@okta/okta-auth-js 6.3.0 → 6.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (156) hide show
  1. package/CHANGELOG.md +40 -0
  2. package/README.md +6 -0
  3. package/cjs/AuthStateManager.js +1 -0
  4. package/cjs/AuthStateManager.js.map +1 -1
  5. package/cjs/OktaAuth.js +10 -11
  6. package/cjs/OktaAuth.js.map +1 -1
  7. package/cjs/OktaUserAgent.js +2 -2
  8. package/cjs/TokenManager.js.map +1 -1
  9. package/cjs/TransactionManager.js +3 -3
  10. package/cjs/TransactionManager.js.map +1 -1
  11. package/cjs/crypto/verifyToken.js +2 -1
  12. package/cjs/crypto/verifyToken.js.map +1 -1
  13. package/cjs/errors/AuthApiError.js.map +1 -1
  14. package/cjs/errors/OAuthError.js +7 -1
  15. package/cjs/errors/OAuthError.js.map +1 -1
  16. package/cjs/fetch/fetchRequest.js +17 -3
  17. package/cjs/fetch/fetchRequest.js.map +1 -1
  18. package/cjs/http/request.js +7 -3
  19. package/cjs/http/request.js.map +1 -1
  20. package/cjs/idx/idxState/index.js +55 -0
  21. package/cjs/idx/idxState/index.js.map +1 -0
  22. package/cjs/idx/{idx-js → idxState}/v1/actionParser.js +1 -0
  23. package/cjs/idx/idxState/v1/actionParser.js.map +1 -0
  24. package/cjs/idx/{idx-js → idxState}/v1/generateIdxAction.js +43 -30
  25. package/cjs/idx/idxState/v1/generateIdxAction.js.map +1 -0
  26. package/cjs/idx/{idx-js → idxState}/v1/idxResponseParser.js +8 -8
  27. package/cjs/idx/idxState/v1/idxResponseParser.js.map +1 -0
  28. package/cjs/idx/{idx-js → idxState}/v1/makeIdxState.js +3 -2
  29. package/cjs/idx/idxState/v1/makeIdxState.js.map +1 -0
  30. package/cjs/idx/{idx-js → idxState}/v1/parsers.js +1 -0
  31. package/cjs/idx/idxState/v1/parsers.js.map +1 -0
  32. package/cjs/idx/{idx-js → idxState}/v1/remediationParser.js +4 -2
  33. package/cjs/idx/idxState/v1/remediationParser.js.map +1 -0
  34. package/cjs/idx/interact.js +42 -21
  35. package/cjs/idx/interact.js.map +1 -1
  36. package/cjs/idx/introspect.js +37 -12
  37. package/cjs/idx/introspect.js.map +1 -1
  38. package/cjs/idx/remediate.js +57 -135
  39. package/cjs/idx/remediate.js.map +1 -1
  40. package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
  41. package/cjs/idx/remediators/AuthenticatorVerificationData.js +7 -6
  42. package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
  43. package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
  44. package/cjs/idx/remediators/Base/Remediator.js +12 -2
  45. package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
  46. package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  47. package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  48. package/cjs/idx/remediators/ChallengeAuthenticator.js.map +1 -1
  49. package/cjs/idx/remediators/EnrollAuthenticator.js.map +1 -1
  50. package/cjs/idx/remediators/EnrollPoll.js.map +1 -1
  51. package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
  52. package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -1
  53. package/cjs/idx/remediators/Identify.js.map +1 -1
  54. package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
  55. package/cjs/idx/remediators/ResetAuthenticator.js.map +1 -1
  56. package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
  57. package/cjs/idx/remediators/SelectAuthenticatorEnroll.js.map +1 -1
  58. package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js.map +1 -1
  59. package/cjs/idx/remediators/SelectEnrollProfile.js.map +1 -1
  60. package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -1
  61. package/cjs/idx/remediators/Skip.js.map +1 -1
  62. package/cjs/idx/run.js +16 -12
  63. package/cjs/idx/run.js.map +1 -1
  64. package/cjs/idx/types/idx-js.js +2 -0
  65. package/cjs/idx/types/idx-js.js.map +1 -1
  66. package/cjs/idx/types/index.js +0 -138
  67. package/cjs/idx/types/index.js.map +1 -1
  68. package/cjs/idx/util.js +127 -5
  69. package/cjs/idx/util.js.map +1 -1
  70. package/cjs/server/serverStorage.js +1 -0
  71. package/cjs/server/serverStorage.js.map +1 -1
  72. package/cjs/tx/AuthTransaction.js.map +1 -1
  73. package/cjs/types/Token.js +0 -1
  74. package/cjs/types/Token.js.map +1 -1
  75. package/cjs/util/object.js.map +1 -1
  76. package/cjs/util/types.js.map +1 -1
  77. package/dist/okta-auth-js.min.js +1 -1
  78. package/dist/okta-auth-js.min.js.map +1 -1
  79. package/dist/okta-auth-js.umd.js +1 -1
  80. package/dist/okta-auth-js.umd.js.map +1 -1
  81. package/esm/esm.browser.js +711 -895
  82. package/esm/esm.browser.js.map +1 -1
  83. package/esm/esm.node.mjs +619 -740
  84. package/esm/esm.node.mjs.map +1 -1
  85. package/lib/TokenManager.d.ts +2 -2
  86. package/lib/errors/OAuthError.d.ts +2 -0
  87. package/lib/idx/flow/RemediationFlow.d.ts +2 -2
  88. package/lib/idx/idxState/index.d.ts +7 -0
  89. package/lib/idx/{idx-js → idxState}/v1/actionParser.d.ts +0 -0
  90. package/lib/idx/{idx-js → idxState}/v1/generateIdxAction.d.ts +3 -1
  91. package/lib/idx/{idx-js → idxState}/v1/idxResponseParser.d.ts +3 -2
  92. package/lib/idx/{idx-js → idxState}/v1/makeIdxState.d.ts +3 -2
  93. package/lib/idx/{idx-js → idxState}/v1/parsers.d.ts +0 -0
  94. package/lib/idx/{idx-js → idxState}/v1/remediationParser.d.ts +2 -1
  95. package/lib/idx/interact.d.ts +22 -0
  96. package/lib/idx/remediate.d.ts +9 -12
  97. package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +1 -2
  98. package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +3 -3
  99. package/lib/idx/remediators/Base/AuthenticatorData.d.ts +3 -4
  100. package/lib/idx/remediators/Base/Remediator.d.ts +8 -4
  101. package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +2 -3
  102. package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +3 -4
  103. package/lib/idx/remediators/ChallengeAuthenticator.d.ts +1 -2
  104. package/lib/idx/remediators/EnrollAuthenticator.d.ts +1 -2
  105. package/lib/idx/remediators/EnrollPoll.d.ts +1 -2
  106. package/lib/idx/remediators/EnrollProfile.d.ts +1 -2
  107. package/lib/idx/remediators/EnrollmentChannelData.d.ts +1 -2
  108. package/lib/idx/remediators/Identify.d.ts +1 -2
  109. package/lib/idx/remediators/ReEnrollAuthenticator.d.ts +1 -2
  110. package/lib/idx/remediators/ResetAuthenticator.d.ts +1 -2
  111. package/lib/idx/remediators/SelectAuthenticatorAuthenticate.d.ts +1 -2
  112. package/lib/idx/remediators/SelectAuthenticatorEnroll.d.ts +1 -2
  113. package/lib/idx/remediators/SelectAuthenticatorUnlockAccount.d.ts +1 -2
  114. package/lib/idx/remediators/SelectEnrollProfile.d.ts +1 -2
  115. package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +1 -2
  116. package/lib/idx/remediators/Skip.d.ts +1 -2
  117. package/lib/idx/types/idx-js.d.ts +5 -2
  118. package/lib/idx/types/index.d.ts +26 -17
  119. package/lib/idx/util.d.ts +7 -4
  120. package/lib/types/EventEmitter.d.ts +3 -3
  121. package/lib/types/Service.d.ts +6 -6
  122. package/lib/types/Storage.d.ts +6 -6
  123. package/lib/types/TokenManager.d.ts +5 -2
  124. package/lib/types/UserClaims.d.ts +1 -1
  125. package/lib/util/types.d.ts +1 -1
  126. package/package.json +9 -10
  127. package/cjs/idx/headers.js +0 -59
  128. package/cjs/idx/headers.js.map +0 -1
  129. package/cjs/idx/idx-js/client.js +0 -91
  130. package/cjs/idx/idx-js/client.js.map +0 -1
  131. package/cjs/idx/idx-js/index.js +0 -40
  132. package/cjs/idx/idx-js/index.js.map +0 -1
  133. package/cjs/idx/idx-js/interact.js +0 -83
  134. package/cjs/idx/idx-js/interact.js.map +0 -1
  135. package/cjs/idx/idx-js/introspect.js +0 -62
  136. package/cjs/idx/idx-js/introspect.js.map +0 -1
  137. package/cjs/idx/idx-js/parsers.js +0 -41
  138. package/cjs/idx/idx-js/parsers.js.map +0 -1
  139. package/cjs/idx/idx-js/util.js +0 -34
  140. package/cjs/idx/idx-js/util.js.map +0 -1
  141. package/cjs/idx/idx-js/v1/actionParser.js.map +0 -1
  142. package/cjs/idx/idx-js/v1/generateIdxAction.js.map +0 -1
  143. package/cjs/idx/idx-js/v1/idxResponseParser.js.map +0 -1
  144. package/cjs/idx/idx-js/v1/makeIdxState.js.map +0 -1
  145. package/cjs/idx/idx-js/v1/parsers.js.map +0 -1
  146. package/cjs/idx/idx-js/v1/remediationParser.js.map +0 -1
  147. package/cjs/options.js +0 -170
  148. package/cjs/options.js.map +0 -1
  149. package/lib/idx/headers.d.ts +0 -16
  150. package/lib/idx/idx-js/client.d.ts +0 -36
  151. package/lib/idx/idx-js/index.d.ts +0 -35
  152. package/lib/idx/idx-js/interact.d.ts +0 -25
  153. package/lib/idx/idx-js/introspect.d.ts +0 -21
  154. package/lib/idx/idx-js/parsers.d.ts +0 -15
  155. package/lib/idx/idx-js/util.d.ts +0 -12
  156. package/lib/options.d.ts +0 -14
package/CHANGELOG.md CHANGED
@@ -1,5 +1,45 @@
1
1
  # Changelog
2
2
 
3
+ ## 6.4
4
+
5
+ ### Features
6
+
7
+ - [#1161](https://github.com/okta/okta-auth-js/pull/1161)
8
+ - IDX actions accept optional/additional parameters
9
+ - `requestDidSucceed` is returned on `IdxTransaction`
10
+ - adds IDX option `shouldProceedWithEmailAuthenticator` to disable email authenticator auto-selection
11
+
12
+ ### Fixes
13
+
14
+ - [#1145](https://github.com/okta/okta-auth-js/pull/1145)
15
+ - IDX: form field-level messages are now passed through via idxState
16
+ - Type Fixes:
17
+ - IdxContent: `user` property now optional
18
+ - Input: added missing `key` property
19
+
20
+ - [#1161](https://github.com/okta/okta-auth-js/pull/1161)
21
+ - fixes for stateToken flow
22
+
23
+ ### Other
24
+
25
+ - [#1145](https://github.com/okta/okta-auth-js/pull/1145)
26
+ - refactor: IDX methods now use auth-js http client
27
+ - refactor: idx-js methods have been refactored to idxState
28
+
29
+ ## 6.3.2
30
+
31
+ ### Fixes
32
+
33
+ - [#1169](https://github.com/okta/okta-auth-js/pull/1169) Removes deleted file which was inadvertently added back in a merge
34
+
35
+ ## 6.3.1
36
+
37
+ ### Fixes
38
+
39
+ - [#1160](https://github.com/okta/okta-auth-js/pull/1160)
40
+ - Fixes error handling for IDX actions
41
+ - Fixes saved IDX transaction
42
+
3
43
  ## 6.3.0
4
44
 
5
45
  ### Features
package/README.md CHANGED
@@ -277,6 +277,12 @@ if (!userInfo) {
277
277
  }
278
278
  ```
279
279
 
280
+ #### Usage with Typescript < 3.6
281
+
282
+ Typescript versions prior to 3.6 have no type definitions for WebAuthn.
283
+ Support for WebAuthn in IDX API was introduced in `OktaAuth 6.1.0`.
284
+ To solve this issue please install package `@types/webappsec-credential-management` version `^0.5.1`.
285
+
280
286
  ### Strategies for Obtaining Tokens
281
287
 
282
288
  #### Authorization Code flow for web and native client types
package/cjs/AuthStateManager.js CHANGED
@@ -29,6 +29,7 @@ var _PromiseQueue = _interopRequireDefault(require("./PromiseQueue"));
29
29
  *
30
30
  * See the License for the specific language governing permissions and limitations under the License.
31
31
  */
32
+ // eslint-disable-next-line @typescript-eslint/ban-ts-comment
32
33
  // @ts-ignore
33
34
  // Do not use this type in code, so it won't be emitted in the declaration output
34
35
  const INITIAL_AUTH_STATE = null;
package/cjs/AuthStateManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/AuthStateManager.ts"],"names":["INITIAL_AUTH_STATE","DEFAULT_PENDING","updateAuthStatePromise","canceledTimes","EVENT_AUTH_STATE_CHANGE","MAX_PROMISE_CANCEL_TIMES","isSameAuthState","prevState","state","isAuthenticated","idToken","accessToken","error","AuthStateManager","constructor","sdk","emitter","AuthSdkError","_sdk","_pending","_authState","_logOptions","_prevAuthState","_transformQueue","PromiseQueue","quiet","tokenManager","on","EVENT_ADDED","key","token","_setLogOptions","event","updateAuthState","EVENT_REMOVED","options","getAuthState","getPreviousAuthState","transformAuthState","devMode","log","status","group","groupEnd","emitAuthStateChange","authState","emit","finalPromise","origPromise","then","curPromise","cancel","cancelablePromise","PCancelable","resolve","_","onCancel","shouldReject","emitAndResolve","isCanceled","refreshToken","getTokensSync","promise","push","catch","subscribe","handler","unsubscribe","off"],"mappings":";;;;;;;;;;AAcA;;AACA;;AAGA;;AACA;;AACA;;AApBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AASO,MAAMA,kBAAkB,GAAG,IAA3B;;AACP,MAAMC,eAAe,GAAG;AACtBC,EAAAA,sBAAsB,EAAE,IADF;AAEtBC,EAAAA,aAAa,EAAE;AAFO,CAAxB;AAIA,MAAMC,uBAAuB,GAAG,iBAAhC;AACA,MAAMC,wBAAwB,GAAG,EAAjC,C,CAEA;;AACA,MAAMC,eAAe,GAAG,CAACC,SAAD,EAA8BC,KAA9B,KAAmD;AACzE;AACA,MAAI,CAACD,SAAL,EAAgB;AACd,WAAO,KAAP;AACD;;AAED,SAAOA,SAAS,CAACE,eAAV,KAA8BD,KAAK,CAACC,eAApC,IACF,wBAAeF,SAAS,CAACG,OAAzB,MAAsC,wBAAeF,KAAK,CAACE,OAArB,CADpC,IAEF,wBAAeH,SAAS,CAACI,WAAzB,MAA0C,wBAAeH,KAAK,CAACG,WAArB,CAFxC,IAGFJ,SAAS,CAACK,KAAV,KAAoBJ,KAAK,CAACI,KAH/B;AAID,CAVD;;AAaO,MAAMC,gBAAN,CAAuB;AAW5BC,EAAAA,WAAW,CAACC,GAAD,EAAgB;AACzB,QAAI,CAACA,GAAG,CAACC,OAAT,EAAkB;AAChB,YAAM,IAAIC,oBAAJ,CAAiB,uDAAjB,CAAN;AACD;;AAED,SAAKC,IAAL,GAAYH,GAAZ;AACA,SAAKI,QAAL,GAAgB,EAAE,GAAGlB;AAAL,KAAhB;AACA,SAAKmB,UAAL,GAAkBpB,kBAAlB;AACA,SAAKqB,WAAL,GAAmB,EAAnB;AACA,SAAKC,cAAL,GAAsB,IAAtB;AACA,SAAKC,eAAL,GAAuB,IAAIC,qBAAJ,CAAiB;AACtCC,MAAAA,KAAK,EAAE;AAD+B,KAAjB,CAAvB,CAVyB,CAczB;AACA;AACA;;AACAV,IAAAA,GAAG,CAACW,YAAJ,CAAiBC,EAAjB,CAAoBC,yBAApB,EAAiC,CAACC,GAAD,EAAMC,KAAN,KAAgB;AAC/C,WAAKC,cAAL,CAAoB;AAAEC,QAAAA,KAAK,EAAEJ,yBAAT;AAAsBC,QAAAA,GAAtB;AAA2BC,QAAAA;AAA3B,OAApB;;AACA,WAAKG,eAAL;AACD,KAHD;AAIAlB,IAAAA,GAAG,CAACW,YAAJ,CAAiBC,EAAjB,CAAoBO,2BAApB,EAAmC,CAACL,GAAD,EAAMC,KAAN,KAAgB;AACjD,WAAKC,cAAL,CAAoB;AAAEC,QAAAA,KAAK,EAAEE,2BAAT;AAAwBL,QAAAA,GAAxB;AAA6BC,QAAAA;AAA7B,OAApB;;AACA,WAAKG,eAAL;AACD,KAHD;AAID;;AAEDF,EAAAA,cAAc,CAACI,OAAD,EAAU;AACtB,SAAKd,WAAL,GAAmBc,OAAnB;AACD;;AAEDC,EAAAA,YAAY,GAAqB;AAC/B,WAAO,KAAKhB,UAAZ;AACD;;AAEDiB,EAAAA,oBAAoB,GAAqB;AACvC,WAAO,KAAKf,cAAZ;AACD;;AAEoB,QAAfW,eAAe,GAAuB;AAC1C,UAAM;AAAEK,MAAAA,kBAAF;AAAsBC,MAAAA;AAAtB,QAAkC,KAAKrB,IAAL,CAAUiB,OAAlD;;AAEA,UAAMK,GAAG,GAAIC,MAAD,IAAY;AACtB,YAAM;AAAET,QAAAA,KAAF;AAASH,QAAAA,GAAT;AAAcC,QAAAA;AAAd,UAAwB,KAAKT,WAAnC;AACA,8BAAaqB,KAAb,CAAoB,uCAAsCV,KAAM,WAAUS,MAAO,EAAjF;AACA,8BAAaD,GAAb,CAAiBX,GAAjB,EAAsBC,KAAtB;AACA,8BAAaU,GAAb,CAAiB,mBAAjB,EAAsC,KAAKpB,UAA3C;AACA,8BAAauB,QAAb,GALsB,CAOtB;;AACA,WAAKtB,WAAL,GAAmB,EAAnB;AACD,KATD;;AAWA,UAAMuB,mBAAmB,GAAIC,SAAD,IAAe;AACzC,UAAIvC,eAAe,CAAC,KAAKc,UAAN,EAAkByB,SAAlB,CAAnB,EAAiD;AAC/CN,QAAAA,OAAO,IAAIC,GAAG,CAAC,WAAD,CAAd;AACA;AACD;;AACD,WAAKlB,cAAL,GAAsB,KAAKF,UAA3B;AACA,WAAKA,UAAL,GAAkByB,SAAlB,CANyC,CAOzC;;AACA,WAAK3B,IAAL,CAAUF,OAAV,CAAkB8B,IAAlB,CAAuB1C,uBAAvB,EAAgD,EAAE,GAAGyC;AAAL,OAAhD;;AACAN,MAAAA,OAAO,IAAIC,GAAG,CAAC,SAAD,CAAd;AACD,KAVD;;AAYA,UAAMO,YAAY,GAAIC,WAAD,IAAiB;AACpC,aAAO,KAAK7B,QAAL,CAAcjB,sBAAd,CAAqC+C,IAArC,CAA0C,MAAM;AACrD,cAAMC,UAAU,GAAG,KAAK/B,QAAL,CAAcjB,sBAAjC;;AACA,YAAIgD,UAAU,IAAIA,UAAU,KAAKF,WAAjC,EAA8C;AAC5C,iBAAOD,YAAY,CAACG,UAAD,CAAnB;AACD;;AACD,eAAO,KAAKd,YAAL,EAAP;AACD,OANM,CAAP;AAOD,KARD;;AAUA,QAAI,KAAKjB,QAAL,CAAcjB,sBAAlB,EAA0C;AACxC,UAAI,KAAKiB,QAAL,CAAchB,aAAd,IAA+BE,wBAAnC,EAA6D;AAC3D;AACA;AACAkC,QAAAA,OAAO,IAAIC,GAAG,CAAC,YAAD,CAAd;AACA,eAAOO,YAAY,CAAC,KAAK5B,QAAL,CAAcjB,sBAAf,CAAnB;AACD,OALD,MAKO;AACL,aAAKiB,QAAL,CAAcjB,sBAAd,CAAqCiD,MAArC;AACD;AACF;AAED;;;AACA,UAAMC,iBAAiB,GAAG,IAAIC,oBAAJ,CAAgB,CAACC,OAAD,EAAUC,CAAV,EAAaC,QAAb,KAA0B;AAClEA,MAAAA,QAAQ,CAACC,YAAT,GAAwB,KAAxB;AACAD,MAAAA,QAAQ,CAAC,MAAM;AACb,aAAKrC,QAAL,CAAcjB,sBAAd,GAAuC,IAAvC;AACA,aAAKiB,QAAL,CAAchB,aAAd,GAA8B,KAAKgB,QAAL,CAAchB,aAAd,GAA8B,CAA5D;AACAoC,QAAAA,OAAO,IAAIC,GAAG,CAAC,UAAD,CAAd;AACD,OAJO,CAAR;;AAMA,YAAMkB,cAAc,GAAIb,SAAD,IAAe;AACpC,YAAIO,iBAAiB,CAACO,UAAtB,EAAkC;AAChCL,UAAAA,OAAO;AACP;AACD,SAJmC,CAKpC;;;AACAV,QAAAA,mBAAmB,CAACC,SAAD,CAAnB;AACAS,QAAAA,OAAO,GAP6B,CASpC;;AACA,aAAKnC,QAAL,GAAgB,EAAE,GAAGlB;AAAL,SAAhB;AACD,OAXD;;AAaA,WAAKiB,IAAL,CAAUT,eAAV,GACGwC,IADH,CACQ,MAAM;AACV,YAAIG,iBAAiB,CAACO,UAAtB,EAAkC;AAChCL,UAAAA,OAAO;AACP;AACD;;AAED,cAAM;AAAE3C,UAAAA,WAAF;AAAeD,UAAAA,OAAf;AAAwBkD,UAAAA;AAAxB,YAAyC,KAAK1C,IAAL,CAAUQ,YAAV,CAAuBmC,aAAvB,EAA/C;;AACA,cAAMhB,SAAS,GAAG;AAChBlC,UAAAA,WADgB;AAEhBD,UAAAA,OAFgB;AAGhBkD,UAAAA,YAHgB;AAIhBnD,UAAAA,eAAe,EAAE,CAAC,EAAEE,WAAW,IAAID,OAAjB;AAJF,SAAlB,CAPU,CAcV;;AACA,cAAMoD,OAA2B,GAAGxB,kBAAkB,GAClD,KAAKf,eAAL,CAAqBwC,IAArB,CAA0BzB,kBAA1B,EAA8C,IAA9C,EAAoD,KAAKpB,IAAzD,EAA+D2B,SAA/D,CADkD,GAElD,iBAAQS,OAAR,CAAgBT,SAAhB,CAFJ;AAIAiB,QAAAA,OAAO,CACJb,IADH,CACQJ,SAAS,IAAIa,cAAc,CAACb,SAAD,CADnC,EAEGmB,KAFH,CAESpD,KAAK,IAAI8C,cAAc,CAAC;AAC7B/C,UAAAA,WAD6B;AAE7BD,UAAAA,OAF6B;AAG7BkD,UAAAA,YAH6B;AAI7BnD,UAAAA,eAAe,EAAE,KAJY;AAK7BG,UAAAA;AAL6B,SAAD,CAFhC;AASD,OA7BH;AA8BD,KAnDyB,CAA1B;AAoDA;;AACA,SAAKO,QAAL,CAAcjB,sBAAd,GAAuCkD,iBAAvC;AAEA,WAAOL,YAAY,CAACK,iBAAD,CAAnB;AACD;;AAEDa,EAAAA,SAAS,CAACC,OAAD,EAAgB;AACvB,SAAKhD,IAAL,CAAUF,OAAV,CAAkBW,EAAlB,CAAqBvB,uBAArB,EAA8C8D,OAA9C;AACD;;AAEDC,EAAAA,WAAW,CAACD,OAAD,EAAiB;AAC1B,SAAKhD,IAAL,CAAUF,OAAV,CAAkBoD,GAAlB,CAAsBhE,uBAAtB,EAA+C8D,OAA/C;AACD;;AAlK2B","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n \n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport PCancelable from 'p-cancelable';\nimport { AuthSdkError } from './errors';\nimport { AuthState, AuthStateLogOptions } from './types';\nimport { OktaAuth } from '.';\nimport { getConsole } from './util';\nimport { EVENT_ADDED, EVENT_REMOVED } from './TokenManager';\nimport PromiseQueue from './PromiseQueue';\n\nexport const INITIAL_AUTH_STATE = null;\nconst DEFAULT_PENDING = {\n updateAuthStatePromise: null,\n canceledTimes: 0\n};\nconst EVENT_AUTH_STATE_CHANGE = 'authStateChange';\nconst MAX_PROMISE_CANCEL_TIMES = 10;\n\n// only compare first level of authState\nconst isSameAuthState = (prevState: AuthState | null, state: AuthState) => {\n // initial state is null\n if (!prevState) {\n return false;\n }\n\n return prevState.isAuthenticated === state.isAuthenticated \n && JSON.stringify(prevState.idToken) === JSON.stringify(state.idToken)\n && JSON.stringify(prevState.accessToken) === JSON.stringify(state.accessToken)\n && prevState.error === state.error;\n};\n\n\nexport class AuthStateManager {\n _sdk: OktaAuth;\n _pending: { \n updateAuthStatePromise: any;\n canceledTimes: number; \n };\n _authState: AuthState | null;\n _prevAuthState: AuthState | null;\n _logOptions: AuthStateLogOptions;\n _transformQueue: PromiseQueue;\n\n constructor(sdk: OktaAuth) {\n if (!sdk.emitter) {\n throw new AuthSdkError('Emitter should be initialized before AuthStateManager');\n }\n\n this._sdk = sdk;\n this._pending = { ...DEFAULT_PENDING };\n this._authState = INITIAL_AUTH_STATE;\n this._logOptions = {};\n this._prevAuthState = null;\n this._transformQueue = new PromiseQueue({\n quiet: true\n });\n\n // Listen on tokenManager events to start updateState process\n // \"added\" event is emitted in both add and renew process\n // Only listen on \"added\" event to update auth state\n sdk.tokenManager.on(EVENT_ADDED, (key, token) => {\n this._setLogOptions({ event: EVENT_ADDED, key, token });\n this.updateAuthState();\n });\n sdk.tokenManager.on(EVENT_REMOVED, (key, token) => {\n this._setLogOptions({ event: EVENT_REMOVED, key, token });\n this.updateAuthState();\n });\n }\n\n _setLogOptions(options) {\n this._logOptions = options;\n }\n\n getAuthState(): AuthState | null {\n return this._authState;\n }\n\n getPreviousAuthState(): AuthState | null {\n return this._prevAuthState;\n }\n\n async updateAuthState(): Promise<AuthState> {\n const { transformAuthState, devMode } = this._sdk.options;\n\n const log = (status) => {\n const { event, key, token } = this._logOptions;\n getConsole().group(`OKTA-AUTH-JS:updateAuthState: Event:${event} Status:${status}`);\n getConsole().log(key, token);\n getConsole().log('Current authState', this._authState);\n getConsole().groupEnd();\n \n // clear log options after logging\n this._logOptions = {};\n };\n\n const emitAuthStateChange = (authState) => {\n if (isSameAuthState(this._authState, authState)) {\n devMode && log('unchanged'); \n return;\n }\n this._prevAuthState = this._authState;\n this._authState = authState;\n // emit new authState object\n this._sdk.emitter.emit(EVENT_AUTH_STATE_CHANGE, { ...authState });\n devMode && log('emitted');\n };\n\n const finalPromise = (origPromise) => { \n return this._pending.updateAuthStatePromise.then(() => {\n const curPromise = this._pending.updateAuthStatePromise;\n if (curPromise && curPromise !