@okta/okta-auth-js 6.0.0 → 6.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (398) hide show
  1. package/CHANGELOG.md +65 -0
  2. package/README.md +58 -27
  3. package/cjs/AuthStateManager.js +21 -7
  4. package/cjs/AuthStateManager.js.map +1 -1
  5. package/cjs/OktaAuth.js +96 -40
  6. package/cjs/OktaAuth.js.map +1 -1
  7. package/cjs/OktaUserAgent.js +2 -2
  8. package/cjs/PromiseQueue.js +14 -3
  9. package/cjs/PromiseQueue.js.map +1 -1
  10. package/cjs/SavedObject.js +4 -2
  11. package/cjs/SavedObject.js.map +1 -1
  12. package/cjs/ServiceManager.js +195 -0
  13. package/cjs/ServiceManager.js.map +1 -0
  14. package/cjs/StorageManager.js +13 -8
  15. package/cjs/StorageManager.js.map +1 -1
  16. package/cjs/TokenManager.js +34 -32
  17. package/cjs/TokenManager.js.map +1 -1
  18. package/cjs/TransactionManager.js +17 -5
  19. package/cjs/TransactionManager.js.map +1 -1
  20. package/cjs/browser/browserStorage.js +48 -33
  21. package/cjs/browser/browserStorage.js.map +1 -1
  22. package/cjs/browser/fingerprint.js +9 -3
  23. package/cjs/browser/fingerprint.js.map +1 -1
  24. package/cjs/builderUtil.js +4 -2
  25. package/cjs/builderUtil.js.map +1 -1
  26. package/cjs/clock.js +5 -1
  27. package/cjs/clock.js.map +1 -1
  28. package/cjs/crypto/base64.js +18 -0
  29. package/cjs/crypto/base64.js.map +1 -1
  30. package/cjs/crypto/index.js +6 -4
  31. package/cjs/crypto/index.js.map +1 -1
  32. package/cjs/crypto/node.js +19 -13
  33. package/cjs/crypto/node.js.map +1 -1
  34. package/cjs/crypto/oidcHash.js +5 -1
  35. package/cjs/crypto/oidcHash.js.map +1 -1
  36. package/cjs/crypto/webauthn.js +101 -0
  37. package/cjs/crypto/webauthn.js.map +1 -0
  38. package/cjs/crypto/webcrypto.js +3 -1
  39. package/cjs/crypto/webcrypto.js.map +1 -1
  40. package/cjs/errors/AuthApiError.js +1 -1
  41. package/cjs/errors/AuthPollStopError.js +1 -1
  42. package/cjs/errors/AuthSdkError.js +1 -1
  43. package/cjs/errors/CustomError.js +5 -1
  44. package/cjs/errors/CustomError.js.map +1 -1
  45. package/cjs/errors/OAuthError.js +1 -1
  46. package/cjs/errors/index.js +1 -1
  47. package/cjs/fetch/fetchRequest.js +18 -6
  48. package/cjs/fetch/fetchRequest.js.map +1 -1
  49. package/cjs/http/headers.js.map +1 -1
  50. package/cjs/http/index.js +4 -2
  51. package/cjs/http/index.js.map +1 -1
  52. package/cjs/http/request.js +9 -5
  53. package/cjs/http/request.js.map +1 -1
  54. package/cjs/idx/authenticate.js.map +1 -1
  55. package/cjs/idx/authenticator/Authenticator.js.map +1 -1
  56. package/cjs/idx/authenticator/OktaPassword.js +12 -3
  57. package/cjs/idx/authenticator/OktaPassword.js.map +1 -1
  58. package/cjs/idx/authenticator/OktaVerifyTotp.js +9 -1
  59. package/cjs/idx/authenticator/OktaVerifyTotp.js.map +1 -1
  60. package/cjs/idx/authenticator/SecurityQuestionEnrollment.js +15 -2
  61. package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map +1 -1
  62. package/cjs/idx/authenticator/SecurityQuestionVerification.js +10 -2
  63. package/cjs/idx/authenticator/SecurityQuestionVerification.js.map +1 -1
  64. package/cjs/idx/authenticator/VerificationCodeAuthenticator.js +13 -3
  65. package/cjs/idx/authenticator/VerificationCodeAuthenticator.js.map +1 -1
  66. package/cjs/idx/authenticator/WebauthnEnrollment.js +51 -0
  67. package/cjs/idx/authenticator/WebauthnEnrollment.js.map +1 -0
  68. package/cjs/idx/authenticator/WebauthnVerification.js +60 -0
  69. package/cjs/idx/authenticator/WebauthnVerification.js.map +1 -0
  70. package/cjs/idx/authenticator/getAuthenticator.js +13 -1
  71. package/cjs/idx/authenticator/getAuthenticator.js.map +1 -1
  72. package/cjs/idx/authenticator/index.js +34 -6
  73. package/cjs/idx/authenticator/index.js.map +1 -1
  74. package/cjs/idx/authenticator/util.js +64 -0
  75. package/cjs/idx/authenticator/util.js.map +1 -0
  76. package/cjs/idx/cancel.js.map +1 -1
  77. package/cjs/idx/emailVerify.js +1 -1
  78. package/cjs/idx/emailVerify.js.map +1 -1
  79. package/cjs/idx/flow/AccountUnlockFlow.js +30 -0
  80. package/cjs/idx/flow/AccountUnlockFlow.js.map +1 -0
  81. package/cjs/idx/flow/FlowSpecification.js +8 -0
  82. package/cjs/idx/flow/FlowSpecification.js.map +1 -1
  83. package/cjs/idx/flow/PasswordRecoveryFlow.js +4 -1
  84. package/cjs/idx/flow/PasswordRecoveryFlow.js.map +1 -1
  85. package/cjs/idx/flow/index.js +20 -5
  86. package/cjs/idx/flow/index.js.map +1 -1
  87. package/cjs/idx/handleInteractionCodeRedirect.js +5 -1
  88. package/cjs/idx/handleInteractionCodeRedirect.js.map +1 -1
  89. package/cjs/idx/headers.js +21 -5
  90. package/cjs/idx/headers.js.map +1 -1
  91. package/cjs/idx/idx-js/client.js +91 -0
  92. package/cjs/idx/idx-js/client.js.map +1 -0
  93. package/cjs/idx/idx-js/index.js +40 -0
  94. package/cjs/idx/idx-js/index.js.map +1 -0
  95. package/cjs/idx/idx-js/interact.js +83 -0
  96. package/cjs/idx/idx-js/interact.js.map +1 -0
  97. package/cjs/idx/idx-js/introspect.js +62 -0
  98. package/cjs/idx/idx-js/introspect.js.map +1 -0
  99. package/cjs/idx/idx-js/parsers.js +41 -0
  100. package/cjs/idx/idx-js/parsers.js.map +1 -0
  101. package/cjs/idx/idx-js/util.js +34 -0
  102. package/cjs/idx/idx-js/util.js.map +1 -0
  103. package/cjs/idx/idx-js/v1/actionParser.js +90 -0
  104. package/cjs/idx/idx-js/v1/actionParser.js.map +1 -0
  105. package/cjs/idx/idx-js/v1/generateIdxAction.js +111 -0
  106. package/cjs/idx/idx-js/v1/generateIdxAction.js.map +1 -0
  107. package/cjs/idx/idx-js/v1/idxResponseParser.js +137 -0
  108. package/cjs/idx/idx-js/v1/idxResponseParser.js.map +1 -0
  109. package/cjs/idx/idx-js/v1/makeIdxState.js +65 -0
  110. package/cjs/idx/idx-js/v1/makeIdxState.js.map +1 -0
  111. package/cjs/idx/idx-js/v1/parsers.js +24 -0
  112. package/cjs/idx/idx-js/v1/parsers.js.map +1 -0
  113. package/cjs/idx/idx-js/v1/remediationParser.js +32 -0
  114. package/cjs/idx/idx-js/v1/remediationParser.js.map +1 -0
  115. package/cjs/idx/index.js +120 -121
  116. package/cjs/idx/index.js.map +1 -1
  117. package/cjs/idx/interact.js +9 -4
  118. package/cjs/idx/interact.js.map +1 -1
  119. package/cjs/idx/introspect.js +19 -9
  120. package/cjs/idx/introspect.js.map +1 -1
  121. package/cjs/idx/poll.js +13 -3
  122. package/cjs/idx/poll.js.map +1 -1
  123. package/cjs/idx/proceed.js +14 -11
  124. package/cjs/idx/proceed.js.map +1 -1
  125. package/cjs/idx/recoverPassword.js.map +1 -1
  126. package/cjs/idx/register.js +5 -1
  127. package/cjs/idx/register.js.map +1 -1
  128. package/cjs/idx/remediate.js +112 -88
  129. package/cjs/idx/remediate.js.map +1 -1
  130. package/cjs/idx/remediators/AuthenticatorEnrollmentData.js +16 -6
  131. package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
  132. package/cjs/idx/remediators/AuthenticatorVerificationData.js +61 -16
  133. package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
  134. package/cjs/idx/remediators/Base/AuthenticatorData.js +44 -20
  135. package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
  136. package/cjs/idx/remediators/Base/Remediator.js +116 -82
  137. package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
  138. package/cjs/idx/remediators/Base/SelectAuthenticator.js +58 -34
  139. package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  140. package/cjs/idx/remediators/Base/VerifyAuthenticator.js +30 -7
  141. package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  142. package/cjs/idx/remediators/ChallengeAuthenticator.js +2 -2
  143. package/cjs/idx/remediators/ChallengePoll.js +10 -3
  144. package/cjs/idx/remediators/ChallengePoll.js.map +1 -1
  145. package/cjs/idx/remediators/EnrollAuthenticator.js +2 -2
  146. package/cjs/idx/remediators/EnrollPoll.js +16 -6
  147. package/cjs/idx/remediators/EnrollPoll.js.map +1 -1
  148. package/cjs/idx/remediators/EnrollProfile.js +34 -16
  149. package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
  150. package/cjs/idx/remediators/EnrollmentChannelData.js +25 -17
  151. package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -1
  152. package/cjs/idx/remediators/Identify.js +16 -7
  153. package/cjs/idx/remediators/Identify.js.map +1 -1
  154. package/cjs/idx/remediators/ReEnrollAuthenticator.js +13 -10
  155. package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
  156. package/cjs/idx/remediators/RedirectIdp.js +2 -2
  157. package/cjs/idx/remediators/ResetAuthenticator.js +2 -2
  158. package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js +9 -6
  159. package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
  160. package/cjs/idx/remediators/SelectAuthenticatorEnroll.js +2 -2
  161. package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js +71 -0
  162. package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js.map +1 -0
  163. package/cjs/idx/remediators/SelectEnrollProfile.js +2 -2
  164. package/cjs/idx/remediators/SelectEnrollmentChannel.js +22 -10
  165. package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -1
  166. package/cjs/idx/remediators/Skip.js +5 -10
  167. package/cjs/idx/remediators/Skip.js.map +1 -1
  168. package/cjs/idx/remediators/index.js +33 -18
  169. package/cjs/idx/remediators/index.js.map +1 -1
  170. package/cjs/idx/remediators/util.js +13 -3
  171. package/cjs/idx/remediators/util.js.map +1 -1
  172. package/cjs/idx/run.js +276 -177
  173. package/cjs/idx/run.js.map +1 -1
  174. package/cjs/idx/startTransaction.js.map +1 -1
  175. package/cjs/idx/transactionMeta.js.map +1 -1
  176. package/cjs/idx/types/idx-js.js.map +1 -1
  177. package/cjs/idx/types/index.js +82 -9
  178. package/cjs/idx/types/index.js.map +1 -1
  179. package/cjs/idx/unlockAccount.js +48 -0
  180. package/cjs/idx/unlockAccount.js.map +1 -0
  181. package/cjs/idx/util.js +198 -0
  182. package/cjs/idx/util.js.map +1 -0
  183. package/cjs/index.js +20 -14
  184. package/cjs/index.js.map +1 -1
  185. package/cjs/oidc/endpoints/authorize.js +8 -2
  186. package/cjs/oidc/endpoints/authorize.js.map +1 -1
  187. package/cjs/oidc/endpoints/index.js +5 -3
  188. package/cjs/oidc/endpoints/index.js.map +1 -1
  189. package/cjs/oidc/endpoints/token.js +15 -3
  190. package/cjs/oidc/endpoints/token.js.map +1 -1
  191. package/cjs/oidc/endpoints/well-known.js +7 -3
  192. package/cjs/oidc/endpoints/well-known.js.map +1 -1
  193. package/cjs/oidc/exchangeCodeForTokens.js +10 -2
  194. package/cjs/oidc/exchangeCodeForTokens.js.map +1 -1
  195. package/cjs/oidc/getToken.js +9 -5
  196. package/cjs/oidc/getToken.js.map +1 -1
  197. package/cjs/oidc/getUserInfo.js +7 -3
  198. package/cjs/oidc/getUserInfo.js.map +1 -1
  199. package/cjs/oidc/getWithPopup.js +8 -2
  200. package/cjs/oidc/getWithPopup.js.map +1 -1
  201. package/cjs/oidc/getWithRedirect.js +5 -1
  202. package/cjs/oidc/getWithRedirect.js.map +1 -1
  203. package/cjs/oidc/getWithoutPrompt.js +8 -2
  204. package/cjs/oidc/getWithoutPrompt.js.map +1 -1
  205. package/cjs/oidc/handleOAuthResponse.js +9 -3
  206. package/cjs/oidc/handleOAuthResponse.js.map +1 -1
  207. package/cjs/oidc/index.js +4 -2
  208. package/cjs/oidc/index.js.map +1 -1
  209. package/cjs/oidc/parseFromUrl.js +9 -3
  210. package/cjs/oidc/parseFromUrl.js.map +1 -1
  211. package/cjs/oidc/renewToken.js.map +1 -1
  212. package/cjs/oidc/renewTokens.js +5 -1
  213. package/cjs/oidc/renewTokens.js.map +1 -1
  214. package/cjs/oidc/renewTokensWithRefresh.js +5 -1
  215. package/cjs/oidc/renewTokensWithRefresh.js.map +1 -1
  216. package/cjs/oidc/revokeToken.js +7 -3
  217. package/cjs/oidc/revokeToken.js.map +1 -1
  218. package/cjs/oidc/util/browser.js +5 -1
  219. package/cjs/oidc/util/browser.js.map +1 -1
  220. package/cjs/oidc/util/defaultTokenParams.js.map +1 -1
  221. package/cjs/oidc/util/errors.js.map +1 -1
  222. package/cjs/oidc/util/index.js +14 -12
  223. package/cjs/oidc/util/index.js.map +1 -1
  224. package/cjs/oidc/util/loginRedirect.js +5 -1
  225. package/cjs/oidc/util/loginRedirect.js.map +1 -1
  226. package/cjs/oidc/util/oauth.js +4 -2
  227. package/cjs/oidc/util/oauth.js.map +1 -1
  228. package/cjs/oidc/util/oauthMeta.js.map +1 -1
  229. package/cjs/oidc/util/pkce.js +11 -3
  230. package/cjs/oidc/util/pkce.js.map +1 -1
  231. package/cjs/oidc/util/prepareTokenParams.js +7 -5
  232. package/cjs/oidc/util/prepareTokenParams.js.map +1 -1
  233. package/cjs/oidc/util/validateClaims.js +1 -1
  234. package/cjs/oidc/util/validateClaims.js.map +1 -1
  235. package/cjs/oidc/verifyToken.js +11 -3
  236. package/cjs/oidc/verifyToken.js.map +1 -1
  237. package/cjs/options/browser.js +86 -0
  238. package/cjs/options/browser.js.map +1 -0
  239. package/cjs/options/index.js +94 -0
  240. package/cjs/options/index.js.map +1 -0
  241. package/cjs/options/node.js +45 -0
  242. package/cjs/options/node.js.map +1 -0
  243. package/cjs/options.js +17 -5
  244. package/cjs/options.js.map +1 -1
  245. package/cjs/server/serverStorage.js +8 -4
  246. package/cjs/server/serverStorage.js.map +1 -1
  247. package/cjs/services/AutoRenewService.js +94 -0
  248. package/cjs/services/AutoRenewService.js.map +1 -0
  249. package/cjs/services/SyncStorageService.js +93 -0
  250. package/cjs/services/SyncStorageService.js.map +1 -0
  251. package/cjs/services/index.js +30 -0
  252. package/cjs/services/index.js.map +1 -0
  253. package/cjs/tx/AuthTransaction.js +15 -9
  254. package/cjs/tx/AuthTransaction.js.map +1 -1
  255. package/cjs/tx/api.js +8 -4
  256. package/cjs/tx/api.js.map +1 -1
  257. package/cjs/tx/index.js +7 -5
  258. package/cjs/tx/index.js.map +1 -1
  259. package/cjs/tx/poll.js +6 -4
  260. package/cjs/tx/poll.js.map +1 -1
  261. package/cjs/tx/util.js +5 -1
  262. package/cjs/tx/util.js.map +1 -1
  263. package/cjs/types/Service.js +2 -0
  264. package/cjs/types/Service.js.map +1 -0
  265. package/cjs/types/Transaction.js +10 -2
  266. package/cjs/types/Transaction.js.map +1 -1
  267. package/cjs/types/index.js +29 -14
  268. package/cjs/types/index.js.map +1 -1
  269. package/cjs/util/index.js +7 -5
  270. package/cjs/util/index.js.map +1 -1
  271. package/cjs/util/misc.js +5 -1
  272. package/cjs/util/misc.js.map +1 -1
  273. package/cjs/util/object.js +16 -6
  274. package/cjs/util/object.js.map +1 -1
  275. package/cjs/util/sharedStorage.js +5 -1
  276. package/cjs/util/sharedStorage.js.map +1 -1
  277. package/dist/okta-auth-js.min.js +1 -1
  278. package/dist/okta-auth-js.min.js.LICENSE.txt +0 -20
  279. package/dist/okta-auth-js.min.js.map +1 -1
  280. package/dist/okta-auth-js.polyfill.js +1 -1
  281. package/dist/okta-auth-js.polyfill.js.map +1 -1
  282. package/dist/okta-auth-js.umd.js +1 -1
  283. package/dist/okta-auth-js.umd.js.LICENSE.txt +1 -19
  284. package/dist/okta-auth-js.umd.js.map +1 -1
  285. package/esm/{index.js → esm.browser.js} +2978 -2585
  286. package/esm/esm.browser.js.map +1 -0
  287. package/esm/esm.node.mjs +9595 -0
  288. package/esm/esm.node.mjs.map +1 -0
  289. package/lib/AuthStateManager.d.ts +3 -3
  290. package/lib/OktaAuth.d.ts +10 -6
  291. package/lib/PromiseQueue.d.ts +6 -2
  292. package/lib/ServiceManager.d.ts +38 -0
  293. package/lib/StorageManager.d.ts +1 -1
  294. package/lib/TokenManager.d.ts +2 -3
  295. package/lib/TransactionManager.d.ts +4 -5
  296. package/lib/browser/fingerprint.d.ts +2 -3
  297. package/lib/crypto/base64.d.ts +2 -0
  298. package/lib/crypto/webauthn.d.ts +25 -0
  299. package/lib/http/headers.d.ts +2 -2
  300. package/lib/http/request.d.ts +4 -4
  301. package/lib/idx/authenticate.d.ts +2 -2
  302. package/lib/idx/authenticator/Authenticator.d.ts +4 -5
  303. package/lib/idx/authenticator/OktaPassword.d.ts +8 -9
  304. package/lib/idx/authenticator/OktaVerifyTotp.d.ts +1 -1
  305. package/lib/idx/authenticator/SecurityQuestionEnrollment.d.ts +11 -12
  306. package/lib/idx/authenticator/SecurityQuestionVerification.d.ts +7 -7
  307. package/lib/idx/authenticator/VerificationCodeAuthenticator.d.ts +8 -3
  308. package/lib/idx/authenticator/WebauthnEnrollment.d.ts +16 -0
  309. package/lib/idx/authenticator/WebauthnVerification.d.ts +17 -0
  310. package/lib/idx/authenticator/getAuthenticator.d.ts +1 -1
  311. package/lib/idx/authenticator/index.d.ts +9 -0
  312. package/lib/idx/authenticator/util.d.ts +4 -0
  313. package/lib/idx/cancel.d.ts +2 -2
  314. package/lib/idx/emailVerify.d.ts +2 -2
  315. package/lib/idx/flow/AccountUnlockFlow.d.ts +13 -0
  316. package/lib/idx/flow/FlowSpecification.d.ts +2 -2
  317. package/lib/idx/flow/index.d.ts +1 -0
  318. package/lib/idx/headers.d.ts +3 -2
  319. package/lib/idx/idx-js/client.d.ts +36 -0
  320. package/lib/idx/idx-js/index.d.ts +35 -0
  321. package/lib/idx/idx-js/interact.d.ts +25 -0
  322. package/lib/idx/idx-js/introspect.d.ts +21 -0
  323. package/lib/idx/idx-js/parsers.d.ts +15 -0
  324. package/lib/idx/idx-js/util.d.ts +12 -0
  325. package/lib/idx/idx-js/v1/actionParser.d.ts +16 -0
  326. package/lib/idx/idx-js/v1/generateIdxAction.d.ts +13 -0
  327. package/lib/idx/idx-js/v1/idxResponseParser.d.ts +20 -0
  328. package/lib/idx/idx-js/v1/makeIdxState.d.ts +13 -0
  329. package/lib/idx/idx-js/v1/parsers.d.ts +16 -0
  330. package/lib/idx/idx-js/v1/remediationParser.d.ts +12 -0
  331. package/lib/idx/index.d.ts +12 -11
  332. package/lib/idx/interact.d.ts +3 -2
  333. package/lib/idx/introspect.d.ts +2 -2
  334. package/lib/idx/poll.d.ts +2 -2
  335. package/lib/idx/proceed.d.ts +5 -6
  336. package/lib/idx/recoverPassword.d.ts +2 -2
  337. package/lib/idx/register.d.ts +2 -2
  338. package/lib/idx/remediate.d.ts +2 -2
  339. package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +6 -5
  340. package/lib/idx/remediators/Base/AuthenticatorData.d.ts +5 -8
  341. package/lib/idx/remediators/Base/Remediator.d.ts +6 -5
  342. package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +9 -8
  343. package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +9 -16
  344. package/lib/idx/remediators/ChallengePoll.d.ts +1 -0
  345. package/lib/idx/remediators/EnrollProfile.d.ts +0 -3
  346. package/lib/idx/remediators/EnrollmentChannelData.d.ts +1 -4
  347. package/lib/idx/remediators/Identify.d.ts +3 -5
  348. package/lib/idx/remediators/ReEnrollAuthenticator.d.ts +2 -5
  349. package/lib/idx/remediators/SelectAuthenticatorAuthenticate.d.ts +2 -1
  350. package/lib/idx/remediators/SelectAuthenticatorUnlockAccount.d.ts +37 -0
  351. package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +1 -0
  352. package/lib/idx/remediators/Skip.d.ts +0 -3
  353. package/lib/idx/remediators/index.d.ts +1 -0
  354. package/lib/idx/run.d.ts +2 -2
  355. package/lib/idx/startTransaction.d.ts +2 -2
  356. package/lib/idx/transactionMeta.d.ts +7 -7
  357. package/lib/idx/types/FlowIdentifier.d.ts +1 -1
  358. package/lib/idx/types/idx-js.d.ts +41 -1
  359. package/lib/idx/types/index.d.ts +27 -7
  360. package/lib/idx/unlockAccount.d.ts +15 -0
  361. package/lib/idx/util.d.ts +11 -0
  362. package/lib/oidc/endpoints/well-known.d.ts +3 -3
  363. package/lib/oidc/exchangeCodeForTokens.d.ts +2 -2
  364. package/lib/oidc/getToken.d.ts +2 -2
  365. package/lib/oidc/getWithPopup.d.ts +2 -2
  366. package/lib/oidc/getWithRedirect.d.ts +2 -2
  367. package/lib/oidc/getWithoutPrompt.d.ts +2 -2
  368. package/lib/oidc/handleOAuthResponse.d.ts +2 -2
  369. package/lib/oidc/renewToken.d.ts +2 -2
  370. package/lib/oidc/renewTokensWithRefresh.d.ts +2 -2
  371. package/lib/oidc/revokeToken.d.ts +2 -2
  372. package/lib/oidc/util/browser.d.ts +2 -2
  373. package/lib/oidc/util/defaultTokenParams.d.ts +2 -2
  374. package/lib/oidc/util/errors.d.ts +2 -2
  375. package/lib/oidc/util/loginRedirect.d.ts +4 -4
  376. package/lib/oidc/util/oauth.d.ts +4 -4
  377. package/lib/oidc/util/oauthMeta.d.ts +2 -2
  378. package/lib/oidc/util/prepareTokenParams.d.ts +5 -5
  379. package/lib/oidc/util/validateClaims.d.ts +2 -2
  380. package/lib/oidc/verifyToken.d.ts +2 -2
  381. package/lib/options/browser.d.ts +16 -0
  382. package/lib/options/index.d.ts +14 -0
  383. package/lib/options/node.d.ts +16 -0
  384. package/lib/services/AutoRenewService.d.ts +27 -0
  385. package/lib/services/{TokenService.d.ts → SyncStorageService.d.ts} +8 -5
  386. package/lib/services/index.d.ts +13 -0
  387. package/lib/types/OktaAuthOptions.d.ts +6 -2
  388. package/lib/types/Service.d.ts +23 -0
  389. package/lib/types/Storage.d.ts +7 -5
  390. package/lib/types/Transaction.d.ts +2 -10
  391. package/lib/types/api.d.ts +23 -10
  392. package/lib/types/index.d.ts +1 -1
  393. package/lib/util/sharedStorage.d.ts +1 -1
  394. package/package.json +32 -14
  395. package/polyfill/index.js +1 -0
  396. package/cjs/services/TokenService.js +0 -111
  397. package/cjs/services/TokenService.js.map +0 -1
  398. package/esm/index.js.map +0 -1
package/cjs/index.js CHANGED
@@ -1,6 +1,12 @@
1
1
  "use strict";
2
2
 
