npm - @okta/okta-auth-js - Versions diffs - 6.3.1 → 6.4.1 - Mend

@okta/okta-auth-js 6.3.1 → 6.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (156) hide show

package/CHANGELOG.md +38 -0
package/README.md +6 -0
package/cjs/AuthStateManager.js +1 -0
package/cjs/AuthStateManager.js.map +1 -1
package/cjs/OktaAuth.js +10 -11
package/cjs/OktaAuth.js.map +1 -1
package/cjs/OktaUserAgent.js +2 -2
package/cjs/ServiceManager.js +1 -1
package/cjs/ServiceManager.js.map +1 -1
package/cjs/TokenManager.js.map +1 -1
package/cjs/crypto/verifyToken.js +2 -1
package/cjs/crypto/verifyToken.js.map +1 -1
package/cjs/errors/AuthApiError.js.map +1 -1
package/cjs/errors/OAuthError.js +7 -1
package/cjs/errors/OAuthError.js.map +1 -1
package/cjs/fetch/fetchRequest.js +17 -3
package/cjs/fetch/fetchRequest.js.map +1 -1
package/cjs/http/request.js +7 -3
package/cjs/http/request.js.map +1 -1
package/cjs/idx/idxState/index.js +55 -0
package/cjs/idx/idxState/index.js.map +1 -0
package/cjs/idx/{idx-js → idxState}/v1/actionParser.js +1 -0
package/cjs/idx/idxState/v1/actionParser.js.map +1 -0
package/cjs/idx/{idx-js → idxState}/v1/generateIdxAction.js +43 -30
package/cjs/idx/idxState/v1/generateIdxAction.js.map +1 -0
package/cjs/idx/{idx-js → idxState}/v1/idxResponseParser.js +8 -8
package/cjs/idx/idxState/v1/idxResponseParser.js.map +1 -0
package/cjs/idx/{idx-js → idxState}/v1/makeIdxState.js +3 -2
package/cjs/idx/idxState/v1/makeIdxState.js.map +1 -0
package/cjs/idx/{idx-js → idxState}/v1/parsers.js +1 -0
package/cjs/idx/idxState/v1/parsers.js.map +1 -0
package/cjs/idx/{idx-js → idxState}/v1/remediationParser.js +4 -2
package/cjs/idx/idxState/v1/remediationParser.js.map +1 -0
package/cjs/idx/interact.js +42 -21
package/cjs/idx/interact.js.map +1 -1
package/cjs/idx/introspect.js +37 -12
package/cjs/idx/introspect.js.map +1 -1
package/cjs/idx/remediate.js +56 -132
package/cjs/idx/remediate.js.map +1 -1
package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
package/cjs/idx/remediators/AuthenticatorVerificationData.js +7 -6
package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
package/cjs/idx/remediators/Base/Remediator.js +12 -2
package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
package/cjs/idx/remediators/ChallengeAuthenticator.js.map +1 -1
package/cjs/idx/remediators/EnrollAuthenticator.js.map +1 -1
package/cjs/idx/remediators/EnrollPoll.js.map +1 -1
package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -1
package/cjs/idx/remediators/Identify.js.map +1 -1
package/cjs/idx/remediators/ReEnrollAuthenticator.js.map +1 -1
package/cjs/idx/remediators/ResetAuthenticator.js.map +1 -1
package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
package/cjs/idx/remediators/SelectAuthenticatorEnroll.js.map +1 -1
package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js.map +1 -1
package/cjs/idx/remediators/SelectEnrollProfile.js.map +1 -1
package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -1
package/cjs/idx/remediators/Skip.js.map +1 -1
package/cjs/idx/run.js +16 -12
package/cjs/idx/run.js.map +1 -1