== origPromise) {\n return finalPromise(curPromise);\n }\n return this.getAuthState();\n });\n };\n\n if (this._pending.updateAuthStatePromise) {\n if (this._pending.canceledTimes >= MAX_PROMISE_CANCEL_TIMES) {\n // stop canceling then starting a new promise\n // let existing promise finish to prevent running into loops\n devMode && log('terminated');\n return finalPromise(this._pending.updateAuthStatePromise);\n } else {\n this._pending.updateAuthStatePromise.cancel();\n }\n }\n\n /* eslint-disable complexity */\n const cancelablePromise = new PCancelable((resolve, _, onCancel) => {\n onCancel.shouldReject = false;\n onCancel(() => {\n this._pending.updateAuthStatePromise = null;\n this._pending.canceledTimes = this._pending.canceledTimes + 1;\n devMode && log('canceled');\n });\n\n const emitAndResolve = (authState) => {\n if (cancelablePromise.isCanceled) {\n resolve();\n return;\n }\n // emit event and resolve promise \n emitAuthStateChange(authState);\n resolve();\n\n // clear pending states after resolve\n this._pending = { ...DEFAULT_PENDING };\n };\n\n this._sdk.isAuthenticated()\n .then(() => {\n if (cancelablePromise.isCanceled) {\n resolve();\n return;\n }\n\n const { accessToken, idToken, refreshToken } = this._sdk.tokenManager.getTokensSync();\n const authState = {\n accessToken,\n idToken,\n refreshToken,\n isAuthenticated: !!(accessToken && idToken)\n };\n\n // Enqueue transformAuthState so that it does not run concurrently\n const promise: Promise<AuthState> = transformAuthState\n ? this._transformQueue.push(transformAuthState, null, this._sdk, authState) as Promise<AuthState>\n : Promise.resolve(authState);\n\n promise\n .then(authState => emitAndResolve(authState))\n .catch(error => emitAndResolve({\n accessToken, \n idToken, \n refreshToken,\n isAuthenticated: false, \n error\n }));\n });\n });\n /* eslint-enable complexity */\n this._pending.updateAuthStatePromise = cancelablePromise;\n\n return finalPromise(cancelablePromise);\n }\n\n subscribe(handler): void {\n this._sdk.emitter.on(EVENT_AUTH_STATE_CHANGE, handler);\n }\n\n unsubscribe(handler?): void {\n this._sdk.emitter.off(EVENT_AUTH_STATE_CHANGE, handler);\n }\n}\n"],"file":"AuthStateManager.js"}
1
+ {"version":3,"sources":["../../lib/AuthStateManager.ts"],"names":["INITIAL_AUTH_STATE","DEFAULT_PENDING","updateAuthStatePromise","canceledTimes","EVENT_AUTH_STATE_CHANGE","MAX_PROMISE_CANCEL_TIMES","isSameAuthState","prevState","state","isAuthenticated","idToken","accessToken","error","AuthStateManager","constructor","sdk","emitter","AuthSdkError","_sdk","_pending","_authState","_logOptions","_prevAuthState","_transformQueue","PromiseQueue","quiet","tokenManager","on","EVENT_ADDED","key","token","_setLogOptions","event","updateAuthState","EVENT_REMOVED","options","getAuthState","getPreviousAuthState","transformAuthState","devMode","log","status","group","groupEnd","emitAuthStateChange","authState","emit","finalPromise","origPromise","then","curPromise","cancel","cancelablePromise","PCancelable","resolve","_","onCancel","shouldReject","emitAndResolve","isCanceled","refreshToken","getTokensSync","promise","push","catch","subscribe","handler","unsubscribe","off"],"mappings":";;;;;;;;;;AAeA;;AACA;;AAGA;;AACA;;AACA;;AArBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AASO,MAAMA,kBAAkB,GAAG,IAA3B;;AACP,MAAMC,eAAe,GAAG;AACtBC,EAAAA,sBAAsB,EAAE,IADF;AAEtBC,EAAAA,aAAa,EAAE;AAFO,CAAxB;AAIA,MAAMC,uBAAuB,GAAG,iBAAhC;AACA,MAAMC,wBAAwB,GAAG,EAAjC,C,CAEA;;AACA,MAAMC,eAAe,GAAG,CAACC,SAAD,EAA8BC,KAA9B,KAAmD;AACzE;AACA,MAAI,CAACD,SAAL,EAAgB;AACd,WAAO,KAAP;AACD;;AAED,SAAOA,SAAS,CAACE,eAAV,KAA8BD,KAAK,CAACC,eAApC,IACF,wBAAeF,SAAS,CAACG,OAAzB,MAAsC,wBAAeF,KAAK,CAACE,OAArB,CADpC,IAEF,wBAAeH,SAAS,CAACI,WAAzB,MAA0C,wBAAeH,KAAK,CAACG,WAArB,CAFxC,IAGFJ,SAAS,CAACK,KAAV,KAAoBJ,KAAK,CAACI,KAH/B;AAID,CAVD;;AAaO,MAAMC,gBAAN,CAAuB;AAW5BC,EAAAA,WAAW,CAACC,GAAD,EAAgB;AACzB,QAAI,CAACA,GAAG,CAACC,OAAT,EAAkB;AAChB,YAAM,IAAIC,oBAAJ,CAAiB,uDAAjB,CAAN;AACD;;AAED,SAAKC,IAAL,GAAYH,GAAZ;AACA,SAAKI,QAAL,GAAgB,EAAE,GAAGlB;AAAL,KAAhB;AACA,SAAKmB,UAAL,GAAkBpB,kBAAlB;AACA,SAAKqB,WAAL,GAAmB,EAAnB;AACA,SAAKC,cAAL,GAAsB,IAAtB;AACA,SAAKC,eAAL,GAAuB,IAAIC,qBAAJ,CAAiB;AACtCC,MAAAA,KAAK,EAAE;AAD+B,KAAjB,CAAvB,CAVyB,CAczB;AACA;AACA;;AACAV,IAAAA,GAAG,CAACW,YAAJ,CAAiBC,EAAjB,CAAoBC,yBAApB,EAAiC,CAACC,GAAD,EAAMC,KAAN,KAAgB;AAC/C,WAAKC,cAAL,CAAoB;AAAEC,QAAAA,KAAK,EAAEJ,yBAAT;AAAsBC,QAAAA,GAAtB;AAA2BC,QAAAA;AAA3B,OAApB;;AACA,WAAKG,eAAL;AACD,KAHD;AAIAlB,IAAAA,GAAG,CAACW,YAAJ,CAAiBC,EAAjB,CAAoBO,2BAApB,EAAmC,CAACL,GAAD,EAAMC,KAAN,KAAgB;AACjD,WAAKC,cAAL,CAAoB;AAAEC,QAAAA,KAAK,EAAEE,2BAAT;AAAwBL,QAAAA,GAAxB;AAA6BC,QAAAA;AAA7B,OAApB;;AACA,WAAKG,eAAL;AACD,KAHD;AAID;;AAEDF,EAAAA,cAAc,CAACI,OAAD,EAAU;AACtB,SAAKd,WAAL,GAAmBc,OAAnB;AACD;;AAEDC,EAAAA,YAAY,GAAqB;AAC/B,WAAO,KAAKhB,UAAZ;AACD;;AAEDiB,EAAAA,oBAAoB,GAAqB;AACvC,WAAO,KAAKf,cAAZ;AACD;;AAEoB,QAAfW,eAAe,GAAuB;AAC1C,UAAM;AAAEK,MAAAA,kBAAF;AAAsBC,MAAAA;AAAtB,QAAkC,KAAKrB,IAAL,CAAUiB,OAAlD;;AAEA,UAAMK,GAAG,GAAIC,MAAD,IAAY;AACtB,YAAM;AAAET,QAAAA,KAAF;AAASH,QAAAA,GAAT;AAAcC,QAAAA;AAAd,UAAwB,KAAKT,WAAnC;AACA,8BAAaqB,KAAb,CAAoB,uCAAsCV,KAAM,WAAUS,MAAO,EAAjF;AACA,8BAAaD,GAAb,CAAiBX,GAAjB,EAAsBC,KAAtB;AACA,8BAAaU,GAAb,CAAiB,mBAAjB,EAAsC,KAAKpB,UAA3C;AACA,8BAAauB,QAAb,GALsB,CAOtB;;AACA,WAAKtB,WAAL,GAAmB,EAAnB;AACD,KATD;;AAWA,UAAMuB,mBAAmB,GAAIC,SAAD,IAAe;AACzC,UAAIvC,eAAe,CAAC,KAAKc,UAAN,EAAkByB,SAAlB,CAAnB,EAAiD;AAC/CN,QAAAA,OAAO,IAAIC,GAAG,CAAC,WAAD,CAAd;AACA;AACD;;AACD,WAAKlB,cAAL,GAAsB,KAAKF,UAA3B;AACA,WAAKA,UAAL,GAAkByB,SAAlB,CANyC,CAOzC;;AACA,WAAK3B,IAAL,CAAUF,OAAV,CAAkB8B,IAAlB,CAAuB1C,uBAAvB,EAAgD,EAAE,GAAGyC;AAAL,OAAhD;;AACAN,MAAAA,OAAO,IAAIC,GAAG,CAAC,SAAD,CAAd;AACD,KAVD;;AAYA,UAAMO,YAAY,GAAIC,WAAD,IAAiB;AACpC,aAAO,KAAK7B,QAAL,CAAcjB,sBAAd,CAAqC+C,IAArC,CAA0C,MAAM;AACrD,cAAMC,UAAU,GAAG,KAAK/B,QAAL,CAAcjB,sBAAjC;;AACA,YAAIgD,UAAU,IAAIA,UAAU,KAAKF,WAAjC,EAA8C;AAC5C,iBAAOD,YAAY,CAACG,UAAD,CAAnB;AACD;;AACD,eAAO,KAAKd,YAAL,EAAP;AACD,OANM,CAAP;AAOD,KARD;;AAUA,QAAI,KAAKjB,QAAL,CAAcjB,sBAAlB,EAA0C;AACxC,UAAI,KAAKiB,QAAL,CAAchB,aAAd,IAA+BE,wBAAnC,EAA6D;AAC3D;AACA;AACAkC,QAAAA,OAAO,IAAIC,GAAG,CAAC,YAAD,CAAd;AACA,eAAOO,YAAY,CAAC,KAAK5B,QAAL,CAAcjB,sBAAf,CAAnB;AACD,OALD,MAKO;AACL,aAAKiB,QAAL,CAAcjB,sBAAd,CAAqCiD,MAArC;AACD;AACF;AAED;;;AACA,UAAMC,iBAAiB,GAAG,IAAIC,oBAAJ,CAAgB,CAACC,OAAD,EAAUC,CAAV,EAAaC,QAAb,KAA0B;AAClEA,MAAAA,QAAQ,CAACC,YAAT,GAAwB,KAAxB;AACAD,MAAAA,QAAQ,CAAC,MAAM;AACb,aAAKrC,QAAL,CAAcjB,sBAAd,GAAuC,IAAvC;AACA,aAAKiB,QAAL,CAAchB,aAAd,GAA8B,KAAKgB,QAAL,CAAchB,aAAd,GAA8B,CAA5D;AACAoC,QAAAA,OAAO,IAAIC,GAAG,CAAC,UAAD,CAAd;AACD,OAJO,CAAR;;AAMA,YAAMkB,cAAc,GAAIb,SAAD,IAAe;AACpC,YAAIO,iBAAiB,CAACO,UAAtB,EAAkC;AAChCL,UAAAA,OAAO;AACP;AACD,SAJmC,CAKpC;;;AACAV,QAAAA,mBAAmB,CAACC,SAAD,CAAnB;AACAS,QAAAA,OAAO,GAP6B,CASpC;;AACA,aAAKnC,QAAL,GAAgB,EAAE,GAAGlB;AAAL,SAAhB;AACD,OAXD;;AAaA,WAAKiB,IAAL,CAAUT,eAAV,GACGwC,IADH,CACQ,MAAM;AACV,YAAIG,iBAAiB,CAACO,UAAtB,EAAkC;AAChCL,UAAAA,OAAO;AACP;AACD;;AAED,cAAM;AAAE3C,UAAAA,WAAF;AAAeD,UAAAA,OAAf;AAAwBkD,UAAAA;AAAxB,YAAyC,KAAK1C,IAAL,CAAUQ,YAAV,CAAuBmC,aAAvB,EAA/C;;AACA,cAAMhB,SAAS,GAAG;AAChBlC,UAAAA,WADgB;AAEhBD,UAAAA,OAFgB;AAGhBkD,UAAAA,YAHgB;AAIhBnD,UAAAA,eAAe,EAAE,CAAC,EAAEE,WAAW,IAAID,OAAjB;AAJF,SAAlB,CAPU,CAcV;;AACA,cAAMoD,OAA2B,GAAGxB,kBAAkB,GAClD,KAAKf,eAAL,CAAqBwC,IAArB,CAA0BzB,kBAA1B,EAA8C,IAA9C,EAAoD,KAAKpB,IAAzD,EAA+D2B,SAA/D,CADkD,GAElD,iBAAQS,OAAR,CAAgBT,SAAhB,CAFJ;AAIAiB,QAAAA,OAAO,CACJb,IADH,CACQJ,SAAS,IAAIa,cAAc,CAACb,SAAD,CADnC,EAEGmB,KAFH,CAESpD,KAAK,IAAI8C,cAAc,CAAC;AAC7B/C,UAAAA,WAD6B;AAE7BD,UAAAA,OAF6B;AAG7BkD,UAAAA,YAH6B;AAI7BnD,UAAAA,eAAe,EAAE,KAJY;AAK7BG,UAAAA;AAL6B,SAAD,CAFhC;AASD,OA7BH;AA8BD,KAnDyB,CAA1B;AAoDA;;AACA,SAAKO,QAAL,CAAcjB,sBAAd,GAAuCkD,iBAAvC;AAEA,WAAOL,YAAY,CAACK,iBAAD,CAAnB;AACD;;AAEDa,EAAAA,SAAS,CAACC,OAAD,EAAgB;AACvB,SAAKhD,IAAL,CAAUF,OAAV,CAAkBW,EAAlB,CAAqBvB,uBAArB,EAA8C8D,OAA9C;AACD;;AAEDC,EAAAA,WAAW,CAACD,OAAD,EAAiB;AAC1B,SAAKhD,IAAL,CAAUF,OAAV,CAAkBoD,GAAlB,CAAsBhE,uBAAtB,EAA+C8D,OAA/C;AACD;;AAlK2B","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n \n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport PCancelable from 'p-cancelable';\nimport { AuthSdkError } from './errors';\nimport { AuthState, AuthStateLogOptions } from './types';\nimport { OktaAuth } from '.';\nimport { getConsole } from './util';\nimport { EVENT_ADDED, EVENT_REMOVED } from './TokenManager';\nimport PromiseQueue from './PromiseQueue';\n\nexport const INITIAL_AUTH_STATE = null;\nconst DEFAULT_PENDING = {\n updateAuthStatePromise: null,\n canceledTimes: 0\n};\nconst EVENT_AUTH_STATE_CHANGE = 'authStateChange';\nconst MAX_PROMISE_CANCEL_TIMES = 10;\n\n// only compare first level of authState\nconst isSameAuthState = (prevState: AuthState | null, state: AuthState) => {\n // initial state is null\n if (!prevState) {\n return false;\n }\n\n return prevState.isAuthenticated === state.isAuthenticated \n && JSON.stringify(prevState.idToken) === JSON.stringify(state.idToken)\n && JSON.stringify(prevState.accessToken) === JSON.stringify(state.accessToken)\n && prevState.error === state.error;\n};\n\n\nexport class AuthStateManager {\n _sdk: OktaAuth;\n _pending: { \n updateAuthStatePromise: any;\n canceledTimes: number; \n };\n _authState: AuthState | null;\n _prevAuthState: AuthState | null;\n _logOptions: AuthStateLogOptions;\n _transformQueue: PromiseQueue;\n\n constructor(sdk: OktaAuth) {\n if (!sdk.emitter) {\n throw new AuthSdkError('Emitter should be initialized before AuthStateManager');\n }\n\n this._sdk = sdk;\n this._pending = { ...DEFAULT_PENDING };\n this._authState = INITIAL_AUTH_STATE;\n this._logOptions = {};\n this._prevAuthState = null;\n this._transformQueue = new PromiseQueue({\n quiet: true\n });\n\n // Listen on tokenManager events to start updateState process\n // \"added\" event is emitted in both add and renew process\n // Only listen on \"added\" event to update auth state\n sdk.tokenManager.on(EVENT_ADDED, (key, token) => {\n this._setLogOptions({ event: EVENT_ADDED, key, token });\n this.updateAuthState();\n });\n sdk.tokenManager.on(EVENT_REMOVED, (key, token) => {\n this._setLogOptions({ event: EVENT_REMOVED, key, token });\n this.updateAuthState();\n });\n }\n\n _setLogOptions(options) {\n this._logOptions = options;\n }\n\n getAuthState(): AuthState | null {\n return this._authState;\n }\n\n getPreviousAuthState(): AuthState | null {\n return this._prevAuthState;\n }\n\n async updateAuthState(): Promise<AuthState> {\n const { transformAuthState, devMode } = this._sdk.options;\n\n const log = (status) => {\n const { event, key, token } = this._logOptions;\n getConsole().group(`OKTA-AUTH-JS:updateAuthState: Event:${event} Status:${status}`);\n getConsole().log(key, token);\n getConsole().log('Current authState', this._authState);\n getConsole().groupEnd();\n \n // clear log options after logging\n this._logOptions = {};\n };\n\n const emitAuthStateChange = (authState) => {\n if (isSameAuthState(this._authState, authState)) {\n devMode && log('unchanged'); \n return;\n }\n this._prevAuthState = this._authState;\n this._authState = authState;\n // emit new authState object\n this._sdk.emitter.emit(EVENT_AUTH_STATE_CHANGE, { ...authState });\n devMode && log('emitted');\n };\n\n const finalPromise = (origPromise) => { \n return this._pending.updateAuthStatePromise.then(() => {\n const curPromise = this._pending.updateAuthStatePromise;\n if (curPromise && curPromise !== origPromise) {\n return finalPromise(curPromise);\n }\n return this.getAuthState();\n });\n };\n\n if (this._pending.updateAuthStatePromise) {\n if (this._pending.canceledTimes >= MAX_PROMISE_CANCEL_TIMES) {\n // stop canceling then starting a new promise\n // let existing promise finish to prevent running into loops\n devMode && log('terminated');\n return finalPromise(this._pending.updateAuthStatePromise);\n } else {\n this._pending.updateAuthStatePromise.cancel();\n }\n }\n\n /* eslint-disable complexity */\n const cancelablePromise = new PCancelable((resolve, _, onCancel) => {\n onCancel.shouldReject = false;\n onCancel(() => {\n this._pending.updateAuthStatePromise = null;\n this._pending.canceledTimes = this._pending.canceledTimes + 1;\n devMode && log('canceled');\n });\n\n const emitAndResolve = (authState) => {\n if (cancelablePromise.isCanceled) {\n resolve();\n return;\n }\n // emit event and resolve promise \n emitAuthStateChange(authState);\n resolve();\n\n // clear pending states after resolve\n this._pending = { ...DEFAULT_PENDING };\n };\n\n this._sdk.isAuthenticated()\n .then(() => {\n if (cancelablePromise.isCanceled) {\n resolve();\n return;\n }\n\n const { accessToken, idToken, refreshToken } = this._sdk.tokenManager.getTokensSync();\n const authState = {\n accessToken,\n idToken,\n refreshToken,\n isAuthenticated: !!(accessToken && idToken)\n };\n\n // Enqueue transformAuthState so that it does not run concurrently\n const promise: Promise<AuthState> = transformAuthState\n ? this._transformQueue.push(transformAuthState, null, this._sdk, authState) as Promise<AuthState>\n : Promise.resolve(authState);\n\n promise\n .then(authState => emitAndResolve(authState))\n .catch(error => emitAndResolve({\n accessToken, \n idToken, \n refreshToken,\n isAuthenticated: false, \n error\n }));\n });\n });\n /* eslint-enable complexity */\n this._pending.updateAuthStatePromise = cancelablePromise;\n\n return finalPromise(cancelablePromise);\n }\n\n subscribe(handler): void {\n this._sdk.emitter.on(EVENT_AUTH_STATE_CHANGE, handler);\n }\n\n unsubscribe(handler?): void {\n this._sdk.emitter.off(EVENT_AUTH_STATE_CHANGE, handler);\n }\n}\n"],"file":"AuthStateManager.js"}
package/cjs/OktaAuth.js CHANGED
@@ -16,6 +16,8 @@ var _indexOf = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-st
16
16
 
17
17
  var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));
18
18
 
19
+ var _defineProperty2 = _interopRequireDefault(require("@babel/runtime-corejs3/helpers/defineProperty"));
20
+
19
21
  var constants = _interopRequireWildcard(require("./constants"));
20
22
 
21
23
  var _tx = require("./tx");
@@ -56,8 +58,6 @@ var _options = require("./options");
56
58
 
57
59
  var _idx = require("./idx");
58
60
 
59
- var _headers = require("./idx/headers");
60
-
61
61
  var _OktaUserAgent = require("./OktaUserAgent");
62
62
 
63
63
  var _parseFromUrl = require("./oidc/parseFromUrl");
@@ -87,10 +87,12 @@ function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj &&
87
87
  */
88
88
 
89
89
  /* global window */
90
+ // eslint-disable-next-line @typescript-eslint/ban-ts-comment
90
91
  // @ts-ignore
91
92
  // Do not use this type in code, so it won't be emitted in the declaration output
92
93
  class OktaAuth {
93
94
  constructor(args) {
95
+ (0, _defineProperty2.default)(this, "features", features);
94
96
  const options = this.options = (0, _options.buildOptions)(args); // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
95
97
 
96
98
  this.storageManager = new _StorageManager.StorageManager(options.storageManager, options.cookies, options.storageUtil);
@@ -253,9 +255,7 @@ class OktaAuth {
253
255
  },
254
256
  canProceed: _idx.canProceed.bind(null, this),
255
257
  unlockAccount: _idx.unlockAccount.bind(null, this)
256
- };
257
- (0, _headers.setGlobalRequestInterceptor)((0, _headers.createGlobalRequestInterceptor)(this)); // to pass custom headers to IDX endpoints
258
- // HTTP
258
+ }; // HTTP
259
259
 
260
260
  this.http = {
261
261
  setRequestHeader: _http.setRequestHeader.bind(null, this)
@@ -738,14 +738,13 @@ class OktaAuth {
738
738
  return (0, _http.httpRequest)(this, options);
739
739
  }
740
740
 
741
- } // Hoist feature detection functions to static type
742
-
743
-
744
- OktaAuth.features = OktaAuth.prototype.features = features; // Hoist crypto utils to static type
741
+ } // Hoist feature detection functions to prototype & static type
745
742
 
746
- OktaAuth.crypto = crypto; // Hoist webauthn utils to static type
747
743
 
748
- OktaAuth.webauthn = webauthn; // Also hoist constants for CommonJS users
744
+ (0, _defineProperty2.default)(OktaAuth, "features", features);
745
+ (0, _defineProperty2.default)(OktaAuth, "crypto", crypto);
746
+ (0, _defineProperty2.default)(OktaAuth, "webauthn", webauthn);
747
+ OktaAuth.features = OktaAuth.prototype.features = features; // Also hoist constants for CommonJS users
749
748
 
750
749
  (0, _assign.default)(OktaAuth, {
751
750
  constants
