@okta/okta-auth-js 6.1.0 → 6.3.1

package/cjs/idx/types/index.js

@@ -1,5 +1,6 @@
 "use strict";
 
+exports.isAuthenticator = isAuthenticator;
 Object.defineProperty(exports, "IdxAuthenticator", {
   enumerable: true,
   get: function () {
@@ -12,6 +13,12 @@ Object.defineProperty(exports, "IdxMessage", {
     return _idxJs.IdxMessage;
   }
 });
+Object.defineProperty(exports, "IdxMessages", {
+  enumerable: true,
+  get: function () {
+    return _idxJs.IdxMessages;
+  }
+});
 Object.defineProperty(exports, "ChallengeData", {
   enumerable: true,
   get: function () {
@@ -24,6 +31,24 @@ Object.defineProperty(exports, "ActivationData", {
     return _idxJs.ActivationData;
   }
 });
+Object.defineProperty(exports, "IdxResponse", {
+  enumerable: true,
+  get: function () {
+    return _idxJs.IdxResponse;
+  }
+});
+Object.defineProperty(exports, "IdxContext", {
+  enumerable: true,
+  get: function () {
+    return _idxJs.IdxContext;
+  }
+});
+Object.defineProperty(exports, "RawIdxResponse", {
+  enumerable: true,
+  get: function () {
+    return _idxJs.RawIdxResponse;
+  }
+});
 Object.defineProperty(exports, "FlowIdentifier", {
   enumerable: true,
   get: function () {
@@ -66,6 +91,12 @@ Object.defineProperty(exports, "CancelOptions", {
     return _cancel.CancelOptions;
   }
 });
+Object.defineProperty(exports, "RemediateOptions", {
+  enumerable: true,
+  get: function () {
+    return _remediate.RemediateOptions;
+  }
+});
 Object.defineProperty(exports, "EmailVerifyCallbackResponse", {
   enumerable: true,
   get: function () {
@@ -102,6 +133,8 @@ var _proceed = require("../proceed");
 
 var _cancel = require("../cancel");
 
+var _remediate = require("../remediate");
+
 var _emailVerify = require("../emailVerify");
 
 var _WebauthnEnrollment = require("../authenticator/WebauthnEnrollment");
@@ -152,4 +185,8 @@ exports.IdxFeature = IdxFeature;
   IdxFeature["SOCIAL_IDP"] = "redirect-idp";
   IdxFeature["ACCOUNT_UNLOCK"] = "unlock-account";
 })(IdxFeature || (exports.IdxFeature = IdxFeature = {}));
+
+function isAuthenticator(obj) {
+  return obj && (obj.key || obj.id);
+}
 //# sourceMappingURL=index.js.map

