@okta/okta-auth-js 6.1.0 → 6.2.0

package/lib/AuthStateManager.d.ts

@@ -11,12 +11,11 @@
  */
 import { AuthState, AuthStateLogOptions } from './types';
 import { OktaAuth } from '.';
-declare const PCancelable: any;
 export declare const INITIAL_AUTH_STATE: null;
 export declare class AuthStateManager {
     _sdk: OktaAuth;
     _pending: {
-        updateAuthStatePromise: typeof PCancelable;
+        updateAuthStatePromise: any;
         canceledTimes: number;
     };
     _authState: AuthState | null;
@@ -30,4 +29,3 @@ export declare class AuthStateManager {
     subscribe(handler: any): void;
     unsubscribe(handler?: any): void;
 }
-export {};

package/lib/OktaAuth.d.ts

@@ -9,15 +9,15 @@
  *
  * See the License for the specific language governing permissions and limitations under the License.
  */
-import { OktaAuthInterface, OktaAuthOptions, AccessToken, RefreshToken, TokenAPI, FeaturesAPI, CryptoAPI, WebauthnAPI, SignoutAPI, FingerprintAPI, UserClaims, SigninWithRedirectOptions, SigninWithCredentialsOptions, SignoutOptions, Tokens, ForgotPasswordOptions, VerifyRecoveryTokenOptions, TransactionAPI, SessionAPI, SigninAPI, PkceAPI, SigninOptions, IdxAPI, SignoutRedirectUrlOptions, HttpAPI, RequestOptions } from './types';
+import { OktaAuthInterface, OktaAuthOptions, AccessToken, RefreshToken, TokenAPI, FeaturesAPI, CryptoAPI, WebauthnAPI, SignoutAPI, FingerprintAPI, UserClaims, SigninWithRedirectOptions, SigninWithCredentialsOptions, SignoutOptions, Tokens, ForgotPasswordOptions, VerifyRecoveryTokenOptions, TransactionAPI, SessionAPI, SigninAPI, PkceAPI, SigninOptions, IdxAPI, SignoutRedirectUrlOptions, HttpAPI, RequestOptions, IsAuthenticatedOptions } from './types';
 import { AuthTransaction } from './tx';
 import { TokenManager } from './TokenManager';
+import { ServiceManager } from './ServiceManager';
 import PromiseQueue from './PromiseQueue';
 import { AuthStateManager } from './AuthStateManager';
 import { StorageManager } from './StorageManager';
 import TransactionManager from './TransactionManager';
 import { OktaUserAgent } from './OktaUserAgent';
-declare const Emitter: any;
 declare class OktaAuth implements OktaAuthInterface, SigninAPI, SignoutAPI {
     options: OktaAuthOptions;
     storageManager: StorageManager;
@@ -32,9 +32,10 @@ declare class OktaAuth implements OktaAuthInterface, SigninAPI, SignoutAPI {
     features: FeaturesAPI;
     token: TokenAPI;
     _tokenQueue: PromiseQueue;
-    emitter: typeof Emitter;
+    emitter: any;
     tokenManager: TokenManager;
     authStateManager: AuthStateManager;
+    serviceManager: ServiceManager;
     http: HttpAPI;
     fingerprint: FingerprintAPI;
     _oktaUserAgent: OktaUserAgent;
@@ -54,7 +55,7 @@ declare class OktaAuth implements OktaAuthInterface, SigninAPI, SignoutAPI {
     getSignOutRedirectUrl(options?: SignoutRedirectUrlOptions): string;
     signOut(options?: SignoutOptions): Promise<void>;
     webfinger(opts: any): Promise<object>;
-    isAuthenticated(): Promise<boolean>;
+    isAuthenticated(options?: IsAuthenticatedOptions): Promise<boolean>;
     getUser(): Promise<UserClaims>;
     getIdToken(): string | undefined;
     getAccessToken(): string | undefined;

package/lib/ServiceManager.d.ts

@@ -0,0 +1,38 @@
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+import { ServiceManagerInterface, ServiceInterface, ServiceManagerOptions } from './types';
+import { OktaAuth } from '.';
+export declare class ServiceManager implements ServiceManagerInterface {
+    private sdk;
+    private options;
+    private services;
+    private channel?;
+    private elector?;
+    private started;
+    private static knownServices;
+    private static defaultOptions;
+    constructor(sdk: OktaAuth, options?: ServiceManagerOptions);
+    static canUseLeaderElection(): boolean;
+    private onLeader;
+    private onLeaderDuplicate;
+    isLeader(): boolean;
+    hasLeader(): boolean | undefined;
+    isLeaderRequired(): boolean;
+    start(): void;
+    stop(): void;
+    getService(name: string): ServiceInterface | undefined;
+    private startServices;
+    private stopServices;
+    private startElector;
+    private stopElector;
+    private createService;
+}

package/lib/TokenManager.d.ts

@@ -11,7 +11,6 @@ export declare class TokenManager implements TokenManagerInterface {
     private storage;
     private state;
     private options;
-    private service;
     on: (event: string, handler: TokenManagerErrorEventHandler | TokenManagerEventHandler, context?: object) => void;
     off: (event: string, handler?: TokenManagerErrorEventHandler | TokenManagerEventHandler) => void;
     constructor(sdk: OktaAuthInterface, options?: TokenManagerOptions);

package/lib/idx/remediators/AuthenticatorVerificationData.d.ts

@@ -10,15 +10,15 @@
  * See the License for the specific language governing permissions and limitations under the License.
  */
 import { AuthenticatorData, AuthenticatorDataValues } from './Base/AuthenticatorData';
+import { IdxRemediation } from '../types/idx-js';
 export declare type AuthenticatorVerificationDataValues = AuthenticatorDataValues;
 export declare class AuthenticatorVerificationData extends AuthenticatorData {
     static remediationName: string;
     values: AuthenticatorVerificationDataValues;
-    mapAuthenticator(): {
-        id: string | import("../types/idx-js").IdxRemediationValueForm | undefined;
-        enrollmentId: string | import("../types/idx-js").IdxRemediationValueForm | undefined;
-        methodType: string | undefined;
-    };
+    shouldProceedWithEmailAuthenticator: boolean;
+    constructor(remediation: IdxRemediation, values?: AuthenticatorDataValues);
+    canRemediate(): boolean;
+    mapAuthenticator(): {} | undefined;
     getInputAuthenticator(): import("../types/idx-js").IdxRemediationValue[] | {
         name: string;
         type: string;

