@okta/okta-auth-js 6.3.1 → 6.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +38 -0
- package/README.md +6 -0
- package/cjs/AuthStateManager.js +1 -0
- package/cjs/AuthStateManager.js.map +1 -1
- package/cjs/OktaAuth.js +10 -11
- package/cjs/OktaAuth.js.map +1 -1
- package/cjs/OktaUserAgent.js +2 -2
- package/cjs/ServiceManager.js +1 -1
- package/cjs/ServiceManager.js.map +1 -1
- package/cjs/TokenManager.js.map +1 -1
- package/cjs/crypto/verifyToken.js +2 -1
- package/cjs/crypto/verifyToken.js.map +1 -1
- package/cjs/errors/AuthApiError.js.map +1 -1
- package/cjs/errors/OAuthError.js +7 -1
- package/cjs/errors/OAuthError.js.map +1 -1
- package/cjs/fetch/fetchRequest.js +17 -3
- package/cjs/fetch/fetchRequest.js.map +1 -1
- package/cjs/http/request.js +7 -3
- package/cjs/http/request.js.map +1 -1
- package/cjs/idx/idxState/index.js +55 -0
- package/cjs/idx/idxState/index.js.map +1 -0
- package/cjs/idx/{idx-js → idxState}/v1/actionParser.js +1 -0
- package/cjs/idx/idxState/v1/actionParser.js.map +1 -0
- package/cjs/idx/{idx-js → idxState}/v1/generateIdxAction.js +43 -30
- package/cjs/idx/idxState/v1/generateIdxAction.js.map +1 -0
- package/cjs/idx/{idx-js → idxState}/v1/idxResponseParser.js +8 -8
- package/cjs/idx/idxState/v1/idxResponseParser.js.map +1 -0
- package/cjs/idx/{idx-js → idxState}/v1/makeIdxState.js +3 -2
- package/cjs/idx/idxState/v1/makeIdxState.js.map +1 -0
- package/cjs/idx/{idx-js → idxState}/v1/parsers.js +1 -0
- package/cjs/idx/idxState/v1/parsers.js.map +1 -0
- package/cjs/idx/{idx-js → idxState}/v1/remediationParser.js +4 -2
- package/cjs/idx/idxState/v1/remediationParser.js.map +1 -0
- package/cjs/idx/interact.js +42 -21
- package/cjs/idx/interact.js.map +1 -1
- package/cjs/idx/introspect.js +37 -12
- package/cjs/idx/introspect.js.map +1 -1
- package/cjs/idx/remediate.js +56 -132
- package/cjs/idx/remediate.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorVerificationData.js +7 -6
- package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
- package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
- package/cjs/idx/remediators/Base/Remediator.js +12 -2
- package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
- package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/ChallengeAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/EnrollAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/EnrollPoll.js.map +1 -1
- package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
- package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -1
- package/cjs/idx/remediators/Identify.js.map +1 -1
- package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/ResetAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorEnroll.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js.map +1 -1
- package/cjs/idx/remediators/SelectEnrollProfile.js.map +1 -1
- package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -1
- package/cjs/idx/remediators/Skip.js.map +1 -1
- package/cjs/idx/run.js +16 -12
- package/cjs/idx/run.js.map +1 -1
- package/cjs/idx/types/idx-js.js +2 -0
- package/cjs/idx/types/idx-js.js.map +1 -1
- package/cjs/idx/types/index.js +0 -138
- package/cjs/idx/types/index.js.map +1 -1
- package/cjs/idx/util.js +127 -5
- package/cjs/idx/util.js.map +1 -1
- package/cjs/server/serverStorage.js +1 -0
- package/cjs/server/serverStorage.js.map +1 -1
- package/cjs/tx/AuthTransaction.js.map +1 -1
- package/cjs/types/Token.js +0 -1
- package/cjs/types/Token.js.map +1 -1
- package/cjs/util/object.js.map +1 -1
- package/cjs/util/types.js.map +1 -1
- package/dist/okta-auth-js.min.js +1 -1
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.umd.js +1 -1
- package/dist/okta-auth-js.umd.js.map +1 -1
- package/esm/esm.browser.js +744 -928
- package/esm/esm.browser.js.map +1 -1
- package/esm/esm.node.mjs +609 -730
- package/esm/esm.node.mjs.map +1 -1
- package/lib/TokenManager.d.ts +2 -2
- package/lib/errors/OAuthError.d.ts +2 -0
- package/lib/idx/flow/RemediationFlow.d.ts +2 -2
- package/lib/idx/idxState/index.d.ts +7 -0
- package/lib/idx/{idx-js → idxState}/v1/actionParser.d.ts +0 -0
- package/lib/idx/{idx-js → idxState}/v1/generateIdxAction.d.ts +3 -1
- package/lib/idx/{idx-js → idxState}/v1/idxResponseParser.d.ts +3 -2
- package/lib/idx/{idx-js → idxState}/v1/makeIdxState.d.ts +3 -2
- package/lib/idx/{idx-js → idxState}/v1/parsers.d.ts +0 -0
- package/lib/idx/{idx-js → idxState}/v1/remediationParser.d.ts +2 -1
- package/lib/idx/interact.d.ts +22 -0
- package/lib/idx/remediate.d.ts +9 -12
- package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +1 -2
- package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +3 -3
- package/lib/idx/remediators/Base/AuthenticatorData.d.ts +3 -4
- package/lib/idx/remediators/Base/Remediator.d.ts +8 -4
- package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +2 -3
- package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +3 -4
- package/lib/idx/remediators/ChallengeAuthenticator.d.ts +1 -2
- package/lib/idx/remediators/EnrollAuthenticator.d.ts +1 -2
- package/lib/idx/remediators/EnrollPoll.d.ts +1 -2
- package/lib/idx/remediators/EnrollProfile.d.ts +1 -2
- package/lib/idx/remediators/EnrollmentChannelData.d.ts +1 -2
- package/lib/idx/remediators/Identify.d.ts +1 -2
- package/lib/idx/remediators/ReEnrollAuthenticator.d.ts +1 -2
- package/lib/idx/remediators/ResetAuthenticator.d.ts +1 -2
- package/lib/idx/remediators/SelectAuthenticatorAuthenticate.d.ts +1 -2
- package/lib/idx/remediators/SelectAuthenticatorEnroll.d.ts +1 -2
- package/lib/idx/remediators/SelectAuthenticatorUnlockAccount.d.ts +1 -2
- package/lib/idx/remediators/SelectEnrollProfile.d.ts +1 -2
- package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +1 -2
- package/lib/idx/remediators/Skip.d.ts +1 -2
- package/lib/idx/types/idx-js.d.ts +5 -2
- package/lib/idx/types/index.d.ts +26 -17
- package/lib/idx/util.d.ts +7 -4
- package/lib/types/EventEmitter.d.ts +3 -3
- package/lib/types/Service.d.ts +6 -6
- package/lib/types/Storage.d.ts +6 -6
- package/lib/types/TokenManager.d.ts +5 -2
- package/lib/types/UserClaims.d.ts +1 -1
- package/lib/util/types.d.ts +1 -1
- package/package.json +10 -10
- package/cjs/idx/headers.js +0 -59
- package/cjs/idx/headers.js.map +0 -1
- package/cjs/idx/idx-js/client.js +0 -91
- package/cjs/idx/idx-js/client.js.map +0 -1
- package/cjs/idx/idx-js/index.js +0 -40
- package/cjs/idx/idx-js/index.js.map +0 -1
- package/cjs/idx/idx-js/interact.js +0 -83
- package/cjs/idx/idx-js/interact.js.map +0 -1
- package/cjs/idx/idx-js/introspect.js +0 -62
- package/cjs/idx/idx-js/introspect.js.map +0 -1
- package/cjs/idx/idx-js/parsers.js +0 -41
- package/cjs/idx/idx-js/parsers.js.map +0 -1
- package/cjs/idx/idx-js/util.js +0 -34
- package/cjs/idx/idx-js/util.js.map +0 -1
- package/cjs/idx/idx-js/v1/actionParser.js.map +0 -1
- package/cjs/idx/idx-js/v1/generateIdxAction.js.map +0 -1
- package/cjs/idx/idx-js/v1/idxResponseParser.js.map +0 -1
- package/cjs/idx/idx-js/v1/makeIdxState.js.map +0 -1
- package/cjs/idx/idx-js/v1/parsers.js.map +0 -1
- package/cjs/idx/idx-js/v1/remediationParser.js.map +0 -1
- package/cjs/options.js +0 -170
- package/cjs/options.js.map +0 -1
- package/lib/idx/headers.d.ts +0 -16
- package/lib/idx/idx-js/client.d.ts +0 -36
- package/lib/idx/idx-js/index.d.ts +0 -35
- package/lib/idx/idx-js/interact.d.ts +0 -25
- package/lib/idx/idx-js/introspect.d.ts +0 -21
- package/lib/idx/idx-js/parsers.d.ts +0 -15
- package/lib/idx/idx-js/util.d.ts +0 -12
- package/lib/options.d.ts +0 -14
package/cjs/TokenManager.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../lib/TokenManager.ts"],"names":["DEFAULT_OPTIONS","autoRenew","autoRemove","syncStorage","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","_storageEventDelay","EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","defaultState","expireTimeouts","renewPromise","TokenManager","constructor","sdk","options","emitter","AuthSdkError","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","useSeparateCookies","clock","SdkClock","create","state","on","bind","off","start","setExpireEventTimeoutAll","stop","clearExpireEventTimeoutAll","getOptions","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","emitRenewed","freshToken","oldToken","emitAdded","emitRemoved","emitError","error","emitEventsForCrossTabsStorageUpdate","newValue","oldValue","oldTokens","getTokensFromStorageValue","newTokens","forEach","newToken","clearExpireEventTimeout","clearTimeout","Object","prototype","hasOwnProperty","call","setExpireEventTimeout","expireEventWait","Math","max","expireEventTimeout","setTimeout","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","setStorage","getSync","get","getTokensSync","tokens","accessToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","getTokenType","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","existingToken","remove","removedToken","renewToken","renew","validateToken","e","reject","renewTokens","then","tokenType","catch","err","tokenKey","finally","clear","clearStorage","pendingRemove","value","JSON","parse","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","addPendingRemoveFlags"],"mappings":";;;;;;;;;;;;;;;;;;AAYA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAkBA;;AAnCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA0BA,MAAMA,eAAe,GAAG;AACtB;AACAC,EAAAA,SAAS,EAAE,IAFW;AAGtBC,EAAAA,UAAU,EAAE,IAHU;AAItBC,EAAAA,WAAW,EAAE,IAJS;AAKtB;AACAC,EAAAA,wBAAwB,EAAE,IANJ;AAOtBC,EAAAA,OAAO,EAAEC,SAPa;AAOF;AACpBC,EAAAA,kBAAkB,EAAE,EARE;AAStBC,EAAAA,UAAU,EAAEC,6BATU;AAUtBC,EAAAA,kBAAkB,EAAE;AAVE,CAAxB;AAYO,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;;AAMP,SAASC,YAAT,GAA2C;AACzC,SAAO;AACLC,IAAAA,cAAc,EAAE,EADX;AAELC,IAAAA,YAAY,EAAE;AAFT,GAAP;AAID;;AACM,MAAMC,YAAN,CAAoD;AAWzD;AACAC,EAAAA,WAAW,CAACC,GAAD,EAAyBC,OAA4B,GAAG,EAAxD,EAA4D;AACrE,SAAKD,GAAL,GAAWA,GAAX;AACA,SAAKE,OAAL,GAAgBF,GAAD,CAAaE,OAA5B;;AACA,QAAI,CAAC,KAAKA,OAAV,EAAmB;AACjB,YAAM,IAAIC,oBAAJ,CAAiB,mDAAjB,CAAN;AACD;;AAEDF,IAAAA,OAAO,GAAG,qBAAc,EAAd,EAAkBtB,eAAlB,EAAmC,sBAAWsB,OAAX,CAAnC,CAAV;;AACA,QAAI,6BAAJ,EAAoB;AAClBA,MAAAA,OAAO,CAACZ,kBAAR,GAA6BY,OAAO,CAACZ,kBAAR,IAA8B,IAA3D;AACD;;AACD,QAAI,CAAC,4BAAL,EAAoB;AAClBY,MAAAA,OAAO,CAACf,kBAAR,GAA6BP,eAAe,CAACO,kBAA7C;AACD;;AAED,SAAKe,OAAL,GAAeA,OAAf;AAEA,UAAMG,cAA8B,GAAG,sBAAW;AAChDjB,MAAAA,UAAU,EAAEc,OAAO,CAACd,UAD4B;AAEhDkB,MAAAA,MAAM,EAAEJ,OAAO,CAACI;AAFgC,KAAX,CAAvC;;AAIA,QAAI,OAAOJ,OAAO,CAACjB,OAAf,KAA2B,QAA/B,EAAyC;AACvC;AACAoB,MAAAA,cAAc,CAACE,eAAf,GAAiCL,OAAO,CAACjB,OAAzC;AACD,KAHD,MAGO,IAAIiB,OAAO,CAACjB,OAAZ,EAAqB;AAC1BoB,MAAAA,cAAc,CAACG,WAAf,GAA6BN,OAAO,CAACjB,OAArC;AACD;;AAED,SAAKA,OAAL,GAAegB,GAAG,CAACQ,cAAJ,CAAmBC,eAAnB,CAAmC,EAAC,GAAGL,cAAJ;AAAoBM,MAAAA,kBAAkB,EAAE;AAAxC,KAAnC,CAAf;AACA,SAAKC,KAAL,GAAaC,eAASC,MAAT,EAAb;AACA,SAAKC,KAAL,GAAanB,YAAY,EAAzB;AAEA,SAAKoB,EAAL,GAAU,KAAKb,OAAL,CAAaa,EAAb,CAAgBC,IAAhB,CAAqB,KAAKd,OAA1B,CAAV;AACA,SAAKe,GAAL,GAAW,KAAKf,OAAL,CAAae,GAAb,CAAiBD,IAAjB,CAAsB,KAAKd,OAA3B,CAAX;AACD;;AAEDgB,EAAAA,KAAK,GAAG;AACN,QAAI,KAAKjB,OAAL,CAAalB,wBAAjB,EAA2C;AACzC,WAAKA,wBAAL;AACD;;AACD,SAAKoC,wBAAL;AACD;;AAEDC,EAAAA,IAAI,GAAG;AACL,SAAKC,0BAAL;AACD;;AAEDC,EAAAA,UAAU,GAAwB;AAChC,WAAO,iBAAM,KAAKrB,OAAX,CAAP;AACD;;AAEDsB,EAAAA,aAAa,CAACC,KAAD,EAAQ;AACnB,UAAMtC,kBAAkB,GAAG,KAAKe,OAAL,CAAaf,kBAAb,IAAmC,CAA9D;AACA,QAAIuC,UAAU,GAAGD,KAAK,CAACE,SAAN,GAAkBxC,kBAAnC;AACA,WAAOuC,UAAP;AACD;;AAEDE,EAAAA,UAAU,CAACH,KAAD,EAAQ;AAChB,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,WAAOC,UAAU,IAAI,KAAKd,KAAL,CAAWiB,GAAX,EAArB;AACD;;AAEDC,EAAAA,WAAW,CAACC,GAAD,EAAMN,KAAN,EAAa;AACtB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBzC,aAAlB,EAAiCwC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDQ,EAAAA,WAAW,CAACF,GAAD,EAAMG,UAAN,EAAkBC,QAAlB,EAA4B;AACrC,SAAKhC,OAAL,CAAa6B,IAAb,CAAkBxC,aAAlB,EAAiCuC,GAAjC,EAAsCG,UAAtC,EAAkDC,QAAlD;AACD;;AAEDC,EAAAA,SAAS,CAACL,GAAD,EAAMN,KAAN,EAAa;AACpB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBvC,WAAlB,EAA+BsC,GAA/B,EAAoCN,KAApC;AACD;;AAEDY,EAAAA,WAAW,CAACN,GAAD,EAAMN,KAAN,EAAc;AACvB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBtC,aAAlB,EAAiCqC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDa,EAAAA,SAAS,CAACC,KAAD,EAAQ;AACf,SAAKpC,OAAL,CAAa6B,IAAb,CAAkBrC,WAAlB,EAA+B4C,KAA/B;AACD;;AAEDC,EAAAA,mCAAmC,CAACC,QAAD,EAAWC,QAAX,EAAqB;AACtD,UAAMC,SAAS,GAAG,KAAKC,yBAAL,CAA+BF,QAA/B,CAAlB;AACA,UAAMG,SAAS,GAAG,KAAKD,yBAAL,CAA+BH,QAA/B,CAAlB;AACA,uBAAYI,SAAZ,EAAuBC,OAAvB,CAA+Bf,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMgB,QAAQ,GAAGF,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,wBAAeI,QAAf,MAA6B,wBAAeY,QAAf,CAAjC,EAA2D;AACzD,aAAKX,SAAL,CAAeL,GAAf,EAAoBgB,QAApB;AACD;AACF,KAND;AAOA,uBAAYJ,SAAZ,EAAuBG,OAAvB,CAA+Bf,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMgB,QAAQ,GAAGF,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,CAACgB,QAAL,EAAe;AACb,aAAKV,WAAL,CAAiBN,GAAjB,EAAsBI,QAAtB;AACD;AACF,KAND;AAOD;;AAEDa,EAAAA,uBAAuB,CAACjB,GAAD,EAAM;AAC3BkB,IAAAA,YAAY,CAAC,KAAKlC,KAAL,CAAWlB,cAAX,CAA0BkC,GAA1B,CAAD,CAAZ;AACA,WAAO,KAAKhB,KAAL,CAAWlB,cAAX,CAA0BkC,GAA1B,CAAP,CAF2B,CAI3B;;AACA,SAAKhB,KAAL,CAAWjB,YAAX,GAA0B,IAA1B;AACD;;AAEDwB,EAAAA,0BAA0B,GAAG;AAC3B,QAAIzB,cAAc,GAAG,KAAKkB,KAAL,CAAWlB,cAAhC;;AACA,SAAK,IAAIkC,GAAT,IAAgBlC,cAAhB,EAAgC;AAC9B,UAAI,CAACqD,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCxD,cAArC,EAAqDkC,GAArD,CAAL,EAAgE;AAC9D;AACD;;AACD,WAAKiB,uBAAL,CAA6BjB,GAA7B;AACD;AACF;;AAEDuB,EAAAA,qBAAqB,CAACvB,GAAD,EAAMN,KAAN,EAAa;AAChC,QAAI,2BAAeA,KAAf,CAAJ,EAA2B;AACzB;AACD;;AAED,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,QAAI8B,eAAe,GAAGC,IAAI,CAACC,GAAL,CAAS/B,UAAU,GAAG,KAAKd,KAAL,CAAWiB,GAAX,EAAtB,EAAwC,CAAxC,IAA6C,IAAnE,CANgC,CAQhC;;AACA,SAAKmB,uBAAL,CAA6BjB,GAA7B;AAEA,QAAI2B,kBAAkB,GAAGC,UAAU,CAAC,MAAM;AACxC,WAAK7B,WAAL,CAAiBC,GAAjB,EAAsBN,KAAtB;AACD,KAFkC,EAEhC8B,eAFgC,CAAnC,CAXgC,CAehC;;AACA,SAAKxC,KAAL,CAAWlB,cAAX,CAA0BkC,GAA1B,IAAiC2B,kBAAjC;AACD;;AAEDtC,EAAAA,wBAAwB,GAAG;AACzB,QAAIwC,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;;AACA,SAAI,IAAI9B,GAAR,IAAe6B,YAAf,EAA6B;AAC3B,UAAI,CAACV,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCO,YAArC,EAAmD7B,GAAnD,CAAL,EAA8D;AAC5D;AACD;;AACD,UAAIN,KAAK,GAAGmC,YAAY,CAAC7B,GAAD,CAAxB;AACA,WAAKuB,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACD;AACF,GA/JwD,CAiKzD;;;AACAqC,EAAAA,0BAA0B,GAAG;AAC3B,SAAKxC,0BAAL;AACA,SAAKF,wBAAL;AACD;;AAED2C,EAAAA,GAAG,CAAChC,GAAD,EAAMN,KAAN,EAAoB;AACrB,QAAImC,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,8BAAcpC,KAAd;AACAmC,IAAAA,YAAY,CAAC7B,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAKxC,OAAL,CAAa+E,UAAb,CAAwBJ,YAAxB;AACA,SAAKxB,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,SAAK6B,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACD;;AAEDwC,EAAAA,OAAO,CAAClC,GAAD,EAAM;AACX,QAAI6B,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,WAAOD,YAAY,CAAC7B,GAAD,CAAnB;AACD;;AAEQ,QAAHmC,GAAG,CAACnC,GAAD,EAAM;AACb,WAAO,KAAKkC,OAAL,CAAalC,GAAb,CAAP;AACD;;AAEDoC,EAAAA,aAAa,GAAW;AACtB,UAAMC,MAAM,GAAG,EAAf;AACA,UAAMR,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAArB;AACA,uBAAYD,YAAZ,EAA0Bd,OAA1B,CAAkCf,GAAG,IAAI;AACvC,YAAMN,KAAK,GAAGmC,YAAY,CAAC7B,GAAD,CAA1B;;AACA,UAAI,0BAAcN,KAAd,CAAJ,EAA0B;AACxB2C,QAAAA,MAAM,CAACC,WAAP,GAAqB5C,KAArB;AACD,OAFD,MAEO,IAAI,sBAAUA,KAAV,CAAJ,EAAsB;AAC3B2C,QAAAA,MAAM,CAACE,OAAP,GAAiB7C,KAAjB;AACD,OAFM,MAEA,IAAI,2BAAeA,KAAf,CAAJ,EAA2B;AAChC2C,QAAAA,MAAM,CAACG,YAAP,GAAsB9C,KAAtB;AACD;AACF,KATD;AAUA,WAAO2C,MAAP;AACD;;AAEc,QAATI,SAAS,GAAoB;AACjC,WAAO,KAAKL,aAAL,EAAP;AACD;;AAEDM,EAAAA,mBAAmB,CAACC,IAAD,EAA0B;AAAA;;AAC3C,UAAMd,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAArB;AACA,UAAM9B,GAAG,GAAG,mDAAY6B,YAAZ,kBAAiC7B,GAAG,IAAI;AAClD,YAAMN,KAAK,GAAGmC,YAAY,CAAC7B,GAAD,CAA1B;AACA,aAAQ,0BAAcN,KAAd,KAAwBiD,IAAI,KAAK,aAAlC,IACD,sBAAUjD,KAAV,KAAoBiD,IAAI,KAAK,SAD5B,IAED,2BAAejD,KAAf,KAAyBiD,IAAI,KAAK,cAFxC;AAGD,KALW,EAKT,CALS,CAAZ;AAMA,WAAO3C,GAAP;AACD;;AAEO4C,EAAAA,YAAY,CAAClD,KAAD,EAA0B;AAC5C,QAAI,0BAAcA,KAAd,CAAJ,EAA0B;AACxB,aAAO,aAAP;AACD;;AACD,QAAI,sBAAUA,KAAV,CAAJ,EAAsB;AACpB,aAAO,SAAP;AACD;;AACD,QAAG,2BAAeA,KAAf,CAAH,EAA0B;AACxB,aAAO,cAAP;AACD;;AACD,UAAM,IAAIrB,oBAAJ,CAAiB,oBAAjB,CAAN;AACD;;AAEDwE,EAAAA,SAAS,CACPR,MADO,EAEP;AACAS,EAAAA,aAHO,EAIPC,SAJO,EAKPC,cALO,EAMD;AACN,UAAMC,mBAAmB,GAAG,CAACjD,GAAD,EAAMN,KAAN,KAAgB;AAC1C,YAAMiD,IAAI,GAAG,KAAKC,YAAL,CAAkBlD,KAAlB,CAAb;;AACA,UAAIiD,IAAI,KAAK,aAAb,EAA4B;AAC1BG,QAAAA,aAAa,IAAIA,aAAa,CAAC9C,GAAD,EAAMN,KAAN,CAA9B;AACD,OAFD,MAEO,IAAIiD,IAAI,KAAK,SAAb,EAAwB;AAC7BI,QAAAA,SAAS,IAAIA,SAAS,CAAC/C,GAAD,EAAMN,KAAN,CAAtB;AACD,OAFM,MAEA,IAAIiD,IAAI,KAAK,cAAb,EAA6B;AAClCK,QAAAA,cAAc,IAAIA,cAAc,CAAChD,GAAD,EAAMN,KAAN,CAAhC;AACD;AACF,KATD;;AAUA,UAAMwD,WAAW,GAAG,CAAClD,GAAD,EAAMN,KAAN,KAAgB;AAClC,WAAKW,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,WAAK6B,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACAuD,MAAAA,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAKA,UAAMyD,aAAa,GAAG,CAACnD,GAAD,EAAMN,KAAN,EAAaU,QAAb,KAA0B;AAC9C,WAAKF,WAAL,CAAiBF,GAAjB,EAAsBN,KAAtB,EAA6BU,QAA7B;AACA,WAAKa,uBAAL,CAA6BjB,GAA7B;AACA,WAAKuB,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACAuD,MAAAA,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;AACD,KALD;;AAMA,UAAM0D,aAAa,GAAG,CAACpD,GAAD,EAAMN,KAAN,KAAgB;AACpC,WAAKuB,uBAAL,CAA6BjB,GAA7B;AACA,WAAKM,WAAL,CAAiBN,GAAjB,EAAsBN,KAAtB;AACAuD,MAAAA,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAMA,UAAM2D,KAAkB,GAAG,CAAC,SAAD,EAAY,aAAZ,EAA2B,cAA3B,CAA3B;AACA,UAAMC,cAAc,GAAG,KAAKlB,aAAL,EAAvB,CA7BM,CA+BN;;AACAiB,IAAAA,KAAK,CAACtC,OAAN,CAAe4B,IAAD,IAAU;AACtB,YAAMjD,KAAK,GAAG2C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIjD,KAAJ,EAAW;AACT,kCAAcA,KAAd,EAAqBiD,IAArB;AACD;AACF,KALD,EAhCM,CAuCN;;AACA,UAAMzF,OAAO,GAAG,qBAAAmG,KAAK,MAAL,CAAAA,KAAK,EAAQ,CAACnG,OAAD,EAAUyF,IAAV,KAAmB;AAC9C,YAAMjD,KAAK,GAAG2C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIjD,KAAJ,EAAW;AACT,cAAMrC,UAAU,GAAG,KAAKqF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;AACAzF,QAAAA,OAAO,CAACG,UAAD,CAAP,GAAsBqC,KAAtB;AACD;;AACD,aAAOxC,OAAP;AACD,KAPoB,EAOlB,EAPkB,CAArB;AAQA,SAAKA,OAAL,CAAa+E,UAAb,CAAwB/E,OAAxB,EAhDM,CAkDN;;AACAmG,IAAAA,KAAK,CAACtC,OAAN,CAAc4B,IAAI,IAAI;AACpB,YAAM3B,QAAQ,GAAGqB,MAAM,CAACM,IAAD,CAAvB;AACA,YAAMY,aAAa,GAAGD,cAAc,CAACX,IAAD,CAApC;AACA,YAAMtF,UAAU,GAAG,KAAKqF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;;AACA,UAAI3B,QAAQ,IAAIuC,aAAhB,EAA+B;AAAE;AAC/B;AACAH,QAAAA,aAAa,CAAC/F,UAAD,EAAakG,aAAb,CAAb;AACAL,QAAAA,WAAW,CAAC7F,UAAD,EAAa2D,QAAb,CAAX;AACAmC,QAAAA,aAAa,CAAC9F,UAAD,EAAa2D,QAAb,EAAuBuC,aAAvB,CAAb;AACD,OALD,MAKO,IAAIvC,QAAJ,EAAc;AAAE;AACrBkC,QAAAA,WAAW,CAAC7F,UAAD,EAAa2D,QAAb,CAAX;AACD,OAFM,MAEA,IAAIuC,aAAJ,EAAmB;AAAE;AAC1BH,QAAAA,aAAa,CAAC/F,UAAD,EAAakG,aAAb,CAAb;AACD;AACF,KAdD;AAeD;;AAEDC,EAAAA,MAAM,CAACxD,GAAD,EAAM;AACV;AACA,SAAKiB,uBAAL,CAA6BjB,GAA7B;AAEA,QAAI6B,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,QAAI2B,YAAY,GAAG5B,YAAY,CAAC7B,GAAD,CAA/B;AACA,WAAO6B,YAAY,CAAC7B,GAAD,CAAnB;AACA,SAAK9C,OAAL,CAAa+E,UAAb,CAAwBJ,YAAxB;AAEA,SAAKvB,WAAL,CAAiBN,GAAjB,EAAsByD,YAAtB;AACD,GAzTwD,CA2TzD;;;AACgB,QAAVC,UAAU,CAAChE,KAAD,EAAQ;AAAA;;AACtB,8BAAO,KAAKxB,GAAL,CAASwB,KAAhB,oDAAO,gBAAgBiE,KAAhB,CAAsBjE,KAAtB,CAAP;AACD,GA9TwD,CA+TzD;;;AACAkE,EAAAA,aAAa,CAAClE,KAAD,EAAe;AAC1B,WAAO,0BAAcA,KAAd,CAAP;AACD,GAlUwD,CAoUzD;;;AACAiE,EAAAA,KAAK,CAAC3D,GAAD,EAAkC;AACrC;AACA,QAAI,KAAKhB,KAAL,CAAWjB,YAAf,EAA6B;AAC3B,aAAO,KAAKiB,KAAL,CAAWjB,YAAlB;AACD;;AAED,QAAI;AACF,UAAI2B,KAAK,GAAG,KAAKwC,OAAL,CAAalC,GAAb,CAAZ;;AACA,UAAI,CAACN,KAAL,EAAY;AACV,cAAM,IAAIrB,oBAAJ,CAAiB,gDAAgD2B,GAAjE,CAAN;AACD;AACF,KALD,CAKE,OAAO6D,CAAP,EAAU;AACV,aAAO,iBAAQC,MAAR,CAAeD,CAAf,CAAP;AACD,KAboC,CAerC;;;AACA,SAAK5C,uBAAL,CAA6BjB,GAA7B,EAhBqC,CAkBrC;AACA;;AACA,SAAKhB,KAAL,CAAWjB,YAAX,GAA0B,KAAKG,GAAL,CAASwB,KAAT,CAAeqE,WAAf,GACvBC,IADuB,CAClB3B,MAAM,IAAI;AACd,WAAKQ,SAAL,CAAeR,MAAf,EADc,CAGd;;AACA,YAAM4B,SAAS,GAAG,KAAKrB,YAAL,CAAkBlD,KAAlB,CAAlB;AACA,aAAO2C,MAAM,CAAC4B,SAAD,CAAb;AACD,KAPuB,EAQvBC,KARuB,CAQjBC,GAAG,IAAI;AACZ;AACA,WAAKX,MAAL,CAAYxD,GAAZ;AACAmE,MAAAA,GAAG,CAACC,QAAJ,GAAepE,GAAf;AACA,WAAKO,SAAL,CAAe4D,GAAf;AACA,YAAMA,GAAN;AACD,KAduB,EAevBE,OAfuB,CAef,MAAM;AACb;AACA,WAAKrF,KAAL,CAAWjB,YAAX,GAA0B,IAA1B;AACD,KAlBuB,CAA1B;AAoBA,WAAO,KAAKiB,KAAL,CAAWjB,YAAlB;AACD;;AAEDuG,EAAAA,KAAK,GAAG;AACN,SAAK/E,0BAAL;AACA,SAAKrC,OAAL,CAAaqH,YAAb;AACD;;AAEDtH,EAAAA,wBAAwB,GAAG;AACzB,UAAMoF,MAAM,GAAG,KAAKD,aAAL,EAAf;AACA,uBAAYC,MAAZ,EAAoBtB,OAApB,CAA4Bf,GAAG,IAAI;AACjC,UAAIqC,MAAM,CAACrC,GAAD,CAAN,CAAYwE,aAAhB,EAA+B;AAC9B,aAAKhB,MAAL,CAAYxD,GAAZ;AACA;AACF,KAJD;AAKD;;AAEDa,EAAAA,yBAAyB,CAAC4D,KAAD,EAAQ;AAC/B,QAAIpC,MAAJ;;AACA,QAAI;AACFA,MAAAA,MAAM,GAAGqC,IAAI,CAACC,KAAL,CAAWF,KAAX,KAAqB,EAA9B;AACD,KAFD,CAEE,OAAOZ,CAAP,EAAU;AACVxB,MAAAA,MAAM,GAAG,EAAT;AACD;;AACD,WAAOA,MAAP;AACD;;AAEDuC,EAAAA,kBAAkB,CAAClF,KAAD,EAAsB;AACtC,UAAMM,GAAG,GAAG,KAAK0C,mBAAL,CAAyB,cAAzB,KAA4CmC,oCAAxD,CADsC,CAGtC;;;AACA,QAAIhD,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,8BAAcpC,KAAd;AACAmC,IAAAA,YAAY,CAAC7B,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAKxC,OAAL,CAAa+E,UAAb,CAAwBJ,YAAxB;AACD;;AAEDiD,EAAAA,qBAAqB,GAAG;AACtB,UAAMzC,MAAM,GAAG,KAAKD,aAAL,EAAf;AACA,uBAAYC,MAAZ,EAAoBtB,OAApB,CAA4Bf,GAAG,IAAI;AACjCqC,MAAAA,MAAM,CAACrC,GAAD,CAAN,CAAYwE,aAAZ,GAA4B,IAA5B;AACD,KAFD;AAGA,SAAK3B,SAAL,CAAeR,MAAf;AACD;;AAxZwD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from './util';\nimport { AuthSdkError } from './errors';\nimport { validateToken } from './oidc/util';\nimport { isLocalhost, isIE11OrLess } from './features';\nimport SdkClock from './clock';\nimport {\n EventEmitter,\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n StorageOptions,\n StorageType,\n OktaAuthInterface,\n StorageProvider,\n TokenManagerErrorEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY, TOKEN_STORAGE_NAME } from './constants';\n\nconst DEFAULT_OPTIONS = {\n // TODO: remove in next major version - OKTA-473815\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n // --- //\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME,\n _storageEventDelay: 0\n};\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token | undefined> | null;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuthInterface;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n\n on: (event: string, handler: TokenManagerErrorEventHandler | TokenManagerEventHandler, context?: object) => void;\n off: (event: string, handler?: TokenManagerErrorEventHandler | TokenManagerEventHandler) => void;\n\n // eslint-disable-next-line complexity\n constructor(sdk: OktaAuthInterface, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n \n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (isIE11OrLess()) {\n options._storageEventDelay = options._storageEventDelay || 1000;\n }\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n\n this.on = this.emitter.on.bind(this.emitter);\n this.off = this.emitter.off.bind(this.emitter);\n }\n\n start() {\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.setExpireEventTimeoutAll();\n }\n \n stop() {\n this.clearExpireEventTimeoutAll();\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n var expireTime = token.expiresAt - expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n emitEventsForCrossTabsStorageUpdate(newValue, oldValue) {\n const oldTokens = this.getTokensFromStorageValue(oldValue);\n const newTokens = this.getTokensFromStorageValue(newValue);\n Object.keys(newTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (JSON.stringify(oldToken) !== JSON.stringify(newToken)) {\n this.emitAdded(key, newToken);\n }\n });\n Object.keys(oldTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (!newToken) {\n this.emitRemoved(key, oldToken);\n }\n });\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key) {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key) {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: Function, \n idTokenCb?: Function,\n refreshTokenCb?: Function\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n \n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token?.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token | undefined> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n \n try {\n var token = this.getSync(key);\n if (!token) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n } catch (e) {\n return Promise.reject(e);\n }\n \n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token from storage and emit error\n this.remove(key);\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return this.state.renewPromise;\n }\n \n clear() {\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n }\n\n clearPendingRemoveTokens() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n if (tokens[key].pendingRemove) {\n this.remove(key);\n }\n });\n }\n \n getTokensFromStorageValue(value) {\n let tokens;\n try {\n tokens = JSON.parse(value) || {};\n } catch (e) {\n tokens = {};\n }\n return tokens;\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n"],"file":"TokenManager.js"}
|
|
1
|
+
{"version":3,"sources":["../../lib/TokenManager.ts"],"names":["DEFAULT_OPTIONS","autoRenew","autoRemove","syncStorage","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","_storageEventDelay","EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","defaultState","expireTimeouts","renewPromise","TokenManager","constructor","sdk","options","emitter","AuthSdkError","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","useSeparateCookies","clock","SdkClock","create","state","on","bind","off","start","setExpireEventTimeoutAll","stop","clearExpireEventTimeoutAll","getOptions","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","emitRenewed","freshToken","oldToken","emitAdded","emitRemoved","emitError","error","emitEventsForCrossTabsStorageUpdate","newValue","oldValue","oldTokens","getTokensFromStorageValue","newTokens","forEach","newToken","clearExpireEventTimeout","clearTimeout","Object","prototype","hasOwnProperty","call","setExpireEventTimeout","expireEventWait","Math","max","expireEventTimeout","setTimeout","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","setStorage","getSync","get","getTokensSync","tokens","accessToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","getTokenType","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","existingToken","remove","removedToken","renewToken","renew","validateToken","e","reject","renewTokens","then","tokenType","catch","err","tokenKey","finally","clear","clearStorage","pendingRemove","value","JSON","parse","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","addPendingRemoveFlags"],"mappings":";;;;;;;;;;;;;;;;;;AAYA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAqBA;;AAtCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA6BA,MAAMA,eAAe,GAAG;AACtB;AACAC,EAAAA,SAAS,EAAE,IAFW;AAGtBC,EAAAA,UAAU,EAAE,IAHU;AAItBC,EAAAA,WAAW,EAAE,IAJS;AAKtB;AACAC,EAAAA,wBAAwB,EAAE,IANJ;AAOtBC,EAAAA,OAAO,EAAEC,SAPa;AAOF;AACpBC,EAAAA,kBAAkB,EAAE,EARE;AAStBC,EAAAA,UAAU,EAAEC,6BATU;AAUtBC,EAAAA,kBAAkB,EAAE;AAVE,CAAxB;AAYO,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;AACA,MAAMC,aAAa,GAAG,SAAtB;;AACA,MAAMC,WAAW,GAAG,OAApB;;;AAMP,SAASC,YAAT,GAA2C;AACzC,SAAO;AACLC,IAAAA,cAAc,EAAE,EADX;AAELC,IAAAA,YAAY,EAAE;AAFT,GAAP;AAID;;AACM,MAAMC,YAAN,CAAoD;AAWzD;AACAC,EAAAA,WAAW,CAACC,GAAD,EAAyBC,OAA4B,GAAG,EAAxD,EAA4D;AACrE,SAAKD,GAAL,GAAWA,GAAX;AACA,SAAKE,OAAL,GAAgBF,GAAD,CAAaE,OAA5B;;AACA,QAAI,CAAC,KAAKA,OAAV,EAAmB;AACjB,YAAM,IAAIC,oBAAJ,CAAiB,mDAAjB,CAAN;AACD;;AAEDF,IAAAA,OAAO,GAAG,qBAAc,EAAd,EAAkBtB,eAAlB,EAAmC,sBAAWsB,OAAX,CAAnC,CAAV;;AACA,QAAI,6BAAJ,EAAoB;AAClBA,MAAAA,OAAO,CAACZ,kBAAR,GAA6BY,OAAO,CAACZ,kBAAR,IAA8B,IAA3D;AACD;;AACD,QAAI,CAAC,4BAAL,EAAoB;AAClBY,MAAAA,OAAO,CAACf,kBAAR,GAA6BP,eAAe,CAACO,kBAA7C;AACD;;AAED,SAAKe,OAAL,GAAeA,OAAf;AAEA,UAAMG,cAA8B,GAAG,sBAAW;AAChDjB,MAAAA,UAAU,EAAEc,OAAO,CAACd,UAD4B;AAEhDkB,MAAAA,MAAM,EAAEJ,OAAO,CAACI;AAFgC,KAAX,CAAvC;;AAIA,QAAI,OAAOJ,OAAO,CAACjB,OAAf,KAA2B,QAA/B,EAAyC;AACvC;AACAoB,MAAAA,cAAc,CAACE,eAAf,GAAiCL,OAAO,CAACjB,OAAzC;AACD,KAHD,MAGO,IAAIiB,OAAO,CAACjB,OAAZ,EAAqB;AAC1BoB,MAAAA,cAAc,CAACG,WAAf,GAA6BN,OAAO,CAACjB,OAArC;AACD;;AAED,SAAKA,OAAL,GAAegB,GAAG,CAACQ,cAAJ,CAAmBC,eAAnB,CAAmC,EAAC,GAAGL,cAAJ;AAAoBM,MAAAA,kBAAkB,EAAE;AAAxC,KAAnC,CAAf;AACA,SAAKC,KAAL,GAAaC,eAASC,MAAT,EAAb;AACA,SAAKC,KAAL,GAAanB,YAAY,EAAzB;AAEA,SAAKoB,EAAL,GAAU,KAAKb,OAAL,CAAaa,EAAb,CAAgBC,IAAhB,CAAqB,KAAKd,OAA1B,CAAV;AACA,SAAKe,GAAL,GAAW,KAAKf,OAAL,CAAae,GAAb,CAAiBD,IAAjB,CAAsB,KAAKd,OAA3B,CAAX;AACD;;AAEDgB,EAAAA,KAAK,GAAG;AACN,QAAI,KAAKjB,OAAL,CAAalB,wBAAjB,EAA2C;AACzC,WAAKA,wBAAL;AACD;;AACD,SAAKoC,wBAAL;AACD;;AAEDC,EAAAA,IAAI,GAAG;AACL,SAAKC,0BAAL;AACD;;AAEDC,EAAAA,UAAU,GAAwB;AAChC,WAAO,iBAAM,KAAKrB,OAAX,CAAP;AACD;;AAEDsB,EAAAA,aAAa,CAACC,KAAD,EAAQ;AACnB,UAAMtC,kBAAkB,GAAG,KAAKe,OAAL,CAAaf,kBAAb,IAAmC,CAA9D;AACA,QAAIuC,UAAU,GAAGD,KAAK,CAACE,SAAN,GAAkBxC,kBAAnC;AACA,WAAOuC,UAAP;AACD;;AAEDE,EAAAA,UAAU,CAACH,KAAD,EAAQ;AAChB,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,WAAOC,UAAU,IAAI,KAAKd,KAAL,CAAWiB,GAAX,EAArB;AACD;;AAEDC,EAAAA,WAAW,CAACC,GAAD,EAAMN,KAAN,EAAa;AACtB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBzC,aAAlB,EAAiCwC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDQ,EAAAA,WAAW,CAACF,GAAD,EAAMG,UAAN,EAAkBC,QAAlB,EAA4B;AACrC,SAAKhC,OAAL,CAAa6B,IAAb,CAAkBxC,aAAlB,EAAiCuC,GAAjC,EAAsCG,UAAtC,EAAkDC,QAAlD;AACD;;AAEDC,EAAAA,SAAS,CAACL,GAAD,EAAMN,KAAN,EAAa;AACpB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBvC,WAAlB,EAA+BsC,GAA/B,EAAoCN,KAApC;AACD;;AAEDY,EAAAA,WAAW,CAACN,GAAD,EAAMN,KAAN,EAAc;AACvB,SAAKtB,OAAL,CAAa6B,IAAb,CAAkBtC,aAAlB,EAAiCqC,GAAjC,EAAsCN,KAAtC;AACD;;AAEDa,EAAAA,SAAS,CAACC,KAAD,EAAQ;AACf,SAAKpC,OAAL,CAAa6B,IAAb,CAAkBrC,WAAlB,EAA+B4C,KAA/B;AACD;;AAEDC,EAAAA,mCAAmC,CAACC,QAAD,EAAWC,QAAX,EAAqB;AACtD,UAAMC,SAAS,GAAG,KAAKC,yBAAL,CAA+BF,QAA/B,CAAlB;AACA,UAAMG,SAAS,GAAG,KAAKD,yBAAL,CAA+BH,QAA/B,CAAlB;AACA,uBAAYI,SAAZ,EAAuBC,OAAvB,CAA+Bf,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMgB,QAAQ,GAAGF,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,wBAAeI,QAAf,MAA6B,wBAAeY,QAAf,CAAjC,EAA2D;AACzD,aAAKX,SAAL,CAAeL,GAAf,EAAoBgB,QAApB;AACD;AACF,KAND;AAOA,uBAAYJ,SAAZ,EAAuBG,OAAvB,CAA+Bf,GAAG,IAAI;AACpC,YAAMI,QAAQ,GAAGQ,SAAS,CAACZ,GAAD,CAA1B;AACA,YAAMgB,QAAQ,GAAGF,SAAS,CAACd,GAAD,CAA1B;;AACA,UAAI,CAACgB,QAAL,EAAe;AACb,aAAKV,WAAL,CAAiBN,GAAjB,EAAsBI,QAAtB;AACD;AACF,KAND;AAOD;;AAEDa,EAAAA,uBAAuB,CAACjB,GAAD,EAAM;AAC3BkB,IAAAA,YAAY,CAAC,KAAKlC,KAAL,CAAWlB,cAAX,CAA0BkC,GAA1B,CAAD,CAAZ;AACA,WAAO,KAAKhB,KAAL,CAAWlB,cAAX,CAA0BkC,GAA1B,CAAP,CAF2B,CAI3B;;AACA,SAAKhB,KAAL,CAAWjB,YAAX,GAA0B,IAA1B;AACD;;AAEDwB,EAAAA,0BAA0B,GAAG;AAC3B,QAAIzB,cAAc,GAAG,KAAKkB,KAAL,CAAWlB,cAAhC;;AACA,SAAK,IAAIkC,GAAT,IAAgBlC,cAAhB,EAAgC;AAC9B,UAAI,CAACqD,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCxD,cAArC,EAAqDkC,GAArD,CAAL,EAAgE;AAC9D;AACD;;AACD,WAAKiB,uBAAL,CAA6BjB,GAA7B;AACD;AACF;;AAEDuB,EAAAA,qBAAqB,CAACvB,GAAD,EAAMN,KAAN,EAAa;AAChC,QAAI,2BAAeA,KAAf,CAAJ,EAA2B;AACzB;AACD;;AAED,QAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;AACA,QAAI8B,eAAe,GAAGC,IAAI,CAACC,GAAL,CAAS/B,UAAU,GAAG,KAAKd,KAAL,CAAWiB,GAAX,EAAtB,EAAwC,CAAxC,IAA6C,IAAnE,CANgC,CAQhC;;AACA,SAAKmB,uBAAL,CAA6BjB,GAA7B;AAEA,QAAI2B,kBAAkB,GAAGC,UAAU,CAAC,MAAM;AACxC,WAAK7B,WAAL,CAAiBC,GAAjB,EAAsBN,KAAtB;AACD,KAFkC,EAEhC8B,eAFgC,CAAnC,CAXgC,CAehC;;AACA,SAAKxC,KAAL,CAAWlB,cAAX,CAA0BkC,GAA1B,IAAiC2B,kBAAjC;AACD;;AAEDtC,EAAAA,wBAAwB,GAAG;AACzB,QAAIwC,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;;AACA,SAAI,IAAI9B,GAAR,IAAe6B,YAAf,EAA6B;AAC3B,UAAI,CAACV,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCO,YAArC,EAAmD7B,GAAnD,CAAL,EAA8D;AAC5D;AACD;;AACD,UAAIN,KAAK,GAAGmC,YAAY,CAAC7B,GAAD,CAAxB;AACA,WAAKuB,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACD;AACF,GA/JwD,CAiKzD;;;AACAqC,EAAAA,0BAA0B,GAAG;AAC3B,SAAKxC,0BAAL;AACA,SAAKF,wBAAL;AACD;;AAED2C,EAAAA,GAAG,CAAChC,GAAD,EAAMN,KAAN,EAAoB;AACrB,QAAImC,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,8BAAcpC,KAAd;AACAmC,IAAAA,YAAY,CAAC7B,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAKxC,OAAL