3
- var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
3
+ var _WeakMap = require("@babel/runtime-corejs3/core-js-stable/weak-map");
4
+
5
+ var _Object$getOwnPropertyDescriptor = require("@babel/runtime-corejs3/core-js-stable/object/get-own-property-descriptor");
6
+
7
+ var _Object$keys = require("@babel/runtime-corejs3/core-js-stable/object/keys");
8
+
9
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
10
 
5
11
  var _exportNames = {
6
12
  crypto: true,
@@ -22,7 +28,7 @@ var _OktaAuth = _interopRequireDefault(require("./OktaAuth"));
22
28
 
23
29
  var _constants = require("./constants");
24
30
 
25
- Object.keys(_constants).forEach(function (key) {
31
+ _Object$keys(_constants).forEach(function (key) {
26
32
  if (key === "default" || key === "__esModule") return;
27
33
  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
28
34
  if (key in exports && exports[key] === _constants[key]) return;
@@ -36,7 +42,7 @@ Object.keys(_constants).forEach(function (key) {
36
42
 
37
43
  var _idx = require("./idx");
38
44
 
39
- Object.keys(_idx).forEach(function (key) {
45
+ _Object$keys(_idx).forEach(function (key) {
40
46
  if (key === "default" || key === "__esModule") return;
41
47
  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
42
48
  if (key in exports && exports[key] === _idx[key]) return;
@@ -50,7 +56,7 @@ Object.keys(_idx).forEach(function (key) {
50
56
 
51
57
  var _types = require("./types");
52
58
 
53
- Object.keys(_types).forEach(function (key) {
59
+ _Object$keys(_types).forEach(function (key) {
54
60
  if (key === "default" || key === "__esModule") return;
55
61
  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
56
62
  if (key in exports && exports[key] === _types[key]) return;
@@ -64,7 +70,7 @@ Object.keys(_types).forEach(function (key) {
64
70
 
65
71
  var _tx = require("./tx");
66
72
 
67
- Object.keys(_tx).forEach(function (key) {
73
+ _Object$keys(_tx).forEach(function (key) {
68
74
  if (key === "default" || key === "__esModule") return;
69
75
  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
70
76
  if (key in exports && exports[key] === _tx[key]) return;
@@ -78,7 +84,7 @@ Object.keys(_tx).forEach(function (key) {
78
84
 
79
85
  var _errors = require("./errors");
80
86
 
81
- Object.keys(_errors).forEach(function (key) {
87
+ _Object$keys(_errors).forEach(function (key) {
82
88
  if (key === "default" || key === "__esModule") return;
83
89
  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
84
90
  if (key in exports && exports[key] === _errors[key]) return;
@@ -92,7 +98,7 @@ Object.keys(_errors).forEach(function (key) {
92
98
 
93
99
  var _oidc = require("./oidc");
94
100
 
95
- Object.keys(_oidc).forEach(function (key) {
101
+ _Object$keys(_oidc).forEach(function (key) {
96
102
  if (key === "default" || key === "__esModule") return;
97
103
  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
98
104
  if (key in exports && exports[key] === _oidc[key]) return;
@@ -106,7 +112,7 @@ Object.keys(_oidc).forEach(function (key) {
106
112
 
107
113
  var _StorageManager = require("./StorageManager");
108
114
 
109
- Object.keys(_StorageManager).forEach(function (key) {
115
+ _Object$keys(_StorageManager).forEach(function (key) {
110
116
  if (key === "default" || key === "__esModule") return;
111
117
  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
112
118
  if (key in exports && exports[key] === _StorageManager[key]) return;
@@ -120,7 +126,7 @@ Object.keys(_StorageManager).forEach(function (key) {
120
126
 
121
127
  var _TransactionManager = require("./TransactionManager");
122
128
 
123
- Object.keys(_TransactionManager).forEach(function (key) {
129
+ _Object$keys(_TransactionManager).forEach(function (key) {
124
130
  if (key === "default" || key === "__esModule") return;
125
131
  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
126
132
  if (key in exports && exports[key] === _TransactionManager[key]) return;
@@ -134,7 +140,7 @@ Object.keys(_TransactionManager).forEach(function (key) {
134
140
 
135
141
  var _TokenManager = require("./TokenManager");
136
142
 
137
- Object.keys(_TokenManager).forEach(function (key) {
143
+ _Object$keys(_TokenManager).forEach(function (key) {
138
144
  if (key === "default" || key === "__esModule") return;
139
145
  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
140
146
  if (key in exports && exports[key] === _TokenManager[key]) return;
@@ -148,7 +154,7 @@ Object.keys(_TokenManager).forEach(function (key) {
148
154
 