package/cjs/idx/types/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/idx/types/index.ts"],"names":["IdxStatus","AuthenticatorKey","IdxFeature"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiBA;;AAWA;;AAGA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAGA;;AACA;;AACA;;AAzCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IAiCYA,S;;;WAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;GAAAA,S,yBAAAA,S;;IAQAC,gB;;;WAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;GAAAA,gB,gCAAAA,gB;;IAgCAC,U;;;WAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;GAAAA,U,0BAAAA,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { InteractOptions } from '../interact';\nimport { IntrospectOptions } from '../introspect';\nimport { APIError, Tokens } from '../../types';\nimport { PKCETransactionMeta } from '../../types/Transaction';\nimport { \n  IdxActions, \n  IdxAuthenticator, \n  IdxContext,\n  IdxForm,\n  IdxMessage, \n  IdxOption, \n  IdxRemediation, \n  IdxResponse, \n  RawIdxResponse \n} from './idx-js';\nimport { FlowIdentifier } from './FlowIdentifier';\n\nexport { IdxMessage, ChallengeData, ActivationData } from './idx-js';\nexport { AuthenticationOptions } from '../authenticate';\nexport { RegistrationOptions } from '../register';\nexport { PasswordRecoveryOptions } from '../recoverPassword';\nexport { AccountUnlockOptions } from '../unlockAccount';\nexport { ProceedOptions } from '../proceed';\nexport { CancelOptions } from '../cancel';\nexport { FlowIdentifier };\nexport { IdxAuthenticator };\nexport { EmailVerifyCallbackResponse } from '../emailVerify';\nexport { WebauthnEnrollValues } from '../authenticator/WebauthnEnrollment';\nexport { WebauthnVerificationValues } from '../authenticator/WebauthnVerification';\n\nexport enum IdxStatus {\n  SUCCESS = 'SUCCESS',\n  PENDING = 'PENDING',\n  FAILURE = 'FAILURE',\n  TERMINAL = 'TERMINAL',\n  CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n  OKTA_PASSWORD = 'okta_password',\n  OKTA_EMAIL = 'okta_email',\n  PHONE_NUMBER = 'phone_number',\n  GOOGLE_AUTHENTICATOR = 'google_otp',\n  SECURITY_QUESTION = 'security_question',\n  OKTA_VERIFY = 'okta_verify',\n  WEBAUTHN = 'webauthn',\n}\n\nexport type Input = {\n  name: string;\n  type?: string;\n  label?: string;\n  value?: string | {form: IdxForm};\n  minLength?: number;\n  maxLength?: number;\n  secret?: boolean;\n  required?: boolean;\n}\n\nexport type NextStep = {\n  name: string;\n  authenticator?: IdxAuthenticator;\n  canSkip?: boolean;\n  canResend?: boolean;\n  inputs?: Input[];\n  options?: IdxOption[];\n  poll?: IdxPollOptions;\n  authenticatorEnrollments?: IdxAuthenticator[];\n}\n\nexport enum IdxFeature {\n  PASSWORD_RECOVERY = 'recover-password',\n  REGISTRATION = 'enroll-profile',\n  SOCIAL_IDP = 'redirect-idp',\n  ACCOUNT_UNLOCK = 'unlock-account',\n}\n\nexport interface IdxTransactionMeta extends PKCETransactionMeta {\n  interactionHandle?: string;\n  remediations?: string[];\n  flow?: FlowIdentifier;\n  withCredentials?: boolean;\n  activationToken?: string;\n  recoveryToken?: string;\n}\n\nexport interface IdxTransaction {\n  status: IdxStatus;\n  tokens?: Tokens;\n  nextStep?: NextStep;\n  messages?: IdxMessage[];\n  error?: APIError;\n  meta?: IdxTransactionMeta;\n  enabledFeatures?: IdxFeature[];\n  availableSteps?: NextStep[];\n\n  // from idx-js, used by signin widget\n  proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n  neededToProceed: IdxRemediation[];\n  rawIdxState: RawIdxResponse;\n  interactionCode?: string;\n  actions: IdxActions;\n  context: IdxContext;\n}\n\nexport type IdxOptions = InteractOptions & IntrospectOptions & {\n  flow?: FlowIdentifier;\n  exchangeCodeForTokens?: boolean;\n  autoRemediate?: boolean;\n};\n\nexport interface IdxPollOptions {\n  required?: boolean;\n  refresh?: number;\n}\n\nexport type Authenticator = {\n  key: string;\n  methodType?: string;\n  phoneNumber?: string;\n};\n"],"file":"index.js"}
+{"version":3,"sources":["../../../../lib/idx/types/index.ts"],"names":["IdxStatus","AuthenticatorKey","IdxFeature","isAuthenticator","obj","key","id"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiBA;;AAWA;;AAWA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAGA;;AACA;;AACA;;AAlDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IA0CYA,S;;;WAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;GAAAA,S,yBAAAA,S;;IAQAC,gB;;;WAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;GAAAA,gB,gCAAAA,gB;;IAgCAC,U;;;WAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;GAAAA,U,0BAAAA,U;;AAsDL,SAASC,eAAT,CAAyBC,GAAzB,EAAyD;AAC9D,SAAOA,GAAG,KAAKA,GAAG,CAACC,GAAJ,IAAWD,GAAG,CAACE,EAApB,CAAV;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { InteractOptions } from '../interact';\nimport { IntrospectOptions } from '../introspect';\nimport { APIError, Tokens } from '../../types';\nimport { PKCETransactionMeta } from '../../types/Transaction';\nimport { \n  IdxActions, \n  IdxAuthenticator, \n  IdxContext,\n  IdxForm,\n  IdxMessage, \n  IdxOption, \n  IdxRemediation, \n  IdxResponse, \n  RawIdxResponse \n} from './idx-js';\nimport { FlowIdentifier } from './FlowIdentifier';\n\nexport {\n  IdxMessage,\n  IdxMessages,\n  ChallengeData,\n  ActivationData,\n  IdxResponse,\n  IdxContext,\n  RawIdxResponse\n} from './idx-js';\nexport { AuthenticationOptions } from '../authenticate';\nexport { RegistrationOptions } from '../register';\nexport { PasswordRecoveryOptions } from '../recoverPassword';\nexport { AccountUnlockOptions } from '../unlockAccount';\nexport { ProceedOptions } from '../proceed';\nexport { CancelOptions } from '../cancel';\nexport { RemediateOptions } from '../remediate';\nexport { FlowIdentifier };\nexport { IdxAuthenticator };\nexport { EmailVerifyCallbackResponse } from '../emailVerify';\nexport { WebauthnEnrollValues } from '../authenticator/WebauthnEnrollment';\nexport { WebauthnVerificationValues } from '../authenticator/WebauthnVerification';\n\nexport enum IdxStatus {\n  SUCCESS = 'SUCCESS',\n  PENDING = 'PENDING',\n  FAILURE = 'FAILURE',\n  TERMINAL = 'TERMINAL',\n  CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n  OKTA_PASSWORD = 'okta_password',\n  OKTA_EMAIL = 'okta_email',\n  PHONE_NUMBER = 'phone_number',\n  GOOGLE_AUTHENTICATOR = 'google_otp',\n  SECURITY_QUESTION = 'security_question',\n  OKTA_VERIFY = 'okta_verify',\n  WEBAUTHN = 'webauthn',\n}\n\nexport type Input = {\n  name: string;\n  type?: string;\n  label?: string;\n  value?: string | {form: IdxForm};\n  minLength?: number;\n  maxLength?: number;\n  secret?: boolean;\n  required?: boolean;\n}\n\nexport type NextStep = {\n  name: string;\n  authenticator?: IdxAuthenticator;\n  canSkip?: boolean;\n  canResend?: boolean;\n  inputs?: Input[];\n  options?: IdxOption[];\n  poll?: IdxPollOptions;\n  authenticatorEnrollments?: IdxAuthenticator[];\n}\n\nexport enum IdxFeature {\n  PASSWORD_RECOVERY = 'recover-password',\n  REGISTRATION = 'enroll-profile',\n  SOCIAL_IDP = 'redirect-idp',\n  ACCOUNT_UNLOCK = 'unlock-account',\n}\n\nexport interface IdxTransactionMeta extends PKCETransactionMeta {\n  interactionHandle?: string;\n  remediations?: string[];\n  flow?: FlowIdentifier;\n  withCredentials?: boolean;\n  activationToken?: string;\n  recoveryToken?: string;\n}\n\nexport interface IdxTransaction {\n  status: IdxStatus;\n  tokens?: Tokens;\n  nextStep?: NextStep;\n  messages?: IdxMessage[];\n  error?: APIError | IdxResponse;\n  meta?: IdxTransactionMeta;\n  enabledFeatures?: IdxFeature[];\n  availableSteps?: NextStep[];\n\n  // from idx-js, used by signin widget\n  proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n  neededToProceed: IdxRemediation[];\n  rawIdxState: RawIdxResponse;\n  interactionCode?: string;\n  actions: IdxActions;\n  context: IdxContext;\n}\n\nexport type IdxOptions = InteractOptions & IntrospectOptions & {\n  flow?: FlowIdentifier;\n  exchangeCodeForTokens?: boolean;\n  autoRemediate?: boolean;\n  step?: string;\n};\n\nexport interface IdxPollOptions {\n  required?: boolean;\n  refresh?: number;\n}\n\nexport type Authenticator = {\n  id?: string;\n  key?: string;\n  methodType?: string;\n  phoneNumber?: string;\n};\n\nexport function isAuthenticator(obj: any): obj is Authenticator {\n  return obj && (obj.key || obj.id);\n}\n"],"file":"index.js"}