package/cjs/idx/types/idx-js.js +2 -0
package/cjs/idx/types/idx-js.js.map +1 -1
package/cjs/idx/types/index.js +0 -138
package/cjs/idx/types/index.js.map +1 -1
package/cjs/idx/util.js +127 -5
package/cjs/idx/util.js.map +1 -1
package/cjs/server/serverStorage.js +1 -0
package/cjs/server/serverStorage.js.map +1 -1
package/cjs/tx/AuthTransaction.js.map +1 -1
package/cjs/types/Token.js +0 -1
package/cjs/types/Token.js.map +1 -1
package/cjs/util/object.js.map +1 -1
package/cjs/util/types.js.map +1 -1
package/dist/okta-auth-js.min.js +1 -1
package/dist/okta-auth-js.min.js.map +1 -1
package/dist/okta-auth-js.umd.js +1 -1
package/dist/okta-auth-js.umd.js.map +1 -1
package/esm/esm.browser.js +744 -928
package/esm/esm.browser.js.map +1 -1
package/esm/esm.node.mjs +609 -730
package/esm/esm.node.mjs.map +1 -1
package/lib/TokenManager.d.ts +2 -2
package/lib/errors/OAuthError.d.ts +2 -0
package/lib/idx/flow/RemediationFlow.d.ts +2 -2
package/lib/idx/idxState/index.d.ts +7 -0
package/lib/idx/{idx-js → idxState}/v1/actionParser.d.ts +0 -0
package/lib/idx/{idx-js → idxState}/v1/generateIdxAction.d.ts +3 -1
package/lib/idx/{idx-js → idxState}/v1/idxResponseParser.d.ts +3 -2
package/lib/idx/{idx-js → idxState}/v1/makeIdxState.d.ts +3 -2
package/lib/idx/{idx-js → idxState}/v1/parsers.d.ts +0 -0
package/lib/idx/{idx-js → idxState}/v1/remediationParser.d.ts +2 -1
package/lib/idx/interact.d.ts +22 -0
package/lib/idx/remediate.d.ts +9 -12
package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +1 -2
package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +3 -3
package/lib/idx/remediators/Base/AuthenticatorData.d.ts +3 -4
package/lib/idx/remediators/Base/Remediator.d.ts +8 -4
package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +2 -3
package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +3 -4
package/lib/idx/remediators/ChallengeAuthenticator.d.ts +1 -2
package/lib/idx/remediators/EnrollAuthenticator.d.ts +1 -2
package/lib/idx/remediators/EnrollPoll.d.ts +1 -2
package/lib/idx/remediators/EnrollProfile.d.ts +1 -2
package/lib/idx/remediators/EnrollmentChannelData.d.ts +1 -2
package/lib/idx/remediators/Identify.d.ts +1 -2
package/lib/idx/remediators/ReEnrollAuthenticator.d.ts +1 -2
package/lib/idx/remediators/ResetAuthenticator.d.ts +1 -2
package/lib/idx/remediators/SelectAuthenticatorAuthenticate.d.ts +1 -2
package/lib/idx/remediators/SelectAuthenticatorEnroll.d.ts +1 -2
package/lib/idx/remediators/SelectAuthenticatorUnlockAccount.d.ts +1 -2
package/lib/idx/remediators/SelectEnrollProfile.d.ts +1 -2
package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +1 -2
package/lib/idx/remediators/Skip.d.ts +1 -2
package/lib/idx/types/idx-js.d.ts +5 -2
package/lib/idx/types/index.d.ts +26 -17
package/lib/idx/util.d.ts +7 -4
package/lib/types/EventEmitter.d.ts +3 -3
package/lib/types/Service.d.ts +6 -6
package/lib/types/Storage.d.ts +6 -6
package/lib/types/TokenManager.d.ts +5 -2
package/lib/types/UserClaims.d.ts +1 -1
package/lib/util/types.d.ts +1 -1
package/package.json +10 -10
package/cjs/idx/headers.js +0 -59