149
155
  var _AuthStateManager = require("./AuthStateManager");
150
156
 
151
- Object.keys(_AuthStateManager).forEach(function (key) {
157
+ _Object$keys(_AuthStateManager).forEach(function (key) {
152
158
  if (key === "default" || key === "__esModule") return;
153
159
  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
154
160
  if (key in exports && exports[key] === _AuthStateManager[key]) return;
@@ -162,7 +168,7 @@ Object.keys(_AuthStateManager).forEach(function (key) {
162
168
 
163
169
  var _util = require("./util");
164
170
 
165
- Object.keys(_util).forEach(function (key) {
171
+ _Object$keys(_util).forEach(function (key) {
166
172
  if (key === "default" || key === "__esModule") return;
167
173
  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
168
174
  if (key in exports && exports[key] === _util[key]) return;
@@ -174,7 +180,7 @@ Object.keys(_util).forEach(function (key) {
174
180
  });
175
181
  });
176
182
 
177
- function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
183
+ function _getRequireWildcardCache(nodeInterop) { if (typeof _WeakMap !== "function") return null; var cacheBabelInterop = new _WeakMap(); var cacheNodeInterop = new _WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
178
184
 
179
- function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
185
+ function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && _Object$getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? _Object$getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
180
186
  //# sourceMappingURL=index.js.map
package/cjs/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAaA;;;;AAEA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport * as crypto from './crypto';\n\nexport { default as OktaAuth } from './OktaAuth';\nexport * from './constants';\nexport * from './idx';\nexport * from './types';\nexport * from './tx';\nexport * from './errors';\nexport * from './oidc';\nexport * from './StorageManager';\nexport * from './TransactionManager';\nexport * from './TokenManager';\nexport * from './AuthStateManager';\nexport * from './util';\nexport { crypto };\n"],"file":"index.js"}
1
+ {"version":3,"sources":["../../lib/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAaA;;;;AAEA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport * as crypto from './crypto';\n\nexport { default as OktaAuth } from './OktaAuth';\nexport * from './constants';\nexport * from './idx';\nexport * from './types';\nexport * from './tx';\nexport * from './errors';\nexport * from './oidc';\nexport * from './StorageManager';\nexport * from './TransactionManager';\nexport * from './TokenManager';\nexport * from './AuthStateManager';\nexport * from './util';\nexport { crypto };\n"],"file":"index.js"}
package/cjs/oidc/endpoints/authorize.js CHANGED
@@ -1,8 +1,12 @@
1
1
  "use strict";
2
2
 
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
+
3
5
  exports.convertTokenParamsToOAuthParams = convertTokenParamsToOAuthParams;
4
6
  exports.buildAuthorizeParams = buildAuthorizeParams;
5
7
 
8
+ var _indexOf = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/index-of"));
9
+
6
10
  var _util = require("../../util");
7
11
 
8
12
  var _errors = require("../../errors");
@@ -21,12 +25,14 @@ var _errors = require("../../errors");
21
25
  * See the License for the specific language governing permissions and limitations under the License.
22
26
  */
23
27
  function convertTokenParamsToOAuthParams(tokenParams) {
28
+ var _context, _context2, _context3;
29
+
24
30
  // Quick validation
25
31
  if (!tokenParams.clientId) {
26
32
  throw new _errors.AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');
27
33
  }
28
34
 
29
- if ((0, _util.isString)(tokenParams.responseType) && tokenParams.responseType.indexOf(' ') !== -1) {
35
+ if ((0, _util.isString)(tokenParams.responseType) && (0, _indexOf.default)(_context = tokenParams.responseType).call(_context, ' ') !== -1) {
30
36
  throw new _errors.AuthSdkError('Multiple OAuth responseTypes must be defined as an array');
31
37
  } // Convert our params to their actual OAuth equivalents
32
38
 
@@ -55,7 +61,7 @@ function convertTokenParamsToOAuthParams(tokenParams) {
55
61
  }
56
62
  });
57
63
 
58
- if (tokenParams.responseType.indexOf('id_token') !== -1 && tokenParams.scopes.indexOf('openid') === -1) {
64
+ if ((0, _indexOf.default)(_context2 = tokenParams.responseType).call(_context2, 'id_token') !== -1 && (0, _indexOf.default)(_context3 = tokenParams.scopes).call(_context3, 'openid') === -1) {
59
65
  throw new _errors.AuthSdkError('openid scope must be specified in the scopes argument when requesting an id_token');
60
66
  } else {
61
67
  oauthParams.scope = tokenParams.scopes.join(' ');
package/cjs/oidc/endpoints/authorize.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../lib/oidc/endpoints/authorize.ts"],"names":["convertTokenParamsToOAuthParams","tokenParams","clientId","AuthSdkError","responseType","indexOf","oauthParams","codeChallenge","codeChallengeMethod","display","idp","idpScope","loginHint","maxAge","nonce","prompt","redirectUri","responseMode","sessionToken","state","forEach","mayBeArray","Array","isArray","join","scopes","scope","buildAuthorizeParams","oauthQueryParams","extraParams"],"mappings":";;;;;AAcA;;AACA;;AAfA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAOO,SAASA,+BAAT,CAAyCC,WAAzC,EAAmE;AACxE;AACA,MAAI,CAACA,WAAW,CAACC,QAAjB,EAA2B;AACzB,UAAM,IAAIC,oBAAJ,CAAiB,yEAAjB,CAAN;AACD;;AAED,MAAI,oBAASF,WAAW,CAACG,YAArB,KAAsCH,WAAW,CAACG,YAAZ,CAAyBC,OAAzB,CAAiC,GAAjC,MAA0C,CAAC,CAArF,EAAwF;AACtF,UAAM,IAAIF,oBAAJ,CAAiB,0DAAjB,CAAN;AACD,GARuE,CAUxE;;;AACA,MAAIG,WAAwB,GAAG;AAC7B,iBAAaL,WAAW,CAACC,QADI;AAE7B,sBAAkBD,WAAW,CAACM,aAFD;AAG7B,6BAAyBN,WAAW,CAACO,mBAHR;AAI7B,eAAWP,WAAW,CAACQ,OAJM;AAK7B,WAAOR,WAAW,CAACS,GALU;AAM7B,iBAAaT,WAAW,CAACU,QANI;AAO7B,kBAAcV,WAAW,CAACW,SAPG;AAQ7B,eAAWX,WAAW,CAACY,MARM;AAS7B,aAASZ,WAAW,CAACa,KATQ;AAU7B,cAAUb,WAAW,CAACc,MAVO;AAW7B,oBAAgBd,WAAW,CAACe,WAXC;AAY7B,qBAAiBf,WAAW,CAACgB,YAZA;AAa7B,qBAAiBhB,WAAW,CAACG,YAbA;AAc7B,oBAAgBH,WAAW,CAACiB,YAdC;AAe7B,aAASjB,WAAW,CAACkB;AAfQ,GAA/B;AAiBAb,EAAAA,WAAW,GAAG,sBAAWA,WAAX,CAAd;AAEA,GAAC,WAAD,EAAc,eAAd,EAA+Bc,OAA/B,CAAuC,UAAUC,UAAV,EAAsB;AAC3D,QAAIC,KAAK,CAACC,OAAN,CAAcjB,WAAW,CAACe,UAAD,CAAzB,CAAJ,EAA4C;AAC1Cf,MAAAA,WAAW,CAACe,UAAD,CAAX,GAA0Bf,WAAW,CAACe,UAAD,CAAX,CAAwBG,IAAxB,CAA6B,GAA7B,CAA1B;AACD;AACF,GAJD;;AAMA,MAAIvB,WAAW,CAACG,YAAZ,CAA0BC,OAA1B,CAAkC,UAAlC,MAAkD,CAAC,CAAnD,IACFJ,WAAW,CAACwB,MAAZ,CAAoBpB,OAApB,CAA4B,QAA5B,MAA0C,CAAC,CAD7C,EACgD;AAC9C,UAAM,IAAIF,oBAAJ,CAAiB,mFAAjB,CAAN;AACD,GAHD,MAGO;AACLG,IAAAA,WAAW,CAACoB,KAAZ,GAAoBzB,WAAW,CAACwB,MAAZ,CAAoBD,IAApB,CAAyB,GAAzB,CAApB;AACD;;AAED,SAAOlB,WAAP;AACD;;AAEM,SAASqB,oBAAT,CAA8B1B,WAA9B,EAAwD;AAC7D,MAAI2B,gBAAgB,GAAG5B,+BAA+B,CAACC,WAAD,CAAtD;AACA,SAAO,yBAAc,EACnB,GAAG2B,gBADgB;AAEnB,QAAI3B,WAAW,CAAC4B,WAAZ,IAA2B,EAAE,GAAG5B,WAAW,CAAC4B;AAAjB,KAA/B;AAFmB,GAAd,CAAP;AAID","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { isString, removeNils, toQueryString } from '../../util';\nimport { AuthSdkError } from '../../errors';\nimport { OAuthParams, TokenParams } from '../../types';\n\nexport function convertTokenParamsToOAuthParams(tokenParams: TokenParams) {\n // Quick validation\n if (!tokenParams.clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');\n }\n\n if (isString(tokenParams.responseType) && tokenParams.responseType.indexOf(' ') !== -1) {\n throw new AuthSdkError('Multiple OAuth responseTypes must be defined as an array');\n }\n\n // Convert our params to their actual OAuth equivalents\n var oauthParams: OAuthParams = {\n 'client_id': tokenParams.clientId,\n 'code_challenge': tokenParams.codeChallenge,\n 'code_challenge_method': tokenParams.codeChallengeMethod,\n 'display': tokenParams.display,\n 'idp': tokenParams.idp,\n 'idp_scope': tokenParams.idpScope,\n 'login_hint': tokenParams.loginHint,\n 'max_age': tokenParams.maxAge,\n 'nonce': tokenParams.nonce,\n 'prompt': tokenParams.prompt,\n 'redirect_uri': tokenParams.redirectUri,\n 'response_mode': tokenParams.responseMode,\n 'response_type': tokenParams.responseType,\n 'sessionToken': tokenParams.sessionToken,\n 'state': tokenParams.state,\n };\n oauthParams = removeNils(oauthParams) as OAuthParams;\n\n ['idp_scope', 'response_type'].forEach(function (mayBeArray) {\n if (Array.isArray(oauthParams[mayBeArray])) {\n oauthParams[mayBeArray] = oauthParams[mayBeArray].join(' ');\n }\n });\n\n if (tokenParams.responseType!.indexOf('id_token') !== -1 &&\n tokenParams.scopes!.indexOf('openid') === -1) {\n throw new AuthSdkError('openid scope must be specified in the scopes argument when requesting an id_token');\n } else {\n oauthParams.scope = tokenParams.scopes!.join(' ');\n }\n\n return oauthParams;\n}\n\nexport function buildAuthorizeParams(tokenParams: TokenParams) {\n var oauthQueryParams = convertTokenParamsToOAuthParams(tokenParams);\n return toQueryString({ \n ...oauthQueryParams, \n ...(tokenParams.extraParams && { ...tokenParams.extraParams })\n });\n}\n"],"file":"authorize.js"}
1
+ {"version":3,"sources":["../../../../lib/oidc/endpoints/authorize.ts"],"names":["convertTokenParamsToOAuthParams","tokenParams","clientId","AuthSdkError","responseType","oauthParams","codeChallenge","codeChallengeMethod","display","idp","idpScope","loginHint","maxAge","nonce","prompt","redirectUri","responseMode","sessionToken","state","forEach","mayBeArray","Array","isArray","join","scopes","scope","buildAuthorizeParams","oauthQueryParams","extraParams"],"mappings":";;;;;;;;;AAcA;;AACA;;AAfA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAOO,SAASA,+BAAT,CAAyCC,WAAzC,EAAmE;AAAA;;AACxE;AACA,MAAI,CAACA,WAAW,CAACC,QAAjB,EAA2B;AACzB,UAAM,IAAIC,oBAAJ,CAAiB,yEAAjB,CAAN;AACD;;AAED,MAAI,oBAASF,WAAW,CAACG,YAArB,KAAsC,iCAAAH,WAAW,CAACG,YAAZ,iBAAiC,GAAjC,MAA0C,CAAC,CAArF,EAAwF;AACtF,UAAM,IAAID,oBAAJ,CAAiB,0DAAjB,CAAN;AACD,GARuE,CAUxE;;;AACA,MAAIE,WAAwB,GAAG;AAC7B,iBAAaJ,WAAW,CAACC,QADI;AAE7B,sBAAkBD,WAAW,CAACK,aAFD;AAG7B,6BAAyBL,WAAW,CAACM,mBAHR;AAI7B,eAAWN,WAAW,CAACO,OAJM;AAK7B,WAAOP,WAAW,CAACQ,GALU;AAM7B,iBAAaR,WAAW,CAACS,QANI;AAO7B,kBAAcT,WAAW,CAACU,SAPG;AAQ7B,eAAWV,WAAW,CAACW,MARM;AAS7B,aAASX,WAAW,CAACY,KATQ;AAU7B,cAAUZ,WAAW,CAACa,MAVO;AAW7B,oBAAgBb,WAAW,CAACc,WAXC;AAY7B,qBAAiBd,WAAW,CAACe,YAZA;AAa7B,qBAAiBf,WAAW,CAACG,YAbA;AAc7B,oBAAgBH,WAAW,CAACgB,YAdC;AAe7B,aAAShB,WAAW,CAACiB;AAfQ,GAA/B;AAiBAb,EAAAA,WAAW,GAAG,sBAAWA,WAAX,CAAd;AAEA,GAAC,WAAD,EAAc,eAAd,EAA+Bc,OAA/B,CAAuC,UAAUC,UAAV,EAAsB;AAC3D,QAAIC,KAAK,CAACC,OAAN,CAAcjB,WAAW,CAACe,UAAD,CAAzB,CAAJ,EAA4C;AAC1Cf,MAAAA,WAAW,CAACe,UAAD,CAAX,GAA0Bf,WAAW,CAACe,UAAD,CAAX,CAAwBG,IAAxB,CAA6B,GAA7B,CAA1B;AACD;AACF,GAJD;;AAMA,MAAI,kCAAAtB,WAAW,CAACG,YAAZ,kBAAkC,UAAlC,MAAkD,CAAC,CAAnD,IACF,kCAAAH,WAAW,CAACuB,MAAZ,kBAA4B,QAA5B,MAA0C,CAAC,CAD7C,EACgD;AAC9C,UAAM,IAAIrB,oBAAJ,CAAiB,mFAAjB,CAAN;AACD,GAHD,MAGO;AACLE,IAAAA,WAAW,CAACoB,KAAZ,GAAoBxB,WAAW,CAACuB,MAAZ,CAAoBD,IAApB,CAAyB,GAAzB,CAApB;AACD;;AAED,SAAOlB,WAAP;AACD;;AAEM,SAASqB,oBAAT,CAA8BzB,WAA9B,EAAwD;AAC7D,MAAI0B,gBAAgB,GAAG3B,+BAA+B,CAACC,WAAD,CAAtD;AACA,SAAO,yBAAc,EACnB,GAAG0B,gBADgB;AAEnB,QAAI1B,WAAW,CAAC2B,WAAZ,IAA2B,EAAE,GAAG3B,WAAW,CAAC2B;AAAjB,KAA/B;AAFmB,GAAd,CAAP;AAID","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { isString, removeNils, toQueryString } from '../../util';\nimport { AuthSdkError } from '../../errors';\nimport { OAuthParams, TokenParams } from '../../types';\n\nexport function convertTokenParamsToOAuthParams(tokenParams: TokenParams) {\n // Quick validation\n if (!tokenParams.clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');\n }\n\n if (isString(tokenParams.responseType) && tokenParams.responseType.indexOf(' ') !== -1) {\n throw new AuthSdkError('Multiple OAuth responseTypes must be defined as an array');\n }\n\n // Convert our params to their actual OAuth equivalents\n var oauthParams: OAuthParams = {\n 'client_id': tokenParams.clientId,\n 'code_challenge': tokenParams.codeChallenge,\n 'code_challenge_method': tokenParams.codeChallengeMethod,\n 'display': tokenParams.display,\n 'idp': tokenParams.idp,\n 'idp_scope': tokenParams.idpScope,\n 'login_hint': tokenParams.loginHint,\n 'max_age': tokenParams.maxAge,\n 'nonce': tokenParams.nonce,\n 'prompt': tokenParams.prompt,\n 'redirect_uri': tokenParams.redirectUri,\n 'response_mode': tokenParams.responseMode,\n 'response_type': tokenParams.responseType,\n 'sessionToken': tokenParams.sessionToken,\n 'state': tokenParams.state,\n };\n oauthParams = removeNils(oauthParams) as OAuthParams;\n\n ['idp_scope', 'response_type'].forEach(function (mayBeArray) {\n if (Array.isArray(oauthParams[mayBeArray])) {\n oauthParams[mayBeArray] = oauthParams[mayBeArray].join(' ');\n }\n });\n\n if (tokenParams.responseType!.indexOf('id_token') !== -1 &&\n tokenParams.scopes!.indexOf('openid') === -1) {\n throw new AuthSdkError('openid scope must be specified in the scopes argument when requesting an id_token');\n } else {\n oauthParams.scope = tokenParams.scopes!.join(' ');\n }\n\n return oauthParams;\n}\n\nexport function buildAuthorizeParams(tokenParams: TokenParams) {\n var oauthQueryParams = convertTokenParamsToOAuthParams(tokenParams);\n return toQueryString({ \n ...oauthQueryParams, \n ...(tokenParams.extraParams && { ...tokenParams.extraParams })\n });\n}\n"],"file":"authorize.js"}
package/cjs/oidc/endpoints/index.js CHANGED
@@ -1,8 +1,10 @@
1
1
  "use strict";
2
2
 