package/cjs/idx/util.js

@@ -0,0 +1,198 @@
+"use strict";
+
+var _WeakMap = require("@babel/runtime-corejs3/core-js-stable/weak-map");
+
+var _Object$getOwnPropertyDescriptor = require("@babel/runtime-corejs3/core-js-stable/object/get-own-property-descriptor");
+
+var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
+
+exports.isTerminalResponse = isTerminalResponse;
+exports.canSkipFn = canSkipFn;
+exports.canResendFn = canResendFn;
+exports.getMessagesFromIdxRemediationValue = getMessagesFromIdxRemediationValue;
+exports.getMessagesFromResponse = getMessagesFromResponse;
+exports.getEnabledFeatures = getEnabledFeatures;
+exports.getAvailableSteps = getAvailableSteps;
+exports.filterValuesForRemediation = filterValuesForRemediation;
+
+var _keys = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/keys"));
+
+var _includes = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/includes"));
+
+var _reduce = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/reduce"));
+
+var _map = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/map"));
+
+var _values = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/values"));
+
+var remediators = _interopRequireWildcard(require("./remediators"));
+
+var _types = require("./types");
+
+function _getRequireWildcardCache(nodeInterop) { if (typeof _WeakMap !== "function") return null; var cacheBabelInterop = new _WeakMap(); var cacheNodeInterop = new _WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && _Object$getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? _Object$getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+
+function isTerminalResponse(idxResponse) {
+  const {
+    neededToProceed,
+    interactionCode
+  } = idxResponse;
+  return !neededToProceed.length && !interactionCode;
+}
+
+function canSkipFn(idxResponse) {
+  return idxResponse.neededToProceed.some(({
+    name
+  }) => name === 'skip');
+}
+
+function canResendFn(idxResponse) {
+  return (0, _keys.default)(idxResponse.actions).some(actionName => (0, _includes.default)(actionName).call(actionName, 'resend'));
+}
+
+function getMessagesFromIdxRemediationValue(value) {
+  if (!value || !Array.isArray(value)) {
+    return;
+  }
+
+  return (0, _reduce.default)(value).call(value, (messages, value) => {
+    if (value.messages) {
+      messages = [...messages, ...value.messages.value];
+    }
+
+    if (value.form) {
+      const messagesFromForm = getMessagesFromIdxRemediationValue(value.form.value) || [];
+      messages = [...messages, ...messagesFromForm];
+    }
+
+    if (value.options) {
+      let optionValues = [];
+      value.options.forEach(option => {
+        if (!option.value || typeof option.value === 'string') {
+          return;
+        }
+
+        optionValues = [...optionValues, option.value];
+      });
+      const messagesFromOptions = getMessagesFromIdxRemediationValue(optionValues) || [];
+      messages = [...messages, ...messagesFromOptions];
+    }
+
+    return messages;
+  }, []);
+}
+
+function getMessagesFromResponse(idxResponse) {
+  var _rawIdxState$messages, _context;
+
+  let messages = [];
+  const {
+    rawIdxState,
+    neededToProceed
+  } = idxResponse; // Handle global messages
+
+  const globalMessages = (_rawIdxState$messages = rawIdxState.messages) === null || _rawIdxState$messages === void 0 ? void 0 : (0, _map.default)(_context = _rawIdxState$messages.value).call(_context, message => message);
+
+  if (globalMessages) {
+    messages = [...messages, ...globalMessages];
+  } // Handle field messages for current flow
+
+
+  for (let remediation of neededToProceed) {
+    const fieldMessages = getMessagesFromIdxRemediationValue(remediation.value);
+
+    if (fieldMessages) {
+      messages = [...messages, ...fieldMessages];
+    }
+  } // API may return identical error on same field, filter by i18n key
+
+
+  const seen = {};
+  messages = (0, _reduce.default)(messages).call(messages, (filtered, message) => {
+    var _message$i18n;
+
+    const key = (_message$i18n = message.i18n) === null || _message$i18n === void 0 ? void 0 : _message$i18n.key;
+
+    if (key && seen[key]) {
+      return filtered;
+    }
+
+    seen[key] = message;
+    filtered = [...filtered, message];
+    return filtered;
+  }, []);
+  return messages;
+}
+
+function getEnabledFeatures(idxResponse) {
+  const res = [];
+  const {
+    actions,
+    neededToProceed
+  } = idxResponse;
+
+  if (actions['currentAuthenticator-recover']) {
+    res.push(_types.IdxFeature.PASSWORD_RECOVERY);
+  }
+
+  if (neededToProceed.some(({
+    name
+  }) => name === 'select-enroll-profile')) {
+    res.push(_types.IdxFeature.REGISTRATION);
+  }
+
+  if (neededToProceed.some(({
+    name
+  }) => name === 'redirect-idp')) {
+    res.push(_types.IdxFeature.SOCIAL_IDP);
+  }
+
+  if (neededToProceed.some(({
+    name
+  }) => name === 'unlock-account')) {
+    res.push(_types.IdxFeature.ACCOUNT_UNLOCK);
+  }
+
+  return res;
+}
+
+function getAvailableSteps(idxResponse) {
+  var _context2;
+
+  const res = [];
+  const remediatorMap = (0, _reduce.default)(_context2 = (0, _values.default)(remediators)).call(_context2, (map, remediatorClass) => {
+    // Only add concrete subclasses to the map
+    if (remediatorClass.remediationName) {
+      map[remediatorClass.remediationName] = remediatorClass;
+    }
+
+    return map;
+  }, {});
+
+  for (let remediation of idxResponse.neededToProceed) {
+    const T = remediatorMap[remediation.name];
+
+    if (T) {
+      const remediator = new T(remediation);
+      res.push(remediator.getNextStep(idxResponse.context));
+    }
+  }
+
+  return res;
+}
+
+function filterValuesForRemediation(idxResponse, values) {
+  var _context3;
+
+  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+  const valuesForRemediation = (0, _reduce.default)(_context3 = idxResponse.neededToProceed[0].value).call(_context3, (res, entry) => {
+    const {
+      name
+    } = entry;
+    res[name] = values[name];
+    return res;
+  }, {});
+  return valuesForRemediation;
+}
+//# sourceMappingURL=util.js.map