package/cjs/idx/headers.js.map +0 -1
package/cjs/idx/idx-js/client.js +0 -91
package/cjs/idx/idx-js/client.js.map +0 -1
package/cjs/idx/idx-js/index.js +0 -40
package/cjs/idx/idx-js/index.js.map +0 -1
package/cjs/idx/idx-js/interact.js +0 -83
package/cjs/idx/idx-js/interact.js.map +0 -1
package/cjs/idx/idx-js/introspect.js +0 -62
package/cjs/idx/idx-js/introspect.js.map +0 -1
package/cjs/idx/idx-js/parsers.js +0 -41
package/cjs/idx/idx-js/parsers.js.map +0 -1
package/cjs/idx/idx-js/util.js +0 -34
package/cjs/idx/idx-js/util.js.map +0 -1
package/cjs/idx/idx-js/v1/actionParser.js.map +0 -1
package/cjs/idx/idx-js/v1/generateIdxAction.js.map +0 -1
package/cjs/idx/idx-js/v1/idxResponseParser.js.map +0 -1
package/cjs/idx/idx-js/v1/makeIdxState.js.map +0 -1
package/cjs/idx/idx-js/v1/parsers.js.map +0 -1
package/cjs/idx/idx-js/v1/remediationParser.js.map +0 -1
package/cjs/options.js +0 -170
package/cjs/options.js.map +0 -1
package/lib/idx/headers.d.ts +0 -16
package/lib/idx/idx-js/client.d.ts +0 -36
package/lib/idx/idx-js/index.d.ts +0 -35
package/lib/idx/idx-js/interact.d.ts +0 -25
package/lib/idx/idx-js/introspect.d.ts +0 -21
package/lib/idx/idx-js/parsers.d.ts +0 -15
package/lib/idx/idx-js/util.d.ts +0 -12
package/lib/options.d.ts +0 -14

package/cjs/idx/idxState/v1/generateIdxAction.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../../../../lib/idx/idxState/v1/generateIdxAction.ts"],"names":["generateDirectFetch","authClient","actionDefinition","defaultParamsForAction","immutableParamsForAction","toPersist","target","href","params","headers","accepts","body","response","url","method","args","withCredentials","err","AuthApiError","xhr","payload","responseJSON","JSON","parse","responseText","wwwAuthHeader","idxResponse","status","stepUp","generateIdxAction","generator","defaultParams","neededParams","immutableParams","action","name"],"mappings":";;;;;;;;AAeA;;AAGA;;AACA;;AACA;;AApBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AAQA,MAAMA,mBAAmB,GAAG,SAASA,mBAAT,CAA6BC,UAA7B,EAA4D;AACtFC,EAAAA,gBADsF;AAEtFC,EAAAA,sBAAsB,GAAG,EAF6D;AAGtFC,EAAAA,wBAAwB,GAAG,EAH2D;AAItFC,EAAAA,SAAS,GAAG;AAJ0E,CAA5D,EAKzB;AACD,QAAMC,MAAM,GAAGJ,gBAAgB,CAACK,IAAhC;AACA,SAAO,gBAAeC,MAAuB,GAAG,EAAzC,EAAmE;AACxE,UAAMC,OAAO,GAAG;AACd,sBAAgB,kBADF;AAEd,gBAAUP,gBAAgB,CAACQ,OAAjB,IAA4B;AAFxB,KAAhB;AAIA,UAAMC,IAAI,GAAG,wBAAe,EAC1B,GAAGR,sBADuB;AAE1B,SAAGK,MAFuB;AAG1B,SAAGJ;AAHuB,KAAf,CAAb;;AAMA,QAAI;AAAA;;AACF,YAAMQ,QAAQ,GAAG,MAAM,uBAAYX,UAAZ,EAAwB;AAC7CY,QAAAA,GAAG,EAAEP,MADwC;AAE7CQ,QAAAA,MAAM,EAAEZ,gBAAgB,CAACY,MAFoB;AAG7CL,QAAAA,OAH6C;AAI7CM,QAAAA,IAAI,EAAEJ,IAJuC;AAK7CK,QAAAA,eAAe,2BAAEX,SAAF,aAAEA,SAAF,uBAAEA,SAAS,CAAEW,eAAb,yEAAgC;AALF,OAAxB,CAAvB;AAQA,aAAO,gCAAaf,UAAb,EAAyB,EAAE,GAAGW;AAAL,OAAzB,EAA0CP,SAA1C,EAAqD,IAArD,CAAP;AACD,KAVD,CAWA,OAAOY,GAAP,EAAY;AACV,UAAI,EAAEA,GAAG,YAAYC,qBAAjB,KAAkC,EAACD,GAAD,aAACA,GAAD,eAACA,GAAG,CAAEE,GAAN,CAAtC,EAAiD;AAC/C,cAAMF,GAAN;AACD;;AAED,YAAML,QAAQ,GAAGK,GAAG,CAACE,GAArB;AACA,YAAMC,OAAO,GAAGR,QAAQ,CAACS,YAAT,IAAyBC,IAAI,CAACC,KAAL,CAAWX,QAAQ,CAACY,YAApB,CAAzC;AACA,YAAMC,aAAa,GAAGb,QAAQ,CAACH,OAAT,CAAiB,kBAAjB,KAAwCG,QAAQ,CAACH,OAAT,CAAiB,kBAAjB,CAA9D;AAEA,YAAMiB,WAAW,GAAG,gCAAazB,UAAb,EAAyB,EAAE,GAAGmB;AAAL,OAAzB,EAAyCf,SAAzC,EAAoD,KAApD,CAApB;;AACA,UAAIO,QAAQ,CAACe,MAAT,KAAoB,GAApB,IAA2BF,aAAa,KAAK,mCAAjD,EAAsF;AACpF;AACA;AACA;AACA;AACAC,QAAAA,WAAW,CAACE,MAAZ,GAAqB,IAArB;AACD,OAhBS,CAkBV;;;AACA,YAAMF,WAAN;AACD;AACF,GA3CD;AA4CD,CAnDD,C,CAqDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AAEA,MAAMG,iBAAiB,GAAG,SAASA,iBAAT,CAA4B5B,UAA5B,EAA2DC,gBAA3D,EAA6EG,SAA7E,EAAyF;AACjH;AACA;AACA,QAAMyB,SAAS,GAAG9B,mBAAlB;AACA,QAAM;AAAE+B,IAAAA,aAAF;AAAiBC,IAAAA,YAAjB;AAA+BC,IAAAA;AAA/B,MAAmD,kDAAgC/B,gBAAhC,CAAzD;AAEA,QAAMgC,MAAM,GAAGJ,SAAS,CAAC7B,UAAD,EAAa;AACnCC,IAAAA,gBADmC;AAEnCC,IAAAA,sBAAsB,EAAE4B,aAAa,CAAC7B,gBAAgB,CAACiC,IAAlB,CAFF;AAGnC/B,IAAAA,wBAAwB,EAAE6B,eAAe,CAAC/B,gBAAgB,CAACiC,IAAlB,CAHN;AAInC9B,IAAAA;AAJmC,GAAb,CAAxB;AAMA6B,EAAAA,MAAM,CAACF,YAAP,GAAsBA,YAAtB;AACA,SAAOE,MAAP;AACD,CAdD;;eAgBeL,iB","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable max-len, complexity */\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nimport { httpRequest } from '../../../http';\nimport { OktaAuthInterface } from '../../../types'; // auth-js/types\nimport { IdxActionParams } from '../../types/idx-js';\nimport { divideActionParamsByMutability } from './actionParser';\nimport { makeIdxState } from './makeIdxState';\nimport AuthApiError from '../../../errors/AuthApiError';\n\nconst generateDirectFetch = function generateDirectFetch(authClient: OktaAuthInterface, { \n actionDefinition, \n defaultParamsForAction = {}, \n immutableParamsForAction = {}, \n toPersist = {}\n}) {\n const target = actionDefinition.href;\n return async function(params: IdxActionParams = {}): Promise<IdxResponse> {\n const headers = {\n 'Content-Type': 'application/json',\n 'Accept': actionDefinition.accepts || 'application/ion+json',\n };\n const body = JSON.stringify({\n ...defaultParamsForAction,\n ...params,\n ...immutableParamsForAction\n });\n\n try {\n const response = await httpRequest(authClient, {\n url: target,\n method: actionDefinition.method,\n headers,\n args: body,\n withCredentials: toPersist?.withCredentials ?? true\n });\n\n return makeIdxState(authClient, { ...response }, toPersist, true);\n }\n catch (err) {\n if (!(err instanceof AuthApiError) || !err?.xhr) {\n throw err;\n }\n\n const response = err.xhr;\n const payload = response.responseJSON || JSON.parse(response.responseText);\n const wwwAuthHeader = response.headers['WWW-Authenticate'] || response.headers['www-authenticate'];\n\n const idxResponse = makeIdxState(authClient, { ...payload }, toPersist, false);\n if (response.status === 401 && wwwAuthHeader === 'Oktadevicejwt realm=\"Okta Device\"') {\n // Okta server responds 401 status code with WWW-Authenticate header and new remediation\n // so that the iOS/MacOS credential SSO extension (Okta Verify) can intercept\n // the response reaches here when Okta Verify is not installed\n // set `stepUp` to true if flow should be continued without showing any errors\n