package/cjs/OktaAuth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/OktaAuth.ts"],"names":["OktaAuth","constructor","args","options","storageManager","StorageManager","cookies","storageUtil","transactionManager","TransactionManager","_oktaUserAgent","OktaUserAgent","tx","status","transactionStatus","bind","resume","resumeTransaction","exists","transactionExists","_get","name","storage","get","introspect","introspectAuthn","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","getPKCEStorage","getLegacyPKCEStorage","getHttpCache","_pending","handleLogin","redirectUri","window","location","origin","maxClockSkew","DEFAULT_MAX_CLOCK_SKEW","ignoreLifetime","session","close","closeSession","sessionExists","getSession","refresh","refreshSession","setCookieAndRedirect","_tokenQueue","PromiseQueue","useQueue","method","prototype","push","getWithRedirectFn","getWithRedirect","getWithRedirectApi","_setLocation","url","parseFromUrlFn","parseFromUrl","parseFromUrlApi","_getHistory","history","_getLocation","_getDocument","document","token","prepareTokenParams","exchangeCodeForTokens","getWithoutPrompt","getWithPopup","decode","decodeToken","revoke","revokeToken","renew","renewToken","renewTokensWithRefresh","renewTokens","getUserInfo","verify","verifyToken","isLoginRedirect","syncMethods","forEach","key","boundStartTransaction","startTransaction","idx","interact","authenticate","register","start","poll","proceed","cancel","recoverPassword","handleInteractionCodeRedirect","isInteractionRequired","isInteractionRequiredError","handleEmailVerifyCallback","isEmailVerifyCallback","parseEmailVerifyCallback","isEmailVerifyCallbackError","getSavedTransactionMeta","createTransactionMeta","getTransactionMeta","saveTransactionMeta","clearTransactionMeta","isTransactionMetaValid","setFlow","flow","getFlow","canProceed","unlockAccount","http","setRequestHeader","fingerprint","emitter","Emitter","tokenManager","TokenManager","authStateManager","AuthStateManager","serviceManager","ServiceManager","services","updateAuthState","stop","setHeaders","headers","signIn","opts","signInWithCredentials","_postToTransaction","sendFingerprint","then","signInWithRedirect","originalUri","additionalParams","setOriginalUri","params","scopes","clear","catch","e","errorCode","revokeAccessToken","accessToken","getTokens","accessTokenKey","getStorageKeyByType","remove","resolve","revokeRefreshToken","refreshToken","refreshTokenKey","getSignOutRedirectUrl","idToken","postLogoutRedirectUri","state","getTokensSync","logoutUrl","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","currentUri","href","reload","assign","clearTokensBeforeRedirect","addPendingRemoveFlags","webfinger","isAuthenticated","autoRenew","autoRemove","getOptions","shouldRenew","onExpiredToken","shouldRemove","hasExpired","undefined","getUser","getIdToken","getAccessToken","getRefreshToken","storeTokensFromRedirect","tokens","setTokens","sessionStorage","browserStorage","getSessionStorage","setItem","REFERRER_PATH_STORAGE_KEY","sharedStorage","getOriginalUriStorage","getOriginalUri","getItem","removeOriginalUri","removeItem","handleLoginRedirect","oAuthResponse","restoreOriginalUri","replace","isPKCE","hasResponseType","responseType","Array","isArray","length","isAuthorizationCodeFlow","getIssuerOrigin","issuer","split","forgotPassword","verifyRecoveryToken","invokeApiMethod","features","crypto","webauthn","constants"],"mappings":";;;;;;;;;;;;;;;;;;AAeA;;AAuCA;;AAQA;;AACA;;AAOA;;AAmBA;;AAEA;;AACA;;AACA;;AACA;;AAKA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAkBA;;AACA;;AACA;;AACA;;AAUA;;;;;;AA3IA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AA4HA;AACA;AAGA,MAAMA,QAAN,CAAmE;AAsBjEC,EAAAA,WAAW,CAACC,IAAD,EAAwB;AACjC,UAAMC,OAAO,GAAG,KAAKA,OAAL,GAAe,2BAAaD,IAAb,CAA/B,CADiC,CAEjC;;AACA,SAAKE,cAAL,GAAsB,IAAIC,8BAAJ,CAAmBF,OAAO,CAACC,cAA3B,EAA4CD,OAAO,CAACG,OAApD,EAA8DH,OAAO,CAACI,WAAtE,CAAtB;AACA,SAAKC,kBAAL,GAA0B,IAAIC,2BAAJ,CAAuB,qBAAc;AAC7DL,MAAAA,cAAc,EAAE,KAAKA;AADwC,KAAd,EAE9CD,OAAO,CAACK,kBAFsC,CAAvB,CAA1B;AAGA,SAAKE,cAAL,GAAsB,IAAIC,4BAAJ,EAAtB;AAEA,SAAKC,EAAL,GAAU;AACRC,MAAAA,MAAM,EAAEC,sBAAkBC,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CADA;AAERC,MAAAA,MAAM,EAAEC,sBAAkBF,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAFA;AAGRG,MAAAA,MAAM,EAAE,qBAAcC,sBAAkBJ,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAAd,EAAkD;AACxDK,QAAAA,IAAI,EAAGC,IAAD,IAAU;AACd;AACA,gBAAMC,OAAO,GAAGnB,OAAO,CAACI,WAAR,CAAqBe,OAArC;AACA,iBAAOA,OAAO,CAACC,GAAR,CAAYF,IAAZ,CAAP;AACD;AALuD,OAAlD,CAHA;AAURG,MAAAA,UAAU,EAAEC,oBAAgBV,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAVJ,KAAV;AAaA,SAAKW,IAAL,GAAY;AACVC,MAAAA,6BAA6B,EAAEC,cAAKD,6BAD1B;AAEVE,MAAAA,gBAAgB,EAAED,cAAKC,gBAFb;AAGVC,MAAAA,gBAAgB,EAAEF,cAAKE;AAHb,KAAZ,CAtBiC,CA4BjC;;AACA,yBAAc,KAAK3B,OAAL,CAAaI,WAA3B,EAAwC;AACtCwB,MAAAA,cAAc,EAAE,KAAK3B,cAAL,CAAoB4B,oBAApB,CAAyCjB,IAAzC,CAA8C,KAAKX,cAAnD,CADsB;AAEtC6B,MAAAA,YAAY,EAAE,KAAK7B,cAAL,CAAoB6B,YAApB,CAAiClB,IAAjC,CAAsC,KAAKX,cAA3C;AAFwB,KAAxC;AAKA,SAAK8B,QAAL,GAAgB;AAAEC,MAAAA,WAAW,EAAE;AAAf,KAAhB;;AAEA,QAAI,yBAAJ,EAAiB;AACf,WAAKhC,OAAL,GAAe,qBAAc,KAAKA,OAAnB,EAA4B;AACzCiC,QAAAA,WAAW,EAAE,yBAAclC,IAAI,CAACkC,WAAnB,EAAgCC,MAAM,CAACC,QAAP,CAAgBC,MAAhD,CAD4B,CAC6B;;AAD7B,OAA5B,CAAf;AAGD,KAxCgC,CA0CjC;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,QAAI,CAACrC,IAAI,CAACsC,YAAN,IAAsBtC,IAAI,CAACsC,YAAL,KAAsB,CAAhD,EAAmD;AACjD,WAAKrC,OAAL,CAAaqC,YAAb,GAA4BC,gCAA5B;AACD,KAFD,MAEO;AACL,WAAKtC,OAAL,CAAaqC,YAAb,GAA4BtC,IAAI,CAACsC,YAAjC;AACD,KArDgC,CAuDjC;AACA;AACA;;;AACA,SAAKrC,OAAL,CAAauC,cAAb,GAA8B,CAAC,CAACxC,IAAI,CAACwC,cAArC;AAEA,SAAKC,OAAL,GAAe;AACbC,MAAAA,KAAK,EAAEC,sBAAa9B,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CADM;AAEbG,MAAAA,MAAM,EAAE4B,uBAAc/B,IAAd,CAAmB,IAAnB,EAAyB,IAAzB,CAFK;AAGbQ,MAAAA,GAAG,EAAEwB,oBAAWhC,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAHQ;AAIbiC,MAAAA,OAAO,EAAEC,wBAAelC,IAAf,CAAoB,IAApB,EAA0B,IAA1B,CAJI;AAKbmC,MAAAA,oBAAoB,EAAEA,8BAAqBnC,IAArB,CAA0B,IAA1B,EAAgC,IAAhC;AALT,KAAf;AAQA,SAAKoC,WAAL,GAAmB,IAAIC,qBAAJ,EAAnB;;AACA,UAAMC,QAAQ,GAAIC,MAAD,IAAY;AAC3B,aAAOF,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4BzC,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAP;AACD,KAFD,CArEiC,CAyEjC;;;AACA,UAAMG,iBAAiB,GAAGJ,QAAQ,CAACK,sBAAgB3C,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAAD,CAAlC;AACA,UAAM4C,kBAAsC,GAAG,qBAAcF,iBAAd,EAAiC;AAC9E;AACAG,MAAAA,YAAY,EAAE,UAASC,GAAT,EAAc;AAC1BxB,QAAAA,MAAM,CAACC,QAAP,GAAkBuB,GAAlB;AACD;AAJ6E,KAAjC,CAA/C,CA3EiC,CAiFjC;;AACA,UAAMC,cAAc,GAAGT,QAAQ,CAACU,mBAAahD,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAAD,CAA/B;AACA,UAAMiD,eAAsC,GAAG,qBAAcF,cAAd,EAA8B;AAC3E;AACAG,MAAAA,WAAW,EAAE,YAAW;AACtB,eAAO5B,MAAM,CAAC6B,OAAd;AACD,OAJ0E;AAM3E;AACAC,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO9B,MAAM,CAACC,QAAd;AACD,OAT0E;AAW3E;AACA8B,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO/B,MAAM,CAACgC,QAAd;AACD;AAd0E,KAA9B,CAA/C;AAgBA,SAAKC,KAAL,GAAa;AACXC,MAAAA,kBAAkB,EAAEA,yBAAmBxD,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CADT;AAEXyD,MAAAA,qBAAqB,EAAEA,4BAAsBzD,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAFZ;AAGX0D,MAAAA,gBAAgB,EAAEA,uBAAiB1D,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAHP;AAIX2D,MAAAA,YAAY,EAAEA,mBAAa3D,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAJH;AAKX2C,MAAAA,eAAe,EAAEC,kBALN;AAMXI,MAAAA,YAAY,EAAEC,eANH;AAOXW,MAAAA,MAAM,EAAEC,iBAPG;AAQXC,MAAAA,MAAM,EAAEC,kBAAY/D,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CARG;AASXgE,MAAAA,KAAK,EAAEC,iBAAWjE,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CATI;AAUXkE,MAAAA,sBAAsB,EAAEA,6BAAuBlE,IAAvB,CAA4B,IAA5B,EAAkC,IAAlC,CAVb;AAWXmE,MAAAA,WAAW,EAAEA,kBAAYnE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAXF;AAYXoE,MAAAA,WAAW,EAAEA,kBAAYpE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAZF;AAaXqE,MAAAA,MAAM,EAAEC,kBAAYtE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAbG;AAcXuE,MAAAA,eAAe,EAAEA,sBAAgBvE,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAdN,KAAb,CAnGiC,CAmHjC;;AACA,UAAMwE,WAAW,GAAG,CAClB;AACA,YAFkB,EAGlB,iBAHkB,EAIlB;AACA,qBALkB,EAMlB,cANkB,CAApB;AAQA,uBAAY,KAAKjB,KAAjB,EAAwBkB,OAAxB,CAAgCC,GAAG,IAAI;AACrC,UAAI,sBAAAF,WAAW,MAAX,CAAAA,WAAW,EAASE,GAAT,CAAX,IAA4B,CAAhC,EAAmC;AAAE;AACnC;AACD;;AACD,UAAInC,MAAM,GAAG,KAAKgB,KAAL,CAAWmB,GAAX,CAAb;AACA,WAAKnB,KAAL,CAAWmB,GAAX,IAAkBrC,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4BzC,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAlB;AACD,KAND,EA5HiC,CAoIjC;;AACA,UAAMoC,qBAAqB,GAAGC,sBAAiB5E,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAA9B;;AACA,SAAK6E,GAAL,GAAW;AACTC,MAAAA,QAAQ,EAAEA,cAAS9E,IAAT,CAAc,IAAd,EAAoB,IAApB,CADD;AAETS,MAAAA,UAAU,EAAEA,gBAAWT,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAFH;AAGT+E,MAAAA,YAAY,EAAEA,kBAAa/E,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAHL;AAITgF,MAAAA,QAAQ,EAAEA,cAAShF,IAAT,CAAc,IAAd,EAAoB,IAApB,CAJD;AAKTiF,MAAAA,KAAK,EAAEN,qBALE;AAMTC,MAAAA,gBAAgB,EAAED,qBANT;AAMgC;AACzCO,MAAAA,IAAI,EAAEA,UAAKlF,IAAL,CAAU,IAAV,EAAgB,IAAhB,CAPG;AAQTmF,MAAAA,OAAO,EAAEA,aAAQnF,IAAR,CAAa,IAAb,EAAmB,IAAnB,CARA;AASToF,MAAAA,MAAM,EAAEA,YAAOpF,IAAP,CAAY,IAAZ,EAAkB,IAAlB,CATC;AAUTqF,MAAAA,eAAe,EAAEA,qBAAgBrF,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAVR;AAYT;AACAsF,MAAAA,6BAA6B,EAAEA,mCAA8BtF,IAA9B,CAAmC,IAAnC,EAAyC,IAAzC,CAbtB;AAeT;AACAuF,MAAAA,qBAAqB,EAAEA,4BAAsBvF,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAhBd;AAiBTwF,MAAAA,0BAA0B,EAA1BA,gCAjBS;AAmBT;AACAC,MAAAA,yBAAyB,EAAEA,+BAA0BzF,IAA1B,CAA+B,IAA/B,EAAqC,IAArC,CApBlB;AAqBT0F,MAAAA,qBAAqB,EAArBA,0BArBS;AAsBTC,MAAAA,wBAAwB,EAAxBA,6BAtBS;AAuBTC,MAAAA,0BAA0B,EAA1BA,+BAvBS;AAyBTC,MAAAA,uBAAuB,EAAEA,yCAAwB7F,IAAxB,CAA6B,IAA7B,EAAmC,IAAnC,CAzBhB;AA0BT8F,MAAAA,qBAAqB,EAAEA,uCAAsB9F,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CA1Bd;AA2BT+F,MAAAA,kBAAkB,EAAEA,oCAAmB/F,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CA3BX;AA4BTgG,MAAAA,mBAAmB,EAAEA,qCAAoBhG,IAApB,CAAyB,IAAzB,EAA+B,IAA/B,CA5BZ;AA6BTiG,MAAAA,oBAAoB,EAAEA,sCAAqBjG,IAArB,CAA0B,IAA1B,EAAgC,IAAhC,CA7Bb;AA8BTkG,MAAAA,sBAAsB,EAAtBA,uCA9BS;AA+BTC,MAAAA,OAAO,EAAGC,IAAD,IAA0B;AACjC,aAAKhH,OAAL,CAAagH,IAAb,GAAoBA,IAApB;AACD,OAjCQ;AAkCTC,MAAAA,OAAO,EAAE,MAAkC;AACzC,eAAO,KAAKjH,OAAL,CAAagH,IAApB;AACD,OApCQ;AAqCTE,MAAAA,UAAU,EAAEA,gBAAWtG,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CArCH;AAsCTuG,MAAAA,aAAa,EAAEA,mBAAcvG,IAAd,CAAmB,IAAnB,EAAyB,IAAzB;AAtCN,KAAX;AAyCA,8CAA4B,6CAA+B,IAA/B,CAA5B,EA/KiC,CA+KkC;AAEnE;;AACA,SAAKwG,IAAL,GAAY;AACVC,MAAAA,gBAAgB,EAAEA,uBAAiBzG,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AADR,KAAZ,CAlLiC,CAsLjC;;AACA,SAAK0G,WAAL,GAAmBA,qBAAY1G,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAAnB;AAEA,SAAK2G,OAAL,GAAe,IAAIC,oBAAJ,EAAf,CAzLiC,CA2LjC;;AACA,SAAKC,YAAL,GAAoB,IAAIC,0BAAJ,CAAiB,IAAjB,EAAuB3H,IAAI,CAAC0H,YAA5B,CAApB,CA5LiC,CA8LjC;;AACA,SAAKE,gBAAL,GAAwB,IAAIC,kCAAJ,CAAqB,IAArB,CAAxB,CA/LiC,CAiMjC;;AACA,SAAKC,cAAL,GAAsB,IAAIC,8BAAJ,CAAmB,IAAnB,EAAyB/H,IAAI,CAACgI,QAA9B,CAAtB;AACD;;AAEDlC,EAAAA,KAAK,GAAG;AACN;AACA,SAAK4B,YAAL,CAAkB5B,KAAlB;;AACA,QAAI,CAAC,KAAK1B,KAAL,CAAWgB,eAAX,EAAL,EAAmC;AACjC,WAAKwC,gBAAL,CAAsBK,eAAtB;AACD;;AACD,SAAKH,cAAL,CAAoBhC,KAApB;AACD;;AAEDoC,EAAAA,IAAI,GAAG;AACL;AACA,SAAKR,YAAL,CAAkBQ,IAAlB;AACA,SAAKJ,cAAL,CAAoBI,IAApB;AACD;;AAEDC,EAAAA,UAAU,CAACC,OAAD,EAAU;AAClB,SAAKnI,OAAL,CAAamI,OAAb,GAAuB,qBAAc,EAAd,EAAkB,KAAKnI,OAAL,CAAamI,OAA/B,EAAwCA,OAAxC,CAAvB;AACD,GA5OgE,CA+OjE;;;AACY,QAANC,MAAM,CAACC,IAAD,EAAgD;AAC1D,WAAO,KAAKC,qBAAL,CAA2BD,IAA3B,CAAP;AACD,GAlPgE,CAoPjE;;;AAC2B,QAArBC,qBAAqB,CAACD,IAAD,EAA+D;AACxFA,IAAAA,IAAI,GAAG,iBAAMA,IAAI,IAAI,EAAd,CAAP;;AACA,UAAME,kBAAkB,GAAIvI,OAAD,IAAc;AACvC,aAAOqI,IAAI,CAACG,eAAZ;AACA,aAAO,2BAAkB,IAAlB,EAAwB,eAAxB,EAAyCH,IAAzC,EAA+CrI,OAA/C,CAAP;AACD,KAHD;;AAIA,QAAI,CAACqI,IAAI,CAACG,eAAV,EAA2B;AACzB,aAAOD,kBAAkB,EAAzB;AACD;;AACD,WAAO,KAAKjB,WAAL,GACNmB,IADM,CACD,UAASnB,WAAT,EAAsB;AAC1B,aAAOiB,kBAAkB,CAAC;AACxBJ,QAAAA,OAAO,EAAE;AACP,kCAAwBb;AADjB;AADe,OAAD,CAAzB;AAKD,KAPM,CAAP;AAQD;;AAEuB,QAAlBoB,kBAAkB,CAACL,IAA+B,GAAG,EAAnC,EAAuC;AAC7D,UAAM;AAAEM,MAAAA,WAAF;AAAe,SAAGC;AAAlB,QAAuCP,IAA7C;;AACA,QAAG,KAAKtG,QAAL,CAAcC,WAAjB,EAA8B;AAC5B;AACA;AACD;;AAED,SAAKD,QAAL,CAAcC,WAAd,GAA4B,IAA5B;;AACA,QAAI;AACF;AACA,UAAI2G,WAAJ,EAAiB;AACf,aAAKE,cAAL,CAAoBF,WAApB;AACD;;AACD,YAAMG,MAAM,GAAG,qBAAc;AAC3B;AACAC,QAAAA,MAAM,EAAE,KAAK/I,OAAL,CAAa+I,MAAb,IAAuB,CAAC,QAAD,EAAW,OAAX,EAAoB,SAApB;AAFJ,OAAd,EAGZH,gBAHY,CAAf;AAIA,YAAM,KAAKzE,KAAL,CAAWZ,eAAX,CAA2BuF,MAA3B,CAAN;AACD,KAVD,SAUU;AACR,WAAK/G,QAAL,CAAcC,WAAd,GAA4B,KAA5B;AACD;AACF,GA7RgE,CA+RjE;;;AACAU,EAAAA,YAAY,GAAqB;AAC/B,WAAO,KAAKF,OAAL,CAAaC,KAAb,GAAqB;AAArB,KACNgG,IADM,CACD,YAAY;AAChB;AACA,WAAKhB,YAAL,CAAkBuB,KAAlB;AACD,KAJM,EAKNC,KALM,CAKA,UAASC,CAAT,EAAY;AACjB,UAAIA,CAAC,CAAChI,IAAF,KAAW,cAAX,IAA6BgI,CAAC,CAACC,SAAF,KAAgB,UAAjD,EAA6D;AAC3D;AACA,eAAO,IAAP;AACD;;AACD,YAAMD,CAAN;AACD,KAXM,CAAP;AAYD,GA7SgE,CA+SjE;;;AACuB,QAAjBE,iBAAiB,CAACC,WAAD,EAA8C;AACnE,QAAI,CAACA,WAAL,EAAkB;AAChBA,MAAAA,WAAW,GAAG,CAAC,MAAM,KAAK5B,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCD,WAApD;AACA,YAAME,cAAc,GAAG,KAAK9B,YAAL,CAAkB+B,mBAAlB,CAAsC,aAAtC,CAAvB;AACA,WAAK/B,YAAL,CAAkBgC,MAAlB,CAAyBF,cAAzB;AACD,KALkE,CAMnE;;;AACA,QAAI,CAACF,WAAL,EAAkB;AAChB,aAAO,iBAAQK,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKvF,KAAL,CAAWO,MAAX,CAAkB2E,WAAlB,CAAP;AACD,GA3TgE,CA6TjE;;;AACwB,QAAlBM,kBAAkB,CAACC,YAAD,EAAgD;AACtE,QAAI,CAACA,YAAL,EAAmB;AACjBA,MAAAA,YAAY,GAAG,CAAC,MAAM,KAAKnC,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCM,YAArD;AACA,YAAMC,eAAe,GAAG,KAAKpC,YAAL,CAAkB+B,mBAAlB,CAAsC,cAAtC,CAAxB;AACA,WAAK/B,YAAL,CAAkBgC,MAAlB,CAAyBI,eAAzB;AACD,KALqE,CAMtE;;;AACA,QAAI,CAACD,YAAL,EAAmB;AACjB,aAAO,iBAAQF,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKvF,KAAL,CAAWO,MAAX,CAAkBkF,YAAlB,CAAP;AACD;;AAEDE,EAAAA,qBAAqB,CAAC9J,OAAkC,GAAG,EAAtC,EAA0C;AAC7D,QAAI;AACF+J,MAAAA,OADE;AAEFC,MAAAA,qBAFE;AAGFC,MAAAA;AAHE,QAIAjK,OAJJ;;AAKA,QAAI,CAAC+J,OAAL,EAAc;AACZA,MAAAA,OAAO,GAAG,KAAKtC,YAAL,CAAkByC,aAAlB,GAAkCH,OAA5C;AACD;;AACD,QAAI,CAACA,OAAL,EAAc;AACZ,aAAO,EAAP;AACD;;AACD,QAAI,CAACC,qBAAL,EAA4B;AAC1BA,MAAAA,qBAAqB,GAAG,KAAKhK,OAAL,CAAagK,qBAArC;AACD;;AAED,UAAMG,SAAS,GAAG,wBAAa,IAAb,EAAmBA,SAArC;AACA,UAAMC,WAAW,GAAGL,OAAO,CAACA,OAA5B,CAjB6D,CAiBxB;;AACrC,QAAIM,SAAS,GAAGF,SAAS,GAAG,iBAAZ,GAAgCG,kBAAkB,CAACF,WAAD,CAAlE;;AACA,QAAIJ,qBAAJ,EAA2B;AACzBK,MAAAA,SAAS,IAAI,+BAA+BC,kBAAkB,CAACN,qBAAD,CAA9D;AACD,KArB4D,CAsB7D;;;AACA,QAAIC,KAAJ,EAAW;AACTI,MAAAA,SAAS,IAAI,YAAYC,kBAAkB,CAACL,KAAD,CAA3C;AACD;;AAED,WAAOI,SAAP;AACD,GAvWgE,CAyWjE;;;AACa,QAAPE,OAAO,CAACvK,OAAD,EAA2B;AACtCA,IAAAA,OAAO,GAAG,qBAAc,EAAd,EAAkBA,OAAlB,CAAV,CADsC,CAGtC;;AACA,QAAIwK,UAAU,GAAGtI,MAAM,CAACC,QAAP,CAAgBC,MAAjC;AACA,QAAIqI,UAAU,GAAGvI,MAAM,CAACC,QAAP,CAAgBuI,IAAjC;AACA,QAAIV,qBAAqB,GAAGhK,OAAO,CAACgK,qBAAR,IACvB,KAAKhK,OAAL,CAAagK,qBADU,IAEvBQ,UAFL;AAIA,QAAInB,WAAW,GAAGrJ,OAAO,CAACqJ,WAA1B;AACA,QAAIO,YAAY,GAAG5J,OAAO,CAAC4J,YAA3B;AACA,QAAIR,iBAAiB,GAAGpJ,OAAO,CAACoJ,iBAAR,KAA8B,KAAtD;AACA,QAAIO,kBAAkB,GAAG3J,OAAO,CAAC2J,kBAAR,KAA+B,KAAxD;;AAEA,QAAIA,kBAAkB,IAAI,OAAOC,YAAP,KAAwB,WAAlD,EAA+D;AAC7DA,MAAAA,YAAY,GAAG,KAAKnC,YAAL,CAAkByC,aAAlB,GAAkCN,YAAjD;AACD;;AAED,QAAIR,iBAAiB,IAAI,OAAOC,WAAP,KAAuB,WAAhD,EAA6D;AAC3DA,MAAAA,WAAW,GAAG,KAAK5B,YAAL,CAAkByC,aAAlB,GAAkCb,WAAhD;AACD;;AAED,QAAI,CAACrJ,OAAO,CAAC+J,OAAb,EAAsB;AACpB/J,MAAAA,OAAO,CAAC+J,OAAR,GAAkB,KAAKtC,YAAL,CAAkByC,aAAlB,GAAkCH,OAApD;AACD;;AAED,QAAIJ,kBAAkB,IAAIC,YAA1B,EAAwC;AACtC,YAAM,KAAKD,kBAAL,CAAwBC,YAAxB,CAAN;AACD;;AAED,QAAIR,iBAAiB,IAAIC,WAAzB,EAAsC;AACpC,YAAM,KAAKD,iBAAL,CAAuBC,WAAvB,CAAN;AACD;;AAED,UAAMgB,SAAS,GAAG,KAAKP,qBAAL,CAA2B,EAAE,GAAG9J,OAAL;AAAcgK,MAAAA;AAAd,KAA3B,CAAlB,CAnCsC,CAoCtC;AACA;;AACA,QAAI,CAACK,SAAL,EAAgB;AACd;AACA,aAAO,KAAK3H,YAAL,GAAoB;AAApB,OACN+F,IADM,CACD,YAAW;AACf,YAAIuB,qBAAqB,KAAKS,UAA9B,EAA0C;AACxCvI,UAAAA,MAAM,CAACC,QAAP,CAAgBwI,MAAhB,GADwC,CACd;AAC3B,SAFD,MAEO;AACLzI,UAAAA,MAAM,CAACC,QAAP,CAAgByI,MAAhB,CAAuBZ,qBAAvB;AACD;AACF,OAPM,CAAP;AAQD,KAVD,MAUO;AACL,UAAIhK,OAAO,CAAC6K,yBAAZ,EAAuC;AACrC;AACA,aAAKpD,YAAL,CAAkBuB,KAAlB;AACD,OAHD,MAGO;AACL,aAAKvB,YAAL,CAAkBqD,qBAAlB;AACD,OANI,CAOL;;;AACA5I,MAAAA,MAAM,CAACC,QAAP,CAAgByI,MAAhB,CAAuBP,SAAvB;AACD;AACF;;AAEDU,EAAAA,SAAS,CAAC1C,IAAD,EAAwB;AAC/B,QAAI3E,GAAG,GAAG,2BAA2B,yBAAc2E,IAAd,CAArC;AACA,QAAIrI,OAAO,GAAG;AACZmI,MAAAA,OAAO,EAAE;AACP,kBAAU;AADH;AADG,KAAd;AAKA,WAAO,eAAI,IAAJ,EAAUzE,GAAV,EAAe1D,OAAf,CAAP;AACD,GA9agE,CAgbjE;AACA;AACA;AAEA;AACA;;;AACqB,QAAfgL,eAAe,CAAChL,OAA+B,GAAG,EAAnC,EAAyD;AAC5E;AACA,UAAM;AAAEiL,MAAAA,SAAF;AAAaC,MAAAA;AAAb,QAA4B,KAAKzD,YAAL,CAAkB0D,UAAlB,EAAlC;AAEA,UAAMC,WAAW,GAAGpL,OAAO,CAACqL,cAAR,GAAyBrL,OAAO,CAACqL,cAAR,KAA2B,OAApD,GAA8DJ,SAAlF;AACA,UAAMK,YAAY,GAAGtL,OAAO,CAACqL,cAAR,GAAyBrL,OAAO,CAACqL,cAAR,KAA2B,QAApD,GAA+DH,UAApF;AAEA,QAAI;AAAE7B,MAAAA;AAAF,QAAkB,KAAK5B,YAAL,CAAkByC,aAAlB,EAAtB;;AACA,QAAIb,WAAW,IAAI,KAAK5B,YAAL,CAAkB8D,UAAlB,CAA6BlC,WAA7B,CAAnB,EAA8D;AAC5DA,MAAAA,WAAW,GAAGmC,SAAd;;AACA,UAAIJ,WAAJ,EAAiB;AACf,YAAI;AACF/B,UAAAA,WAAW,GAAG,MAAM,KAAK5B,YAAL,CAAkB7C,KAAlB,CAAwB,aAAxB,CAApB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAI0G,YAAJ,EAAkB;AACvB,aAAK7D,YAAL,CAAkBgC,MAAlB,CAAyB,aAAzB;AACD;AACF;;AAED,QAAI;AAAEM,MAAAA;AAAF,QAAc,KAAKtC,YAAL,CAAkByC,aAAlB,EAAlB;;AACA,QAAIH,OAAO,IAAI,KAAKtC,YAAL,CAAkB8D,UAAlB,CAA6BxB,OAA7B,CAAf,EAAsD;AACpDA,MAAAA,OAAO,GAAGyB,SAAV;;AACA,UAAIJ,WAAJ,EAAiB;AACf,YAAI;AACFrB,UAAAA,OAAO,GAAG,MAAM,KAAKtC,YAAL,CAAkB7C,KAAlB,CAAwB,SAAxB,CAAhB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAI0G,YAAJ,EAAkB;AACvB,aAAK7D,YAAL,CAAkBgC,MAAlB,CAAyB,SAAzB;AACD;AACF;;AAED,WAAO,CAAC,EAAEJ,WAAW,IAAIU,OAAjB,CAAR;AACD;;AAEY,QAAP0B,OAAO,GAAwB;AACnC,UAAM;AAAE1B,MAAAA,OAAF;AAAWV,MAAAA;AAAX,QAA2B,KAAK5B,YAAL,CAAkByC,aAAlB,EAAjC;AACA,WAAO,KAAK/F,KAAL,CAAWa,WAAX,CAAuBqE,WAAvB,EAAoCU,OAApC,CAAP;AACD;;AAED2B,EAAAA,UAAU,GAAuB;AAC/B,UAAM;AAAE3B,MAAAA;AAAF,QAAc,KAAKtC,YAAL,CAAkByC,aAAlB,EAApB;AACA,WAAOH,OAAO,GAAGA,OAAO,CAACA,OAAX,GAAqByB,SAAnC;AACD;;AAEDG,EAAAA,cAAc,GAAuB;AACnC,UAAM;AAAEtC,MAAAA;AAAF,QAAkB,KAAK5B,YAAL,CAAkByC,aAAlB,EAAxB;AACA,WAAOb,WAAW,GAAGA,WAAW,CAACA,WAAf,GAA6BmC,SAA/C;AACD;;AAEDI,EAAAA,eAAe,GAAuB;AACpC,UAAM;AAAEhC,MAAAA;AAAF,QAAmB,KAAKnC,YAAL,CAAkByC,aAAlB,EAAzB;AACA,WAAON,YAAY,GAAGA,YAAY,CAACA,YAAhB,GAA+B4B,SAAlD;AACD;AAED;AACF;AACA;;;AAC+B,QAAvBK,uBAAuB,GAAkB;AAC7C,UAAM;AAAEC,MAAAA;AAAF,QAAa,MAAM,KAAK3H,KAAL,CAAWP,YAAX,EAAzB;AACA,SAAK6D,YAAL,CAAkBsE,SAAlB,CAA4BD,MAA5B;AACD;;AAEDjD,EAAAA,cAAc,CAACF,WAAD,EAAsBsB,KAAtB,EAA4C;AACxD;AACA,UAAM+B,cAAc,GAAGC,wBAAeC,iBAAf,EAAvB;;AACAF,IAAAA,cAAc,CAACG,OAAf,CAAuBC,mCAAvB,EAAkDzD,WAAlD,EAHwD,CAKxD;;AACAsB,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAKpM,cAAL,CAAoBqM,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACF,OAAd,CAAsBlC,KAAtB,EAA6BtB,WAA7B;AACD;AACF;;AAED4D,EAAAA,cAAc,CAACtC,KAAD,EAAqC;AACjD;AACAA,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAKpM,cAAL,CAAoBqM,qBAApB,EAAtB;AACA,YAAM3D,WAAW,GAAG0D,aAAa,CAACG,OAAd,CAAsBvC,KAAtB,CAApB;;AACA,UAAItB,WAAJ,EAAiB;AACf,eAAOA,WAAP;AACD;AACF,KATgD,CAWjD;;;AACA,UAAMxH,OAAO,GAAG8K,wBAAeC,iBAAf,EAAhB;;AACA,WAAO/K,OAAO,GAAGA,OAAO,CAACqL,OAAR,CAAgBJ,mCAAhB,KAA8CZ,SAAjD,GAA6DA,SAA3E;AACD;;AAEDiB,EAAAA,iBAAiB,CAACxC,KAAD,EAAuB;AACtC;AACA,UAAM9I,OAAO,GAAG8K,wBAAeC,iBAAf,EAAhB;;AACA/K,IAAAA,OAAO,CAACuL,UAAR,CAAmBN,mCAAnB,EAHsC,CAKtC;;AACAnC,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAKpM,cAAL,CAAoBqM,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACK,UAAd,IAA4BL,aAAa,CAACK,UAAd,CAAyBzC,KAAzB,CAA5B;AACD;AACF;;AAED9E,EAAAA,eAAe,GAAY;AACzB,WAAO,2BAAgB,IAAhB,CAAP;AACD;;AAEwB,QAAnBwH,mBAAmB,CAACb,MAAD,EAAkBnD,WAAlB,EAAuD;AAC9E,QAAIsB,KAAK,GAAG,KAAKjK,OAAL,CAAaiK,KAAzB,CAD8E,CAG9E;;AACA,QAAI6B,MAAJ,EAAY;AACV,WAAKrE,YAAL,CAAkBsE,SAAlB,CAA4BD,MAA5B;AACAnD,MAAAA,WAAW,GAAGA,WAAW,IAAI,KAAK4D,cAAL,CAAoB,KAAKvM,OAAL,CAAaiK,KAAjC,CAA7B;AACD,KAHD,MAGO,IAAI,KAAK9E,eAAL,EAAJ,EAA4B;AACjC,UAAI;AACF;AACA,cAAMyH,aAAa,GAAG,MAAM,6CAA0B,IAA1B,EAAgC,EAAhC,CAA5B;AACA3C,QAAAA,KAAK,GAAG2C,aAAa,CAAC3C,KAAtB;AACAtB,QAAAA,WAAW,GAAGA,WAAW,IAAI,KAAK4D,cAAL,CAAoBtC,KAApB,CAA7B;AACA,cAAM,KAAK4B,uBAAL,EAAN;AACD,OAND,CAME,OAAM3C,CAAN,EAAS;AACT;AACA,cAAM,KAAKvB,gBAAL,CAAsBK,eAAtB,EAAN;AACA,cAAMkB,CAAN;AACD;AACF,KAZM,MAYA;AACL,aADK,CACG;AACT,KArB6E,CAuB9E;;;AACA,UAAM,KAAKvB,gBAAL,CAAsBK,eAAtB,EAAN,CAxB8E,CA0B9E;;AACA,SAAKyE,iBAAL,CAAuBxC,KAAvB,EA3B8E,CA6B9E;;AACA,UAAM;AAAE4C,MAAAA;AAAF,QAAyB,KAAK7M,OAApC;;AACA,QAAI6M,kBAAJ,EAAwB;AACtB,YAAMA,kBAAkB,CAAC,IAAD,EAAOlE,WAAP,CAAxB;AACD,KAFD,MAEO,IAAIA,WAAJ,EAAiB;AACtBzG,MAAAA,MAAM,CAACC,QAAP,CAAgB2K,OAAhB,CAAwBnE,WAAxB;AACD;AACF;;AAEDoE,EAAAA,MAAM,GAAY;AAChB,WAAO,CAAC,CAAC,KAAK/M,OAAL,CAAauB,IAAtB;AACD;;AAEDyL,EAAAA,eAAe,CAACC,YAAD,EAAgC;AAC7C,QAAID,eAAe,GAAG,KAAtB;;AACA,QAAIE,KAAK,CAACC,OAAN,CAAc,KAAKnN,OAAL,CAAaiN,YAA3B,KAA4C,KAAKjN,OAAL,CAAaiN,YAAb,CAA0BG,MAA1E,EAAkF;AAAA;;AAChFJ,MAAAA,eAAe,GAAG,sCAAKhN,OAAL,CAAaiN,YAAb,iBAAkCA,YAAlC,KAAmD,CAArE;AACD,KAFD,MAEO;AACLD,MAAAA,eAAe,GAAG,KAAKhN,OAAL,CAAaiN,YAAb,KAA8BA,YAAhD;AACD;;AACD,WAAOD,eAAP;AACD;;AAEDK,EAAAA,uBAAuB,GAAY;AACjC,WAAO,KAAKL,eAAL,CAAqB,MAArB,CAAP;AACD,GA5lBgE,CA8lBjE;AACA;AACA;AACA;;;AAEAM,EAAAA,eAAe,GAAW;AACxB;AACA;AACA,WAAO,KAAKtN,OAAL,CAAauN,MAAb,CAAqBC,KAArB,CAA2B,UAA3B,EAAuC,CAAvC,CAAP;AACD,GAvmBgE,CAymBjE;;;AACAC,EAAAA,cAAc,CAACpF,IAAD,EAAiC;AAC7C,WAAO,2BAAkB,IAAlB,EAAwB,iCAAxB,EAA2DA,IAA3D,CAAP;AACD,GA5mBgE,CA8mBjE;;;AACAlB,EAAAA,aAAa,CAACkB,IAAD,EAAwD;AACnE,WAAO,2BAAkB,IAAlB,EAAwB,+BAAxB,EAAyDA,IAAzD,CAAP;AACD,GAjnBgE,CAmnBjE;;;AACAqF,EAAAA,mBAAmB,CAACrF,IAAD,EAA6D;AAC9E,WAAO,2BAAkB,IAAlB,EAAwB,8BAAxB,EAAwDA,IAAxD,CAAP;AACD,GAtnBgE,CAwnBjE;;;AACqB,QAAfsF,eAAe,CAAC3N,OAAD,EAA4C;AAC/D,QAAI,CAACA,OAAO,CAACqJ,WAAb,EAA0B;AACxB,YAAMA,WAAW,GAAG,CAAC,MAAM,KAAK5B,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCD,WAA1D;AACArJ,MAAAA,OAAO,CAACqJ,WAAR,GAAsBA,WAAtB,aAAsBA,WAAtB,uBAAsBA,WAAW,CAAEA,WAAnC;AACD;;AACD,WAAO,uBAAY,IAAZ,EAAkBrJ,OAAlB,CAAP;AACD;;AA/nBgE,C,CAkoBnE;;;AACAH,QAAQ,CAAC+N,QAAT,GAAoB/N,QAAQ,CAACuD,SAAT,CAAmBwK,QAAnB,GAA8BA,QAAlD,C,CAEA;;AACA/N,QAAQ,CAACgO,MAAT,GAAkBA,MAAlB,C,CAEA;;AACAhO,QAAQ,CAACiO,QAAT,GAAoBA,QAApB,C,CAEA;;AACA,qBAAcjO,QAAd,EAAwB;AACtBkO,EAAAA;AADsB,CAAxB;eAIelO,Q","sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* global