,CAAa+E,UAAb,CAAwBJ,YAAxB;AACA,SAAKxB,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,SAAK6B,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACD;;AAEDwC,EAAAA,OAAO,CAAClC,GAAD,EAAM;AACX,QAAI6B,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,WAAOD,YAAY,CAAC7B,GAAD,CAAnB;AACD;;AAEQ,QAAHmC,GAAG,CAACnC,GAAD,EAAM;AACb,WAAO,KAAKkC,OAAL,CAAalC,GAAb,CAAP;AACD;;AAEDoC,EAAAA,aAAa,GAAW;AACtB,UAAMC,MAAM,GAAG,EAAf;AACA,UAAMR,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAArB;AACA,uBAAYD,YAAZ,EAA0Bd,OAA1B,CAAkCf,GAAG,IAAI;AACvC,YAAMN,KAAK,GAAGmC,YAAY,CAAC7B,GAAD,CAA1B;;AACA,UAAI,0BAAcN,KAAd,CAAJ,EAA0B;AACxB2C,QAAAA,MAAM,CAACC,WAAP,GAAqB5C,KAArB;AACD,OAFD,MAEO,IAAI,sBAAUA,KAAV,CAAJ,EAAsB;AAC3B2C,QAAAA,MAAM,CAACE,OAAP,GAAiB7C,KAAjB;AACD,OAFM,MAEA,IAAI,2BAAeA,KAAf,CAAJ,EAA2B;AAChC2C,QAAAA,MAAM,CAACG,YAAP,GAAsB9C,KAAtB;AACD;AACF,KATD;AAUA,WAAO2C,MAAP;AACD;;AAEc,QAATI,SAAS,GAAoB;AACjC,WAAO,KAAKL,aAAL,EAAP;AACD;;AAEDM,EAAAA,mBAAmB,CAACC,IAAD,EAA0B;AAAA;;AAC3C,UAAMd,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAArB;AACA,UAAM9B,GAAG,GAAG,mDAAY6B,YAAZ,kBAAiC7B,GAAG,IAAI;AAClD,YAAMN,KAAK,GAAGmC,YAAY,CAAC7B,GAAD,CAA1B;AACA,aAAQ,0BAAcN,KAAd,KAAwBiD,IAAI,KAAK,aAAlC,IACD,sBAAUjD,KAAV,KAAoBiD,IAAI,KAAK,SAD5B,IAED,2BAAejD,KAAf,KAAyBiD,IAAI,KAAK,cAFxC;AAGD,KALW,EAKT,CALS,CAAZ;AAMA,WAAO3C,GAAP;AACD;;AAEO4C,EAAAA,YAAY,CAAClD,KAAD,EAA0B;AAC5C,QAAI,0BAAcA,KAAd,CAAJ,EAA0B;AACxB,aAAO,aAAP;AACD;;AACD,QAAI,sBAAUA,KAAV,CAAJ,EAAsB;AACpB,aAAO,SAAP;AACD;;AACD,QAAG,2BAAeA,KAAf,CAAH,EAA0B;AACxB,aAAO,cAAP;AACD;;AACD,UAAM,IAAIrB,oBAAJ,CAAiB,oBAAjB,CAAN;AACD;;AAEDwE,EAAAA,SAAS,CACPR,MADO,EAEP;AACAS,EAAAA,aAHO,EAIPC,SAJO,EAKPC,cALO,EAMD;AACN,UAAMC,mBAAmB,GAAG,CAACjD,GAAD,EAAMN,KAAN,KAAgB;AAC1C,YAAMiD,IAAI,GAAG,KAAKC,YAAL,CAAkBlD,KAAlB,CAAb;;AACA,UAAIiD,IAAI,KAAK,aAAb,EAA4B;AAC1BG,QAAAA,aAAa,IAAIA,aAAa,CAAC9C,GAAD,EAAMN,KAAN,CAA9B;AACD,OAFD,MAEO,IAAIiD,IAAI,KAAK,SAAb,EAAwB;AAC7BI,QAAAA,SAAS,IAAIA,SAAS,CAAC/C,GAAD,EAAMN,KAAN,CAAtB;AACD,OAFM,MAEA,IAAIiD,IAAI,KAAK,cAAb,EAA6B;AAClCK,QAAAA,cAAc,IAAIA,cAAc,CAAChD,GAAD,EAAMN,KAAN,CAAhC;AACD;AACF,KATD;;AAUA,UAAMwD,WAAW,GAAG,CAAClD,GAAD,EAAMN,KAAN,KAAgB;AAClC,WAAKW,SAAL,CAAeL,GAAf,EAAoBN,KAApB;AACA,WAAK6B,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACAuD,MAAAA,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAKA,UAAMyD,aAAa,GAAG,CAACnD,GAAD,EAAMN,KAAN,EAAaU,QAAb,KAA0B;AAC9C,WAAKF,WAAL,CAAiBF,GAAjB,EAAsBN,KAAtB,EAA6BU,QAA7B;AACA,WAAKa,uBAAL,CAA6BjB,GAA7B;AACA,WAAKuB,qBAAL,CAA2BvB,GAA3B,EAAgCN,KAAhC;AACAuD,MAAAA,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;AACD,KALD;;AAMA,UAAM0D,aAAa,GAAG,CAACpD,GAAD,EAAMN,KAAN,KAAgB;AACpC,WAAKuB,uBAAL,CAA6BjB,GAA7B;AACA,WAAKM,WAAL,CAAiBN,GAAjB,EAAsBN,KAAtB;AACAuD,MAAAA,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;AACD,KAJD;;AAMA,UAAM2D,KAAkB,GAAG,CAAC,SAAD,EAAY,aAAZ,EAA2B,cAA3B,CAA3B;AACA,UAAMC,cAAc,GAAG,KAAKlB,aAAL,EAAvB,CA7BM,CA+BN;;AACAiB,IAAAA,KAAK,CAACtC,OAAN,CAAe4B,IAAD,IAAU;AACtB,YAAMjD,KAAK,GAAG2C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIjD,KAAJ,EAAW;AACT,kCAAcA,KAAd,EAAqBiD,IAArB;AACD;AACF,KALD,EAhCM,CAuCN;;AACA,UAAMzF,OAAO,GAAG,qBAAAmG,KAAK,MAAL,CAAAA,KAAK,EAAQ,CAACnG,OAAD,EAAUyF,IAAV,KAAmB;AAC9C,YAAMjD,KAAK,GAAG2C,MAAM,CAACM,IAAD,CAApB;;AACA,UAAIjD,KAAJ,EAAW;AACT,cAAMrC,UAAU,GAAG,KAAKqF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;AACAzF,QAAAA,OAAO,CAACG,UAAD,CAAP,GAAsBqC,KAAtB;AACD;;AACD,aAAOxC,OAAP;AACD,KAPoB,EAOlB,EAPkB,CAArB;AAQA,SAAKA,OAAL,CAAa+E,UAAb,CAAwB/E,OAAxB,EAhDM,CAkDN;;AACAmG,IAAAA,KAAK,CAACtC,OAAN,CAAc4B,IAAI,IAAI;AACpB,YAAM3B,QAAQ,GAAGqB,MAAM,CAACM,IAAD,CAAvB;AACA,YAAMY,aAAa,GAAGD,cAAc,CAACX,IAAD,CAApC;AACA,YAAMtF,UAAU,GAAG,KAAKqF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;;AACA,UAAI3B,QAAQ,IAAIuC,aAAhB,EAA+B;AAAE;AAC/B;AACAH,QAAAA,aAAa,CAAC/F,UAAD,EAAakG,aAAb,CAAb;AACAL,QAAAA,WAAW,CAAC7F,UAAD,EAAa2D,QAAb,CAAX;AACAmC,QAAAA,aAAa,CAAC9F,UAAD,EAAa2D,QAAb,EAAuBuC,aAAvB,CAAb;AACD,OALD,MAKO,IAAIvC,QAAJ,EAAc;AAAE;AACrBkC,QAAAA,WAAW,CAAC7F,UAAD,EAAa2D,QAAb,CAAX;AACD,OAFM,MAEA,IAAIuC,aAAJ,EAAmB;AAAE;AAC1BH,QAAAA,aAAa,CAAC/F,UAAD,EAAakG,aAAb,CAAb;AACD;AACF,KAdD;AAeD;;AAEDC,EAAAA,MAAM,CAACxD,GAAD,EAAM;AACV;AACA,SAAKiB,uBAAL,CAA6BjB,GAA7B;AAEA,QAAI6B,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,QAAI2B,YAAY,GAAG5B,YAAY,CAAC7B,GAAD,CAA/B;AACA,WAAO6B,YAAY,CAAC7B,GAAD,CAAnB;AACA,SAAK9C,OAAL,CAAa+E,UAAb,CAAwBJ,YAAxB;AAEA,SAAKvB,WAAL,CAAiBN,GAAjB,EAAsByD,YAAtB;AACD,GAzTwD,CA2TzD;;;AACgB,QAAVC,UAAU,CAAChE,KAAD,EAAQ;AAAA;;AACtB,8BAAO,KAAKxB,GAAL,CAASwB,KAAhB,oDAAO,gBAAgBiE,KAAhB,CAAsBjE,KAAtB,CAAP;AACD,GA9TwD,CA+TzD;;;AACAkE,EAAAA,aAAa,CAAClE,KAAD,EAAe;AAC1B,WAAO,0BAAcA,KAAd,CAAP;AACD,GAlUwD,CAoUzD;;;AACAiE,EAAAA,KAAK,CAAC3D,GAAD,EAAkC;AACrC;AACA,QAAI,KAAKhB,KAAL,CAAWjB,YAAf,EAA6B;AAC3B,aAAO,KAAKiB,KAAL,CAAWjB,YAAlB;AACD;;AAED,QAAI;AACF,UAAI2B,KAAK,GAAG,KAAKwC,OAAL,CAAalC,GAAb,CAAZ;;AACA,UAAI,CAACN,KAAL,EAAY;AACV,cAAM,IAAIrB,oBAAJ,CAAiB,gDAAgD2B,GAAjE,CAAN;AACD;AACF,KALD,CAKE,OAAO6D,CAAP,EAAU;AACV,aAAO,iBAAQC,MAAR,CAAeD,CAAf,CAAP;AACD,KAboC,CAerC;;;AACA,SAAK5C,uBAAL,CAA6BjB,GAA7B,EAhBqC,CAkBrC;AACA;;AACA,SAAKhB,KAAL,CAAWjB,YAAX,GAA0B,KAAKG,GAAL,CAASwB,KAAT,CAAeqE,WAAf,GACvBC,IADuB,CAClB3B,MAAM,IAAI;AACd,WAAKQ,SAAL,CAAeR,MAAf,EADc,CAGd;;AACA,YAAM4B,SAAS,GAAG,KAAKrB,YAAL,CAAkBlD,KAAlB,CAAlB;AACA,aAAO2C,MAAM,CAAC4B,SAAD,CAAb;AACD,KAPuB,EAQvBC,KARuB,CAQjBC,GAAG,IAAI;AACZ;AACA,WAAKX,MAAL,CAAYxD,GAAZ;AACAmE,MAAAA,GAAG,CAACC,QAAJ,GAAepE,GAAf;AACA,WAAKO,SAAL,CAAe4D,GAAf;AACA,YAAMA,GAAN;AACD,KAduB,EAevBE,OAfuB,CAef,MAAM;AACb;AACA,WAAKrF,KAAL,CAAWjB,YAAX,GAA0B,IAA1B;AACD,KAlBuB,CAA1B;AAoBA,WAAO,KAAKiB,KAAL,CAAWjB,YAAlB;AACD;;AAEDuG,EAAAA,KAAK,GAAG;AACN,SAAK/E,0BAAL;AACA,SAAKrC,OAAL,CAAaqH,YAAb;AACD;;AAEDtH,EAAAA,wBAAwB,GAAG;AACzB,UAAMoF,MAAM,GAAG,KAAKD,aAAL,EAAf;AACA,uBAAYC,MAAZ,EAAoBtB,OAApB,CAA4Bf,GAAG,IAAI;AACjC,UAAIqC,MAAM,CAACrC,GAAD,CAAN,CAAYwE,aAAhB,EAA+B;AAC9B,aAAKhB,MAAL,CAAYxD,GAAZ;AACA;AACF,KAJD;AAKD;;AAEDa,EAAAA,yBAAyB,CAAC4D,KAAD,EAAQ;AAC/B,QAAIpC,MAAJ;;AACA,QAAI;AACFA,MAAAA,MAAM,GAAGqC,IAAI,CAACC,KAAL,CAAWF,KAAX,KAAqB,EAA9B;AACD,KAFD,CAEE,OAAOZ,CAAP,EAAU;AACVxB,MAAAA,MAAM,GAAG,EAAT;AACD;;AACD,WAAOA,MAAP;AACD;;AAEDuC,EAAAA,kBAAkB,CAAClF,KAAD,EAAsB;AACtC,UAAMM,GAAG,GAAG,KAAK0C,mBAAL,CAAyB,cAAzB,KAA4CmC,oCAAxD,CADsC,CAGtC;;;AACA,QAAIhD,YAAY,GAAG,KAAK3E,OAAL,CAAa4E,UAAb,EAAnB;AACA,8BAAcpC,KAAd;AACAmC,IAAAA,YAAY,CAAC7B,GAAD,CAAZ,GAAoBN,KAApB;AACA,SAAKxC,OAAL,CAAa+E,UAAb,CAAwBJ,YAAxB;AACD;;AAEDiD,EAAAA,qBAAqB,GAAG;AACtB,UAAMzC,MAAM,GAAG,KAAKD,aAAL,EAAf;AACA,uBAAYC,MAAZ,EAAoBtB,OAApB,CAA4Bf,GAAG,IAAI;AACjCqC,MAAAA,MAAM,CAACrC,GAAD,CAAN,CAAYwE,aAAZ,GAA4B,IAA5B;AACD,KAFD;AAGA,SAAK3B,SAAL,CAAeR,MAAf;AACD;;AAxZwD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from './util';\nimport { AuthSdkError } from './errors';\nimport { validateToken } from './oidc/util';\nimport { isLocalhost, isIE11OrLess } from './features';\nimport SdkClock from './clock';\nimport {\n EventEmitter,\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n StorageOptions,\n StorageType,\n OktaAuthInterface,\n StorageProvider,\n TokenManagerErrorEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken,\n AccessTokenCallback,\n IDTokenCallback,\n RefreshTokenCallback\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY, TOKEN_STORAGE_NAME } from './constants';\n\nconst DEFAULT_OPTIONS = {\n // TODO: remove in next major version - OKTA-473815\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n // --- //\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME,\n _storageEventDelay: 0\n};\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token | undefined> | null;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuthInterface;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n\n on: (event: string, handler: TokenManagerErrorEventHandler | TokenManagerEventHandler, context?: object) => void;\n off: (event: string, handler?: TokenManagerErrorEventHandler | TokenManagerEventHandler) => void;\n\n // eslint-disable-next-line complexity\n constructor(sdk: OktaAuthInterface, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n \n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (isIE11OrLess()) {\n options._storageEventDelay = options._storageEventDelay || 1000;\n }\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n\n this.on = this.emitter.on.bind(this.emitter);\n this.off = this.emitter.off.bind(this.emitter);\n }\n\n start() {\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.setExpireEventTimeoutAll();\n }\n \n stop() {\n this.clearExpireEventTimeoutAll();\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n var expireTime = token.expiresAt - expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n emitEventsForCrossTabsStorageUpdate(newValue, oldValue) {\n const oldTokens = this.getTokensFromStorageValue(oldValue);\n const newTokens = this.getTokensFromStorageValue(newValue);\n Object.keys(newTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (JSON.stringify(oldToken) !== JSON.stringify(newToken)) {\n this.emitAdded(key, newToken);\n }\n });\n Object.keys(oldTokens).forEach(key => {\n const oldToken = oldTokens[key];\n const newToken = newTokens[key];\n if (!newToken) {\n this.emitRemoved(key, oldToken);\n }\n });\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key) {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key) {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: AccessTokenCallback, \n idTokenCb?: IDTokenCallback,\n refreshTokenCb?: RefreshTokenCallback\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n \n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token?.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token | undefined> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n \n try {\n var token = this.getSync(key);\n if (!token) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n } catch (e) {\n return Promise.reject(e);\n }\n \n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token from storage and emit error\n this.remove(key);\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return this.state.renewPromise;\n }\n \n clear() {\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n }\n\n clearPendingRemoveTokens() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n if (tokens[key].pendingRemove) {\n this.remove(key);\n }\n });\n }\n \n getTokensFromStorageValue(value) {\n let tokens;\n try {\n tokens = JSON.parse(value) || {};\n } catch (e) {\n tokens = {};\n }\n return tokens;\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n"],"file":"TokenManager.js"}
|
|
@@ -33,7 +33,8 @@ function verifyToken(idToken, key) {
|
|
|
33
33
|
// This is a metadata tag that specifies the intent of how the key should be used.
