@okta/okta-auth-js 6.2.0 → 6.3.0

package/cjs/idx/run.js

@@ -1,17 +1,7 @@
 "use strict";
 
-var _WeakMap = require("@babel/runtime-corejs3/core-js-stable/weak-map");
-
-var _Object$getOwnPropertyDescriptor = require("@babel/runtime-corejs3/core-js-stable/object/get-own-property-descriptor");
-
-var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
-
 exports.run = run;
 
-var _reduce = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/reduce"));
-
-var _values = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/values"));
-
 var _interact = require("./interact");
 
 var _introspect = require("./introspect");
@@ -20,17 +10,15 @@ var _remediate = require("./remediate");
 
 var _flow = require("./flow");
 
-var remediators = _interopRequireWildcard(require("./remediators"));
-
 var _types = require("../types");
 
 var _idxJs = require("./types/idx-js");
 
 var _transactionMeta = require("./transactionMeta");
 
-function _getRequireWildcardCache(nodeInterop) { if (typeof _WeakMap !== "function") return null; var cacheBabelInterop = new _WeakMap(); var cacheNodeInterop = new _WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+var _util = require("./util");
 
-function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && _Object$getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? _Object$getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+/* eslint-disable @typescript-eslint/no-non-null-assertion */
 
 /*!
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
@@ -45,117 +33,83 @@ function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj &&
  */
 
 /* eslint-disable max-statements, complexity, max-depth */
-function getEnabledFeatures(idxResponse) {
-  const res = [];
-  const {
-    actions,
-    neededToProceed
-  } = idxResponse;
-
-  if (actions['currentAuthenticator-recover']) {
-    res.push(_types.IdxFeature.PASSWORD_RECOVERY);
-  }
-
-  if (neededToProceed.some(({
-    name
-  }) => name === 'select-enroll-profile')) {
-    res.push(_types.IdxFeature.REGISTRATION);
-  }
-
-  if (neededToProceed.some(({
-    name
-  }) => name === 'redirect-idp')) {
-    res.push(_types.IdxFeature.SOCIAL_IDP);
-  }
-
-  if (neededToProceed.some(({
-    name
-  }) => name === 'unlock-account')) {
-    res.push(_types.IdxFeature.ACCOUNT_UNLOCK);
-  }
-
-  return res;
+function initializeValues(options) {
+  // remove known options, everything else is assumed to be a value
+  const knownOptions = ['flow', 'remediators', 'actions', 'withCredentials', 'step'];
+  const values = { ...options
+  };
+  knownOptions.forEach(option => {
+    delete values[option];
+  });
+  return values;
 }
 
-function getAvailableSteps(idxResponse) {
-  var _context;
-
-  const res = [];
-  const remediatorMap = (0, _reduce.default)(_context = (0, _values.default)(remediators)).call(_context, (map, remediatorClass) => {
-    // Only add concrete subclasses to the map
-    if (remediatorClass.remediationName) {
-      map[remediatorClass.remediationName] = remediatorClass;
-    }
-
-    return map;
-  }, {});
-
-  for (let remediation of idxResponse.neededToProceed) {
-    const T = remediatorMap[remediation.name];
-
-    if (T) {
-      const remediator = new T(remediation);
-      res.push(remediator.getNextStep(idxResponse.context));
-    }
+function initializeData(authClient, data) {
+  const {
+    options
+  } = data;
+  let {
+    flow,
+    withCredentials,
+    remediators,
+    actions
+  } = options;
+  const status = _types.IdxStatus.PENDING; // certain options can be set by the flow specification
+
+  flow = flow || authClient.idx.getFlow() || 'default';
+
+  if (flow) {
+    authClient.idx.setFlow(flow);
+    const flowSpec = (0, _flow.getFlowSpecification)(authClient, flow); // Favor option values over flow spec
+
+    withCredentials = typeof withCredentials !== 'undefined' ? withCredentials : flowSpec.withCredentials;
+    remediators = remediators || flowSpec.remediators;
+    actions = actions || flowSpec.actions;
   }
 
-  return res;
+  return { ...data,
+    options: { ...options,
+      flow,
+      withCredentials,
+      remediators,
+      actions
+    },
+    status
+  };
 }
 
-async function run(authClient, options = {}) {
-  var _meta;
-
-  let tokens;
-  let nextStep;
-  let messages;
-  let error;
-  let meta;
-  let enabledFeatures;
-  let availableSteps;
-  let status = _types.IdxStatus.PENDING;
-  let shouldClearTransaction = false;
-  let clearSharedStorage = true;
+async function getDataFromIntrospect(authClient, data) {
+  const {
+    options
+  } = data;
+  const {
+    stateHandle,
+    withCredentials,
+    version,
+    state,
+    scopes,
+    recoveryToken,
+    activationToken
+  } = options;
   let idxResponse;
-  let interactionHandle;
-  let metaFromResp;
-  let interactionCode;
-
-  try {
-    var _metaFromResp;
+  let meta;
 
-    let {
-      flow,
-      state,
-      scopes,
-      version,
-      remediators,
-      actions,
+  if (stateHandle) {
+    idxResponse = await (0, _introspect.introspect)(authClient, {
       withCredentials,
-      exchangeCodeForTokens,
-      autoRemediate,
-      step,
-      recoveryToken,
-      activationToken
-    } = options; // Only one flow can be operating at a time
-
-    flow = flow || authClient.idx.getFlow() || 'default';
-
-    if (flow) {
-      authClient.idx.setFlow(flow);
-      const flowSpec = (0, _flow.getFlowSpecification)(authClient, flow); // Favor option values over flow spec
-
-      withCredentials = typeof withCredentials !== 'undefined' ? withCredentials : flowSpec.withCredentials;
-      remediators = remediators || flowSpec.remediators;
-      actions = actions || flowSpec.actions;
-    } // Try to resume saved transaction
-
+      version,
+      stateHandle
+    });
+  } else {
+    var _meta;
 
-    metaFromResp = (0, _transactionMeta.getSavedTransactionMeta)(authClient, {
+    // Try to resume saved transaction
+    meta = (0, _transactionMeta.getSavedTransactionMeta)(authClient, {
       state,
       recoveryToken,
       activationToken
     });
-    interactionHandle = (_metaFromResp = metaFromResp) === null || _metaFromResp === void 0 ? void 0 : _metaFromResp.interactionHandle; // may be undefined
+    let interactionHandle = (_meta = meta) === null || _meta === void 0 ? void 0 : _meta.interactionHandle; // may be undefined
 
     if (!interactionHandle) {
       // start a new transaction
@@ -168,8 +122,7 @@ async function run(authClient, options = {}) {
         recoveryToken
       });
       interactionHandle = interactResponse.interactionHandle;
-      metaFromResp = interactResponse.meta;
-      withCredentials = metaFromResp.withCredentials;
+      meta = interactResponse.meta;
     } // Introspect to get idx response
 
 
@@ -178,98 +131,214 @@ async function run(authClient, options = {}) {
       version,
       interactionHandle
     });
-    enabledFeatures = getEnabledFeatures(idxResponse);
-    availableSteps = getAvailableSteps(idxResponse); // Include meta in the transaction response
+  }
 
-    meta = metaFromResp;
+  return { ...data,
+    idxResponse,
+    meta
+  };
+}
 
-    if (autoRemediate !== false && (remediators || actions)) {
-      var _idxResponse;
+async function getDataFromRemediate(data) {
+  let {
+    idxResponse,
+    options,
+    values
+  } = data;
+  const {
+    autoRemediate,
+    remediators,
+    actions,
+    flow,
+    step
+  } = options;
+  const shouldRemediate = autoRemediate !== false && (remediators || actions || step);
 
-      const values = { ...options,
-        stateHandle: idxResponse.rawIdxState.stateHandle
-      }; // Can we handle the remediations?
+  if (!shouldRemediate) {
+    return data;
+  }
 