3
+ var _Object$keys = require("@babel/runtime-corejs3/core-js-stable/object/keys");
4
+
3
5
  var _authorize = require("./authorize");
4
6
 
5
- Object.keys(_authorize).forEach(function (key) {
7
+ _Object$keys(_authorize).forEach(function (key) {
6
8
  if (key === "default" || key === "__esModule") return;
7
9
  if (key in exports && exports[key] === _authorize[key]) return;
8
10
  Object.defineProperty(exports, key, {
@@ -15,7 +17,7 @@ Object.keys(_authorize).forEach(function (key) {
15
17
 
16
18
  var _token = require("./token");
17
19
 
18
- Object.keys(_token).forEach(function (key) {
20
+ _Object$keys(_token).forEach(function (key) {
19
21
  if (key === "default" || key === "__esModule") return;
20
22
  if (key in exports && exports[key] === _token[key]) return;
21
23
  Object.defineProperty(exports, key, {
@@ -28,7 +30,7 @@ Object.keys(_token).forEach(function (key) {
28
30
 
29
31
  var _wellKnown = require("./well-known");
30
32
 
31
- Object.keys(_wellKnown).forEach(function (key) {
33
+ _Object$keys(_wellKnown).forEach(function (key) {
32
34
  if (key === "default" || key === "__esModule") return;
33
35
  if (key in exports && exports[key] === _wellKnown[key]) return;
34
36
  Object.defineProperty(exports, key, {
package/cjs/oidc/endpoints/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../lib/oidc/endpoints/index.ts"],"names":[],"mappings":";;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './authorize';\nexport * from './token';\nexport * from './well-known';\n"],"file":"index.js"}
1
+ {"version":3,"sources":["../../../../lib/oidc/endpoints/index.ts"],"names":[],"mappings":";;;;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './authorize';\nexport * from './token';\nexport * from './well-known';\n"],"file":"index.js"}
package/cjs/oidc/endpoints/token.js CHANGED
@@ -1,8 +1,16 @@
1
1
  "use strict";
2
2
 
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
+
3
5
  exports.postToTokenEndpoint = postToTokenEndpoint;
4
6
  exports.postRefreshToken = postRefreshToken;
5
7
 
8
+ var _slice = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/slice"));
9
+
10
+ var _map = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/map"));
11
+
12
+ var _entries = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/entries"));
13
+
6
14
  var _errors = require("../../errors");
7
15
 
8
16
  var _util = require("../../util");
@@ -40,6 +48,8 @@ function validateOptions(options) {
40
48
  }
41
49
 
42
50
  function getPostData(sdk, options) {
51
+ var _context;
52
+
43
53
  // Convert Token params to OAuth params, sent to the /token endpoint
44
54
  var params = (0, _util.removeNils)({
45
55
  'client_id': options.clientId,
@@ -63,7 +73,7 @@ function getPostData(sdk, options) {
63
73
  } // Encode as URL string
64
74
 
65
75
 
66
- return (0, _util.toQueryString)(params).slice(1);
76
+ return (0, _slice.default)(_context = (0, _util.toQueryString)(params)).call(_context, 1);
67
77
  } // exchange authorization code for an access token
68
78
 
69
79
 
@@ -82,13 +92,15 @@ function postToTokenEndpoint(sdk, options, urls) {
82
92
  }
83
93
 
84
94
  function postRefreshToken(sdk, options, refreshToken) {
95
+ var _context2;
96
+
85
97
  return (0, _http.httpRequest)(sdk, {
86
98
  url: refreshToken.tokenUrl,
87
99
  method: 'POST',
88
100
  headers: {
89
101
  'Content-Type': 'application/x-www-form-urlencoded'
90
102
  },
91
- args: Object.entries({
103
+ args: (0, _map.default)(_context2 = (0, _entries.default)({
92
104
  client_id: options.clientId,
93
105
  // eslint-disable-line camelcase
94
106
  grant_type: 'refresh_token',
@@ -96,7 +108,7 @@ function postRefreshToken(sdk, options, refreshToken) {
96
108
  scope: refreshToken.scopes.join(' '),
97
109
  refresh_token: refreshToken.refreshToken // eslint-disable-line camelcase
98
110
 
99
- }).map(function ([name, value]) {
111
+ })).call(_context2, function ([name, value]) {
100
112
  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
101
113
  return name + '=' + encodeURIComponent(value);
102
114
  }).join('&')
package/cjs/oidc/endpoints/token.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../lib/oidc/endpoints/token.ts"],"names":["validateOptions","options","clientId","AuthSdkError","redirectUri","authorizationCode","interactionCode","codeVerifier","getPostData","sdk","params","code","clientSecret","slice","postToTokenEndpoint","urls","data","headers","url","tokenUrl","method","args","postRefreshToken","refreshToken","Object","entries","client_id","grant_type","scope","scopes","join","refresh_token","map","name","value","encodeURIComponent"],"mappings":";;;;;AAaA;;AAEA;;AACA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAQA,SAASA,eAAT,CAAyBC,OAAzB,EAA+C;AAC7C;AACA,MAAI,CAACA,OAAO,CAACC,QAAb,EAAuB;AACrB,UAAM,IAAIC,oBAAJ,CAAiB,yEAAjB,CAAN;AACD;;AAED,MAAI,CAACF,OAAO,CAACG,WAAb,EAA0B;AACxB,UAAM,IAAID,oBAAJ,CAAiB,oEAAjB,CAAN;AACD;;AAED,MAAI,CAACF,OAAO,CAACI,iBAAT,IAA8B,CAACJ,OAAO,CAACK,eAA3C,EAA4D;AAC1D,UAAM,IAAIH,oBAAJ,CAAiB,2EAAjB,CAAN;AACD;;AAED,MAAI,CAACF,OAAO,CAACM,YAAb,EAA2B;AACzB,UAAM,IAAIJ,oBAAJ,CAAiB,+EAAjB,CAAN;AACD;AACF;;AAED,SAASK,WAAT,CAAqBC,GAArB,EAA0BR,OAA1B,EAAwD;AACtD;AACA,MAAIS,MAAmB,GAAG,sBAAW;AACnC,iBAAaT,OAAO,CAACC,QADc;AAEnC,oBAAgBD,OAAO,CAACG,WAFW;AAGnC,kBAAcH,OAAO,CAACK,eAAR,GAA0B,kBAA1B,GAA+C,oBAH1B;AAInC,qBAAiBL,OAAO,CAACM;AAJU,GAAX,CAA1B;;AAOA,MAAIN,OAAO,CAACK,eAAZ,EAA6B;AAC3BI,IAAAA,MAAM,CAAC,kBAAD,CAAN,GAA6BT,OAAO,CAACK,eAArC;AACD,GAFD,MAEO,IAAIL,OAAO,CAACI,iBAAZ,EAA+B;AACpCK,IAAAA,MAAM,CAACC,IAAP,GAAcV,OAAO,CAACI,iBAAtB;AACD;;AAED,QAAM;AAAEO,IAAAA;AAAF,MAAmBH,GAAG,CAACR,OAA7B;;AACA,MAAIW,YAAJ,EAAkB;AAChBF,IAAAA,MAAM,CAAC,eAAD,CAAN,GAA0BE,YAA1B;AACD,GAlBqD,CAoBtD;;;AACA,SAAO,yBAAcF,MAAd,EAAsBG,KAAtB,CAA4B,CAA5B,CAAP;AACD,C,CAED;;;AACO,SAASC,mBAAT,CAA6BL,GAA7B,EAAkCR,OAAlC,EAAwDc,IAAxD,EAAkG;AACvGf,EAAAA,eAAe,CAACC,OAAD,CAAf;AACA,MAAIe,IAAI,GAAGR,WAAW,CAACC,GAAD,EAAMR,OAAN,CAAtB;AAEA,QAAMgB,OAAO,GAAG;AACd,oBAAgB;AADF,GAAhB;AAIA,SAAO,uBAAYR,GAAZ,EAAiB;AACtBS,IAAAA,GAAG,EAAEH,IAAI,CAACI,QADY;AAEtBC,IAAAA,MAAM,EAAE,MAFc;AAGtBC,IAAAA,IAAI,EAAEL,IAHgB;AAItBC,IAAAA;AAJsB,GAAjB,CAAP;AAMD;;AAEM,SAASK,gBAAT,CAA0Bb,GAA1B,EAA+BR,OAA/B,EAAqDsB,YAArD,EAAyG;AAC9G,SAAO,uBAAYd,GAAZ,EAAiB;AACtBS,IAAAA,GAAG,EAAEK,YAAY,CAACJ,QADI;AAEtBC,IAAAA,MAAM,EAAE,MAFc;AAGtBH,IAAAA,OAAO,EAAE;AACP,sBAAgB;AADT,KAHa;AAOtBI,IAAAA,IAAI,EAAEG,MAAM,CAACC,OAAP,CAAe;AACnBC,MAAAA,SAAS,EAAEzB,OAAO,CAACC,QADA;AACU;AAC7ByB,MAAAA,UAAU,EAAE,eAFO;AAEU;AAC7BC,MAAAA,KAAK,EAAEL,YAAY,CAACM,MAAb,CAAoBC,IAApB,CAAyB,GAAzB,CAHY;AAInBC,MAAAA,aAAa,EAAER,YAAY,CAACA,YAJT,CAIuB;;AAJvB,KAAf,EAKHS,GALG,CAKC,UAAU,CAACC,IAAD,EAAOC,KAAP,CAAV,EAAyB;AAC9B;AACA,aAAOD,IAAI,GAAG,GAAP,GAAaE,kBAAkB,CAACD,KAAD,CAAtC;AACD,KARK,EAQHJ,IARG,CAQE,GARF;AAPgB,GAAjB,CAAP;AAiBD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../../errors';\nimport { CustomUrls, OAuthParams, OAuthResponse, RefreshToken, TokenParams } from '../../types';\nimport { removeNils, toQueryString } from '../../util';\nimport { httpRequest } from '../../http';\n\nfunction validateOptions(options: TokenParams) {\n // Quick validation\n if (!options.clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');\n }\n\n if (!options.redirectUri) {\n throw new AuthSdkError('The redirectUri passed to /authorize must also be passed to /token');\n }\n\n if (!options.authorizationCode && !options.interactionCode) {\n throw new AuthSdkError('An authorization code (returned from /authorize) must be passed to /token');\n }\n\n if (!options.codeVerifier) {\n throw new AuthSdkError('The \"codeVerifier\" (generated and saved by your app) must be passed to /token');\n }\n}\n\nfunction getPostData(sdk, options: TokenParams): string {\n // Convert Token params to OAuth params, sent to the /token endpoint\n var params: OAuthParams = removeNils({\n 'client_id': options.clientId,\n 'redirect_uri': options.redirectUri,\n 'grant_type': options.interactionCode ? 'interaction_code' : 'authorization_code',\n 'code_verifier': options.codeVerifier\n });\n\n if (options.interactionCode) {\n params['interaction_code'] = options.interactionCode;\n } else if (options.authorizationCode) {\n params.code = options.authorizationCode;\n }\n\n const { clientSecret } = sdk.options;\n if (clientSecret) {\n params['client_secret'] = clientSecret;\n }\n\n // Encode as URL string\n return toQueryString(params).slice(1);\n}\n\n// exchange authorization code for an access token\nexport function postToTokenEndpoint(sdk, options: TokenParams, urls: CustomUrls): Promise<OAuthResponse> {\n validateOptions(options);\n var data = getPostData(sdk, options);\n\n const headers = {\n 'Content-Type': 'application/x-www-form-urlencoded'\n };\n\n return httpRequest(sdk, {\n url: urls.tokenUrl,\n method: 'POST',\n args: data,\n headers\n });\n}\n\nexport function postRefreshToken(sdk, options: TokenParams, refreshToken: RefreshToken): Promise<OAuthResponse> {\n return httpRequest(sdk, {\n url: refreshToken.tokenUrl,\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n },\n\n args: Object.entries({\n client_id: options.clientId, // eslint-disable-line camelcase\n grant_type: 'refresh_token', // eslint-disable-line camelcase\n scope: refreshToken.scopes.join(' '),\n refresh_token: refreshToken.refreshToken, // eslint-disable-line camelcase\n }).map(function ([name, value]) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return name + '=' + encodeURIComponent(value!);\n }).join('&'),\n });\n}"],"file":"token.js"}
1
+ {"version":3,"sources":["../../../../lib/oidc/endpoints/token.ts"],"names":["validateOptions","options","clientId","AuthSdkError","redirectUri","authorizationCode","interactionCode","codeVerifier","getPostData","sdk","params","code","clientSecret","postToTokenEndpoint","urls","data","headers","url","tokenUrl","method","args","postRefreshToken","refreshToken","client_id","grant_type","scope","scopes","join","refresh_token","name","value","encodeURIComponent"],"mappings":";;;;;;;;;;;;;AAaA;;AAEA;;AACA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAQA,SAASA,eAAT,CAAyBC,OAAzB,EAA+C;AAC7C;AACA,MAAI,CAACA,OAAO,CAACC,QAAb,EAAuB;AACrB,UAAM,IAAIC,oBAAJ,CAAiB,yEAAjB,CAAN;AACD;;AAED,MAAI,CAACF,OAAO,CAACG,WAAb,EAA0B;AACxB,UAAM,IAAID,oBAAJ,CAAiB,oEAAjB,CAAN;AACD;;AAED,MAAI,CAACF,OAAO,CAACI,iBAAT,IAA8B,CAACJ,OAAO,CAACK,eAA3C,EAA4D;AAC1D,UAAM,IAAIH,oBAAJ,CAAiB,2EAAjB,CAAN;AACD;;AAED,MAAI,CAACF,OAAO,CAACM,YAAb,EAA2B;AACzB,UAAM,IAAIJ,oBAAJ,CAAiB,+EAAjB,CAAN;AACD;AACF;;AAED,SAASK,WAAT,CAAqBC,GAArB,EAA0BR,OAA1B,EAAwD;AAAA;;AACtD;AACA,MAAIS,MAAmB,GAAG,sBAAW;AACnC,iBAAaT,OAAO,CAACC,QADc;AAEnC,oBAAgBD,OAAO,CAACG,WAFW;AAGnC,kBAAcH,OAAO,CAACK,eAAR,GAA0B,kBAA1B,GAA+C,oBAH1B;AAInC,qBAAiBL,OAAO,CAACM;AAJU,GAAX,CAA1B;;AAOA,MAAIN,OAAO,CAACK,eAAZ,EAA6B;AAC3BI,IAAAA,MAAM,CAAC,kBAAD,CAAN,GAA6BT,OAAO,CAACK,eAArC;AACD,GAFD,MAEO,IAAIL,OAAO,CAACI,iBAAZ,EAA+B;AACpCK,IAAAA,MAAM,CAACC,IAAP,GAAcV,OAAO,CAACI,iBAAtB;AACD;;AAED,QAAM;AAAEO,IAAAA;AAAF,MAAmBH,GAAG,CAACR,OAA7B;;AACA,MAAIW,YAAJ,EAAkB;AAChBF,IAAAA,MAAM,CAAC,eAAD,CAAN,GAA0BE,YAA1B;AACD,GAlBqD,CAoBtD;;;AACA,SAAO,wDAAcF,MAAd,kBAA4B,CAA5B,CAAP;AACD,C,CAED;;;AACO,SAASG,mBAAT,CAA6BJ,GAA7B,EAAkCR,OAAlC,EAAwDa,IAAxD,EAAkG;AACvGd,EAAAA,eAAe,CAACC,OAAD,CAAf;AACA,MAAIc,IAAI,GAAGP,WAAW,CAACC,GAAD,EAAMR,OAAN,CAAtB;AAEA,QAAMe,OAAO,GAAG;AACd,oBAAgB;AADF,GAAhB;AAIA,SAAO,uBAAYP,GAAZ,EAAiB;AACtBQ,IAAAA,GAAG,EAAEH,IAAI,CAACI,QADY;AAEtBC,IAAAA,MAAM,EAAE,MAFc;AAGtBC,IAAAA,IAAI,EAAEL,IAHgB;AAItBC,IAAAA;AAJsB,GAAjB,CAAP;AAMD;;AAEM,SAASK,gBAAT,CAA0BZ,GAA1B,EAA+BR,OAA/B,EAAqDqB,YAArD,EAAyG;AAAA;;AAC9G,SAAO,uBAAYb,GAAZ,EAAiB;AACtBQ,IAAAA,GAAG,EAAEK,YAAY,CAACJ,QADI;AAEtBC,IAAAA,MAAM,EAAE,MAFc;AAGtBH,IAAAA,OAAO,EAAE;AACP,sBAAgB;AADT,KAHa;AAOtBI,IAAAA,IAAI,EAAE,oDAAe;AACnBG,MAAAA,SAAS,EAAEtB,OAAO,CAACC,QADA;AACU;AAC7BsB,MAAAA,UAAU,EAAE,eAFO;AAEU;AAC7BC,MAAAA,KAAK,EAAEH,YAAY,CAACI,MAAb,CAAoBC,IAApB,CAAyB,GAAzB,CAHY;AAInBC,MAAAA,aAAa,EAAEN,YAAY,CAACA,YAJT,CAIuB;;AAJvB,KAAf,mBAKC,UAAU,CAACO,IAAD,EAAOC,KAAP,CAAV,EAAyB;AAC9B;AACA,aAAOD,IAAI,GAAG,GAAP,GAAaE,kBAAkB,CAACD,KAAD,CAAtC;AACD,KARK,EAQHH,IARG,CAQE,GARF;AAPgB,GAAjB,CAAP;AAiBD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../../errors';\nimport { CustomUrls, OAuthParams, OAuthResponse, RefreshToken, TokenParams } from '../../types';\nimport { removeNils, toQueryString } from '../../util';\nimport { httpRequest } from '../../http';\n\nfunction validateOptions(options: TokenParams) {\n // Quick validation\n if (!options.clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');\n }\n\n if (!options.redirectUri) {\n throw new AuthSdkError('The redirectUri passed to /authorize must also be passed to /token');\n }\n\n if (!options.authorizationCode && !options.interactionCode) {\n throw new AuthSdkError('An authorization code (returned from /authorize) must be passed to /token');\n }\n\n if (!options.codeVerifier) {\n throw new AuthSdkError('The \"codeVerifier\" (generated and saved by your app) must be passed to /token');\n }\n}\n\nfunction getPostData(sdk, options: TokenParams): string {\n // Convert Token params to OAuth params, sent to the /token endpoint\n var params: OAuthParams = removeNils({\n 'client_id': options.clientId,\n 'redirect_uri': options.redirectUri,\n 'grant_type': options.interactionCode ? 'interaction_code' : 'authorization_code',\n 'code_verifier': options.codeVerifier\n });\n\n if (options.interactionCode) {\n params['interaction_code'] = options.interactionCode;\n } else if (options.authorizationCode) {\n params.code = options.authorizationCode;\n }\n\n const { clientSecret } = sdk.options;\n if (clientSecret) {\n params['client_secret'] = clientSecret;\n }\n\n // Encode as URL string\n return toQueryString(params).slice(1);\n}\n\n// exchange authorization code for an access token\nexport function postToTokenEndpoint(sdk, options: TokenParams, urls: CustomUrls): Promise<OAuthResponse> {\n validateOptions(options);\n var data = getPostData(sdk, options);\n\n const headers = {\n 'Content-Type': 'application/x-www-form-urlencoded'\n };\n\n return httpRequest(sdk, {\n url: urls.tokenUrl,\n method: 'POST',\n args: data,\n headers\n });\n}\n\nexport function postRefreshToken(sdk, options: TokenParams, refreshToken: RefreshToken): Promise<OAuthResponse> {\n return httpRequest(sdk, {\n url: refreshToken.tokenUrl,\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n },\n\n args: Object.entries({\n client_id: options.clientId, // eslint-disable-line camelcase\n grant_type: 'refresh_token', // eslint-disable-line camelcase\n scope: refreshToken.scopes.join(' '),\n refresh_token: refreshToken.refreshToken, // eslint-disable-line camelcase\n }).map(function ([name, value]) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return name + '=' + encodeURIComponent(value!);\n }).join('&'),\n });\n}"],"file":"token.js"}
package/cjs/oidc/endpoints/well-known.js CHANGED
@@ -1,10 +1,14 @@
1
1
  "use strict";
2
2
 