package/cjs/idx/util.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../lib/idx/util.ts"],"names":["isTerminalResponse","idxResponse","neededToProceed","interactionCode","length","canSkipFn","some","name","canResendFn","actions","actionName","getMessagesFromIdxRemediationValue","value","Array","isArray","messages","form","messagesFromForm","options","optionValues","forEach","option","messagesFromOptions","getMessagesFromResponse","rawIdxState","globalMessages","message","remediation","fieldMessages","seen","filtered","key","i18n","getEnabledFeatures","res","push","IdxFeature","PASSWORD_RECOVERY","REGISTRATION","SOCIAL_IDP","ACCOUNT_UNLOCK","getAvailableSteps","remediatorMap","remediators","map","remediatorClass","remediationName","T","remediator","getNextStep","context","filterValuesForRemediation","values","valuesForRemediation","entry"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;AAEA;;;;;;AAGO,SAASA,kBAAT,CAA4BC,WAA5B,EAAsD;AAC3D,QAAM;AAAEC,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA7C;AACA,SAAO,CAACC,eAAe,CAACE,MAAjB,IAA2B,CAACD,eAAnC;AACD;;AAEM,SAASE,SAAT,CAAmBJ,WAAnB,EAA6C;AAClD,SAAOA,WAAW,CAACC,eAAZ,CAA4BI,IAA5B,CAAiC,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,MAAxD,CAAP;AACD;;AAEM,SAASC,WAAT,CAAqBP,WAArB,EAA+C;AACpD,SAAO,mBAAYA,WAAW,CAACQ,OAAxB,EAAiCH,IAAjC,CAAsCI,UAAU,IAAI,uBAAAA,UAAU,MAAV,CAAAA,UAAU,EAAU,QAAV,CAA9D,CAAP;AACD;;AAEM,SAASC,kCAAT,CACLC,KADK,EAEqB;AAC1B,MAAI,CAACA,KAAD,IAAU,CAACC,KAAK,CAACC,OAAN,CAAcF,KAAd,CAAf,EAAqC;AACnC;AACD;;AACD,SAAO,qBAAAA,KAAK,MAAL,CAAAA,KAAK,EAAQ,CAACG,QAAD,EAAWH,KAAX,KAAqB;AACvC,QAAIA,KAAK,CAACG,QAAV,EAAoB;AAClBA,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGH,KAAK,CAACG,QAAN,CAAeH,KAAhC,CAAX;AACD;;AACD,QAAIA,KAAK,CAACI,IAAV,EAAgB;AACd,YAAMC,gBAAgB,GAAGN,kCAAkC,CAACC,KAAK,CAACI,IAAN,CAAWJ,KAAZ,CAAlC,IAAwD,EAAjF;AACAG,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGE,gBAAjB,CAAX;AACD;;AACD,QAAIL,KAAK,CAACM,OAAV,EAAmB;AACjB,UAAIC,YAAY,GAAG,EAAnB;AACAP,MAAAA,KAAK,CAACM,OAAN,CAAcE,OAAd,CAAsBC,MAAM,IAAI;AAC9B,YAAI,CAACA,MAAM,CAACT,KAAR,IAAiB,OAAOS,MAAM,CAACT,KAAd,KAAwB,QAA7C,EAAuD;AACrD;AACD;;AACDO,QAAAA,YAAY,GAAG,CAAC,GAAGA,YAAJ,EAAkBE,MAAM,CAACT,KAAzB,CAAf;AACD,OALD;AAMA,YAAMU,mBAAmB,GAAGX,kCAAkC,CAACQ,YAAD,CAAlC,IAAoD,EAAhF;AACAJ,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGO,mBAAjB,CAAX;AACD;;AACD,WAAOP,QAAP;AACD,GApBW,EAoBT,EApBS,CAAZ;AAqBD;;AAEM,SAASQ,uBAAT,CAAiCtB,WAAjC,EAAyE;AAAA;;AAC9E,MAAIc,QAAsB,GAAG,EAA7B;AACA,QAAM;AAAES,IAAAA,WAAF;AAAetB,IAAAA;AAAf,MAAmCD,WAAzC,CAF8E,CAI9E;;AACA,QAAMwB,cAAc,4BAAGD,WAAW,CAACT,QAAf,0DAAG,mDAAsBH,KAAtB,iBAAgCc,OAAO,IAAIA,OAA3C,CAAvB;;AACA,MAAID,cAAJ,EAAoB;AAClBV,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGU,cAAjB,CAAX;AACD,GAR6E,CAU9E;;;AACA,OAAK,IAAIE,WAAT,IAAwBzB,eAAxB,EAAyC;AACvC,UAAM0B,aAAa,GAAGjB,kCAAkC,CAACgB,WAAW,CAACf,KAAb,CAAxD;;AACA,QAAIgB,aAAJ,EAAmB;AACjBb,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGa,aAAjB,CAAX;AACD;AACF,GAhB6E,CAkB9E;;;AACA,QAAMC,IAAI,GAAG,EAAb;AACAd,EAAAA,QAAQ,GAAG,qBAAAA,QAAQ,MAAR,CAAAA,QAAQ,EAAQ,CAACe,QAAD,EAAWJ,OAAX,KAAuB;AAAA;;AAChD,UAAMK,GAAG,oBAAGL,OAAO,CAACM,IAAX,kDAAG,cAAcD,GAA1B;;AACA,QAAIA,GAAG,IAAIF,IAAI,CAACE,GAAD,CAAf,EAAsB;AACpB,aAAOD,QAAP;AACD;;AACDD,IAAAA,IAAI,CAACE,GAAD,CAAJ,GAAYL,OAAZ;AACAI,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAcJ,OAAd,CAAX;AACA,WAAOI,QAAP;AACD,GARkB,EAQhB,EARgB,CAAnB;AASA,SAAOf,QAAP;AACD;;AAGM,SAASkB,kBAAT,CAA4BhC,WAA5B,EAAoE;AACzE,QAAMiC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEzB,IAAAA,OAAF;AAAWP,IAAAA;AAAX,MAA+BD,WAArC;;AAEA,MAAIQ,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CyB,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAInC,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxE2B,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWE,YAApB;AACD;;AAED,MAAIpC,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/D2B,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWG,UAApB;AACD;;AAED,MAAIrC,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,gBAA5C,CAAJ,EAAmE;AACjE2B,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWI,cAApB;AACD;;AAED,SAAON,GAAP;AACD;;AAEM,SAASO,iBAAT,CAA2BxC,WAA3B,EAAiE;AAAA;;AACtE,QAAMiC,GAAG,GAAG,EAAZ;AAEA,QAAMQ,aAAa,GAAG,sDAAcC,WAAd,mBAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIjB,WAAT,IAAwB1B,WAAW,CAACC,eAApC,EAAqD;AACnD,UAAM6C,CAAC,GAAGL,aAAa,CAACf,WAAW,CAACpB,IAAb,CAAvB;;AACA,QAAIwC,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMpB,WAAN,CAAnB;AACAO,MAAAA,GAAG,CAACC,IAAJ,CAAUa,UAAU,CAACC,WAAX,CAAuBhD,WAAW,CAACiD,OAAnC,CAAV;AACD;AACF;;AAED,SAAOhB,GAAP;AACD;;AAEM,SAASiB,0BAAT,CAAoClD,WAApC,EAA8DmD,MAA9D,EAA4G;AAAA;;AACjH;AACA,QAAMC,oBAAoB,GAAG,iCAAApD,WAAW,CAACC,eAAZ,CAA6B,CAA7B,EAAiCU,KAAjC,kBAA+C,CAACsB,GAAD,EAAMoB,KAAN,KAAgB;AAC1F,UAAM;AAAE/C,MAAAA;AAAF,QAAW+C,KAAjB;AACApB,IAAAA,GAAG,CAAC3B,IAAD,CAAH,GAAY6C,MAAM,CAAC7C,IAAD,CAAlB;AACA,WAAO2B,GAAP;AACD,GAJ4B,EAI1B,EAJ0B,CAA7B;AAKA,SAAOmB,oBAAP;AACD","sourcesContent":["import * as remediators from './remediators';\nimport { RemediationValues } from './remediators';\nimport { IdxFeature, NextStep } from './types';\nimport { IdxMessage, IdxRemediationValue, IdxResponse } from './types/idx-js';\n\nexport function isTerminalResponse(idxResponse: IdxResponse) {\n  const { neededToProceed, interactionCode } = idxResponse;\n  return !neededToProceed.length && !interactionCode;\n}\n\nexport function canSkipFn(idxResponse: IdxResponse) {\n  return idxResponse.neededToProceed.some(({ name }) => name === 'skip');\n}\n\nexport function canResendFn(idxResponse: IdxResponse) {\n  return Object.keys(idxResponse.actions).some(actionName => actionName.includes('resend'));\n}\n\nexport function getMessagesFromIdxRemediationValue(\n  value?: IdxRemediationValue[]\n): IdxMessage[] | undefined {\n  if (!value || !Array.isArray(value)) {\n    return;\n  }\n  return value.reduce((messages, value) => {\n    if (value.messages) {\n      messages = [...messages, ...value.messages.value] as never;\n    }\n    if (value.form) {\n      const messagesFromForm = getMessagesFromIdxRemediationValue(value.form.value) || [];\n      messages = [...messages, ...messagesFromForm] as never;\n    } \n    if (value.options) {\n      let optionValues = [];\n      value.options.forEach(option => {\n        if (!option.value || typeof option.value === 'string') {\n          return;\n        }\n        optionValues = [...optionValues, option.value] as never;\n      });\n      const messagesFromOptions = getMessagesFromIdxRemediationValue(optionValues) || [];\n      messages = [...messages, ...messagesFromOptions] as never;\n    }\n    return messages;\n  }, []);\n}\n\nexport function getMessagesFromResponse(idxResponse: IdxResponse): IdxMessage[] {\n  let messages: IdxMessage[] = [];\n  const { rawIdxState, neededToProceed } = idxResponse;\n\n  // Handle global messages\n  const globalMessages = rawIdxState.messages?.value.map(message => message);\n  if (globalMessages) {\n    messages = [...messages, ...globalMessages] as never;\n  }\n\n  // Handle field messages for current flow\n  for (let remediation of neededToProceed) {\n    const fieldMessages = getMessagesFromIdxRemediationValue(remediation.value);\n    if (fieldMessages) {\n      messages = [...messages, ...fieldMessages] as never;\n    }\n  }\n\n  // API may return identical error on same field, filter by i18n key\n  const seen = {};\n  messages = messages.reduce((filtered, message) => {\n    const key = message.i18n?.key;\n    if (key && seen[key]) {\n      return filtered;\n    }\n    seen[key] = message;\n    filtered = [...filtered, message] as never;\n    return filtered;\n  }, []);\n  return messages;\n}\n\n\nexport function getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n  const res = [];\n  const { actions, neededToProceed } = idxResponse;\n\n  if (actions['currentAuthenticator-recover']) {\n    res.push(IdxFeature.PASSWORD_RECOVERY as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n    res.push(IdxFeature.REGISTRATION as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n    res.push(IdxFeature.SOCIAL_IDP as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'unlock-account')) {\n    res.push(IdxFeature.ACCOUNT_UNLOCK as never);\n  }\n\n  return res;\n}\n\nexport function getAvailableSteps(idxResponse: IdxResponse): NextStep[] {\n  const res = [];\n\n  const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n    // Only add concrete subclasses to the map\n    if (remediatorClass.remediationName) {\n      map[remediatorClass.remediationName] = remediatorClass;\n    }\n    return map;\n  }, {});\n\n  for (let remediation of idxResponse.neededToProceed) {\n    const T = remediatorMap[remediation.name];\n    if (T) {\n      const remediator = new T(remediation);\n      res.push (remediator.getNextStep(idxResponse.context) as never);\n    }\n  }\n\n  return res;\n}\n\nexport function filterValuesForRemediation(idxResponse: IdxResponse, values: RemediationValues): RemediationValues {\n  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n  const valuesForRemediation = idxResponse.neededToProceed![0]!.value!.reduce((res, entry) => {\n    const { name } = entry;\n    res[name] = values[name];\n    return res;\n  }, {});\n  return valuesForRemediation;\n}\n"],"file":"util.js"}