-      const {
-        idxResponse: idxResponseFromResp,
-        nextStep: nextStepFromResp,
-        terminal,
-        canceled,
-        messages: messagesFromResp
-      } = await (0, _remediate.remediate)(idxResponse, values, {
-        remediators,
-        actions,
-        flow,
-        step
-      });
-      idxResponse = idxResponseFromResp || idxResponse; // Track fields from remediation response
-
-      nextStep = nextStepFromResp;
-      messages = messagesFromResp; // Save intermediate idx response in storage to reduce introspect call
-
-      if (nextStep) {
-        authClient.transactionManager.saveIdxResponse(idxResponse.rawIdxState);
-        availableSteps = getAvailableSteps(idxResponse);
-      }
-
-      if (terminal) {
-        status = _types.IdxStatus.TERMINAL;
-        shouldClearTransaction = true;
-        clearSharedStorage = false; // transaction may be continued in another tab
-      }
-
-      if (canceled) {
-        status = _types.IdxStatus.CANCELED;
-        shouldClearTransaction = true;
-      } else if ((_idxResponse = idxResponse) !== null && _idxResponse !== void 0 && _idxResponse.interactionCode) {
-        interactionCode = idxResponse.interactionCode;
-
-        if (exchangeCodeForTokens === false) {
-          status = _types.IdxStatus.SUCCESS;
-          shouldClearTransaction = false;
-        } else {
-          // exchange the interaction code for tokens
-          const {
-            clientId,
-            codeVerifier,
-            ignoreSignature,
-            redirectUri,
-            urls,
-            scopes
-          } = metaFromResp;
-          tokens = await authClient.token.exchangeCodeForTokens({
-            interactionCode,
-            clientId,
-            codeVerifier,
-            ignoreSignature,
-            redirectUri,
-            scopes
-          }, urls);
-          status = _types.IdxStatus.SUCCESS;
-          shouldClearTransaction = true;
-        }
-      }
-    }
-  } catch (err) {
-    // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors
-    if ((0, _idxJs.isIdxResponse)(err)) {
-      error = err;
-      status = _types.IdxStatus.FAILURE;
-      shouldClearTransaction = true;
+  values = { ...values,
+    stateHandle: idxResponse.rawIdxState.stateHandle
+  }; // Can we handle the remediations?
+
+  const {
+    idxResponse: idxResponseFromRemediation,
+    nextStep,
+    canceled
+  } = await (0, _remediate.remediate)(idxResponse, values, {
+    remediators,
+    actions,
+    flow,
+    step
+  });
+  idxResponse = idxResponseFromRemediation;
+  return { ...data,
+    idxResponse,
+    nextStep,
+    canceled
+  };
+}
+
+async function getTokens(authClient, data) {
+  let {
+    meta,
+    idxResponse
+  } = data;
+  const {
+    interactionCode
+  } = idxResponse;
+  const {
+    clientId,
+    codeVerifier,
+    ignoreSignature,
+    redirectUri,
+    urls,
+    scopes
+  } = meta;
+  const tokenResponse = await authClient.token.exchangeCodeForTokens({
+    interactionCode,
+    clientId,
+    codeVerifier,
+    ignoreSignature,
+    redirectUri,
+    scopes
+  }, urls);
+  return tokenResponse.tokens;
+}
+
+async function finalizeData(authClient, data) {
+  let {
+    options,
+    idxResponse,
+    canceled,
+    status
+  } = data;
+  const {
+    exchangeCodeForTokens
+  } = options;
+  let shouldClearTransaction = false;
+  let clearSharedStorage = true;
+  let interactionCode;
+  let tokens;
+  let enabledFeatures;
+  let availableSteps;
+  let messages;
+  let terminal;
+
+  if (idxResponse) {
+    enabledFeatures = (0, _util.getEnabledFeatures)(idxResponse);
+    availableSteps = (0, _util.getAvailableSteps)(idxResponse);
+    messages = (0, _util.getMessagesFromResponse)(idxResponse);
+    terminal = (0, _util.isTerminalResponse)(idxResponse);
+  }
+
+  if (terminal) {
+    status = _types.IdxStatus.TERMINAL;
+    shouldClearTransaction = true;
+    clearSharedStorage = false;
+  } else if (canceled) {
+    status = _types.IdxStatus.CANCELED;
+    shouldClearTransaction = true;
+  } else if (idxResponse !== null && idxResponse !== void 0 && idxResponse.interactionCode) {
+    interactionCode = idxResponse.interactionCode;
+
+    if (exchangeCodeForTokens === false) {
+      status = _types.IdxStatus.SUCCESS;
+      shouldClearTransaction = false;
     } else {
-      // error is not an IDX response, throw it like a regular error
-      throw err;
+      tokens = await getTokens(authClient, data);
+      status = _types.IdxStatus.SUCCESS;
+      shouldClearTransaction = true;
     }
   }
 
+  return { ...data,
+    status,
+    interactionCode,
+    tokens,
+    shouldClearTransaction,
+    clearSharedStorage,
+    enabledFeatures,
+    availableSteps,
+    messages,
+    terminal
+  };
+}
+
+function handleError(err, data) {
+  let {
+    error,
+    status,
+    shouldClearTransaction
+  } = data; // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors
+
+  if ((0, _idxJs.isIdxResponse)(err)) {
+    error = err;
+    status = _types.IdxStatus.FAILURE;
+    shouldClearTransaction = true;
+  } else {
+    // error is not an IDX response, throw it like a regular error
+    throw err;
+  }
+
+  return { ...data,
+    error,
+    status,
+    shouldClearTransaction
+  };
+}
+
+async function run(authClient, options = {}) {
+  let data = {
+    options,
+    values: initializeValues(options)
+  };
+  data = initializeData(authClient, data);
+
+  try {
+    data = await getDataFromIntrospect(authClient, data);
+    data = await getDataFromRemediate(data);
+  } catch (err) {
+    data = handleError(err, data);
+  }
+
+  data = await finalizeData(authClient, data);
+  const {
+    idxResponse,
+    meta,
+    shouldClearTransaction,
+    clearSharedStorage,
+    status,
+    enabledFeatures,
+    availableSteps,
+    tokens,
+    nextStep,
+    messages,
+    error,
+    interactionCode
+  } = data;
+
   if (shouldClearTransaction) {
     authClient.transactionManager.clear({
       clearSharedStorage
     });
-  } else if ((_meta = meta) !== null && _meta !== void 0 && _meta.state) {
+  } else {
     // ensures state is saved to sessionStorage
     (0, _transactionMeta.saveTransactionMeta)(authClient, { ...meta
     });
+
+    if (idxResponse) {
+      // Save intermediate idx response in storage to reduce introspect call
+      const {
+        rawIdxState: rawIdxResponse,
+        requestDidSucceed
+      } = idxResponse;
+      authClient.transactionManager.saveIdxResponse({
+        rawIdxResponse,
+        requestDidSucceed
+      });
+    }
   } // from idx-js, used by the widget
 