3
- var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
3
+ var _findInstanceProperty = require("@babel/runtime-corejs3/core-js-stable/instance/find");
4
+
5
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
6
 
5
7
  exports.getWellKnown = getWellKnown;
6
8
  exports.getKey = getKey;
7
9
 
10
+ var _keys = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/keys"));
11
+
8
12
  var _http = require("../../http");
9
13
 
10
14
  var _util = require("../../util");
@@ -39,7 +43,7 @@ function getKey(sdk, issuer, kid) {
39
43
  var cachedResponse = cacheContents[jwksUri];
40
44
 
41
45
  if (cachedResponse && Date.now() / 1000 < cachedResponse.expiresAt) {
42
- var cachedKey = (0, _util.find)(cachedResponse.response.keys, {
46
+ var cachedKey = (0, _findInstanceProperty(_util))((0, _keys.default)(cachedResponse.response), {
43
47
  kid: kid
44
48
  });
45
49
 
@@ -54,7 +58,7 @@ function getKey(sdk, issuer, kid) {
54
58
  return (0, _http.get)(sdk, jwksUri, {
55
59
  cacheResponse: true
56
60
  }).then(function (res) {
57
- var key = (0, _util.find)(res.keys, {
61
+ var key = (0, _findInstanceProperty(_util))((0, _keys.default)(res), {
58
62
  kid: kid
59
63
  });
60
64
 
package/cjs/oidc/endpoints/well-known.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../lib/oidc/endpoints/well-known.ts"],"names":["getWellKnown","sdk","issuer","authServerUri","options","cacheResponse","getKey","kid","httpCache","storageManager","getHttpCache","cookies","then","wellKnown","jwksUri","cacheContents","getStorage","cachedResponse","Date","now","expiresAt","cachedKey","response","keys","clearStorage","res","key","AuthSdkError"],"mappings":";;;;;;;AAYA;;AACA;;AAEA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,YAAT,CAAsBC,GAAtB,EAAqCC,MAArC,EAAkF;AACvF,MAAIC,aAAa,GAAID,MAAM,IAAID,GAAG,CAACG,OAAJ,CAAYF,MAA3C;AACA,SAAO,eAAID,GAAJ,EAASE,aAAa,GAAG,mCAAzB,EAA8D;AACnEE,IAAAA,aAAa,EAAE;AADoD,GAA9D,CAAP;AAGD;;AAEM,SAASC,MAAT,CAAgBL,GAAhB,EAA+BC,MAA/B,EAA+CK,GAA/C,EAA6E;AAClF,MAAIC,SAAS,GAAGP,GAAG,CAACQ,cAAJ,CAAmBC,YAAnB,CAAgCT,GAAG,CAACG,OAAJ,CAAYO,OAA5C,CAAhB;AAEA,SAAOX,YAAY,CAACC,GAAD,EAAMC,MAAN,CAAZ,CACNU,IADM,CACD,UAASC,SAAT,EAAoB;AACxB,QAAIC,OAAO,GAAGD,SAAS,CAAC,UAAD,CAAvB,CADwB,CAGxB;;AACA,QAAIE,aAAa,GAAGP,SAAS,CAACQ,UAAV,EAApB;AACA,QAAIC,cAAc,GAAGF,aAAa,CAACD,OAAD,CAAlC;;AACA,QAAIG,cAAc,IAAIC,IAAI,CAACC,GAAL,KAAW,IAAX,GAAkBF,cAAc,CAACG,SAAvD,EAAkE;AAChE,UAAIC,SAAS,GAAG,gBAAKJ,cAAc,CAACK,QAAf,CAAwBC,IAA7B,EAAmC;AACjDhB,QAAAA,GAAG,EAAEA;AAD4C,OAAnC,CAAhB;;AAIA,UAAIc,SAAJ,EAAe;AACb,eAAOA,SAAP;AACD;AACF,KAduB,CAgBxB;;;AACAb,IAAAA,SAAS,CAACgB,YAAV,CAAuBV,OAAvB,EAjBwB,CAmBxB;;AACA,WAAO,eAAIb,GAAJ,EAASa,OAAT,EAAkB;AACvBT,MAAAA,aAAa,EAAE;AADQ,KAAlB,EAGNO,IAHM,CAGD,UAASa,GAAT,EAAc;AAClB,UAAIC,GAAG,GAAG,gBAAKD,GAAG,CAACF,IAAT,EAAe;AACvBhB,QAAAA,GAAG,EAAEA;AADkB,OAAf,CAAV;;AAIA,UAAImB,GAAJ,EAAS;AACP,eAAOA,GAAP;AACD;;AAED,YAAM,IAAIC,qBAAJ,CAAiB,iBAAiBpB,GAAjB,GAAuB,uCAAxC,CAAN;AACD,KAbM,CAAP;AAcD,GAnCM,CAAP;AAoCD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { get } from '../../http';\nimport { find } from '../../util';\nimport { OktaAuth, WellKnownResponse } from '../../types';\nimport AuthSdkError from '../../errors/AuthSdkError';\n\nexport function getWellKnown(sdk: OktaAuth, issuer?: string): Promise<WellKnownResponse> {\n var authServerUri = (issuer || sdk.options.issuer);\n return get(sdk, authServerUri + '/.well-known/openid-configuration', {\n cacheResponse: true\n });\n}\n\nexport function getKey(sdk: OktaAuth, issuer: string, kid: string): Promise<string> {\n var httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);\n\n return getWellKnown(sdk, issuer)\n .then(function(wellKnown) {\n var jwksUri = wellKnown['jwks_uri'];\n\n // Check our kid against the cached version (if it exists and isn't expired)\n var cacheContents = httpCache.getStorage();\n var cachedResponse = cacheContents[jwksUri];\n if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n var cachedKey = find(cachedResponse.response.keys, {\n kid: kid\n });\n\n if (cachedKey) {\n return cachedKey;\n }\n }\n\n // Remove cache for the key\n httpCache.clearStorage(jwksUri);\n\n // Pull the latest keys if the key wasn't in the cache\n return get(sdk, jwksUri, {\n cacheResponse: true\n })\n .then(function(res) {\n var key = find(res.keys, {\n kid: kid\n });\n\n if (key) {\n return key;\n }\n\n throw new AuthSdkError('The key id, ' + kid + ', was not found in the server\\'s keys');\n });\n });\n}\n"],"file":"well-known.js"}
1
+ {"version":3,"sources":["../../../../lib/oidc/endpoints/well-known.ts"],"names":["getWellKnown","sdk","issuer","authServerUri","options","cacheResponse","getKey","kid","httpCache","storageManager","getHttpCache","cookies","then","wellKnown","jwksUri","cacheContents","getStorage","cachedResponse","Date","now","expiresAt","cachedKey","response","clearStorage","res","key","AuthSdkError"],"mappings":";;;;;;;;;;;AAYA;;AACA;;AAEA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,YAAT,CAAsBC,GAAtB,EAA8CC,MAA9C,EAA2F;AAChG,MAAIC,aAAa,GAAID,MAAM,IAAID,GAAG,CAACG,OAAJ,CAAYF,MAA3C;AACA,SAAO,eAAID,GAAJ,EAASE,aAAa,GAAG,mCAAzB,EAA8D;AACnEE,IAAAA,aAAa,EAAE;AADoD,GAA9D,CAAP;AAGD;;AAEM,SAASC,MAAT,CAAgBL,GAAhB,EAAwCC,MAAxC,EAAwDK,GAAxD,EAAsF;AAC3F,MAAIC,SAAS,GAAGP,GAAG,CAACQ,cAAJ,CAAmBC,YAAnB,CAAgCT,GAAG,CAACG,OAAJ,CAAYO,OAA5C,CAAhB;AAEA,SAAOX,YAAY,CAACC,GAAD,EAAMC,MAAN,CAAZ,CACNU,IADM,CACD,UAASC,SAAT,EAAoB;AACxB,QAAIC,OAAO,GAAGD,SAAS,CAAC,UAAD,CAAvB,CADwB,CAGxB;;AACA,QAAIE,aAAa,GAAGP,SAAS,CAACQ,UAAV,EAApB;AACA,QAAIC,cAAc,GAAGF,aAAa,CAACD,OAAD,CAAlC;;AACA,QAAIG,cAAc,IAAIC,IAAI,CAACC,GAAL,KAAW,IAAX,GAAkBF,cAAc,CAACG,SAAvD,EAAkE;AAChE,UAAIC,SAAS,GAAG,qDAAKJ,cAAc,CAACK,QAApB,GAAmC;AACjDf,QAAAA,GAAG,EAAEA;AAD4C,OAAnC,CAAhB;;AAIA,UAAIc,SAAJ,EAAe;AACb,eAAOA,SAAP;AACD;AACF,KAduB,CAgBxB;;;AACAb,IAAAA,SAAS,CAACe,YAAV,CAAuBT,OAAvB,EAjBwB,CAmBxB;;AACA,WAAO,eAAIb,GAAJ,EAASa,OAAT,EAAkB;AACvBT,MAAAA,aAAa,EAAE;AADQ,KAAlB,EAGNO,IAHM,CAGD,UAASY,GAAT,EAAc;AAClB,UAAIC,GAAG,GAAG,qDAAKD,GAAL,GAAe;AACvBjB,QAAAA,GAAG,EAAEA;AADkB,OAAf,CAAV;;AAIA,UAAIkB,GAAJ,EAAS;AACP,eAAOA,GAAP;AACD;;AAED,YAAM,IAAIC,qBAAJ,CAAiB,iBAAiBnB,GAAjB,GAAuB,uCAAxC,CAAN;AACD,KAbM,CAAP;AAcD,GAnCM,CAAP;AAoCD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { get } from '../../http';\nimport { find } from '../../util';\nimport { OktaAuthInterface, WellKnownResponse } from '../../types';\nimport AuthSdkError from '../../errors/AuthSdkError';\n\nexport function getWellKnown(sdk: OktaAuthInterface, issuer?: string): Promise<WellKnownResponse> {\n var authServerUri = (issuer || sdk.options.issuer);\n return get(sdk, authServerUri + '/.well-known/openid-configuration', {\n cacheResponse: true\n });\n}\n\nexport function getKey(sdk: OktaAuthInterface, issuer: string, kid: string): Promise<string> {\n var httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);\n\n return getWellKnown(sdk, issuer)\n .then(function(wellKnown) {\n var jwksUri = wellKnown['jwks_uri'];\n\n // Check our kid against the cached version (if it exists and isn't expired)\n var cacheContents = httpCache.getStorage();\n var cachedResponse = cacheContents[jwksUri];\n if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n var cachedKey = find(cachedResponse.response.keys, {\n kid: kid\n });\n\n if (cachedKey) {\n return cachedKey;\n }\n }\n\n // Remove cache for the key\n httpCache.clearStorage(jwksUri);\n\n // Pull the latest keys if the key wasn't in the cache\n return get(sdk, jwksUri, {\n cacheResponse: true\n })\n .then(function(res) {\n var key = find(res.keys, {\n kid: kid\n });\n\n if (key) {\n return key;\n }\n\n throw new AuthSdkError('The key id, ' + kid + ', was not found in the server\\'s keys');\n });\n });\n}\n"],"file":"well-known.js"}
package/cjs/oidc/exchangeCodeForTokens.js CHANGED
@@ -1,7 +1,13 @@
1
1
  "use strict";
2
2
 