window */\n\nimport { \n DEFAULT_MAX_CLOCK_SKEW, \n REFERRER_PATH_STORAGE_KEY\n} from './constants';\nimport * as constants from './constants';\nimport {\n OktaAuthInterface,\n OktaAuthOptions, \n AccessToken, \n IDToken,\n RefreshToken,\n TokenAPI, \n FeaturesAPI, \n CryptoAPI,\n WebauthnAPI,\n SignoutAPI, \n FingerprintAPI,\n UserClaims, \n SigninWithRedirectOptions,\n SigninWithCredentialsOptions,\n SignoutOptions,\n Tokens,\n ForgotPasswordOptions,\n VerifyRecoveryTokenOptions,\n TransactionAPI,\n SessionAPI,\n SigninAPI,\n PkceAPI,\n SigninOptions,\n IdxAPI,\n SignoutRedirectUrlOptions,\n HttpAPI,\n FlowIdentifier,\n GetWithRedirectAPI,\n ParseFromUrlInterface,\n GetWithRedirectFunction,\n RequestOptions,\n IsAuthenticatedOptions,\n} from './types';\nimport {\n transactionStatus,\n resumeTransaction,\n transactionExists,\n introspectAuthn,\n postToTransaction,\n AuthTransaction\n} from './tx';\nimport PKCE from './oidc/util/pkce';\nimport {\n closeSession,\n sessionExists,\n getSession,\n refreshSession,\n setCookieAndRedirect\n} from './session';\nimport {\n getOAuthUrls,\n getWithoutPrompt,\n getWithPopup,\n getWithRedirect,\n isLoginRedirect,\n parseFromUrl,\n decodeToken,\n revokeToken,\n renewToken,\n renewTokens,\n renewTokensWithRefresh,\n getUserInfo,\n verifyToken,\n prepareTokenParams,\n exchangeCodeForTokens,\n isInteractionRequiredError,\n isInteractionRequired,\n} from './oidc';\nimport { isBrowser } from './features';\nimport * as features from './features';\nimport * as crypto from './crypto';\nimport * as webauthn from './crypto/webauthn';\nimport browserStorage from './browser/browserStorage';\nimport { \n toQueryString, \n toAbsoluteUrl,\n clone,\n} from './util';\nimport { TokenManager } from './TokenManager';\nimport { ServiceManager } from './ServiceManager';\nimport { get, httpRequest, setRequestHeader } from './http';\nimport PromiseQueue from './PromiseQueue';\nimport fingerprint from './browser/fingerprint';\nimport { AuthStateManager } from './AuthStateManager';\nimport { StorageManager } from './StorageManager';\nimport TransactionManager from './TransactionManager';\nimport { buildOptions } from './options';\nimport {\n interact,\n introspect,\n authenticate,\n cancel,\n poll,\n proceed,\n register,\n recoverPassword,\n unlockAccount,\n startTransaction,\n handleInteractionCodeRedirect,\n canProceed,\n handleEmailVerifyCallback,\n isEmailVerifyCallback,\n parseEmailVerifyCallback,\n isEmailVerifyCallbackError\n} from './idx';\nimport { createGlobalRequestInterceptor, setGlobalRequestInterceptor } from './idx/headers';\nimport { OktaUserAgent } from './OktaUserAgent';\nimport { parseOAuthResponseFromUrl } from './oidc/parseFromUrl';\nimport {\n getSavedTransactionMeta,\n createTransactionMeta,\n getTransactionMeta,\n saveTransactionMeta,\n clearTransactionMeta,\n isTransactionMetaValid\n} from './idx/transactionMeta';\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport Emitter from 'tiny-emitter';\n\nclass OktaAuth implements OktaAuthInterface, SigninAPI, SignoutAPI {\n options: OktaAuthOptions;\n storageManager: StorageManager;\n transactionManager: TransactionManager;\n tx: TransactionAPI;\n idx: IdxAPI;\n session: SessionAPI;\n pkce: PkceAPI;\n static features: FeaturesAPI;\n static crypto: CryptoAPI;\n static webauthn: WebauthnAPI;\n features!: FeaturesAPI;\n token: TokenAPI;\n _tokenQueue: PromiseQueue;\n emitter: any;\n tokenManager: TokenManager;\n authStateManager: AuthStateManager;\n serviceManager: ServiceManager;\n http: HttpAPI;\n fingerprint: FingerprintAPI;\n _oktaUserAgent: OktaUserAgent;\n _pending: { handleLogin: boolean };\n constructor(args: OktaAuthOptions) {\n const options = this.options = buildOptions(args);\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.storageManager = new StorageManager(options.storageManager!, options.cookies!, options.storageUtil!);\n this.transactionManager = new TransactionManager(Object.assign({\n storageManager: this.storageManager,\n }, options.transactionManager));\n this._oktaUserAgent = new OktaUserAgent();\n\n this.tx = {\n status: transactionStatus.bind(null, this),\n resume: resumeTransaction.bind(null, this),\n exists: Object.assign(transactionExists.bind(null, this), {\n _get: (name) => {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const storage = options.storageUtil!.storage;\n return storage.get(name);\n }\n }),\n introspect: introspectAuthn.bind(null, this)\n };\n\n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n\n // Add shims for compatibility, these will be removed in next major version. OKTA-362589\n Object.assign(this.options.storageUtil, {\n getPKCEStorage: this.storageManager.getLegacyPKCEStorage.bind(this.storageManager),\n getHttpCache: this.storageManager.getHttpCache.bind(this.storageManager),\n });\n\n this._pending = { handleLogin: false };\n\n if (isBrowser()) {\n this.options = Object.assign(this.options, {\n redirectUri: toAbsoluteUrl(args.redirectUri, window.location.origin), // allow relative URIs\n });\n }\n\n // Digital clocks will drift over time, so the server\n // can misalign with the time reported by the browser.\n // The maxClockSkew allows relaxing the time-based\n // validation of tokens (in seconds, not milliseconds).\n // It currently defaults to 300, because 5 min is the\n // default maximum tolerance allowed by Kerberos.\n // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n if (!args.maxClockSkew && args.maxClockSkew !== 0) {\n this.options.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n } else {\n this.options.maxClockSkew = args.maxClockSkew;\n }\n\n // As some end user's devices can have their date \n // and time incorrectly set, allow for the disabling\n // of the jwt liftetime validation\n this.options.ignoreLifetime = !!args.ignoreLifetime;\n\n this.session = {\n close: closeSession.bind(null, this),\n exists: sessionExists.bind(null, this),\n get: getSession.bind(null, this),\n refresh: refreshSession.bind(null, this),\n setCookieAndRedirect: setCookieAndRedirect.bind(null, this)\n };\n\n this._tokenQueue = new PromiseQueue();\n const useQueue = (method) => {\n return PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n };\n\n // eslint-disable-next-line max-len\n const getWithRedirectFn = useQueue(getWithRedirect.bind(null, this)) as GetWithRedirectFunction;\n const getWithRedirectApi: GetWithRedirectAPI = Object.assign(getWithRedirectFn, {\n // This is exposed so we can set window.location in our tests\n _setLocation: function(url) {\n window.location = url;\n }\n });\n // eslint-disable-next-line max-len\n const parseFromUrlFn = useQueue(parseFromUrl.bind(null, this)) as ParseFromUrlInterface;\n const parseFromUrlApi: ParseFromUrlInterface = Object.assign(parseFromUrlFn, {\n // This is exposed so we can mock getting window.history in our tests\n _getHistory: function() {\n return window.history;\n },\n\n // This is exposed so we can mock getting window.location in our tests\n _getLocation: function() {\n return window.location;\n },\n\n // This is exposed so we can mock getting window.document in our tests\n _getDocument: function() {\n return window.document;\n }\n });\n this.token = {\n prepareTokenParams: prepareTokenParams.bind(null, this),\n exchangeCodeForTokens: exchangeCodeForTokens.bind(null, this),\n getWithoutPrompt: getWithoutPrompt.bind(null, this),\n getWithPopup: getWithPopup.bind(null, this),\n getWithRedirect: getWithRedirectApi,\n parseFromUrl: parseFromUrlApi,\n decode: decodeToken,\n revoke: revokeToken.bind(null, this),\n renew: renewToken.bind(null, this),\n renewTokensWithRefresh: renewTokensWithRefresh.bind(null, this),\n renewTokens: renewTokens.bind(null, this),\n getUserInfo: getUserInfo.bind(null, this),\n verify: verifyToken.bind(null, this),\n isLoginRedirect: isLoginRedirect.bind(null, this)\n };\n // Wrap all async token API methods using MethodQueue to avoid issues with concurrency\n const syncMethods = [\n // sync methods\n 'decode',\n 'isLoginRedirect',\n // already bound\n 'getWithRedirect',\n 'parseFromUrl'\n ];\n Object.keys(this.token).forEach(key => {\n if (syncMethods.indexOf(key) >= 0) { // sync methods should not be wrapped\n return;\n }\n var method = this.token[key];\n this.token[key] = PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n });\n\n // IDX\n const boundStartTransaction = startTransaction.bind(null, this);\n this.idx = {\n interact: interact.bind(null, this),\n introspect: introspect.bind(null, this),\n authenticate: authenticate.bind(null, this),\n register: register.bind(null, this),\n start: boundStartTransaction,\n startTransaction: boundStartTransaction, // Use `start` instead. `startTransaction` will be removed in 7.0\n poll: poll.bind(null, this),\n proceed: proceed.bind(null, this),\n cancel: cancel.bind(null, this),\n recoverPassword: recoverPassword.bind(null, this),\n\n // oauth redirect callback\n handleInteractionCodeRedirect: handleInteractionCodeRedirect.bind(null, this),\n\n // interaction required callback\n isInteractionRequired: isInteractionRequired.bind(null, this),\n isInteractionRequiredError,\n\n // email verify callback\n handleEmailVerifyCallback: handleEmailVerifyCallback.bind(null, this),\n isEmailVerifyCallback,\n parseEmailVerifyCallback,\n isEmailVerifyCallbackError,\n \n getSavedTransactionMeta: getSavedTransactionMeta.bind(null, this),\n createTransactionMeta: createTransactionMeta.bind(null, this),\n getTransactionMeta: getTransactionMeta.bind(null, this),\n saveTransactionMeta: saveTransactionMeta.bind(null, this),\n clearTransactionMeta: clearTransactionMeta.bind(null, this),\n isTransactionMetaValid,\n setFlow: (flow: FlowIdentifier) => {\n this.options.flow = flow;\n },\n getFlow: (): FlowIdentifier | undefined => {\n return this.options.flow;\n },\n canProceed: canProceed.bind(null, this),\n unlockAccount: unlockAccount.bind(null, this),\n };\n\n setGlobalRequestInterceptor(createGlobalRequestInterceptor(this)); // to pass custom headers to IDX endpoints\n\n // HTTP\n this.http = {\n setRequestHeader: setRequestHeader.bind(null, this)\n };\n\n // Fingerprint API\n this.fingerprint = fingerprint.bind(null, this);\n\n this.emitter = new Emitter();\n\n // TokenManager\n this.tokenManager = new TokenManager(this, args.tokenManager);\n\n // AuthStateManager\n this.authStateManager = new AuthStateManager(this);\n\n // ServiceManager\n this.serviceManager = new ServiceManager(this, args.services);\n }\n\n start() {\n // TODO: review tokenManager.start\n this.tokenManager.start();\n if (!this.token.isLoginRedirect()) {\n this.authStateManager.updateAuthState();\n }\n this.serviceManager.start();\n }\n\n stop() {\n // TODO: review tokenManager.stop\n this.tokenManager.stop();\n this.serviceManager.stop();\n }\n\n setHeaders(headers) {\n this.options.headers = Object.assign({}, this.options.headers, headers);\n }\n\n\n // Authn V1\n async signIn(opts: SigninOptions): Promise<AuthTransaction> {\n return this.signInWithCredentials(opts as SigninWithCredentialsOptions);\n }\n\n // Authn V1\n async signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthTransaction> {\n opts = clone(opts || {});\n const _postToTransaction = (options?) => {\n delete opts.sendFingerprint;\n return postToTransaction(this, '/api/v1/authn', opts, options);\n };\n if (!opts.sendFingerprint) {\n return _postToTransaction();\n }\n return this.fingerprint()\n .then(function(fingerprint) {\n return _postToTransaction({\n headers: {\n 'X-Device-Fingerprint': fingerprint\n }\n });\n });\n }\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n\n // Ends the current Okta SSO session without redirecting to Okta.\n closeSession(): Promise<unknown> {\n return this.session.close() // DELETE /api/v1/sessions/me\n .then(async () => {\n // Clear all local tokens\n this.tokenManager.clear();\n })\n .catch(function(e) {\n if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n // Session does not exist or has already been closed\n return null;\n }\n throw e;\n });\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n if (!accessToken) {\n accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n if (!refreshToken) {\n refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (!postLogoutRedirectUri) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n async signOut(options?: SignoutOptions) {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n var defaultUri = window.location.origin;\n var currentUri = window.location.href;\n var postLogoutRedirectUri = options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri;\n \n var accessToken = options.accessToken;\n var refreshToken = options.refreshToken;\n var revokeAccessToken = options.revokeAccessToken !== false;\n var revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n // local tokens are cleared once session is closed\n return this.closeSession() // can throw if the user cannot be signed out\n .then(function() {\n if (postLogoutRedirectUri === currentUri) {\n window.location.reload(); // force a hard reload if URI is not changing\n } else {\n window.location.assign(postLogoutRedirectUri);\n }\n });\n } else {\n if (options.clearTokensBeforeRedirect) {\n // Clear all local tokens\n this.tokenManager.clear();\n } else {\n this.tokenManager.addPendingRemoveFlags();\n }\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n }\n }\n\n webfinger(opts): Promise<object> {\n var url = '/.well-known/webfinger' + toQueryString(opts);\n var options = {\n headers: {\n 'Accept': 'application/jrd+json'\n }\n };\n return get(this, url, options);\n }\n\n //\n // Common Methods from downstream SDKs\n //\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n async isAuthenticated(options: IsAuthenticatedOptions = {}): Promise<boolean> {\n // TODO: remove dependency on tokenManager options in next major version - OKTA-473815\n const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;\n const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;\n\n let { accessToken } = this.tokenManager.getTokensSync();\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = undefined;\n if (shouldRenew) {\n try {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n let { idToken } = this.tokenManager.getTokensSync();\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = undefined;\n if (shouldRenew) {\n try {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n async getUser(): Promise<UserClaims> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n\n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n\n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n\n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n\n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens } = await this.token.parseFromUrl();\n this.tokenManager.setTokens(tokens);\n }\n\n setOriginalUri(originalUri: string, state?: string): void {\n // always store in session storage\n const sessionStorage = browserStorage.getSessionStorage();\n sessionStorage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n\n // to support multi-tab flows, set a state in constructor or pass as param\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n sharedStorage.setItem(state, originalUri);\n }\n }\n\n getOriginalUri(state?: string): string | undefined {\n // Prefer shared storage (if state is available)\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n const originalUri = sharedStorage.getItem(state);\n if (originalUri) {\n return originalUri;\n }\n }\n\n // Try to load from session storage\n const storage = browserStorage.getSessionStorage();\n return storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) || undefined : undefined;\n }\n\n removeOriginalUri(state?: string): void {\n // Remove from sessionStorage\n const storage = browserStorage.getSessionStorage();\n storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n\n // Also remove from shared storage\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n sharedStorage.removeItem && sharedStorage.removeItem(state);\n }\n }\n\n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n let state = this.options.state;\n\n // Store tokens and update AuthState by the emitted events\n if (tokens) {\n this.tokenManager.setTokens(tokens);\n originalUri = originalUri || this.getOriginalUri(this.options.state);\n } else if (this.isLoginRedirect()) {\n try {\n // For redirect flow, get state from the URL and use it to retrieve the originalUri\n const oAuthResponse = await parseOAuthResponseFromUrl(this, {});\n state = oAuthResponse.state;\n originalUri = originalUri || this.getOriginalUri(state);\n await this.storeTokensFromRedirect();\n } catch(e) {\n // auth state should be updated\n await this.authStateManager.updateAuthState();\n throw e;\n }\n } else {\n return; // nothing to do\n }\n \n // ensure auth state has been updated\n await this.authStateManager.updateAuthState();\n\n // clear originalUri from storage\n this.removeOriginalUri(state);\n\n // Redirect to originalUri\n const { restoreOriginalUri } = this.options;\n if (restoreOriginalUri) {\n await restoreOriginalUri(this, originalUri);\n } else if (originalUri) {\n window.location.replace(originalUri);\n }\n }\n\n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n\n hasResponseType(responseType: string): boolean {\n let hasResponseType = false;\n if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = this.options.responseType === responseType;\n }\n return hasResponseType;\n }\n\n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // { username, password, (relayState), (context) }\n // signIn(opts: SignInWithCredentialsOptions): Promise<AuthTransaction> {\n // return postToTransaction(this, '/api/v1/authn', opts);\n // }\n\n getIssuerOrigin(): string {\n // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return this.options.issuer!.split('/oauth2/')[0];\n }\n\n // { username, (relayState) }\n forgotPassword(opts): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/password', opts);\n }\n\n // { username, (relayState) }\n unlockAccount(opts: ForgotPasswordOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/unlock', opts);\n }\n\n // { recoveryToken }\n verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/token', opts);\n }\n\n // Escape hatch method to make arbitrary OKTA API call\n async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n if (!options.accessToken) {\n const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n options.accessToken = accessToken?.accessToken;\n }\n return httpRequest(this, options);\n }\n}\n\n// Hoist feature detection functions to static type\nOktaAuth.features = OktaAuth.prototype.features = features;\n\n// Hoist crypto utils to static type\nOktaAuth.crypto = crypto;\n\n// Hoist webauthn utils to static type\nOktaAuth.webauthn = webauthn;\n\n// Also hoist constants for CommonJS users\nObject.assign(OktaAuth, {\n constants\n});\n\nexport default OktaAuth;"],"file":"OktaAuth.js"}