 
@@ -281,7 +350,7 @@ async function run(authClient, options = {}) {
     rawIdxState
   } = idxResponse || {};
   return {
-    status,
+    status: status,
     ...(meta && {
       meta
     }),
@@ -292,12 +361,12 @@ async function run(authClient, options = {}) {
       availableSteps
     }),
     ...(tokens && {
-      tokens: tokens.tokens
+      tokens
     }),
     ...(nextStep && {
       nextStep
     }),
-    ...(messages && {
+    ...(messages && messages.length && {
       messages
     }),
     ...(error && {
@@ -306,11 +375,11 @@ async function run(authClient, options = {}) {
     interactionCode,
     // if options.exchangeCodeForTokens is false
     // from idx-js
-    actions,
-    context,
-    neededToProceed,
-    proceed,
-    rawIdxState
+    actions: actions,
+    context: context,
+    neededToProceed: neededToProceed,
+    proceed: proceed,
+    rawIdxState: rawIdxState
   };
 }
 //# sourceMappingURL=run.js.map

package/cjs/idx/run.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["getEnabledFeatures","idxResponse","res","actions","neededToProceed","push","IdxFeature","PASSWORD_RECOVERY","some","name","REGISTRATION","SOCIAL_IDP","ACCOUNT_UNLOCK","getAvailableSteps","remediatorMap","remediators","map","remediatorClass","remediationName","remediation","T","remediator","getNextStep","context","run","authClient","options","tokens","nextStep","messages","error","meta","enabledFeatures","availableSteps","status","IdxStatus","PENDING","shouldClearTransaction","clearSharedStorage","interactionHandle","metaFromResp","interactionCode","flow","state","scopes","version","withCredentials","exchangeCodeForTokens","autoRemediate","step","recoveryToken","activationToken","idx","getFlow","setFlow","flowSpec","transactionManager","clear","interactResponse","values","stateHandle","rawIdxState","idxResponseFromResp","nextStepFromResp","terminal","canceled","messagesFromResp","saveIdxResponse","TERMINAL","CANCELED","SUCCESS","clientId","codeVerifier","ignoreSignature","redirectUri","urls","token","err","FAILURE","proceed"],"mappings":";;;;;;;;;;;;;;AAcA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAQA;;AACA;;;;;;AA5BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAyBA,SAASA,kBAAT,CAA4BC,WAA5B,EAAoE;AAClE,QAAMC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEC,IAAAA,OAAF;AAAWC,IAAAA;AAAX,MAA+BH,WAArC;;AAEA,MAAIE,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CD,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIH,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWI,YAApB;AACD;;AAED,MAAIN,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/DP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWK,UAApB;AACD;;AAED,MAAIP,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,gBAA5C,CAAJ,EAAmE;AACjEP,IAAAA,GAAG,CAACG,IAAJ,CAASC,kBAAWM,cAApB;AACD;;AAED,SAAOV,GAAP;AACD;;AAED,SAASW,iBAAT,CAA2BZ,WAA3B,EAAiE;AAAA;;AAC/D,QAAMC,GAAG,GAAG,EAAZ;AAEA,QAAMY,aAAa,GAAG,qDAAcC,WAAd,kBAAkC,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChF;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GANqB,EAMnB,EANmB,CAAtB;;AAQA,OAAK,IAAIG,WAAT,IAAwBlB,WAAW,CAACG,eAApC,EAAqD;AACnD,UAAMgB,CAAC,GAAGN,aAAa,CAACK,WAAW,CAACV,IAAb,CAAvB;;AACA,QAAIW,CAAJ,EAAO;AACL,YAAMC,UAAU,GAAG,IAAID,CAAJ,CAAMD,WAAN,CAAnB;AACAjB,MAAAA,GAAG,CAACG,IAAJ,CAAUgB,UAAU,CAACC,WAAX,CAAuBrB,WAAW,CAACsB,OAAnC,CAAV;AACD;AACF;;AAED,SAAOrB,GAAP;AACD;;AAEM,eAAesB,GAAf,CACLC,UADK,EAELC,OAAmB,GAAG,EAFjB,EAGoB;AAAA;;AACzB,MAAIC,MAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,KAAJ;AACA,MAAIC,IAAJ;AACA,MAAIC,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,MAAM,GAAGC,iBAAUC,OAAvB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAIC,kBAAkB,GAAG,IAAzB;AACA,MAAIrC,WAAJ;AACA,MAAIsC,iBAAJ;AACA,MAAIC,YAAJ;AACA,MAAIC,eAAJ;;AAEA,MAAI;AAAA;;AAEF,QAAI;AACFC,MAAAA,IADE;AAEFC,MAAAA,KAFE;AAGFC,MAAAA,MAHE;AAIFC,MAAAA,OAJE;AAKF9B,MAAAA,WALE;AAMFZ,MAAAA,OANE;AAOF2C,MAAAA,eAPE;AAQFC,MAAAA,qBARE;AASFC,MAAAA,aATE;AAUFC,MAAAA,IAVE;AAWFC,MAAAA,aAXE;AAYFC,MAAAA;AAZE,QAaAzB,OAbJ,CAFE,CAiBF;;AACAgB,IAAAA,IAAI,GAAGA,IAAI,IAAIjB,UAAU,CAAC2B,GAAX,CAAeC,OAAf,EAAR,IAAoC,SAA3C;;AACA,QAAIX,IAAJ,EAAU;AACRjB,MAAAA,UAAU,CAAC2B,GAAX,CAAeE,OAAf,CAAuBZ,IAAvB;AACA,YAAMa,QAAQ,GAAG,gCAAqB9B,UAArB,EAAiCiB,IAAjC,CAAjB,CAFQ,CAGR;;AACAI,MAAAA,eAAe,GAAI,OAAOA,eAAP,KAA2B,WAA5B,GAA2CA,eAA3C,GAA6DS,QAAQ,CAACT,eAAxF;AACA/B,MAAAA,WAAW,GAAGA,WAAW,IAAIwC,QAAQ,CAACxC,WAAtC;AACAZ,MAAAA,OAAO,GAAGA,OAAO,IAAIoD,QAAQ,CAACpD,OAA9B;AACD,KA1BC,CA4BF;;;AACAqC,IAAAA,YAAY,GAAG,8CAAwBf,UAAxB,EAAoC;AAAEkB,MAAAA,KAAF;AAASO,MAAAA,aAAT;AAAwBC,MAAAA;AAAxB,KAApC,CAAf;AACAZ,IAAAA,iBAAiB,oBAAGC,YAAH,kDAAG,cAAcD,iBAAlC,CA9BE,CA8BmD;;AAErD,QAAI,CAACA,iBAAL,EAAwB;AACtB;AACAd,MAAAA,UAAU,CAAC+B,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAASjC,UAAT,EAAqB;AAClDqB,QAAAA,eADkD;AAElDH,QAAAA,KAFkD;AAGlDC,QAAAA,MAHkD;AAIlDO,QAAAA,eAJkD;AAKlDD,QAAAA;AALkD,OAArB,CAA/B;AAOAX,MAAAA,iBAAiB,GAAGmB,gBAAgB,CAACnB,iBAArC;AACAC,MAAAA,YAAY,GAAGkB,gBAAgB,CAAC3B,IAAhC;AACAe,MAAAA,eAAe,GAAGN,YAAY,CAACM,eAA/B;AACD,KA7CC,CA+CF;;;AACA7C,IAAAA,WAAW,GAAG,MAAM,4BAAWwB,UAAX,EAAuB;AAAEqB,MAAAA,eAAF;AAAmBD,MAAAA,OAAnB;AAA4BN,MAAAA;AAA5B,KAAvB,CAApB;AACAP,IAAAA,eAAe,GAAGhC,kBAAkB,CAACC,WAAD,CAApC;AACAgC,IAAAA,cAAc,GAAGpB,iBAAiB,CAACZ,WAAD,CAAlC,CAlDE,CAoDF;;AACA8B,IAAAA,IAAI,GAAGS,YAAP;;AAEA,QAAIQ,aAAa,KAAK,KAAlB,KAA4BjC,WAAW,IAAIZ,OAA3C,CAAJ,EAAyD;AAAA;;AACvD,YAAMwD,MAAqC,GAAG,EAC5C,GAAGjC,OADyC;AAE5CkC,QAAAA,WAAW,EAAE3D,WAAW,CAAC4D,WAAZ,CAAwBD;AAFO,OAA9C,CADuD,CAMvD;;AACA,YAAM;AACJ3D,QAAAA