package/cjs/options/browser.js

@@ -0,0 +1,86 @@
+"use strict";
+
+var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
+
+exports.getStorage = getStorage;
+exports.getCookieSettings = getCookieSettings;
+exports.enableSharedStorage = exports.STORAGE_MANAGER_OPTIONS = void 0;
+
+var _assign = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/assign"));
+
+var _util = require("../util");
+
+var _browserStorage = _interopRequireDefault(require("../browser/browserStorage"));
+
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * 
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+
+/* eslint-disable complexity */
+function getStorage() {
+  const storageUtil = (0, _assign.default)({}, _browserStorage.default, {
+    inMemoryStore: {} // create unique storage for this instance
+
+  });
+  return storageUtil;
+}
+
+const STORAGE_MANAGER_OPTIONS = {
+  token: {
+    storageTypes: ['localStorage', 'sessionStorage', 'cookie']
+  },
+  cache: {
+    storageTypes: ['localStorage', 'sessionStorage', 'cookie']
+  },
+  transaction: {
+    storageTypes: ['sessionStorage', 'localStorage', 'cookie']
+  },
+  'shared-transaction': {
+    storageTypes: ['localStorage']
+  },
+  'original-uri': {
+    storageTypes: ['localStorage']
+  }
+};
+exports.STORAGE_MANAGER_OPTIONS = STORAGE_MANAGER_OPTIONS;
+const enableSharedStorage = true;
+exports.enableSharedStorage = enableSharedStorage;
+
+function getCookieSettings(args = {}, isHTTPS) {
+  // Secure cookies will be automatically used on a HTTPS connection
+  // Non-secure cookies will be automatically used on a HTTP connection
+  // secure option can override the automatic behavior
+  var cookieSettings = args.cookies || {};
+
+  if (typeof cookieSettings.secure === 'undefined') {
+    cookieSettings.secure = isHTTPS;
+  }
+
+  if (typeof cookieSettings.sameSite === 'undefined') {
+    cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';
+  } // If secure=true, but the connection is not HTTPS, set secure=false.
+
+
+  if (cookieSettings.secure && !isHTTPS) {
+    // eslint-disable-next-line no-console
+    (0, _util.warn)('The current page is not being served with the HTTPS protocol.\n' + 'For security reasons, we strongly recommend using HTTPS.\n' + 'If you cannot use HTTPS, set "cookies.secure" option to false.');
+    cookieSettings.secure = false;
+  } // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure
+  // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.
+
+
+  if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {
+    cookieSettings.sameSite = 'lax';
+  }
+
+  return cookieSettings;
+}
+//# sourceMappingURL=browser.js.map