idxResponse.stepUp = true;\n }\n\n // Throw IDX response if request did not succeed. This behavior will be removed in version 7.0: OKTA-481844\n throw idxResponse;\n }\n };\n};\n\n// TODO: Resolve in M2: Either build the final polling solution or remove this code\n// const generatePollingFetch = function generatePollingFetch( { actionDefinition, defaultParamsForAction = {}, immutableParamsForAction = {} } ) {\n// // TODO: Discussions ongoing about when/how to terminate polling: OKTA-246581\n// const target = actionDefinition.href;\n// return async function(params) {\n// return fetch(target, {\n// method: actionDefinition.method,\n// headers: {\n// 'content-type': actionDefinition.accepts,\n// },\n// body: JSON.stringify({ ...defaultParamsForAction, ...params, ...immutableParamsForAction })\n// })\n// .then( response => response.ok ? response.json() : response.json().then( err => Promise.reject(err)) )\n// .then( idxResponse => makeIdxState(authClient, idxResponse) );\n// };\n// };\n\nconst generateIdxAction = function generateIdxAction( authClient: OktaAuthInterface, actionDefinition, toPersist ) {\n // TODO: leaving this here to see where the polling is EXPECTED to drop into the code, but removing any accidental trigger of incomplete code\n // const generator = actionDefinition.refresh ? generatePollingFetch : generateDirectFetch;\n const generator = generateDirectFetch;\n const { defaultParams, neededParams, immutableParams } = divideActionParamsByMutability( actionDefinition );\n\n const action = generator(authClient, {\n actionDefinition,\n defaultParamsForAction: defaultParams[actionDefinition.name],\n immutableParamsForAction: immutableParams[actionDefinition.name],\n toPersist\n });\n action.neededParams = neededParams;\n return action;\n};\n\nexport default generateIdxAction;\n"],"file":"generateIdxAction.js"}

package/cjs/idx/{idx-js → idxState}/v1/idxResponseParser.js RENAMED Viewed

@@ -26,7 +26,7 @@ const SKIP_FIELDS = (0, _fromEntries.default)((0, _map.default)(_context = ['rem
 'context' // the API response of 'context' isn't externally useful.  We ignore it and put all non-action (contextual) info into idxState.context
 ]).call(_context, field => [field, !!'skip this field']));
-const parseNonRemediations = function parseNonRemediations(idxResponse, toPersist = {}) {
+const parseNonRemediations = function parseNonRemediations(authClient, idxResponse, toPersist = {}) {
   var _context2;
   const actions = {};
@@ -42,7 +42,7 @@ const parseNonRemediations = function parseNonRemediations(idxResponse, toPersis
     if (idxResponse[field].rel) {
       // top level actions
-      actions[idxResponse[field].name] = (0, _generateIdxAction.default)(idxResponse[field], toPersist);
+      actions[idxResponse[field].name] = (0, _generateIdxAction.default)(authClient, idxResponse[field], toPersist);
       return;
     }
@@ -68,7 +68,7 @@ const parseNonRemediations = function parseNonRemediations(idxResponse, toPersis
       if (value.rel) {
         // is [field].value[subField] an action?