,WAAW,EAAE6D,mBADT;AAEJlC,QAAAA,QAAQ,EAAEmC,gBAFN;AAGJC,QAAAA,QAHI;AAIJC,QAAAA,QAJI;AAKJpC,QAAAA,QAAQ,EAAEqC;AALN,UAMF,MAAM,0BAAUjE,WAAV,EAAuB0D,MAAvB,EAA+B;AAAE5C,QAAAA,WAAF;AAAeZ,QAAAA,OAAf;AAAwBuC,QAAAA,IAAxB;AAA8BO,QAAAA;AAA9B,OAA/B,CANV;AAOAhD,MAAAA,WAAW,GAAG6D,mBAAmB,IAAI7D,WAArC,CAduD,CAgBvD;;AACA2B,MAAAA,QAAQ,GAAGmC,gBAAX;AACAlC,MAAAA,QAAQ,GAAGqC,gBAAX,CAlBuD,CAoBvD;;AACA,UAAItC,QAAJ,EAAc;AACZH,QAAAA,UAAU,CAAC+B,kBAAX,CAA8BW,eAA9B,CAA8ClE,WAAW,CAAC4D,WAA1D;AACA5B,QAAAA,cAAc,GAAGpB,iBAAiB,CAACZ,WAAD,CAAlC;AACD;;AAED,UAAI+D,QAAJ,EAAc;AACZ9B,QAAAA,MAAM,GAAGC,iBAAUiC,QAAnB;AACA/B,QAAAA,sBAAsB,GAAG,IAAzB;AACAC,QAAAA,kBAAkB,GAAG,KAArB,CAHY,CAGgB;AAC7B;;AAAC,UAAI2B,QAAJ,EAAc;AACd/B,QAAAA,MAAM,GAAGC,iBAAUkC,QAAnB;AACAhC,QAAAA,sBAAsB,GAAG,IAAzB;AACD,OAHC,MAGK,oBAAIpC,WAAJ,yCAAI,aAAawC,eAAjB,EAAkC;AACvCA,QAAAA,eAAe,GAAGxC,WAAW,CAACwC,eAA9B;;AAEA,YAAIM,qBAAqB,KAAK,KAA9B,EAAqC;AACnCb,UAAAA,MAAM,GAAGC,iBAAUmC,OAAnB;AACAjC,UAAAA,sBAAsB,GAAG,KAAzB;AACD,SAHD,MAGO;AACL;AACA,gBAAM;AACJkC,YAAAA,QADI;AAEJC,YAAAA,YAFI;AAGJC,YAAAA,eAHI;AAIJC,YAAAA,WAJI;AAKJC,YAAAA,IALI;AAMJ/B,YAAAA;AANI,cAOFJ,YAPJ;AAQAb,UAAAA,MAAM,GAAG,MAAMF,UAAU,CAACmD,KAAX,CAAiB7B,qBAAjB,CAAuC;AACpDN,YAAAA,eADoD;AAEpD8B,YAAAA,QAFoD;AAGpDC,YAAAA,YAHoD;AAIpDC,YAAAA,eAJoD;AAKpDC,YAAAA,WALoD;AAMpD9B,YAAAA;AANoD,WAAvC,EAOZ+B,IAPY,CAAf;AASAzC,UAAAA,MAAM,GAAGC,iBAAUmC,OAAnB;AACAjC,UAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;AACF;AACF,GAtHD,CAsHE,OAAOwC,GAAP,EAAY;AACZ;AACA,QAAI,0BAAcA,GAAd,CAAJ,EAAwB;AACtB/C,MAAAA,KAAK,GAAG+C,GAAR;AACA3C,MAAAA,MAAM,GAAGC,iBAAU2C,OAAnB;AACAzC,MAAAA,sBAAsB,GAAG,IAAzB;AACD,KAJD,MAIO;AACL;AACA,YAAMwC,GAAN;AACD;AAEF;;AAED,MAAIxC,sBAAJ,EAA4B;AAC1BZ,IAAAA,UAAU,CAAC+B,kBAAX,CAA8BC,KAA9B,CAAoC;AAAEnB,MAAAA;AAAF,KAApC;AACD,GAFD,MAGK,aAAIP,IAAJ,kCAAI,MAAMY,KAAV,EAAiB;AACpB;AACA,8CAAoBlB,UAApB,EAAgC,EAAE,GAAGM;AAAL,KAAhC;AACD,GAzJwB,CA2JzB;;;AACA,QAAM;AAAE5B,IAAAA,OAAF;AAAWoB,IAAAA,OAAX;AAAoBnB,IAAAA,eAApB;AAAqC2E,IAAAA,OAArC;AAA8ClB,IAAAA;AAA9C,MAA8D5D,WAAW,IAAI,EAAnF;AACA,SAAO;AACLiC,IAAAA,MADK;AAEL,QAAIH,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAFK;AAGL,QAAIC,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAHK;AAIL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CAJK;AAKL,QAAIN,MAAM,IAAI;AAAEA,MAAAA,MAAM,EAAEA,MAAM,CAACA;AAAjB,KAAd,CALK;AAML,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CANK;AAOL,QAAIC,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAPK;AAQL,QAAIC,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb,CARK;AASLW,IAAAA,eATK;AASY;AAEjB;AACAtC,IAAAA,OAZK;AAaLoB,IAAAA,OAbK;AAcLnB,IAAAA,eAdK;AAeL2E,IAAAA,OAfK;AAgBLlB,IAAAA;AAhBK,GAAP;AAkBD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate, RemediateOptions } from './remediate';\nimport { getFlowSpecification, RemediationFlow } from './flow';\nimport * as remediators from './remediators';\nimport { \n  OktaAuthInterface,\n  IdxStatus,\n  IdxTransaction,\n  IdxFeature,\n  NextStep,\n  FlowIdentifier,\n} from '../types';\nimport { IdxResponse, isIdxResponse } from './types/idx-js';\nimport { getSavedTransactionMeta, saveTransactionMeta } from './transactionMeta';\nimport { ProceedOptions } from './proceed';\n\nexport type RunOptions = ProceedOptions & RemediateOptions & {\n  flow?: FlowIdentifier;\n  remediators?: RemediationFlow;\n  actions?: string[];\n  withCredentials?: boolean;\n}\n\nfunction getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n  const res = [];\n  const { actions, neededToProceed } = idxResponse;\n\n  if (actions['currentAuthenticator-recover']) {\n    res.push(IdxFeature.PASSWORD_RECOVERY as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n    res.push(IdxFeature.REGISTRATION as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n    res.push(IdxFeature.SOCIAL_IDP as never);\n  }\n\n  if (neededToProceed.some(({ name }) => name === 'unlock-account')) {\n    res.push(IdxFeature.ACCOUNT_UNLOCK as never);\n  }\n\n  return res;\n}\n\nfunction getAvailableSteps(idxResponse: IdxResponse): NextStep[] {\n  const res = [];\n\n  const remediatorMap = Object.values(remediators).reduce((map, remediatorClass) => {\n    // Only add concrete subclasses to the map\n    if (remediatorClass.remediationName) {\n      map[remediatorClass.remediationName] = remediatorClass;\n    }\n    return map;\n  }, {});\n\n  for (let remediation of idxResponse.neededToProceed) {\n    const T = remediatorMap[remediation.name];\n    if (T) {\n      const remediator = new T(remediation);\n      res.push (remediator.getNextStep(idxResponse.context) as never);\n    }\n  }\n\n  return res;\n}\n\nexport async function run(\n  authClient: OktaAuthInterface, \n  options: RunOptions = {},\n): Promise<IdxTransaction> {\n  let tokens;\n  let nextStep;\n  let messages;\n  let error;\n  let meta;\n  let enabledFeatures;\n  let availableSteps;\n  let status = IdxStatus.PENDING;\n  let shouldClearTransaction = false;\n  let clearSharedStorage = true;\n  let idxResponse;\n  let interactionHandle;\n  let metaFromResp;\n  let interactionCode;\n\n  try {\n\n    let {\n      flow,\n      state,\n      scopes,\n      version,\n      remediators,\n      actions,\n      withCredentials,\n      exchangeCodeForTokens,\n      autoRemediate,\n      step,\n      recoveryToken,\n      activationToken\n    } = options;\n\n    // Only one flow can be operating at a time\n    flow = flow || authClient.idx.getFlow() || 'default';\n    if (flow) {\n      authClient.idx.setFlow(flow);\n      const flowSpec = getFlowSpecification(authClient, flow);\n      // Favor option values over flow spec\n      withCredentials = (typeof withCredentials !