package/cjs/options/browser.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../lib/options/browser.ts"],"names":["getStorage","storageUtil","browserStorage","inMemoryStore","STORAGE_MANAGER_OPTIONS","token","storageTypes","cache","transaction","enableSharedStorage","getCookieSettings","args","isHTTPS","cookieSettings","cookies","secure","sameSite"],"mappings":";;;;;;;;;;AAcA;;AAEA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAMO,SAASA,UAAT,GAAmC;AACxC,QAAMC,WAAW,GAAG,qBAAc,EAAd,EAAkBC,uBAAlB,EAAkC;AACpDC,IAAAA,aAAa,EAAE,EADqC,CAClC;;AADkC,GAAlC,CAApB;AAGA,SAAOF,WAAP;AACD;;AAEM,MAAMG,uBAA8C,GAAG;AAC5DC,EAAAA,KAAK,EAAE;AACLC,IAAAA,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY;AADT,GADqD;AAQ5DC,EAAAA,KAAK,EAAE;AACLD,IAAAA,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY;AADT,GARqD;AAe5DE,EAAAA,WAAW,EAAE;AACXF,IAAAA,YAAY,EAAE,CACZ,gBADY,EAEZ,cAFY,EAGZ,QAHY;AADH,GAf+C;AAsB5D,wBAAsB;AACpBA,IAAAA,YAAY,EAAE,CACZ,cADY;AADM,GAtBsC;AA2B5D,kBAAgB;AACdA,IAAAA,YAAY,EAAE,CACZ,cADY;AADA;AA3B4C,CAAvD;;AAkCA,MAAMG,mBAAmB,GAAG,IAA5B;;;AAEA,SAASC,iBAAT,CAA2BC,IAAqB,GAAG,EAAnD,EAAuDC,OAAvD,EAAyE;AAC9E;AACA;AACA;AACA,MAAIC,cAAc,GAAGF,IAAI,CAACG,OAAL,IAAgB,EAArC;;AACA,MAAI,OAAOD,cAAc,CAACE,MAAtB,KAAiC,WAArC,EAAkD;AAChDF,IAAAA,cAAc,CAACE,MAAf,GAAwBH,OAAxB;AACD;;AACD,MAAI,OAAOC,cAAc,CAACG,QAAtB,KAAmC,WAAvC,EAAoD;AAClDH,IAAAA,cAAc,CAACG,QAAf,GAA0BH,cAAc,CAACE,MAAf,GAAwB,MAAxB,GAAiC,KAA3D;AACD,GAV6E,CAY9E;;;AACA,MAAIF,cAAc,CAACE,MAAf,IAAyB,CAACH,OAA9B,EAAuC;AACrC;AACA,oBACE,oEACA,4DADA,GAEA,gEAHF;AAKAC,IAAAA,cAAc,CAACE,MAAf,GAAwB,KAAxB;AACD,GArB6E,CAuB9E;AACA;;;AACA,MAAIF,cAAc,CAACG,QAAf,KAA4B,MAA5B,IAAsC,CAACH,cAAc,CAACE,MAA1D,EAAkE;AAChEF,IAAAA,cAAc,CAACG,QAAf,GAA0B,KAA1B;AACD;;AAED,SAAOH,cAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable complexity */\nimport { StorageManagerOptions, OktaAuthOptions, StorageUtil } from '../types';\nimport { warn } from '../util';\n\nimport { default as browserStorage } from '../browser/browserStorage';\n\nexport function getStorage(): StorageUtil {\n  const storageUtil = Object.assign({}, browserStorage, {\n    inMemoryStore: {} // create unique storage for this instance\n  });\n  return storageUtil;\n}\n\nexport const STORAGE_MANAGER_OPTIONS: StorageManagerOptions = {\n  token: {\n    storageTypes: [\n      'localStorage',\n      'sessionStorage',\n      'cookie'\n    ]\n  },\n  cache: {\n    storageTypes: [\n      'localStorage',\n      'sessionStorage',\n      'cookie'\n    ]\n  },\n  transaction: {\n    storageTypes: [\n      'sessionStorage',\n      'localStorage',\n      'cookie'\n    ]\n  },\n  'shared-transaction': {\n    storageTypes: [\n      'localStorage'\n    ]\n  },\n  'original-uri': {\n    storageTypes: [\n      'localStorage'\n    ]\n  }\n};\n\nexport const enableSharedStorage = true;\n\nexport function getCookieSettings(args: OktaAuthOptions = {}, isHTTPS: boolean) {\n  // Secure cookies will be automatically used on a HTTPS connection\n  // Non-secure cookies will be automatically used on a HTTP connection\n  // secure option can override the automatic behavior\n  var cookieSettings = args.cookies || {};\n  if (typeof cookieSettings.secure === 'undefined') {\n    cookieSettings.secure = isHTTPS;\n  }\n  if (typeof cookieSettings.sameSite === 'undefined') {\n    cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';\n  }\n\n  // If secure=true, but the connection is not HTTPS, set secure=false.\n  if (cookieSettings.secure && !isHTTPS) {\n    // eslint-disable-next-line no-console\n    warn(\n      'The current page is not being served with the HTTPS protocol.\\n' +\n      'For security reasons, we strongly recommend using HTTPS.\\n' +\n      'If you cannot use HTTPS, set \"cookies.secure\" option to false.'\n    );\n    cookieSettings.secure = false;\n  }\n\n  // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure\n  // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.\n  if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {\n    cookieSettings.sameSite = 'lax';\n  }\n\n  return cookieSettings;\n}\n"],"file":"browser.js"}

package/cjs/options/index.js

@@ -0,0 +1,94 @@
+"use strict";
+
+var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
+
+exports.getDefaultOptions = getDefaultOptions;
+exports.buildOptions = buildOptions;
+
+var _assign = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/assign"));
+
+var _util = require("../util");
+
+var _builderUtil = require("../builderUtil");
+
+var _fetchRequest = _interopRequireDefault(require("../fetch/fetchRequest"));
+
+var _node = require("./node");
+
+var _features = require("../features");
+
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * 
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+function getDefaultOptions() {
+  const options = {
+    devMode: false,
+    httpRequestClient: _fetchRequest.default,
+    storageUtil: (0, _node.getStorage)(),
+    storageManager: _node.STORAGE_MANAGER_OPTIONS,
+    transactionManager: {
+      enableSharedStorage: _node.enableSharedStorage
+    }
+  };
+  return options;
+}
+
+function mergeOptions(options, args) {
+  return (0, _assign.default)({}, options, (0, _util.removeNils)(args), {
+    storageManager: (0, _assign.default)({}, options.storageManager, args.storageManager),
+    transactionManager: (0, _assign.default)({}, options.transactionManager, args.transactionManager)
+  });
+}
+
+function buildOptions(args = {}) {
+  (0, _builderUtil.assertValidConfig)(args);
+  args = mergeOptions(getDefaultOptions(), args);
+  return (0, _util.removeNils)({
+    // OIDC configuration
+    issuer: (0, _util.removeTrailingSlash)(args.issuer),
+    tokenUrl: (0, _util.removeTrailingSlash)(args.tokenUrl),
+    authorizeUrl: (0, _util.removeTrailingSlash)(args.authorizeUrl),
+    userinfoUrl: (0, _util.removeTrailingSlash)(args.userinfoUrl),
+    revokeUrl: (0, _util.removeTrailingSlash)(args.revokeUrl),
+    logoutUrl: (0, _util.removeTrailingSlash)(args.logoutUrl),
+    clientId: args.clientId,
+    redirectUri: args.redirectUri,
+    state: args.state,
+    scopes: args.scopes,
+    postLogoutRedirectUri: args.postLogoutRedirectUri,
+    responseMode: args.responseMode,
+    responseType: args.responseType,
+    pkce: args.pkce === false ? false : true,
+    // PKCE defaults to true
+    useInteractionCodeFlow: args.useInteractionCodeFlow,
+    // Internal options
+    httpRequestClient: args.httpRequestClient,
+    transformErrorXHR: args.transformErrorXHR,
+    transformAuthState: args.transformAuthState,
+    restoreOriginalUri: args.restoreOriginalUri,
+    storageUtil: args.storageUtil,
+    headers: args.headers,
+    devMode: !!args.devMode,
+    storageManager: args.storageManager,
+    transactionManager: args.transactionManager,
+    cookies: (0, _node.getCookieSettings)(args, (0, _features.isHTTPS)()),
+    flow: args.flow,
+    codeChallenge: args.codeChallenge,
+    codeChallengeMethod: args.codeChallengeMethod,
+    recoveryToken: args.recoveryToken,
+    activationToken: args.activationToken,
+    // Give the developer the ability to disable token signature validation.
+    ignoreSignature: !!args.ignoreSignature,
+    // Server-side web applications
+    clientSecret: args.clientSecret
+  });
+}
+//# sourceMappingURL=index.js.map

