@okta/okta-auth-js 6.3.0 → 6.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (156) hide show
  1. package/CHANGELOG.md +40 -0
  2. package/README.md +6 -0
  3. package/cjs/AuthStateManager.js +1 -0
  4. package/cjs/AuthStateManager.js.map +1 -1
  5. package/cjs/OktaAuth.js +10 -11
  6. package/cjs/OktaAuth.js.map +1 -1
  7. package/cjs/OktaUserAgent.js +2 -2
  8. package/cjs/TokenManager.js.map +1 -1
  9. package/cjs/TransactionManager.js +3 -3
  10. package/cjs/TransactionManager.js.map +1 -1
  11. package/cjs/crypto/verifyToken.js +2 -1
  12. package/cjs/crypto/verifyToken.js.map +1 -1
  13. package/cjs/errors/AuthApiError.js.map +1 -1
  14. package/cjs/errors/OAuthError.js +7 -1
  15. package/cjs/errors/OAuthError.js.map +1 -1
  16. package/cjs/fetch/fetchRequest.js +17 -3
  17. package/cjs/fetch/fetchRequest.js.map +1 -1
  18. package/cjs/http/request.js +7 -3
  19. package/cjs/http/request.js.map +1 -1
  20. package/cjs/idx/idxState/index.js +55 -0
  21. package/cjs/idx/idxState/index.js.map +1 -0
  22. package/cjs/idx/{idx-js → idxState}/v1/actionParser.js +1 -0
  23. package/cjs/idx/idxState/v1/actionParser.js.map +1 -0
  24. package/cjs/idx/{idx-js → idxState}/v1/generateIdxAction.js +43 -30
  25. package/cjs/idx/idxState/v1/generateIdxAction.js.map +1 -0
  26. package/cjs/idx/{idx-js → idxState}/v1/idxResponseParser.js +8 -8
  27. package/cjs/idx/idxState/v1/idxResponseParser.js.map +1 -0
  28. package/cjs/idx/{idx-js → idxState}/v1/makeIdxState.js +3 -2
  29. package/cjs/idx/idxState/v1/makeIdxState.js.map +1 -0
  30. package/cjs/idx/{idx-js → idxState}/v1/parsers.js +1 -0
  31. package/cjs/idx/idxState/v1/parsers.js.map +1 -0
  32. package/cjs/idx/{idx-js → idxState}/v1/remediationParser.js +4 -2
  33. package/cjs/idx/idxState/v1/remediationParser.js.map +1 -0
  34. package/cjs/idx/interact.js +42 -21
  35. package/cjs/idx/interact.js.map +1 -1
  36. package/cjs/idx/introspect.js +37 -12
  37. package/cjs/idx/introspect.js.map +1 -1
  38. package/cjs/idx/remediate.js +57 -135
  39. package/cjs/idx/remediate.js.map +1 -1
  40. package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
  41. package/cjs/idx/remediators/AuthenticatorVerificationData.js +7 -6
  42. package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
  43. package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
  44. package/cjs/idx/remediators/Base/Remediator.js +12 -2
  45. package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
  46. package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  47. package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  48. package/cjs/idx/remediators/ChallengeAuthenticator.js.map +1 -1
  49. package/cjs/idx/remediators/EnrollAuthenticator.js.map +1 -1
  50. package/cjs/idx/remediators/EnrollPoll.js.map +1 -1
  51. package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
  52. package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -1
  53. package/cjs/idx/remediators/Identify.js.map +1 -1
  54. package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
  55. package/cjs/idx/remediators/ResetAuthenticator.js.map +1 -1
  56. package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
  57. package/cjs/idx/remediators/SelectAuthenticatorEnroll.js.map +1 -1
  58. package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js.map +1 -1
  59. package/cjs/idx/remediators/SelectEnrollProfile.js.map +1 -1
  60. package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -1
  61. package/cjs/idx/remediators/Skip.js.map +1 -1
  62. package/cjs/idx/run.js +16 -12
  63. package/cjs/idx/run.js.map +1 -1
  64. package/cjs/idx/types/idx-js.js +2 -0
  65. package/cjs/idx/types/idx-js.js.map +1 -1
  66. package/cjs/idx/types/index.js +0 -138
  67. package/cjs/idx/types/index.js.map +1 -1
  68. package/cjs/idx/util.js +127 -5
  69. package/cjs/idx/util.js.map +1 -1
  70. package/cjs/server/serverStorage.js +1 -0
  71. package/cjs/server/serverStorage.js.map +1 -1
  72. package/cjs/tx/AuthTransaction.js.map +1 -1
  73. package/cjs/types/Token.js +0 -1
  74. package/cjs/types/Token.js.map +1 -1
  75. package/cjs/util/object.js.map +1 -1
  76. package/cjs/util/types.js.map +1 -1
  77. package/dist/okta-auth-js.min.js +1 -1
  78. package/dist/okta-auth-js.min.js.map +1 -1
  79. package/dist/okta-auth-js.umd.js +1 -1
  80. package/dist/okta-auth-js.umd.js.map +1 -1
  81. package/esm/esm.browser.js +711 -895
  82. package/esm/esm.browser.js.map +1 -1
  83. package/esm/esm.node.mjs +619 -740
  84. package/esm/esm.node.mjs.map +1 -1
  85. package/lib/TokenManager.d.ts +2 -2
  86. package/lib/errors/OAuthError.d.ts +2 -0
  87. package/lib/idx/flow/RemediationFlow.d.ts +2 -2
  88. package/lib/idx/idxState/index.d.ts +7 -0
  89. package/lib/idx/{idx-js → idxState}/v1/actionParser.d.ts +0 -0
  90. package/lib/idx/{idx-js → idxState}/v1/generateIdxAction.d.ts +3 -1
  91. package/lib/idx/{idx-js → idxState}/v1/idxResponseParser.d.ts +3 -2
  92. package/lib/idx/{idx-js → idxState}/v1/makeIdxState.d.ts +3 -2
  93. package/lib/idx/{idx-js → idxState}/v1/parsers.d.ts +0 -0
  94. package/lib/idx/{idx-js → idxState}/v1/remediationParser.d.ts +2 -1
  95. package/lib/idx/interact.d.ts +22 -0
  96. package/lib/idx/remediate.d.ts +9 -12
  97. package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +1 -2
  98. package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +3 -3
  99. package/lib/idx/remediators/Base/AuthenticatorData.d.ts +3 -4
  100. package/lib/idx/remediators/Base/Remediator.d.ts +8 -4
  101. package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +2 -3
  102. package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +3 -4
  103. package/lib/idx/remediators/ChallengeAuthenticator.d.ts +1 -2
  104. package/lib/idx/remediators/EnrollAuthenticator.d.ts +1 -2
  105. package/lib/idx/remediators/EnrollPoll.d.ts +1 -2
  106. package/lib/idx/remediators/EnrollProfile.d.ts +1 -2
  107. package/lib/idx/remediators/EnrollmentChannelData.d.ts +1 -2
  108. package/lib/idx/remediators/Identify.d.ts +1 -2
  109. package/lib/idx/remediators/ReEnrollAuthenticator.d.ts +1 -2
  110. package/lib/idx/remediators/ResetAuthenticator.d.ts +1 -2
  111. package/lib/idx/remediators/SelectAuthenticatorAuthenticate.d.ts +1 -2
  112. package/lib/idx/remediators/SelectAuthenticatorEnroll.d.ts +1 -2
  113. package/lib/idx/remediators/SelectAuthenticatorUnlockAccount.d.ts +1 -2
  114. package/lib/idx/remediators/SelectEnrollProfile.d.ts +1 -2
  115. package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +1 -2
  116. package/lib/idx/remediators/Skip.d.ts +1 -2
  117. package/lib/idx/types/idx-js.d.ts +5 -2
  118. package/lib/idx/types/index.d.ts +26 -17
  119. package/lib/idx/util.d.ts +7 -4
  120. package/lib/types/EventEmitter.d.ts +3 -3
  121. package/lib/types/Service.d.ts +6 -6
  122. package/lib/types/Storage.d.ts +6 -6
  123. package/lib/types/TokenManager.d.ts +5 -2
  124. package/lib/types/UserClaims.d.ts +1 -1
  125. package/lib/util/types.d.ts +1 -1
  126. package/package.json +9 -10
  127. package/cjs/idx/headers.js +0 -59
  128. package/cjs/idx/headers.js.map +0 -1
  129. package/cjs/idx/idx-js/client.js +0 -91
  130. package/cjs/idx/idx-js/client.js.map +0 -1
  131. package/cjs/idx/idx-js/index.js +0 -40
  132. package/cjs/idx/idx-js/index.js.map +0 -1
  133. package/cjs/idx/idx-js/interact.js +0 -83
  134. package/cjs/idx/idx-js/interact.js.map +0 -1
  135. package/cjs/idx/idx-js/introspect.js +0 -62
  136. package/cjs/idx/idx-js/introspect.js.map +0 -1
  137. package/cjs/idx/idx-js/parsers.js +0 -41
  138. package/cjs/idx/idx-js/parsers.js.map +0 -1
  139. package/cjs/idx/idx-js/util.js +0 -34
  140. package/cjs/idx/idx-js/util.js.map +0 -1
  141. package/cjs/idx/idx-js/v1/actionParser.js.map +0 -1
  142. package/cjs/idx/idx-js/v1/generateIdxAction.js.map +0 -1
  143. package/cjs/idx/idx-js/v1/idxResponseParser.js.map +0 -1
  144. package/cjs/idx/idx-js/v1/makeIdxState.js.map +0 -1
  145. package/cjs/idx/idx-js/v1/parsers.js.map +0 -1
  146. package/cjs/idx/idx-js/v1/remediationParser.js.map +0 -1
  147. package/cjs/options.js +0 -170
  148. package/cjs/options.js.map +0 -1
  149. package/lib/idx/headers.d.ts +0 -16
  150. package/lib/idx/idx-js/client.d.ts +0 -36
  151. package/lib/idx/idx-js/index.d.ts +0 -35
  152. package/lib/idx/idx-js/interact.d.ts +0 -25
  153. package/lib/idx/idx-js/introspect.d.ts +0 -21
  154. package/lib/idx/idx-js/parsers.d.ts +0 -15
  155. package/lib/idx/idx-js/util.d.ts +0 -12
  156. package/lib/options.d.ts +0 -14
package/cjs/TransactionManager.js CHANGED
@@ -336,13 +336,13 @@ class TransactionManager {
336
336
  return null;
337
337
  }
338
338
 
339
- const idxResponse = storage.getStorage();
339
+ const storedValue = storage.getStorage();
340
340
 
341
- if (!(0, _idxJs.isRawIdxResponse)(idxResponse)) {
341
+ if (!storedValue || !(0, _idxJs.isRawIdxResponse)(storedValue.rawIdxResponse)) {
342
342
  return null;
343
343
  }
344
344
 