== 'undefined') ? withCredentials : flowSpec.withCredentials;\n      remediators = remediators || flowSpec.remediators;\n      actions = actions || flowSpec.actions;\n    }\n\n    // Try to resume saved transaction\n    metaFromResp = getSavedTransactionMeta(authClient, { state, recoveryToken, activationToken });\n    interactionHandle = metaFromResp?.interactionHandle; // may be undefined\n\n    if (!interactionHandle) {\n      // start a new transaction\n      authClient.transactionManager.clear();\n      const interactResponse = await interact(authClient, {\n        withCredentials,\n        state,\n        scopes,\n        activationToken,\n        recoveryToken\n      }); \n      interactionHandle = interactResponse.interactionHandle;\n      metaFromResp = interactResponse.meta;\n      withCredentials = metaFromResp.withCredentials;\n    }\n\n    // Introspect to get idx response\n    idxResponse = await introspect(authClient, { withCredentials, version, interactionHandle });\n    enabledFeatures = getEnabledFeatures(idxResponse);\n    availableSteps = getAvailableSteps(idxResponse);\n    \n    // Include meta in the transaction response\n    meta = metaFromResp;\n\n    if (autoRemediate !== false && (remediators || actions)) {\n      const values: remediators.RemediationValues = { \n        ...options, \n        stateHandle: idxResponse.rawIdxState.stateHandle \n      };\n\n      // Can we handle the remediations?\n      const { \n        idxResponse: idxResponseFromResp, \n        nextStep: nextStepFromResp,\n        terminal,\n        canceled,\n        messages: messagesFromResp,\n      } = await remediate(idxResponse, values, { remediators, actions, flow, step });\n      idxResponse = idxResponseFromResp || idxResponse;\n\n      // Track fields from remediation response\n      nextStep = nextStepFromResp;\n      messages = messagesFromResp;\n\n      // Save intermediate idx response in storage to reduce introspect call\n      if (nextStep) {\n        authClient.transactionManager.saveIdxResponse(idxResponse.rawIdxState);\n        availableSteps = getAvailableSteps(idxResponse);\n      }\n\n      if (terminal) {\n        status = IdxStatus.TERMINAL;\n        shouldClearTransaction = true;\n        clearSharedStorage = false; // transaction may be continued in another tab\n      } if (canceled) {\n        status = IdxStatus.CANCELED;\n        shouldClearTransaction = true;\n      } else if (idxResponse?.interactionCode) { \n        interactionCode = idxResponse.interactionCode;\n\n        if (exchangeCodeForTokens === false) {\n          status = IdxStatus.SUCCESS;\n          shouldClearTransaction = false;\n        } else {\n          // exchange the interaction code for tokens\n          const {\n            clientId,\n            codeVerifier,\n            ignoreSignature,\n            redirectUri,\n            urls,\n            scopes,\n          } = metaFromResp;\n          tokens = await authClient.token.exchangeCodeForTokens({\n            interactionCode,\n            clientId,\n            codeVerifier,\n            ignoreSignature,\n            redirectUri,\n            scopes\n          }, urls);\n\n          status = IdxStatus.SUCCESS;\n          shouldClearTransaction = true;\n        }\n      }\n    }\n  } catch (err) {\n    // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors\n    if (isIdxResponse(err)) {\n      error = err;\n      status = IdxStatus.FAILURE;\n      shouldClearTransaction = true;\n    } else {\n      // error is not an IDX response, throw it like a regular error\n      throw err;\n    }\n\n  }\n\n  if (shouldClearTransaction) {\n    authClient.transactionManager.clear({ clearSharedStorage });\n  }\n  else if (meta?.state) {\n    // ensures state is saved to sessionStorage\n    saveTransactionMeta(authClient, { ...meta });\n  }\n  \n  // from idx-js, used by the widget\n  const { actions, context, neededToProceed, proceed, rawIdxState } = idxResponse || {};\n  return {\n    status,\n    ...(meta && { meta }),\n    ...(enabledFeatures && { enabledFeatures }),\n    ...(availableSteps && { availableSteps }),\n    ...(tokens && { tokens: tokens.tokens }),\n    ...(nextStep && { nextStep }),\n    ...(messages && { messages }),\n    ...(error && { error }),\n    interactionCode, // if options.exchangeCodeForTokens is false\n\n    // from idx-js\n    actions,\n    context,\n    neededToProceed,\n    proceed,\n    rawIdxState,\n  };\n}\n"],"file":"run.js"}
+{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["initializeValues","options","knownOptions","values","forEach","option","initializeData","authClient","data","flow","withCredentials","remediators","actions","status","IdxStatus","PENDING","idx","getFlow","setFlow","flowSpec","getDataFromIntrospect","stateHandle","version","state","scopes","recoveryToken","activationToken","idxResponse","meta","interactionHandle","transactionManager","clear","interactResponse","getDataFromRemediate","autoRemediate","step","shouldRemediate","rawIdxState","idxResponseFromRemediation","nextStep","canceled","getTokens","interactionCode","clientId","codeVerifier","ignoreSignature","redirectUri","urls","tokenResponse","token","exchangeCodeForTokens","tokens","finalizeData","shouldClearTransaction","clearSharedStorage","enabledFeatures","availableSteps","messages","terminal","TERMINAL","CANCELED","SUCCESS","handleError","err","error","FAILURE","run","rawIdxResponse","requestDidSucceed","saveIdxResponse","context","neededToProceed","proceed","length"],"mappings":";;;;AAeA;;AACA;;AACA;;AACA;;AAEA;;AAWA;;AACA;;AAEA;;AAlCA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAgDA,SAASA,gBAAT,CAA0BC,OAA1B,EAA+C;AAC7C;AACA,QAAMC,YAAY,GAAG,CAAC,MAAD,EAAS,aAAT,EAAwB,SAAxB,EAAmC,iBAAnC,EAAsD,MAAtD,CAArB;AACA,QAAMC,MAAM,GAAG,EAAE,GAAGF;AAAL,GAAf;AACAC,EAAAA,YAAY,CAACE,OAAb,CAAqBC,MAAM,IAAI;AAC7B,WAAOF,MAAM,CAACE,MAAD,CAAb;AACD,GAFD;AAGA,SAAOF,MAAP;AACD;;AAED,SAASG,cAAT,CAAwBC,UAAxB,EAAoCC,IAApC,EAA4D;AAC1D,QAAM;AAAEP,IAAAA;AAAF,MAAcO,IAApB;AACA,MAAI;AACFC,IAAAA,IADE;AAEFC,IAAAA,eAFE;AAGFC,IAAAA,WAHE;AAIFC,IAAAA;AAJE,MAKAX,OALJ;AAOA,QAAMY,MAAM,GAAGC,iBAAUC,OAAzB,CAT0D,CAW1D;;AACAN,EAAAA,IAAI,GAAGA,IAAI,IAAIF,UAAU,CAACS,GAAX,CAAeC,OAAf,EAAR,IAAoC,SAA3C;;AACA,MAAIR,IAAJ,EAAU;AACRF,IAAAA,UAAU,CAACS,GAAX,CAAeE,OAAf,CAAuBT,IAAvB;AACA,UAAMU,QAAQ,GAAG,gCAAqBZ,UAArB,EAAiCE,IAAjC,CAAjB,CAFQ,CAGR;;AACAC,IAAAA,eAAe,GAAI,OAAOA,eAAP,KAA2B,WAA5B,GAA2CA,eAA3C,GAA6DS,QAAQ,CAACT,eAAxF;AACAC,IAAAA,WAAW,GAAGA,WAAW,IAAIQ,QAAQ,CAACR,WAAtC;AACAC,IAAAA,OAAO,GAAGA,OAAO,IAAIO,QAAQ,CAACP,OAA9B;AACD;;AACD,SAAO,EACL,GAAGJ,IADE;AAELP,IAAAA,OAAO,EAAE,EAAE,GAAGA,OAAL;AAAcQ,MAAAA,IAAd;AAAoBC,MAAAA,eAApB;AAAqCC,MAAAA,WAArC;AAAkDC,MAAAA;AAAlD,KAFJ;AAGLC,IAAAA;AAHK,GAAP;AAKD;;AAED,eAAeO,qBAAf,CAAqCb,UAArC,EAAiDC,IAAjD,EAAkF;AAChF,QAAM;AAAEP,IAAAA;AAAF,MAAcO,IAApB;AACA,QAAM;AACJa,IAAAA,WADI;AAEJX,IAAAA,eAFI;AAGJY,IAAAA,OAHI;AAIJC,IAAAA,KAJI;AAKJC,IAAAA,MALI;AAMJC,IAAAA,aANI;AAOJC,IAAAA;AAPI,MAQFzB,OARJ;AAUA,MAAI0B,WAAJ;AACA,MAAIC,IAAJ;;AAEA,MAAIP,WAAJ,EAAiB;AACfM,IAAAA,WAAW,GAAG,MAAM,4BAAWpB,UAAX,EAAuB;AAAEG,MAAAA,eAAF;AAAmBY,MAAAA,OAAnB;AAA4BD,MAAAA;AAA5B,KAAvB,CAApB;AACD,GAFD,MAEO;AAAA;;AACL;AACAO,IAAAA,IAAI,GAAG,8CAAwBrB,UAAxB,EAAoC;AAAEgB,MAAAA,KAAF;AAASE,MAAAA,aAAT;AAAwBC,MAAAA;AAAxB,KAApC,CAAP;AACA,QAAIG,iBAAiB,YAAGD,IAAH,0CAAG,MAAMC,iBAA9B,CAHK,CAG4C;;AAEjD,QAAI,CAACA,iBAAL,EAAwB;AACtB;AACAtB,MAAAA,UAAU,CAACuB,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAASzB,UAAT,EAAqB;AAClDG,QAAAA,eADkD;AAElDa,QAAAA,KAFkD;AAGlDC,QAAAA,MAHkD;AAIlDE,QAAAA,eAJkD;AAKlDD,QAAAA;AALkD,OAArB,CAA/B;AAOAI,MAAAA,iBAAiB,GAAGG,gBAAgB,CAACH,iBAArC;AACAD,MAAAA,IAAI,GAAGI,gBAAgB,CAACJ,IAAxB;AACD,KAjBI,CAmBL;;;AACAD,IAAAA,WAAW,GAAG,MAAM,4BAAWpB,UAAX,EAAuB;AAAEG,MAAAA,eAAF;AAAmBY,MAAAA,OAAnB;AAA4BO,MAAAA;AAA5B,KAAvB,CAApB;AACD;;AACD,SAAO,EAAE,GAAGrB,IAAL;AAAWmB,IAAAA,WAAX;AAAwBC,IAAAA;AAAxB,GAAP;AACD;;AAED,eAAeK,oBAAf,CAAoCzB,IAApC,EAAqE;AACnE,MAAI;AACFmB,IAAAA,WADE;AAEF1B,IAAAA,OAFE;AAGFE,IAAAA;AAHE,MAIAK,IAJJ;AAMA,QAAM;AACJ0B,IAAAA,aADI;AAEJvB,IAAAA,WAFI;AAGJC,IAAAA,OAHI;AAIJH,IAAAA,IAJI;AAKJ0B,IAAAA;AALI,MAMFlC,OANJ;AAQA,QAAMmC,eAAe,GAAIF,aAAa,KAAK,KAAlB,KAA4BvB,WAAW,IAAIC,OAAf,IAA0BuB,IAAtD,CAAzB;;AACA,MAAI,CAACC,eAAL,EAAsB;AACpB,WAAO5B,IAAP;AACD;;AAEDL,EAAAA,MAAM,GAAG,EACP,GAAGA,MADI;AAEPkB,IAAAA,WAAW,EAAEM,WAAW,CAAEU,WAAb,CAAyBhB;AAF/B,GAAT,CApBmE,CAyBnE;;AACA,QAAM;AACJM,IAAAA,WAAW,EAAEW,0BADT;AAEJC,IAAAA,QAFI;AAGJC,IAAAA;AAHI,MAIF,MAAM,0BAAUb,WAAV,EAAwBxB,MAAxB,EAAgC;AAAEQ,IAAAA,WAAF;AAAeC,IAAAA,OAAf;AAAwBH,IAAAA,IAAxB;AAA8B0B,IAAAA;AAA9B,GAAhC,CAJV;AAKAR,EAAAA,WAAW,GAAGW,0BAAd;AAEA,SAAO,EAAE,GAAG9B,IAAL;AAAWmB,IAAAA,WAAX;AAAwBY,IAAAA,QAAxB;AAAkCC,IAAAA;AAAlC,GAAP;AACD;;AAED,eAAeC,SAAf,CAAyBlC,UAAzB,EAAqCC,IAArC,EAAqE;AACnE,MAAI;AAAEoB,IAAAA,IAAF;AAAQD,IAAAA;AAAR,MAAwBnB,IAA5B;AACA,QAAM;AAAEkC,IAAAA;AAAF,MAAsBf,WAA5B;AACA,QAAM;AACJgB,IAAAA,QADI;AAEJC,IAAAA,YAFI;AAGJC,IAAAA,eAHI;AAIJC,IAAAA,WAJI;AAKJC,IAAAA,IALI;AAMJvB,IAAAA;AANI,MAOFI,IAPJ;AAQA,QAAMoB,aAAa,GAAG,MAAMzC,UAAU,CAAC0C,KAAX,CAAiBC,qBAAjB,CAAuC;AACjER,IAAAA,eADiE;AAEjEC,IAAAA,QAFiE;AAGjEC,IAAAA,YAHiE;AAIjEC,IAAAA,eAJiE;AAKjEC,IAAAA,WALiE;AAMjEtB,IAAAA;AANiE,GAAvC,EAOzBuB,IAPyB,CAA5B;AAQA,SAAOC,aAAa,CAACG,MAArB;AACD;;AAED,eAAeC,YAAf,CAA4B7C,UAA5B,EAAwCC,IAAxC,EAAyE;AACvE,MAAI;AACFP,IAAAA,OADE;AAEF0B,IAAAA,WAFE;AAGFa,IAAAA,QAHE;AAIF3B,IAAAA;AAJE,MAKAL,IALJ;AAMA,QAAM;AAAE0C,IAAAA;AAAF,MAA4BjD,OAAlC;AACA,MAAIoD,sBAAsB,GAAG,KAA7B;AACA,MAAIC,kBAAkB,GAAG,IAAzB;AACA,MAAIZ,eAAJ;AACA,MAAIS,MAAJ;AACA,MAAII,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;;AAEA,MAAI/B,WAAJ,EAAiB;AACf4B,IAAAA,eAAe,GAAG,8BAAmB5B,WAAnB,CAAlB;AACA6B,IAAAA,cAAc,GAAG,6BAAkB7B,WAAlB,CAAjB;AACA8B,IAAAA,QAAQ,GAAG,mCAAwB9B,WAAxB,CAAX;AACA+B,IAAAA,QAAQ,GAAG,8BAAmB/B,WAAnB,CAAX;AACD;;AAED,MAAI+B,QAAJ,EAAc;AACZ7C,IAAAA,MAAM,GAAGC,iBAAU6C,QAAnB;AACAN,IAAAA,sBAAsB,GAAG,IAAzB;AACAC,IAAAA,kBAAkB,GAAG,KAArB;AACD,GAJD,MAIO,IAAId,QAAJ,EAAc;AACnB3B,IAAAA,MAAM,GAAGC,iBAAU8C,QAAnB;AACAP,IAAAA,sBAAsB,GAAG,IAAzB;AACD,GAHM,MAGA,IAAI1B,WAAJ,aAAIA,WAAJ,eAAIA,WAAW,CAAEe,eAAjB,EAAkC;AACvCA,IAAAA,eAAe,GAAGf,WAAW,CAACe,eAA9B;;AACA,QAAIQ,qBAAqB,KAAK,KAA9B,EAAqC;AACnCrC,MAAAA,MAAM,GAAGC,iBAAU+C,OAAnB;AACAR,MAAAA,sBAAsB,GAAG,KAAzB;AACD,KAHD,MAGO;AACLF,MAAAA,MAAM,GAAG,MAAMV,SAAS,CAAClC,UAAD,EAAaC,IAAb,CAAxB;AACAK,MAAAA,MAAM,GAAGC,iBAAU+C,OAAnB;AACAR,MAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;;AACD,SAAO,EACL,GAAG7C,IADE;AAELK,IAAAA,MAFK;AAGL6B,IAAAA,eAHK;AAILS,IAAAA,MAJK;AAKLE,IAAAA,sBALK;AAMLC,IAAAA,kBANK;AAOLC,IAAAA,eAPK;AAQLC,IAAAA,cARK;AASLC,IAAAA,QATK;AAULC,IAAAA;AAVK,GAAP;AAYD;;AAED,SAASI,WAAT,CAAqBC,GAArB,EAA0BvD,IAA1B,EAAkD;AAChD,MAAI;AAAEwD,IAAAA,KAAF;AAASnD,IAAAA,MAAT;AAAiBwC,IAAAA;AAAjB,MAA4C7C,IAAhD,CADgD,CAGhD;;AACA,MAAI,0BAAcuD,GAAd,CAAJ,EAAwB;AACtBC,IAAAA,KAAK,GAAGD,GAAR;AACAlD,IAAAA,MAAM,GAAGC,iBAAUmD,OAAnB;AACAZ,IAAAA,sBAAsB,GAAG,IAAzB;AACD,GAJD,MAIO;AACL;AACA,UAAMU,GAAN;AACD;;AAED,SAAO,EAAE,GAAGvD,IAAL;AAAWwD,IAAAA,KAAX