package/cjs/options/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../lib/options/index.ts"],"names":["getDefaultOptions","options","devMode","httpRequestClient","fetchRequest","storageUtil","storageManager","STORAGE_MANAGER_OPTIONS","transactionManager","enableSharedStorage","mergeOptions","args","buildOptions","issuer","tokenUrl","authorizeUrl","userinfoUrl","revokeUrl","logoutUrl","clientId","redirectUri","state","scopes","postLogoutRedirectUri","responseMode","responseType","pkce","useInteractionCodeFlow","transformErrorXHR","transformAuthState","restoreOriginalUri","headers","cookies","flow","codeChallenge","codeChallengeMethod","recoveryToken","activationToken","ignoreSignature","clientSecret"],"mappings":";;;;;;;;;AAYA;;AACA;;AAGA;;AACA;;AACA;;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAUO,SAASA,iBAAT,GAA8C;AAGnD,QAAMC,OAAO,GAAG;AACdC,IAAAA,OAAO,EAAE,KADK;AAEdC,IAAAA,iBAAiB,EAAEC,qBAFL;AAGdC,IAAAA,WAAW,EAAE,uBAHC;AAIdC,IAAAA,cAAc,EAAEC,6BAJF;AAKdC,IAAAA,kBAAkB,EAAE;AAClBC,MAAAA,mBAAmB,EAAnBA;AADkB;AALN,GAAhB;AASA,SAAOR,OAAP;AACD;;AAED,SAASS,YAAT,CAAsBT,OAAtB,EAA+BU,IAA/B,EAAsD;AACpD,SAAO,qBAAc,EAAd,EAAkBV,OAAlB,EAA2B,sBAAWU,IAAX,CAA3B,EAA6C;AAClDL,IAAAA,cAAc,EAAE,qBAAc,EAAd,EAAkBL,OAAO,CAACK,cAA1B,EAA0CK,IAAI,CAACL,cAA/C,CADkC;AAElDE,IAAAA,kBAAkB,EAAE,qBAAc,EAAd,EAAkBP,OAAO,CAACO,kBAA1B,EAA8CG,IAAI,CAACH,kBAAnD;AAF8B,GAA7C,CAAP;AAID;;AAEM,SAASI,YAAT,CAAsBD,IAAqB,GAAG,EAA9C,EAAmE;AACxE,sCAAkBA,IAAlB;AACAA,EAAAA,IAAI,GAAGD,YAAY,CAACV,iBAAiB,EAAlB,EAAsBW,IAAtB,CAAnB;AACA,SAAO,sBAAW;AAChB;AACAE,IAAAA,MAAM,EAAE,+BAAoBF,IAAI,CAACE,MAAzB,CAFQ;AAGhBC,IAAAA,QAAQ,EAAE,+BAAoBH,IAAI,CAACG,QAAzB,CAHM;AAIhBC,IAAAA,YAAY,EAAE,+BAAoBJ,IAAI,CAACI,YAAzB,CAJE;AAKhBC,IAAAA,WAAW,EAAE,+BAAoBL,IAAI,CAACK,WAAzB,CALG;AAMhBC,IAAAA,SAAS,EAAE,+BAAoBN,IAAI,CAACM,SAAzB,CANK;AAOhBC,IAAAA,SAAS,EAAE,+BAAoBP,IAAI,CAACO,SAAzB,CAPK;AAQhBC,IAAAA,QAAQ,EAAER,IAAI,CAACQ,QARC;AAShBC,IAAAA,WAAW,EAAET,IAAI,CAACS,WATF;AAUhBC,IAAAA,KAAK,EAAEV,IAAI,CAACU,KAVI;AAWhBC,IAAAA,MAAM,EAAEX,IAAI,CAACW,MAXG;AAYhBC,IAAAA,qBAAqB,EAAEZ,IAAI,CAACY,qBAZZ;AAahBC,IAAAA,YAAY,EAAEb,IAAI,CAACa,YAbH;AAchBC,IAAAA,YAAY,EAAEd,IAAI,CAACc,YAdH;AAehBC,IAAAA,IAAI,EAAEf,IAAI,CAACe,IAAL,KAAc,KAAd,GAAsB,KAAtB,GAA8B,IAfpB;AAe0B;AAC1CC,IAAAA,sBAAsB,EAAEhB,IAAI,CAACgB,sBAhBb;AAkBhB;AACAxB,IAAAA,iBAAiB,EAAEQ,IAAI,CAACR,iBAnBR;AAoBhByB,IAAAA,iBAAiB,EAAEjB,IAAI,CAACiB,iBApBR;AAqBhBC,IAAAA,kBAAkB,EAAElB,IAAI,CAACkB,kBArBT;AAsBhBC,IAAAA,kBAAkB,EAAEnB,IAAI,CAACmB,kBAtBT;AAuBhBzB,IAAAA,WAAW,EAAEM,IAAI,CAACN,WAvBF;AAwBhB0B,IAAAA,OAAO,EAAEpB,IAAI,CAACoB,OAxBE;AAyBhB7B,IAAAA,OAAO,EAAE,CAAC,CAACS,IAAI,CAACT,OAzBA;AA0BhBI,IAAAA,cAAc,EAAEK,IAAI,CAACL,cA1BL;AA2BhBE,IAAAA,kBAAkB,EAAEG,IAAI,CAACH,kBA3BT;AA4BhBwB,IAAAA,OAAO,EAAE,6BAAkBrB,IAAlB,EAAwB,wBAAxB,CA5BO;AA6BhBsB,IAAAA,IAAI,EAAEtB,IAAI,CAACsB,IA7BK;AA8BhBC,IAAAA,aAAa,EAAEvB,IAAI,CAACuB,aA9BJ;AA+BhBC,IAAAA,mBAAmB,EAAExB,IAAI,CAACwB,mBA/BV;AAgChBC,IAAAA,aAAa,EAAEzB,IAAI,CAACyB,aAhCJ;AAiChBC,IAAAA,eAAe,EAAE1B,IAAI,CAAC0B,eAjCN;AAmChB;AACAC,IAAAA,eAAe,EAAE,CAAC,CAAC3B,IAAI,CAAC2B,eApCR;AAsChB;AACAC,IAAAA,YAAY,EAAE5B,IAAI,CAAC4B;AAvCH,GAAX,CAAP;AAyCD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { removeTrailingSlash, removeNils } from '../util';\nimport { assertValidConfig } from '../builderUtil';\nimport { OktaAuthOptions } from '../types';\n\nimport fetchRequest from '../fetch/fetchRequest';\nimport { getStorage, STORAGE_MANAGER_OPTIONS, enableSharedStorage, getCookieSettings } from './node';\nimport { isHTTPS } from '../features';\n\nexport function getDefaultOptions(): OktaAuthOptions {\n\n  \n  const options = {\n    devMode: false,\n    httpRequestClient: fetchRequest,\n    storageUtil: getStorage(),\n    storageManager: STORAGE_MANAGER_OPTIONS,\n    transactionManager: {\n      enableSharedStorage\n    }\n  };\n  return options;\n}\n\nfunction mergeOptions(options, args): OktaAuthOptions {\n  return Object.assign({}, options, removeNils(args), {\n    storageManager: Object.assign({}, options.storageManager, args.storageManager),\n    transactionManager: Object.assign({}, options.transactionManager, args.transactionManager),\n  });\n}\n\nexport function buildOptions(args: OktaAuthOptions = {}): OktaAuthOptions {\n  assertValidConfig(args);\n  args = mergeOptions(getDefaultOptions(), args);\n  return removeNils({\n    // OIDC configuration\n    issuer: removeTrailingSlash(args.issuer),\n    tokenUrl: removeTrailingSlash(args.tokenUrl),\n    authorizeUrl: removeTrailingSlash(args.authorizeUrl),\n    userinfoUrl: removeTrailingSlash(args.userinfoUrl),\n    revokeUrl: removeTrailingSlash(args.revokeUrl),\n    logoutUrl: removeTrailingSlash(args.logoutUrl),\n    clientId: args.clientId,\n    redirectUri: args.redirectUri,\n    state: args.state,\n    scopes: args.scopes,\n    postLogoutRedirectUri: args.postLogoutRedirectUri,\n    responseMode: args.responseMode,\n    responseType: args.responseType,\n    pkce: args.pkce === false ? false : true, // PKCE defaults to true\n    useInteractionCodeFlow: args.useInteractionCodeFlow,\n\n    // Internal options\n    httpRequestClient: args.httpRequestClient,\n    transformErrorXHR: args.transformErrorXHR,\n    transformAuthState: args.transformAuthState,\n    restoreOriginalUri: args.restoreOriginalUri,\n    storageUtil: args.storageUtil,\n    headers: args.headers,\n    devMode: !!args.devMode,\n    storageManager: args.storageManager,\n    transactionManager: args.transactionManager,\n    cookies: getCookieSettings(args, isHTTPS()),\n    flow: args.flow,\n    codeChallenge: args.codeChallenge,\n    codeChallengeMethod: args.codeChallengeMethod,\n    recoveryToken: args.recoveryToken,\n    activationToken: args.activationToken,\n\n    // Give the developer the ability to disable token signature validation.\n    ignoreSignature: !!args.ignoreSignature,\n\n    // Server-side web applications\n    clientSecret: args.clientSecret\n  });\n}\n"],"file":"index.js"}