package/lib/idx/remediators/Base/AuthenticatorData.d.ts

@@ -10,8 +10,7 @@
  * See the License for the specific language governing permissions and limitations under the License.
  */
 import { Remediator, RemediationValues } from './Remediator';
-import { IdxRemediationValue, IdxOption, IdxRemediation } from '../../types/idx-js';
-import { Authenticator } from '../../types';
+import { IdxRemediationValue, IdxOption, IdxRemediation, IdxAuthenticator } from '../../types/idx-js';
 export declare type AuthenticatorDataValues = RemediationValues & {
     methodType?: string;
 };
@@ -20,20 +19,20 @@ export declare class AuthenticatorData extends Remediator {
         authenticator: never[];
     };
     values: AuthenticatorDataValues;
-    authenticator: Authenticator;
+    authenticator: IdxAuthenticator;
     constructor(remediation: IdxRemediation, values?: AuthenticatorDataValues);
     protected formatAuthenticatorData(): void;
-    protected getAuthenticatorData(): Authenticator | undefined;
+    protected getAuthenticatorData(): import("../../types").Authenticator | undefined;
     canRemediate(): boolean;
     getNextStep(): {
         options: IdxOption[];
         name: string;
-        authenticator?: import("../../types").IdxAuthenticator | undefined;
+        authenticator?: IdxAuthenticator | undefined;
         canSkip?: boolean | undefined;
         canResend?: boolean | undefined;
         inputs?: import("../../types").Input[] | undefined;
         poll?: import("../../types").IdxPollOptions | undefined;
-        authenticatorEnrollments?: import("../../types").IdxAuthenticator[] | undefined;
+        authenticatorEnrollments?: IdxAuthenticator[] | undefined;
     };
     protected mapAuthenticatorDataFromValues(authenticatorData?: any): any;
     protected getAuthenticatorFromRemediation(): IdxRemediationValue;

package/lib/options/browser.d.ts

@@ -0,0 +1,16 @@
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+import { StorageManagerOptions, OktaAuthOptions } from '../types';
+export { default as storage } from '../browser/browserStorage';
+export declare const STORAGE_MANAGER_OPTIONS: StorageManagerOptions;
+export declare const enableSharedStorage = true;
+export declare function getCookieSettings(args: OktaAuthOptions | undefined, isHTTPS: boolean): import("../types").CookieOptions;

package/lib/{options.d.ts → options/index.d.ts}

@@ -9,6 +9,6 @@
  *
  * See the License for the specific language governing permissions and limitations under the License.
  */
-import { OktaAuthOptions } from './types';
+import { OktaAuthOptions } from '../types';
 export declare function getDefaultOptions(): OktaAuthOptions;
 export declare function buildOptions(args?: OktaAuthOptions): OktaAuthOptions;

package/lib/options/node.d.ts

@@ -0,0 +1,16 @@
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+import { StorageManagerOptions, OktaAuthOptions } from '../types';
+export { default as storage } from '../server/serverStorage';
+export declare const STORAGE_MANAGER_OPTIONS: StorageManagerOptions;
+export declare const enableSharedStorage = false;
+export declare function getCookieSettings(args?: OktaAuthOptions, isHTTPS?: boolean): import("../types").CookieOptions | undefined;

package/lib/services/AutoRenewService.d.ts

@@ -0,0 +1,27 @@
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+import { TokenManager } from '../TokenManager';
+import { ServiceInterface, ServiceManagerOptions } from '../types';
+export declare class AutoRenewService implements ServiceInterface {
+    private tokenManager;
+    private options;
+    private renewTimeQueue;
+    private started;
+    constructor(tokenManager: TokenManager, options?: ServiceManagerOptions);
+    private shouldThrottleRenew;
+    requiresLeadership(): boolean;
+    private onTokenExpiredHandler;
+    canStart(): boolean;
+    start(): void;
+    stop(): void;
+    isStarted(): boolean;
+}

package/lib/services/{TokenService.d.ts → SyncStorageService.d.ts}

@@ -10,14 +10,17 @@
  * See the License for the specific language governing permissions and limitations under the License.
  */
 import { TokenManager } from '../TokenManager';
-import { TokenManagerOptions } from '../types';
-export declare class TokenService {
+import { ServiceManagerOptions, ServiceInterface } from '../types';
+export declare class SyncStorageService implements ServiceInterface {
     private tokenManager;
     private options;
-    private storageListener?;
-    private onTokenExpiredHandler?;
     private syncTimeout;
-    constructor(tokenManager: TokenManager, options?: TokenManagerOptions);
+    private started;
+    constructor(tokenManager: TokenManager, options?: ServiceManagerOptions);
+    private storageListener;
+    requiresLeadership(): boolean;
+    isStarted(): boolean;
+    canStart(): boolean;
     start(): void;
     stop(): void;
 }

package/lib/services/index.d.ts

@@ -0,0 +1,13 @@
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+export * from './AutoRenewService';
+export * from './SyncStorageService';

package/lib/types/OktaAuthOptions.d.ts

@@ -15,7 +15,11 @@ import { HttpRequestClient } from './http';
 import { AuthState } from './AuthState';
 import { TransactionManagerOptions } from './Transaction';
 import { FlowIdentifier } from '../idx/types';
+import { ServiceManagerOptions } from './Service';
 import OktaAuth from '../OktaAuth';
+export interface IsAuthenticatedOptions {
+    onExpiredToken?: 'renew' | 'remove' | 'none';
+}
 export interface TokenManagerOptions {
     autoRenew?: boolean;
     autoRemove?: boolean;
@@ -59,6 +63,7 @@ export interface OktaAuthOptions extends CustomUrls {
     restoreOriginalUri?: (oktaAuth: OktaAuth, originalUri?: string) => Promise<void>;
     devMode?: boolean;
     storageManager?: StorageManagerOptions;
+    services?: ServiceManagerOptions;
     transactionManager?: TransactionManagerOptions;
     flow?: FlowIdentifier;
     codeChallenge?: string;