;AAAkBnD,IAAAA,MAAlB;AAA0BwC,IAAAA;AAA1B,GAAP;AACD;;AAEM,eAAea,GAAf,CACL3D,UADK,EAELN,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIO,IAAa,GAAG;AAClBP,IAAAA,OADkB;AAElBE,IAAAA,MAAM,EAAEH,gBAAgB,CAACC,OAAD;AAFN,GAApB;AAKAO,EAAAA,IAAI,GAAGF,cAAc,CAACC,UAAD,EAAaC,IAAb,CAArB;;AACA,MAAI;AACFA,IAAAA,IAAI,GAAG,MAAMY,qBAAqB,CAACb,UAAD,EAAaC,IAAb,CAAlC;AACAA,IAAAA,IAAI,GAAG,MAAMyB,oBAAoB,CAACzB,IAAD,CAAjC;AACD,GAHD,CAGE,OAAOuD,GAAP,EAAY;AACZvD,IAAAA,IAAI,GAAGsD,WAAW,CAACC,GAAD,EAAMvD,IAAN,CAAlB;AACD;;AACDA,EAAAA,IAAI,GAAG,MAAM4C,YAAY,CAAC7C,UAAD,EAAaC,IAAb,CAAzB;AAEA,QAAM;AACJmB,IAAAA,WADI;AAEJC,IAAAA,IAFI;AAGJyB,IAAAA,sBAHI;AAIJC,IAAAA,kBAJI;AAKJzC,IAAAA,MALI;AAMJ0C,IAAAA,eANI;AAOJC,IAAAA,cAPI;AAQJL,IAAAA,MARI;AASJZ,IAAAA,QATI;AAUJkB,IAAAA,QAVI;AAWJO,IAAAA,KAXI;AAYJtB,IAAAA;AAZI,MAaFlC,IAbJ;;AAeA,MAAI6C,sBAAJ,EAA4B;AAC1B9C,IAAAA,UAAU,CAACuB,kBAAX,CAA8BC,KAA9B,CAAoC;AAAEuB,MAAAA;AAAF,KAApC;AACD,GAFD,MAGK;AACH;AACA,8CAAoB/C,UAApB,EAAgC,EAAE,GAAGqB;AAAL,KAAhC;;AAEA,QAAID,WAAJ,EAAiB;AACf;AACA,YAAM;AAAEU,QAAAA,WAAW,EAAE8B,cAAf;AAA+BC,QAAAA;AAA/B,UAAqDzC,WAA3D;AACApB,MAAAA,UAAU,CAACuB,kBAAX,CAA8BuC,eAA9B,CAA8C;AAC5CF,QAAAA,cAD4C;AAE5CC,QAAAA;AAF4C,OAA9C;AAID;AAEF,GA9CwB,CAgDzB;;;AACA,QAAM;AAAExD,IAAAA,OAAF;AAAW0D,IAAAA,OAAX;AAAoBC,IAAAA,eAApB;AAAqCC,IAAAA,OAArC;AAA8CnC,IAAAA;AAA9C,MAA8DV,WAAW,IAAI,EAAnF;AACA,SAAO;AACLd,IAAAA,MAAM,EAAEA,MADH;AAEL,QAAIe,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAFK;AAGL,QAAI2B,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAHK;AAIL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CAJK;AAKL,QAAIL,MAAM,IAAI;AAAEA,MAAAA;AAAF,KAAd,CALK;AAML,QAAIZ,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CANK;AAOL,QAAIkB,QAAQ,IAAIA,QAAQ,CAACgB,MAArB,IAA+B;AAAEhB,MAAAA;AAAF,KAAnC,CAPK;AAQL,QAAIO,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb,CARK;AASLtB,IAAAA,eATK;AASY;AAEjB;AACA9B,IAAAA,OAAO,EAAEA,OAZJ;AAaL0D,IAAAA,OAAO,EAAEA,OAbJ;AAcLC,IAAAA,eAAe,EAAEA,eAdZ;AAeLC,IAAAA,OAAO,EAAEA,OAfJ;AAgBLnC,IAAAA,WAAW,EAAEA;AAhBR,GAAP;AAkBD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate, RemediateOptions } from './remediate';\nimport { getFlowSpecification, RemediationFlow } from './flow';\nimport * as remediators from './remediators';\nimport { \n  OktaAuthInterface,\n  IdxStatus,\n  IdxTransaction,\n  IdxFeature,\n  NextStep,\n  FlowIdentifier,\n  IdxTransactionMeta,\n  Tokens,\n  APIError,\n} from '../types';\nimport { IdxMessage, IdxResponse, isIdxResponse } from './types/idx-js';\nimport { getSavedTransactionMeta, saveTransactionMeta } from './transactionMeta';\nimport { ProceedOptions } from './proceed';\nimport { getAvailableSteps, getEnabledFeatures, getMessagesFromResponse, isTerminalResponse } from './util';\n\nexport type RunOptions = ProceedOptions & RemediateOptions & {\n  flow?: FlowIdentifier;\n  remediators?: RemediationFlow;\n  actions?: string[];\n  withCredentials?: boolean;\n}\n\ndeclare interface RunData {\n  options: RunOptions;\n  values: remediators.RemediationValues;\n  status?: IdxStatus;\n  tokens?: Tokens;\n  nextStep?: NextStep;\n  messages?: IdxMessage[];\n  error?: APIError | IdxResponse;\n  meta?: IdxTransactionMeta;\n  enabledFeatures?: IdxFeature[];\n  availableSteps?: NextStep[];\n  idxResponse?: IdxResponse;\n  canceled?: boolean;\n  interactionCode?: string;\n  shouldClearTransaction?: boolean;\n  clearSharedStorage?: boolean;\n  terminal?: boolean;\n}\n\nfunction initializeValues(options: RunOptions) {\n  // remove known options, everything else is assumed to be a value\n  const knownOptions = ['flow', 'remediators', 'actions', 'withCredentials', 'step'];\n  const values = { ...options };\n  knownOptions.forEach(option => {\n    delete values[option];\n  });\n  return values;\n}\n\nfunction initializeData(authClient, data: RunData): RunData {\n  const { options } = data;\n  let {\n    flow,\n    withCredentials,\n    remediators,\n    actions\n  } = options;\n\n  const status = IdxStatus.PENDING;\n\n  // certain options can be set by the flow specification\n  flow = flow || authClient.idx.getFlow() || 'default';\n  if (flow) {\n    authClient.idx.setFlow(flow);\n    const flowSpec = getFlowSpecification(authClient, flow);\n    // Favor option values over flow spec\n    withCredentials = (typeof withCredentials !== 'undefined') ? withCredentials : flowSpec.withCredentials;\n    remediators = remediators || flowSpec.remediators;\n    actions = actions || flowSpec.actions;\n  }\n  return { \n    ...data,\n    options: { ...options, flow, withCredentials, remediators, actions },\n    status\n  };\n}\n\nasync function getDataFromIntrospect(authClient, data: RunData): Promise<RunData> {\n  const { options } = data;\n  const {\n    stateHandle,\n    withCredentials,\n    version,\n    state,\n    scopes,\n    recoveryToken,\n    activationToken\n  } = options;\n\n  let idxResponse;\n  let meta;\n\n  if (stateHandle) {\n    idxResponse = await introspect(authClient, { withCredentials, version, stateHandle });\n  } else {\n    // Try to resume saved transaction\n    meta = getSavedTransactionMeta(authClient, { state, recoveryToken, activationToken });\n    let interactionHandle = meta?.interactionHandle; // may be undefined\n\n    if (!interactionHandle) {\n      // start a new transaction\n      authClient.transactionManager.clear();\n      const interactResponse = await interact(authClient, {\n        withCredentials,\n        state,\n        scopes,\n        activationToken,\n        recoveryToken\n      }); \n      interactionHandle = interactResponse.interactionHandle;\n      meta = interactResponse.meta;\n    }\n  \n    // Introspect to get idx response\n    idxResponse = await introspect(authClient, { withCredentials, version, interactionHandle });\n  }\n  return { ...data, idxResponse, meta };\n}\n\nasync function getDataFromRemediate(data: RunData): Promise<RunData> {\n  let {\n    idxResponse,\n    options,\n    values\n  } = data;\n\n  const {\n    autoRemediate,\n    remediators,\n    actions,\n    flow,\n    step,\n  } = options;\n  \n  const shouldRemediate = (autoRemediate !