AAAE/C,MAAAA;AAAF,QAAW+C,KAAjB;AACApB,IAAAA,GAAG,CAAC3B,IAAD,CAAH,GAAY6C,MAAM,CAAC7C,IAAD,CAAlB;AACA,WAAO2B,GAAP;AACD,GAJ4B,EAI1B,EAJ0B,CAA7B;AAKA,SAAOmB,oBAAP;AACD","sourcesContent":["import * as remediators from './remediators';\nimport { RemediationValues } from './remediators';\nimport { IdxFeature, NextStep } from './types';\nimport { IdxMessage, IdxRemediationValue, IdxResponse } from './types/idx-js';\n\nexport function isTerminalResponse(idxResponse: IdxResponse) {\n  const { neededToProceed, interactionCode } = idxResponse;\n  return !neededToProceed.length && !interactionCode;\n}\n\nexport function canSkipFn(idxResponse: IdxResponse) {\n  return idxResponse.neededToProceed.some(({ name }) => name === 'skip');\n}\n\nexport function canResendFn(idxResponse: IdxResponse) {\n  return Object.keys(idxResponse.actions).some(actionName => actionName.includes('resend'));\n}\n\nexport function getMessagesFromIdxRemediationValue(\n  value?: IdxRemediationValue[]\n): IdxMessage[] | undefined {\n  if (!value || !Array.isArray(value)) {\n    return;\n  }\n  return value.reduce((messages, value) => {\n    if (value.messages) {\n      messages = [...messages, ...value.messages.value] as never;\n    }\n    if (value.form) {\n      const messagesFromForm = getMessagesFromIdxRemediationValue(value.form.value) || [];\n      messages = [...messages, ...messagesFromForm] as never;\n    } \n    if (value.options) {\n      let optionValues = [];\n      value.options.forEach(option => {\n        if (!option.value || typeof option.value === 'string') {\n          return;\n        }\n        optionValues = [...optionValues, option.value] as never;\n      });\n      const messagesFromOptions = getMessagesFromIdxRemediationValue(optionValues) || [];\n      messages = [...messages, ...messagesFromOptions] as never;\n    }\n    return messages;\n  }, []);\n}\n\nexport function getMessagesFromResponse(idxResponse: IdxResponse): IdxMessage[] {\n  let messages: IdxMessage[] = [];\n  const { rawIdxState, neededToProceed } = idxResponse;\n\n  // Handle global messages\n  const globalMessages = rawIdxState.messages?.value.map(message => message);\n  if (globalMessages) {\n    messages = [...messages, ...globalMessages] as never;\n  }\n\n  // Handle field messages for current flow\n  for (let remediation of neededToProceed) {\n    const fieldMessages = getMessagesFromIdxRemediationValue(remediation.value);\n    if (fieldMessages) {\n      messages = [...messages, ...fieldMessages] as never;\n    }\n  }\n\n  // API may return identical error on same field, filter by i18n key\n  const seen = {};\n  messages = messages.reduce((filtered, message) => {\n    const key = message.i18n?.key;\n    if (key && seen[key]) {\n      return filtered;\n    }\n    seen[key] = message;\n    filtered = [...filtered, message] as never;\n    return filtered;\n  }, []);\n  return messages;\n}\n\n\nexport function getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n  const res = [];\n  const { actions, neededToProceed } = idxResponse;\n\n  if (actions['currentAuthenticator-recover']) {\n    res.push(IdxFeature.PASSWORD_RECOVERY as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n    res.push(IdxFeature.REGISTRATION as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n    res.push(IdxFeature.SOCIAL_IDP as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'unlock-account')) {\n    res.push(IdxFeature.ACCOUNT_UNLOCK as never);\n  }\n\n  return res;\n}\n\nexport function getAvailableSteps(idxResponse: IdxResponse): NextStep[] {\n  const res = [];\n\n  const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n    // Only add concrete subclasses to the map\n    if (remediatorClass.remediationName) {\n      map[remediatorClass.remediationName] = remediatorClass;\n    }\n    return map;\n  }, {});\n\n  for (let remediation of idxResponse.neededToProceed) {\n    const T = remediatorMap[remediation.name];\n    if (T) {\n      const remediator = new T(remediation);\n      res.push (remediator.getNextStep(idxResponse.context) as never);\n    }\n  }\n\n  return res;\n}\n\nexport function filterValuesForRemediation(idxResponse: IdxResponse, values: RemediationValues): RemediationValues {\n  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n  const valuesForRemediation = idxResponse.neededToProceed![0]!.value!.reduce((res, entry) => {\n    const { name } = entry;\n    res[name] = values[name];\n    return res;\n  }, {});\n  return valuesForRemediation;\n}\n"],"file":"util.js"}