package/lib/types/Service.d.ts

@@ -0,0 +1,23 @@
+export interface ServiceManagerInterface {
+    isLeader(): boolean;
+    start(): void;
+    stop(): void;
+    getService(name: string): ServiceInterface | undefined;
+}
+export interface ServiceInterface {
+    start(): void;
+    stop(): void;
+    isStarted(): boolean;
+    canStart(): boolean;
+    requiresLeadership(): boolean;
+}
+export interface AutoRenewServiceOptions {
+    autoRenew?: boolean;
+    autoRemove?: boolean;
+}
+export interface SyncStorageServiceOptions {
+    syncStorage?: boolean;
+}
+export declare type ServiceManagerOptions = AutoRenewServiceOptions & SyncStorageServiceOptions & {
+    broadcastChannelName?: string;
+};

package/lib/types/api.d.ts

@@ -17,6 +17,7 @@ import { CustomUrls, OktaAuthOptions } from './OktaAuthOptions';
 import { StorageManager } from '../StorageManager';
 import TransactionManager from '../TransactionManager';
 import { TokenManagerInterface } from './TokenManager';
+import { ServiceManagerInterface } from './Service';
 import { OktaUserAgent } from '../OktaUserAgent';
 import { AuthenticationOptions, RegistrationOptions as IdxRegistrationOptions, PasswordRecoveryOptions, AccountUnlockOptions, ProceedOptions, CancelOptions, IdxOptions, IdxTransaction, IdxTransactionMeta, EmailVerifyCallbackResponse, IdxAuthenticator, ChallengeData, ActivationData, WebauthnEnrollValues, WebauthnVerificationValues, FlowIdentifier, IdxPollOptions } from '../idx/types';
 import { InteractOptions, InteractResponse } from '../idx/interact';
@@ -31,6 +32,7 @@ export interface OktaAuthInterface {
     storageManager: StorageManager;
     transactionManager: TransactionManager;
     tokenManager: TokenManagerInterface;
+    serviceManager: ServiceManagerInterface;
     idx: IdxAPI;
     features: FeaturesAPI;
     token: TokenAPI;
@@ -180,13 +182,14 @@ export interface SigninOptions extends SupportsCodeFlow, AuthenticationOptions {
         deviceToken?: string;
     };
     sendFingerprint?: boolean;
+    stateToken?: string;
 }
 export interface SigninWithRedirectOptions extends SigninOptions, TokenParams {
     originalUri?: string;
 }
 export interface SigninWithCredentialsOptions extends SigninOptions {
-    username: string;
-    password: string;
+    username?: string;
+    password?: string;
 }
 export interface SigninAPI {
     signIn(opts: SigninOptions): Promise<AuthTransaction>;

package/lib/types/index.d.ts

@@ -22,4 +22,5 @@ export * from './OktaAuthOptions';
 export * from './Storage';
 export * from './Token';
 export * from './TokenManager';
+export * from './Service';
 export * from './UserClaims';

package/package.json

@@ -2,13 +2,23 @@
   "private": false,
   "name": "@okta/okta-auth-js",
   "description": "The Okta Auth SDK",
-  "version": "6.1.0",
+  "version": "6.2.0",
   "homepage": "https://github.com/okta/okta-auth-js",
   "license": "Apache-2.0",
   "main": "cjs/index.js",
-  "module": "esm/index.js",
+  "module": "esm/esm.node.mjs",
   "browser": "dist/okta-auth-js.umd.js",
   "types": "lib/index.d.ts",
+  "exports": {
+    "node": {
+      "import": "./esm/esm.node.mjs",
+      "require": "./cjs/index.js"
+    },
+    "browser": {
+      "import": "./esm/esm.browser.js"
+    },
+    "default": "./dist/okta-auth-js.umd.js"
+  },
   "repository": {
     "type": "git",
     "url": "https://github.com/okta/okta-auth-js.git"
@@ -20,7 +30,7 @@
     "banners": "node ./scripts/maintain-banners.js",
     "clean": "yarn clean:build",
     "clean:build": "rimraf build && rimraf build2",
-    "dev": "webpack --config webpack.dev.config.js",
+    "dev": "NODE_ENV=development yarn build:esm --watch",
     "lint": "eslint .",
     "tsd": "tsd",
     "lint:report": "eslint -f checkstyle -o ./build2/reports/lint/eslint-checkstyle-result.xml .",
@@ -36,6 +46,9 @@
     "test:report": "yarn test --ci --silent || true",
     "test:samples": "yarn workspace @okta/test.e2e.samples start",
     "test:integration": "jest --config ./jest.integration.js",
+    "test:bundle:esm:browser": "cross-env BUNDLE_ENV=browser NODE_OPTIONS=--experimental-vm-modules jest --config ./jest.esm.mjs",
+    "test:bundle:esm:node": "cross-env BUNDLE_ENV=node NODE_OPTIONS=--experimental-vm-modules jest --config ./jest.esm.mjs",
+    "test:bundle:cjs": "cross-env BUNDLE_ENV=node jest --config ./jest.cjs.js",
     "build": "node scripts/build.js",
     "build:cdn": "cross-env NODE_ENV=production webpack --config webpack.cdn.config.js",
     "build:web": "cross-env NODE_ENV=production webpack --config webpack.config.js",
@@ -74,10 +87,11 @@
     "@peculiar/webcrypto": "1.1.6",
     "Base64": "1.1.0",
     "atob": "^2.1.2",
+    "broadcast-channel": "^4.10.0",
     "btoa": "^1.2.1",
     "core-js": "^3.6.5",
     "cross-fetch": "^3.1.5",
-    "js-cookie": "2.2.1",
+    "js-cookie": "^3.0.1",
     "jsonpath-plus": "^6.0.1",
     "node-cache": "^5.1.2",
     "p-cancelable": "^2.0.0",
@@ -99,7 +113,7 @@
     "@rollup/plugin-alias": "^3.1.8",
     "@rollup/plugin-babel": "^5.3.0",
     "@rollup/plugin-replace": "^3.0.0",
-    "@types/jest": "^25.2.3",
+    "@types/jest": "^27.4.0",
     "@types/node": "^14.0.3",
     "@typescript-eslint/eslint-plugin": "^2.34.0",
     "@typescript-eslint/parser": "^2.34.0",
@@ -119,7 +133,7 @@
     "globby": "^6.1.0",
     "istanbul-instrumenter-loader": "^3.0.1",
     "jasmine-ajax": "^4.0.0",
-    "jest": "^26.6.3",
+    "jest": "^27.5.1",
     "jest-junit": "^9.0.0",
     "json-loader": "0.5.4",
     "lodash": "4.17.20",
@@ -128,7 +142,7 @@
     "rollup-plugin-license": "^2.6.0",
     "rollup-plugin-typescript2": "^0.30.0",
     "shelljs": "0.8.4",
-    "ts-jest": "^26.4.3",
+    "ts-jest": "^27.1.3",
     "ts-loader": "^9.2.6",
     "tsd": "^0.17.0",
     "typescript": "^4.2.3",
@@ -172,8 +186,8 @@
     }
   },
   "okta": {
-    "commitSha": "1478c1930c4034d0033f5af740dc996cbe58ceb5",
-    "fullVersion": "6.1.0-g1478c19",
-    "testedSha": "fe1efe5ae03fe0fce892e1f2738f6fa3fa448c5a"
+    "commitSha": "c1146b767599072407241c5d85486f00a5a3d0b1",
+    "fullVersion": "6.2.0-gc1146b7",
+    "testedSha": "f1acdd465de85c20d3ac73cdba345c926a94caf4"
   }
 }