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
+
3
5
  exports.exchangeCodeForTokens = exchangeCodeForTokens;
4
6
 
7
+ var _assign = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/assign"));
8
+
9
+ var _indexOf = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/index-of"));
10
+
5
11
  var _util = require("./util");
6
12
 
7
13
  var _util2 = require("../util");
@@ -30,7 +36,7 @@ var _handleOAuthResponse = require("./handleOAuthResponse");
30
36
  function exchangeCodeForTokens(sdk, tokenParams, urls) {
31
37
  urls = urls || (0, _util.getOAuthUrls)(sdk, tokenParams); // build params using defaults + options
32
38
 
33
- tokenParams = Object.assign({}, (0, _util.getDefaultTokenParams)(sdk), (0, _util2.clone)(tokenParams));
39
+ tokenParams = (0, _assign.default)({}, (0, _util.getDefaultTokenParams)(sdk), (0, _util2.clone)(tokenParams));
34
40
  const {
35
41
  authorizationCode,
36
42
  interactionCode,
@@ -49,12 +55,14 @@ function exchangeCodeForTokens(sdk, tokenParams, urls) {
49
55
  codeVerifier
50
56
  };
51
57
  return (0, _token.postToTokenEndpoint)(sdk, getTokenOptions, urls).then(response => {
58
+ var _context;
59
+
52
60
  // `handleOAuthResponse` hanadles responses from both `/authorize` and `/token` endpoints
53
61
  // Here we modify the response from `/token` so that it more closely matches a response from `/authorize`
54
62
  // `responseType` is used to validate that the expected tokens were returned
55
63
  const responseType = ['token']; // an accessToken will always be returned
56
64
 
57
- if (scopes.indexOf('openid') !== -1) {
65
+ if ((0, _indexOf.default)(_context = scopes).call(_context, 'openid') !== -1) {
58
66
  responseType.push('id_token'); // an idToken will be returned if "openid" is in the scopes
59
67
  }
60
68
 
package/cjs/oidc/exchangeCodeForTokens.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/oidc/exchangeCodeForTokens.ts"],"names":["exchangeCodeForTokens","sdk","tokenParams","urls","Object","assign","authorizationCode","interactionCode","codeVerifier","clientId","redirectUri","scopes","ignoreSignature","state","getTokenOptions","then","response","responseType","indexOf","push","handleResponseOptions","code","finally","transactionManager","clear"],"mappings":";;;;AAeA;;AACA;;AACA;;AACA;;AAlBA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAOA;AACO,SAASA,qBAAT,CAA+BC,GAA/B,EAA8CC,WAA9C,EAAwEC,IAAxE,EAAmH;AACxHA,EAAAA,IAAI,GAAGA,IAAI,IAAI,wBAAaF,GAAb,EAAkBC,WAAlB,CAAf,CADwH,CAExH;;AACAA,EAAAA,WAAW,GAAGE,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkB,iCAAsBJ,GAAtB,CAAlB,EAA8C,kBAAMC,WAAN,CAA9C,CAAd;AAEA,QAAM;AACJI,IAAAA,iBADI;AAEJC,IAAAA,eAFI;AAGJC,IAAAA,YAHI;AAIJC,IAAAA,QAJI;AAKJC,IAAAA,WALI;AAMJC,IAAAA,MANI;AAOJC,IAAAA,eAPI;AAQJC,IAAAA;AARI,MASFX,WATJ;AAWA,MAAIY,eAAe,GAAG;AACpBL,IAAAA,QADoB;AAEpBC,IAAAA,WAFoB;AAGpBJ,IAAAA,iBAHoB;AAIpBC,IAAAA,eAJoB;AAKpBC,IAAAA;AALoB,GAAtB;AAQA,SAAO,gCAAoBP,GAApB,EAAyBa,eAAzB,EAA0CX,IAA1C,EACJY,IADI,CACEC,QAAD,IAA6B;AAEjC;AACA;AACA;AACA,UAAMC,YAAY,GAAG,CAAC,OAAD,CAArB,CALiC,CAKD;;AAChC,QAAIN,MAAM,CAAEO,OAAR,CAAgB,QAAhB,MAA8B,CAAC,CAAnC,EAAsC;AACpCD,MAAAA,YAAY,CAACE,IAAb,CAAkB,UAAlB,EADoC,CACL;AAChC;;AACD,UAAMC,qBAAkC,GAAG;AACzCX,MAAAA,QADyC;AAEzCC,MAAAA,WAFyC;AAGzCC,MAAAA,MAHyC;AAIzCM,MAAAA,YAJyC;AAKzCL,MAAAA;AALyC,KAA3C;AAOA,WAAO,8CAAoBX,GAApB,EAAyBmB,qBAAzB,EAAgDJ,QAAhD,EAA0Db,IAA1D,EACJY,IADI,CACEC,QAAD,IAA6B;AACjC;AACAA,MAAAA,QAAQ,CAACK,IAAT,GAAgBf,iBAAhB;AACAU,MAAAA,QAAQ,CAACH,KAAT,GAAiBA,KAAjB;AACA,aAAOG,QAAP;AACD,KANI,CAAP;AAOD,GAxBI,EAyBJM,OAzBI,CAyBI,MAAM;AACbrB,IAAAA,GAAG,CAACsB,kBAAJ,CAAuBC,KAAvB;AACD,GA3BI,CAAP;AA4BD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/* eslint-disable max-len */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { CustomUrls, OAuthResponse, OktaAuth, TokenParams, TokenResponse } from '../types';\nimport { getOAuthUrls, getDefaultTokenParams } from './util';\nimport { clone } from '../util';\nimport { postToTokenEndpoint } from './endpoints/token';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n\n// codeVerifier is required. May pass either an authorizationCode or interactionCode\nexport function exchangeCodeForTokens(sdk: OktaAuth, tokenParams: TokenParams, urls?: CustomUrls): Promise<TokenResponse> {\n urls = urls || getOAuthUrls(sdk, tokenParams);\n // build params using defaults + options\n tokenParams = Object.assign({}, getDefaultTokenParams(sdk), clone(tokenParams));\n\n const {\n authorizationCode,\n interactionCode,\n codeVerifier,\n clientId,\n redirectUri,\n scopes,\n ignoreSignature,\n state\n } = tokenParams;\n\n var getTokenOptions = {\n clientId,\n redirectUri,\n authorizationCode,\n interactionCode,\n codeVerifier,\n };\n\n return postToTokenEndpoint(sdk, getTokenOptions, urls)\n .then((response: OAuthResponse) => {\n\n // `handleOAuthResponse` hanadles responses from both `/authorize` and `/token` endpoints\n // Here we modify the response from `/token` so that it more closely matches a response from `/authorize`\n // `responseType` is used to validate that the expected tokens were returned\n const responseType = ['token']; // an accessToken will always be returned\n if (scopes!.indexOf('openid') !== -1) {\n responseType.push('id_token'); // an idToken will be returned if \"openid\" is in the scopes\n }\n const handleResponseOptions: TokenParams = {\n clientId,\n redirectUri,\n scopes,\n responseType,\n ignoreSignature,\n };\n return handleOAuthResponse(sdk, handleResponseOptions, response, urls!)\n .then((response: TokenResponse) => {\n // For compatibility, \"code\" is returned in the TokenResponse. OKTA-326091\n response.code = authorizationCode;\n response.state = state!;\n return response;\n });\n })\n .finally(() => {\n sdk.transactionManager.clear();\n });\n}"],"file":"exchangeCodeForTokens.js"}
1
+ {"version":3,"sources":["../../../lib/oidc/exchangeCodeForTokens.ts"],"names":["exchangeCodeForTokens","sdk","tokenParams","urls","authorizationCode","interactionCode","codeVerifier","clientId","redirectUri","scopes","ignoreSignature","state","getTokenOptions","then","response","responseType","push","handleResponseOptions","code","finally","transactionManager","clear"],"mappings":";;;;;;;;;;AAeA;;AACA;;AACA;;AACA;;AAlBA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAOA;AACO,SAASA,qBAAT,CAA+BC,GAA/B,EAAuDC,WAAvD,EAAiFC,IAAjF,EAA4H;AACjIA,EAAAA,IAAI,GAAGA,IAAI,IAAI,wBAAaF,GAAb,EAAkBC,WAAlB,CAAf,CADiI,CAEjI;;AACAA,EAAAA,WAAW,GAAG,qBAAc,EAAd,EAAkB,iCAAsBD,GAAtB,CAAlB,EAA8C,kBAAMC,WAAN,CAA9C,CAAd;AAEA,QAAM;AACJE,IAAAA,iBADI;AAEJC,IAAAA,eAFI;AAGJC,IAAAA,YAHI;AAIJC,IAAAA,QAJI;AAKJC,IAAAA,WALI;AAMJC,IAAAA,MANI;AAOJC,IAAAA,eAPI;AAQJC,IAAAA;AARI,MASFT,WATJ;AAWA,MAAIU,eAAe,GAAG;AACpBL,IAAAA,QADoB;AAEpBC,IAAAA,WAFoB;AAGpBJ,IAAAA,iBAHoB;AAIpBC,IAAAA,eAJoB;AAKpBC,IAAAA;AALoB,GAAtB;AAQA,SAAO,gCAAoBL,GAApB,EAAyBW,eAAzB,EAA0CT,IAA1C,EACJU,IADI,CACEC,QAAD,IAA6B;AAAA;;AAEjC;AACA;AACA;AACA,UAAMC,YAAY,GAAG,CAAC,OAAD,CAArB,CALiC,CAKD;;AAChC,QAAI,iCAAAN,MAAM,MAAN,WAAgB,QAAhB,MAA8B,CAAC,CAAnC,EAAsC;AACpCM,MAAAA,YAAY,CAACC,IAAb,CAAkB,UAAlB,EADoC,CACL;AAChC;;AACD,UAAMC,qBAAkC,GAAG;AACzCV,MAAAA,QADyC;AAEzCC,MAAAA,WAFyC;AAGzCC,MAAAA,MAHyC;AAIzCM,MAAAA,YAJyC;AAKzCL,MAAAA;AALyC,KAA3C;AAOA,WAAO,8CAAoBT,GAApB,EAAyBgB,qBAAzB,EAAgDH,QAAhD,EAA0DX,IAA1D,EACJU,IADI,CACEC,QAAD,IAA6B;AACjC;AACAA,MAAAA,QAAQ,CAACI,IAAT,GAAgBd,iBAAhB;AACAU,MAAAA,QAAQ,CAACH,KAAT,GAAiBA,KAAjB;AACA,aAAOG,QAAP;AACD,KANI,CAAP;AAOD,GAxBI,EAyBJK,OAzBI,CAyBI,MAAM;AACblB,IAAAA,GAAG,CAACmB,kBAAJ,CAAuBC,KAAvB;AACD,GA3BI,CAAP;AA4BD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/* eslint-disable max-len */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { CustomUrls, OAuthResponse, OktaAuthInterface, TokenParams, TokenResponse } from '../types';\nimport { getOAuthUrls, getDefaultTokenParams } from './util';\nimport { clone } from '../util';\nimport { postToTokenEndpoint } from './endpoints/token';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n\n// codeVerifier is required. May pass either an authorizationCode or interactionCode\nexport function exchangeCodeForTokens(sdk: OktaAuthInterface, tokenParams: TokenParams, urls?: CustomUrls): Promise<TokenResponse> {\n urls = urls || getOAuthUrls(sdk, tokenParams);\n // build params using defaults + options\n tokenParams = Object.assign({}, getDefaultTokenParams(sdk), clone(tokenParams));\n\n const {\n authorizationCode,\n interactionCode,\n codeVerifier,\n clientId,\n redirectUri,\n scopes,\n ignoreSignature,\n state\n } = tokenParams;\n\n var getTokenOptions = {\n clientId,\n redirectUri,\n authorizationCode,\n interactionCode,\n codeVerifier,\n };\n\n return postToTokenEndpoint(sdk, getTokenOptions, urls)\n .then((response: OAuthResponse) => {\n\n // `handleOAuthResponse` hanadles responses from both `/authorize` and `/token` endpoints\n // Here we modify the response from `/token` so that it more closely matches a response from `/authorize`\n // `responseType` is used to validate that the expected tokens were returned\n const responseType = ['token']; // an accessToken will always be returned\n if (scopes!.indexOf('openid') !== -1) {\n responseType.push('id_token'); // an idToken will be returned if \"openid\" is in the scopes\n }\n const handleResponseOptions: TokenParams = {\n clientId,\n redirectUri,\n scopes,\n responseType,\n ignoreSignature,\n };\n return handleOAuthResponse(sdk, handleResponseOptions, response, urls!)\n .then((response: TokenResponse) => {\n // For compatibility, \"code\" is returned in the TokenResponse. OKTA-326091\n response.code = authorizationCode;\n response.state = state!;\n return response;\n });\n })\n .finally(() => {\n sdk.transactionManager.clear();\n });\n}"],"file":"exchangeCodeForTokens.js"}
package/cjs/oidc/getToken.js CHANGED
@@ -1,9 +1,13 @@
1
1
  "use strict";
2
2
 