1
+ {"version":3,"sources":["../../lib/OktaAuth.ts"],"names":["OktaAuth","constructor","args","features","options","storageManager","StorageManager","cookies","storageUtil","transactionManager","TransactionManager","_oktaUserAgent","OktaUserAgent","tx","status","transactionStatus","bind","resume","resumeTransaction","exists","transactionExists","_get","name","storage","get","introspect","introspectAuthn","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","getPKCEStorage","getLegacyPKCEStorage","getHttpCache","_pending","handleLogin","redirectUri","window","location","origin","maxClockSkew","DEFAULT_MAX_CLOCK_SKEW","ignoreLifetime","session","close","closeSession","sessionExists","getSession","refresh","refreshSession","setCookieAndRedirect","_tokenQueue","PromiseQueue","useQueue","method","prototype","push","getWithRedirectFn","getWithRedirect","getWithRedirectApi","_setLocation","url","parseFromUrlFn","parseFromUrl","parseFromUrlApi","_getHistory","history","_getLocation","_getDocument","document","token","prepareTokenParams","exchangeCodeForTokens","getWithoutPrompt","getWithPopup","decode","decodeToken","revoke","revokeToken","renew","renewToken","renewTokensWithRefresh","renewTokens","getUserInfo","verify","verifyToken","isLoginRedirect","syncMethods","forEach","key","boundStartTransaction","startTransaction","idx","interact","authenticate","register","start","poll","proceed","cancel","recoverPassword","handleInteractionCodeRedirect","isInteractionRequired","isInteractionRequiredError","handleEmailVerifyCallback","isEmailVerifyCallback","parseEmailVerifyCallback","isEmailVerifyCallbackError","getSavedTransactionMeta","createTransactionMeta","getTransactionMeta","saveTransactionMeta","clearTransactionMeta","isTransactionMetaValid","setFlow","flow","getFlow","canProceed","unlockAccount","http","setRequestHeader","fingerprint","emitter","Emitter","tokenManager","TokenManager","authStateManager","AuthStateManager","serviceManager","ServiceManager","services","updateAuthState","stop","setHeaders","headers","signIn","opts","signInWithCredentials","_postToTransaction","sendFingerprint","then","signInWithRedirect","originalUri","additionalParams","setOriginalUri","params","scopes","clear","catch","e","errorCode","revokeAccessToken","accessToken","getTokens","accessTokenKey","getStorageKeyByType","remove","resolve","revokeRefreshToken","refreshToken","refreshTokenKey","getSignOutRedirectUrl","idToken","postLogoutRedirectUri","state","getTokensSync","logoutUrl","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","currentUri","href","reload","assign","clearTokensBeforeRedirect","addPendingRemoveFlags","webfinger","isAuthenticated","autoRenew","autoRemove","getOptions","shouldRenew","onExpiredToken","shouldRemove","hasExpired","undefined","getUser","getIdToken","getAccessToken","getRefreshToken","storeTokensFromRedirect","tokens","setTokens","sessionStorage","browserStorage","getSessionStorage","setItem","REFERRER_PATH_STORAGE_KEY","sharedStorage","getOriginalUriStorage","getOriginalUri","getItem","removeOriginalUri","removeItem","handleLoginRedirect","oAuthResponse","restoreOriginalUri","replace","isPKCE","hasResponseType","responseType","Array","isArray","length","isAuthorizationCodeFlow","getIssuerOrigin","issuer","split","forgotPassword","verifyRecoveryToken","invokeApiMethod","crypto","webauthn","constants"],"mappings":";;;;;;;;;;;;;;;;;;;;AAeA;;AAuCA;;AAQA;;AACA;;AAOA;;AAmBA;;AAEA;;AACA;;AACA;;AACA;;AAKA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAkBA;;AACA;;AACA;;AAWA;;;;;;AA3IA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AA2HA;AACA;AACA;AAGA,MAAMA,QAAN,CAAmE;AAsBjEC,EAAAA,WAAW,CAACC,IAAD,EAAwB;AAAA,oDAXXC,QAWW;AACjC,UAAMC,OAAO,GAAG,KAAKA,OAAL,GAAe,2BAAaF,IAAb,CAA/B,CADiC,CAEjC;;AACA,SAAKG,cAAL,GAAsB,IAAIC,8BAAJ,CAAmBF,OAAO,CAACC,cAA3B,EAA4CD,OAAO,CAACG,OAApD,EAA8DH,OAAO,CAACI,WAAtE,CAAtB;AACA,SAAKC,kBAAL,GAA0B,IAAIC,2BAAJ,CAAuB,qBAAc;AAC7DL,MAAAA,cAAc,EAAE,KAAKA;AADwC,KAAd,EAE9CD,OAAO,CAACK,kBAFsC,CAAvB,CAA1B;AAGA,SAAKE,cAAL,GAAsB,IAAIC,4BAAJ,EAAtB;AAEA,SAAKC,EAAL,GAAU;AACRC,MAAAA,MAAM,EAAEC,sBAAkBC,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CADA;AAERC,MAAAA,MAAM,EAAEC,sBAAkBF,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAFA;AAGRG,MAAAA,MAAM,EAAE,qBAAcC,sBAAkBJ,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAAd,EAAkD;AACxDK,QAAAA,IAAI,EAAGC,IAAD,IAAU;AACd;AACA,gBAAMC,OAAO,GAAGnB,OAAO,CAACI,WAAR,CAAqBe,OAArC;AACA,iBAAOA,OAAO,CAACC,GAAR,CAAYF,IAAZ,CAAP;AACD;AALuD,OAAlD,CAHA;AAURG,MAAAA,UAAU,EAAEC,oBAAgBV,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAVJ,KAAV;AAaA,SAAKW,IAAL,GAAY;AACVC,MAAAA,6BAA6B,EAAEC,cAAKD,6BAD1B;AAEVE,MAAAA,gBAAgB,EAAED,cAAKC,gBAFb;AAGVC,MAAAA,gBAAgB,EAAEF,cAAKE;AAHb,KAAZ,CAtBiC,CA4BjC;;AACA,yBAAc,KAAK3B,OAAL,CAAaI,WAA3B,EAAwC;AACtCwB,MAAAA,cAAc,EAAE,KAAK3B,cAAL,CAAoB4B,oBAApB,CAAyCjB,IAAzC,CAA8C,KAAKX,cAAnD,CADsB;AAEtC6B,MAAAA,YAAY,EAAE,KAAK7B,cAAL,CAAoB6B,YAApB,CAAiClB,IAAjC,CAAsC,KAAKX,cAA3C;AAFwB,KAAxC;AAKA,SAAK8B,QAAL,GAAgB;AAAEC,MAAAA,WAAW,EAAE;AAAf,KAAhB;;AAEA,QAAI,yBAAJ,EAAiB;AACf,WAAKhC,OAAL,GAAe,qBAAc,KAAKA,OAAnB,EAA4B;AACzCiC,QAAAA,WAAW,EAAE,yBAAcnC,IAAI,CAACmC,WAAnB,EAAgCC,MAAM,CAACC,QAAP,CAAgBC,MAAhD,CAD4B,CAC6B;;AAD7B,OAA5B,CAAf;AAGD,KAxCgC,CA0CjC;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,QAAI,CAACtC,IAAI,CAACuC,YAAN,IAAsBvC,IAAI,CAACuC,YAAL,KAAsB,CAAhD,EAAmD;AACjD,WAAKrC,OAAL,CAAaqC,YAAb,GAA4BC,gCAA5B;AACD,KAFD,MAEO;AACL,WAAKtC,OAAL,CAAaqC,YAAb,GAA4BvC,IAAI,CAACuC,YAAjC;AACD,KArDgC,CAuDjC;AACA;AACA;;;AACA,SAAKrC,OAAL,CAAauC,cAAb,GAA8B,CAAC,CAACzC,IAAI,CAACyC,cAArC;AAEA,SAAKC,OAAL,GAAe;AACbC,MAAAA,KAAK,EAAEC,sBAAa9B,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CADM;AAEbG,MAAAA,MAAM,EAAE4B,uBAAc/B,IAAd,CAAmB,IAAnB,EAAyB,IAAzB,CAFK;AAGbQ,MAAAA,GAAG,EAAEwB,oBAAWhC,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAHQ;AAIbiC,MAAAA,OAAO,EAAEC,wBAAelC,IAAf,CAAoB,IAApB,EAA0B,IAA1B,CAJI;AAKbmC,MAAAA,oBAAoB,EAAEA,8BAAqBnC,IAArB,CAA0B,IAA1B,EAAgC,IAAhC;AALT,KAAf;AAQA,SAAKoC,WAAL,GAAmB,IAAIC,qBAAJ,EAAnB;;AACA,UAAMC,QAAQ,GAAIC,MAAD,IAAY;AAC3B,aAAOF,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4BzC,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAP;AACD,KAFD,CArEiC,CAyEjC;;;AACA,UAAMG,iBAAiB,GAAGJ,QAAQ,CAACK,sBAAgB3C,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAAD,CAAlC;AACA,UAAM4C,kBAAsC,GAAG,qBAAcF,iBAAd,EAAiC;AAC9E;AACAG,MAAAA,YAAY,EAAE,UAASC,GAAT,EAAc;AAC1BxB,QAAAA,MAAM,CAACC,QAAP,GAAkBuB,GAAlB;AACD;AAJ6E,KAAjC,CAA/C,CA3EiC,CAiFjC;;AACA,UAAMC,cAAc,GAAGT,QAAQ,CAACU,mBAAahD,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAAD,CAA/B;AACA,UAAMiD,eAAsC,GAAG,qBAAcF,cAAd,EAA8B;AAC3E;AACAG,MAAAA,WAAW,EAAE,YAAW;AACtB,eAAO5B,MAAM,CAAC6B,OAAd;AACD,OAJ0E;AAM3E;AACAC,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO9B,MAAM,CAACC,QAAd;AACD,OAT0E;AAW3E;AACA8B,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO/B,MAAM,CAACgC,QAAd;AACD;AAd0E,KAA9B,CAA/C;AAgBA,SAAKC,KAAL,GAAa;AACXC,MAAAA,kBAAkB,EAAEA,yBAAmBxD,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CADT;AAEXyD,MAAAA,qBAAqB,EAAEA,4BAAsBzD,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAFZ;AAGX0D,MAAAA,gBAAgB,EAAEA,uBAAiB1D,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAHP;AAIX2D,MAAAA,YAAY,EAAEA,mBAAa3D,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAJH;AAKX2C,MAAAA,eAAe,EAAEC,kBALN;AAMXI,MAAAA,YAAY,EAAEC,eANH;AAOXW,MAAAA,MAAM,EAAEC,iBAPG;AAQXC,MAAAA,MAAM,EAAEC,kBAAY/D,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CARG;AASXgE,MAAAA,KAAK,EAAEC,iBAAWjE,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CATI;AAUXkE,MAAAA,sBAAsB,EAAEA,6BAAuBlE,IAAvB,CAA4B,IAA5B,EAAkC,IAAlC,CAVb;AAWXmE,MAAAA,WAAW,EAAEA,kBAAYnE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAXF;AAYXoE,MAAAA,WAAW,EAAEA,kBAAYpE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAZF;AAaXqE,MAAAA,MAAM,EAAEC,kBAAYtE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAbG;AAcXuE,MAAAA,eAAe,EAAEA,sBAAgBvE,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAdN,KAAb,CAnGiC,CAmHjC;;AACA,UAAMwE,WAAW,GAAG,CAClB;AACA,YAFkB,EAGlB,iBAHkB,EAIlB;AACA,qBALkB,EAMlB,cANkB,CAApB;AAQA,uBAAY,KAAKjB,KAAjB,EAAwBkB,OAAxB,CAAgCC,GAAG,IAAI;AACrC,UAAI,sBAAAF,WAAW,MAAX,CAAAA,WAAW,EAASE,GAAT,CAAX,IAA4B,CAAhC,EAAmC;AAAE;AACnC;AACD;;AACD,UAAInC,MAAM,GAAG,KAAKgB,KAAL,CAAWmB,GAAX,CAAb;AACA,WAAKnB,KAAL,CAAWmB,GAAX,IAAkBrC,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4BzC,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAlB;AACD,KAND,EA5HiC,CAoIjC;;AACA,UAAMoC,qBAAqB,GAAGC,sBAAiB5E,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAA9B;;AACA,SAAK6E,GAAL,GAAW;AACTC,MAAAA,QAAQ,EAAEA,cAAS9E,IAAT,CAAc,IAAd,EAAoB,IAApB,CADD;AAETS,MAAAA,UAAU,EAAEA,gBAAWT,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAFH;AAGT+E,MAAAA,YAAY,EAAEA,kBAAa/E,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAHL;AAITgF,MAAAA,QAAQ,EAAEA,cAAShF,IAAT,CAAc,IAAd,EAAoB,IAApB,CAJD;AAKTiF,MAAAA,KAAK,EAAEN,qBALE;AAMTC,MAAAA,gBAAgB,EAAED,qBANT;AAMgC;AACzCO,MAAAA,IAAI,EAAEA,UAAKlF,IAAL,CAAU,IAAV,EAAgB,IAAhB,CAPG;AAQTmF,MAAAA,OAAO,EAAEA,aAAQnF,IAAR,CAAa,IAAb,EAAmB,IAAnB,CARA;AASToF,MAAAA,MAAM,EAAEA,YAAOpF,IAAP,CAAY,IAAZ,EAAkB,IAAlB,CATC;AAUTqF,MAAAA,eAAe,EAAEA,qBAAgBrF,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAVR;AAYT;AACAsF,MAAAA,6BAA6B,EAAEA,mCAA8BtF,IAA9B,CAAmC,IAAnC,EAAyC,IAAzC,CAbtB;AAeT;AACAuF,MAAAA,qBAAqB,EAAEA,4BAAsBvF,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAhBd;AAiBTwF,MAAAA,0BAA0B,EAA1BA,gCAjBS;AAmBT;AACAC,MAAAA,yBAAyB,EAAEA,+BAA0BzF,IAA1B,CAA+B,IAA/B,EAAqC,IAArC,CApBlB;AAqBT0F,MAAAA,qBAAqB,EAArBA,0BArBS;AAsBTC,MAAAA,wBAAwB,EAAxBA,6BAtBS;AAuBTC,MAAAA,0BAA0B,EAA1BA,+BAvBS;AAyBTC,MAAAA,uBAAuB,EAAEA,yCAAwB7F,IAAxB,CAA6B,IAA7B,EAAmC,IAAnC,CAzBhB;AA0BT8F,MAAAA,qBAAqB,EAAEA,uCAAsB9F,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CA1Bd;AA2BT+F,MAAAA,kBAAkB,EAAEA,oCAAmB/F,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CA3BX;AA4BTgG,MAAAA,mBAAmB,EAAEA,qCAAoBhG,IAApB,CAAyB,IAAzB,EAA+B,IAA/B,CA5BZ;AA6BTiG,MAAAA,oBAAoB,EAAEA,sCAAqBjG,IAArB,CAA0B,IAA1B,EAAgC,IAAhC,CA7Bb;AA8BTkG,MAAAA,sBAAsB,EAAtBA,uCA9BS;AA+BTC,MAAAA,OAAO,EAAGC,IAAD,IAA0B;AACjC,aAAKhH,OAAL,CAAagH,IAAb,GAAoBA,IAApB;AACD,OAjCQ;AAkCTC,MAAAA,OAAO,EAAE,MAAkC;AACzC,eAAO,KAAKjH,OAAL,CAAagH,IAApB;AACD,OApCQ;AAqCTE,MAAAA,UAAU,EAAEA,gBAAWtG,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CArCH;AAsCTuG,MAAAA,aAAa,EAAEA,mBAAcvG,IAAd,CAAmB,IAAnB,EAAyB,IAAzB;AAtCN,KAAX,CAtIiC,CA+KjC;;AACA,SAAKwG,IAAL,GAAY;AACVC,MAAAA,gBAAgB,EAAEA,uBAAiBzG,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AADR,KAAZ,CAhLiC,CAoLjC;;AACA,SAAK0G,WAAL,GAAmBA,qBAAY1G,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAAnB;AAEA,SAAK2G,OAAL,GAAe,IAAIC,oBAAJ,EAAf,CAvLiC,CAyLjC;;AACA,SAAKC,YAAL,GAAoB,IAAIC,0BAAJ,CAAiB,IAAjB,EAAuB5H,IAAI,CAAC2H,YAA5B,CAApB,CA1LiC,CA4LjC;;AACA,SAAKE,gBAAL,GAAwB,IAAIC,kCAAJ,CAAqB,IAArB,CAAxB,CA7LiC,CA+LjC;;AACA,SAAKC,cAAL,GAAsB,IAAIC,8BAAJ,CAAmB,IAAnB,EAAyBhI,IAAI,CAACiI,QAA9B,CAAtB;AACD;;AAEDlC,EAAAA,KAAK,GAAG;AACN;AACA,SAAK4B,YAAL,CAAkB5B,KAAlB;;AACA,QAAI,CAAC,KAAK1B,KAAL,CAAWgB,eAAX,EAAL,EAAmC;AACjC,WAAKwC,gBAAL,CAAsBK,eAAtB;AACD;;AACD,SAAKH,cAAL,CAAoBhC,KAApB;AACD;;AAEDoC,EAAAA,IAAI,GAAG;AACL;AACA,SAAKR,YAAL,CAAkBQ,IAAlB;AACA,SAAKJ,cAAL,CAAoBI,IAApB;AACD;;AAEDC,EAAAA,UAAU,CAACC,OAAD,EAAU;AAClB,SAAKnI,OAAL,CAAamI,OAAb,GAAuB,qBAAc,EAAd,EAAkB,KAAKnI,OAAL,CAAamI,OAA/B,EAAwCA,OAAxC,CAAvB;AACD,GA1OgE,CA6OjE;;;AACY,QAANC,MAAM,CAACC,IAAD,EAAgD;AAC1D,WAAO,KAAKC,qBAAL,CAA2BD,IAA3B,CAAP;AACD,GAhPgE,CAkPjE;;;AAC2B,QAArBC,qBAAqB,CAACD,IAAD,EAA+D;AACxFA,IAAAA,IAAI,GAAG,iBAAMA,IAAI,IAAI,EAAd,CAAP;;AACA,UAAME,kBAAkB,GAAIvI,OAAD,IAAc;AACvC,aAAOqI,IAAI,CAACG,eAAZ;AACA,aAAO,2BAAkB,IAAlB,EAAwB,eAAxB,EAAyCH,IAAzC,EAA+CrI,OAA/C,CAAP;AACD,KAHD;;AAIA,QAAI,CAACqI,IAAI,CAACG,eAAV,EAA2B;AACzB,aAAOD,kBAAkB,EAAzB;AACD;;AACD,WAAO,KAAKjB,WAAL,GACNmB,IADM,CACD,UAASnB,WAAT,EAAsB;AAC1B,aAAOiB,kBAAkB,CAAC;AACxBJ,QAAAA,OAAO,EAAE;AACP,kCAAwBb;AADjB;AADe,OAAD,CAAzB;AAKD,KAPM,CAAP;AAQD;;AAEuB,QAAlBoB,kBAAkB,CAACL,IAA+B,GAAG,EAAnC,EAAuC;AAC7D,UAAM;AAAEM,MAAAA,WAAF;AAAe,SAAGC;AAAlB,QAAuCP,IAA7C;;AACA,QAAG,KAAKtG,QAAL,CAAcC,WAAjB,EAA8B;AAC5B;AACA;AACD;;AAED,SAAKD,QAAL,CAAcC,WAAd,GAA4B,IAA5B;;AACA,QAAI;AACF;AACA,UAAI2G,WAAJ,EAAiB;AACf,aAAKE,cAAL,CAAoBF,WAApB;AACD;;AACD,YAAMG,MAAM,GAAG,qBAAc;AAC3B;AACAC,QAAAA,MAAM,EAAE,KAAK/I,OAAL,CAAa+I,MAAb,IAAuB,CAAC,QAAD,EAAW,OAAX,EAAoB,SAApB;AAFJ,OAAd,EAGZH,gBAHY,CAAf;AAIA,YAAM,KAAKzE,KAAL,CAAWZ,eAAX,CAA2BuF,MAA3B,CAAN;AACD,KAVD,SAUU;AACR,WAAK/G,QAAL,CAAcC,WAAd,GAA4B,KAA5B;AACD;AACF,GA3RgE,CA6RjE;;;AACAU,EAAAA,YAAY,GAAqB;AAC/B,WAAO,KAAKF,OAAL,CAAaC,KAAb,GAAqB;AAArB,KACNgG,IADM,CACD,YAAY;AAChB;AACA,WAAKhB,YAAL,CAAkBuB,KAAlB;AACD,KAJM,EAKNC,KALM,CAKA,UAASC,CAAT,EAAY;AACjB,UAAIA,CAAC,CAAChI,IAAF,KAAW,cAAX,IAA6BgI,CAAC,CAACC,SAAF,KAAgB,UAAjD,EAA6D;AAC3D;AACA,eAAO,IAAP;AACD;;AACD,YAAMD,CAAN;AACD,KAXM,CAAP;AAYD,GA3SgE,CA6SjE;;;AACuB,QAAjBE,iBAAiB,CAACC,WAAD,EAA8C;AACnE,QAAI,CAACA,WAAL,EAAkB;AAChBA,MAAAA,WAAW,GAAG,CAAC,MAAM,KAAK5B,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCD,WAApD;AACA,YAAME,cAAc,GAAG,KAAK9B,YAAL,CAAkB+B,mBAAlB,CAAsC,aAAtC,CAAvB;AACA,WAAK/B,YAAL,CAAkBgC,MAAlB,CAAyBF,cAAzB;AACD,KALkE,CAMnE;;;AACA,QAAI,CAACF,WAAL,EAAkB;AAChB,aAAO,iBAAQK,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKvF,KAAL,CAAWO,MAAX,CAAkB2E,WAAlB,CAAP;AACD,GAzTgE,CA2TjE;;;AACwB,QAAlBM,kBAAkB,CAACC,YAAD,EAAgD;AACtE,QAAI,CAACA,YAAL,EAAmB;AACjBA,MAAAA,YAAY,GAAG,CAAC,MAAM,KAAKnC,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCM,YAArD;AACA,YAAMC,eAAe,GAAG,KAAKpC,YAAL,CAAkB+B,mBAAlB,CAAsC,cAAtC,CAAxB;AACA,WAAK/B,YAAL,CAAkBgC,MAAlB,CAAyBI,eAAzB;AACD,KALqE,CAMtE;;;AACA,QAAI,CAACD,YAAL,EAAmB;AACjB,aAAO,iBAAQF,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKvF,KAAL,CAAWO,MAAX,CAAkBkF,YAAlB,CAAP;AACD;;AAEDE,EAAAA,qBAAqB,CAAC9J,OAAkC,GAAG,EAAtC,EAA0C;AAC7D,QAAI;AACF+J,MAAAA,OADE;AAEFC,MAAAA,qBAFE;AAGFC,MAAAA;AAHE,QAIAjK,OAJJ;;AAKA,QAAI,CAAC+J,OAAL,EAAc;AACZA,MAAAA,OAAO,GAAG,KAAKtC,YAAL,CAAkByC,aAAlB,GAAkCH,OAA5C;AACD;;AACD,QAAI,CAACA,OAAL,EAAc;AACZ,aAAO,EAAP;AACD;;AACD,QAAI,CAACC,qBAAL,EAA4B;AAC1BA,MAAAA,qBAAqB,GAAG,KAAKhK,OAAL,CAAagK,qBAArC;AACD;;AAED,UAAMG,SAAS,GAAG,wBAAa,IAAb,EAAmBA,SAArC;AACA,UAAMC,WAAW,GAAGL,OAAO,CAACA,OAA5B,CAjB6D,CAiBxB;;AACrC,QAAIM,SAAS,GAAGF,SAAS,GAAG,iBAAZ,GAAgCG,kBAAkB,CAACF,WAAD,CAAlE;;AACA,QAAIJ,qBAAJ,EAA2B;AACzBK,MAAAA,SAAS,IAAI,+BAA+BC,kBAAkB,CAACN,qBAAD,CAA9D;AACD,KArB4D,CAsB7D;;;AACA,QAAIC,KAAJ,EAAW;AACTI,MAAAA,SAAS,IAAI,YAAYC,kBAAkB,CAACL,KAAD,CAA3C;AACD;;AAED,WAAOI,SAAP;AACD,GArWgE,CAuWjE;;;AACa,QAAPE,OAAO,CAACvK,OAAD,EAA2B;AACtCA,IAAAA,OAAO,GAAG,qBAAc,EAAd,EAAkBA,OAAlB,CAAV,CADsC,CAGtC;;AACA,QAAIwK,UAAU,GAAGtI,MAAM,CAACC,QAAP,CAAgBC,MAAjC;AACA,QAAIqI,UAAU,GAAGvI,MAAM,CAACC,QAAP,CAAgBuI,IAAjC;AACA,QAAIV,qBAAqB,GAAGhK,OAAO,CAACgK,qBAAR,IACvB,KAAKhK,OAAL,CAAagK,qBADU,IAEvBQ,UAFL;AAIA,QAAInB,WAAW,GAAGrJ,OAAO,CAACqJ,WAA1B;AACA,QAAIO,YAAY,GAAG5J,OAAO,CAAC4J,YAA3B;AACA,QAAIR,iBAAiB,GAAGpJ,OAAO,CAACoJ,iBAAR,KAA8B,KAAtD;AACA,QAAIO,kBAAkB,GAAG3J,OAAO,CAAC2J,kBAAR,KAA+B,KAAxD;;AAEA,QAAIA,kBAAkB,IAAI,OAAOC,YAAP,KAAwB,WAAlD,EAA+D;AAC7DA,MAAAA,YAAY,GAAG,KAAKnC,YAAL,CAAkByC,aAAlB,GAAkCN,YAAjD;AACD;;AAED,QAAIR,iBAAiB,IAAI,OAAOC,WAAP,KAAuB,WAAhD,EAA6D;AAC3DA,MAAAA,WAAW,GAAG,KAAK5B,YAAL,CAAkByC,aAAlB,GAAkCb,WAAhD;AACD;;AAED,QAAI,CAACrJ,OAAO,CAAC+J,OAAb,EAAsB;AACpB/J,MAAAA,OAAO,CAAC+J,OAAR,GAAkB,KAAKtC,YAAL,CAAkByC,aAAlB,GAAkCH,OAApD;AACD;;AAED,QAAIJ,kBAAkB,IAAIC,YAA1B,EAAwC;AACtC,YAAM,KAAKD,kBAAL,CAAwBC,YAAxB,CAAN;AACD;;AAED,QAAIR,iBAAiB,IAAIC,WAAzB,EAAsC;AACpC,YAAM,KAAKD,iBAAL,CAAuBC,WAAvB,CAAN;AACD;;AAED,UAAMgB,SAAS,GAAG,KAAKP,qBAAL,CAA2B,EAAE,GAAG9J,OAAL;AAAcgK,MAAAA;AAAd,KAA3B,CAAlB,CAnCsC,CAoCtC;AACA;;AACA,QAAI,CAACK,SAAL,EAAgB;AACd;AACA,aAAO,KAAK3H,YAAL,GAAoB;AAApB,OACN+F,IADM,CACD,YAAW;AACf,YAAIuB,qBAAqB,KAAKS,UAA9B,EAA0C;AACxCvI,UAAAA,MAAM,CAACC,QAAP,CAAgBwI,MAAhB,GADwC,CACd;AAC3B,SAFD,MAEO;AACLzI,UAAAA,MAAM,CAACC,QAAP,CAAgByI,MAAhB,CAAuBZ,qBAAvB;AACD;AACF,OAPM,CAAP;AAQD,KAVD,MAUO;AACL,UAAIhK,OAAO,CAAC6K,yBAAZ,EAAuC;AACrC;AACA,aAAKpD,YAAL,CAAkBuB,KAAlB;AACD,OAHD,MAGO;AACL,aAAKvB,YAAL,CAAkBqD,qBAAlB;AACD,OANI,CAOL;;;AACA5I,MAAAA,MAAM,CAACC,QAAP,CAAgByI,MAAhB,CAAuBP,SAAvB;AACD;AACF;;AAEDU,EAAAA,SAAS,CAAC1C,IAAD,EAAwB;AAC/B,QAAI3E,GAAG,GAAG,2BAA2B,yBAAc2E,IAAd,CAArC;AACA,QAAIrI,OAAO,GAAG;AACZmI,MAAAA,OAAO,EAAE;AACP,kBAAU;AADH;AADG,KAAd;AAKA,WAAO,eAAI,IAAJ,EAAUzE,GAAV,EAAe1D,OAAf,CAAP;AACD,GA5agE,CA8ajE;AACA;AACA;AAEA;AACA;;;AACqB,QAAfgL,eAAe,CAAChL,OAA+B,GAAG,EAAnC,EAAyD;AAC5E;AACA,UAAM;AAAEiL,MAAAA,SAAF;AAAaC,MAAAA;AAAb,QAA4B,KAAKzD,YAAL,CAAkB0D,UAAlB,EAAlC;AAEA,UAAMC,WAAW,GAAGpL,OAAO,CAACqL,cAAR,GAAyBrL,OAAO,CAACqL,cAAR,KAA2B,OAApD,GAA8DJ,SAAlF;AACA,UAAMK,YAAY,GAAGtL,OAAO,CAACqL,cAAR,GAAyBrL,OAAO,CAACqL,cAAR,KAA2B,QAApD,GAA+DH,UAApF;AAEA,QAAI;AAAE7B,MAAAA;AAAF,QAAkB,KAAK5B,YAAL,CAAkByC,aAAlB,EAAtB;;AACA,QAAIb,WAAW,IAAI,KAAK5B,YAAL,CAAkB8D,UAAlB,CAA6BlC,WAA7B,CAAnB,EAA8D;AAC5DA,MAAAA,WAAW,GAAGmC,SAAd;;AACA,UAAIJ,WAAJ,EAAiB;AACf,YAAI;AACF/B,UAAAA,WAAW,GAAG,MAAM,KAAK5B,YAAL,CAAkB7C,KAAlB,CAAwB,aAAxB,CAApB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAI0G,YAAJ,EAAkB;AACvB,aAAK7D,YAAL,CAAkBgC,MAAlB,CAAyB,aAAzB;AACD;AACF;;AAED,QAAI;AAAEM,MAAAA;AAAF,QAAc,KAAKtC,YAAL,CAAkByC,aAAlB,EAAlB;;AACA,QAAIH,OAAO,IAAI,KAAKtC,YAAL,CAAkB8D,UAAlB,CAA6BxB,OAA7B,CAAf,EAAsD;AACpDA,MAAAA,OAAO,GAAGyB,SAAV;;AACA,UAAIJ,WAAJ,EAAiB;AACf,YAAI;AACFrB,UAAAA,OAAO,GAAG,MAAM,KAAKtC,YAAL,CAAkB7C,KAAlB,CAAwB,SAAxB,CAAhB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAI0G,YAAJ,EAAkB;AACvB,aAAK7D,YAAL,CAAkBgC,MAAlB,CAAyB,SAAzB;AACD;AACF;;AAED,WAAO,CAAC,EAAEJ,WAAW,IAAIU,OAAjB,CAAR;AACD;;AAEY,QAAP0B,OAAO,GAAwB;AACnC,UAAM;AAAE1B,MAAAA,OAAF;AAAWV,MAAAA;AAAX,QAA2B,KAAK5B,YAAL,CAAkByC,aAAlB,EAAjC;AACA,WAAO,KAAK/F,KAAL,CAAWa,WAAX,CAAuBqE,WAAvB,EAAoCU,OAApC,CAAP;AACD;;AAED2B,EAAAA,UAAU,GAAuB;AAC/B,UAAM;AAAE3B,MAAAA;AAAF,QAAc,KAAKtC,YAAL,CAAkByC,aAAlB,EAApB;AACA,WAAOH,OAAO,GAAGA,OAAO,CAACA,OAAX,GAAqByB,SAAnC;AACD;;AAEDG,EAAAA,cAAc,GAAuB;AACnC,UAAM;AAAEtC,MAAAA;AAAF,QAAkB,KAAK5B,YAAL,CAAkByC,aAAlB,EAAxB;AACA,WAAOb,WAAW,GAAGA,WAAW,CAACA,WAAf,GAA6BmC,SAA/C;AACD;;AAEDI,EAAAA,eAAe,GAAuB;AACpC,UAAM;AAAEhC,MAAAA;AAAF,QAAmB,KAAKnC,YAAL,CAAkByC,aAAlB,EAAzB;AACA,WAAON,YAAY,GAAGA,YAAY,CAACA,YAAhB,GAA+B4B,SAAlD;AACD;AAED;AACF;AACA;;;AAC+B,QAAvBK,uBAAuB,GAAkB;AAC7C,UAAM;AAAEC,MAAAA;AAAF,QAAa,MAAM,KAAK3H,KAAL,CAAWP,YAAX,EAAzB;AACA,SAAK6D,YAAL,CAAkBsE,SAAlB,CAA4BD,MAA5B;AACD;;AAEDjD,EAAAA,cAAc,CAACF,WAAD,EAAsBsB,KAAtB,EAA4C;AACxD;AACA,UAAM+B,cAAc,GAAGC,wBAAeC,iBAAf,EAAvB;;AACAF,IAAAA,cAAc,CAACG,OAAf,CAAuBC,mCAAvB,EAAkDzD,WAAlD,EAHwD,CAKxD;;AACAsB,