345
- return idxResponse;
345
+ return storedValue;
346
346
  }
347
347
 
348
348
  clearIdxResponse() {
package/cjs/TransactionManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","saveLastResponse","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearIdxResponse","clearSharedStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","undefined","getLegacyOAuthParamsStorage","saveIdxResponse","rawIdxResponse","requestDidSucceed","getIdxResponseStorage","loadIdxResponse","idxResponse"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAEA;;AAYA;;AACA;;AACA;;AA9BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA8Be,MAAMA,kBAAN,CAAyB;AAUtCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C;AACA,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,gBAAL,GAAwBP,OAAO,CAACO,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKP,OAAL,GAAeA,OAAf;AACD,GApBqC,CAsBtC;;;AACAQ,EAAAA,KAAK,CAACR,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMS,kBAAmC,GAAG,KAAKR,cAAL,CAAoBS,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,SAAKC,gBAAL,GAR+C,CAU/C;;AACA,QAAI,KAAKR,mBAAL,IAA4BN,OAAO,CAACe,kBAAR,KAA+B,KAA/D,EAAsE;AACpE,YAAMC,KAAK,GAAGhB,OAAO,CAACgB,KAAR,KAAiBL,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEK,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKf,cAAvC,EAAuDe,KAAvD;AACD;AACF;;AAED,QAAI,CAAC,KAAKd,mBAAV,EAA+B;AAC7B;AACD,KApB8C,CAsB/C;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GArDqC,CAuDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBX,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIsB,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACvB,OAAO,CAACwB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKL,mBAAL,IAA4BK,IAAI,CAACK,KAArC,EAA4C;AAC1C,yDAA+B,KAAKf,cAApC,EAAoDU,IAAI,CAACK,KAAzD,EAAgEL,IAAhE;AACD;;AAED,QAAI,CAACX,OAAO,CAACiB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKd,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMqB,aAA4B,GAAG,KAAKzB,cAAL,CAAoBW,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKtB,gBAAT,EAA2B;AACzB,cAAM;AACJuB,UAAAA,YADI;AAEJZ,UAAAA,KAFI;AAGJa,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBZ,UAAAA,KAFkB;AAGlBa,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkD,wBAAeF,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK/B,eAAL,IAAwBQ,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBE,qCAAtB,EAAkD1B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKzB,eAAL,IAAwBO,IAAI,CAACK,KAAjC,EAAwC;AACtC;AACAU,QAAAA,aAAa,CAACS,OAAd,CAAsBG,qCAAtB,EAAkD3B,IAAI,CAACK,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDuB,EAAAA,MAAM,CAACvC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMW,IAAI,GAAG,KAAK6B,IAAL,CAAUxC,OAAV,CAAb;AACA,aAAO,CAAC,CAACW,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GA/HqC,CAiItC;AACA;;;AACA6B,EAAAA,IAAI,CAACxC,OAA+B,GAAG,EAAnC,EAA+D;AAEjE,QAAIW,IAAJ,CAFiE,CAIjE;;AACA,QAAI,KAAKL,mBAAL,IAA4BN,OAAO,CAACgB,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKf,cAAxB,EAD6C,CACJ;;AACzCU,MAAAA,IAAI,GAAG,qDAAiC,KAAKV,cAAtC,EAAsDD,OAAO,CAACgB,KAA9D,CAAP;;AACA,UAAI,8BAAkBL,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKT,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtBgE,CAwBjE;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKO,qBAAL,EAApB;AACA,6BAAc9B,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAMuB,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACA,6BAAchC,IAAd,EAAoB+B,QAApB;AACD,OAHD,SAGU;AACR,aAAKtB,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAlLqC,CAoLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,cAAc,GAAwB;AACpC,QAAIrB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;AAC3B,eAAOxB,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;AAC3B,eAAOxB,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAIyB,oBAAJ,CAAiB,yJAAjB,EAA4KC,SAA5K,CAAN;AACD;;AAED/B,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED4B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAInB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIc,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDG,EAAAA,eAAe,CAAC;AAAEC,IAAAA,cAAF;AAAkBC,IAAAA;AAAlB,GAAD,EAAgE;AAC7E,QAAI,CAAC,KAAK9C,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,qBAApB,EAAhB;;AACA,QAAI,CAAChC,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB;AAAE2B,MAAAA,cAAF;AAAkBC,MAAAA;AAAlB,KAAnB;AACD;;AAEDE,EAAAA,eAAe,GAA4B;AACzC,QAAI,CAAC,KAAKhD,gBAAV,EAA4B;AAC1B,aAAO,IAAP;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,qBAApB,EAAhB;;AACA,QAAI,CAAChC,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMkC,WAAW,GAAGlC,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC,6BAAiB4C,WAAjB,CAAL,EAAoC;AAClC,aAAO,IAAP;AACD;;AACD,WAAOA,WAAP;AACD;;AAED1C,EAAAA,gBAAgB,GAAS;AACvB,QAAI,CAAC,KAAKP,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,qBAApB,EAAhB;AACAhC,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AA7SqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport { StorageManager } from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage,\n SavedIdxResponse\n} from './types';\nimport { isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n clearSharedStorage?: boolean;\n}\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n enableSharedStorage: boolean;\n saveLastResponse: boolean;\n\n constructor(options: TransactionManagerOptions) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.storageManager = options.storageManager!;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.saveLastResponse = options.saveLastResponse === false ? false : true;\n this.options = options;\n }\n\n // eslint-disable-next-line complexity\n clear(options: ClearTransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n const meta = transactionStorage.getStorage();\n\n // Clear primary storage (by default, sessionStorage on browser)\n transactionStorage.clearStorage();\n\n // clear IDX response storage\n this.clearIdxResponse();\n\n // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow\n if (this.enableSharedStorage && options.clearSharedStorage !== false) {\n const state = options.state || meta?.state;\n if (state) {\n clearTransactionFromSharedStorage(this.storageManager, state);\n }\n }\n \n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n\n if (!options.oauth) {\n return;\n }\n \n // Legacy cookie storage\n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta | null {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n \n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse({ rawIdxResponse, requestDidSucceed }: SavedIdxResponse): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage({ rawIdxResponse, requestDidSucceed });\n }\n\n loadIdxResponse(): SavedIdxResponse | null {\n if (!this.saveLastResponse) {\n return null;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const idxResponse = storage.getStorage();\n if (!isRawIdxResponse(idxResponse)) {\n return null;\n }\n return idxResponse;\n }\n\n clearIdxResponse(): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n storage?.clearStorage();\n }\n}"],"file":"TransactionManager.js"}
1
+ {"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","saveLastResponse","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearIdxResponse","clearSharedStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","undefined","getLegacyOAuthParamsStorage","saveIdxResponse","rawIdxResponse","requestDidSucceed","getIdxResponseStorage","loadIdxResponse","storedValue"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAEA;;AAYA;;AACA;;AACA;;AA9BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA8Be,MAAMA,kBAAN,CAAyB;AAUtCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C;AACA,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,gBAAL,GAAwBP,OAAO,CAACO,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKP,OAAL,GAAeA,OAAf;AACD,GApBqC,CAsBtC;;;AACAQ,EAAAA,KAAK,CAACR,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMS,kBAAmC,GAAG,KAAKR,cAAL,CAAoBS,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,SAAKC,gBAAL,GAR+C,CAU/C;;AACA,QAAI,KAAKR,mBAAL,IAA4BN,OAAO,CAACe,kBAAR,KAA+B,KAA/D,EAAsE;AACpE,YAAMC,KAAK,GAAGhB,OAAO,CAACgB,KAAR,KAAiBL,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEK,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKf,cAAvC,EAAuDe,KAAvD;AACD;AACF;;AAED,QAAI,CAAC,KAAKd,mBAAV,EAA+B;AAC7B;AACD,KApB8C,CAsB/C;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GArDqC,CAuDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBX,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIsB,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACvB,OAAO,CAACwB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKL,mBAAL,IAA4BK,IAAI,CAACK,KAArC,EAA4C;AAC1C,yDAA+B,KAAKf,cAApC,EAAoDU,IAAI,CAACK,KAAzD,EAAgEL,IAAhE;AACD;;AAED,QAAI,CAACX,OAAO,CAACiB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKd,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMqB,aAA4B,GAAG,KAAKzB,cAAL,CAAoBW,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKtB,gBAAT,EAA2B;AACzB,cAAM;AACJuB,UAAAA,YADI;AAEJZ,UAAAA,KAFI;AAGJa,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBZ,UAAAA,KAFkB;AAGlBa,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkD,wBAAeF,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK/B,eAAL,IAAwBQ,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBE,qCAAtB,EAAkD1B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKzB,eAAL,IAAwBO,IAAI,CAACK,KAAjC,EAAwC;AACtC;AACAU,QAAAA,aAAa,CAACS,OAAd,CAAsBG,qCAAtB,EAAkD3B,IAAI,CAACK,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDuB,EAAAA,MAAM,CAACvC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMW,IAAI,GAAG,KAAK6B,IAAL,CAAUxC,OAAV,CAAb;AACA,aAAO,CAAC,CAACW,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GA/HqC,CAiItC;AACA;;;AACA6B,EAAAA,IAAI,CAACxC,OAA+B,GAAG,EAAnC,EAA+D;AAEjE,QAAIW,IAAJ,CAFiE,CAIjE;;AACA,QAAI,KAAKL,mBAAL,IAA4BN,OAAO,CAACgB,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKf,cAAxB,EAD6C,CACJ;;AACzCU,MAAAA,IAAI,GAAG,qDAAiC,KAAKV,cAAtC,EAAsDD,OAAO,CAACgB,KAA9D,CAAP;;AACA,UAAI,8BAAkBL,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKT,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtBgE,CAwBjE;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKO,qBAAL,EAApB;AACA,6BAAc9B,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAMuB,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACA,6BAAchC,IAAd,EAAoB+B,QAApB;AACD,OAHD,SAGU;AACR,aAAKtB,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAlLqC,CAoLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,cAAc,GAAwB;AACpC,QAAIrB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;AAC3B,eAAOxB,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;AAC3B,eAAOxB,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAIyB,oBAAJ,CAAiB,yJAAjB,EAA4KC,SAA5K,CAAN;AACD;;AAED/B,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED4B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAInB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIc,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDG,EAAAA,eAAe,CAAC;AAAEC,IAAAA,cAAF;AAAkBC,IAAAA;AAAlB,GAAD,EAAgE;AAC7E,QAAI,CAAC,KAAK9C,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,qBAApB,EAAhB;;AACA,QAAI,CAAChC,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB;AAAE2B,MAAAA,cAAF;AAAkBC,MAAAA;AAAlB,KAAnB;AACD;;AAEDE,EAAAA,eAAe,GAA4B;AACzC,QAAI,CAAC,KAAKhD,gBAAV,EAA4B;AAC1B,aAAO,IAAP;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,qBAApB,EAAhB;;AACA,QAAI,CAAChC,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMkC,WAAW,GAAGlC,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC4C,WAAD,IAAgB,CAAC,6BAAiBA,WAAW,CAACJ,cAA7B,CAArB,EAAmE;AACjE,aAAO,IAAP;AACD;;AACD,WAAOI,WAAP;AACD;;AAED1C,EAAAA,gBAAgB,GAAS;AACvB,QAAI,CAAC,KAAKP,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,qBAApB,EAAhB;AACAhC,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AA7SqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport { StorageManager } from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage,\n SavedIdxResponse\n} from './types';\nimport { isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n clearSharedStorage?: boolean;\n}\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n enableSharedStorage: boolean;\n saveLastResponse: boolean;\n\n constructor(options: TransactionManagerOptions) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.storageManager = options.storageManager!;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.saveLastResponse = options.saveLastResponse === false ? false : true;\n this.options = options;\n }\n\n // eslint-disable-next-line complexity\n clear(options: ClearTransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n const meta = transactionStorage.getStorage();\n\n // Clear primary storage (by default, sessionStorage on browser)\n transactionStorage.clearStorage();\n\n // clear IDX response storage\n this.clearIdxResponse();\n\n // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow\n if (this.enableSharedStorage && options.clearSharedStorage !== false) {\n const state = options.state || meta?.state;\n if (state) {\n clearTransactionFromSharedStorage(this.storageManager, state);\n }\n }\n \n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n\n if (!options.oauth) {\n return;\n }\n \n // Legacy cookie storage\n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta | null {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n \n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse({ rawIdxResponse, requestDidSucceed }: SavedIdxResponse): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage({ rawIdxResponse, requestDidSucceed });\n }\n\n loadIdxResponse(): SavedIdxResponse | null {\n if (!this.saveLastResponse) {\n return null;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const storedValue = storage.getStorage();\n if (!storedValue || !isRawIdxResponse(storedValue.rawIdxResponse)) {\n return null;\n }\n return storedValue;\n }\n\n clearIdxResponse(): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n storage?.clearStorage();\n }\n}"],"file":"TransactionManager.js"}
package/cjs/crypto/verifyToken.js CHANGED
@@ -33,7 +33,8 @@ function verifyToken(idToken, key) {
33
33
  // This is a metadata tag that specifies the intent of how the key should be used.
34
34
  // It's not necessary to properly verify the jwt's signature.
35
35
 
36
- delete key.use; // @ts-ignore
36
+ delete key.use; // eslint-disable-next-line @typescript-eslint/ban-ts-comment
37
+ // @ts-ignore
37
38
 