|
|
34
34
|
// It's not necessary to properly verify the jwt's signature.
|
|
35
35
|
|
|
36
|
-
delete key.use; // @ts-
|
|
36
|
+
delete key.use; // eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
37
|
+
// @ts-ignore
|
|
37
38
|
|
|
38
39
|
return _webcrypto.webcrypto.subtle.importKey(format, key, algo, extractable, usages).then(function (cryptoKey) {
|
|
39
40
|
var jwt = idToken.split('.');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/crypto/verifyToken.ts"],"names":["verifyToken","idToken","key","format","algo","name","hash","extractable","usages","use","webcrypto","subtle","importKey","then","cryptoKey","jwt","split","payload","b64Signature","signature","verify"],"mappings":";;;;AAYA;;AACA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,WAAT,CAAqBC,OAArB,EAA8BC,GAA9B,EAAmC;AACxCA,EAAAA,GAAG,GAAG,iBAAMA,GAAN,CAAN;AAEA,MAAIC,MAAM,GAAG,KAAb;AACA,MAAIC,IAAI,GAAG;AACTC,IAAAA,IAAI,EAAE,mBADG;AAETC,IAAAA,IAAI,EAAE;AAAED,MAAAA,IAAI,EAAE;AAAR;AAFG,GAAX;AAIA,MAAIE,WAAW,GAAG,IAAlB;AACA,MAAIC,MAAM,GAAG,CAAC,QAAD,CAAb,CATwC,CAWxC;AACA;AACA;;AACA,SAAON,GAAG,CAACO,GAAX,CAdwC,CAgBxC;;AACA,SAAOC,qBAAUC,MAAV,CAAiBC,SAAjB,CACLT,MADK,EAELD,GAFK,EAGLE,IAHK,EAILG,WAJK,EAKLC,MALK,EAONK,IAPM,CAOD,UAASC,SAAT,EAAoB;AACxB,QAAIC,GAAG,GAAGd,OAAO,CAACe,KAAR,CAAc,GAAd,CAAV;AACA,QAAIC,OAAO,GAAG,0BAAeF,GAAG,CAAC,CAAD,CAAH,GAAS,GAAT,GAAeA,GAAG,CAAC,CAAD,CAAjC,CAAd;AACA,QAAIG,YAAY,GAAG,2BAAgBH,GAAG,CAAC,CAAD,CAAnB,CAAnB;AACA,QAAII,SAAS,GAAG,0BAAeD,YAAf,CAAhB;AAEA,WAAOR,qBAAUC,MAAV,CAAiBS,MAAjB,CACLhB,IADK,EAELU,SAFK,EAGLK,SAHK,EAILF,OAJK,CAAP;AAMD,GAnBM,CAAP;AAoBD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { clone } from '../util';\nimport { stringToBuffer, base64UrlDecode } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function verifyToken(idToken, key) {\n key = clone(key);\n\n var format = 'jwk';\n var algo = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: { name: 'SHA-256' }\n };\n var extractable = true;\n var usages = ['verify'];\n\n // https://connect.microsoft.com/IE/feedback/details/2242108/webcryptoapi-importing-jwk-with-use-field-fails\n // This is a metadata tag that specifies the intent of how the key should be used.\n // It's not necessary to properly verify the jwt's signature.\n delete key.use;\n\n // @ts-ignore\n return webcrypto.subtle.importKey(\n format,\n key,\n algo,\n extractable,\n usages\n )\n .then(function(cryptoKey) {\n var jwt = idToken.split('.');\n var payload = stringToBuffer(jwt[0] + '.' + jwt[1]);\n var b64Signature = base64UrlDecode(jwt[2]);\n var signature = stringToBuffer(b64Signature);\n\n return webcrypto.subtle.verify(\n algo,\n cryptoKey,\n signature,\n payload\n );\n });\n}\n\n"],"file":"verifyToken.js"}
|
|
1
|
+
{"version":3,"sources":["../../../lib/crypto/verifyToken.ts"],"names":["verifyToken","idToken","key","format","algo","name","hash","extractable","usages","use","webcrypto","subtle","importKey","then","cryptoKey","jwt","split","payload","b64Signature","signature","verify"],"mappings":";;;;AAYA;;AACA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,WAAT,CAAqBC,OAArB,EAA8BC,GAA9B,EAAmC;AACxCA,EAAAA,GAAG,GAAG,iBAAMA,GAAN,CAAN;AAEA,MAAIC,MAAM,GAAG,KAAb;AACA,MAAIC,IAAI,GAAG;AACTC,IAAAA,IAAI,EAAE,mBADG;AAETC,IAAAA,IAAI,EAAE;AAAED,MAAAA,IAAI,EAAE;AAAR;AAFG,GAAX;AAIA,MAAIE,WAAW,GAAG,IAAlB;AACA,MAAIC,MAAM,GAAG,CAAC,QAAD,CAAb,CATwC,CAWxC;AACA;AACA;;AACA,SAAON,GAAG,CAACO,GAAX,CAdwC,CAgBxC;AACA;;AACA,SAAOC,qBAAUC,MAAV,CAAiBC,SAAjB,CACLT,MADK,EAELD,GAFK,EAGLE,IAHK,EAILG,WAJK,EAKLC,MALK,EAONK,IAPM,CAOD,UAASC,SAAT,EAAoB;AACxB,QAAIC,GAAG,GAAGd,OAAO,CAACe,KAAR,CAAc,GAAd,CAAV;AACA,QAAIC,OAAO,GAAG,0BAAeF,GAAG,CAAC,CAAD,CAAH,GAAS,GAAT,GAAeA,GAAG,CAAC,CAAD,CAAjC,CAAd;AACA,QAAIG,YAAY,GAAG,2BAAgBH,GAAG,CAAC,CAAD,CAAnB,CAAnB;AACA,QAAII,SAAS,GAAG,0BAAeD,YAAf,CAAhB;AAEA,WAAOR,qBAAUC,MAAV,CAAiBS,MAAjB,CACLhB,IADK,EAELU,SAFK,EAGLK,SAHK,EAILF,OAJK,CAAP;AAMD,GAnBM,CAAP;AAoBD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { clone } from '../util';\nimport { stringToBuffer, base64UrlDecode } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function verifyToken(idToken, key) {\n key = clone(key);\n\n var format = 'jwk';\n var algo = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: { name: 'SHA-256' }\n };\n var extractable = true;\n var usages = ['verify'];\n\n // https://connect.microsoft.com/IE/feedback/details/2242108/webcryptoapi-importing-jwk-with-use-field-fails\n // This is a metadata tag that specifies the intent of how the key should be used.\n // It's not necessary to properly verify the jwt's signature.\n delete key.use;\n\n // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n // @ts-ignore\n return webcrypto.subtle.importKey(\n format,\n key,\n algo,\n extractable,\n usages\n )\n .then(function(cryptoKey) {\n var jwt = idToken.split('.');\n var payload = stringToBuffer(jwt[0] + '.' + jwt[1]);\n var b64Signature = base64UrlDecode(jwt[2]);\n var signature = stringToBuffer(b64Signature);\n\n return webcrypto.subtle.verify(\n algo,\n cryptoKey,\n signature,\n payload\n );\n });\n}\n\n"],"file":"verifyToken.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/errors/AuthApiError.ts"],"names":["AuthApiError","CustomError","constructor","err","xhr","message","errorSummary","name","errorCode","errorLink","errorId","errorCauses"],"mappings":";;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;
|
|
1
|
+
{"version":3,"sources":["../../../lib/errors/AuthApiError.ts"],"names":["AuthApiError","CustomError","constructor","err","xhr","message","errorSummary","name","errorCode","errorLink","errorId","errorCauses"],"mappings":";;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKe,MAAMA,YAAN,SAA2BC,oBAA3B,CAA2D;AAQxEC,EAAAA,WAAW,CAACC,GAAD,EAAgBC,GAAhB,EAAoC;AAC7C,UAAMC,OAAO,GAAGF,GAAG,CAACG,YAApB;AACA,UAAMD,OAAN;AAEA,SAAKE,IAAL,GAAY,cAAZ;AACA,SAAKD,YAAL,GAAoBH,GAAG,CAACG,YAAxB;AACA,SAAKE,SAAL,GAAiBL,GAAG,CAACK,SAArB;AACA,SAAKC,SAAL,GAAiBN,GAAG,CAACM,SAArB;AACA,SAAKC,OAAL,GAAeP,GAAG,CAACO,OAAnB;AACA,SAAKC,WAAL,GAAmBR,GAAG,CAACQ,WAAvB;;AAEA,QAAIP,GAAJ,EAAS;AACP,WAAKA,GAAL,GAAWA,GAAX;AACD;AACF;;AAtBuE","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\nimport { APIError, HttpResponse } from '../types';\n\nexport default class AuthApiError extends CustomError implements APIError {\n errorSummary: string;\n errorCode?: string;\n errorLink?: string;\n errorId?: string;\n errorCauses?: string[];\n xhr?: HttpResponse;\n\n constructor(err: APIError, xhr?: HttpResponse) {\n const message = err.errorSummary;\n super(message);\n\n this.name = 'AuthApiError';\n this.errorSummary = err.errorSummary;\n this.errorCode = err.errorCode;\n this.errorLink = err.errorLink;\n this.errorId = err.errorId;\n this.errorCauses = err.errorCauses;\n\n if (xhr) {\n this.xhr = xhr;\n }\n }\n}\n"],"file":"AuthApiError.js"}
|
package/cjs/errors/OAuthError.js
CHANGED
|
@@ -6,6 +6,8 @@ exports.default = void 0;
|
|
|
6
6
|
|
|
7
7
|
var _CustomError = _interopRequireDefault(require("./CustomError"));
|
|
8
8
|
|
|
9
|
+
/* eslint-disable camelcase */
|
|
10
|
+
|
|
9
11
|
/*!