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAKpM,cAAL,CAAoBqM,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACF,OAAd,CAAsBlC,KAAtB,EAA6BtB,WAA7B;AACD;AACF;;AAED4D,EAAAA,cAAc,CAACtC,KAAD,EAAqC;AACjD;AACAA,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAKpM,cAAL,CAAoBqM,qBAApB,EAAtB;AACA,YAAM3D,WAAW,GAAG0D,aAAa,CAACG,OAAd,CAAsBvC,KAAtB,CAApB;;AACA,UAAItB,WAAJ,EAAiB;AACf,eAAOA,WAAP;AACD;AACF,KATgD,CAWjD;;;AACA,UAAMxH,OAAO,GAAG8K,wBAAeC,iBAAf,EAAhB;;AACA,WAAO/K,OAAO,GAAGA,OAAO,CAACqL,OAAR,CAAgBJ,mCAAhB,KAA8CZ,SAAjD,GAA6DA,SAA3E;AACD;;AAEDiB,EAAAA,iBAAiB,CAACxC,KAAD,EAAuB;AACtC;AACA,UAAM9I,OAAO,GAAG8K,wBAAeC,iBAAf,EAAhB;;AACA/K,IAAAA,OAAO,CAACuL,UAAR,CAAmBN,mCAAnB,EAHsC,CAKtC;;AACAnC,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAKpM,cAAL,CAAoBqM,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACK,UAAd,IAA4BL,aAAa,CAACK,UAAd,CAAyBzC,KAAzB,CAA5B;AACD;AACF;;AAED9E,EAAAA,eAAe,GAAY;AACzB,WAAO,2BAAgB,IAAhB,CAAP;AACD;;AAEwB,QAAnBwH,mBAAmB,CAACb,MAAD,EAAkBnD,WAAlB,EAAuD;AAC9E,QAAIsB,KAAK,GAAG,KAAKjK,OAAL,CAAaiK,KAAzB,CAD8E,CAG9E;;AACA,QAAI6B,MAAJ,EAAY;AACV,WAAKrE,YAAL,CAAkBsE,SAAlB,CAA4BD,MAA5B;AACAnD,MAAAA,WAAW,GAAGA,WAAW,IAAI,KAAK4D,cAAL,CAAoB,KAAKvM,OAAL,CAAaiK,KAAjC,CAA7B;AACD,KAHD,MAGO,IAAI,KAAK9E,eAAL,EAAJ,EAA4B;AACjC,UAAI;AACF;AACA,cAAMyH,aAAa,GAAG,MAAM,6CAA0B,IAA1B,EAAgC,EAAhC,CAA5B;AACA3C,QAAAA,KAAK,GAAG2C,aAAa,CAAC3C,KAAtB;AACAtB,QAAAA,WAAW,GAAGA,WAAW,IAAI,KAAK4D,cAAL,CAAoBtC,KAApB,CAA7B;AACA,cAAM,KAAK4B,uBAAL,EAAN;AACD,OAND,CAME,OAAM3C,CAAN,EAAS;AACT;AACA,cAAM,KAAKvB,gBAAL,CAAsBK,eAAtB,EAAN;AACA,cAAMkB,CAAN;AACD;AACF,KAZM,MAYA;AACL,aADK,CACG;AACT,KArB6E,CAuB9E;;;AACA,UAAM,KAAKvB,gBAAL,CAAsBK,eAAtB,EAAN,CAxB8E,CA0B9E;;AACA,SAAKyE,iBAAL,CAAuBxC,KAAvB,EA3B8E,CA6B9E;;AACA,UAAM;AAAE4C,MAAAA;AAAF,QAAyB,KAAK7M,OAApC;;AACA,QAAI6M,kBAAJ,EAAwB;AACtB,YAAMA,kBAAkB,CAAC,IAAD,EAAOlE,WAAP,CAAxB;AACD,KAFD,MAEO,IAAIA,WAAJ,EAAiB;AACtBzG,MAAAA,MAAM,CAACC,QAAP,CAAgB2K,OAAhB,CAAwBnE,WAAxB;AACD;AACF;;AAEDoE,EAAAA,MAAM,GAAY;AAChB,WAAO,CAAC,CAAC,KAAK/M,OAAL,CAAauB,IAAtB;AACD;;AAEDyL,EAAAA,eAAe,CAACC,YAAD,EAAgC;AAC7C,QAAID,eAAe,GAAG,KAAtB;;AACA,QAAIE,KAAK,CAACC,OAAN,CAAc,KAAKnN,OAAL,CAAaiN,YAA3B,KAA4C,KAAKjN,OAAL,CAAaiN,YAAb,CAA0BG,MAA1E,EAAkF;AAAA;;AAChFJ,MAAAA,eAAe,GAAG,sCAAKhN,OAAL,CAAaiN,YAAb,iBAAkCA,YAAlC,KAAmD,CAArE;AACD,KAFD,MAEO;AACLD,MAAAA,eAAe,GAAG,KAAKhN,OAAL,CAAaiN,YAAb,KAA8BA,YAAhD;AACD;;AACD,WAAOD,eAAP;AACD;;AAEDK,EAAAA,uBAAuB,GAAY;AACjC,WAAO,KAAKL,eAAL,CAAqB,MAArB,CAAP;AACD,GA1lBgE,CA4lBjE;AACA;AACA;AACA;;;AAEAM,EAAAA,eAAe,GAAW;AACxB;AACA;AACA,WAAO,KAAKtN,OAAL,CAAauN,MAAb,CAAqBC,KAArB,CAA2B,UAA3B,EAAuC,CAAvC,CAAP;AACD,GArmBgE,CAumBjE;;;AACAC,EAAAA,cAAc,CAACpF,IAAD,EAAiC;AAC7C,WAAO,2BAAkB,IAAlB,EAAwB,iCAAxB,EAA2DA,IAA3D,CAAP;AACD,GA1mBgE,CA4mBjE;;;AACAlB,EAAAA,aAAa,CAACkB,IAAD,EAAwD;AACnE,WAAO,2BAAkB,IAAlB,EAAwB,+BAAxB,EAAyDA,IAAzD,CAAP;AACD,GA/mBgE,CAinBjE;;;AACAqF,EAAAA,mBAAmB,CAACrF,IAAD,EAA6D;AAC9E,WAAO,2BAAkB,IAAlB,EAAwB,8BAAxB,EAAwDA,IAAxD,CAAP;AACD,GApnBgE,CAsnBjE;;;AACqB,QAAfsF,eAAe,CAAC3N,OAAD,EAA4C;AAC/D,QAAI,CAACA,OAAO,CAACqJ,WAAb,EAA0B;AACxB,YAAMA,WAAW,GAAG,CAAC,MAAM,KAAK5B,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCD,WAA1D;AACArJ,MAAAA,OAAO,CAACqJ,WAAR,GAAsBA,WAAtB,aAAsBA,WAAtB,uBAAsBA,WAAW,CAAEA,WAAnC;AACD;;AACD,WAAO,uBAAY,IAAZ,EAAkBrJ,OAAlB,CAAP;AACD;;AA7nBgE,C,CAgoBnE;;;8BAhoBMJ,Q,cAQ2BG,Q;8BAR3BH,Q,YASuBgO,M;8BATvBhO,Q,cAU2BiO,Q;AAunBjCjO,QAAQ,CAACG,QAAT,GAAoBH,QAAQ,CAACwD,SAAT,CAAmBrD,QAAnB,GAA8BA,QAAlD,C,CAEA;;AACA,qBAAcH,QAAd,EAAwB;AACtBkO,EAAAA;AADsB,CAAxB;eAIelO,Q","sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* global window */\n\nimport { \n DEFAULT_MAX_CLOCK_SKEW, \n REFERRER_PATH_STORAGE_KEY\n} from './constants';\nimport * as constants from './constants';\nimport {\n OktaAuthInterface,\n OktaAuthOptions, \n AccessToken, \n IDToken,\n RefreshToken,\n TokenAPI, \n FeaturesAPI, \n CryptoAPI,\n WebauthnAPI,\n SignoutAPI, \n FingerprintAPI,\n UserClaims, \n SigninWithRedirectOptions,\n SigninWithCredentialsOptions,\n SignoutOptions,\n Tokens,\n ForgotPasswordOptions,\n VerifyRecoveryTokenOptions,\n TransactionAPI,\n SessionAPI,\n SigninAPI,\n PkceAPI,\n SigninOptions,\n IdxAPI,\n SignoutRedirectUrlOptions,\n HttpAPI,\n FlowIdentifier,\n GetWithRedirectAPI,\n ParseFromUrlInterface,\n GetWithRedirectFunction,\n RequestOptions,\n IsAuthenticatedOptions,\n} from './types';\nimport {\n transactionStatus,\n resumeTransaction,\n transactionExists,\n introspectAuthn,\n postToTransaction,\n AuthTransaction\n} from './tx';\nimport PKCE from './oidc/util/pkce';\nimport {\n closeSession,\n sessionExists,\n getSession,\n refreshSession,\n setCookieAndRedirect\n} from './session';\nimport {\n getOAuthUrls,\n getWithoutPrompt,\n getWithPopup,\n getWithRedirect,\n isLoginRedirect,\n parseFromUrl,\n decodeToken,\n revokeToken,\n renewToken,\n renewTokens,\n renewTokensWithRefresh,\n getUserInfo,\n verifyToken,\n prepareTokenParams,\n exchangeCodeForTokens,\n isInteractionRequiredError,\n isInteractionRequired,\n} from './oidc';\nimport { isBrowser } from './features';\nimport * as features from './features';\nimport * as crypto from './crypto';\nimport * as webauthn from './crypto/webauthn';\nimport browserStorage from './browser/browserStorage';\nimport { \n toQueryString, \n toAbsoluteUrl,\n clone,\n} from './util';\nimport { TokenManager } from './TokenManager';\nimport { ServiceManager } from './ServiceManager';\nimport { get, httpRequest, setRequestHeader } from './http';\nimport PromiseQueue from './PromiseQueue';\nimport fingerprint from './browser/fingerprint';\nimport { AuthStateManager } from './AuthStateManager';\nimport { StorageManager } from './StorageManager';\nimport TransactionManager from './TransactionManager';\nimport { buildOptions } from './options';\nimport {\n interact,\n introspect,\n authenticate,\n cancel,\n poll,\n proceed,\n register,\n recoverPassword,\n unlockAccount,\n startTransaction,\n handleInteractionCodeRedirect,\n canProceed,\n handleEmailVerifyCallback,\n isEmailVerifyCallback,\n parseEmailVerifyCallback,\n isEmailVerifyCallbackError\n} from './idx';\nimport { OktaUserAgent } from './OktaUserAgent';\nimport { parseOAuthResponseFromUrl } from './oidc/parseFromUrl';\nimport {\n getSavedTransactionMeta,\n createTransactionMeta,\n getTransactionMeta,\n saveTransactionMeta,\n clearTransactionMeta,\n isTransactionMetaValid\n} from './idx/transactionMeta';\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport Emitter from 'tiny-emitter';\n\nclass OktaAuth implements OktaAuthInterface, SigninAPI, SignoutAPI {\n options: OktaAuthOptions;\n storageManager: StorageManager;\n transactionManager: TransactionManager;\n tx: TransactionAPI;\n idx: IdxAPI;\n session: SessionAPI;\n pkce: PkceAPI;\n static features: FeaturesAPI = features;\n static crypto: CryptoAPI = crypto;\n static webauthn: WebauthnAPI = webauthn;\n features: FeaturesAPI = features;\n token: TokenAPI;\n _tokenQueue: PromiseQueue;\n emitter: any;\n tokenManager: TokenManager;\n authStateManager: AuthStateManager;\n serviceManager: ServiceManager;\n http: HttpAPI;\n fingerprint: FingerprintAPI;\n _oktaUserAgent: OktaUserAgent;\n _pending: { handleLogin: boolean };\n constructor(args: OktaAuthOptions) {\n const options = this.options = buildOptions(args);\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.storageManager = new StorageManager(options.storageManager!, options.cookies!, options.storageUtil!);\n this.transactionManager = new TransactionManager(Object.assign({\n storageManager: this.storageManager,\n }, options.transactionManager));\n this._oktaUserAgent = new OktaUserAgent();\n\n this.tx = {\n status: transactionStatus.bind(null, this),\n resume: resumeTransaction.bind(null, this),\n exists: Object.assign(transactionExists.bind(null, this), {\n _get: (name) => {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const storage = options.storageUtil!.storage;\n return storage.get(name);\n }\n }),\n introspect: introspectAuthn.bind(null, this)\n };\n\n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n\n // Add shims for compatibility, these will be removed in next major version. OKTA-362589\n Object.assign(this.options.storageUtil, {\n getPKCEStorage: this.storageManager.getLegacyPKCEStorage.bind(this.storageManager),\n getHttpCache: this.storageManager.getHttpCache.bind(this.storageManager),\n });\n\n this._pending = { handleLogin: false };\n\n if (isBrowser()) {\n this.options = Object.assign(this.options, {\n redirectUri: toAbsoluteUrl(args.redirectUri, window.location.origin), // allow relative URIs\n });\n }\n\n // Digital clocks will drift over time, so the server\n // can misalign with the time reported by the browser.\n // The maxClockSkew allows relaxing the time-based\n // validation of tokens (in seconds, not milliseconds).\n // It currently defaults to 300, because 5 min is the\n // default maximum tolerance allowed by Kerberos.\n // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n if (!args.maxClockSkew && args.maxClockSkew !== 0) {\n this.options.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n } else {\n this.options.maxClockSkew = args.maxClockSkew;\n }\n\n // As some end user's devices can have their date \n // and time incorrectly set, allow for the disabling\n // of the jwt liftetime validation\n this.options.ignoreLifetime = !!args.ignoreLifetime;\n\n this.session = {\n close: closeSession.bind(null, this),\n exists: sessionExists.bind(null, this),\n get: getSession.bind(null, this),\n refresh: refreshSession.bind(null, this),\n setCookieAndRedirect: setCookieAndRedirect.bind(null, this)\n };\n\n this._tokenQueue = new PromiseQueue();\n const useQueue = (method) => {\n return PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n };\n\n // eslint-disable-next-line max-len\n const getWithRedirectFn = useQueue(getWithRedirect.bind(null, this)) as GetWithRedirectFunction;\n const getWithRedirectApi: GetWithRedirectAPI = Object.assign(getWithRedirectFn, {\n // This is exposed so we can set window.location in our tests\n _setLocation: function(url) {\n window.location = url;\n }\n });\n // eslint-disable-next-line max-len\n const parseFromUrlFn = useQueue(parseFromUrl.bind(null, this)) as ParseFromUrlInterface;\n const parseFromUrlApi: ParseFromUrlInterface = Object.assign(parseFromUrlFn, {\n // This is exposed so we can mock getting window.history in our tests\n _getHistory: function() {\n return window.history;\n },\n\n // This is exposed so we can mock getting window.location in our tests\n _getLocation: function() {\n return window.location;\n },\n\n // This is exposed so we can mock getting window.document in our tests\n _getDocument: function() {\n return window.document;\n }\n });\n this.token = {\n prepareTokenParams: prepareTokenParams.bind(null, this),\n exchangeCodeForTokens: exchangeCodeForTokens.bind(null, this),\n getWithoutPrompt: getWithoutPrompt.bind(null, this),\n getWithPopup: getWithPopup.bind(null, this),\n getWithRedirect: getWithRedirectApi,\n parseFromUrl: parseFromUrlApi,\n decode: decodeToken,\n revoke: revokeToken.bind(null, this),\n renew: renewToken.bind(null, this),\n renewTokensWithRefresh: renewTokensWithRefresh.bind(null, this),\n renewTokens: renewTokens.bind(null, this),\n getUserInfo: getUserInfo.bind(null, this),\n verify: verifyToken.bind(null, this),\n isLoginRedirect: isLoginRedirect.bind(null, this)\n };\n // Wrap all async token API methods using MethodQueue to avoid issues with concurrency\n const syncMethods = [\n // sync methods\n 'decode',\n 'isLoginRedirect',\n // already bound\n 'getWithRedirect',\n 'parseFromUrl'\n ];\n Object.keys(this.token).forEach(key => {\n if (syncMethods.indexOf(key) >= 0) { // sync methods should not be wrapped\n return;\n }\n var method = this.token[key];\n this.token[key] = PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n });\n\n // IDX\n const boundStartTransaction = startTransaction.bind(null, this);\n this.idx = {\n interact: interact.bind(null, this),\n introspect: introspect.bind(null, this),\n authenticate: authenticate.bind(null, this),\n register: register.bind(null, this),\n start: boundStartTransaction,\n startTransaction: boundStartTransaction, // Use `start` instead. `startTransaction` will be removed in 7.0\n poll: poll.bind(null, this),\n proceed: proceed.bind(null, this),\n cancel: cancel.bind(null, this),\n recoverPassword: recoverPassword.bind(null, this),\n\n // oauth redirect callback\n handleInteractionCodeRedirect: handleInteractionCodeRedirect.bind(null, this),\n\n // interaction required callback\n isInteractionRequired: isInteractionRequired.bind(null, this),\n isInteractionRequiredError,\n\n // email verify callback\n handleEmailVerifyCallback: handleEmailVerifyCallback.bind(null, this),\n isEmailVerifyCallback,\n parseEmailVerifyCallback,\n isEmailVerifyCallbackError,\n \n getSavedTransactionMeta: getSavedTransactionMeta.bind(null, this),\n createTransactionMeta: createTransactionMeta.bind(null, this),\n getTransactionMeta: getTransactionMeta.bind(null, this),\n saveTransactionMeta: saveTransactionMeta.bind(null, this),\n clearTransactionMeta: clearTransactionMeta.bind(null, this),\n isTransactionMetaValid,\n setFlow: (flow: FlowIdentifier) => {\n this.options.flow = flow;\n },\n getFlow: (): FlowIdentifier | undefined => {\n return this.options.flow;\n },\n canProceed: canProceed.bind(null, this),\n unlockAccount: unlockAccount.bind(null, this),\n };\n\n // HTTP\n this.http = {\n setRequestHeader: setRequestHeader.bind(null, this)\n };\n\n // Fingerprint API\n this.fingerprint = fingerprint.bind(null, this);\n\n this.emitter = new Emitter();\n\n // TokenManager\n this.tokenManager = new TokenManager(this, args.tokenManager);\n\n // AuthStateManager\n this.authStateManager = new AuthStateManager(this);\n\n // ServiceManager\n this.serviceManager = new ServiceManager(this, args.services);\n }\n\n start() {\n // TODO: review tokenManager.start\n this.tokenManager.start();\n if (!this.token.isLoginRedirect()) {\n this.authStateManager.updateAuthState();\n }\n this.serviceManager.start();\n }\n\n stop() {\n // TODO: review tokenManager.stop\n this.tokenManager.stop();\n this.serviceManager.stop();\n }\n\n setHeaders(headers) {\n this.options.headers = Object.assign({}, this.options.headers, headers);\n }\n\n\n // Authn V1\n async signIn(opts: SigninOptions): Promise<AuthTransaction> {\n return this.signInWithCredentials(opts as SigninWithCredentialsOptions);\n }\n\n // Authn V1\n async signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthTransaction> {\n opts = clone(opts || {});\n const _postToTransaction = (options?) => {\n delete opts.sendFingerprint;\n return postToTransaction(this, '/api/v1/authn', opts, options);\n };\n if (!opts.sendFingerprint) {\n return _postToTransaction();\n }\n return this.fingerprint()\n .then(function(fingerprint) {\n return _postToTransaction({\n headers: {\n 'X-Device-Fingerprint': fingerprint\n }\n });\n });\n }\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n\n // Ends the current Okta SSO session without redirecting to Okta.\n closeSession(): Promise<unknown> {\n return this.session.close() // DELETE /api/v1/sessions/me\n .then(async () => {\n // Clear all local tokens\n this.tokenManager.clear();\n })\n .catch(function(e) {\n if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n // Session does not exist or has already been closed\n return null;\n }\n throw e;\n });\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n if (!accessToken) {\n accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n if (!refreshToken) {\n refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (!postLogoutRedirectUri) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n async signOut(options?: SignoutOptions) {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n var defaultUri = window.location.origin;\n var currentUri = window.location.href;\n var postLogoutRedirectUri = options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri;\n \n var accessToken = options.accessToken;\n var refreshToken = options.refreshToken;\n var revokeAccessToken = options.revokeAccessToken !== false;\n var revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n // local tokens are cleared once session is closed\n return this.closeSession() // can throw if the user cannot be signed out\n .then(function() {\n if (postLogoutRedirectUri === currentUri) {\n window.location.reload(); // force a hard reload if URI is not changing\n } else {\n window.location.assign(postLogoutRedirectUri);\n }\n });\n } else {\n if (options.clearTokensBeforeRedirect) {\n // Clear all local tokens\n this.tokenManager.clear();\n } else {\n this.tokenManager.addPendingRemoveFlags();\n }\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n }\n }\n\n webfinger(opts): Promise<object> {\n var url = '/.well-known/webfinger' + toQueryString(opts);\n var options = {\n headers: {\n 'Accept': 'application/jrd+json'\n }\n };\n return get(this, url, options);\n }\n\n //\n // Common Methods from downstream SDKs\n //\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n async isAuthenticated(options: IsAuthenticatedOptions = {}): Promise<boolean> {\n // TODO: remove dependency on tokenManager options in next major version - OKTA-473815\n const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;\n const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;\n\n let { accessToken } = this.tokenManager.getTokensSync();\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = undefined;\n if (shouldRenew) {\n try {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n let { idToken } = this.tokenManager.getTokensSync();\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = undefined;\n if (shouldRenew) {\n try {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n async getUser(): Promise<UserClaims> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n\n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n\n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n\n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n\n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens } = await this.token.parseFromUrl();\n this.tokenManager.setTokens(tokens);\n }\n\n setOriginalUri(originalUri: string, state?: string): void {\n // always store in session storage\n const sessionStorage = browserStorage.getSessionStorage();\n sessionStorage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n\n // to support multi-tab flows, set a state in constructor or pass as param\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n sharedStorage.setItem(state, originalUri);\n }\n }\n\n getOriginalUri(state?: string): string | undefined {\n // Prefer shared storage (if state is available)\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n const originalUri = sharedStorage.getItem(state);\n if (originalUri) {\n return originalUri;\n }\n }\n\n // Try to load from session storage\n const storage = browserStorage.getSessionStorage();\n return storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) || undefined : undefined;\n }\n\n removeOriginalUri(state?: string): void {\n // Remove from sessionStorage\n const storage = browserStorage.getSessionStorage();\n storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n\n // Also remove from shared storage\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n sharedStorage.removeItem && sharedStorage.removeItem(state);\n }\n }\n\n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n let state = this.options.state;\n\n // Store tokens and update AuthState by the emitted events\n if (tokens) {\n this.tokenManager.setTokens(tokens);\n originalUri = originalUri || this.getOriginalUri(this.options.state);\n } else if (this.isLoginRedirect()) {\n try {\n // For redirect flow, get state from the URL and use it to retrieve the originalUri\n const oAuthResponse = await parseOAuthResponseFromUrl(this, {});\n state = oAuthResponse.state;\n originalUri = originalUri || this.getOriginalUri(state);\n await this.storeTokensFromRedirect();\n } catch(e) {\n // auth state should be updated\n await this.authStateManager.updateAuthState();\n throw e;\n }\n } else {\n return; // nothing to do\n }\n \n // ensure auth state has been updated\n await this.authStateManager.updateAuthState();\n\n // clear originalUri from storage\n this.removeOriginalUri(state);\n\n // Redirect to originalUri\n const { restoreOriginalUri } = this.options;\n if (restoreOriginalUri) {\n await restoreOriginalUri(this, originalUri);\n } else if (originalUri) {\n window.location.replace(originalUri);\n }\n }\n\n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n\n hasResponseType(responseType: string): boolean {\n let hasResponseType = false;\n if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = this.options.responseType === responseType;\n }\n return hasResponseType;\n }\n\n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // { username, password, (relayState), (context) }\n // signIn(opts: SignInWithCredentialsOptions): Promise<AuthTransaction> {\n // return postToTransaction(this, '/api/v1/authn', opts);\n // }\n\n getIssuerOrigin(): string {\n // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return this.options.issuer!.split('/oauth2/')[0];\n }\n\n // { username, (relayState) }\n forgotPassword(opts): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/password', opts);\n }\n\n // { username, (relayState) }\n unlockAccount(opts: ForgotPasswordOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/unlock', opts);\n }\n\n // { recoveryToken }\n verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthTransaction> {\n return postToTransaction(this, '/api/v1/authn/recovery/token', opts);\n }\n\n // Escape hatch method to make arbitrary OKTA API call\n async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n if (!options.accessToken) {\n const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n options.accessToken = accessToken?.accessToken;\n }\n return httpRequest(this, options);\n }\n}\n\n// Hoist feature detection functions to prototype & static type\nOktaAuth.features = OktaAuth.prototype.features = features;\n\n// Also hoist constants for CommonJS users\nObject.assign(OktaAuth, {\n constants\n});\n\nexport default OktaAuth;"],"file":"OktaAuth.js"}
package/cjs/OktaUserAgent.js CHANGED
@@ -21,7 +21,7 @@ var _features = require("./features");
21
21
  class OktaUserAgent {
22
22
  constructor() {
23
23
  // add base sdk env
24
- this.environments = [`okta-auth-js/${"6.3.0"}`];
24
+ this.environments = [`okta-auth-js/${"6.4.0"}`];
25
25
  }
26
26
 
27
27
  addEnvironment(env) {
@@ -36,7 +36,7 @@ class OktaUserAgent {
36
36
  }
37
37
 
38
38
  getVersion() {
39
- return "6.3.0";
39
+ return "6.4.0";
40
40
  }
41
41
 
42
42
  maybeAddNodeEnvironment() {
package/cjs/TokenManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/TokenManager.ts"],"names":["DEFAULT_OPTIONS","autoRenew","autoRemove","syncStorage","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","_storageEventDelay","EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","defaultState","expireTimeouts","renewPromise","TokenManager","constructor","sdk","options","emitter","AuthSdkError","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","useSeparateCookies","clock","SdkClock","create","state","on","bind","off","start","setExpireEventTimeoutAll","stop","clearExpireEventTimeoutAll","getOptions","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","emitRenewed","freshToken","oldToken","emitAdded","emitRemoved","emitError","error","emitEventsForCrossTabsStorageUpdate","newValue","oldValue","oldTokens","getTokensFromStorageValue","newTokens","forEach","newToken","clearExpireEventTimeout","clearTimeout","Object","prototype","hasOwnProperty","call","setExpireEventTimeout","expireEventWait","Math","max","expireEventTimeout","setTimeout","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","setStorage","getSync","get","getTokensSync","tokens","accessToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","getTokenType","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","existingToken","remove","removedToken","renewToken","renew","validateToken","e","reject","renewTokens","then","tokenType","catch","err","tokenKey","finally","clear","clearStorage","pendingRemove","value","JSON","parse","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","addPendingRemoveFlags"],"mappings":";;;;;;;;;;;;;;;;;;AAYA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAkBA;;AAnCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA0BA,MAAMA,eAAe,GAAG;AACtB;AACAC,EAAAA,SAAS,EAAE,IAFW;AAGtBC,EAAAA,UAAU,EAAE,IAHU;AAItBC,EAAAA,WAAW,EAAE,IAJS;AAKtB;AACAC,EAAAA,wBAAwB,EAAE,IANJ;AAOtBC,EAAAA,OAAO,EAAEC,SAPa;AAOF;AACpBC,EAAAA,kBAAkB,EAAE,EARE;AAStBC,EAAAA,UAAU,EAAEC,6BATU;AAUtBC,EAAAA,kBAAkB,EAAE;AAVE,CAAxB;AAYO,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;;AAMP,SAASC,YAAT,GAA2C;AACzC,SAAO;AACLC,IAAAA,cAAc,EAAE,EADX;AAELC,IAAAA,YAAY,EAAE;AAFT,GAAP;AAID;;AACM,MAAMC,YAAN,CAAoD;AAWzD;AACAC,EAAAA,WAAW,CAACC,GAAD,EAAyBC,OAA4B,GAAG,EAAxD,EAA4D;AACrE,SAAKD,GAAL,GAAWA,GAAX;AACA,SAAKE,OAAL,GAAgBF,GAAD,CAAaE,OAA5B;;AACA,QAAI,CAAC,KAAKA,OAAV,EAAmB;AACjB,YAAM,IAAIC,oBAAJ,CAAiB,mDAAjB,CAAN;AACD;;AAEDF,IAAAA,OAAO,GAAG,qBAAc,EAAd,EAAkBtB,eAAlB,EAAmC,sBAAWsB,OAAX,CAAnC,CAAV;;AACA,QAAI,6BAAJ,EAAoB;AAClBA,MAAAA,OAAO,CAACZ,kBAAR,GAA6BY,OAAO,CAACZ,kBAAR,IAA8B,IAA3D;AACD;;AACD,QAAI,CAAC,4BAAL,EAAoB;AAClBY,MAAAA,OAAO,CAACf,kBAAR,GAA6BP,eAAe,CAACO,kBAA7C;AACD;;AAED,SAAKe,OAAL,GAAeA,OAAf;AAEA,UAAMG,cAA8B,GAAG,sBAAW;AAChDjB,MAAAA,UAAU,EAAEc,OAAO,CAACd,UAD4B;AAEhDkB,MAAAA,MAAM,EAAEJ,OAAO,CAACI;AAFgC,KAAX,CAAvC;;AAIA,QAAI,OAAOJ,OAAO,CAACjB,OAAf,KAA2B,QAA/B,EAAyC;AACvC;AACAoB,MAAAA,cAAc,CAACE,eAAf,GAAiCL,OAAO,CAACjB,OAAzC;AACD,KAHD,MAGO,IAAIiB,OAAO,CAACjB,OAAZ,EAAqB;AAC1BoB,MAAAA,cAAc,CAACG,WAAf,GAA6BN,OAAO,CAACjB,OAArC;AACD;;AAED,SAAKA,OAAL,GAAegB,GAAG,CAACQ,cAAJ,CAAmBC,eAAnB,CAAmC,EAAC,GAAGL,cAAJ;AAAoBM,MAAAA,kBAAkB,EAAE;AAAxC,KAAnC,CAAf;AACA,SAAKC,KAAL,GAAaC,eAASC,MAAT,EAAb;AACA,SAAKC,KAAL,GAAanB,YAAY,EAAzB;AAEA,SAAKoB,EAAL,GAAU,KAAKb,OAAL,CAAaa,EAAb,CAAgBC,IAAhB,CAAqB,KAAKd,OAA1B,CAAV;AACA,SAAKe,GAAL,GAAW,KAAKf,OAAL,CAAae,GAAb,CAAiBD,IAAjB,CAAsB,KAAKd,OAA3B,CAAX;AACD;;AAEDgB,EAAAA,KAAK,GAAG;AACN,QAAI,KAAKjB,OAAL,CAAalB,wBAAjB,EAA2C;AACzC,WAAKA,wBAAL;AACD;;AACD,SAAKoC,wBAAL;AACD;;AAEDC,EAAAA,IAAI,GAAG;AACL,SAAKC,0BAAL;AACD;;AAEDC,EAAAA,UAAU,GAAwB;AAChC,WAAO,iBAAM,KAAKrB,OAAX,CAAP;AACD;;AAEDsB,EAAAA,aAAa,CAACC,KAAD,EAAQ;AACnB,UAAMtC,kBAAkB,GAAG,KAAKe,OAAL,CAAaf,kBAAb,IAAmC,CAA9D;AACA,QAAIuC,UAAU,GAAGD,KAAK,CAACE,SAAN,GAAkBxC,kBAAnC;AACA,WAAOuC,UAAP;AACD;;AAEDE,EAAAA,UAAU,CAACH,KAAD,EAAQ;AAChB,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,WAAOC,UAAU,IAAI,KAAKd,KAAL,CAAWiB,GAAX,EAArB;AACD;;AAEDC,EAAAA,WAAW,CAACC,GAAD,EAAMN,KAAN,EAAa;AACtB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBzC,aAAlB,EAAiCwC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDQ,EAAAA,WAAW,CAACF,GAAD,EAAMG,UAAN,EAAkBC,QAAlB,EAA4B;AACrC,SAAKhC,OAAL,CAAa6B,IAAb,CAAkBxC,aAAlB,EAAiCuC,GAAjC,EAAsCG,UAAtC,EAAkDC,QAAlD;AACD;;AAEDC,EAAAA,SAAS,CAACL,GAAD,EAAMN,KAAN,EAAa;AACpB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBvC,WAAlB,EAA+BsC,GAA/B,EAAoCN,KAApC;AACD;;AAEDY,EAAAA,WAAW,CAACN,GAAD,EAAMN,KAAN,EAAc;AACvB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBtC,aAAlB,EAAiCqC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDa,EAAAA,SAAS,CAACC,KAAD,EAAQ;AACf,SAAKpC,OAAL,CAAa6B,IAAb,CAAkBrC,WAAlB,EAA+B4C,KAA/B;AACD;;AAEDC,EAAAA,mCAAmC,CAACC,QAAD,EAAWC,QAAX,EAAqB;AACtD,UAAMC,SAAS,GAAG,KAAKC,yBAAL,CAA+BF,QAA/B,CAAlB;AACA,UAAMG,SAAS,GAAG,KAAKD,yBAAL,CAA+BH,QAA/B,CAAlB;AACA,uBAAYI,SAAZ,EAAuBC,OAAvB,CAA+Bf,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMgB,QAAQ,GAAGF,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,wBAAeI,QAAf,MAA6B,wBAAeY,QAAf,CAAjC,EAA2D;AACzD,aAAKX,SAAL,CAAeL,GAAf,EAAoBgB,QAApB;AACD;AACF,KAND;AAOA,uBAAYJ,SAAZ,EAAuBG,OAAvB,CAA+Bf,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMgB,QAAQ,GAAGF,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,CAACgB,QAAL,EAAe;AACb,aAAKV,WAAL,CAAiBN,GAAjB,EAAsBI,QAAtB;AACD;AACF,KAND;AAOD;;AAEDa,EAAAA,uBAAuB,CAACjB,GAAD,EAAM;AAC3BkB,IAAAA,YAAY,CAAC,KAAKlC,KAAL,CAAWlB,cAAX,CAA0BkC,GAA1B,CAAD,CAAZ;AACA,WAAO,KAAKhB,KAAL,CAAWlB,cAAX,CAA0BkC,GAA1B,CAAP,CAF2B,CAI3B;;AACA,SAAKhB,KAAL,CAAWjB,YAAX,GAA0B,IAA1B;AACD;;AAEDwB,EAAAA,0BAA0B,GAAG;AAC3B,QAAIzB,cAAc,GAAG,KAAKkB,KAAL,CAAWlB,cAAhC;;AACA,SAAK,IAAIkC,GAAT,IAAgBlC,cAAhB,EAAgC;AAC9B,UAAI,CAACqD,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCxD,cAArC,EAAqDkC,GAArD,CAAL,EAAgE;AAC9D;AACD;;AACD,WAAKiB,uBAAL,CAA6BjB,GAA7B;AACD;AACF;;AAEDuB,EAAAA,qBAAqB,CAACvB,GAAD,EAAMN,KAAN,EAAa;AAChC,QAAI,2BAAeA,KAAf,CAAJ,EAA2B;AACzB;AACD;;AAED,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,QAAI8B,eAAe,GAAGC,IAAI,CAACC,GAAL,CAAS/B,UAAU,GAAG,KAAKd,KAAL,CAAWiB,GAAX,EAAtB,EAAwC,CAAxC,IAA6C,IAAnE,CANgC,CAQhC;;AACA,SAAKmB,uBAAL,CAA6BjB,GAA7B;AAEA,QAAI2B,kBAAkB,GAAGC,UAAU,CAAC,MAAM;AACxC,WAAK7B,WAAL,CAAiBC,GAAjB,EAAsBN,KAAtB;AACD,KAFkC,EAEhC8B,eAFgC,CAAnC,CAXgC,CAehC;;AACA,SAAKxC,KAAL,CAAWlB,cAAX,CAA0BkC,GAA1B,IAAiC2B,kBAAjC;AACD;;AAEDtC,EAAAA,wBAAwB,GAAG;AACzB,QAAIwC,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;;AACA,SAAI,IAAI9B,GAAR,IAAe6B,YAAf,EAA6B;AAC3B,UAAI,CAACV,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCO,YAArC,EAAmD7B,GAAnD,CAAL,EAA8D;AAC5D;AACD;;AACD,UAAIN,KAAK,GAAGmC,YAAY,CAAC7B,GAAD,CAAxB;AACA,WAAKuB,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACD;AACF,GA/JwD,CAiKzD;;;AACAqC,EAAAA,0BAA0B,GAAG;AAC3B,SAAKxC,0BAAL;AACA,SAAKF,wBAAL;AACD;;AAED2C,EAAAA,GAAG,CAAChC,GAAD,EAAMN,KAAN,EAAoB;AACrB,QAAImC,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,8BAAcpC,KAAd;AACAmC,IAAAA,YAAY,CAAC7B,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAKxC,OAAL,CAAa+E,UAAb,CAAwBJ,YAAxB;AACA,SAAKxB,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,SAAK6B,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACD;;AAEDwC,EAAAA,OAAO,CAAClC,GAAD,EAAM;AACX,QAAI6B,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,WAAOD,YAAY,CAAC7B,GAAD,CAAnB;AACD;;AAEQ,QAAHmC,GAAG,CAACnC,GAAD,EAAM;AACb,WAAO,KAAKkC,OAAL,CAAalC,GAAb,CAAP;AACD;;AAEDoC,EAAAA,aAAa,GAAW;AACtB,UAAMC,MAAM,GAAG,EAAf;AACA,UAAMR,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAArB;AACA,uBAAYD,YAAZ,EAA0Bd,OAA1B,CAAkCf,GAAG,IAAI;AACvC,YAAMN,KAAK,GAAGmC,YAAY,CAAC7B,GAAD,CAA1B;;AACA,UAAI,0BAAcN,KAAd,CAAJ,EAA0B;AACxB2C,QAAAA,MAAM,CAACC,WAAP,GAAqB5C,KAArB;AACD,OAFD,MAEO,IAAI,sBAAUA,KAAV,CAAJ,EAAsB;AAC3B2C,QAAAA,MAAM,CAACE,OAAP,GAAiB7C,KAAjB;AACD,OAFM,MAEA,IAAI,2BAAeA,KAAf,CAAJ,EAA2B;AAChC2C,QAAAA,MAAM,CAACG,YAAP,GAAsB9C,KAAtB;AACD;AACF,KATD;AAUA,WAAO2C,MAAP;AACD;;AAEc,QAATI,SAAS,GAAoB;AACjC,WAAO,KAAKL,aAAL,EAAP;AACD;;AAEDM,EAAAA,mBAAmB,CAACC,IAAD,EAA0B;AAAA;;AAC3C,UAAMd,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAArB;AACA,UAAM9B,GAAG,GAAG,mDAAY6B,YAAZ,kBAAiC7B,GAAG,IAAI;AAClD,YAAMN,KAAK,GAAGmC,YAAY,CAAC7B,GAAD,CAA1B;AACA,aAAQ,0BAAcN,KAAd,KAAwBiD,IAAI,KAAK,aAAlC,IACD,sBAAUjD,KAAV,KAAoBiD,IAAI,KAAK,SAD5B,IAED,2BAAejD,KAAf,KAAyBiD,IAAI,KAAK,cAFxC;AAGD,KALW,EAKT,CALS,CAAZ;AAMA,WAAO3C,GAAP;AACD;;AAEO4C,EAAAA,YAAY,CAAClD,KAAD,EAA0B;AAC5C,QAAI,0BAAcA,KAAd,CAAJ,EAA0B;AACxB,aAAO,aAAP;AACD;;AACD,QAAI,sBAAUA,KAAV,CAAJ,EAAsB;AACpB,aAAO,SAAP;AACD;;AACD,QAAG,2BAAeA,KAAf,CAAH,EAA0B;AACxB,aAAO,cAAP;AACD;;AACD,UAAM,IAAIrB,oBAAJ,CAAiB,oBAAjB,CAAN;AACD;;AAEDwE,EAAAA,SAAS,CACPR,MADO,EAEP;AACAS,EAAAA,aAHO,EAIPC,SAJO,EAKPC,cALO,EAMD;AACN,UAAMC,mBAAmB,GAAG,CAACjD,GAAD,EAAMN,KAAN,KAAgB;AAC1C,YAAMiD,IAAI,GAAG,KAAKC,YAAL,CAAkBlD,KAAlB,CAAb;;AACA,UAAIiD,IAAI,KAAK,aAAb,EAA4B;AAC1BG,QAAAA,aAAa,IAAIA,aAAa,CAAC9C,GAAD,EAAMN,KAAN,CAA9B;AACD,OAFD,MAEO,IAAIiD,IAAI,KAAK,SAAb,EAAwB;AAC7BI,QAAAA,SAAS,IAAIA,SAAS,CAAC/C,GAAD,EAAMN,KAAN,CAAtB;AACD,OAFM,MAEA,IAAIiD,IAAI,KAAK,cAAb,EAA6B;AAClCK,QAAAA,cAAc,IAAIA,cAAc,CAAChD,GAAD,EAAMN,KAAN,CAAhC;AACD;AACF,KATD;;AAUA,UAAMwD,WAAW,GAAG,CAAClD,GAAD,EAAMN,KAAN,KAAgB;AAClC,WAAKW,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,WAAK6B,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACAuD,MAAAA,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAKA,UAAMyD,aAAa,GAAG,CAACnD,GAAD,EAAMN,KAAN,EAAaU,QAAb,KAA0B;AAC9C,WAAKF,WAAL,CAAiBF,GAAjB,EAAsBN,KAAtB,EAA6BU,QAA7B;AACA,WAAKa,uBAAL,CAA6BjB,GAA7B;AACA,WAAKuB,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACAuD,MAAAA,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;AACD,KALD;;AAMA,UAAM0D,aAAa,GAAG,CAACpD,GAAD,EAAMN,KAAN,KAAgB;AACpC,WAAKuB,uBAAL,CAA6BjB,GAA7B;AACA,WAAKM,WAAL,CAAiBN,GAAjB,EAAsBN,KAAtB;AACAuD,MAAAA,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAMA,UAAM2D,KAAkB,GAAG,CAAC,SAAD,EAAY,aAAZ,EAA2B,cAA3B,CAA3B;AACA,UAAMC,cAAc,GAAG,KAAKlB,aAAL,EAAvB,CA7BM,CA+BN;;AACAiB,IAAAA,KAAK,CAACtC,OAAN,CAAe4B,IAAD,IAAU;AACtB,YAAMjD,KAAK,GAAG2C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIjD,KAAJ,EAAW;AACT,kCAAcA,KAAd,EAAqBiD,IAArB;AACD;AACF,KALD,EAhCM,CAuCN;;AACA,UAAMzF,OAAO,GAAG,qBAAAmG,KAAK,MAAL,CAAAA,KAAK,EAAQ,CAACnG,OAAD,EAAUyF,IAAV,KAAmB;AAC9C,YAAMjD,KAAK,GAAG2C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIjD,KAAJ,EAAW;AACT,cAAMrC,UAAU,GAAG,KAAKqF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;AACAzF,QAAAA,OAAO,CAACG,UAAD,CAAP,GAAsBqC,KAAtB;AACD;;AACD,aAAOxC,OAAP;AACD,KAPoB,EAOlB,EAPkB,CAArB;AAQA,SAAKA,OAAL,CAAa+E,UAAb,CAAwB/E,OAAxB,EAhDM,CAkDN;;AACAmG,IAAAA,KAAK,CAACtC,OAAN,CAAc4B,IAAI,IAAI;AACpB,YAAM3B,QAAQ,GAAGqB,MAAM,CAACM,IAAD,CAAvB;AACA,YAAMY,aAAa,GAAGD,cAAc,CAACX,IAAD,CAApC;AACA,YAAMtF,UAAU,GAAG,KAAKqF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;;AACA,UAAI3B,QAAQ,IAAIuC,aAAhB,EAA+B;AAAE;AAC/B;AACAH,QAAAA,aAAa,CAAC/F,UAAD,EAAakG,aAAb,CAAb;AACAL,QAAAA,WAAW,CAAC7F,UAAD,EAAa2D,QAAb,CAAX;AACAmC,QAAAA,aAAa,CAAC9F,UAAD,EAAa2D,QAAb,EAAuBuC,aAAvB,CAAb;AACD,OALD,MAKO,IAAIvC,QAAJ,EAAc;AAAE;AACrBkC,QAAAA,WAAW,CAAC7F,UAAD,EAAa2D,QAAb,CAAX;AACD,OAFM,MAEA,IAAIuC,aAAJ,EAAmB;AAAE;AAC1BH,QAAAA,aAAa,CAAC/F,UAAD,EAAakG,aAAb,CAAb;AACD;AACF,KAdD;AAeD;;AAEDC,EAAAA,MAAM,CAACxD,GAAD,EAAM;AACV;AACA,SAAKiB,uBAAL,CAA6BjB,GAA7B;AAEA,QAAI6B,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,QAAI2B,YAAY,GAAG5B,YAAY,CAAC7B,GAAD,CAA/B;AACA,WAAO6B,YAAY,CAAC7B,GAAD,CAAnB;AACA,SAAK9C,OAAL,CAAa+E,UAAb,CAAwBJ,YAAxB;AAEA,SAAKvB,WAAL,CAAiBN,GAAjB,EAAsByD,YAAtB;AACD,GAzTwD,CA2TzD;;;AACgB,QAAVC,UAAU,CAAChE,KAAD,EAAQ;AAAA;;AACtB,8BAAO,KAAKxB,GAAL,CAASwB,KAAhB,oDAAO,gBAAgBiE,KAAhB,CAAsBjE,KAAtB,CAAP;AACD,GA9TwD,CA+TzD;;;AACAkE,EAAAA,aAAa,CAAClE,KAAD,EAAe;AAC1B,WAAO,0BAAcA,KAAd,CAAP;AACD,GAlUwD,CAoUzD;;;AACAiE,EAAAA,KAAK,CAAC3D,GAAD,EAAkC;AACrC;AACA,QAAI,KAAKhB,KAAL,CAAWjB,YAAf,EAA6B;AAC3B,aAAO,KAAKiB,KAAL,CAAWjB,YAAlB;AACD;;AAED,QAAI;AACF,UAAI2B,KAAK,GAAG,KAAKwC,OAAL,CAAalC,GAAb,CAAZ;;AACA,UAAI,CAACN,KAAL,EAAY;AACV,cAAM,IAAIrB,oBAAJ,CAAiB,gDAAgD2B,GAAjE,CAAN;AACD;AACF,KALD,CAKE,OAAO6D,CAAP,EAAU;AACV,aAAO,iBAAQC,MAAR,CAAeD,CAAf,CAAP;AACD,KAboC,CAerC;;;AACA,SAAK5C,uBAAL,CAA6BjB,GAA7B,EAhBqC,CAkBrC;AACA;;AACA,SAAKhB,KAAL,CAAWjB,YAAX,GAA0B,KAAKG,GAAL,CAASwB,KAAT,CAAeqE,WAAf,GACvBC,IADuB,CAClB3B,MAAM,IAAI;AACd,WAAKQ,SAAL,CAAeR,MAAf,EADc,CAGd;;AACA,YAAM4B,SAAS,GAAG,KAAKrB,YAAL,CAAkBlD,KAAlB,CAAlB;AACA,aAAO2C,MAAM,CAAC4B,SAAD,CAAb;AACD,KAPuB,EAQvBC,KARuB,CAQjBC,GAAG,IAAI;AACZ;AACA,WAAKX,MAAL,CAAYxD,GAAZ;AACAmE,MAAAA,GAAG,CAACC,QAAJ,GAAepE,GAAf;AACA,WAAKO,SAAL,CAAe4D,GAAf;AACA,YAAMA,GAAN;AACD,KAduB,EAevBE,OAfuB,CAef,MAAM;AACb;AACA,WAAKrF,KAAL,CAAWjB,YAAX,GAA0B,IAA1B;AACD,KAlBuB,CAA1B;AAoBA,WAAO,KAAKiB,KAAL,CAAWjB,YAAlB;AACD;;AAEDuG,EAAAA,KAAK,GAAG;AACN,SAAK/E,0BAAL;AACA,SAAKrC,OAAL,CAAaqH,YAAb;AACD;;AAEDtH,EAAAA,wBAAwB,GAAG;AACzB,UAAMoF,MAAM,GAAG,KAAKD,aAAL,EAAf;AACA,uBAAYC,MAAZ,EAAoBtB,OAApB,CAA4Bf,GAAG,IAAI;AACjC,UAAIqC,MAAM,CAACrC,GAAD,CAAN,CAAYwE,aAAhB,EAA+B;AAC9B,aAAKhB,MAAL,CAAYxD,GAAZ;AACA;AACF,KAJD;AAKD;;AAEDa,EAAAA,yBAAyB,CAAC4D,KAAD,EAAQ;AAC/B,QAAIpC,MAAJ;;AACA,QAAI;AACFA,MAAAA,MAAM,GAAGqC,IAAI,CAACC,KAAL,CAAWF,KAAX,KAAqB,EAA9B;AACD,KAFD,CAEE,OAAOZ,CAAP,EAAU;AACVxB,MAAAA,MAAM,GAAG,EAAT;AACD;;AACD,WAAOA,MAAP;AACD;;AAEDuC,EAAAA,kBAAkB,CAAClF,KAAD,EAAsB;AACtC,UAAMM,GAAG,GAAG,KAAK0C,mBAAL,CAAyB,cAAzB,KAA4CmC,oCAAxD,CADsC,CAGtC;;;AACA,QAAIhD,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,8BAAcpC,KAAd;AACAmC,IAAAA,YAAY,CAAC7B,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAKxC,OAAL,CAAa+E,UAAb,CAAwBJ,YAAxB;AACD;;AAEDiD,EAAAA,qBAAqB,GAAG;AACtB,UAAMzC,MAAM,GAAG,KAAKD,aAAL,EAAf;AACA,uBAAYC,MAAZ,EAAoBtB,OAApB,CAA4Bf,GAAG,IAAI;AACjCqC,MAAAA,MAAM,CAACrC,GAAD,CAAN,CAAYwE,aAAZ,GAA4B,IAA5B;AACD,KAFD;AAGA,SAAK3B,SAAL,CAAeR,MAAf;AACD;;AAxZwD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from './util';\nimport { AuthSdkError } from './errors';\nimport { validateToken } from './oidc/util';\nimport { isLocalhost, isIE11OrLess } from './features';\nimport SdkClock from './clock';\nimport {\n EventEmitter,\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n StorageOptions,\n StorageType,\n OktaAuthInterface,\n StorageProvider,\n TokenManagerErrorEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY, TOKEN_STORAGE_NAME } from './constants';\n\nconst DEFAULT_OPTIONS = {\n // TODO: remove in next major version - OKTA-473815\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n // --- //\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME,\n _storageEventDelay: 0\n};\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token | undefined> | null;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuthInterface;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n\n on: (event: string, handler: TokenManagerErrorEventHandler | TokenManagerEventHandler, context?: object) => void;\n off: (event: string, handler?: TokenManagerErrorEventHandler | TokenManagerEventHandler) => void;\n\n // eslint-disable-next-line complexity\n constructor(sdk: OktaAuthInterface, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n \n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (isIE11OrLess()) {\n options._storageEventDelay = options._storageEventDelay || 1000;\n }\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n\n this.on = this.emitter.on.bind(this.emitter);\n this.off = this.emitter.off.bind(this.emitter);\n }\n\n start() {\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.setExpireEventTimeoutAll();\n }\n \n stop() {\n this.clearExpireEventTimeoutAll();\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n var expireTime = token.expiresAt - expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n emitEventsForCrossTabsStorageUpdate(newValue, oldValue) {\n const oldTokens = this.getTokensFromStorageValue(oldValue);\n const newTokens = this.getTokensFromStorageValue(newValue);\n Object.keys(newTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (JSON.stringify(oldToken) !== JSON.stringify(newToken)) {\n this.emitAdded(key, newToken);\n }\n });\n Object.keys(oldTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (!newToken) {\n this.emitRemoved(key, oldToken);\n }\n });\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key) {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key) {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: Function, \n idTokenCb?: Function,\n refreshTokenCb?: Function\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n \n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token?.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token | undefined> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n \n try {\n var token = this.getSync(key);\n if (!token) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n } catch (e) {\n return Promise.reject(e);\n }\n \n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token from storage and emit error\n this.remove(key);\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return this.state.renewPromise;\n }\n \n clear() {\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n }\n\n clearPendingRemoveTokens() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n if (tokens[key].pendingRemove) {\n this.remove(key);\n }\n });\n }\n \n getTokensFromStorageValue(value) {\n let tokens;\n try {\n tokens = JSON.parse(value) || {};\n } catch (e) {\n tokens = {};\n }\n return tokens;\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n"],"file":"TokenManager.js"}