38
39
  return _webcrypto.webcrypto.subtle.importKey(format, key, algo, extractable, usages).then(function (cryptoKey) {
39
40
  var jwt = idToken.split('.');
package/cjs/crypto/verifyToken.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/crypto/verifyToken.ts"],"names":["verifyToken","idToken","key","format","algo","name","hash","extractable","usages","use","webcrypto","subtle","importKey","then","cryptoKey","jwt","split","payload","b64Signature","signature","verify"],"mappings":";;;;AAYA;;AACA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,WAAT,CAAqBC,OAArB,EAA8BC,GAA9B,EAAmC;AACxCA,EAAAA,GAAG,GAAG,iBAAMA,GAAN,CAAN;AAEA,MAAIC,MAAM,GAAG,KAAb;AACA,MAAIC,IAAI,GAAG;AACTC,IAAAA,IAAI,EAAE,mBADG;AAETC,IAAAA,IAAI,EAAE;AAAED,MAAAA,IAAI,EAAE;AAAR;AAFG,GAAX;AAIA,MAAIE,WAAW,GAAG,IAAlB;AACA,MAAIC,MAAM,GAAG,CAAC,QAAD,CAAb,CATwC,CAWxC;AACA;AACA;;AACA,SAAON,GAAG,CAACO,GAAX,CAdwC,CAgBxC;;AACA,SAAOC,qBAAUC,MAAV,CAAiBC,SAAjB,CACLT,MADK,EAELD,GAFK,EAGLE,IAHK,EAILG,WAJK,EAKLC,MALK,EAONK,IAPM,CAOD,UAASC,SAAT,EAAoB;AACxB,QAAIC,GAAG,GAAGd,OAAO,CAACe,KAAR,CAAc,GAAd,CAAV;AACA,QAAIC,OAAO,GAAG,0BAAeF,GAAG,CAAC,CAAD,CAAH,GAAS,GAAT,GAAeA,GAAG,CAAC,CAAD,CAAjC,CAAd;AACA,QAAIG,YAAY,GAAG,2BAAgBH,GAAG,CAAC,CAAD,CAAnB,CAAnB;AACA,QAAII,SAAS,GAAG,0BAAeD,YAAf,CAAhB;AAEA,WAAOR,qBAAUC,MAAV,CAAiBS,MAAjB,CACLhB,IADK,EAELU,SAFK,EAGLK,SAHK,EAILF,OAJK,CAAP;AAMD,GAnBM,CAAP;AAoBD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { clone } from '../util';\nimport { stringToBuffer, base64UrlDecode } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function verifyToken(idToken, key) {\n key = clone(key);\n\n var format = 'jwk';\n var algo = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: { name: 'SHA-256' }\n };\n var extractable = true;\n var usages = ['verify'];\n\n // https://connect.microsoft.com/IE/feedback/details/2242108/webcryptoapi-importing-jwk-with-use-field-fails\n // This is a metadata tag that specifies the intent of how the key should be used.\n // It's not necessary to properly verify the jwt's signature.\n delete key.use;\n\n // @ts-ignore\n return webcrypto.subtle.importKey(\n format,\n key,\n algo,\n extractable,\n usages\n )\n .then(function(cryptoKey) {\n var jwt = idToken.split('.');\n var payload = stringToBuffer(jwt[0] + '.' + jwt[1]);\n var b64Signature = base64UrlDecode(jwt[2]);\n var signature = stringToBuffer(b64Signature);\n\n return webcrypto.subtle.verify(\n algo,\n cryptoKey,\n signature,\n payload\n );\n });\n}\n\n"],"file":"verifyToken.js"}
1
+ {"version":3,"sources":["../../../lib/crypto/verifyToken.ts"],"names":["verifyToken","idToken","key","format","algo","name","hash","extractable","usages","use","webcrypto","subtle","importKey","then","cryptoKey","jwt","split","payload","b64Signature","signature","verify"],"mappings":";;;;AAYA;;AACA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,WAAT,CAAqBC,OAArB,EAA8BC,GAA9B,EAAmC;AACxCA,EAAAA,GAAG,GAAG,iBAAMA,GAAN,CAAN;AAEA,MAAIC,MAAM,GAAG,KAAb;AACA,MAAIC,IAAI,GAAG;AACTC,IAAAA,IAAI,EAAE,mBADG;AAETC,IAAAA,IAAI,EAAE;AAAED,MAAAA,IAAI,EAAE;AAAR;AAFG,GAAX;AAIA,MAAIE,WAAW,GAAG,IAAlB;AACA,MAAIC,MAAM,GAAG,CAAC,QAAD,CAAb,CATwC,CAWxC;AACA;AACA;;AACA,SAAON,GAAG,CAACO,GAAX,CAdwC,CAgBxC;AACA;;AACA,SAAOC,qBAAUC,MAAV,CAAiBC,SAAjB,CACLT,MADK,EAELD,GAFK,EAGLE,IAHK,EAILG,WAJK,EAKLC,MALK,EAONK,IAPM,CAOD,UAASC,SAAT,EAAoB;AACxB,QAAIC,GAAG,GAAGd,OAAO,CAACe,KAAR,CAAc,GAAd,CAAV;AACA,QAAIC,OAAO,GAAG,0BAAeF,GAAG,CAAC,CAAD,CAAH,GAAS,GAAT,GAAeA,GAAG,CAAC,CAAD,CAAjC,CAAd;AACA,QAAIG,YAAY,GAAG,2BAAgBH,GAAG,CAAC,CAAD,CAAnB,CAAnB;AACA,QAAII,SAAS,GAAG,0BAAeD,YAAf,CAAhB;AAEA,WAAOR,qBAAUC,MAAV,CAAiBS,MAAjB,CACLhB,IADK,EAELU,SAFK,EAGLK,SAHK,EAILF,OAJK,CAAP;AAMD,GAnBM,CAAP;AAoBD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { clone } from '../util';\nimport { stringToBuffer, base64UrlDecode } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function verifyToken(idToken, key) {\n key = clone(key);\n\n var format = 'jwk';\n var algo = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: { name: 'SHA-256' }\n };\n var extractable = true;\n var usages = ['verify'];\n\n // https://connect.microsoft.com/IE/feedback/details/2242108/webcryptoapi-importing-jwk-with-use-field-fails\n // This is a metadata tag that specifies the intent of how the key should be used.\n // It's not necessary to properly verify the jwt's signature.\n delete key.use;\n\n // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n // @ts-ignore\n return webcrypto.subtle.importKey(\n format,\n key,\n algo,\n extractable,\n usages\n )\n .then(function(cryptoKey) {\n var jwt = idToken.split('.');\n var payload = stringToBuffer(jwt[0] + '.' + jwt[1]);\n var b64Signature = base64UrlDecode(jwt[2]);\n var signature = stringToBuffer(b64Signature);\n\n return webcrypto.subtle.verify(\n algo,\n cryptoKey,\n signature,\n payload\n );\n });\n}\n\n"],"file":"verifyToken.js"}
package/cjs/errors/AuthApiError.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/errors/AuthApiError.ts"],"names":["AuthApiError","CustomError","constructor","err","xhr","message","errorSummary","name","errorCode","errorLink","errorId","errorCauses"],"mappings":";;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAIe,MAAMA,YAAN,SAA2BC,oBAA3B,CAA2D;AAQxEC,EAAAA,WAAW,CAACC,GAAD,EAAgBC,GAAhB,EAAoC;AAC7C,UAAMC,OAAO,GAAGF,GAAG,CAACG,YAApB;AACA,UAAMD,OAAN;AAEA,SAAKE,IAAL,GAAY,cAAZ;AACA,SAAKD,YAAL,GAAoBH,GAAG,CAACG,YAAxB;AACA,SAAKE,SAAL,GAAiBL,GAAG,CAACK,SAArB;AACA,SAAKC,SAAL,GAAiBN,GAAG,CAACM,SAArB;AACA,SAAKC,OAAL,GAAeP,GAAG,CAACO,OAAnB;AACA,SAAKC,WAAL,GAAmBR,GAAG,CAACQ,WAAvB;;AAEA,QAAIP,GAAJ,EAAS;AACP,WAAKA,GAAL,GAAWA,GAAX;AACD;AACF;;AAtBuE","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\nimport { APIError, HttpResponse } from '../types';\nexport default class AuthApiError extends CustomError implements APIError {\n errorSummary: string;\n errorCode?: string;\n errorLink?: string;\n errorId?: string;\n errorCauses?: string[];\n xhr?: HttpResponse;\n\n constructor(err: APIError, xhr?: HttpResponse) {\n const message = err.errorSummary;\n super(message);\n\n this.name = 'AuthApiError';\n this.errorSummary = err.errorSummary;\n this.errorCode = err.errorCode;\n this.errorLink = err.errorLink;\n this.errorId = err.errorId;\n this.errorCauses = err.errorCauses;\n\n if (xhr) {\n this.xhr = xhr;\n }\n }\n}\n"],"file":"AuthApiError.js"}
1
+ {"version":3,"sources":["../../../lib/errors/AuthApiError.ts"],"names":["AuthApiError","CustomError","constructor","err","xhr","message","errorSummary","name","errorCode","errorLink","errorId","errorCauses"],"mappings":";;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKe,MAAMA,YAAN,SAA2BC,oBAA3B,CAA2D;AAQxEC,EAAAA,WAAW,CAACC,GAAD,EAAgBC,GAAhB,EAAoC;AAC7C,UAAMC,OAAO,GAAGF,GAAG,CAACG,YAApB;AACA,UAAMD,OAAN;AAEA,SAAKE,IAAL,GAAY,cAAZ;AACA,SAAKD,YAAL,GAAoBH,GAAG,CAACG,YAAxB;AACA,SAAKE,SAAL,GAAiBL,GAAG,CAACK,SAArB;AACA,SAAKC,SAAL,GAAiBN,GAAG,CAACM,SAArB;AACA,SAAKC,OAAL,GAAeP,GAAG,CAACO,OAAnB;AACA,SAAKC,WAAL,GAAmBR,GAAG,CAACQ,WAAvB;;AAEA,QAAIP,GAAJ,EAAS;AACP,WAAKA,GAAL,GAAWA,GAAX;AACD;AACF;;AAtBuE","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\nimport { APIError, HttpResponse } from '../types';\n\nexport default class AuthApiError extends CustomError implements APIError {\n errorSummary: string;\n errorCode?: string;\n errorLink?: string;\n errorId?: string;\n errorCauses?: string[];\n xhr?: HttpResponse;\n\n constructor(err: APIError, xhr?: HttpResponse) {\n const message = err.errorSummary;\n super(message);\n\n this.name = 'AuthApiError';\n this.errorSummary = err.errorSummary;\n this.errorCode = err.errorCode;\n this.errorLink = err.errorLink;\n this.errorId = err.errorId;\n this.errorCauses = err.errorCauses;\n\n if (xhr) {\n this.xhr = xhr;\n }\n }\n}\n"],"file":"AuthApiError.js"}
package/cjs/errors/OAuthError.js CHANGED
@@ -6,6 +6,8 @@ exports.default = void 0;
6
6
 
7
7
  var _CustomError = _interopRequireDefault(require("./CustomError"));
8
8
 
9
+ /* eslint-disable camelcase */
10
+
9
11
  /*!
10
12
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
11
13
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -18,11 +20,15 @@ var _CustomError = _interopRequireDefault(require("./CustomError"));
18
20
  * See the License for the specific language governing permissions and limitations under the License.
19
21
  */
20
22
  class OAuthError extends _CustomError.default {
23
+ // for widget / idx-js backward compatibility
21
24
  constructor(errorCode, summary) {
22
25
  super(summary);
23
26
  this.name = 'OAuthError';
24
27
  this.errorCode = errorCode;
25
- this.errorSummary = summary;
28
+ this.errorSummary = summary; // for widget / idx-js backward compatibility
29
+
30
+ this.error = errorCode;
31
+ this.error_description = summary;
26
32
  }
27
33
 
28
34
  }
package/cjs/errors/OAuthError.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/errors/OAuthError.ts"],"names":["OAuthError","CustomError","constructor","errorCode","summary","name","errorSummary"],"mappings":";;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAIe,MAAMA,UAAN,SAAyBC,oBAAzB,CAAqC;AAIlDC,EAAAA,WAAW,CAACC,SAAD,EAAoBC,OAApB,EAAqC;AAC9C,UAAMA,OAAN;AAEA,SAAKC,IAAL,GAAY,YAAZ;AACA,SAAKF,SAAL,GAAiBA,SAAjB;AACA,SAAKG,YAAL,GAAoBF,OAApB;AACD;;AAViD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\n\nexport default class OAuthError extends CustomError {\n errorCode: string;\n errorSummary: string;\n\n constructor(errorCode: string, summary: string) {\n super(summary);\n\n this.name = 'OAuthError';\n this.errorCode = errorCode;\n this.errorSummary = summary;\n }\n}\n\n"],"file":"OAuthError.js"}
1
+ {"version":3,"sources":["../../../lib/errors/OAuthError.ts"],"names":["OAuthError","CustomError","constructor","errorCode","summary","name","errorSummary","error","error_description"],"mappings":";;;;;;AAaA;;AAbA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAIe,MAAMA,UAAN,SAAyBC,oBAAzB,CAAqC;AAIlD;AAIAC,EAAAA,WAAW,CAACC,SAAD,EAAoBC,OAApB,EAAqC;AAC9C,UAAMA,OAAN;AAEA,SAAKC,IAAL,GAAY,YAAZ;AACA,SAAKF,SAAL,GAAiBA,SAAjB;AACA,SAAKG,YAAL,GAAoBF,OAApB,CAL8C,CAO9C;;AACA,SAAKG,KAAL,GAAaJ,SAAb;AACA,SAAKK,iBAAL,GAAyBJ,OAAzB;AACD;;AAlBiD","sourcesContent":["/* eslint-disable camelcase */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\n\nexport default class OAuthError extends CustomError {\n errorCode: string;\n errorSummary: string;\n\n // for widget / idx-js backward compatibility\n error: string;\n error_description: string;\n\n constructor(errorCode: string, summary: string) {\n super(summary);\n\n this.name = 'OAuthError';\n this.errorCode = errorCode;\n this.errorSummary = summary;\n\n // for widget / idx-js backward compatibility\n this.error = errorCode;\n this.error_description = summary;\n }\n}\n\n"],"file":"OAuthError.js"}
package/cjs/fetch/fetchRequest.js CHANGED
@@ -10,6 +10,10 @@ var _entries = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-st
10
10
 
11
11
  var _stringify = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/json/stringify"));
12
12
 
13
+ var _map = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/map"));
14
+
15
+ var _entries2 = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/entries"));
16
+
13
17
  var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));
14
18
 
15
19
  var _crossFetch = _interopRequireDefault(require("cross-fetch"));
@@ -25,6 +29,9 @@ var _crossFetch = _interopRequireDefault(require("cross-fetch"));
25
29
  *
26
30
  * See the License for the specific language governing permissions and limitations under the License.
27
31
  */
32
+ // content-type = application/json OR application/ion+json
33
+ const appJsonContentTypeRegex = /application\/\w*\+?json/;
34
+
28
35
  function readData(response) {
29
36
  var _context;
30
37
 
@@ -71,10 +78,17 @@ function formatResult(status, data, response) {
71
78
  function fetchRequest(method, url, args) {
72
79
  var body = args.data;
73
80
  var headers = args.headers || {};
74
- var contentType = headers['Content-Type'] || headers['content-type'] || ''; // JSON encode body (if appropriate)
81
+ var contentType = headers['Content-Type'] || headers['content-type'] || '';
82
+
83
+ if (body && typeof body !== 'string') {
84
+ // JSON encode body (if appropriate)
85
+ if (appJsonContentTypeRegex.test(contentType)) {
86
+ body = (0, _stringify.default)(body);
87
+ } else if (contentType === 'application/x-www-form-urlencoded') {
88
+ var _context3;
75
89
 
76
- if (contentType === 'application/json' && body && typeof body !== 'string') {
77
- body = (0, _stringify.default)(body);
90
+ body = (0, _map.default)(_context3 = (0, _entries2.default)(body)).call(_context3, ([param, value]) => `${param}=${encodeURIComponent(value)}`).join('&');
91
+ }
78
92
  }
79
93
 