3
- var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
4
 
5
5
  exports.getToken = getToken;
6
6
 
7
+ var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));
8
+
9
+ var _assign = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/assign"));
10
+
7
11
  var _util = require("./util");
8
12
 
9
13
  var _AuthSdkError = _interopRequireDefault(require("../errors/AuthSdkError"));
@@ -83,7 +87,7 @@ var _handleOAuthResponse = require("./handleOAuthResponse");
83
87
  */
84
88
  function getToken(sdk, options) {
85
89
  if (arguments.length > 2) {
86
- return Promise.reject(new _AuthSdkError.default('As of version 3.0, "getToken" takes only a single set of options'));
90
+ return _promise.default.reject(new _AuthSdkError.default('As of version 3.0, "getToken" takes only a single set of options'));
87
91
  }
88
92
 
89
93
  options = options || {}; // window object cannot be serialized, save for later use
@@ -103,9 +107,9 @@ function getToken(sdk, options) {
103
107
  };
104
108
 
105
109
  if (options.sessionToken) {
106
- Object.assign(tokenParams, sessionTokenOverrides);
110
+ (0, _assign.default)(tokenParams, sessionTokenOverrides);
107
111
  } else if (options.idp) {
108
- Object.assign(tokenParams, idpOverrides);
112
+ (0, _assign.default)(tokenParams, idpOverrides);
109
113
  } // Use the query params to build the authorize url
110
114
 
111
115
 
@@ -160,7 +164,7 @@ function getToken(sdk, options) {
160
164
  } // The popup may be closed without receiving an OAuth response. Setup a poller to monitor the window.
161
165
 