package/cjs/options.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../lib/options.ts"],"names":["BROWSER_STORAGE","token","storageTypes","cache","transaction","SERVER_STORAGE","getCookieSettings","args","isHTTPS","cookieSettings","cookies","secure","sameSite","getDefaultOptions","storageUtil","browserStorage","serverStorage","storageManager","enableSharedStorage","devMode","httpRequestClient","fetchRequest","transactionManager","mergeOptions","options","buildOptions","issuer","tokenUrl","authorizeUrl","userinfoUrl","revokeUrl","logoutUrl","clientId","redirectUri","state","scopes","postLogoutRedirectUri","responseMode","responseType","pkce","useInteractionCodeFlow","transformErrorXHR","transformAuthState","restoreOriginalUri","headers","flow","codeChallenge","codeChallengeMethod","recoveryToken","activationToken","ignoreSignature","clientSecret"],"mappings":";;;;;;;;;AAcA;;AACA;;AAGA;;AACA;;AACA;;AACA;;AArBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAUA,MAAMA,eAAsC,GAAG;AAC7CC,EAAAA,KAAK,EAAE;AACLC,IAAAA,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY;AADT,GADsC;AAQ7CC,EAAAA,KAAK,EAAE;AACLD,IAAAA,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY;AADT,GARsC;AAe7CE,EAAAA,WAAW,EAAE;AACXF,IAAAA,YAAY,EAAE,CACZ,gBADY,EAEZ,cAFY,EAGZ,QAHY;AADH,GAfgC;AAsB7C,wBAAsB;AACpBA,IAAAA,YAAY,EAAE,CACZ,cADY;AADM,GAtBuB;AA2B7C,kBAAgB;AACdA,IAAAA,YAAY,EAAE,CACZ,cADY;AADA;AA3B6B,CAA/C;AAkCA,MAAMG,cAAqC,GAAG;AAC5CJ,EAAAA,KAAK,EAAE;AACLC,IAAAA,YAAY,EAAE,CACZ,QADY;AADT,GADqC;AAM5CC,EAAAA,KAAK,EAAE;AACLD,IAAAA,YAAY,EAAE,CACZ,QADY;AADT,GANqC;AAW5CE,EAAAA,WAAW,EAAE;AACXF,IAAAA,YAAY,EAAE,CACZ,QADY;AADH;AAX+B,CAA9C;;AAkBA,SAASI,iBAAT,CAA2BC,IAAqB,GAAG,EAAnD,EAAuDC,OAAvD,EAAyE;AACvE;AACA;AACA;AACA,MAAIC,cAAc,GAAGF,IAAI,CAACG,OAAL,IAAgB,EAArC;;AACA,MAAI,OAAOD,cAAc,CAACE,MAAtB,KAAiC,WAArC,EAAkD;AAChDF,IAAAA,cAAc,CAACE,MAAf,GAAwBH,OAAxB;AACD;;AACD,MAAI,OAAOC,cAAc,CAACG,QAAtB,KAAmC,WAAvC,EAAoD;AAClDH,IAAAA,cAAc,CAACG,QAAf,GAA0BH,cAAc,CAACE,MAAf,GAAwB,MAAxB,GAAiC,KAA3D;AACD,GAVsE,CAYvE;;;AACA,MAAIF,cAAc,CAACE,MAAf,IAAyB,CAACH,OAA9B,EAAuC;AACrC;AACA,oBACE,oEACA,4DADA,GAEA,gEAHF;AAKAC,IAAAA,cAAc,CAACE,MAAf,GAAwB,KAAxB;AACD,GArBsE,CAuBvE;AACA;;;AACA,MAAIF,cAAc,CAACG,QAAf,KAA4B,MAA5B,IAAsC,CAACH,cAAc,CAACE,MAA1D,EAAkE;AAChEF,IAAAA,cAAc,CAACG,QAAf,GAA0B,KAA1B;AACD;;AAED,SAAOH,cAAP;AACD;;AAGM,SAASI,iBAAT,GAA8C;AACnD,QAAMC,WAAW,GAAG,6BAAcC,uBAAd,GAA+BC,sBAAnD;AACA,QAAMC,cAAc,GAAG,6BAAcjB,eAAd,GAAgCK,cAAvD;AACA,QAAMa,mBAAmB,GAAG,6BAAc,IAAd,GAAqB,KAAjD,CAHmD,CAGK;;AACxD,SAAO;AACLC,IAAAA,OAAO,EAAE,KADJ;AAELC,IAAAA,iBAAiB,EAAEC,qBAFd;AAGLP,IAAAA,WAHK;AAILG,IAAAA,cAJK;AAKLK,IAAAA,kBAAkB,EAAE;AAClBJ,MAAAA;AADkB;AALf,GAAP;AASD;;AAED,SAASK,YAAT,CAAsBC,OAAtB,EAA+BjB,IAA/B,EAAsD;AACpD,SAAO,qBAAc,EAAd,EAAkBiB,OAAlB,EAA2B,sBAAWjB,IAAX,CAA3B,EAA6C;AAClDU,IAAAA,cAAc,EAAE,qBAAc,EAAd,EAAkBO,OAAO,CAACP,cAA1B,EAA0CV,IAAI,CAACU,cAA/C,CADkC;AAElDK,IAAAA,kBAAkB,EAAE,qBAAc,EAAd,EAAkBE,OAAO,CAACF,kBAA1B,EAA8Cf,IAAI,CAACe,kBAAnD;AAF8B,GAA7C,CAAP;AAID;;AAEM,SAASG,YAAT,CAAsBlB,IAAqB,GAAG,EAA9C,EAAmE;AACxE,sCAAkBA,IAAlB;AACAA,EAAAA,IAAI,GAAGgB,YAAY,CAACV,iBAAiB,EAAlB,EAAsBN,IAAtB,CAAnB;AACA,SAAO,sBAAW;AAChB;AACAmB,IAAAA,MAAM,EAAE,+BAAoBnB,IAAI,CAACmB,MAAzB,CAFQ;AAGhBC,IAAAA,QAAQ,EAAE,+BAAoBpB,IAAI,CAACoB,QAAzB,CAHM;AAIhBC,IAAAA,YAAY,EAAE,+BAAoBrB,IAAI,CAACqB,YAAzB,CAJE;AAKhBC,IAAAA,WAAW,EAAE,+BAAoBtB,IAAI,CAACsB,WAAzB,CALG;AAMhBC,IAAAA,SAAS,EAAE,+BAAoBvB,IAAI,CAACuB,SAAzB,CANK;AAOhBC,IAAAA,SAAS,EAAE,+BAAoBxB,IAAI,CAACwB,SAAzB,CAPK;AAQhBC,IAAAA,QAAQ,EAAEzB,IAAI,CAACyB,QARC;AAShBC,IAAAA,WAAW,EAAE1B,IAAI,CAAC0B,WATF;AAUhBC,IAAAA,KAAK,EAAE3B,IAAI,CAAC2B,KAVI;AAWhBC,IAAAA,MAAM,EAAE5B,IAAI,CAAC4B,MAXG;AAYhBC,IAAAA,qBAAqB,EAAE7B,IAAI,CAAC6B,qBAZZ;AAahBC,IAAAA,YAAY,EAAE9B,IAAI,CAAC8B,YAbH;AAchBC,IAAAA,YAAY,EAAE/B,IAAI,CAAC+B,YAdH;AAehBC,IAAAA,IAAI,EAAEhC,IAAI,CAACgC,IAAL,KAAc,KAAd,GAAsB,KAAtB,GAA8B,IAfpB;AAe0B;AAC1CC,IAAAA,sBAAsB,EAAEjC,IAAI,CAACiC,sBAhBb;AAkBhB;AACApB,IAAAA,iBAAiB,EAAEb,IAAI,CAACa,iBAnBR;AAoBhBqB,IAAAA,iBAAiB,EAAElC,IAAI,CAACkC,iBApBR;AAqBhBC,IAAAA,kBAAkB,EAAEnC,IAAI,CAACmC,kBArBT;AAsBhBC,IAAAA,kBAAkB,EAAEpC,IAAI,CAACoC,kBAtBT;AAuBhB7B,IAAAA,WAAW,EAAEP,IAAI,CAACO,WAvBF;AAwBhB8B,IAAAA,OAAO,EAAErC,IAAI,CAACqC,OAxBE;AAyBhBzB,IAAAA,OAAO,EAAE,CAAC,CAACZ,IAAI,CAACY,OAzBA;AA0BhBF,IAAAA,cAAc,EAAEV,IAAI,CAACU,cA1BL;AA2BhBK,IAAAA,kBAAkB,EAAEf,IAAI,CAACe,kBA3BT;AA4BhBZ,IAAAA,OAAO,EAAE,6BAAcJ,iBAAiB,CAACC,IAAD,EAAO,wBAAP,CAA/B,GAAmDA,IAAI,CAACG,OA5BjD;AA6BhBmC,IAAAA,IAAI,EAAEtC,IAAI,CAACsC,IA7BK;AA8BhBC,IAAAA,aAAa,EAAEvC,IAAI,CAACuC,aA9BJ;AA+BhBC,IAAAA,mBAAmB,EAAExC,IAAI,CAACwC,mBA/BV;AAgChBC,IAAAA,aAAa,EAAEzC,IAAI,CAACyC,aAhCJ;AAiChBC,IAAAA,eAAe,EAAE1C,IAAI,CAAC0C,eAjCN;AAmChB;AACAC,IAAAA,eAAe,EAAE,CAAC,CAAC3C,IAAI,CAAC2C,eApCR;AAsChB;AACAC,IAAAA,YAAY,EAAE5C,IAAI,CAAC4C;AAvCH,GAAX,CAAP;AAyCD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable complexity */\nimport { removeTrailingSlash, warn, removeNils } from './util';\nimport { assertValidConfig } from './builderUtil';\nimport { OktaAuthOptions, StorageManagerOptions } from './types';\n\nimport fetchRequest from './fetch/fetchRequest';\nimport browserStorage from './browser/browserStorage';\nimport serverStorage from './server/serverStorage';\nimport { isBrowser, isHTTPS } from './features';\n\nconst BROWSER_STORAGE: StorageManagerOptions = {\n  token: {\n    storageTypes: [\n      'localStorage',\n      'sessionStorage',\n      'cookie'\n    ]\n  },\n  cache: {\n    storageTypes: [\n      'localStorage',\n      'sessionStorage',\n      'cookie'\n    ]\n  },\n  transaction: {\n    storageTypes: [\n      'sessionStorage',\n      'localStorage',\n      'cookie'\n    ]\n  },\n  'shared-transaction': {\n    storageTypes: [\n      'localStorage'\n    ]\n  },\n  'original-uri': {\n    storageTypes: [\n      'localStorage'\n    ]\n  }\n};\n\nconst SERVER_STORAGE: StorageManagerOptions = {\n  token: {\n    storageTypes: [\n      'memory'\n    ]\n  },\n  cache: {\n    storageTypes: [\n      'memory'\n    ]\n  },\n  transaction: {\n    storageTypes: [\n      'memory'\n    ]\n  }\n};\n\nfunction getCookieSettings(args: OktaAuthOptions = {}, isHTTPS: boolean) {\n  // Secure cookies will be automatically used on a HTTPS connection\n  // Non-secure cookies will be automatically used on a HTTP connection\n  // secure option can override the automatic behavior\n  var cookieSettings = args.cookies || {};\n  if (typeof cookieSettings.secure === 'undefined') {\n    cookieSettings.secure = isHTTPS;\n  }\n  if (typeof cookieSettings.sameSite === 'undefined') {\n    cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';\n  }\n\n  // If secure=true, but the connection is not HTTPS, set secure=false.\n  if (cookieSettings.secure && !isHTTPS) {\n    // eslint-disable-next-line no-console\n    warn(\n      'The current page is not being served with the HTTPS protocol.\\n' +\n      'For security reasons, we strongly recommend using HTTPS.\\n' +\n      'If you cannot use HTTPS, set \"cookies.secure\" option to false.'\n    );\n    cookieSettings.secure = false;\n  }\n\n  // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure\n  // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.\n  if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {\n    cookieSettings.sameSite = 'lax';\n  }\n\n  return cookieSettings;\n}\n\n\nexport function getDefaultOptions(): OktaAuthOptions {\n  const storageUtil = isBrowser() ? browserStorage : serverStorage;\n  const storageManager = isBrowser() ? BROWSER_STORAGE : SERVER_STORAGE;\n  const enableSharedStorage = isBrowser() ? true : false; // localStorage for multi-tab flows (browser only)\n  return {\n    devMode: false,\n    httpRequestClient: fetchRequest,\n    storageUtil,\n    storageManager,\n    transactionManager: {\n      enableSharedStorage\n    }\n  };\n}\n\nfunction mergeOptions(options, args): OktaAuthOptions {\n  return Object.assign({}, options, removeNils(args), {\n    storageManager: Object.assign({}, options.storageManager, args.storageManager),\n    transactionManager: Object.assign({}, options.transactionManager, args.transactionManager),\n  });\n}\n\nexport function buildOptions(args: OktaAuthOptions = {}): OktaAuthOptions {\n  assertValidConfig(args);\n  args = mergeOptions(getDefaultOptions(), args);\n  return removeNils({\n    // OIDC configuration\n    issuer: removeTrailingSlash(args.issuer),\n    tokenUrl: removeTrailingSlash(args.tokenUrl),\n    authorizeUrl: removeTrailingSlash(args.authorizeUrl),\n    userinfoUrl: removeTrailingSlash(args.userinfoUrl),\n    revokeUrl: removeTrailingSlash(args.revokeUrl),\n    logoutUrl: removeTrailingSlash(args.logoutUrl),\n    clientId: args.clientId,\n    redirectUri: args.redirectUri,\n    state: args.state,\n    scopes: args.scopes,\n    postLogoutRedirectUri: args.postLogoutRedirectUri,\n    responseMode: args.responseMode,\n    responseType: args.responseType,\n    pkce: args.pkce === false ? false : true, // PKCE defaults to true\n    useInteractionCodeFlow: args.useInteractionCodeFlow,\n\n    // Internal options\n    httpRequestClient: args.httpRequestClient,\n    transformErrorXHR: args.transformErrorXHR,\n    transformAuthState: args.transformAuthState,\n    restoreOriginalUri: args.restoreOriginalUri,\n    storageUtil: args.storageUtil,\n    headers: args.headers,\n    devMode: !!args.devMode,\n    storageManager: args.storageManager,\n    transactionManager: args.transactionManager,\n    cookies: isBrowser() ? getCookieSettings(args, isHTTPS()) : args.cookies,\n    flow: args.flow,\n    codeChallenge: args.codeChallenge,\n    codeChallengeMethod: args.codeChallengeMethod,\n    recoveryToken: args.recoveryToken,\n    activationToken: args.activationToken,\n    \n    // Give the developer the ability to disable token signature validation.\n    ignoreSignature: !!args.ignoreSignature,\n\n    // Server-side web applications\n    clientSecret: args.clientSecret\n  });\n}\n"],"file":"options.js"}