80
94
  var fetch = global.fetch || _crossFetch.default;
package/cjs/fetch/fetchRequest.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/fetch/fetchRequest.ts"],"names":["readData","response","headers","get","toLowerCase","json","catch","e","error","errorSummary","text","formatResult","status","data","isObject","pair","result","responseText","responseType","responseJSON","fetchRequest","method","url","args","body","contentType","fetch","global","crossFetch","fetchPromise","credentials","withCredentials","finally","resolve","then","ok"],"mappings":";;;;;;;;;;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA,SAASA,QAAT,CAAkBC,QAAlB,EAAgE;AAAA;;AAC9D,MAAIA,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,KACF;AACA,mCAAAF,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,EAAsCC,WAAtC,mBAA4D,kBAA5D,KAAmF,CAFrF,EAEwF;AACxF,WAAOH,QAAQ,CAACI,IAAT,GACL;AADK,KAEJC,KAFI,CAEEC,CAAC,IAAI;AACV,aAAO;AACLC,QAAAA,KAAK,EAAED,CADF;AAELE,QAAAA,YAAY,EAAE;AAFT,OAAP;AAID,KAPI,CAAP;AAQC,GAXD,MAWO;AACL,WAAOR,QAAQ,CAACS,IAAT,EAAP;AACD;AACF;;AAED,SAASC,YAAT,CAAsBC,MAAtB,EAAsCC,IAAtC,EAA6DZ,QAA7D,EAAiF;AAC/E,QAAMa,QAAQ,GAAG,OAAOD,IAAP,KAAgB,QAAjC;AACA,QAAMX,OAAO,GAAG,EAAhB;;AACA,OAAK,MAAMa,IAAX,IAAmB,kCAACd,QAAQ,CAACC,OAAV,iBAAnB,EAAwD;AAAA;;AACtDA,IAAAA,OAAO,CAACa,IAAI,CAAC,CAAD,CAAL,CAAP,GAAmBA,IAAI,CAAC,CAAD,CAAvB;AACD;;AACD,QAAMC,MAAoB,GAAG;AAC3BC,IAAAA,YAAY,EAAEH,QAAQ,GAAG,wBAAeD,IAAf,CAAH,GAA0BA,IADrB;AAE3BD,IAAAA,MAAM,EAAEA,MAFmB;AAG3BV,IAAAA;AAH2B,GAA7B;;AAKA,MAAIY,QAAJ,EAAc;AACZE,IAAAA,MAAM,CAACE,YAAP,GAAsB,MAAtB;AACAF,IAAAA,MAAM,CAACG,YAAP,GAAsBN,IAAtB;AACD;;AACD,SAAOG,MAAP;AACD;AAED;;;AACA,SAASI,YAAT,CAAsBC,MAAtB,EAAsCC,GAAtC,EAAmDC,IAAnD,EAAuE;AACrE,MAAIC,IAAI,GAAGD,IAAI,CAACV,IAAhB;AACA,MAAIX,OAAO,GAAGqB,IAAI,CAACrB,OAAL,IAAgB,EAA9B;AACA,MAAIuB,WAAW,GAAIvB,OAAO,CAAC,cAAD,CAAP,IAA2BA,OAAO,CAAC,cAAD,CAAlC,IAAsD,EAAzE,CAHqE,CAKrE;;AACA,MAAIuB,WAAW,KAAK,kBAAhB,IAAsCD,IAAtC,IAA8C,OAAOA,IAAP,KAAgB,QAAlE,EAA4E;AAC1EA,IAAAA,IAAI,GAAG,wBAAeA,IAAf,CAAP;AACD;;AACD,MAAIE,KAAK,GAAGC,MAAM,CAACD,KAAP,IAAgBE,mBAA5B;AACA,MAAIC,YAAY,GAAGH,KAAK,CAACJ,GAAD,EAAM;AAC5BD,IAAAA,MAAM,EAAEA,MADoB;AAE5BnB,IAAAA,OAAO,EAAEqB,IAAI,CAACrB,OAFc;AAG5BsB,IAAAA,IAAI,EAAEA,IAHsB;AAI5BM,IAAAA,WAAW,EAAEP,IAAI,CAACQ,eAAL,GAAuB,SAAvB,GAAmC;AAJpB,GAAN,CAAxB;;AAOA,MAAI,CAACF,YAAY,CAACG,OAAlB,EAA2B;AACzBH,IAAAA,YAAY,GAAG,iBAAQI,OAAR,CAAgBJ,YAAhB,CAAf;AACD;;AAED,SAAOA,YAAY,CAACK,IAAb,CAAkB,UAASjC,QAAT,EAAmB;AAC1C,QAAIO,KAAK,GAAG,CAACP,QAAQ,CAACkC,EAAtB;AACA,QAAIvB,MAAM,GAAGX,QAAQ,CAACW,MAAtB;AACA,WAAOZ,QAAQ,CAACC,QAAD,CAAR,CACJiC,IADI,CACCrB,IAAI,IAAI;AACZ,aAAOF,YAAY,CAACC,MAAD,EAASC,IAAT,EAAeZ,QAAf,CAAnB;AACD,KAHI,EAIJiC,IAJI,CAIClB,MAAM,IAAI;AAAA;;AACd,UAAIR,KAAK,4BAAIQ,MAAM,CAACG,YAAX,iDAAI,qBAAqBX,KAAlC,EAAyC;AACvC;AACA,cAAMQ,MAAN;AACD;;AACD,aAAOA,MAAP;AACD,KAVI,CAAP;AAWD,GAdM,CAAP;AAeD;;eAEcI,Y","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport crossFetch from 'cross-fetch';\nimport { FetchOptions, HttpResponse } from '../types';\n\nfunction readData(response: Response): Promise<object | string> {\n if (response.headers.get('Content-Type') &&\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n response.headers.get('Content-Type')!.toLowerCase().indexOf('application/json') >= 0) {\n return response.json()\n // JSON parse can fail if response is not a valid object\n .catch(e => {\n return {\n error: e,\n errorSummary: 'Could not parse server response'\n };\n });\n } else {\n return response.text();\n }\n}\n\nfunction formatResult(status: number, data: object | string, response: Response) {\n const isObject = typeof data === 'object';\n const headers = {};\n for (const pair of (response.headers as any).entries()) {\n headers[pair[0]] = pair[1];\n }\n const result: HttpResponse = {\n responseText: isObject ? JSON.stringify(data) : data as string,\n status: status,\n headers\n };\n if (isObject) {\n result.responseType = 'json';\n result.responseJSON = data as object;\n }\n return result;\n}\n\n/* eslint-disable complexity */\nfunction fetchRequest(method: string, url: string, args: FetchOptions) {\n var body = args.data;\n var headers = args.headers || {};\n var contentType = (headers['Content-Type'] || headers['content-type'] || '');\n\n // JSON encode body (if appropriate)\n if (contentType === 'application/json' && body && typeof body !== 'string') {\n body = JSON.stringify(body);\n }\n var fetch = global.fetch || crossFetch;\n var fetchPromise = fetch(url, {\n method: method,\n headers: args.headers,\n body: body as string,\n credentials: args.withCredentials ? 'include' : 'omit'\n });\n\n if (!fetchPromise.finally) {\n fetchPromise = Promise.resolve(fetchPromise);\n }\n\n return fetchPromise.then(function(response) {\n var error = !response.ok;\n var status = response.status;\n return readData(response)\n .then(data => {\n return formatResult(status, data, response);\n })\n .then(result => {\n if (error || result.responseJSON?.error) {\n // Throwing result object since error handling is done in http.js\n throw result;\n }\n return result;\n });\n });\n}\n\nexport default fetchRequest;\n"],"file":"fetchRequest.js"}
1
+ {"version":3,"sources":["../../../lib/fetch/fetchRequest.ts"],"names":["appJsonContentTypeRegex","readData","response","headers","get","toLowerCase","json","catch","e","error","errorSummary","text","formatResult","status","data","isObject","pair","result","responseText","responseType","responseJSON","fetchRequest","method","url","args","body","contentType","test","param","value","encodeURIComponent","join","fetch","global","crossFetch","fetchPromise","credentials","withCredentials","finally","resolve","then","ok"],"mappings":";;;;;;;;;;;;;;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA,MAAMA,uBAAuB,GAAG,yBAAhC;;AAEA,SAASC,QAAT,CAAkBC,QAAlB,EAAgE;AAAA;;AAC9D,MAAIA,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,KACF;AACA,mCAAAF,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,EAAsCC,WAAtC,mBAA4D,kBAA5D,KAAmF,CAFrF,EAEwF;AACxF,WAAOH,QAAQ,CAACI,IAAT,GACL;AADK,KAEJC,KAFI,CAEEC,CAAC,IAAI;AACV,aAAO;AACLC,QAAAA,KAAK,EAAED,CADF;AAELE,QAAAA,YAAY,EAAE;AAFT,OAAP;AAID,KAPI,CAAP;AAQC,GAXD,MAWO;AACL,WAAOR,QAAQ,CAACS,IAAT,EAAP;AACD;AACF;;AAED,SAASC,YAAT,CAAsBC,MAAtB,EAAsCC,IAAtC,EAA6DZ,QAA7D,EAAiF;AAC/E,QAAMa,QAAQ,GAAG,OAAOD,IAAP,KAAgB,QAAjC;AACA,QAAMX,OAAO,GAAG,EAAhB;;AACA,OAAK,MAAMa,IAAX,IAAmB,kCAACd,QAAQ,CAACC,OAAV,iBAAnB,EAAwD;AAAA;;AACtDA,IAAAA,OAAO,CAACa,IAAI,CAAC,CAAD,CAAL,CAAP,GAAmBA,IAAI,CAAC,CAAD,CAAvB;AACD;;AACD,QAAMC,MAAoB,GAAG;AAC3BC,IAAAA,YAAY,EAAEH,QAAQ,GAAG,wBAAeD,IAAf,CAAH,GAA0BA,IADrB;AAE3BD,IAAAA,MAAM,EAAEA,MAFmB;AAG3BV,IAAAA;AAH2B,GAA7B;;AAKA,MAAIY,QAAJ,EAAc;AACZE,IAAAA,MAAM,CAACE,YAAP,GAAsB,MAAtB;AACAF,IAAAA,MAAM,CAACG,YAAP,GAAsBN,IAAtB;AACD;;AACD,SAAOG,MAAP;AACD;AAED;;;AACA,SAASI,YAAT,CAAsBC,MAAtB,EAAsCC,GAAtC,EAAmDC,IAAnD,EAAuE;AACrE,MAAIC,IAAI,GAAGD,IAAI,CAACV,IAAhB;AACA,MAAIX,OAAO,GAAGqB,IAAI,CAACrB,OAAL,IAAgB,EAA9B;AACA,MAAIuB,WAAW,GAAIvB,OAAO,CAAC,cAAD,CAAP,IAA2BA,OAAO,CAAC,cAAD,CAAlC,IAAsD,EAAzE;;AAEA,MAAIsB,IAAI,IAAI,OAAOA,IAAP,KAAgB,QAA5B,EAAsC;AACpC;AACA,QAAIzB,uBAAuB,CAAC2B,IAAxB,CAA6BD,WAA7B,CAAJ,EAA+C;AAC7CD,MAAAA,IAAI,GAAG,wBAAeA,IAAf,CAAP;AACD,KAFD,MAGK,IAAIC,WAAW,KAAK,mCAApB,EAAyD;AAAA;;AAC5DD,MAAAA,IAAI,GAAG,qDAAeA,IAAf,mBACD,CAAC,CAACG,KAAD,EAAQC,KAAR,CAAD,KAAqB,GAAED,KAAM,IAAGE,kBAAkB,CAACD,KAAD,CAAQ,EADzD,EAENE,IAFM,CAED,GAFC,CAAP;AAGD;AACF;;AAED,MAAIC,KAAK,GAAGC,MAAM,CAACD,KAAP,IAAgBE,mBAA5B;AACA,MAAIC,YAAY,GAAGH,KAAK,CAACT,GAAD,EAAM;AAC5BD,IAAAA,MAAM,EAAEA,MADoB;AAE5BnB,IAAAA,OAAO,EAAEqB,IAAI,CAACrB,OAFc;AAG5BsB,IAAAA,IAAI,EAAEA,IAHsB;AAI5BW,IAAAA,WAAW,EAAEZ,IAAI,CAACa,eAAL,GAAuB,SAAvB,GAAmC;AAJpB,GAAN,CAAxB;;AAOA,MAAI,CAACF,YAAY,CAACG,OAAlB,EAA2B;AACzBH,IAAAA,YAAY,GAAG,iBAAQI,OAAR,CAAgBJ,YAAhB,CAAf;AACD;;AAED,SAAOA,YAAY,CAACK,IAAb,CAAkB,UAAStC,QAAT,EAAmB;AAC1C,QAAIO,KAAK,GAAG,CAACP,QAAQ,CAACuC,EAAtB;AACA,QAAI5B,MAAM,GAAGX,QAAQ,CAACW,MAAtB;AACA,WAAOZ,QAAQ,CAACC,QAAD,CAAR,CACJsC,IADI,CACC1B,IAAI,IAAI;AACZ,aAAOF,YAAY,CAACC,MAAD,EAASC,IAAT,EAAeZ,QAAf,CAAnB;AACD,KAHI,EAIJsC,IAJI,CAICvB,MAAM,IAAI;AAAA;;AACd,UAAIR,KAAK,4BAAIQ,MAAM,CAACG,YAAX,iDAAI,qBAAqBX,KAAlC,EAAyC;AACvC;AACA,cAAMQ,MAAN;AACD;;AACD,aAAOA,MAAP;AACD,KAVI,CAAP;AAWD,GAdM,CAAP;AAeD;;eAEcI,Y","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport crossFetch from 'cross-fetch';\nimport { FetchOptions, HttpResponse } from '../types';\n\n// content-type = application/json OR application/ion+json\nconst appJsonContentTypeRegex = /application\\/\\w*\\+?json/;\n\nfunction readData(response: Response): Promise<object | string> {\n if (response.headers.get('Content-Type') &&\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n response.headers.get('Content-Type')!.toLowerCase().indexOf('application/json') >= 0) {\n return response.json()\n // JSON parse can fail if response is not a valid object\n .catch(e => {\n return {\n error: e,\n errorSummary: 'Could not parse server response'\n };\n });\n } else {\n return response.text();\n }\n}\n\nfunction formatResult(status: number, data: object | string, response: Response) {\n const isObject = typeof data === 'object';\n const headers = {};\n for (const pair of (response.headers as any).entries()) {\n headers[pair[0]] = pair[1];\n }\n const result: HttpResponse = {\n responseText: isObject ? JSON.stringify(data) : data as string,\n status: status,\n headers\n };\n if (isObject) {\n result.responseType = 'json';\n result.responseJSON = data as object;\n }\n return result;\n}\n\n/* eslint-disable complexity */\nfunction fetchRequest(method: string, url: string, args: FetchOptions) {\n var body = args.data;\n var headers = args.headers || {};\n var contentType = (headers['Content-Type'] || headers['content-type'] || '');\n\n if (body && typeof body !== 'string') {\n // JSON encode body (if appropriate)\n if (appJsonContentTypeRegex.test(contentType)) {\n body = JSON.stringify(body);\n }\n else if (contentType === 'application/x-www-form-urlencoded') {\n body = Object.entries(body)\n .map( ([param, value]) => `${param}=${encodeURIComponent(value)}` )\n .join('&');\n }\n }\n\n var fetch = global.fetch || crossFetch;\n var fetchPromise = fetch(url, {\n method: method,\n headers: args.headers,\n body: body as string,\n credentials: args.withCredentials ? 'include' : 'omit'\n });\n\n if (!fetchPromise.finally) {\n fetchPromise = Promise.resolve(fetchPromise);\n }\n\n return fetchPromise.then(function(response) {\n var error = !response.ok;\n var status = response.status;\n return readData(response)\n .then(data => {\n return formatResult(status, data, response);\n })\n .then(result => {\n if (error || result.responseJSON?.error) {\n // Throwing result object since error handling is done in http.js\n throw result;\n }\n return result;\n });\n });\n}\n\nexport default fetchRequest;\n"],"file":"fetchRequest.js"}
package/cjs/http/request.js CHANGED
@@ -12,10 +12,10 @@ var _assign = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-sta
12
12
 