162
166
 
163
- var popupPromise = new Promise(function (resolve, reject) {
167
+ var popupPromise = new _promise.default(function (resolve, reject) {
164
168
  var closePoller = setInterval(function () {
165
169
  if (!popupWindow || popupWindow.closed) {
166
170
  clearInterval(closePoller);
package/cjs/oidc/getToken.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/oidc/getToken.ts"],"names":["getToken","sdk","options","arguments","length","Promise","reject","AuthSdkError","popupWindow","undefined","then","tokenParams","sessionTokenOverrides","prompt","responseMode","display","idpOverrides","sessionToken","Object","assign","idp","requestUrl","endpoint","urls","codeVerifier","tokenUrl","authorizeUrl","flowType","iframePromise","timeout","state","iframeEl","res","finally","document","body","contains","parentElement","removeChild","oauthPromise","features","isPopupPostMessageSupported","location","popupPromise","resolve","closePoller","setInterval","closed","clearInterval","catch","err","close"],"mappings":";;;;;;AAeA;;AAKA;;AASA;;AACA;;AAEA;;AA/BA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAmBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASA,QAAT,CAAkBC,GAAlB,EAAiCC,OAAjC,EAAqE;AAC1E,MAAIC,SAAS,CAACC,MAAV,GAAmB,CAAvB,EAA0B;AACxB,WAAOC,OAAO,CAACC,MAAR,CAAe,IAAIC,qBAAJ,CAAiB,kEAAjB,CAAf,CAAP;AACD;;AAEDL,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB,CAL0E,CAO1E;AACA;;AACA,QAAMM,WAAW,GAAGN,OAAO,CAACM,WAA5B;AACAN,EAAAA,OAAO,CAACM,WAAR,GAAsBC,SAAtB;AAEA,SAAO,4CAAmBR,GAAnB,EAAwBC,OAAxB,EACJQ,IADI,CACC,UAAUC,WAAV,EAAoC;AAExC;AACA,QAAIC,qBAAqB,GAAG;AAC1BC,MAAAA,MAAM,EAAE,MADkB;AAE1BC,MAAAA,YAAY,EAAE,mBAFY;AAG1BC,MAAAA,OAAO,EAAE;AAHiB,KAA5B;AAMA,QAAIC,YAAY,GAAG;AACjBD,MAAAA,OAAO,EAAE;AADQ,KAAnB;;AAIA,QAAIb,OAAO,CAACe,YAAZ,EAA0B;AACxBC,MAAAA,MAAM,CAACC,MAAP,CAAcR,WAAd,EAA2BC,qBAA3B;AACD,KAFD,MAEO,IAAIV,OAAO,CAACkB,GAAZ,EAAiB;AACtBF,MAAAA,MAAM,CAACC,MAAP,CAAcR,WAAd,EAA2BK,YAA3B;AACD,KAjBuC,CAmBxC;;;AACA,QAAIK,UAAJ,EACEC,QADF,EAEEC,IAFF,CApBwC,CAwBxC;;AACAA,IAAAA,IAAI,GAAG,wBAAatB,GAAb,EAAkBU,WAAlB,CAAP;AACAW,IAAAA,QAAQ,GAAGpB,OAAO,CAACsB,YAAR,GAAuBD,IAAI,CAACE,QAA5B,GAAuCF,IAAI,CAACG,YAAvD;AACAL,IAAAA,UAAU,GAAGC,QAAQ,GAAG,qCAAqBX,WAArB,CAAxB,CA3BwC,CA6BxC;;AACA,QAAIgB,QAAJ;;AACA,QAAIhB,WAAW,CAACM,YAAZ,IAA4BN,WAAW,CAACI,OAAZ,KAAwB,IAAxD,EAA8D;AAC5DY,MAAAA,QAAQ,GAAG,QAAX;AACD,KAFD,MAEO,IAAIhB,WAAW,CAACI,OAAZ,KAAwB,OAA5B,EAAqC;AAC1CY,MAAAA,QAAQ,GAAG,OAAX;AACD,KAFM,MAEA;AACLA,MAAAA,QAAQ,GAAG,UAAX;AACD,KArCuC,CAuCxC;;;AACA,YAAQA,QAAR;AACE,WAAK,QAAL;AACE,YAAIC,aAAa,GAAG,kCAAuB3B,GAAvB,EAA4BC,OAAO,CAAC2B,OAApC,EAA6ClB,WAAW,CAACmB,KAAzD,CAApB;AACA,YAAIC,QAAQ,GAAG,qBAAUV,UAAV,CAAf;AACA,eAAOO,aAAa,CACjBlB,IADI,CACC,UAAUsB,GAAV,EAAe;AACnB,iBAAO,8CAAoB/B,GAApB,EAAyBU,WAAzB,EAAsCqB,GAAtC,EAA4DT,IAA5D,CAAP;AACD,SAHI,EAIJU,OAJI,CAII,YAAY;AACnB,cAAIC,QAAQ,CAACC,IAAT,CAAcC,QAAd,CAAuBL,QAAvB,CAAJ,EAAsC;AAAA;;AACpC,qCAAAA,QAAQ,CAACM,aAAT,gFAAwBC,WAAxB,CAAoCP,QAApC;AACD;AACF,SARI,CAAP;;AAUF,WAAK,OAAL;AACE,YAAIQ,YAAJ,CADF,CACoB;AAElB;AACA;;AACA,YAAI5B,WAAW,CAACG,YAAZ,KAA6B,mBAAjC,EAAsD;AACpD,cAAI,CAACb,GAAG,CAACuC,QAAJ,CAAaC,2BAAb,EAAL,EAAiD;AAC/C,kBAAM,IAAIlC,qBAAJ,CAAiB,qDAAjB,CAAN;AACD;;AACDgC,UAAAA,YAAY,GAAG,kCAAuBtC,GAAvB,EAA4BC,OAAO,CAAC2B,OAApC,EAA6ClB,WAAW,CAACmB,KAAzD,CAAf;AACD,SAVH,CAYE;AACA;;;AACA,YAAItB,WAAJ,EAAiB;AACfA,UAAAA,WAAW,CAACkC,QAAZ,CAAqBvB,MAArB,CAA4BE,UAA5B;AACD,SAhBH,CAkBE;;;AACA,YAAIsB,YAAY,GAAG,IAAItC,OAAJ,CAAY,UAAUuC,OAAV,EAAmBtC,MAAnB,EAA2B;AACxD,cAAIuC,WAAW,GAAGC,WAAW,CAAC,YAAY;AACxC,gBAAI,CAACtC,WAAD,IAAgBA,WAAW,CAACuC,MAAhC,EAAwC;AACtCC,cAAAA,aAAa,CAACH,WAAD,CAAb;AACAvC,cAAAA,MAAM,CAAC,IAAIC,qBAAJ,CAAiB,qCAAjB,CAAD,CAAN;AACD;AACF,WAL4B,EAK1B,GAL0B,CAA7B,CADwD,CAQxD;;AACAgC,UAAAA,YAAY,CACT7B,IADH,CACQ,UAAUsB,GAAV,EAAe;AACnBgB,YAAAA,aAAa,CAACH,WAAD,CAAb;AACAD,YAAAA,OAAO,CAACZ,GAAD,CAAP;AACD,WAJH,EAKGiB,KALH,CAKS,UAAUC,GAAV,EAAe;AACpBF,YAAAA,aAAa,CAACH,WAAD,CAAb;AACAvC,YAAAA,MAAM,CAAC4C,GAAD,CAAN;AACD,WARH;AASD,SAlBkB,CAAnB;AAoBA,eAAOP,YAAY,CAChBjC,IADI,CACC,UAAUsB,GAAV,EAAe;AACnB,iBAAO,8CAAoB/B,GAApB,EAAyBU,WAAzB,EAAsCqB,GAAtC,EAA4DT,IAA5D,CAAP;AACD,SAHI,EAIJU,OAJI,CAII,YAAY;AACnB,cAAIzB,WAAW,IAAI,CAACA,WAAW,CAACuC,MAAhC,EAAwC;AACtCvC,YAAAA,WAAW,CAAC2C,KAAZ;AACD;AACF,SARI,CAAP;;AAUF;AACE,cAAM,IAAI5C,qBAAJ,CAAiB,8CAAjB,CAAN;AAhEJ;AAkED,GA3GI,CAAP;AA4GD","sourcesContent":["\n/* global document */\n/* eslint-disable complexity, max-statements */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport {\n getOAuthUrls,\n loadFrame,\n} from './util';\n\nimport AuthSdkError from '../errors/AuthSdkError';\n\nimport {\n OktaAuth,\n TokenParams,\n PopupParams,\n OAuthResponse,\n} from '../types';\n\nimport { prepareTokenParams } from './util/prepareTokenParams';\nimport { buildAuthorizeParams } from './endpoints/authorize';\nimport { addPostMessageListener } from './util';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n/*\n * Retrieve an idToken from an Okta or a third party idp\n *\n * Two main flows:\n *\n * 1) Exchange a sessionToken for a token\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n * sessionToken: 'yourtoken'\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n *\n * Forced:\n * prompt: 'none'\n * responseMode: 'okta_post_message'\n * display: undefined\n *\n * 2) Get a token from an idp\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n * idp: defaults to Okta as an idp\n * prompt: no default. Pass 'none' to throw an error if user is not signed in\n *\n * Forced:\n * display: 'popup'\n *\n * Only common optional params shown. Any OAuth parameters not explicitly forced are available to override\n *\n * @param {Object} oauthOptions\n * @param {String} [oauthOptions.clientId] ID of this client\n * @param {String} [oauthOptions.redirectUri] URI that the iframe or popup will go to once authenticated\n * @param {String[]} [oauthOptions.scopes] OAuth 2.0 scopes to request (openid must be specified)\n * @param {String} [oauthOptions.idp] ID of an external IdP to use for user authentication\n * @param {String} [oauthOptions.sessionToken] Bootstrap Session Token returned by the Okta Authentication API\n * @param {String} [oauthOptions.prompt] Determines whether the Okta login will be displayed on failure.\n * Use 'none' to prevent this behavior\n *\n * @param {Object} options\n * @param {Integer} [options.timeout] Time in ms before the flow is automatically terminated. Defaults to 120000\n * @param {String} [options.popupTitle] Title dispayed in the popup.\n * Defaults to 'External Identity Provider User Authentication'\n */\nexport function getToken(sdk: OktaAuth, options: TokenParams & PopupParams) {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getToken\" takes only a single set of options'));\n }\n\n options = options || {};\n\n // window object cannot be serialized, save for later use\n // TODO: move popup related params into a separate options object\n const popupWindow = options.popupWindow;\n options.popupWindow = undefined;\n\n return prepareTokenParams(sdk, options)\n .then(function (tokenParams: TokenParams) {\n\n // Start overriding any options that don't make sense\n var sessionTokenOverrides = {\n prompt: 'none',\n responseMode: 'okta_post_message',\n display: null\n };\n\n var idpOverrides = {\n display: 'popup'\n };\n\n if (options.sessionToken) {\n Object.assign(tokenParams, sessionTokenOverrides);\n } else if (options.idp) {\n Object.assign(tokenParams, idpOverrides);\n }\n\n // Use the query params to build the authorize url\n var requestUrl,\n endpoint,\n urls;\n\n // Get authorizeUrl and issuer\n urls = getOAuthUrls(sdk, tokenParams);\n endpoint = options.codeVerifier ? urls.tokenUrl : urls.authorizeUrl;\n requestUrl = endpoint + buildAuthorizeParams(tokenParams);\n\n // Determine the flow type\n var flowType;\n if (tokenParams.sessionToken || tokenParams.display === null) {\n flowType = 'IFRAME';\n } else if (tokenParams.display === 'popup') {\n flowType = 'POPUP';\n } else {\n flowType = 'IMPLICIT';\n }\n\n // Execute the flow type\n switch (flowType) {\n case 'IFRAME':\n var iframePromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n var iframeEl = loadFrame(requestUrl);\n return iframePromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n })\n .finally(function () {\n if (document.body.contains(iframeEl)) {\n iframeEl.parentElement?.removeChild(iframeEl);\n }\n });\n\n case 'POPUP':\n var oauthPromise; // resolves with OAuth response\n\n // Add listener on postMessage before window creation, so\n // postMessage isn't triggered before we're listening\n if (tokenParams.responseMode === 'okta_post_message') {\n if (!sdk.features.isPopupPostMessageSupported()) {\n throw new AuthSdkError('This browser doesn\\'t have full postMessage support');\n }\n oauthPromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n }\n\n // Redirect for authorization\n // popupWindown can be null when popup is blocked\n if (popupWindow) { \n popupWindow.location.assign(requestUrl);\n }\n\n // The popup may be closed without receiving an OAuth response. Setup a poller to monitor the window.\n var popupPromise = new Promise(function (resolve, reject) {\n var closePoller = setInterval(function () {\n if (!popupWindow || popupWindow.closed) {\n clearInterval(closePoller);\n reject(new AuthSdkError('Unable to parse OAuth flow response'));\n }\n }, 100);\n\n // Proxy the OAuth promise results\n oauthPromise\n .then(function (res) {\n clearInterval(closePoller);\n resolve(res);\n })\n .catch(function (err) {\n clearInterval(closePoller);\n reject(err);\n });\n });\n\n return popupPromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n })\n .finally(function () {\n if (popupWindow && !popupWindow.closed) {\n popupWindow.close();\n }\n });\n\n default:\n throw new AuthSdkError('The full page redirect flow is not supported');\n }\n });\n}"],"file":"getToken.js"}
1
+ {"version":3,"sources":["../../../lib/oidc/getToken.ts"],"names":["getToken","sdk","options","arguments","length","reject","AuthSdkError","popupWindow","undefined","then","tokenParams","sessionTokenOverrides","prompt","responseMode","display","idpOverrides","sessionToken","idp","requestUrl","endpoint","urls","codeVerifier","tokenUrl","authorizeUrl","flowType","iframePromise","timeout","state","iframeEl","res","finally","document","body","contains","parentElement","removeChild","oauthPromise","features","isPopupPostMessageSupported","location","assign","popupPromise","resolve","closePoller","setInterval","closed","clearInterval","catch","err","close"],"mappings":";;;;;;;;;;AAeA;;AAMA;;AASA;;AACA;;AACA;;AA/BA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAmBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASA,QAAT,CAAkBC,GAAlB,EAA0CC,OAA1C,EAA8E;AACnF,MAAIC,SAAS,CAACC,MAAV,GAAmB,CAAvB,EAA0B;AACxB,WAAO,iBAAQC,MAAR,CAAe,IAAIC,qBAAJ,CAAiB,kEAAjB,CAAf,CAAP;AACD;;AAEDJ,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB,CALmF,CAOnF;AACA;;AACA,QAAMK,WAAW,GAAGL,OAAO,CAACK,WAA5B;AACAL,EAAAA,OAAO,CAACK,WAAR,GAAsBC,SAAtB;AAEA,SAAO,4CAAmBP,GAAnB,EAAwBC,OAAxB,EACJO,IADI,CACC,UAAUC,WAAV,EAAoC;AAExC;AACA,QAAIC,qBAAqB,GAAG;AAC1BC,MAAAA,MAAM,EAAE,MADkB;AAE1BC,MAAAA,YAAY,EAAE,mBAFY;AAG1BC,MAAAA,OAAO,EAAE;AAHiB,KAA5B;AAMA,QAAIC,YAAY,GAAG;AACjBD,MAAAA,OAAO,EAAE;AADQ,KAAnB;;AAIA,QAAIZ,OAAO,CAACc,YAAZ,EAA0B;AACxB,2BAAcN,WAAd,EAA2BC,qBAA3B;AACD,KAFD,MAEO,IAAIT,OAAO,CAACe,GAAZ,EAAiB;AACtB,2BAAcP,WAAd,EAA2BK,YAA3B;AACD,KAjBuC,CAmBxC;;;AACA,QAAIG,UAAJ,EACEC,QADF,EAEEC,IAFF,CApBwC,CAwBxC;;AACAA,IAAAA,IAAI,GAAG,wBAAanB,GAAb,EAAkBS,WAAlB,CAAP;AACAS,IAAAA,QAAQ,GAAGjB,OAAO,CAACmB,YAAR,GAAuBD,IAAI,CAACE,QAA5B,GAAuCF,IAAI,CAACG,YAAvD;AACAL,IAAAA,UAAU,GAAGC,QAAQ,GAAG,qCAAqBT,WAArB,CAAxB,CA3BwC,CA6BxC;;AACA,QAAIc,QAAJ;;AACA,QAAId,WAAW,CAACM,YAAZ,IAA4BN,WAAW,CAACI,OAAZ,KAAwB,IAAxD,EAA8D;AAC5DU,MAAAA,QAAQ,GAAG,QAAX;AACD,KAFD,MAEO,IAAId,WAAW,CAACI,OAAZ,KAAwB,OAA5B,EAAqC;AAC1CU,MAAAA,QAAQ,GAAG,OAAX;AACD,KAFM,MAEA;AACLA,MAAAA,QAAQ,GAAG,UAAX;AACD,KArCuC,CAuCxC;;;AACA,YAAQA,QAAR;AACE,WAAK,QAAL;AACE,YAAIC,aAAa,GAAG,kCAAuBxB,GAAvB,EAA4BC,OAAO,CAACwB,OAApC,EAA6ChB,WAAW,CAACiB,KAAzD,CAApB;AACA,YAAIC,QAAQ,GAAG,qBAAUV,UAAV,CAAf;AACA,eAAOO,aAAa,CACjBhB,IADI,CACC,UAAUoB,GAAV,EAAe;AACnB,iBAAO,8CAAoB5B,GAApB,EAAyBS,WAAzB,EAAsCmB,GAAtC,EAA4DT,IAA5D,CAAP;AACD,SAHI,EAIJU,OAJI,CAII,YAAY;AACnB,cAAIC,QAAQ,CAACC,IAAT,CAAcC,QAAd,CAAuBL,QAAvB,CAAJ,EAAsC;AAAA;;AACpC,qCAAAA,QAAQ,CAACM,aAAT,gFAAwBC,WAAxB,CAAoCP,QAApC;AACD;AACF,SARI,CAAP;;AAUF,WAAK,OAAL;AACE,YAAIQ,YAAJ,CADF,CACoB;AAElB;AACA;;AACA,YAAI1B,WAAW,CAACG,YAAZ,KAA6B,mBAAjC,EAAsD;AACpD,cAAI,CAACZ,GAAG,CAACoC,QAAJ,CAAaC,2BAAb,EAAL,EAAiD;AAC/C,kBAAM,IAAIhC,qBAAJ,CAAiB,qDAAjB,CAAN;AACD;;AACD8B,UAAAA,YAAY,GAAG,kCAAuBnC,GAAvB,EAA4BC,OAAO,CAACwB,OAApC,EAA6ChB,WAAW,CAACiB,KAAzD,CAAf;AACD,SAVH,CAYE;AACA;;;AACA,YAAIpB,WAAJ,EAAiB;AACfA,UAAAA,WAAW,CAACgC,QAAZ,CAAqBC,MAArB,CAA4BtB,UAA5B;AACD,SAhBH,CAkBE;;;AACA,YAAIuB,YAAY,GAAG,qBAAY,UAAUC,OAAV,EAAmBrC,MAAnB,EAA2B;AACxD,cAAIsC,WAAW,GAAGC,WAAW,CAAC,YAAY;AACxC,gBAAI,CAACrC,WAAD,IAAgBA,WAAW,CAACsC,MAAhC,EAAwC;AACtCC,cAAAA,aAAa,CAACH,WAAD,CAAb;AACAtC,cAAAA,MAAM,CAAC,IAAIC,qBAAJ,CAAiB,qCAAjB,CAAD,CAAN;AACD;AACF,WAL4B,EAK1B,GAL0B,CAA7B,CADwD,CAQxD;;AACA8B,UAAAA,YAAY,CACT3B,IADH,CACQ,UAAUoB,GAAV,EAAe;AACnBiB,YAAAA,aAAa,CAACH,WAAD,CAAb;AACAD,YAAAA,OAAO,CAACb,GAAD,CAAP;AACD,WAJH,EAKGkB,KALH,CAKS,UAAUC,GAAV,EAAe;AACpBF,YAAAA,aAAa,CAACH,WAAD,CAAb;AACAtC,YAAAA,MAAM,CAAC2C,GAAD,CAAN;AACD,WARH;AASD,SAlBkB,CAAnB;AAoBA,eAAOP,YAAY,CAChBhC,IADI,CACC,UAAUoB,GAAV,EAAe;AACnB,iBAAO,8CAAoB5B,GAApB,EAAyBS,WAAzB,EAAsCmB,GAAtC,EAA4DT,IAA5D,CAAP;AACD,SAHI,EAIJU,OAJI,CAII,YAAY;AACnB,cAAIvB,WAAW,IAAI,CAACA,WAAW,CAACsC,MAAhC,EAAwC;AACtCtC,YAAAA,WAAW,CAAC0C,KAAZ;AACD;AACF,SARI,CAAP;;AAUF;AACE,cAAM,IAAI3C,qBAAJ,CAAiB,8CAAjB,CAAN;AAhEJ;AAkED,GA3GI,CAAP;AA4GD","sourcesContent":["\n/* global document */\n/* eslint-disable complexity, max-statements */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport {\n getOAuthUrls,\n loadFrame,\n addPostMessageListener\n} from './util';\n\nimport AuthSdkError from '../errors/AuthSdkError';\n\nimport {\n OktaAuthInterface,\n TokenParams,\n PopupParams,\n OAuthResponse,\n} from '../types';\n\nimport { prepareTokenParams } from './util/prepareTokenParams';\nimport { buildAuthorizeParams } from './endpoints/authorize';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n/*\n * Retrieve an idToken from an Okta or a third party idp\n *\n * Two main flows:\n *\n * 1) Exchange a sessionToken for a token\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n * sessionToken: 'yourtoken'\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n *\n * Forced:\n * prompt: 'none'\n * responseMode: 'okta_post_message'\n * display: undefined\n *\n * 2) Get a token from an idp\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n * idp: defaults to Okta as an idp\n * prompt: no default. Pass 'none' to throw an error if user is not signed in\n *\n * Forced:\n * display: 'popup'\n *\n * Only common optional params shown. Any OAuth parameters not explicitly forced are available to override\n *\n * @param {Object} oauthOptions\n * @param {String} [oauthOptions.clientId] ID of this client\n * @param {String} [oauthOptions.redirectUri] URI that the iframe or popup will go to once authenticated\n * @param {String[]} [oauthOptions.scopes] OAuth 2.0 scopes to request (openid must be specified)\n * @param {String} [oauthOptions.idp] ID of an external IdP to use for user authentication\n * @param {String} [oauthOptions.sessionToken] Bootstrap Session Token returned by the Okta Authentication API\n * @param {String} [oauthOptions.prompt] Determines whether the Okta login will be displayed on failure.\n * Use 'none' to prevent this behavior\n *\n * @param {Object} options\n * @param {Integer} [options.timeout] Time in ms before the flow is automatically terminated. Defaults to 120000\n * @param {String} [options.popupTitle] Title dispayed in the popup.\n * Defaults to 'External Identity Provider User Authentication'\n */\nexport function getToken(sdk: OktaAuthInterface, options: TokenParams & PopupParams) {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getToken\" takes only a single set of options'));\n }\n\n options = options || {};\n\n // window object cannot be serialized, save for later use\n // TODO: move popup related params into a separate options object\n const popupWindow = options.popupWindow;\n options.popupWindow = undefined;\n\n return prepareTokenParams(sdk, options)\n .then(function (tokenParams: TokenParams) {\n\n // Start overriding any options that don't make sense\n var sessionTokenOverrides = {\n prompt: 'none',\n responseMode: 'okta_post_message',\n display: null\n };\n\n var idpOverrides = {\n display: 'popup'\n };\n\n if (options.sessionToken) {\n Object.assign(tokenParams, sessionTokenOverrides);\n } else if (options.idp) {\n Object.assign(tokenParams, idpOverrides);\n }\n\n // Use the query params to build the authorize url\n var requestUrl,\n endpoint,\n urls;\n\n // Get authorizeUrl and issuer\n urls = getOAuthUrls(sdk, tokenParams);\n endpoint = options.codeVerifier ? urls.tokenUrl : urls.authorizeUrl;\n requestUrl = endpoint + buildAuthorizeParams(tokenParams);\n\n // Determine the flow type\n var flowType;\n if (tokenParams.sessionToken || tokenParams.display === null) {\n flowType = 'IFRAME';\n } else if (tokenParams.display === 'popup') {\n flowType = 'POPUP';\n } else {\n flowType = 'IMPLICIT';\n }\n\n // Execute the flow type\n switch (flowType) {\n case 'IFRAME':\n var iframePromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n var iframeEl = loadFrame(requestUrl);\n return iframePromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n })\n .finally(function () {\n if (document.body.contains(iframeEl)) {\n iframeEl.parentElement?.removeChild(iframeEl);\n }\n });\n\n case 'POPUP':\n var oauthPromise; // resolves with OAuth response\n\n // Add listener on postMessage before window creation, so\n // postMessage isn't triggered before we're listening\n if (tokenParams.responseMode === 'okta_post_message') {\n if (!sdk.features.isPopupPostMessageSupported()) {\n throw new AuthSdkError('This browser doesn\\'t have full postMessage support');\n }\n oauthPromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n }\n\n // Redirect for authorization\n // popupWindown can be null when popup is blocked\n if (popupWindow) { \n popupWindow.location.assign(requestUrl);\n }\n\n // The popup may be closed without receiving an OAuth response. Setup a poller to monitor the window.\n var popupPromise = new Promise(function (resolve, reject) {\n var closePoller = setInterval(function () {\n if (!popupWindow || popupWindow.closed) {\n clearInterval(closePoller);\n reject(new AuthSdkError('Unable to parse OAuth flow response'));\n }\n }, 100);\n\n // Proxy the OAuth promise results\n oauthPromise\n .then(function (res) {\n clearInterval(closePoller);\n resolve(res);\n })\n .catch(function (err) {\n clearInterval(closePoller);\n reject(err);\n });\n });\n\n return popupPromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n })\n .finally(function () {\n if (popupWindow && !popupWindow.closed) {\n popupWindow.close();\n }\n });\n\n default:\n throw new AuthSdkError('The full page redirect flow is not supported');\n }\n });\n}"],"file":"getToken.js"}
package/cjs/oidc/getUserInfo.js CHANGED
@@ -1,7 +1,11 @@
1
1
  "use strict";
2
2
 
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
+
3
5
  exports.getUserInfo = getUserInfo;
4
6
 
7
+ var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));
8
+
5
9
  var _util = require("../util");
6
10
 
7
11
  var _errors = require("../errors");
@@ -35,11 +39,11 @@ async function getUserInfo(sdk, accessTokenObject, idTokenObject) {
35
39
  }
36
40
 
37
41
  if (!accessTokenObject || !(0, _types.isAccessToken)(accessTokenObject)) {
38
- return Promise.reject(new _errors.AuthSdkError('getUserInfo requires an access token object'));
42
+ return _promise.default.reject(new _errors.AuthSdkError('getUserInfo requires an access token object'));
39
43
  }
40
44
 
41
45
  if (!idTokenObject || !(0, _types.isIDToken)(idTokenObject)) {
42
- return Promise.reject(new _errors.AuthSdkError('getUserInfo requires an ID token object'));
46
+ return _promise.default.reject(new _errors.AuthSdkError('getUserInfo requires an ID token object'));
43
47
  }
44
48
 
45
49
  return (0, _http.httpRequest)(sdk, {
@@ -52,7 +56,7 @@ async function getUserInfo(sdk, accessTokenObject, idTokenObject) {
52
56
  return userInfo;
53
57
  }
54
58
 
55
- return Promise.reject(new _errors.AuthSdkError('getUserInfo request was rejected due to token mismatch'));
59
+ return _promise.default.reject(new _errors.AuthSdkError('getUserInfo request was rejected due to token mismatch'));
56
60
  }).catch(function (err) {
57
61
  if (err.xhr && (err.xhr.status === 401 || err.xhr.status === 403)) {
58
62
  var authenticateHeader;