1
+ {"version":3,"sources":["../../lib/TokenManager.ts"],"names":["DEFAULT_OPTIONS","autoRenew","autoRemove","syncStorage","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","_storageEventDelay","EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","defaultState","expireTimeouts","renewPromise","TokenManager","constructor","sdk","options","emitter","AuthSdkError","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","useSeparateCookies","clock","SdkClock","create","state","on","bind","off","start","setExpireEventTimeoutAll","stop","clearExpireEventTimeoutAll","getOptions","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","emitRenewed","freshToken","oldToken","emitAdded","emitRemoved","emitError","error","emitEventsForCrossTabsStorageUpdate","newValue","oldValue","oldTokens","getTokensFromStorageValue","newTokens","forEach","newToken","clearExpireEventTimeout","clearTimeout","Object","prototype","hasOwnProperty","call","setExpireEventTimeout","expireEventWait","Math","max","expireEventTimeout","setTimeout","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","setStorage","getSync","get","getTokensSync","tokens","accessToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","getTokenType","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","existingToken","remove","removedToken","renewToken","renew","validateToken","e","reject","renewTokens","then","tokenType","catch","err","tokenKey","finally","clear","clearStorage","pendingRemove","value","JSON","parse","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","addPendingRemoveFlags"],"mappings":";;;;;;;;;;;;;;;;;;AAYA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAqBA;;AAtCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6BA,MAAMA,eAAe,GAAG;AACtB;AACAC,EAAAA,SAAS,EAAE,IAFW;AAGtBC,EAAAA,UAAU,EAAE,IAHU;AAItBC,EAAAA,WAAW,EAAE,IAJS;AAKtB;AACAC,EAAAA,wBAAwB,EAAE,IANJ;AAOtBC,EAAAA,OAAO,EAAEC,SAPa;AAOF;AACpBC,EAAAA,kBAAkB,EAAE,EARE;AAStBC,EAAAA,UAAU,EAAEC,6BATU;AAUtBC,EAAAA,kBAAkB,EAAE;AAVE,CAAxB;AAYO,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;;AAMP,SAASC,YAAT,GAA2C;AACzC,SAAO;AACLC,IAAAA,cAAc,EAAE,EADX;AAELC,IAAAA,YAAY,EAAE;AAFT,GAAP;AAID;;AACM,MAAMC,YAAN,CAAoD;AAWzD;AACAC,EAAAA,WAAW,CAACC,GAAD,EAAyBC,OAA4B,GAAG,EAAxD,EAA4D;AACrE,SAAKD,GAAL,GAAWA,GAAX;AACA,SAAKE,OAAL,GAAgBF,GAAD,CAAaE,OAA5B;;AACA,QAAI,CAAC,KAAKA,OAAV,EAAmB;AACjB,YAAM,IAAIC,oBAAJ,CAAiB,mDAAjB,CAAN;AACD;;AAEDF,IAAAA,OAAO,GAAG,qBAAc,EAAd,EAAkBtB,eAAlB,EAAmC,sBAAWsB,OAAX,CAAnC,CAAV;;AACA,QAAI,6BAAJ,EAAoB;AAClBA,MAAAA,OAAO,CAACZ,kBAAR,GAA6BY,OAAO,CAACZ,kBAAR,IAA8B,IAA3D;AACD;;AACD,QAAI,CAAC,4BAAL,EAAoB;AAClBY,MAAAA,OAAO,CAACf,kBAAR,GAA6BP,eAAe,CAACO,kBAA7C;AACD;;AAED,SAAKe,OAAL,GAAeA,OAAf;AAEA,UAAMG,cAA8B,GAAG,sBAAW;AAChDjB,MAAAA,UAAU,EAAEc,OAAO,CAACd,UAD4B;AAEhDkB,MAAAA,MAAM,EAAEJ,OAAO,CAACI;AAFgC,KAAX,CAAvC;;AAIA,QAAI,OAAOJ,OAAO,CAACjB,OAAf,KAA2B,QAA/B,EAAyC;AACvC;AACAoB,MAAAA,cAAc,CAACE,eAAf,GAAiCL,OAAO,CAACjB,OAAzC;AACD,KAHD,MAGO,IAAIiB,OAAO,CAACjB,OAAZ,EAAqB;AAC1BoB,MAAAA,cAAc,CAACG,WAAf,GAA6BN,OAAO,CAACjB,OAArC;AACD;;AAED,SAAKA,OAAL,GAAegB,GAAG,CAACQ,cAAJ,CAAmBC,eAAnB,CAAmC,EAAC,GAAGL,cAAJ;AAAoBM,MAAAA,kBAAkB,EAAE;AAAxC,KAAnC,CAAf;AACA,SAAKC,KAAL,GAAaC,eAASC,MAAT,EAAb;AACA,SAAKC,KAAL,GAAanB,YAAY,EAAzB;AAEA,SAAKoB,EAAL,GAAU,KAAKb,OAAL,CAAaa,EAAb,CAAgBC,IAAhB,CAAqB,KAAKd,OAA1B,CAAV;AACA,SAAKe,GAAL,GAAW,KAAKf,OAAL,CAAae,GAAb,CAAiBD,IAAjB,CAAsB,KAAKd,OAA3B,CAAX;AACD;;AAEDgB,EAAAA,KAAK,GAAG;AACN,QAAI,KAAKjB,OAAL,CAAalB,wBAAjB,EAA2C;AACzC,WAAKA,wBAAL;AACD;;AACD,SAAKoC,wBAAL;AACD;;AAEDC,EAAAA,IAAI,GAAG;AACL,SAAKC,0BAAL;AACD;;AAEDC,EAAAA,UAAU,GAAwB;AAChC,WAAO,iBAAM,KAAKrB,OAAX,CAAP;AACD;;AAEDsB,EAAAA,aAAa,CAACC,KAAD,EAAQ;AACnB,UAAMtC,kBAAkB,GAAG,KAAKe,OAAL,CAAaf,kBAAb,IAAmC,CAA9D;AACA,QAAIuC,UAAU,GAAGD,KAAK,CAACE,SAAN,GAAkBxC,kBAAnC;AACA,WAAOuC,UAAP;AACD;;AAEDE,EAAAA,UAAU,CAACH,KAAD,EAAQ;AAChB,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,WAAOC,UAAU,IAAI,KAAKd,KAAL,CAAWiB,GAAX,EAArB;AACD;;AAEDC,EAAAA,WAAW,CAACC,GAAD,EAAMN,KAAN,EAAa;AACtB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBzC,aAAlB,EAAiCwC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDQ,EAAAA,WAAW,CAACF,GAAD,EAAMG,UAAN,EAAkBC,QAAlB,EAA4B;AACrC,SAAKhC,OAAL,CAAa6B,IAAb,CAAkBxC,aAAlB,EAAiCuC,GAAjC,EAAsCG,UAAtC,EAAkDC,QAAlD;AACD;;AAEDC,EAAAA,SAAS,CAACL,GAAD,EAAMN,KAAN,EAAa;AACpB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBvC,WAAlB,EAA+BsC,GAA/B,EAAoCN,KAApC;AACD;;AAEDY,EAAAA,WAAW,CAACN,GAAD,EAAMN,KAAN,EAAc;AACvB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBtC,aAAlB,EAAiCqC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDa,EAAAA,SAAS,CAACC,KAAD,EAAQ;AACf,SAAKpC,OAAL,CAAa6B,IAAb,CAAkBrC,WAAlB,EAA+B4C,KAA/B;AACD;;AAEDC,EAAAA,mCAAmC,CAACC,QAAD,EAAWC,QAAX,EAAqB;AACtD,UAAMC,SAAS,GAAG,KAAKC,yBAAL,CAA+BF,QAA/B,CAAlB;AACA,UAAMG,SAAS,GAAG,KAAKD,yBAAL,CAA+BH,QAA/B,CAAlB;AACA,uBAAYI,SAAZ,EAAuBC,OAAvB,CAA+Bf,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMgB,QAAQ,GAAGF,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,wBAAeI,QAAf,MAA6B,wBAAeY,QAAf,CAAjC,EAA2D;AACzD,aAAKX,SAAL,CAAeL,GAAf,EAAoBgB,QAApB;AACD;AACF,KAND;AAOA,uBAAYJ,SAAZ,EAAuBG,OAAvB,CAA+Bf,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMgB,QAAQ,GAAGF,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,CAACgB,QAAL,EAAe;AACb,aAAKV,WAAL,CAAiBN,GAAjB,EAAsBI,QAAtB;AACD;AACF,KAND;AAOD;;AAEDa,EAAAA,uBAAuB,CAACjB,GAAD,EAAM;AAC3BkB,IAAAA,YAAY,CAAC,KAAKlC,KAAL,CAAWlB,cAAX,CAA0BkC,GAA1B,CAAD,CAAZ;AACA,WAAO,KAAKhB,KAAL,CAAWlB,cAAX,CAA0BkC,GAA1B,CAAP,CAF2B,CAI3B;;AACA,SAAKhB,KAAL,CAAWjB,YAAX,GAA0B,IAA1B;AACD;;AAEDwB,EAAAA,0BAA0B,GAAG;AAC3B,QAAIzB,cAAc,GAAG,KAAKkB,KAAL,CAAWlB,cAAhC;;AACA,SAAK,IAAIkC,GAAT,IAAgBlC,cAAhB,EAAgC;AAC9B,UAAI,CAACqD,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCxD,cAArC,EAAqDkC,GAArD,CAAL,EAAgE;AAC9D;AACD;;AACD,WAAKiB,uBAAL,CAA6BjB,GAA7B;AACD;AACF;;AAEDuB,EAAAA,qBAAqB,CAACvB,GAAD,EAAMN,KAAN,EAAa;AAChC,QAAI,2BAAeA,KAAf,CAAJ,EAA2B;AACzB;AACD;;AAED,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,QAAI8B,eAAe,GAAGC,IAAI,CAACC,GAAL,CAAS/B,UAAU,GAAG,KAAKd,KAAL,CAAWiB,GAAX,EAAtB,EAAwC,CAAxC,IAA6C,IAAnE,CANgC,CAQhC;;AACA,SAAKmB,uBAAL,CAA6BjB,GAA7B;AAEA,QAAI2B,kBAAkB,GAAGC,UAAU,CAAC,MAAM;AACxC,WAAK7B,WAAL,CAAiBC,GAAjB,EAAsBN,KAAtB;AACD,KAFkC,EAEhC8B,eAFgC,CAAnC,CAXgC,CAehC;;AACA,SAAKxC,KAAL,CAAWlB,cAAX,CAA0BkC,GAA1B,IAAiC2B,kBAAjC;AACD;;AAEDtC,EAAAA,wBAAwB,GAAG;AACzB,QAAIwC,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;;AACA,SAAI,IAAI9B,GAAR,IAAe6B,YAAf,EAA6B;AAC3B,UAAI,CAACV,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCO,YAArC,EAAmD7B,GAAnD,CAAL,EAA8D;AAC5D;AACD;;AACD,UAAIN,KAAK,GAAGmC,YAAY,CAAC7B,GAAD,CAAxB;AACA,WAAKuB,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACD;AACF,GA/JwD,CAiKzD;;;AACAqC,EAAAA,0BAA0B,GAAG;AAC3B,SAAKxC,0BAAL;AACA,SAAKF,wBAAL;AACD;;AAED2C,EAAAA,GAAG,CAAChC,GAAD,EAAMN,KAAN,EAAoB;AACrB,QAAImC,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,8BAAcpC,KAAd;AACAmC,IAAAA,YAAY,CAAC7B,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAKxC,OAAL,CAAa+E,UAAb,CAAwBJ,YAAxB;AACA,SAAKxB,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,SAAK6B,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACD;;AAEDwC,EAAAA,OAAO,CAAClC,GAAD,EAAM;AACX,QAAI6B,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,WAAOD,YAAY,CAAC7B,GAAD,CAAnB;AACD;;AAEQ,QAAHmC,GAAG,CAACnC,GAAD,EAAM;AACb,WAAO,KAAKkC,OAAL,CAAalC,GAAb,CAAP;AACD;;AAEDoC,EAAAA,aAAa,GAAW;AACtB,UAAMC,MAAM,GAAG,EAAf;AACA,UAAMR,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAArB;AACA,uBAAYD,YAAZ,EAA0Bd,OAA1B,CAAkCf,GAAG,IAAI;AACvC,YAAMN,KAAK,GAAGmC,YAAY,CAAC7B,GAAD,CAA1B;;AACA,UAAI,0BAAcN,KAAd,CAAJ,EAA0B;AACxB2C,QAAAA,MAAM,CAACC,WAAP,GAAqB5C,KAArB;AACD,OAFD,MAEO,IAAI,sBAAUA,KAAV,CAAJ,EAAsB;AAC3B2C,QAAAA,MAAM,CAACE,OAAP,GAAiB7C,KAAjB;AACD,OAFM,MAEA,IAAI,2BAAeA,KAAf,CAAJ,EAA2B;AAChC2C,QAAAA,MAAM,CAACG,YAAP,GAAsB9C,KAAtB;AACD;AACF,KATD;AAUA,WAAO2C,MAAP;AACD;;AAEc,QAATI,SAAS,GAAoB;AACjC,WAAO,KAAKL,aAAL,EAAP;AACD;;AAEDM,EAAAA,mBAAmB,CAACC,IAAD,EAA0B;AAAA;;AAC3C,UAAMd,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAArB;AACA,UAAM9B,GAAG,GAAG,mDAAY6B,YAAZ,kBAAiC7B,GAAG,IAAI;AAClD,YAAMN,KAAK,GAAGmC,YAAY,CAAC7B,GAAD,CAA1B;AACA,aAAQ,0BAAcN,KAAd,KAAwBiD,IAAI,KAAK,aAAlC,IACD,sBAAUjD,KAAV,KAAoBiD,IAAI,KAAK,SAD5B,IAED,2BAAejD,KAAf,KAAyBiD,IAAI,KAAK,cAFxC;AAGD,KALW,EAKT,CALS,CAAZ;AAMA,WAAO3C,GAAP;AACD;;AAEO4C,EAAAA,YAAY,CAAClD,KAAD,EAA0B;AAC5C,QAAI,0BAAcA,KAAd,CAAJ,EAA0B;AACxB,aAAO,aAAP;AACD;;AACD,QAAI,sBAAUA,KAAV,CAAJ,EAAsB;AACpB,aAAO,SAAP;AACD;;AACD,QAAG,2BAAeA,KAAf,CAAH,EAA0B;AACxB,aAAO,cAAP;AACD;;AACD,UAAM,IAAIrB,oBAAJ,CAAiB,oBAAjB,CAAN;AACD;;AAEDwE,EAAAA,SAAS,CACPR,MADO,EAEP;AACAS,EAAAA,aAHO,EAIPC,SAJO,EAKPC,cALO,EAMD;AACN,UAAMC,mBAAmB,GAAG,CAACjD,GAAD,EAAMN,KAAN,KAAgB;AAC1C,YAAMiD,IAAI,GAAG,KAAKC,YAAL,CAAkBlD,KAAlB,CAAb;;AACA,UAAIiD,IAAI,KAAK,aAAb,EAA4B;AAC1BG,QAAAA,aAAa,IAAIA,aAAa,CAAC9C,GAAD,EAAMN,KAAN,CAA9B;AACD,OAFD,MAEO,IAAIiD,IAAI,KAAK,SAAb,EAAwB;AAC7BI,QAAAA,SAAS,IAAIA,SAAS,CAAC/C,GAAD,EAAMN,KAAN,CAAtB;AACD,OAFM,MAEA,IAAIiD,IAAI,KAAK,cAAb,EAA6B;AAClCK,QAAAA,cAAc,IAAIA,cAAc,CAAChD,GAAD,EAAMN,KAAN,CAAhC;AACD;AACF,KATD;;AAUA,UAAMwD,WAAW,GAAG,CAAClD,GAAD,EAAMN,KAAN,KAAgB;AAClC,WAAKW,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,WAAK6B,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACAuD,MAAAA,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAKA,UAAMyD,aAAa,GAAG,CAACnD,GAAD,EAAMN,KAAN,EAAaU,QAAb,KAA0B;AAC9C,WAAKF,WAAL,CAAiBF,GAAjB,EAAsBN,KAAtB,EAA6BU,QAA7B;AACA,WAAKa,uBAAL,CAA6BjB,GAA7B;AACA,WAAKuB,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACAuD,MAAAA,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;AACD,KALD;;AAMA,UAAM0D,aAAa,GAAG,CAACpD,GAAD,EAAMN,KAAN,KAAgB;AACpC,WAAKuB,uBAAL,CAA6BjB,GAA7B;AACA,WAAKM,WAAL,CAAiBN,GAAjB,EAAsBN,KAAtB;AACAuD,MAAAA,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAMA,UAAM2D,KAAkB,GAAG,CAAC,SAAD,EAAY,aAAZ,EAA2B,cAA3B,CAA3B;AACA,UAAMC,cAAc,GAAG,KAAKlB,aAAL,EAAvB,CA7BM,CA+BN;;AACAiB,IAAAA,KAAK,CAACtC,OAAN,CAAe4B,IAAD,IAAU;AACtB,YAAMjD,KAAK,GAAG2C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIjD,KAAJ,EAAW;AACT,kCAAcA,KAAd,EAAqBiD,IAArB;AACD;AACF,KALD,EAhCM,CAuCN;;AACA,UAAMzF,OAAO,GAAG,qBAAAmG,KAAK,MAAL,CAAAA,KAAK,EAAQ,CAACnG,OAAD,EAAUyF,IAAV,KAAmB;AAC9C,YAAMjD,KAAK,GAAG2C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIjD,KAAJ,EAAW;AACT,cAAMrC,UAAU,GAAG,KAAKqF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;AACAzF,QAAAA,OAAO,CAACG,UAAD,CAAP,GAAsBqC,KAAtB;AACD;;AACD,aAAOxC,OAAP;AACD,KAPoB,EAOlB,EAPkB,CAArB;AAQA,SAAKA,OAAL,CAAa+E,UAAb,CAAwB/E,OAAxB,EAhDM,CAkDN;;AACAmG,IAAAA,KAAK,CAACtC,OAAN,CAAc4B,IAAI,IAAI;AACpB,YAAM3B,QAAQ,GAAGqB,MAAM,CAACM,IAAD,CAAvB;AACA,YAAMY,aAAa,GAAGD,cAAc,CAACX,IAAD,CAApC;AACA,YAAMtF,UAAU,GAAG,KAAKqF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;;AACA,UAAI3B,QAAQ,IAAIuC,aAAhB,EAA+B;AAAE;AAC/B;AACAH,QAAAA,aAAa,CAAC/F,UAAD,EAAakG,aAAb,CAAb;AACAL,QAAAA,WAAW,CAAC7F,UAAD,EAAa2D,QAAb,CAAX;AACAmC,QAAAA,aAAa,CAAC9F,UAAD,EAAa2D,QAAb,EAAuBuC,aAAvB,CAAb;AACD,OALD,MAKO,IAAIvC,QAAJ,EAAc;AAAE;AACrBkC,QAAAA,WAAW,CAAC7F,UAAD,EAAa2D,QAAb,CAAX;AACD,OAFM,MAEA,IAAIuC,aAAJ,EAAmB;AAAE;AAC1BH,QAAAA,aAAa,CAAC/F,UAAD,EAAakG,aAAb,CAAb;AACD;AACF,KAdD;AAeD;;AAEDC,EAAAA,MAAM,CAACxD,GAAD,EAAM;AACV;AACA,SAAKiB,uBAAL,CAA6BjB,GAA7B;AAEA,QAAI6B,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,QAAI2B,YAAY,GAAG5B,YAAY,CAAC7B,GAAD,CAA/B;AACA,WAAO6B,YAAY,CAAC7B,GAAD,CAAnB;AACA,SAAK9C,OAAL,CAAa+E,UAAb,CAAwBJ,YAAxB;AAEA,SAAKvB,WAAL,CAAiBN,GAAjB,EAAsByD,YAAtB;AACD,GAzTwD,CA2TzD;;;AACgB,QAAVC,UAAU,CAAChE,KAAD,EAAQ;AAAA;;AACtB,8BAAO,KAAKxB,GAAL,CAASwB,KAAhB,oDAAO,gBAAgBiE,KAAhB,CAAsBjE,KAAtB,CAAP;AACD,GA9TwD,CA+TzD;;;AACAkE,EAAAA,aAAa,CAAClE,KAAD,EAAe;AAC1B,WAAO,0BAAcA,KAAd,CAAP;AACD,GAlUwD,CAoUzD;;;AACAiE,EAAAA,KAAK,CAAC3D,GAAD,EAAkC;AACrC;AACA,QAAI,KAAKhB,KAAL,CAAWjB,YAAf,EAA6B;AAC3B,aAAO,KAAKiB,KAAL,CAAWjB,YAAlB;AACD;;AAED,QAAI;AACF,UAAI2B,KAAK,GAAG,KAAKwC,OAAL,CAAalC,GAAb,CAAZ;;AACA,UAAI,CAACN,KAAL,EAAY;AACV,cAAM,IAAIrB,oBAAJ,CAAiB,gDAAgD2B,GAAjE,CAAN;AACD;AACF,KALD,CAKE,OAAO6D,CAAP,EAAU;AACV,aAAO,iBAAQC,MAAR,CAAeD,CAAf,CAAP;AACD,KAboC,CAerC;;;AACA,SAAK5C,uBAAL,CAA6BjB,GAA7B,EAhBqC,CAkBrC;AACA;;AACA,SAAKhB,KAAL,CAAWjB,YAAX,GAA0B,KAAKG,GAAL,CAASwB,KAAT,CAAeqE,WAAf,GACvBC,IADuB,CAClB3B,MAAM,IAAI;AACd,WAAKQ,SAAL,CAAeR,MAAf,EADc,CAGd;;AACA,YAAM4B,SAAS,GAAG,KAAKrB,YAAL,CAAkBlD,KAAlB,CAAlB;AACA,aAAO2C,MAAM,CAAC4B,SAAD,CAAb;AACD,KAPuB,EAQvBC,KARuB,CAQjBC,GAAG,IAAI;AACZ;AACA,WAAKX,MAAL,CAAYxD,GAAZ;AACAmE,MAAAA,GAAG,CAACC,QAAJ,GAAepE,GAAf;AACA,WAAKO,SAAL,CAAe4D,GAAf;AACA,YAAMA,GAAN;AACD,KAduB,EAevBE,OAfuB,CAef,MAAM;AACb;AACA,WAAKrF,KAAL,CAAWjB,YAAX,GAA0B,IAA1B;AACD,KAlBuB,CAA1B;AAoBA,WAAO,KAAKiB,KAAL,CAAWjB,YAAlB;AACD;;AAEDuG,EAAAA,KAAK,GAAG;AACN,SAAK/E,0BAAL;AACA,SAAKrC,OAAL,CAAaqH,YAAb;AACD;;AAEDtH,EAAAA,wBAAwB,GAAG;AACzB,UAAMoF,MAAM,GAAG,KAAKD,aAAL,EAAf;AACA,uBAAYC,MAAZ,EAAoBtB,OAApB,CAA4Bf,GAAG,IAAI;AACjC,UAAIqC,MAAM,CAACrC,GAAD,CAAN,CAAYwE,aAAhB,EAA+B;AAC9B,aAAKhB,MAAL,CAAYxD,GAAZ;AACA;AACF,KAJD;AAKD;;AAEDa,EAAAA,yBAAyB,CAAC4D,KAAD,EAAQ;AAC/B,QAAIpC,MAAJ;;AACA,QAAI;AACFA,MAAAA,MAAM,GAAGqC,IAAI,CAACC,KAAL,CAAWF,KAAX,KAAqB,EAA9B;AACD,KAFD,CAEE,OAAOZ,CAAP,EAAU;AACVxB,MAAAA,MAAM,GAAG,EAAT;AACD;;AACD,WAAOA,MAAP;AACD;;AAEDuC,EAAAA,kBAAkB,CAAClF,KAAD,EAAsB;AACtC,UAAMM,GAAG,GAAG,KAAK0C,mBAAL,CAAyB,cAAzB,KAA4CmC,oCAAxD,CADsC,CAGtC;;;AACA,QAAIhD,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,8BAAcpC,KAAd;AACAmC,IAAAA,YAAY,CAAC7B,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAKxC,OAAL,CAAa+E,UAAb,CAAwBJ,YAAxB;AACD;;AAEDiD,EAAAA,qBAAqB,GAAG;AACtB,UAAMzC,MAAM,GAAG,KAAKD,aAAL,EAAf;AACA,uBAAYC,MAAZ,EAAoBtB,OAApB,CAA4Bf,GAAG,IAAI;AACjCqC,MAAAA,MAAM,CAACrC,GAAD,CAAN,CAAYwE,aAAZ,GAA4B,IAA5B;AACD,KAFD;AAGA,SAAK3B,SAAL,CAAeR,MAAf;AACD;;AAxZwD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from './util';\nimport { AuthSdkError } from './errors';\nimport { validateToken } from './oidc/util';\nimport { isLocalhost, isIE11OrLess } from './features';\nimport SdkClock from './clock';\nimport {\n EventEmitter,\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n StorageOptions,\n StorageType,\n OktaAuthInterface,\n StorageProvider,\n TokenManagerErrorEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken,\n AccessTokenCallback,\n IDTokenCallback,\n RefreshTokenCallback\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY, TOKEN_STORAGE_NAME } from './constants';\n\nconst DEFAULT_OPTIONS = {\n // TODO: remove in next major version - OKTA-473815\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n // --- //\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME,\n _storageEventDelay: 0\n};\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token | undefined> | null;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuthInterface;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n\n on: (event: string, handler: TokenManagerErrorEventHandler | TokenManagerEventHandler, context?: object) => void;\n off: (event: string, handler?: TokenManagerErrorEventHandler | TokenManagerEventHandler) => void;\n\n // eslint-disable-next-line complexity\n constructor(sdk: OktaAuthInterface, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n \n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (isIE11OrLess()) {\n options._storageEventDelay = options._storageEventDelay || 1000;\n }\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n\n this.on = this.emitter.on.bind(this.emitter);\n this.off = this.emitter.off.bind(this.emitter);\n }\n\n start() {\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.setExpireEventTimeoutAll();\n }\n \n stop() {\n this.clearExpireEventTimeoutAll();\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n var expireTime = token.expiresAt - expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n emitEventsForCrossTabsStorageUpdate(newValue, oldValue) {\n const oldTokens = this.getTokensFromStorageValue(oldValue);\n const newTokens = this.getTokensFromStorageValue(newValue);\n Object.keys(newTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (JSON.stringify(oldToken) !== JSON.stringify(newToken)) {\n this.emitAdded(key, newToken);\n }\n });\n Object.keys(oldTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (!newToken) {\n this.emitRemoved(key, oldToken);\n }\n });\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key) {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key) {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: AccessTokenCallback, \n idTokenCb?: IDTokenCallback,\n refreshTokenCb?: RefreshTokenCallback\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n \n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token?.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token | undefined> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n \n try {\n var token = this.getSync(key);\n if (!token) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n } catch (e) {\n return Promise.reject(e);\n }\n \n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token from storage and emit error\n this.remove(key);\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return this.state.renewPromise;\n }\n \n clear() {\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n }\n\n clearPendingRemoveTokens() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n if (tokens[key].pendingRemove) {\n this.remove(key);\n }\n });\n }\n \n getTokensFromStorageValue(value) {\n let tokens;\n try {\n tokens = JSON.parse(value) || {};\n } catch (e) {\n tokens = {};\n }\n return tokens;\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n"],"file":"TokenManager.js"}