13
13
  var _util = require("../util");
14
14
 
15
- var _AuthApiError = _interopRequireDefault(require("../errors/AuthApiError"));
16
-
17
15
  var _constants = require("../constants");
18
16
 
17
+ var _errors = require("../errors");
18
+
19
19
  /* eslint-disable @typescript-eslint/no-non-null-assertion */
20
20
 
21
21
  /*!
@@ -124,7 +124,11 @@ function httpRequest(sdk, options) {
124
124
  resp = sdk.options.transformErrorXHR((0, _util.clone)(resp));
125
125
  }
126
126
 
127
- err = new _AuthApiError.default(serverErr, resp);
127
+ if (serverErr.error && serverErr.error_description) {
128
+ err = new _errors.OAuthError(serverErr.error, serverErr.error_description);
129
+ } else {
130
+ err = new _errors.AuthApiError(serverErr, resp);
131
+ }
128
132
 
129
133
  if (err.errorCode === 'E0000011') {
130
134
  storage.delete(_constants.STATE_TOKEN_KEY_NAME);
package/cjs/http/request.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../lib/http/request.ts"],"names":["httpRequest","sdk","options","url","method","args","saveAuthnState","accessToken","withCredentials","storageUtil","storage","httpCache","storageManager","getHttpCache","cookies","cacheResponse","cacheContents","getStorage","cachedResponse","Date","now","expiresAt","resolve","response","oktaUserAgentHeader","_oktaUserAgent","getHttpHeader","headers","ajaxOptions","data","undefined","err","res","httpRequestClient","then","resp","responseText","JSON","parse","stateToken","delete","STATE_TOKEN_KEY_NAME","set","updateStorage","Math","floor","DEFAULT_CACHE_DURATION","catch","serverErr","e","errorSummary","status","transformErrorXHR","AuthApiError","errorCode","get","getIssuerOrigin","getOptions","post","postOptions"],"mappings":";;;;;;;;;;;;AAeA;;AACA;;AACA;;AAjBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAMO,SAASA,WAAT,CAAqBC,GAArB,EAA6CC,OAA7C,EAAoF;AACzFA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;AACA,MAAIC,GAAG,GAAGD,OAAO,CAACC,GAAlB;AAAA,MACIC,MAAM,GAAGF,OAAO,CAACE,MADrB;AAAA,MAEIC,IAAI,GAAGH,OAAO,CAACG,IAFnB;AAAA,MAGIC,cAAc,GAAGJ,OAAO,CAACI,cAH7B;AAAA,MAIIC,WAAW,GAAGL,OAAO,CAACK,WAJ1B;AAAA,MAKIC,eAAe,GAAGN,OAAO,CAACM,eAAR,KAA4B,IALlD;AAAA,MAKwD;AACpDC,EAAAA,WAAW,GAAGR,GAAG,CAACC,OAAJ,CAAYO,WAN9B;AAAA,MAOIC,OAAO,GAAGD,WAAW,CAAEC,OAP3B;AAAA,MAQIC,SAAS,GAAGV,GAAG,CAACW,cAAJ,CAAmBC,YAAnB,CAAgCZ,GAAG,CAACC,OAAJ,CAAYY,OAA5C,CARhB;;AAUA,MAAIZ,OAAO,CAACa,aAAZ,EAA2B;AACzB,QAAIC,aAAa,GAAGL,SAAS,CAACM,UAAV,EAApB;AACA,QAAIC,cAAc,GAAGF,aAAa,CAACb,GAAD,CAAlC;;AACA,QAAIe,cAAc,IAAIC,IAAI,CAACC,GAAL,KAAW,IAAX,GAAkBF,cAAc,CAACG,SAAvD,EAAkE;AAChE,aAAO,iBAAQC,OAAR,CAAgBJ,cAAc,CAACK,QAA/B,CAAP;AACD;AACF;;AAED,MAAIC,mBAAmB,GAAGvB,GAAG,CAACwB,cAAJ,CAAmBC,aAAnB,EAA1B;;AACA,MAAIC,OAAoB,GAAG;AACzB,cAAU,kBADe;AAEzB,oBAAgB,kBAFS;AAGzB,OAAGH;AAHsB,GAA3B;AAKA,uBAAcG,OAAd,EAAuB1B,GAAG,CAACC,OAAJ,CAAYyB,OAAnC,EAA4CzB,OAAO,CAACyB,OAApD;AACAA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;;AAEA,MAAIpB,WAAW,IAAI,oBAASA,WAAT,CAAnB,EAA0C;AACxCoB,IAAAA,OAAO,CAAC,eAAD,CAAP,GAA2B,YAAYpB,WAAvC;AACD;;AAED,MAAIqB,WAAyB,GAAG;AAC9BD,IAAAA,OAD8B;AAE9BE,IAAAA,IAAI,EAAExB,IAAI,IAAIyB,SAFgB;AAG9BtB,IAAAA;AAH8B,GAAhC;AAMA,MAAIuB,GAAJ,EAASC,GAAT;AACA,SAAO/B,GAAG,CAACC,OAAJ,CAAY+B,iBAAZ,CAA+B7B,MAA/B,EAAwCD,GAAxC,EAA8CyB,WAA9C,EACJM,IADI,CACC,UAASC,IAAT,EAAe;AACnBH,IAAAA,GAAG,GAAGG,IAAI,CAACC,YAAX;;AACA,QAAIJ,GAAG,IAAI,oBAASA,GAAT,CAAX,EAA0B;AACxBA,MAAAA,GAAG,GAAGK,IAAI,CAACC,KAAL,CAAWN,GAAX,CAAN;;AACA,UAAIA,GAAG,IAAI,OAAOA,GAAP,KAAe,QAAtB,IAAkC,CAACA,GAAG,CAACL,OAA3C,EAAoD;AAClDK,QAAAA,GAAG,CAACL,OAAJ,GAAcQ,IAAI,CAACR,OAAnB;AACD;AACF;;AAED,QAAIrB,cAAJ,EAAoB;AAClB,UAAI,CAAC0B,GAAG,CAACO,UAAT,EAAqB;AACnB7B,QAAAA,OAAO,CAAC8B,MAAR,CAAeC,+BAAf;AACD;AACF;;AAED,QAAIT,GAAG,IAAIA,GAAG,CAACO,UAAX,IAAyBP,GAAG,CAACX,SAAjC,EAA4C;AAC1CX,MAAAA,OAAO,CAACgC,GAAR,CAAYD,+BAAZ,EAAkCT,GAAG,CAACO,UAAtC,EAAkDP,GAAG,CAACX,SAAtD,EAAiEpB,GAAG,CAACC,OAAJ,CAAYY,OAA7E;AACD;;AAED,QAAIkB,GAAG,IAAI9B,OAAO,CAACa,aAAnB,EAAkC;AAChCJ,MAAAA,SAAS,CAACgC,aAAV,CAAwBxC,GAAxB,EAA8B;AAC5BkB,QAAAA,SAAS,EAAEuB,IAAI,CAACC,KAAL,CAAW1B,IAAI,CAACC,GAAL,KAAW,IAAtB,IAA8B0B,iCADb;AAE5BvB,QAAAA,QAAQ,EAAES;AAFkB,OAA9B;AAID;;AAED,WAAOA,GAAP;AACD,GA5BI,EA6BJe,KA7BI,CA6BE,UAASZ,IAAT,EAAe;AACpB,QAAIa,SAAS,GAAGb,IAAI,CAACC,YAAL,IAAqB,EAArC;;AACA,QAAI,oBAASY,SAAT,CAAJ,EAAyB;AACvB,UAAI;AACFA,QAAAA,SAAS,GAAGX,IAAI,CAACC,KAAL,CAAWU,SAAX,CAAZ;AACD,OAFD,CAEE,OAAOC,CAAP,EAAU;AACVD,QAAAA,SAAS,GAAG;AACVE,UAAAA,YAAY,EAAE;AADJ,SAAZ;AAGD;AACF;;AAED,QAAIf,IAAI,CAACgB,MAAL,IAAe,GAAnB,EAAwB;AACtBH,MAAAA,SAAS,CAACE,YAAV,GAAyB,eAAzB;AACD;;AAED,QAAIjD,GAAG,CAACC,OAAJ,CAAYkD,iBAAhB,EAAmC;AACjCjB,MAAAA,IAAI,GAAGlC,GAAG,CAACC,OAAJ,CAAYkD,iBAAZ,CAA8B,iBAAMjB,IAAN,CAA9B,CAAP;AACD;;AAEDJ,IAAAA,GAAG,GAAG,IAAIsB,qBAAJ,CAAiBL,SAAjB,EAA4Bb,IAA5B,CAAN;;AAEA,QAAIJ,GAAG,CAACuB,SAAJ,KAAkB,UAAtB,EAAkC;AAChC5C,MAAAA,OAAO,CAAC8B,MAAR,CAAeC,+BAAf;AACD;;AAED,UAAMV,GAAN;AACD,GAxDI,CAAP;AAyDD;;AAEM,SAASwB,GAAT,CAAatD,GAAb,EAAqCE,GAArC,EAAkDD,OAAlD,EAA4E;AACjFC,EAAAA,GAAG,GAAG,yBAAcA,GAAd,IAAqBA,GAArB,GAA2BF,GAAG,CAACuD,eAAJ,KAAwBrD,GAAzD;AACA,MAAIsD,UAAU,GAAG;AACftD,IAAAA,GAAG,EAAEA,GADU;AAEfC,IAAAA,MAAM,EAAE;AAFO,GAAjB;AAIA,uBAAcqD,UAAd,EAA0BvD,OAA1B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAMwD,UAAN,CAAlB;AACD;;AAEM,SAASC,IAAT,CAAczD,GAAd,EAAsCE,GAAtC,EAAmDE,IAAnD,EAAuEH,OAAvE,EAAiG;AACtGC,EAAAA,GAAG,GAAG,yBAAcA,GAAd,IAAqBA,GAArB,GAA2BF,GAAG,CAACuD,eAAJ,KAAwBrD,GAAzD;AACA,MAAIwD,WAAW,GAAG;AAChBxD,IAAAA,GAAG,EAAEA,GADW;AAEhBC,IAAAA,MAAM,EAAE,MAFQ;AAGhBC,IAAAA,IAAI,EAAEA,IAHU;AAIhBC,IAAAA,cAAc,EAAE;AAJA,GAAlB;AAMA,uBAAcqD,WAAd,EAA2BzD,OAA3B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAM0D,WAAN,CAAlB;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* eslint-disable complexity */\nimport { isString, clone, isAbsoluteUrl, removeNils } from '../util';\nimport AuthApiError from '../errors/AuthApiError';\nimport { STATE_TOKEN_KEY_NAME, DEFAULT_CACHE_DURATION } from '../constants';\nimport { OktaAuthInterface, RequestOptions, FetchOptions, RequestData } from '../types';\n\nexport function httpRequest(sdk: OktaAuthInterface, options: RequestOptions): Promise<any> {\n options = options || {};\n var url = options.url,\n method = options.method,\n args = options.args,\n saveAuthnState = options.saveAuthnState,\n accessToken = options.accessToken,\n withCredentials = options.withCredentials === true, // default value is false\n storageUtil = sdk.options.storageUtil,\n storage = storageUtil!.storage,\n httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);\n\n if (options.cacheResponse) {\n var cacheContents = httpCache.getStorage();\n var cachedResponse = cacheContents[url as string];\n if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n return Promise.resolve(cachedResponse.response);\n }\n }\n\n var oktaUserAgentHeader = sdk._oktaUserAgent.getHttpHeader();\n var headers: HeadersInit = {\n 'Accept': 'application/json',\n 'Content-Type': 'application/json',\n ...oktaUserAgentHeader\n };\n Object.assign(headers, sdk.options.headers, options.headers);\n headers = removeNils(headers) as HeadersInit;\n\n if (accessToken && isString(accessToken)) {\n headers['Authorization'] = 'Bearer ' + accessToken;\n }\n\n var ajaxOptions: FetchOptions = {\n headers,\n data: args || undefined,\n withCredentials\n };\n\n var err, res;\n return sdk.options.httpRequestClient!(method!, url!, ajaxOptions)\n .then(function(resp) {\n res = resp.responseText;\n if (res && isString(res)) {\n res = JSON.parse(res);\n if (res && typeof res === 'object' && !res.headers) {\n res.headers = resp.headers;\n }\n }\n\n if (saveAuthnState) {\n if (!res.stateToken) {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n }\n\n if (res && res.stateToken && res.expiresAt) {\n storage.set(STATE_TOKEN_KEY_NAME, res.stateToken, res.expiresAt, sdk.options.cookies!);\n }\n\n if (res && options.cacheResponse) {\n httpCache.updateStorage(url!, {\n expiresAt: Math.floor(Date.now()/1000) + DEFAULT_CACHE_DURATION,\n response: res\n });\n }\n\n return res;\n })\n .catch(function(resp) {\n var serverErr = resp.responseText || {};\n if (isString(serverErr)) {\n try {\n serverErr = JSON.parse(serverErr);\n } catch (e) {\n serverErr = {\n errorSummary: 'Unknown error'\n };\n }\n }\n\n if (resp.status >= 500) {\n serverErr.errorSummary = 'Unknown error';\n }\n\n if (sdk.options.transformErrorXHR) {\n resp = sdk.options.transformErrorXHR(clone(resp));\n }\n\n err = new AuthApiError(serverErr, resp);\n\n if (err.errorCode === 'E0000011') {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n\n throw err;\n });\n}\n\nexport function get(sdk: OktaAuthInterface, url: string, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var getOptions = {\n url: url,\n method: 'GET'\n };\n Object.assign(getOptions, options);\n return httpRequest(sdk, getOptions);\n}\n\nexport function post(sdk: OktaAuthInterface, url: string, args?: RequestData, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var postOptions = {\n url: url,\n method: 'POST',\n args: args,\n saveAuthnState: true\n };\n Object.assign(postOptions, options);\n return httpRequest(sdk, postOptions);\n}\n"],"file":"request.js"}
1
+ {"version":3,"sources":["../../../lib/http/request.ts"],"names":["httpRequest","sdk","options","url","method","args","saveAuthnState","accessToken","withCredentials","storageUtil","storage","httpCache","storageManager","getHttpCache","cookies","cacheResponse","cacheContents","getStorage","cachedResponse","Date","now","expiresAt","resolve","response","oktaUserAgentHeader","_oktaUserAgent","getHttpHeader","headers","ajaxOptions","data","undefined","err","res","httpRequestClient","then","resp","responseText","JSON","parse","stateToken","delete","STATE_TOKEN_KEY_NAME","set","updateStorage","Math","floor","DEFAULT_CACHE_DURATION","catch","serverErr","e","errorSummary","status","transformErrorXHR","error","error_description","OAuthError","AuthApiError","errorCode","get","getIssuerOrigin","getOptions","post","postOptions"],"mappings":";;;;;;;;;;;;AAeA;;AACA;;AAEA;;AAlBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAMO,SAASA,WAAT,CAAqBC,GAArB,EAA6CC,OAA7C,EAAoF;AACzFA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;AACA,MAAIC,GAAG,GAAGD,OAAO,CAACC,GAAlB;AAAA,MACIC,MAAM,GAAGF,OAAO,CAACE,MADrB;AAAA,MAEIC,IAAI,GAAGH,OAAO,CAACG,IAFnB;AAAA,MAGIC,cAAc,GAAGJ,OAAO,CAACI,cAH7B;AAAA,MAIIC,WAAW,GAAGL,OAAO,CAACK,WAJ1B;AAAA,MAKIC,eAAe,GAAGN,OAAO,CAACM,eAAR,KAA4B,IALlD;AAAA,MAKwD;AACpDC,EAAAA,WAAW,GAAGR,GAAG,CAACC,OAAJ,CAAYO,WAN9B;AAAA,MAOIC,OAAO,GAAGD,WAAW,CAAEC,OAP3B;AAAA,MAQIC,SAAS,GAAGV,GAAG,CAACW,cAAJ,CAAmBC,YAAnB,CAAgCZ,GAAG,CAACC,OAAJ,CAAYY,OAA5C,CARhB;;AAUA,MAAIZ,OAAO,CAACa,aAAZ,EAA2B;AACzB,QAAIC,aAAa,GAAGL,SAAS,CAACM,UAAV,EAApB;AACA,QAAIC,cAAc,GAAGF,aAAa,CAACb,GAAD,CAAlC;;AACA,QAAIe,cAAc,IAAIC,IAAI,CAACC,GAAL,KAAW,IAAX,GAAkBF,cAAc,CAACG,SAAvD,EAAkE;AAChE,aAAO,iBAAQC,OAAR,CAAgBJ,cAAc,CAACK,QAA/B,CAAP;AACD;AACF;;AAED,MAAIC,mBAAmB,GAAGvB,GAAG,CAACwB,cAAJ,CAAmBC,aAAnB,EAA1B;;AACA,MAAIC,OAAoB,GAAG;AACzB,cAAU,kBADe;AAEzB,oBAAgB,kBAFS;AAGzB,OAAGH;AAHsB,GAA3B;AAKA,uBAAcG,OAAd,EAAuB1B,GAAG,CAACC,OAAJ,CAAYyB,OAAnC,EAA4CzB,OAAO,CAACyB,OAApD;AACAA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;;AAEA,MAAIpB,WAAW,IAAI,oBAASA,WAAT,CAAnB,EAA0C;AACxCoB,IAAAA,OAAO,CAAC,eAAD,CAAP,GAA2B,YAAYpB,WAAvC;AACD;;AAED,MAAIqB,WAAyB,GAAG;AAC9BD,IAAAA,OAD8B;AAE9BE,IAAAA,IAAI,EAAExB,IAAI,IAAIyB,SAFgB;AAG9BtB,IAAAA;AAH8B,GAAhC;AAMA,MAAIuB,GAAJ,EAASC,GAAT;AACA,SAAO/B,GAAG,CAACC,OAAJ,CAAY+B,iBAAZ,CAA+B7B,MAA/B,EAAwCD,GAAxC,EAA8CyB,WAA9C,EACJM,IADI,CACC,UAASC,IAAT,EAAe;AACnBH,IAAAA,GAAG,GAAGG,IAAI,CAACC,YAAX;;AACA,QAAIJ,GAAG,IAAI,oBAASA,GAAT,CAAX,EAA0B;AACxBA,MAAAA,GAAG,GAAGK,IAAI,CAACC,KAAL,CAAWN,GAAX,CAAN;;AACA,UAAIA,GAAG,IAAI,OAAOA,GAAP,KAAe,QAAtB,IAAkC,CAACA,GAAG,CAACL,OAA3C,EAAoD;AAClDK,QAAAA,GAAG,CAACL,OAAJ,GAAcQ,IAAI,CAACR,OAAnB;AACD;AACF;;AAED,QAAIrB,cAAJ,EAAoB;AAClB,UAAI,CAAC0B,GAAG,CAACO,UAAT,EAAqB;AACnB7B,QAAAA,OAAO,CAAC8B,MAAR,CAAeC,+BAAf;AACD;AACF;;AAED,QAAIT,GAAG,IAAIA,GAAG,CAACO,UAAX,IAAyBP,GAAG,CAACX,SAAjC,EAA4C;AAC1CX,MAAAA,OAAO,CAACgC,GAAR,CAAYD,+BAAZ,EAAkCT,GAAG,CAACO,UAAtC,EAAkDP,GAAG,CAACX,SAAtD,EAAiEpB,GAAG,CAACC,OAAJ,CAAYY,OAA7E;AACD;;AAED,QAAIkB,GAAG,IAAI9B,OAAO,CAACa,aAAnB,EAAkC;AAChCJ,MAAAA,SAAS,CAACgC,aAAV,CAAwBxC,GAAxB,EAA8B;AAC5BkB,QAAAA,SAAS,EAAEuB,IAAI,CAACC,KAAL,CAAW1B,IAAI,CAACC,GAAL,KAAW,IAAtB,IAA8B0B,iCADb;AAE5BvB,QAAAA,QAAQ,EAAES;AAFkB,OAA9B;AAID;;AAED,WAAOA,GAAP;AACD,GA5BI,EA6BJe,KA7BI,CA6BE,UAASZ,IAAT,EAAe;AACpB,QAAIa,SAAS,GAAGb,IAAI,CAACC,YAAL,IAAqB,EAArC;;AACA,QAAI,oBAASY,SAAT,CAAJ,EAAyB;AACvB,UAAI;AACFA,QAAAA,SAAS,GAAGX,IAAI,CAACC,KAAL,CAAWU,SAAX,CAAZ;AACD,OAFD,CAEE,OAAOC,CAAP,EAAU;AACVD,QAAAA,SAAS,GAAG;AACVE,UAAAA,YAAY,EAAE;AADJ,SAAZ;AAGD;AACF;;AAED,QAAIf,IAAI,CAACgB,MAAL,IAAe,GAAnB,EAAwB;AACtBH,MAAAA,SAAS,CAACE,YAAV,GAAyB,eAAzB;AACD;;AAED,QAAIjD,GAAG,CAACC,OAAJ,CAAYkD,iBAAhB,EAAmC;AACjCjB,MAAAA,IAAI,GAAGlC,GAAG,CAACC,OAAJ,CAAYkD,iBAAZ,CAA8B,iBAAMjB,IAAN,CAA9B,CAAP;AACD;;AAED,QAAIa,SAAS,CAACK,KAAV,IAAmBL,SAAS,CAACM,iBAAjC,EAAoD;AAClDvB,MAAAA,GAAG,GAAG,IAAIwB,kBAAJ,CAAeP,SAAS,CAACK,KAAzB,EAAgCL,SAAS,CAACM,iBAA1C,CAAN;AACD,KAFD,MAEO;AACLvB,MAAAA,GAAG,GAAG,IAAIyB,oBAAJ,CAAiBR,SAAjB,EAA4Bb,IAA5B,CAAN;AACD;;AAED,QAAIJ,GAAG,CAAC0B,SAAJ,KAAkB,UAAtB,EAAkC;AAChC/C,MAAAA,OAAO,CAAC8B,MAAR,CAAeC,+BAAf;AACD;;AAED,UAAMV,GAAN;AACD,GA5DI,CAAP;AA6DD;;AAEM,SAAS2B,GAAT,CAAazD,GAAb,EAAqCE,GAArC,EAAkDD,OAAlD,EAA4E;AACjFC,EAAAA,GAAG,GAAG,yBAAcA,GAAd,IAAqBA,GAArB,GAA2BF,GAAG,CAAC0D,eAAJ,KAAwBxD,GAAzD;AACA,MAAIyD,UAAU,GAAG;AACfzD,IAAAA,GAAG,EAAEA,GADU;AAEfC,IAAAA,MAAM,EAAE;AAFO,GAAjB;AAIA,uBAAcwD,UAAd,EAA0B1D,OAA1B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAM2D,UAAN,CAAlB;AACD;;AAEM,SAASC,IAAT,CAAc5D,GAAd,EAAsCE,GAAtC,EAAmDE,IAAnD,EAAuEH,OAAvE,EAAiG;AACtGC,EAAAA,GAAG,GAAG,yBAAcA,GAAd,IAAqBA,GAArB,GAA2BF,GAAG,CAAC0D,eAAJ,KAAwBxD,GAAzD;AACA,MAAI2D,WAAW,GAAG;AAChB3D,IAAAA,GAAG,EAAEA,GADW;AAEhBC,IAAAA,MAAM,EAAE,MAFQ;AAGhBC,IAAAA,IAAI,EAAEA,IAHU;AAIhBC,IAAAA,cAAc,EAAE;AAJA,GAAlB;AAMA,uBAAcwD,WAAd,EAA2B5D,OAA3B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAM6D,WAAN,CAAlB;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* eslint-disable