package/cjs/services/TokenService.js

@@ -1,111 +0,0 @@
-"use strict";
-
-exports.TokenService = void 0;
-
-var _TokenManager = require("../TokenManager");
-
-var _errors = require("../errors");
-
-var _features = require("../features");
-
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * 
- * See the License for the specific language governing permissions and limitations under the License.
- */
-
-/* global window */
-function shouldThrottleRenew(renewTimeQueue) {
-  let res = false;
-  renewTimeQueue.push(Date.now());
-
-  if (renewTimeQueue.length >= 10) {
-    // get and remove first item from queue
-    const firstTime = renewTimeQueue.shift();
-    const lastTime = renewTimeQueue[renewTimeQueue.length - 1];
-    res = lastTime - firstTime < 30 * 1000;
-  }
-
-  return res;
-}
-
-class TokenService {
-  constructor(tokenManager, options = {}) {
-    this.tokenManager = tokenManager;
-    this.options = options;
-    this.storageListener = undefined;
-    this.onTokenExpiredHandler = undefined;
-  }
-
-  start() {
-    const renewTimeQueue = [];
-
-    this.onTokenExpiredHandler = key => {
-      if (this.options.autoRenew) {
-        if (shouldThrottleRenew(renewTimeQueue)) {
-          const error = new _errors.AuthSdkError('Too many token renew requests');
-          this.tokenManager.emitError(error);
-        } else {
-          this.tokenManager.renew(key).catch(() => {}); // Renew errors will emit an "error" event 
-        }
-      } else if (this.options.autoRemove) {
-        this.tokenManager.remove(key);
-      }
-    };
-
-    this.tokenManager.on(_TokenManager.EVENT_EXPIRED, this.onTokenExpiredHandler);
-    this.tokenManager.setExpireEventTimeoutAll();
-
-    if (this.options.syncStorage && (0, _features.isBrowser)()) {
-      // Sync authState cross multiple tabs when localStorage is used as the storageProvider
-      // A StorageEvent is sent to a window when a storage area it has access to is changed 
-      // within the context of another document.
-      // https://developer.mozilla.org/en-US/docs/Web/API/StorageEvent
-      this.storageListener = ({
-        key,
-        newValue,
-        oldValue
-      }) => {
-        const handleCrossTabsStorageChange = () => {
-          this.tokenManager.resetExpireEventTimeoutAll();
-          this.tokenManager.emitEventsForCrossTabsStorageUpdate(newValue, oldValue);
-        }; // Skip if:
-        // not from localStorage.clear (event.key is null)
-        // event.key is not the storageKey
-        // oldValue === newValue
-
-
-        if (key && (key !== this.options.storageKey || newValue === oldValue)) {
-          return;
-        } // LocalStorage cross tabs update is not synced in IE, set a 1s timer by default to read latest value
-        // https://stackoverflow.com/questions/24077117/localstorage-in-win8-1-ie11-does-not-synchronize
-
-
-        this.syncTimeout = setTimeout(() => handleCrossTabsStorageChange(), this.options._storageEventDelay);
-      };
-
-      window.addEventListener('storage', this.storageListener);
-    }
-  }
-
-  stop() {
-    this.tokenManager.clearExpireEventTimeoutAll();
-    this.tokenManager.off(_TokenManager.EVENT_EXPIRED, this.onTokenExpiredHandler);
-
-    if (this.options.syncStorage && (0, _features.isBrowser)()) {
-      // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-      window.removeEventListener('storage', this.storageListener);
-      clearTimeout(this.syncTimeout);
-    }
-  }
-
-}
-
-exports.TokenService = TokenService;
-//# sourceMappingURL=TokenService.js.map