|
|
10
12
|
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
11
13
|
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
@@ -18,11 +20,15 @@ var _CustomError = _interopRequireDefault(require("./CustomError"));
|
|
|
18
20
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
19
21
|
*/
|
|
20
22
|
class OAuthError extends _CustomError.default {
|
|
23
|
+
// for widget / idx-js backward compatibility
|
|
21
24
|
constructor(errorCode, summary) {
|
|
22
25
|
super(summary);
|
|
23
26
|
this.name = 'OAuthError';
|
|
24
27
|
this.errorCode = errorCode;
|
|
25
|
-
this.errorSummary = summary;
|
|
28
|
+
this.errorSummary = summary; // for widget / idx-js backward compatibility
|
|
29
|
+
|
|
30
|
+
this.error = errorCode;
|
|
31
|
+
this.error_description = summary;
|
|
26
32
|
}
|
|
27
33
|
|
|
28
34
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/errors/OAuthError.ts"],"names":["OAuthError","CustomError","constructor","errorCode","summary","name","errorSummary"],"mappings":";;;;;;
|
|
1
|
+
{"version":3,"sources":["../../../lib/errors/OAuthError.ts"],"names":["OAuthError","CustomError","constructor","errorCode","summary","name","errorSummary","error","error_description"],"mappings":";;;;;;AAaA;;AAbA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAIe,MAAMA,UAAN,SAAyBC,oBAAzB,CAAqC;AAIlD;AAIAC,EAAAA,WAAW,CAACC,SAAD,EAAoBC,OAApB,EAAqC;AAC9C,UAAMA,OAAN;AAEA,SAAKC,IAAL,GAAY,YAAZ;AACA,SAAKF,SAAL,GAAiBA,SAAjB;AACA,SAAKG,YAAL,GAAoBF,OAApB,CAL8C,CAO9C;;AACA,SAAKG,KAAL,GAAaJ,SAAb;AACA,SAAKK,iBAAL,GAAyBJ,OAAzB;AACD;;AAlBiD","sourcesContent":["/* eslint-disable camelcase */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\n\nexport default class OAuthError extends CustomError {\n errorCode: string;\n errorSummary: string;\n\n // for widget / idx-js backward compatibility\n error: string;\n error_description: string;\n\n constructor(errorCode: string, summary: string) {\n super(summary);\n\n this.name = 'OAuthError';\n this.errorCode = errorCode;\n this.errorSummary = summary;\n\n // for widget / idx-js backward compatibility\n this.error = errorCode;\n this.error_description = summary;\n }\n}\n\n"],"file":"OAuthError.js"}
|
|
@@ -10,6 +10,10 @@ var _entries = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-st
|
|
|
10
10
|
|
|
11
11
|
var _stringify = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/json/stringify"));
|
|
12
12
|
|
|
13
|
+
var _map = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/map"));
|
|
14
|
+
|
|
15
|
+
var _entries2 = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/entries"));
|
|
16
|
+
|
|
13
17
|
var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));
|
|
14
18
|
|
|
15
19
|
var _crossFetch = _interopRequireDefault(require("cross-fetch"));
|
|
@@ -25,6 +29,9 @@ var _crossFetch = _interopRequireDefault(require("cross-fetch"));
|
|
|
25
29
|
*
|
|
26
30
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
27
31
|
*/
|
|
32
|
+
// content-type = application/json OR application/ion+json
|
|
33
|
+
const appJsonContentTypeRegex = /application\/\w*\+?json/;
|
|
34
|
+
|
|
28
35
|
function readData(response) {
|
|
29
36
|
var _context;
|
|
30
37
|
|
|
@@ -71,10 +78,17 @@ function formatResult(status, data, response) {
|
|
|
71
78
|
function fetchRequest(method, url, args) {
|
|
72
79
|
var body = args.data;
|
|
73
80
|
var headers = args.headers || {};
|
|
74
|
-
var contentType = headers['Content-Type'] || headers['content-type'] || '';
|
|
81
|
+
var contentType = headers['Content-Type'] || headers['content-type'] || '';
|
|
82
|
+
|
|
83
|
+
if (body && typeof body !== 'string') {
|
|
84
|
+
// JSON encode body (if appropriate)
|
|
85
|
+
if (appJsonContentTypeRegex.test(contentType)) {
|
|
86
|
+
body = (0, _stringify.default)(body);
|
|
87
|
+
} else if (contentType === 'application/x-www-form-urlencoded') {
|
|
88
|
+
var _context3;
|
|
75
89
|
|
|
76
|
-
|
|
77
|
-
|
|
90
|
+
body = (0, _map.default)(_context3 = (0, _entries2.default)(body)).call(_context3, ([param, value]) => `${param}=${encodeURIComponent(value)}`).join('&');
|
|
91
|
+
}
|
|
78
92
|
}
|
|
79
93
|
|
|
80
94
|
var fetch = global.fetch || _crossFetch.default;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/fetch/fetchRequest.ts"],"names":["readData","response","headers","get","toLowerCase","json","catch","e","error","errorSummary","text","formatResult","status","data","isObject","pair","result","responseText","responseType","responseJSON","fetchRequest","method","url","args","body","contentType","fetch","global","crossFetch","fetchPromise","credentials","withCredentials","finally","resolve","then","ok"],"mappings":"
|
|
1
|
+
{"version":3,"sources":["../../../lib/fetch/fetchRequest.ts"],"names":["appJsonContentTypeRegex","readData","response","headers","get","toLowerCase","json","catch","e","error","errorSummary","text","formatResult","status","data","isObject","pair","result","responseText","responseType","responseJSON","fetchRequest","method","url","args","body","contentType","test","param","value","encodeURIComponent","join","fetch","global","crossFetch","fetchPromise","credentials","withCredentials","finally","resolve","then","ok"],"mappings":";;;;;;;;;;;;;;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA,MAAMA,uBAAuB,GAAG,yBAAhC;;AAEA,SAASC,QAAT,CAAkBC,QAAlB,EAAgE;AAAA;;AAC9D,MAAIA,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,KACF;AACA,mCAAAF,QAAQ,CAACC,OAAT,CAAiBC,GAAjB,CAAqB,cAArB,EAAsCC,WAAtC,mBAA4D,kBAA5D,KAAmF,CAFrF,EAEwF;AACxF,WAAOH,QAAQ,CAACI,IAAT,GACL;AADK,KAEJC,KAFI,CAEEC,CAAC,IAAI;AACV,aAAO;AACLC,QAAAA,KAAK,EAAED,CADF;AAELE,QAAAA,YAAY,EAAE;AAFT,OAAP;AAID,KAPI,CAAP;AAQC,GAXD,MAWO;AACL,WAAOR,QAAQ,CAACS,IAAT,EAAP;AACD;AACF;;AAED,SAASC,YAAT,CAAsBC,MAAtB,EAAsCC,IAAtC,EAA6DZ,QAA7D,EAAiF;AAC/E,QAAMa,QAAQ,GAAG,OAAOD,IAAP,KAAgB,QAAjC;AACA,QAAMX,OAAO,GAAG,EAAhB;;AACA,OAAK,MAAMa,IAAX,IAAmB,kCAACd,QAAQ,CAACC,OAAV,iBAAnB,EAAwD;AAAA;;AACtDA,IAAAA,OAAO,CAACa,IAAI,CAAC,CAAD,CAAL,CAAP,GAAmBA,IAAI,CAAC,CAAD,CAAvB;AACD;;AACD,QAAMC,MAAoB,GAAG;AAC3BC,IAAAA,YAAY,EAAEH,QAAQ,GAAG,wBAAeD,IAAf,CAAH,GAA0BA,IADrB;AAE3BD,IAAAA,MAAM,EAAEA,MAFmB;AAG3BV,IAAAA;AAH2B,GAA7B;;AAKA,MAAIY,QAAJ,EAAc;AACZE,IAAAA,MAAM,CAACE,YAAP,GAAsB,MAAtB;AACAF,IAAAA,MAAM,CAACG,YAAP,GAAsBN,IAAtB;AACD;;AACD,SAAOG,MAAP;AACD;AAED;;;AACA,SAASI,YAAT,CAAsBC,MAAtB,EAAsCC,GAAtC,EAAmDC,IAAnD,EAAuE;AACrE,MAAIC,IAAI,GAAGD,IAAI,CAACV,IAAhB;AACA,MAAIX,OAAO,GAAGqB,IAAI,CAACrB,OAAL,IAAgB,EAA9B;AACA,MAAIuB,WAAW,GAAIvB,OAAO,CAAC,cAAD,CAAP,IAA2BA,OAAO,CAAC,cAAD,CAAlC,IAAsD,EAAzE;;AAEA,MAAIsB,IAAI,IAAI,OAAOA,IAAP,KAAgB,QAA5B,EAAsC;AACpC;AACA,QAAIzB,uBAAuB,CAAC2B,IAAxB,CAA6BD,WAA7B,CAAJ,EAA+C;AAC7CD,MAAAA,IAAI,GAAG,wBAAeA,IAAf,CAAP;AACD,KAFD,MAGK,IAAIC,WAAW,KAAK,mCAApB,EAAyD;AAAA;;AAC5DD,MAAAA,IAAI,GAAG,qDAAeA,IAAf,mBACD,CAAC,CAACG,KAAD,EAAQC,KAAR,CAAD,KAAqB,GAAED,KAAM,IAAGE,kBAAkB,CAACD,KAAD,CAAQ,EADzD,EAENE,IAFM,CAED,GAFC,CAAP;AAGD;AACF;;AAED,MAAIC,KAAK,GAAGC,MAAM,CAACD,KAAP,IAAgBE,mBAA5B;AACA,MAAIC,YAAY,GAAGH,KAAK,CAACT,GAAD,EAAM;AAC5BD,IAAAA,MAAM,EAAEA,MADoB;AAE5BnB,IAAAA,OAAO,EAAEqB,IAAI,CAACrB,OAFc;AAG5BsB,IAAAA,IAAI,EAAEA,IAHsB;AAI5BW,IAAAA,WAAW,EAAEZ,IAAI,CAACa,eAAL,GAAuB,SAAvB,GAAmC;AAJpB,GAAN,CAAxB;;AAOA,MAAI,CAACF,YAAY,CAACG,OAAlB,EAA2B;AACzBH,IAAAA,YAAY,GAAG,iBAAQI,OAAR,CAAgBJ,YAAhB,CAAf;AACD;;AAED,SAAOA,YAAY,CAACK,IAAb,CAAkB,UAAStC,QAAT,EAAmB;AAC1C,QAAIO,KAAK,GAAG,CAACP,QAAQ,CAACuC,EAAtB;AACA,QAAI5B,MAAM,GAAGX,QAAQ,CAACW,MAAtB;AACA,WAAOZ,QAAQ,CAACC,QAAD,CAAR,CACJsC,IADI,CACC1B,IAAI,IAAI;AACZ,aAAOF,YAAY,CAACC,MAAD,EAASC,IAAT,EAAeZ,QAAf,CAAnB;AACD,KAHI,EAIJsC,IAJI,CAICvB,MAAM,IAAI;AAAA;;AACd,UAAIR,KAAK,4BAAIQ,MAAM,CAACG,YAAX,iDAAI,qBAAqBX,KAAlC,EAAyC;AACvC;AACA,cAAMQ,MAAN;AACD;;AACD,aAAOA,MAAP;AACD,KAVI,CAAP;AAWD,GAdM,CAAP;AAeD;;eAEcI,Y","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport crossFetch from 'cross-fetch';\nimport { FetchOptions, HttpResponse } from '../types';\n\n// content-type = application/json OR application/ion+json\nconst appJsonContentTypeRegex = /application\\/\\w*\\+?json/;\n\nfunction readData(response: Response): Promise<object | string> {\n if (response.headers.get('Content-Type') &&\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n response.headers.get('Content-Type')!.toLowerCase().indexOf('application/json') >= 0) {\n return response.json()\n // JSON parse can fail if response is not a valid object\n .catch(e => {\n return {\n error: e,\n errorSummary: 'Could not parse server response'\n };\n });\n } else {\n return response.text();\n }\n}\n\nfunction formatResult(status: number, data: object | string, response: Response) {\n const isObject = typeof data === 'object';\n const headers = {};\n for (const pair of (response.headers as any).entries()) {\n headers[pair[0]] = pair[1];\n }\n const result: HttpResponse = {\n responseText: isObject ? JSON.stringify(data) : data as string,\n status: status,\n headers\n };\n if (isObject) {\n result.responseType = 'json';\n result.responseJSON = data as object;\n }\n return result;\n}\n\n/* eslint-disable complexity */\nfunction fetchRequest(method: string, url: string, args: FetchOptions) {\n var body = args.data;\n var headers = args.headers || {};\n var contentType = (headers['Content-Type'] || headers['content-type'] || '');\n\n if (body && typeof body !== 'string') {\n // JSON encode body (if appropriate)\n if (appJsonContentTypeRegex.test(contentType)) {\n body = JSON.stringify(body);\n }\n else if (contentType === 'application/x-www-form-urlencoded') {\n body = Object.entries(body)\n .map( ([param, value]) => `${param}=${encodeURIComponent(value)}` )\n .join('&');\n }\n }\n\n var fetch = global.fetch || crossFetch;\n var fetchPromise = fetch(url, {\n method: method,\n headers: args.headers,\n body: body as string,\n credentials: args.withCredentials ? 'include' : 'omit'\n });\n\n if (!fetchPromise.finally) {\n fetchPromise = Promise.resolve(fetchPromise);\n }\n\n return fetchPromise.then(function(response) {\n var error = !response.ok;\n var status = response.status;\n return readData(response)\n .then(data => {\n return formatResult(status, data, response);\n })\n .then(result => {\n if (error || result.responseJSON?.error) {\n // Throwing result object since error handling is done in http.js\n throw result;\n }\n return result;\n });\n });\n}\n\nexport default fetchRequest;\n"],"file":"fetchRequest.js"}
|
package/cjs/http/request.js
CHANGED
|
@@ -12,10 +12,10 @@ var _assign = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-sta
|
|
|
12
12
|
|
|
13
13
|
var _util = require("../util");
|
|
14
14
|
|
|
15
|
-
var _AuthApiError = _interopRequireDefault(require("../errors/AuthApiError"));
|
|
16
|
-
|
|
17
15
|
var _constants = require("../constants");
|
|
18
16
|
|
|
17
|
+
var _errors = require("../errors");
|
|
18
|
+
|
|
19
19
|
/* eslint-disable @typescript-eslint/no-non-null-assertion */
|
|
20
20
|
|
|
21
21
|
/*!