complexity */\nimport { isString, clone, isAbsoluteUrl, removeNils } from '../util';\nimport { STATE_TOKEN_KEY_NAME, DEFAULT_CACHE_DURATION } from '../constants';\nimport { OktaAuthInterface, RequestOptions, FetchOptions, RequestData } from '../types';\nimport { AuthApiError, OAuthError } from '../errors';\n\nexport function httpRequest(sdk: OktaAuthInterface, options: RequestOptions): Promise<any> {\n options = options || {};\n var url = options.url,\n method = options.method,\n args = options.args,\n saveAuthnState = options.saveAuthnState,\n accessToken = options.accessToken,\n withCredentials = options.withCredentials === true, // default value is false\n storageUtil = sdk.options.storageUtil,\n storage = storageUtil!.storage,\n httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);\n\n if (options.cacheResponse) {\n var cacheContents = httpCache.getStorage();\n var cachedResponse = cacheContents[url as string];\n if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n return Promise.resolve(cachedResponse.response);\n }\n }\n\n var oktaUserAgentHeader = sdk._oktaUserAgent.getHttpHeader();\n var headers: HeadersInit = {\n 'Accept': 'application/json',\n 'Content-Type': 'application/json',\n ...oktaUserAgentHeader\n };\n Object.assign(headers, sdk.options.headers, options.headers);\n headers = removeNils(headers) as HeadersInit;\n\n if (accessToken && isString(accessToken)) {\n headers['Authorization'] = 'Bearer ' + accessToken;\n }\n\n var ajaxOptions: FetchOptions = {\n headers,\n data: args || undefined,\n withCredentials\n };\n\n var err, res;\n return sdk.options.httpRequestClient!(method!, url!, ajaxOptions)\n .then(function(resp) {\n res = resp.responseText;\n if (res && isString(res)) {\n res = JSON.parse(res);\n if (res && typeof res === 'object' && !res.headers) {\n res.headers = resp.headers;\n }\n }\n\n if (saveAuthnState) {\n if (!res.stateToken) {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n }\n\n if (res && res.stateToken && res.expiresAt) {\n storage.set(STATE_TOKEN_KEY_NAME, res.stateToken, res.expiresAt, sdk.options.cookies!);\n }\n\n if (res && options.cacheResponse) {\n httpCache.updateStorage(url!, {\n expiresAt: Math.floor(Date.now()/1000) + DEFAULT_CACHE_DURATION,\n response: res\n });\n }\n\n return res;\n })\n .catch(function(resp) {\n var serverErr = resp.responseText || {};\n if (isString(serverErr)) {\n try {\n serverErr = JSON.parse(serverErr);\n } catch (e) {\n serverErr = {\n errorSummary: 'Unknown error'\n };\n }\n }\n\n if (resp.status >= 500) {\n serverErr.errorSummary = 'Unknown error';\n }\n\n if (sdk.options.transformErrorXHR) {\n resp = sdk.options.transformErrorXHR(clone(resp));\n }\n\n if (serverErr.error && serverErr.error_description) {\n err = new OAuthError(serverErr.error, serverErr.error_description);\n } else {\n err = new AuthApiError(serverErr, resp);\n }\n\n if (err.errorCode === 'E0000011') {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n\n throw err;\n });\n}\n\nexport function get(sdk: OktaAuthInterface, url: string, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var getOptions = {\n url: url,\n method: 'GET'\n };\n Object.assign(getOptions, options);\n return httpRequest(sdk, getOptions);\n}\n\nexport function post(sdk: OktaAuthInterface, url: string, args?: RequestData, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var postOptions = {\n url: url,\n method: 'POST',\n args: args,\n saveAuthnState: true\n };\n Object.assign(postOptions, options);\n return httpRequest(sdk, postOptions);\n}\n"],"file":"request.js"}
package/cjs/idx/idxState/index.js ADDED
@@ -0,0 +1,55 @@
1
+ "use strict";
2
+
3
+ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
+
5
+ exports.validateVersionConfig = validateVersionConfig;
6
+ exports.makeIdxState = makeIdxState;
7
+ exports.parsersForVersion = void 0;
8
+
9
+ var _constants = require("../../constants");
10
+
11
+ var _parsers = _interopRequireDefault(require("./v1/parsers"));
12
+
13
+ // auth-js/types
14
+ // idx/types
15
+ const parsersForVersion = function parsersForVersion(version) {
16
+ switch (version) {
17
+ case '1.0.0':
18
+ return _parsers.default;
19
+
20
+ case undefined:
21
+ case null:
22
+ throw new Error('Api version is required');
23
+
24
+ default:
25
+ throw new Error(`Unknown api version: ${version}. Use an exact semver version.`);
26
+ }
27
+ };
28
+
29
+ exports.parsersForVersion = parsersForVersion;
30
+
31
+ function validateVersionConfig(version) {
32
+ if (!version) {
33
+ throw new Error('version is required');
34
+ }
35
+
36
+ const cleanVersion = (version !== null && version !== void 0 ? version : '').replace(/[^0-9a-zA-Z._-]/, '');
37
+
38
+ if (cleanVersion !== version || !version) {
39
+ throw new Error('invalid version supplied - version is required and uses semver syntax');
40
+ }
41
+
42
+ parsersForVersion(version); // will throw for invalid version
43
+ }
44
+
45
+ function makeIdxState(authClient, rawIdxResponse, toPersist = {}, requestDidSucceed) {
46
+ var _rawIdxResponse$versi;
47
+
48
+ const version = (_rawIdxResponse$versi = rawIdxResponse === null || rawIdxResponse === void 0 ? void 0 : rawIdxResponse.version) !== null && _rawIdxResponse$versi !== void 0 ? _rawIdxResponse$versi : _constants.IDX_API_VERSION;
49
+ validateVersionConfig(version);
50
+ const {
51
+ makeIdxState
52
+ } = parsersForVersion(version);
53
+ return makeIdxState(authClient, rawIdxResponse, toPersist, requestDidSucceed);
54
+ }
55
+ //# sourceMappingURL=index.js.map
package/cjs/idx/idxState/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../../lib/idx/idxState/index.ts"],"names":["parsersForVersion","version","v1","undefined","Error","validateVersionConfig","cleanVersion","replace","makeIdxState","authClient","rawIdxResponse","toPersist","requestDidSucceed","IDX_API_VERSION"],"mappings":";;;;;;;;AAEA;;AACA;;AAHoD;AACgB;AAK7D,MAAMA,iBAAiB,GAAG,SAASA,iBAAT,CAA4BC,OAA5B,EAAsC;AACrE,UAAQA,OAAR;AACE,SAAK,OAAL;AACE,aAAOC,gBAAP;;AACF,SAAKC,SAAL;AACA,SAAK,IAAL;AACE,YAAM,IAAIC,KAAJ,CAAU,yBAAV,CAAN;;AACF;AACE,YAAM,IAAIA,KAAJ,CAAW,wBAAuBH,OAAQ,iCAA1C,CAAN;AAPJ;AASD,CAVM;;;;AAYA,SAASI,qBAAT,CAA+BJ,OAA/B,EAAwC;AAC7C,MAAK,CAACA,OAAN,EAAgB;AACd,UAAM,IAAIG,KAAJ,CAAU,qBAAV,CAAN;AACD;;AAED,QAAME,YAAY,GAAG,CAACL,OAAD,aAACA,OAAD,cAACA,OAAD,GAAY,EAAZ,EAAgBM,OAAhB,CAAwB,iBAAxB,EAA2C,EAA3C,CAArB;;AACA,MAAKD,YAAY,KAAKL,OAAjB,IAA4B,CAACA,OAAlC,EAA4C;AAC1C,UAAM,IAAIG,KAAJ,CAAU,uEAAV,CAAN;AACD;;AAEDJ,EAAAA,iBAAiB,CAACC,OAAD,CAAjB,CAV6C,CAUjB;AAC7B;;AAEM,SAASO,YAAT,CACLC,UADK,EAELC,cAFK,EAGLC,SAAkC,GAAG,EAHhC,EAILC,iBAJK,EAKQ;AAAA;;AACb,QAAMX,OAAO,4BAAGS,cAAH,aAAGA,cAAH,uBAAGA,cAAc,CAAET,OAAnB,yEAA8BY,0BAA3C;AACAR,EAAAA,qBAAqB,CAACJ,OAAD,CAArB;AAEA,QAAM;AAAEO,IAAAA;AAAF,MAAmBR,iBAAiB,CAACC,OAAD,CAA1C;AACA,SAAOO,YAAY,CAACC,UAAD,EAAaC,cAAb,EAA6BC,SAA7B,EAAwCC,iBAAxC,CAAnB;AACD","sourcesContent":["import { OktaAuthInterface } from '../../types'; // auth-js/types\nimport { IdxResponse, RawIdxResponse } from '../types/idx-js'; // idx/types\nimport { IDX_API_VERSION } from '../../constants';\nimport v1 from './v1/parsers';\n\n\nexport const parsersForVersion = function parsersForVersion( version ) {\n switch (version) {\n case '1.0.0':\n return v1;\n case undefined:\n case null:\n throw new Error('Api version is required');\n default:\n throw new Error(`Unknown api version: ${version}. Use an exact semver version.`);\n }\n};\n\nexport function validateVersionConfig(version) {\n if ( !version ) {\n throw new Error('version is required');\n }\n\n const cleanVersion = (version ?? '').replace(/[^0-9a-zA-Z._-]/, '');\n if ( cleanVersion !== version || !version ) {\n throw new Error('invalid version supplied - version is required and uses semver syntax');\n }\n\n parsersForVersion(version); // will throw for invalid version\n}\n\nexport function makeIdxState ( \n authClient: OktaAuthInterface,\n rawIdxResponse: RawIdxResponse,\n toPersist: Record<string, unknown> = {},\n requestDidSucceed: boolean,\n): IdxResponse {\n const version = rawIdxResponse?.version ?? IDX_API_VERSION;\n validateVersionConfig(version);\n \n const { makeIdxState } = parsersForVersion(version);\n return makeIdxState(authClient, rawIdxResponse, toPersist, requestDidSucceed);\n}\n"],"file":"index.js"}
package/cjs/idx/{idx-js → idxState}/v1/actionParser.js RENAMED
@@ -13,6 +13,7 @@ exports.divideActionParamsByMutability = void 0;
13
13
  *
14
14
  * See the License for the specific language governing permissions and limitations under the License.
15
15
  */
16
+ // eslint-disable-next-line @typescript-eslint/ban-ts-comment
16
17
  // @ts-nocheck
17
18
  const isFieldMutable = function isFieldMutable(field) {
18
19
  // mutable defaults to true, annoyingly
package/cjs/idx/idxState/v1/actionParser.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../../../lib/idx/idxState/v1/actionParser.ts"],"names":["isFieldMutable","field","mutable","divideSingleActionParamsByMutability","action","defaultParamsForAction","neededParamsForAction","immutableParamsForAction","value","push","name","divideActionParamsByMutability","actionList","Array","isArray","neededParams","defaultParams","immutableParams"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA,MAAMA,cAAc,GAAG,SAASA,cAAT,CAAwBC,KAAxB,EAA+B;AACpD;AACA,SAASA,KAAK,CAACC,OAAN,KAAkB,KAA3B;AACD,CAHD;;AAKA,MAAMC,oCAAoC,GAAG,SAASA,oCAAT,CAA+CC,MAA/C,EAAwD;AACnG,QAAMC,sBAAsB,GAAG,EAA/B,CADmG,CAChE;;AACnC,QAAMC,qBAAqB,GAAG,EAA9B,CAFmG,CAEjE;;AAClC,QAAMC,wBAAwB,GAAG,EAAjC,CAHmG,CAG9D;AACrC;AACA;AACA;;AACA,MAAI,CAACH,MAAM,CAACI,KAAZ,EAAmB;AACjBF,IAAAA,qBAAqB,CAACG,IAAtB,CAA2BL,MAA3B;AACA,WAAO;AAAEC,MAAAA,sBAAF;AAA0BC,MAAAA,qBAA1B;AAAiDC,MAAAA;AAAjD,KAAP;AACD;;AAED,OAAM,IAAIN,KAAV,IAAmBG,MAAM,CAACI,KAA1B,EAAkC;AAEhC,QAAKR,cAAc,CAAEC,KAAF,CAAnB,EAA+B;AAAA;;AAE7BK,MAAAA,qBAAqB,CAACG,IAAtB,CAA2BR,KAA3B;;AAEA,0BAAKA,KAAK,CAACO,KAAX,uDAAoB,KAApB,EAA4B;AAC1BH,QAAAA,sBAAsB,CAACJ,KAAK,CAACS,IAAP,CAAtB,GAAqCT,KAAK,CAACO,KAA3C;AACD;AAEF,KARD,MAQO;AAAA;;AACLD,MAAAA,wBAAwB,CAACN,KAAK,CAACS,IAAP,CAAxB,oBAAuCT,KAAK,CAACO,KAA7C,yDAAsD,EAAtD;AACD;AACF;;AACD,SAAO;AAAEH,IAAAA,sBAAF;AAA0BC,IAAAA,qBAA1B;AAAiDC,IAAAA;AAAjD,GAAP;AACD,CA3BD;;AA6BO,MAAMI,8BAA8B,GAAG,SAASA,8BAAT,CAAyCC,UAAzC,EAAsD;AAClG;AACAA,EAAAA,UAAU,GAAGC,KAAK,CAACC,OAAN,CAAcF,UAAd,IAA4BA,UAA5B,GAAyC,CAAEA,UAAF,CAAtD;AACA,QAAMG,YAAY,GAAG,EAArB;AACA,QAAMC,aAAa,GAAG,EAAtB;AACA,QAAMC,eAAe,GAAG,EAAxB;;AAEA,OAAM,IAAIb,MAAV,IAAoBQ,UAApB,EAAiC;AAC/B,UAAM;AACJP,MAAAA,sBADI;AAEJC,MAAAA,qBAFI;AAGJC,MAAAA;AAHI,QAIFJ,oCAAoC,CAACC,MAAD,CAJxC;AAKAW,IAAAA,YAAY,CAACN,IAAb,CAAkBH,qBAAlB;AACAU,IAAAA,aAAa,CAACZ,MAAM,CAACM,IAAR,CAAb,GAA6BL,sBAA7B;AACAY,IAAAA,eAAe,CAACb,MAAM,CAACM,IAAR,CAAf,GAA+BH,wBAA/B;AACD;;AAED,SAAO;AAAES,IAAAA,aAAF;AAAiBD,IAAAA,YAAjB;AAA+BE,IAAAA;AAA/B,GAAP;AACD,CAnBM","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nconst isFieldMutable = function isFieldMutable(field) {\n // mutable defaults to true, annoyingly\n return ( field.mutable !== false );\n};\n\nconst divideSingleActionParamsByMutability = function divideSingleActionParamsByMutability( action ) {\n const defaultParamsForAction = {}; // mutable and present\n const neededParamsForAction = []; // mutable values\n const immutableParamsForAction = {}; // immutable\n // TODO: remove assumption that form names are unique, neededParams being an array is a temp fix\n // not all actions have value (e.g. redirect)\n // making sure they are not empty and instead hold the remediation object\n if (!action.value) {\n neededParamsForAction.push(action);\n return { defaultParamsForAction, neededParamsForAction, immutableParamsForAction };\n }\n\n for ( let field of action.value ) {\n\n if ( isFieldMutable( field ) ) {\n\n neededParamsForAction.push(field);\n\n if ( field.value ?? false ) {\n defaultParamsForAction[field.name] = field.value;\n }\n\n } else {\n immutableParamsForAction[field.name] = field.value ?? '';\n }\n }\n return { defaultParamsForAction, neededParamsForAction, immutableParamsForAction };\n};\n\nexport const divideActionParamsByMutability = function divideActionParamsByMutability( actionList ) {\n // TODO: when removing form name is unique assumption, this may all be redundant\n actionList = Array.isArray(actionList) ? actionList : [ actionList ];\n const neededParams = [];\n const defaultParams = {};\n const immutableParams = {};\n\n for ( let action of actionList ) {\n const { \n defaultParamsForAction, \n neededParamsForAction, \n immutableParamsForAction \n } = divideSingleActionParamsByMutability(action);\n neededParams.push(neededParamsForAction);\n defaultParams[action.name] = defaultParamsForAction;\n immutableParams[action.name] = immutableParamsForAction;\n }\n\n return { defaultParams, neededParams, immutableParams };\n};\n\n"],"file":"actionParser.js"}
package/cjs/idx/{idx-js → idxState}/v1/generateIdxAction.js RENAMED
@@ -6,12 +6,14 @@ exports.default = void 0;
6
6
 