package/cjs/options/node.js

@@ -0,0 +1,45 @@
+"use strict";
+
+var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
+
+exports.getStorage = getStorage;
+exports.getCookieSettings = getCookieSettings;
+exports.enableSharedStorage = exports.STORAGE_MANAGER_OPTIONS = void 0;
+
+var _serverStorage = _interopRequireDefault(require("../server/serverStorage"));
+
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * 
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+function getStorage() {
+  return _serverStorage.default;
+}
+
+const STORAGE_MANAGER_OPTIONS = {
+  token: {
+    storageTypes: ['memory']
+  },
+  cache: {
+    storageTypes: ['memory']
+  },
+  transaction: {
+    storageTypes: ['memory']
+  }
+};
+exports.STORAGE_MANAGER_OPTIONS = STORAGE_MANAGER_OPTIONS;
+const enableSharedStorage = false; // eslint-disable-next-line @typescript-eslint/no-unused-vars, no-unused-vars
+
+exports.enableSharedStorage = enableSharedStorage;
+
+function getCookieSettings(args = {}, isHTTPS) {
+  return args.cookies;
+}
+//# sourceMappingURL=node.js.map

package/cjs/options/node.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../lib/options/node.ts"],"names":["getStorage","storage","STORAGE_MANAGER_OPTIONS","token","storageTypes","cache","transaction","enableSharedStorage","getCookieSettings","args","isHTTPS","cookies"],"mappings":";;;;;;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,UAAT,GAAmC;AACxC,SAAOC,sBAAP;AACD;;AAEM,MAAMC,uBAA8C,GAAG;AAC5DC,EAAAA,KAAK,EAAE;AACLC,IAAAA,YAAY,EAAE,CACZ,QADY;AADT,GADqD;AAM5DC,EAAAA,KAAK,EAAE;AACLD,IAAAA,YAAY,EAAE,CACZ,QADY;AADT,GANqD;AAW5DE,EAAAA,WAAW,EAAE;AACXF,IAAAA,YAAY,EAAE,CACZ,QADY;AADH;AAX+C,CAAvD;;AAkBA,MAAMG,mBAAmB,GAAG,KAA5B,C,CAEP;;;;AACO,SAASC,iBAAT,CAA2BC,IAAqB,GAAG,EAAnD,EAAuDC,OAAvD,EAA0E;AAC/E,SAAOD,IAAI,CAACE,OAAZ;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { StorageManagerOptions, OktaAuthOptions, StorageUtil } from '../types';\n\nimport { default as storage } from '../server/serverStorage';\n\nexport function getStorage(): StorageUtil {\n  return storage;\n}\n\nexport const STORAGE_MANAGER_OPTIONS: StorageManagerOptions = {\n  token: {\n    storageTypes: [\n      'memory'\n    ]\n  },\n  cache: {\n    storageTypes: [\n      'memory'\n    ]\n  },\n  transaction: {\n    storageTypes: [\n      'memory'\n    ]\n  }\n};\n\nexport const enableSharedStorage = false;\n\n// eslint-disable-next-line @typescript-eslint/no-unused-vars, no-unused-vars\nexport function getCookieSettings(args: OktaAuthOptions = {}, isHTTPS?: boolean) {\n  return args.cookies;\n}\n"],"file":"node.js"}

package/cjs/options.js

@@ -92,7 +92,17 @@ function getCookieSettings(args = {}, isHTTPS) {
 }
 
 function getDefaultOptions() {
-  const storageUtil = (0, _features.isBrowser)() ? _browserStorage.default : _serverStorage.default;
+  let storageUtil;
+
+  if ((0, _features.isBrowser)()) {
+    storageUtil = (0, _assign.default)({}, _browserStorage.default, {
+      inMemoryStore: {} // create unique storage for this instance
+
+    });
+  } else {
+    storageUtil = _serverStorage.default;
+  }
+
   const storageManager = (0, _features.isBrowser)() ? BROWSER_STORAGE : SERVER_STORAGE;
   const enableSharedStorage = (0, _features.isBrowser)() ? true : false; // localStorage for multi-tab flows (browser only)