|
|
@@ -124,7 +124,11 @@ function httpRequest(sdk, options) {
|
|
|
124
124
|
resp = sdk.options.transformErrorXHR((0, _util.clone)(resp));
|
|
125
125
|
}
|
|
126
126
|
|
|
127
|
-
|
|
127
|
+
if (serverErr.error && serverErr.error_description) {
|
|
128
|
+
err = new _errors.OAuthError(serverErr.error, serverErr.error_description);
|
|
129
|
+
} else {
|
|
130
|
+
err = new _errors.AuthApiError(serverErr, resp);
|
|
131
|
+
}
|
|
128
132
|
|
|
129
133
|
if (err.errorCode === 'E0000011') {
|
|
130
134
|
storage.delete(_constants.STATE_TOKEN_KEY_NAME);
|
package/cjs/http/request.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/http/request.ts"],"names":["httpRequest","sdk","options","url","method","args","saveAuthnState","accessToken","withCredentials","storageUtil","storage","httpCache","storageManager","getHttpCache","cookies","cacheResponse","cacheContents","getStorage","cachedResponse","Date","now","expiresAt","resolve","response","oktaUserAgentHeader","_oktaUserAgent","getHttpHeader","headers","ajaxOptions","data","undefined","err","res","httpRequestClient","then","resp","responseText","JSON","parse","stateToken","delete","STATE_TOKEN_KEY_NAME","set","updateStorage","Math","floor","DEFAULT_CACHE_DURATION","catch","serverErr","e","errorSummary","status","transformErrorXHR","AuthApiError","errorCode","get","getIssuerOrigin","getOptions","post","postOptions"],"mappings":";;;;;;;;;;;;AAeA;;AACA;;
|
|
1
|
+
{"version":3,"sources":["../../../lib/http/request.ts"],"names":["httpRequest","sdk","options","url","method","args","saveAuthnState","accessToken","withCredentials","storageUtil","storage","httpCache","storageManager","getHttpCache","cookies","cacheResponse","cacheContents","getStorage","cachedResponse","Date","now","expiresAt","resolve","response","oktaUserAgentHeader","_oktaUserAgent","getHttpHeader","headers","ajaxOptions","data","undefined","err","res","httpRequestClient","then","resp","responseText","JSON","parse","stateToken","delete","STATE_TOKEN_KEY_NAME","set","updateStorage","Math","floor","DEFAULT_CACHE_DURATION","catch","serverErr","e","errorSummary","status","transformErrorXHR","error","error_description","OAuthError","AuthApiError","errorCode","get","getIssuerOrigin","getOptions","post","postOptions"],"mappings":";;;;;;;;;;;;AAeA;;AACA;;AAEA;;AAlBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAMO,SAASA,WAAT,CAAqBC,GAArB,EAA6CC,OAA7C,EAAoF;AACzFA,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB;AACA,MAAIC,GAAG,GAAGD,OAAO,CAACC,GAAlB;AAAA,MACIC,MAAM,GAAGF,OAAO,CAACE,MADrB;AAAA,MAEIC,IAAI,GAAGH,OAAO,CAACG,IAFnB;AAAA,MAGIC,cAAc,GAAGJ,OAAO,CAACI,cAH7B;AAAA,MAIIC,WAAW,GAAGL,OAAO,CAACK,WAJ1B;AAAA,MAKIC,eAAe,GAAGN,OAAO,CAACM,eAAR,KAA4B,IALlD;AAAA,MAKwD;AACpDC,EAAAA,WAAW,GAAGR,GAAG,CAACC,OAAJ,CAAYO,WAN9B;AAAA,MAOIC,OAAO,GAAGD,WAAW,CAAEC,OAP3B;AAAA,MAQIC,SAAS,GAAGV,GAAG,CAACW,cAAJ,CAAmBC,YAAnB,CAAgCZ,GAAG,CAACC,OAAJ,CAAYY,OAA5C,CARhB;;AAUA,MAAIZ,OAAO,CAACa,aAAZ,EAA2B;AACzB,QAAIC,aAAa,GAAGL,SAAS,CAACM,UAAV,EAApB;AACA,QAAIC,cAAc,GAAGF,aAAa,CAACb,GAAD,CAAlC;;AACA,QAAIe,cAAc,IAAIC,IAAI,CAACC,GAAL,KAAW,IAAX,GAAkBF,cAAc,CAACG,SAAvD,EAAkE;AAChE,aAAO,iBAAQC,OAAR,CAAgBJ,cAAc,CAACK,QAA/B,CAAP;AACD;AACF;;AAED,MAAIC,mBAAmB,GAAGvB,GAAG,CAACwB,cAAJ,CAAmBC,aAAnB,EAA1B;;AACA,MAAIC,OAAoB,GAAG;AACzB,cAAU,kBADe;AAEzB,oBAAgB,kBAFS;AAGzB,OAAGH;AAHsB,GAA3B;AAKA,uBAAcG,OAAd,EAAuB1B,GAAG,CAACC,OAAJ,CAAYyB,OAAnC,EAA4CzB,OAAO,CAACyB,OAApD;AACAA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;;AAEA,MAAIpB,WAAW,IAAI,oBAASA,WAAT,CAAnB,EAA0C;AACxCoB,IAAAA,OAAO,CAAC,eAAD,CAAP,GAA2B,YAAYpB,WAAvC;AACD;;AAED,MAAIqB,WAAyB,GAAG;AAC9BD,IAAAA,OAD8B;AAE9BE,IAAAA,IAAI,EAAExB,IAAI,IAAIyB,SAFgB;AAG9BtB,IAAAA;AAH8B,GAAhC;AAMA,MAAIuB,GAAJ,EAASC,GAAT;AACA,SAAO/B,GAAG,CAACC,OAAJ,CAAY+B,iBAAZ,CAA+B7B,MAA/B,EAAwCD,GAAxC,EAA8CyB,WAA9C,EACJM,IADI,CACC,UAASC,IAAT,EAAe;AACnBH,IAAAA,GAAG,GAAGG,IAAI,CAACC,YAAX;;AACA,QAAIJ,GAAG,IAAI,oBAASA,GAAT,CAAX,EAA0B;AACxBA,MAAAA,GAAG,GAAGK,IAAI,CAACC,KAAL,CAAWN,GAAX,CAAN;;AACA,UAAIA,GAAG,IAAI,OAAOA,GAAP,KAAe,QAAtB,IAAkC,CAACA,GAAG,CAACL,OAA3C,EAAoD;AAClDK,QAAAA,GAAG,CAACL,OAAJ,GAAcQ,IAAI,CAACR,OAAnB;AACD;AACF;;AAED,QAAIrB,cAAJ,EAAoB;AAClB,UAAI,CAAC0B,GAAG,CAACO,UAAT,EAAqB;AACnB7B,QAAAA,OAAO,CAAC8B,MAAR,CAAeC,+BAAf;AACD;AACF;;AAED,QAAIT,GAAG,IAAIA,GAAG,CAACO,UAAX,IAAyBP,GAAG,CAACX,SAAjC,EAA4C;AAC1CX,MAAAA,OAAO,CAACgC,GAAR,CAAYD,+BAAZ,EAAkCT,GAAG,CAACO,UAAtC,EAAkDP,GAAG,CAACX,SAAtD,EAAiEpB,GAAG,CAACC,OAAJ,CAAYY,OAA7E;AACD;;AAED,QAAIkB,GAAG,IAAI9B,OAAO,CAACa,aAAnB,EAAkC;AAChCJ,MAAAA,SAAS,CAACgC,aAAV,CAAwBxC,GAAxB,EAA8B;AAC5BkB,QAAAA,SAAS,EAAEuB,IAAI,CAACC,KAAL,CAAW1B,IAAI,CAACC,GAAL,KAAW,IAAtB,IAA8B0B,iCADb;AAE5BvB,QAAAA,QAAQ,EAAES;AAFkB,OAA9B;AAID;;AAED,WAAOA,GAAP;AACD,GA5BI,EA6BJe,KA7BI,CA6BE,UAASZ,IAAT,EAAe;AACpB,QAAIa,SAAS,GAAGb,IAAI,CAACC,YAAL,IAAqB,EAArC;;AACA,QAAI,oBAASY,SAAT,CAAJ,EAAyB;AACvB,UAAI;AACFA,QAAAA,SAAS,GAAGX,IAAI,CAACC,KAAL,CAAWU,SAAX,CAAZ;AACD,OAFD,CAEE,OAAOC,CAAP,EAAU;AACVD,QAAAA,SAAS,GAAG;AACVE,UAAAA,YAAY,EAAE;AADJ,SAAZ;AAGD;AACF;;AAED,QAAIf,IAAI,CAACgB,MAAL,IAAe,GAAnB,EAAwB;AACtBH,MAAAA,SAAS,CAACE,YAAV,GAAyB,eAAzB;AACD;;AAED,QAAIjD,GAAG,CAACC,OAAJ,CAAYkD,iBAAhB,EAAmC;AACjCjB,MAAAA,IAAI,GAAGlC,GAAG,CAACC,OAAJ,CAAYkD,iBAAZ,CAA8B,iBAAMjB,IAAN,CAA9B,CAAP;AACD;;AAED,QAAIa,SAAS,CAACK,KAAV,IAAmBL,SAAS,CAACM,iBAAjC,EAAoD;AAClDvB,MAAAA,GAAG,GAAG,IAAIwB,kBAAJ,CAAeP,SAAS,CAACK,KAAzB,EAAgCL,SAAS,CAACM,iBAA1C,CAAN;AACD,KAFD,MAEO;AACLvB,MAAAA,GAAG,GAAG,IAAIyB,oBAAJ,CAAiBR,SAAjB,EAA4Bb,IAA5B,CAAN;AACD;;AAED,QAAIJ,GAAG,CAAC0B,SAAJ,KAAkB,UAAtB,EAAkC;AAChC/C,MAAAA,OAAO,CAAC8B,MAAR,CAAeC,+BAAf;AACD;;AAED,UAAMV,GAAN;AACD,GA5DI,CAAP;AA6DD;;AAEM,SAAS2B,GAAT,CAAazD,GAAb,EAAqCE,GAArC,EAAkDD,OAAlD,EAA4E;AACjFC,EAAAA,GAAG,GAAG,yBAAcA,GAAd,IAAqBA,GAArB,GAA2BF,GAAG,CAAC0D,eAAJ,KAAwBxD,GAAzD;AACA,MAAIyD,UAAU,GAAG;AACfzD,IAAAA,GAAG,EAAEA,GADU;AAEfC,IAAAA,MAAM,EAAE;AAFO,GAAjB;AAIA,uBAAcwD,UAAd,EAA0B1D,OAA1B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAM2D,UAAN,CAAlB;AACD;;AAEM,SAASC,IAAT,CAAc5D,GAAd,EAAsCE,GAAtC,EAAmDE,IAAnD,EAAuEH,OAAvE,EAAiG;AACtGC,EAAAA,GAAG,GAAG,yBAAcA,GAAd,IAAqBA,GAArB,GAA2BF,GAAG,CAAC0D,eAAJ,KAAwBxD,GAAzD;AACA,MAAI2D,WAAW,GAAG;AAChB3D,IAAAA,GAAG,EAAEA,GADW;AAEhBC,IAAAA,MAAM,EAAE,MAFQ;AAGhBC,IAAAA,IAAI,EAAEA,IAHU;AAIhBC,IAAAA,cAAc,EAAE;AAJA,GAAlB;AAMA,uBAAcwD,WAAd,EAA2B5D,OAA3B;AACA,SAAOF,WAAW,CAACC,GAAD,EAAM6D,WAAN,CAAlB;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* eslint-disable complexity */\nimport { isString, clone, isAbsoluteUrl, removeNils } from '../util';\nimport { STATE_TOKEN_KEY_NAME, DEFAULT_CACHE_DURATION } from '../constants';\nimport { OktaAuthInterface, RequestOptions, FetchOptions, RequestData } from '../types';\nimport { AuthApiError, OAuthError } from '../errors';\n\nexport function httpRequest(sdk: OktaAuthInterface, options: RequestOptions): Promise<any> {\n options = options || {};\n var url = options.url,\n method = options.method,\n args = options.args,\n saveAuthnState = options.saveAuthnState,\n accessToken = options.accessToken,\n withCredentials = options.withCredentials === true, // default value is false\n storageUtil = sdk.options.storageUtil,\n storage = storageUtil!.storage,\n httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);\n\n if (options.cacheResponse) {\n var cacheContents = httpCache.getStorage();\n var cachedResponse = cacheContents[url as string];\n if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n return Promise.resolve(cachedResponse.response);\n }\n }\n\n var oktaUserAgentHeader = sdk._oktaUserAgent.getHttpHeader();\n var headers: HeadersInit = {\n 'Accept': 'application/json',\n 'Content-Type': 'application/json',\n ...oktaUserAgentHeader\n };\n Object.assign(headers, sdk.options.headers, options.headers);\n headers = removeNils(headers) as HeadersInit;\n\n if (accessToken && isString(accessToken)) {\n headers['Authorization'] = 'Bearer ' + accessToken;\n }\n\n var ajaxOptions: FetchOptions = {\n headers,\n data: args || undefined,\n withCredentials\n };\n\n var err, res;\n return sdk.options.httpRequestClient!(method!, url!, ajaxOptions)\n .then(function(resp) {\n res = resp.responseText;\n if (res && isString(res)) {\n res = JSON.parse(res);\n if (res && typeof res === 'object' && !res.headers) {\n res.headers = resp.headers;\n }\n }\n\n if (saveAuthnState) {\n if (!res.stateToken) {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n }\n\n if (res && res.stateToken && res.expiresAt) {\n storage.set(STATE_TOKEN_KEY_NAME, res.stateToken, res.expiresAt, sdk.options.cookies!);\n }\n\n if (res && options.cacheResponse) {\n httpCache.updateStorage(url!, {\n expiresAt: Math.floor(Date.now()/1000) + DEFAULT_CACHE_DURATION,\n response: res\n });\n }\n\n return res;\n })\n .catch(function(resp) {\n var serverErr = resp.responseText || {};\n if (isString(serverErr)) {\n try {\n serverErr = JSON.parse(serverErr);\n } catch (e) {\n serverErr = {\n errorSummary: 'Unknown error'\n };\n }\n }\n\n if (resp.status >= 500) {\n serverErr.errorSummary = 'Unknown error';\n }\n\n if (sdk.options.transformErrorXHR) {\n resp = sdk.options.transformErrorXHR(clone(resp));\n }\n\n if (serverErr.error && serverErr.error_description) {\n err = new OAuthError(serverErr.error, serverErr.error_description);\n } else {\n err = new AuthApiError(serverErr, resp);\n }\n\n if (err.errorCode === 'E0000011') {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n\n throw err;\n });\n}\n\nexport function get(sdk: OktaAuthInterface, url: string, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var getOptions = {\n url: url,\n method: 'GET'\n };\n Object.assign(getOptions, options);\n return httpRequest(sdk, getOptions);\n}\n\nexport function post(sdk: OktaAuthInterface, url: string, args?: RequestData, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var postOptions = {\n url: url,\n method: 'POST',\n args: args,\n saveAuthnState: true\n };\n Object.assign(postOptions, options);\n return httpRequest(sdk, postOptions);\n}\n"],"file":"request.js"}
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
|
|
4
|
+
|
|
5
|
+
exports.validateVersionConfig = validateVersionConfig;
|
|
6
|
+
exports.makeIdxState = makeIdxState;
|
|
7
|
+
exports.parsersForVersion = void 0;
|
|
8
|
+
|
|
9
|
+
var _constants = require("../../constants");
|
|
10
|
+
|
|
11
|
+
var _parsers = _interopRequireDefault(require("./v1/parsers"));
|
|
12
|
+
|
|
13
|
+
// auth-js/types
|
|
14
|
+
// idx/types
|
|
15
|
+
const parsersForVersion = function parsersForVersion(version) {
|
|
16
|
+
switch (version) {
|
|
17
|
+
case '1.0.0':
|
|
18
|
+
return _parsers.default;
|
|
19
|
+
|
|
20
|
+
case undefined:
|
|
21
|
+
case null:
|
|
22
|
+
throw new Error('Api version is required');
|
|
23
|
+
|
|
24
|
+
default:
|
|
25
|
+
throw new Error(`Unknown api version: ${version}. Use an exact semver version.`);
|
|
26
|
+
}
|
|
27
|
+
};
|
|
28
|
+
|
|
29
|
+
exports.parsersForVersion = parsersForVersion;
|
|
30
|
+
|
|
31
|
+
function validateVersionConfig(version) {
|
|
32
|
+
if (!version) {
|
|
33
|
+
throw new Error('version is required');
|
|
34
|
+
}
|
|
35
|
+
|
|
36
|
+
const cleanVersion = (version !== null && version !== void 0 ? version : '').replace(/[^0-9a-zA-Z._-]/, '');
|
|
37
|
+
|
|
38
|
+
if (cleanVersion !== version || !version) {
|
|
39
|
+
throw new Error('invalid version supplied - version is required and uses semver syntax');
|
|
40
|
+
}
|
|
41
|
+
|
|
42
|
+
parsersForVersion(version); // will throw for invalid version
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
function makeIdxState(authClient, rawIdxResponse, toPersist = {}, requestDidSucceed) {
|
|
46
|
+
var _rawIdxResponse$versi;
|
|
47
|
+
|
|
48
|
+
const version = (_rawIdxResponse$versi = rawIdxResponse === null || rawIdxResponse === void 0 ? void 0 : rawIdxResponse.version) !== null && _rawIdxResponse$versi !== void 0 ? _rawIdxResponse$versi : _constants.IDX_API_VERSION;
|
|
49
|
+
validateVersionConfig(version);
|
|
50
|
+
const {
|
|
51
|
+
makeIdxState
|
|
52
|
+
} = parsersForVersion(version);
|
|
53
|
+
return makeIdxState(authClient, rawIdxResponse, toPersist, requestDidSucceed);
|
|
54
|
+
}
|
|
55