package/cjs/services/TokenService.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../lib/services/TokenService.ts"],"names":["shouldThrottleRenew","renewTimeQueue","res","push","Date","now","length","firstTime","shift","lastTime","TokenService","constructor","tokenManager","options","storageListener","undefined","onTokenExpiredHandler","start","key","autoRenew","error","AuthSdkError","emitError","renew","catch","autoRemove","remove","on","EVENT_EXPIRED","setExpireEventTimeoutAll","syncStorage","newValue","oldValue","handleCrossTabsStorageChange","resetExpireEventTimeoutAll","emitEventsForCrossTabsStorageUpdate","storageKey","syncTimeout","setTimeout","_storageEventDelay","window","addEventListener","stop","clearExpireEventTimeoutAll","off","removeEventListener","clearTimeout"],"mappings":";;;;AAcA;;AACA;;AACA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAMA,SAASA,mBAAT,CAA6BC,cAA7B,EAA6C;AAC3C,MAAIC,GAAG,GAAG,KAAV;AACAD,EAAAA,cAAc,CAACE,IAAf,CAAoBC,IAAI,CAACC,GAAL,EAApB;;AACA,MAAIJ,cAAc,CAACK,MAAf,IAAyB,EAA7B,EAAiC;AAC/B;AACA,UAAMC,SAAS,GAAGN,cAAc,CAACO,KAAf,EAAlB;AACA,UAAMC,QAAQ,GAAGR,cAAc,CAACA,cAAc,CAACK,MAAf,GAAwB,CAAzB,CAA/B;AACAJ,IAAAA,GAAG,GAAGO,QAAQ,GAAGF,SAAX,GAAuB,KAAK,IAAlC;AACD;;AACD,SAAOL,GAAP;AACD;;AAEM,MAAMQ,YAAN,CAAmB;AAOxBC,EAAAA,WAAW,CAACC,YAAD,EAA6BC,OAA4B,GAAG,EAA5D,EAAgE;AACzE,SAAKD,YAAL,GAAoBA,YAApB;AACA,SAAKC,OAAL,GAAeA,OAAf;AACA,SAAKC,eAAL,GAAuBC,SAAvB;AACA,SAAKC,qBAAL,GAA6BD,SAA7B;AACD;;AAEDE,EAAAA,KAAK,GAAG;AACN,UAAMhB,cAAc,GAAG,EAAvB;;AACA,SAAKe,qBAAL,GAA8BE,GAAD,IAAS;AACpC,UAAI,KAAKL,OAAL,CAAaM,SAAjB,EAA4B;AAC1B,YAAInB,mBAAmB,CAACC,cAAD,CAAvB,EAAyC;AACvC,gBAAMmB,KAAK,GAAG,IAAIC,oBAAJ,CAAiB,+BAAjB,CAAd;AACA,eAAKT,YAAL,CAAkBU,SAAlB,CAA4BF,KAA5B;AACD,SAHD,MAGO;AACL,eAAKR,YAAL,CAAkBW,KAAlB,CAAwBL,GAAxB,EAA6BM,KAA7B,CAAmC,MAAM,CAAE,CAA3C,EADK,CACyC;AAC/C;AACF,OAPD,MAOO,IAAI,KAAKX,OAAL,CAAaY,UAAjB,EAA6B;AAClC,aAAKb,YAAL,CAAkBc,MAAlB,CAAyBR,GAAzB;AACD;AACF,KAXD;;AAYA,SAAKN,YAAL,CAAkBe,EAAlB,CAAqBC,2BAArB,EAAoC,KAAKZ,qBAAzC;AAEA,SAAKJ,YAAL,CAAkBiB,wBAAlB;;AAEA,QAAI,KAAKhB,OAAL,CAAaiB,WAAb,IAA4B,0BAAhC,EAA6C;AAC3C;AACA;AACA;AACA;AAEA,WAAKhB,eAAL,GAAuB,CAAC;AAAEI,QAAAA,GAAF;AAAOa,QAAAA,QAAP;AAAiBC,QAAAA;AAAjB,OAAD,KAA+C;AACpE,cAAMC,4BAA4B,GAAG,MAAM;AACzC,eAAKrB,YAAL,CAAkBsB,0BAAlB;AACA,eAAKtB,YAAL,CAAkBuB,mCAAlB,CAAsDJ,QAAtD,EAAgEC,QAAhE;AACD,SAHD,CADoE,CAMpE;AACA;AACA;AACA;;;AACA,YAAId,GAAG,KAAKA,GAAG,KAAK,KAAKL,OAAL,CAAauB,UAArB,IAAmCL,QAAQ,KAAKC,QAArD,CAAP,EAAuE;AACrE;AACD,SAZmE,CAcpE;AACA;;;AACA,aAAKK,WAAL,GAAmBC,UAAU,CAAC,MAAML,4BAA4B,EAAnC,EAAuC,KAAKpB,OAAL,CAAa0B,kBAApD,CAA7B;AACD,OAjBD;;AAmBAC,MAAAA,MAAM,CAACC,gBAAP,CAAwB,SAAxB,EAAmC,KAAK3B,eAAxC;AACD;AACF;;AAED4B,EAAAA,IAAI,GAAG;AACL,SAAK9B,YAAL,CAAkB+B,0BAAlB;AACA,SAAK/B,YAAL,CAAkBgC,GAAlB,CAAsBhB,2BAAtB,EAAqC,KAAKZ,qBAA1C;;AACA,QAAI,KAAKH,OAAL,CAAaiB,WAAb,IAA4B,0BAAhC,EAA6C;AAC3C;AACAU,MAAAA,MAAM,CAACK,mBAAP,CAA2B,SAA3B,EAAsC,KAAK/B,eAA3C;AACAgC,MAAAA,YAAY,CAAC,KAAKT,WAAN,CAAZ;AACD;AACF;;AArEuB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* global window */\nimport { TokenManager, EVENT_EXPIRED } from '../TokenManager';\nimport { AuthSdkError } from '../errors';\nimport { isBrowser } from '../features';\nimport { TokenManagerOptions } from '../types';\n\nfunction shouldThrottleRenew(renewTimeQueue) {\n  