7
7
  var _stringify = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/json/stringify"));
8
8
 
9
- var _client = require("../client");
9
+ var _http = require("../../../http");
10
10
 
11
11
  var _actionParser = require("./actionParser");
12
12
 
13
13
  var _makeIdxState = require("./makeIdxState");
14
14
 
15
+ var _AuthApiError = _interopRequireDefault(require("../../../errors/AuthApiError"));
16
+
15
17
  /*!
16
18
  * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.
17
19
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -24,49 +26,60 @@ var _makeIdxState = require("./makeIdxState");
24
26
  * See the License for the specific language governing permissions and limitations under the License.
25
27
  */
26
28
 
27
- /* eslint-disable max-len */
29
+ /* eslint-disable max-len, complexity */
30
+ // eslint-disable-next-line @typescript-eslint/ban-ts-comment
28
31
  // @ts-nocheck
29
- const generateDirectFetch = function generateDirectFetch({
32
+ const generateDirectFetch = function generateDirectFetch(authClient, {
30
33
  actionDefinition,
31
34
  defaultParamsForAction = {},
32
35
  immutableParamsForAction = {},
33
- toPersist
36
+ toPersist = {}
34
37
  }) {
35
38
  const target = actionDefinition.href;
36
- return async function (params) {
39
+ return async function (params = {}) {
37
40
  const headers = {
38
- 'content-type': 'application/json',
39
- 'accept': actionDefinition.accepts || 'application/ion+json'
41
+ 'Content-Type': 'application/json',
42
+ 'Accept': actionDefinition.accepts || 'application/ion+json'
40
43
  };
41
44
  const body = (0, _stringify.default)({ ...defaultParamsForAction,
42
45
  ...params,
43
46
  ...immutableParamsForAction
44
47
  });
45
- const credentials = toPersist && toPersist.withCredentials === false ? 'omit' : 'include';
46
- const response = await (0, _client.request)(target, {
47
- method: actionDefinition.method,
48
- headers,
49
- body,
50
- credentials
51
- });
52
- const responseJSON = await response.json();
53
- const requestDidSucceed = response.ok;
54
- const idxResponse = (0, _makeIdxState.makeIdxState)(responseJSON, toPersist, requestDidSucceed);
55
48
 
56
- if (response.status === 401 && response.headers.get('WWW-Authenticate') === 'Oktadevicejwt realm="Okta Device"') {
57
- // Okta server responds 401 status code with WWW-Authenticate header and new remediation
58
- // so that the iOS/MacOS credential SSO extension (Okta Verify) can intercept
59
- // the response reaches here when Okta Verify is not installed
60
- // set `stepUp` to true if flow should be continued without showing any errors
61
- idxResponse.stepUp = true;
62
- } // Throw IDX response if request did not succeed. This behavior will be removed in version 7.0: OKTA-481844
49
+ try {
50
+ var _toPersist$withCreden;
51
+
52
+ const response = await (0, _http.httpRequest)(authClient, {
53
+ url: target,
54
+ method: actionDefinition.method,
55
+ headers,
56
+ args: body,
57
+ withCredentials: (_toPersist$withCreden = toPersist === null || toPersist === void 0 ? void 0 : toPersist.withCredentials) !== null && _toPersist$withCreden !== void 0 ? _toPersist$withCreden : true
58
+ });
59
+ return (0, _makeIdxState.makeIdxState)(authClient, { ...response
60
+ }, toPersist, true);
61
+ } catch (err) {
62
+ if (!(err instanceof _AuthApiError.default) || !(err !== null && err !== void 0 && err.xhr)) {
63
+ throw err;
64
+ }
65
+
66
+ const response = err.xhr;
67
+ const payload = response.responseJSON || JSON.parse(response.responseText);
68
+ const wwwAuthHeader = response.headers['WWW-Authenticate'] || response.headers['www-authenticate'];
69
+ const idxResponse = (0, _makeIdxState.makeIdxState)(authClient, { ...payload
70
+ }, toPersist, false);
71
+
72
+ if (response.status === 401 && wwwAuthHeader === 'Oktadevicejwt realm="Okta Device"') {
73
+ // Okta server responds 401 status code with WWW-Authenticate header and new remediation
74
+ // so that the iOS/MacOS credential SSO extension (Okta Verify) can intercept
75
+ // the response reaches here when Okta Verify is not installed
76
+ // set `stepUp` to true if flow should be continued without showing any errors
77
+ idxResponse.stepUp = true;
78
+ } // Throw IDX response if request did not succeed. This behavior will be removed in version 7.0: OKTA-481844
63
79
 
64
80
 
65
- if (!requestDidSucceed) {
66
81
  throw idxResponse;
67
82
  }
68
-
69
- return idxResponse;
70
83
  };
71
84
  }; // TODO: Resolve in M2: Either build the final polling solution or remove this code
72
85
  // const generatePollingFetch = function generatePollingFetch( { actionDefinition, defaultParamsForAction = {}, immutableParamsForAction = {} } ) {
@@ -81,12 +94,12 @@ const generateDirectFetch = function generateDirectFetch({
81
94
  // body: JSON.stringify({ ...defaultParamsForAction, ...params, ...immutableParamsForAction })
82
95
  // })
83
96
  // .then( response => response.ok ? response.json() : response.json().then( err => Promise.reject(err)) )
84
- // .then( idxResponse => makeIdxState(idxResponse) );
97
+ // .then( idxResponse => makeIdxState(authClient, idxResponse) );
85
98
  // };
86
99
  // };
87
100
 
88
101
 
89
- const generateIdxAction = function generateIdxAction(actionDefinition, toPersist) {
102
+ const generateIdxAction = function generateIdxAction(authClient, actionDefinition, toPersist) {
90
103
  // TODO: leaving this here to see where the polling is EXPECTED to drop into the code, but removing any accidental trigger of incomplete code
91
104
  // const generator = actionDefinition.refresh ? generatePollingFetch : generateDirectFetch;
92
105
  const generator = generateDirectFetch;
@@ -95,7 +108,7 @@ const generateIdxAction = function generateIdxAction(actionDefinition, toPersist
95
108
  neededParams,
96
109
  immutableParams
97
110
  } = (0, _actionParser.divideActionParamsByMutability)(actionDefinition);
98
- const action = generator({
111
+ const action = generator(authClient, {
99
112
  actionDefinition,
100
113
  defaultParamsForAction: defaultParams[actionDefinition.name],
101
114
  immutableParamsForAction: immutableParams[actionDefinition.name],
package/cjs/idx/idxState/v1/generateIdxAction.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../../../../lib/idx/idxState/v1/generateIdxAction.ts"],"names":["generateDirectFetch","authClient","actionDefinition","defaultParamsForAction","immutableParamsForAction","toPersist","target","href","params","headers","accepts","body","response","url","method","args","withCredentials","err","AuthApiError","xhr","payload","responseJSON","JSON","parse","responseText","wwwAuthHeader","idxResponse","status","stepUp","generateIdxAction","generator","defaultParams","neededParams","immutableParams","action","name"],"mappings":";;;;;;;;AAeA;;AAGA;;AACA;;AACA;;AApBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AAQA,MAAMA,mBAAmB,GAAG,SAASA,mBAAT,CAA6BC,UAA7B,EAA4D;AACtFC,EAAAA,gBADsF;AAEtFC,EAAAA,sBAAsB,GAAG,EAF6D;AAGtFC,EAAAA,wBAAwB,GAAG,EAH2D;AAItFC,EAAAA,SAAS,GAAG;AAJ0E,CAA5D,EAKzB;AACD,QAAMC,MAAM,GAAGJ,gBAAgB,CAACK,IAAhC;AACA,SAAO,gBAAeC,MAAuB,GAAG,EAAzC,EAAmE;AACxE,UAAMC,OAAO,GAAG;AACd,sBAAgB,kBADF;AAEd,gBAAUP,gBAAgB,CAACQ,OAAjB,IAA4B;AAFxB,KAAhB;AAIA,UAAMC,IAAI,GAAG,wBAAe,EAC1B,GAAGR,sBADuB;AAE1B,SAAGK,MAFuB;AAG1B,SAAGJ;AAHuB,KAAf,CAAb;;AAMA,QAAI;AAAA;;AACF,YAAMQ,QAAQ,GAAG,MAAM,uBAAYX,UAAZ,EAAwB;AAC7CY,QAAAA,GAAG,EAAEP,MADwC;AAE7CQ,QAAAA,MAAM,EAAEZ,gBAAgB,CAACY,MAFoB;AAG7CL,QAAAA,OAH6C;AAI7CM,QAAAA,IAAI,EAAEJ,IAJuC;AAK7CK,QAAAA,eAAe,2BAAEX,SAAF,aAAEA,SAAF,uBAAEA,SAAS,CAAEW,eAAb,yEAAgC;AALF,OAAxB,CAAvB;AAQA,aAAO,gCAAaf,UAAb,EAAyB,EAAE,GAAGW;AAAL,OAAzB,EAA0CP,SAA1C,EAAqD,IAArD,CAAP;AACD,KAVD,CAWA,OAAOY,GAAP,EAAY;AACV,UAAI,EAAEA,GAAG,YAAYC,qBAAjB,KAAkC,EAACD,GAAD,aAACA,GAAD,eAACA,GAAG,CAAEE,GAAN,CAAtC,EAAiD;AAC/C,cAAMF,GAAN;AACD;;AAED,YAAML,QAAQ,GAAGK,GAAG,CAACE,GAArB;AACA,YAAMC,OAAO,GAAGR,QAAQ,CAACS,YAAT,IAAyBC,IAAI,CAACC,KAAL,CAAWX,QAAQ,CAACY,YAApB,CAAzC;AACA,YAAMC,aAAa,GAAGb,QAAQ,CAACH,OAAT,CAAiB,kBAAjB,KAAwCG,QAAQ,CAACH,OAAT,CAAiB,kBAAjB,CAA9D;AAEA,YAAMiB,WAAW,GAAG,gCAAazB,UAAb,EAAyB,EAAE,GAAGmB;AAAL,OAAzB,EAAyCf,SAAzC,EAAoD,KAApD,CAApB;;AACA,UAAIO,QAAQ,CAACe,MAAT,KAAoB,GAApB,IAA2BF,aAAa,KAAK,mCAAjD,EAAsF;AACpF;AACA;AACA;AACA;AACAC,QAAAA,WAAW,CAACE,MAAZ,GAAqB,IAArB;AACD,OAhBS,CAkBV;;;AACA,YAAMF,WAAN;AACD;AACF,GA3CD;AA4CD,CAnDD,C,CAqDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AAEA,MAAMG,iBAAiB,GAAG,SAASA,iBAAT,CAA4B5B,UAA5B,EAA2DC,gBAA3D,EAA6EG,SAA7E,EAAyF;AACjH;AACA;AACA,QAAMyB,SAAS,GAAG9B,mBAAlB;AACA,QAAM;AAAE+B,IAAAA,aAAF;AAAiBC,IAAAA,YAAjB;AAA+BC,IAAAA;AAA/B,MAAmD,kDAAgC/B,gBAAhC,CAAzD;AAEA,QAAMgC,MAAM,GAAGJ,SAAS,CAAC7B,UAAD,EAAa;AACnCC,IAAAA,gBADmC;AAEnCC,IAAAA,sBAAsB,EAAE4B,aAAa,CAAC7B,gBAAgB,CAACiC,IAAlB,CAFF;AAGnC/B,IAAAA,wBAAwB,EAAE6B,eAAe,CAAC/B,gBAAgB,CAACiC,IAAlB,CAHN;AAInC9B,IAAAA;AAJmC,GAAb,CAAxB;AAMA6B,EAAAA,MAAM,CAACF,YAAP,GAAsBA,YAAtB;AACA,SAAOE,MAAP;AACD,CAdD;;eAgBeL,iB","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable max-len, complexity */\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nimport { httpRequest } from '../../../http';\nimport { OktaAuthInterface } from '../../../types'; // auth-js/types\nimport { IdxActionParams } from '../../types/idx-js';\nimport { divideActionParamsByMutability } from './actionParser';\nimport { makeIdxState } from './makeIdxState';\nimport AuthApiError from '../../../errors/AuthApiError';\n\nconst generateDirectFetch = function generateDirectFetch(authClient: OktaAuthInterface, { \n actionDefinition, \n defaultParamsForAction = {}, \n immutableParamsForAction = {}, \n toPersist = {}\n}) {\n const target = actionDefinition.href;\n return async function(params: IdxActionParams = {}): Promise<IdxResponse> {\n const headers = {\n 'Content-Type': 'application/json',\n 'Accept': actionDefinition.accepts || 'application/ion+json',\n };\n const body = JSON.stringify({\n ...defaultParamsForAction,\n ...params,\n ...immutableParamsForAction\n });\n\n try {\n const response = await httpRequest(authClient, {\n url: target,\n method: actionDefinition.method,\n headers,\n args: body,\n withCredentials: toPersist?.withCredentials ?? true\n });\n\n return makeIdxState(authClient, { ...response }, toPersist, true);\n }\n catch (err) {\n if (!(err instanceof AuthApiError) || !err?.xhr) {\n throw err;\n }\n\n const response = err.xhr;\n const payload = response.responseJSON || JSON.parse(response.responseText);\n const wwwAuthHeader = response.headers['WWW-Authenticate'] || response.headers['www-authenticate'];\n\n const idxResponse = makeIdxState(authClient, { ...payload }, toPersist, false);\n if (response.status === 401 && wwwAuthHeader === 'Oktadevicejwt realm=\"Okta Device\"') {\n // Okta server responds 401 status code with WWW-Authenticate header and new remediation\n // so that the iOS/MacOS credential SSO extension (Okta Verify) can intercept\n // the response reaches here when Okta Verify is not installed\n // set `stepUp` to true if flow should be continued without showing any errors\n idxResponse.stepUp = true;\n }\n\n // Throw IDX response if request did not succeed. This behavior will be removed in version 7.0: OKTA-481844\n throw idxResponse;\n }\n };\n};\n\n// TODO: Resolve in M2: Either build the final polling solution or remove this code\n// const generatePollingFetch = function generatePollingFetch( { actionDefinition, defaultParamsForAction = {}, immutableParamsForAction = {} } ) {\n// // TODO: Discussions ongoing about when/how to terminate polling: OKTA-246581\n// const target = actionDefinition.href;\n// return async function(params) {\n// return fetch(target, {\n// method: actionDefinition.method,\n// headers: {\n// 'content-type': actionDefinition.accepts,\n// },\n// body: JSON.stringify({ ...defaultParamsForAction, ...params, ...immutableParamsForAction })\n// })\n// .then( response => response.ok ? response.json() : response.json().then( err => Promise.reject(err)) )\n// .then( idxResponse => makeIdxState(authClient, idxResponse) );\n// };\n// };\n\nconst generateIdxAction = function generateIdxAction( authClient: OktaAuthInterface, actionDefinition, toPersist ) {\n // TODO: leaving this here to see where the polling is EXPECTED to drop into the code, but removing any accidental trigger of incomplete code\n // const generator = actionDefinition.refresh ? generatePollingFetch : generateDirectFetch;\n const generator = generateDirectFetch;\n const { defaultParams, neededParams, immutableParams } = divideActionParamsByMutability( actionDefinition );\n\n const action = generator(authClient, {\n actionDefinition,\n defaultParamsForAction: defaultParams[actionDefinition.name],\n immutableParamsForAction: immutableParams[actionDefinition.name],\n toPersist\n });\n action.neededParams = neededParams;\n return action;\n};\n\nexport default generateIdxAction;\n"],"file":"generateIdxAction.js"}