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/idxState/index.ts"],"names":["parsersForVersion","version","v1","undefined","Error","validateVersionConfig","cleanVersion","replace","makeIdxState","authClient","rawIdxResponse","toPersist","requestDidSucceed","IDX_API_VERSION"],"mappings":";;;;;;;;AAEA;;AACA;;AAHoD;AACgB;AAK7D,MAAMA,iBAAiB,GAAG,SAASA,iBAAT,CAA4BC,OAA5B,EAAsC;AACrE,UAAQA,OAAR;AACE,SAAK,OAAL;AACE,aAAOC,gBAAP;;AACF,SAAKC,SAAL;AACA,SAAK,IAAL;AACE,YAAM,IAAIC,KAAJ,CAAU,yBAAV,CAAN;;AACF;AACE,YAAM,IAAIA,KAAJ,CAAW,wBAAuBH,OAAQ,iCAA1C,CAAN;AAPJ;AASD,CAVM;;;;AAYA,SAASI,qBAAT,CAA+BJ,OAA/B,EAAwC;AAC7C,MAAK,CAACA,OAAN,EAAgB;AACd,UAAM,IAAIG,KAAJ,CAAU,qBAAV,CAAN;AACD;;AAED,QAAME,YAAY,GAAG,CAACL,OAAD,aAACA,OAAD,cAACA,OAAD,GAAY,EAAZ,EAAgBM,OAAhB,CAAwB,iBAAxB,EAA2C,EAA3C,CAArB;;AACA,MAAKD,YAAY,KAAKL,OAAjB,IAA4B,CAACA,OAAlC,EAA4C;AAC1C,UAAM,IAAIG,KAAJ,CAAU,uEAAV,CAAN;AACD;;AAEDJ,EAAAA,iBAAiB,CAACC,OAAD,CAAjB,CAV6C,CAUjB;AAC7B;;AAEM,SAASO,YAAT,CACLC,UADK,EAELC,cAFK,EAGLC,SAAkC,GAAG,EAHhC,EAILC,iBAJK,EAKQ;AAAA;;AACb,QAAMX,OAAO,4BAAGS,cAAH,aAAGA,cAAH,uBAAGA,cAAc,CAAET,OAAnB,yEAA8BY,0BAA3C;AACAR,EAAAA,qBAAqB,CAACJ,OAAD,CAArB;AAEA,QAAM;AAAEO,IAAAA;AAAF,MAAmBR,iBAAiB,CAACC,OAAD,CAA1C;AACA,SAAOO,YAAY,CAACC,UAAD,EAAaC,cAAb,EAA6BC,SAA7B,EAAwCC,iBAAxC,CAAnB;AACD","sourcesContent":["import { OktaAuthInterface } from '../../types'; // auth-js/types\nimport { IdxResponse, RawIdxResponse } from '../types/idx-js'; // idx/types\nimport { IDX_API_VERSION } from '../../constants';\nimport v1 from './v1/parsers';\n\n\nexport const parsersForVersion = function parsersForVersion( version ) {\n switch (version) {\n case '1.0.0':\n return v1;\n case undefined:\n case null:\n throw new Error('Api version is required');\n default:\n throw new Error(`Unknown api version: ${version}. Use an exact semver version.`);\n }\n};\n\nexport function validateVersionConfig(version) {\n if ( !version ) {\n throw new Error('version is required');\n }\n\n const cleanVersion = (version ?? '').replace(/[^0-9a-zA-Z._-]/, '');\n if ( cleanVersion !== version || !version ) {\n throw new Error('invalid version supplied - version is required and uses semver syntax');\n }\n\n parsersForVersion(version); // will throw for invalid version\n}\n\nexport function makeIdxState ( \n authClient: OktaAuthInterface,\n rawIdxResponse: RawIdxResponse,\n toPersist: Record<string, unknown> = {},\n requestDidSucceed: boolean,\n): IdxResponse {\n const version = rawIdxResponse?.version ?? IDX_API_VERSION;\n validateVersionConfig(version);\n \n const { makeIdxState } = parsersForVersion(version);\n return makeIdxState(authClient, rawIdxResponse, toPersist, requestDidSucceed);\n}\n"],"file":"index.js"}
|
|
@@ -13,6 +13,7 @@ exports.divideActionParamsByMutability = void 0;
|
|
|
13
13
|
*
|
|
14
14
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
15
15
|
*/
|
|
16
|
+
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
16
17
|
// @ts-nocheck
|
|
17
18
|
const isFieldMutable = function isFieldMutable(field) {
|
|
18
19
|
// mutable defaults to true, annoyingly
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../../../lib/idx/idxState/v1/actionParser.ts"],"names":["isFieldMutable","field","mutable","divideSingleActionParamsByMutability","action","defaultParamsForAction","neededParamsForAction","immutableParamsForAction","value","push","name","divideActionParamsByMutability","actionList","Array","isArray","neededParams","defaultParams","immutableParams"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA,MAAMA,cAAc,GAAG,SAASA,cAAT,CAAwBC,KAAxB,EAA+B;AACpD;AACA,SAASA,KAAK,CAACC,OAAN,KAAkB,KAA3B;AACD,CAHD;;AAKA,MAAMC,oCAAoC,GAAG,SAASA,oCAAT,CAA+CC,MAA/C,EAAwD;AACnG,QAAMC,sBAAsB,GAAG,EAA/B,CADmG,CAChE;;AACnC,QAAMC,qBAAqB,GAAG,EAA9B,CAFmG,CAEjE;;AAClC,QAAMC,wBAAwB,GAAG,EAAjC,CAHmG,CAG9D;AACrC;AACA;AACA;;AACA,MAAI,CAACH,MAAM,CAACI,KAAZ,EAAmB;AACjBF,IAAAA,qBAAqB,CAACG,IAAtB,CAA2BL,MAA3B;AACA,WAAO;AAAEC,MAAAA,sBAAF;AAA0BC,MAAAA,qBAA1B;AAAiDC,MAAAA;AAAjD,KAAP;AACD;;AAED,OAAM,IAAIN,KAAV,IAAmBG,MAAM,CAACI,KAA1B,EAAkC;AAEhC,QAAKR,cAAc,CAAEC,KAAF,CAAnB,EAA+B;AAAA;;AAE7BK,MAAAA,qBAAqB,CAACG,IAAtB,CAA2BR,KAA3B;;AAEA,0BAAKA,KAAK,CAACO,KAAX,uDAAoB,KAApB,EAA4B;AAC1BH,QAAAA,sBAAsB,CAACJ,KAAK,CAACS,IAAP,CAAtB,GAAqCT,KAAK,CAACO,KAA3C;AACD;AAEF,KARD,MAQO;AAAA;;AACLD,MAAAA,wBAAwB,CAACN,KAAK,CAACS,IAAP,CAAxB,oBAAuCT,KAAK,CAACO,KAA7C,yDAAsD,EAAtD;AACD;AACF;;AACD,SAAO;AAAEH,IAAAA,sBAAF;AAA0BC,IAAAA,qBAA1B;AAAiDC,IAAAA;AAAjD,GAAP;AACD,CA3BD;;AA6BO,MAAMI,8BAA8B,GAAG,SAASA,8BAAT,CAAyCC,UAAzC,EAAsD;AAClG;AACAA,EAAAA,UAAU,GAAGC,KAAK,CAACC,OAAN,CAAcF,UAAd,IAA4BA,UAA5B,GAAyC,CAAEA,UAAF,CAAtD;AACA,QAAMG,YAAY,GAAG,EAArB;AACA,QAAMC,aAAa,GAAG,EAAtB;AACA,QAAMC,eAAe,GAAG,EAAxB;;AAEA,OAAM,IAAIb,MAAV,IAAoBQ,UAApB,EAAiC;AAC/B,UAAM;AACJP,MAAAA,sBADI;AAEJC,MAAAA,qBAFI;AAGJC,MAAAA;AAHI,QAIFJ,oCAAoC,CAACC,MAAD,CAJxC;AAKAW,IAAAA,YAAY,CAACN,IAAb,CAAkBH,qBAAlB;AACAU,IAAAA,aAAa,CAACZ,MAAM,CAACM,IAAR,CAAb,GAA6BL,sBAA7B;AACAY,IAAAA,eAAe,CAACb,MAAM,CAACM,IAAR,CAAf,GAA+BH,wBAA/B;AACD;;AAED,SAAO;AAAES,IAAAA,aAAF;AAAiBD,IAAAA,YAAjB;AAA+BE,IAAAA;AAA/B,GAAP;AACD,CAnBM","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nconst isFieldMutable = function isFieldMutable(field) {\n // mutable defaults to true, annoyingly\n return ( field.mutable !== false );\n};\n\nconst divideSingleActionParamsByMutability = function divideSingleActionParamsByMutability( action ) {\n const defaultParamsForAction = {}; // mutable and present\n const neededParamsForAction = []; // mutable values\n const immutableParamsForAction = {}; // immutable\n // TODO: remove assumption that form names are unique, neededParams being an array is a temp fix\n // not all actions have value (e.g. redirect)\n // making sure they are not empty and instead hold the remediation object\n if (!action.value) {\n neededParamsForAction.push(action);\n return { defaultParamsForAction, neededParamsForAction, immutableParamsForAction };\n }\n\n for ( let field of action.value ) {\n\n if ( isFieldMutable( field ) ) {\n\n neededParamsForAction.push(field);\n\n if ( field.value ?? false ) {\n defaultParamsForAction[field.name] = field.value;\n }\n\n } else {\n immutableParamsForAction[field.name] = field.value ?? '';\n }\n }\n return { defaultParamsForAction, neededParamsForAction, immutableParamsForAction };\n};\n\nexport const divideActionParamsByMutability = function divideActionParamsByMutability( actionList ) {\n // TODO: when removing form name is unique assumption, this may all be redundant\n actionList = Array.isArray(actionList) ? actionList : [ actionList ];\n const neededParams = [];\n const defaultParams = {};\n const immutableParams = {};\n\n for ( let action of actionList ) {\n const { \n defaultParamsForAction, \n neededParamsForAction, \n immutableParamsForAction \n } = divideSingleActionParamsByMutability(action);\n neededParams.push(neededParamsForAction);\n defaultParams[action.name] = defaultParamsForAction;\n immutableParams[action.name] = immutableParamsForAction;\n }\n\n return { defaultParams, neededParams, immutableParams };\n};\n\n"],"file":"actionParser.js"}
|
|
@@ -6,12 +6,14 @@ exports.default = void 0;
|
|
|
6
6
|
|
|
7
7
|
var _stringify = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/json/stringify"));
|
|
8
8
|
|
|
9
|
-
var
|
|
9
|
+
var _http = require("../../../http");
|
|
10
10
|
|
|
11
11
|
var _actionParser = require("./actionParser");
|
|
12
12
|
|
|
13
13
|
var _makeIdxState = require("./makeIdxState");
|
|
14
14
|
|
|
15
|
+
var _AuthApiError = _interopRequireDefault(require("../../../errors/AuthApiError"));
|
|
16
|
+
|
|
15
17
|
/*!
|
|
16
18
|
* Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
17
19
|
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
@@ -24,49 +26,60 @@ var _makeIdxState = require("./makeIdxState");
|
|
|
24
26
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
25
27
|
*/
|
|
26
28
|
|
|
27
|
-
/* eslint-disable max-len */
|
|
29
|
+
/* eslint-disable max-len, complexity */
|
|
30
|
+
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
|
28
31
|
// @ts-nocheck
|
|
29
|
-
const generateDirectFetch = function generateDirectFetch({
|
|
32
|
+
const generateDirectFetch = function generateDirectFetch(authClient, {
|
|
30
33
|
actionDefinition,
|
|
31
34
|
defaultParamsForAction = {},
|
|
32
35
|
immutableParamsForAction = {},
|
|
33
|
-
toPersist
|
|
36
|
+
toPersist = {}
|
|
34
37
|
}) {
|
|
35
38
|
const target = actionDefinition.href;
|
|
36
|
-
return async function (params) {
|
|
39
|
+
return async function (params = {}) {
|
|
37
40
|
const headers = {
|
|
38
|
-
'
|
|
39
|
-
'
|
|
41
|
+
'Content-Type': 'application/json',
|
|
42
|
+
'Accept': actionDefinition.accepts || 'application/ion+json'
|
|
40
43
|
};
|
|
41
44
|
const body = (0, _stringify.default)({ ...defaultParamsForAction,
|
|
42
45
|
...params,
|
|
43
46
|
...immutableParamsForAction
|
|
44
47
|
});
|
|
45
|
-
const credentials = toPersist && toPersist.withCredentials === false ? 'omit' : 'include';
|
|
46
|
-
const response = await (0, _client.request)(target, {
|
|
47
|
-
method: actionDefinition.method,
|
|
48
|
-
headers,
|
|
49
|
-
body,
|
|
50
|
-
credentials
|
|
51
|
-
});
|
|
52
|
-
const responseJSON = await response.json();
|
|
53
|
-
const requestDidSucceed = response.ok;
|
|
54
|
-
const idxResponse = (0, _makeIdxState.makeIdxState)(responseJSON, toPersist, requestDidSucceed);
|
|
55
48
|
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
49
|
+
try {
|
|
50
|
+
var _toPersist$withCreden;
|
|
51
|
+
|
|
52
|
+
const response = await (0, _http.httpRequest)(authClient, {
|
|
53
|
+
url: target,
|
|
54
|
+
method: actionDefinition.method,
|
|
55
|
+
headers,
|
|
56
|
+
args: body,
|
|
57
|
+
withCredentials: (_toPersist$withCreden = toPersist === null || toPersist === void 0 ? void 0 : toPersist.withCredentials) !== null && _toPersist$withCreden !== void 0 ? _toPersist$withCreden : true
|
|
58
|
+
});
|
|
59
|
+
return (0, _makeIdxState.makeIdxState)(authClient, { ...response
|
|
60
|
+
}, toPersist, true);
|
|
61
|
+
} catch (err) {
|
|
62
|
+
if (!(err instanceof _AuthApiError.default) || !(err !== null && err !== void 0 && err.xhr)) {
|
|
63
|
+
throw err;
|
|
64
|
+
}
|
|
65
|
+
|
|
66
|
+
const response = err.xhr;
|
|
67
|
+
const payload = response.responseJSON || JSON.parse(response.responseText);
|
|
68
|
+
const wwwAuthHeader = response.headers['WWW-Authenticate'] || response.headers['www-authenticate'];
|
|
69
|
+
const idxResponse = (0, _makeIdxState.makeIdxState)(authClient, { ...payload
|
|
70
|
+
}, toPersist, false);
|
|
71
|
+
|
|
72
|
+
if (response.status === 401 && wwwAuthHeader === 'Oktadevicejwt realm="Okta Device"') {
|
|
73
|
+
// Okta server responds 401 status code with WWW-Authenticate header and new remediation
|
|
74
|
+
// so that the iOS/MacOS credential SSO extension (Okta Verify) can intercept
|
|
75
|
+
// the response reaches here when Okta Verify is not installed
|
|
76
|
+
// set `stepUp` to true if flow should be continued without showing any errors
|
|
77
|
+
idxResponse.stepUp = true;
|
|
78
|
+
} // Throw IDX response if request did not succeed. This behavior will be removed in version 7.0: OKTA-481844
|
|
63
79
|
|
|
64
80
|
|
|
65
|
-
if (!requestDidSucceed) {
|
|
66
81
|
throw idxResponse;
|
|
67
82
|
}
|
|
68
|
-
|
|
69
|
-
return idxResponse;
|
|
70
83
|
};
|
|
71
84
|
}; // TODO: Resolve in M2: Either build the final polling solution or remove this code
|
|
72
85
|
// const generatePollingFetch = function generatePollingFetch( { actionDefinition, defaultParamsForAction = {}, immutableParamsForAction = {} } ) {
|
|
@@ -81,12 +94,12 @@ const generateDirectFetch = function generateDirectFetch({
|
|
|
81
94
|
// body: JSON.stringify({ ...defaultParamsForAction, ...params, ...immutableParamsForAction })
|
|
82
95
|
// })
|
|
83
96
|
// .then( response => response.ok ? response.json() : response.json().then( err => Promise.reject(err)) )
|
|
84
|
-
// .then( idxResponse => makeIdxState(idxResponse) );
|
|
97
|
+
// .then( idxResponse => makeIdxState(authClient, idxResponse) );
|
|
85
98
|
// };
|
|
86
99
|
// };
|
|
87
100
|
|
|
88
101
|
|
|
89
|
-
const generateIdxAction = function generateIdxAction(actionDefinition, toPersist) {
|
|
102
|
+
const generateIdxAction = function generateIdxAction(authClient, actionDefinition, toPersist) {
|
|
90
103
|
// TODO: leaving this here to see where the polling is EXPECTED to drop into the code, but removing any accidental trigger of incomplete code
|
|
91
104
|
// const generator = actionDefinition.refresh ? generatePollingFetch : generateDirectFetch;
|
|
92
105
|
const generator = generateDirectFetch;
|
|
@@ -95,7 +108,7 @@ const generateIdxAction = function generateIdxAction(actionDefinition, toPersist
|
|
|
95
108
|
neededParams,
|
|
96
109
|
immutableParams
|
|
97
110
|
} = (0, _actionParser.divideActionParamsByMutability)(actionDefinition);
|
|
98
|
-
const action = generator({
|
|
111
|
+
const action = generator(authClient, {
|
|
99
112
|
actionDefinition,
|
|
100
113
|
defaultParamsForAction: defaultParams[actionDefinition.name],
|
|
101
114
|
immutableParamsForAction: immutableParams[actionDefinition.name],
|