== false && (remediators || actions || step));\n  if (!shouldRemediate) {\n    return data;\n  }\n\n  values = { \n    ...values, \n    stateHandle: idxResponse!.rawIdxState.stateHandle \n  };\n\n  // Can we handle the remediations?\n  const { \n    idxResponse: idxResponseFromRemediation, \n    nextStep,\n    canceled,\n  } = await remediate(idxResponse!, values, { remediators, actions, flow, step });\n  idxResponse = idxResponseFromRemediation;\n\n  return { ...data, idxResponse, nextStep, canceled };\n}\n\nasync function getTokens(authClient, data: RunData): Promise<Tokens> {\n  let { meta, idxResponse } = data;\n  const { interactionCode } = idxResponse as IdxResponse;\n  const {\n    clientId,\n    codeVerifier,\n    ignoreSignature,\n    redirectUri,\n    urls,\n    scopes,\n  } = meta as IdxTransactionMeta;\n  const tokenResponse = await authClient.token.exchangeCodeForTokens({\n    interactionCode,\n    clientId,\n    codeVerifier,\n    ignoreSignature,\n    redirectUri,\n    scopes\n  }, urls);\n  return tokenResponse.tokens;\n}\n\nasync function finalizeData(authClient, data: RunData): Promise<RunData> {\n  let {\n    options,\n    idxResponse,\n    canceled,\n    status,\n  } = data;\n  const { exchangeCodeForTokens } = options;\n  let shouldClearTransaction = false;\n  let clearSharedStorage = true;\n  let interactionCode;\n  let tokens;\n  let enabledFeatures;\n  let availableSteps;\n  let messages;\n  let terminal;\n\n  if (idxResponse) {\n    enabledFeatures = getEnabledFeatures(idxResponse);\n    availableSteps = getAvailableSteps(idxResponse);\n    messages = getMessagesFromResponse(idxResponse);\n    terminal = isTerminalResponse(idxResponse);\n  }\n\n  if (terminal) {\n    status = IdxStatus.TERMINAL;\n    shouldClearTransaction = true;\n    clearSharedStorage = false;\n  } else if (canceled) {\n    status = IdxStatus.CANCELED;\n    shouldClearTransaction = true;\n  } else if (idxResponse?.interactionCode) { \n    interactionCode = idxResponse.interactionCode;\n    if (exchangeCodeForTokens === false) {\n      status = IdxStatus.SUCCESS;\n      shouldClearTransaction = false;\n    } else {\n      tokens = await getTokens(authClient, data);\n      status = IdxStatus.SUCCESS;\n      shouldClearTransaction = true;\n    }\n  }\n  return {\n    ...data,\n    status,\n    interactionCode,\n    tokens,\n    shouldClearTransaction,\n    clearSharedStorage,\n    enabledFeatures,\n    availableSteps,\n    messages,\n    terminal\n  };\n}\n\nfunction handleError(err, data: RunData): RunData {\n  let { error, status, shouldClearTransaction } = data;\n\n  // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors\n  if (isIdxResponse(err)) {\n    error = err;\n    status = IdxStatus.FAILURE;\n    shouldClearTransaction = true;\n  } else {\n    // error is not an IDX response, throw it like a regular error\n    throw err;\n  }\n\n  return { ...data, error, status, shouldClearTransaction };\n}\n\nexport async function run(\n  authClient: OktaAuthInterface, \n  options: RunOptions = {},\n): Promise<IdxTransaction> {\n  let data: RunData = {\n    options,\n    values: initializeValues(options)\n  };\n\n  data = initializeData(authClient, data);\n  try {\n    data = await getDataFromIntrospect(authClient, data);\n    data = await getDataFromRemediate(data);\n  } catch (err) {\n    data = handleError(err, data);\n  }\n  data = await finalizeData(authClient, data);\n\n  const {\n    idxResponse,\n    meta,\n    shouldClearTransaction,\n    clearSharedStorage,\n    status,\n    enabledFeatures,\n    availableSteps,\n    tokens,\n    nextStep,\n    messages,\n    error,\n    interactionCode\n  } = data;\n\n  if (shouldClearTransaction) {\n    authClient.transactionManager.clear({ clearSharedStorage });\n  }\n  else {\n    // ensures state is saved to sessionStorage\n    saveTransactionMeta(authClient, { ...meta });\n\n    if (idxResponse) {\n      // Save intermediate idx response in storage to reduce introspect call\n      const { rawIdxState: rawIdxResponse, requestDidSucceed } = idxResponse;\n      authClient.transactionManager.saveIdxResponse({\n        rawIdxResponse,\n        requestDidSucceed\n      });\n    }\n\n  }\n  \n  // from idx-js, used by the widget\n  const { actions, context, neededToProceed, proceed, rawIdxState } = idxResponse || {};\n  return {\n    status: status!,\n    ...(meta && { meta }),\n    ...(enabledFeatures && { enabledFeatures }),\n    ...(availableSteps && { availableSteps }),\n    ...(tokens && { tokens }),\n    ...(nextStep && { nextStep }),\n    ...(messages && messages.length && { messages }),\n    ...(error && { error }),\n    interactionCode, // if options.exchangeCodeForTokens is false\n\n    // from idx-js\n    actions: actions!,\n    context: context!,\n    neededToProceed: neededToProceed!,\n    proceed: proceed!,\n    rawIdxState: rawIdxState!,\n  };\n}\n"],"file":"run.js"}