let res = false;\n  renewTimeQueue.push(Date.now());\n  if (renewTimeQueue.length >= 10) {\n    // get and remove first item from queue\n    const firstTime = renewTimeQueue.shift();\n    const lastTime = renewTimeQueue[renewTimeQueue.length - 1];\n    res = lastTime - firstTime < 30 * 1000;\n  }\n  return res;\n}\n\nexport class TokenService {\n  private tokenManager: TokenManager;\n  private options: TokenManagerOptions;\n  private storageListener?: (event: StorageEvent) => void;\n  private onTokenExpiredHandler?: (key: string) => void;\n  private syncTimeout: unknown;\n\n  constructor(tokenManager: TokenManager, options: TokenManagerOptions = {}) {\n    this.tokenManager = tokenManager;\n    this.options = options;\n    this.storageListener = undefined;\n    this.onTokenExpiredHandler = undefined;\n  }\n\n  start() {\n    const renewTimeQueue = [];\n    this.onTokenExpiredHandler = (key) => {\n      if (this.options.autoRenew) {\n        if (shouldThrottleRenew(renewTimeQueue)) {\n          const error = new AuthSdkError('Too many token renew requests');\n          this.tokenManager.emitError(error);\n        } else {\n          this.tokenManager.renew(key).catch(() => {}); // Renew errors will emit an \"error\" event \n        }\n      } else if (this.options.autoRemove) {\n        this.tokenManager.remove(key);\n      }\n    };\n    this.tokenManager.on(EVENT_EXPIRED, this.onTokenExpiredHandler);\n\n    this.tokenManager.setExpireEventTimeoutAll();\n\n    if (this.options.syncStorage && isBrowser()) {\n      // Sync authState cross multiple tabs when localStorage is used as the storageProvider\n      // A StorageEvent is sent to a window when a storage area it has access to is changed \n      // within the context of another document.\n      // https://developer.mozilla.org/en-US/docs/Web/API/StorageEvent\n\n      this.storageListener = ({ key, newValue, oldValue }: StorageEvent) => {\n        const handleCrossTabsStorageChange = () => {\n          this.tokenManager.resetExpireEventTimeoutAll();\n          this.tokenManager.emitEventsForCrossTabsStorageUpdate(newValue, oldValue);\n        };\n\n        // Skip if:\n        // not from localStorage.clear (event.key is null)\n        // event.key is not the storageKey\n        // oldValue === newValue\n        if (key && (key !== this.options.storageKey || newValue === oldValue)) {\n          return;\n        }\n\n        // LocalStorage cross tabs update is not synced in IE, set a 1s timer by default to read latest value\n        // https://stackoverflow.com/questions/24077117/localstorage-in-win8-1-ie11-does-not-synchronize\n        this.syncTimeout = setTimeout(() => handleCrossTabsStorageChange(), this.options._storageEventDelay);\n      };\n\n      window.addEventListener('storage', this.storageListener);\n    }\n  }\n\n  stop() {\n    this.tokenManager.clearExpireEventTimeoutAll();\n    this.tokenManager.off(EVENT_EXPIRED, this.onTokenExpiredHandler);\n    if (this.options.syncStorage && isBrowser()) {\n      // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n      window.removeEventListener('storage', this.storageListener!);\n      clearTimeout(this.syncTimeout as any);\n    }\n  }\n}"],"file":"TokenService.js"}