         // add any "action" value subfields to actions
-        actions[`${field}-${subField.name || subField}`] = (0, _generateIdxAction.default)(value, toPersist);
+        actions[`${field}-${subField.name || subField}`] = (0, _generateIdxAction.default)(authClient, value, toPersist);
       } else {
         // add non-action value subfields to context
         context[field].value[subField] = value;
@@ -108,24 +108,24 @@ const expandRelatesTo = (idxResponse, value) => {
   });
 };
-const convertRemediationAction = (remediation, toPersist) => {
-  const remediationActions = (0, _remediationParser.generateRemediationFunctions)([remediation], toPersist);
+const convertRemediationAction = (authClient, remediation, toPersist) => {
+  const remediationActions = (0, _remediationParser.generateRemediationFunctions)(authClient, [remediation], toPersist);
   const actionFn = remediationActions[remediation.name];
   return { ...remediation,
     action: actionFn
   };
 };
-const parseIdxResponse = function parseIdxResponse(idxResponse, toPersist = {}) {
+const parseIdxResponse = function parseIdxResponse(authClient, idxResponse, toPersist = {}) {
   var _idxResponse$remediat;
   const remediationData = ((_idxResponse$remediat = idxResponse.remediation) === null || _idxResponse$remediat === void 0 ? void 0 : _idxResponse$remediat.value) || [];
   remediationData.forEach(remediation => expandRelatesTo(idxResponse, remediation));
-  const remediations = (0, _map.default)(remediationData).call(remediationData, remediation => convertRemediationAction(remediation, toPersist));
+  const remediations = (0, _map.default)(remediationData).call(remediationData, remediation => convertRemediationAction(authClient, remediation, toPersist));
   const {
     context,
     actions
-  } = parseNonRemediations(idxResponse, toPersist);
+  } = parseNonRemediations(authClient, idxResponse, toPersist);
   return {
     remediations,
     context,

package/cjs/idx/idxState/v1/idxResponseParser.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../../../../lib/idx/idxState/v1/idxResponseParser.ts"],"names":["SKIP_FIELDS","field","parseNonRemediations","authClient","idxResponse","toPersist","actions","context","forEach","fieldIsObject","rel","name","value","fieldValue","type","info","subField","expandRelatesTo","k","query","Array","isArray","result","path","json","innerValue","convertRemediationAction","remediation","remediationActions","actionFn","action","parseIdxResponse","remediationData","remediations"],"mappings":";;;;;;;;;;;;;;;;AAgBA;;AACA;;AACA;;;;AAEA,MAAMA,WAAW,GAAG,0BAAmB,8BACrC,aADqC,EACtB;AACf,SAFqC,CAE1B;AAF0B,kBAG/BC,KAAD,IAAW,CAAEA,KAAF,EAAS,CAAC,CAAC,iBAAX,CAHqB,CAAnB,CAApB;;AAKO,MAAMC,oBAAoB,GAAG,SAASA,oBAAT,CAA+BC,UAA/B,EAA8DC,WAA9D,EAA2EC,SAAS,GAAG,EAAvF,EAA4F;AAAA;;AAC9H,QAAMC,OAAO,GAAG,EAAhB;AACA,QAAMC,OAAO,GAAG,EAAhB;AAEA,sDAAYH,WAAZ,mBACWH,KAAK,IAAI,CAACD,WAAW,CAACC,KAAD,CADhC,EAEGO,OAFH,CAEYP,KAAK,IAAI;AACjB,UAAMQ,aAAa,GAAG,OAAOL,WAAW,CAACH,KAAD,CAAlB,KAA8B,QAA9B,IAA0C,CAAC,CAACG,WAAW,CAACH,KAAD,CAA7E;;AAEA,QAAK,CAACQ,aAAN,EAAsB;AACpB;AACAF,MAAAA,OAAO,CAACN,KAAD,CAAP,GAAiBG,WAAW,CAACH,KAAD,CAA5B;AACA;AACD;;AAED,QAAKG,WAAW,CAACH,KAAD,CAAX,CAAmBS,GAAxB,EAA8B;AAC5B;AACAJ,MAAAA,OAAO,CAACF,WAAW,CAACH,KAAD,CAAX,CAAmBU,IAApB,CAAP,GAAmC,gCAAkBR,UAAlB,EAA8BC,WAAW,CAACH,KAAD,CAAzC,EAAkDI,SAAlD,CAAnC;AACA;AACD;;AAED,UAAM;AAAEO,MAAAA,KAAK,EAAEC,UAAT;AAAqBC,MAAAA,IAArB;AAA2B,SAAGC;AAA9B,QAAsCX,WAAW,CAACH,KAAD,CAAvD;AACAM,IAAAA,OAAO,CAACN,KAAD,CAAP,GAAiB;AAAEa,MAAAA,IAAF;AAAQ,SAAGC;AAAX,KAAjB,CAhBiB,CAgBkB;;AAEnC,QAAKD,IAAI,KAAK,QAAd,EAAyB;AACvB;AACAP,MAAAA,OAAO,CAACN,KAAD,CAAP,CAAeW,KAAf,GAAuBC,UAAvB;AACA;AACD,KAtBgB,CAwBjB;;;AACAN,IAAAA,OAAO,CAACN,KAAD,CAAP,CAAeW,KAAf,GAAuB,EAAvB;AACA,0BAAeC,UAAf,EACGL,OADH,CACY,CAAC,CAACQ,QAAD,EAAWJ,KAAX,CAAD,KAAuB;AAC/B,UAAIA,KAAK,CAACF,GAAV,EAAe;AAAE;AACf;AACAJ,QAAAA,OAAO,CAAE,GAAEL,KAAM,IAAGe,QAAQ,CAACL,IAAT,IAAiBK,QAAS,EAAvC,CAAP,GAAmD,gCAAkBb,UAAlB,EAA8BS,KAA9B,EAAqCP,SAArC,CAAnD;AACD,OAHD,MAGO;AACL;AACAE,QAAAA,OAAO,CAACN,KAAD,CAAP,CAAeW,KAAf,CAAqBI,QAArB,IAAiCJ,KAAjC;AACD;AACF,KATH;AAUD,GAtCH;AAwCA,SAAO;AAAEL,IAAAA,OAAF;AAAWD,IAAAA;AAAX,GAAP;AACD,CA7CM;;;;AA+CP,MAAMW,eAAe,GAAG,CAACb,WAAD,EAAcQ,KAAd,KAAwB;AAC9C,qBAAYA,KAAZ,EAAmBJ,OAAnB,CAA2BU,CAAC,IAAI;AAC9B,QAAIA,CAAC,KAAK,WAAV,EAAuB;AACrB,YAAMC,KAAK,GAAGC,KAAK,CAACC,OAAN,CAAcT,KAAK,CAACM,CAAD,CAAnB,IAA0BN,KAAK,CAACM,CAAD,CAAL,CAAS,CAAT,CAA1B,GAAwCN,KAAK,CAACM,CAAD,CAA3D;;AACA,UAAI,OAAOC,KAAP,KAAiB,QAArB,EAA+B;AAC7B;AACA,cAAMG,MAAM,GAAG,4BAAS;AAAEC,UAAAA,IAAI,EAAEJ,KAAR;AAAeK,UAAAA,IAAI,EAAEpB;AAArB,SAAT,EAA6C,CAA7C,CAAf;;AACA,YAAIkB,MAAJ,EAAY;AACVV,UAAAA,KAAK,CAACM,CAAD,CAAL,GAAWI,MAAX;AACA;AACD;AACF;AACF;;AACD,QAAIF,KAAK,CAACC,OAAN,CAAcT,KAAK,CAACM,CAAD,CAAnB,CAAJ,EAA6B;AAC3BN,MAAAA,KAAK,CAACM,CAAD,CAAL,CAASV,OAAT,CAAiBiB,UAAU,IAAIR,eAAe,CAACb,WAAD,EAAcqB,UAAd,CAA9C;AACD;AACF,GAfD;AAgBD,CAjBD;;AAmBA,MAAMC,wBAAwB,GAAG,CAACvB,UAAD,EAAgCwB,WAAhC,EAA6CtB,SAA7C,KAA2D;AAC1F,QAAMuB,kBAAkB,GAAG,qDAA8BzB,UAA9B,EAA0C,CAACwB,WAAD,CAA1C,EAAyDtB,SAAzD,CAA3B;AACA,QAAMwB,QAAQ,GAAGD,kBAAkB,CAACD,WAAW,CAAChB,IAAb,CAAnC;AACA,SAAO,EACL,GAAGgB,WADE;AAELG,IAAAA,MAAM,EAAED;AAFH,GAAP;AAID,CAPD;;AASO,MAAME,gBAAgB,GAAG,SAASA,gBAAT,CAA2B5B,UAA3B,EAA0DC,WAA1D,EAAuEC,SAAS,GAAG,EAAnF,EAI9B;AAAA;;AACA,QAAM2B,eAAe,GAAG,0BAAA5B,WAAW,CAACuB,WAAZ,gFAAyBf,KAAzB,KAAkC,EAA1D;AAEAoB,EAAAA,eAAe,CAACxB,OAAhB,CACEmB,WAAW,IAAIV,eAAe,CAACb,WAAD,EAAcuB,WAAd,CADhC;AAIA,QAAMM,YAAY,GAAG,kBAAAD,eAAe,MAAf,CAAAA,eAAe,EAAKL,WAAW,IAAID,wBAAwB,CAAEvB,UAAF,EAAcwB,WAAd,EAA2BtB,SAA3B,CAA5C,CAApC;AAEA,QAAM;AAAEE,IAAAA,OAAF;AAAWD,IAAAA;AAAX,MAAuBJ,oBAAoB,CAAEC,UAAF,EAAcC,WAAd,EAA2BC,SAA3B,CAAjD;AAEA,SAAO;AACL4B,IAAAA,YADK;AAEL1B,IAAAA,OAFK;AAGLD,IAAAA;AAHK,GAAP;AAKD,CApBM","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable max-len */\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nimport { OktaAuthInterface } from '../../../types'; // auth-js/types\nimport { generateRemediationFunctions } from './remediationParser';\nimport generateIdxAction from './generateIdxAction';\nimport { JSONPath } from 'jsonpath-plus';\n\nconst SKIP_FIELDS = Object.fromEntries([\n 'remediation', // remediations are put into proceed/neededToProceed\n 'context', // the API response of 'context' isn't externally useful. We ignore it and put all non-action (contextual) info into idxState.context\n].map( (field) => [ field, !!'skip this field' ] ));\n\nexport const parseNonRemediations = function parseNonRemediations( authClient: OktaAuthInterface, idxResponse, toPersist = {} ) {\n const actions = {};\n const context = {};\n\n Object.keys(idxResponse)\n .filter( field => !SKIP_FIELDS[field])\n .forEach( field => {\n const fieldIsObject = typeof idxResponse[field] === 'object' && !!idxResponse[field];\n\n if ( !fieldIsObject ) {\n // simple fields are contextual info\n context[field] = idxResponse[field];\n return;\n }\n\n if ( idxResponse[field].rel ) {\n // top level actions\n actions[idxResponse[field].name] = generateIdxAction(authClient, idxResponse[field], toPersist);\n return;\n }\n\n const { value: fieldValue, type, ...info} = idxResponse[field];\n context[field] = { type, ...info}; // add the non-action parts as context\n\n if ( type !== 'object' ) {\n // only object values hold actions\n context[field].value = fieldValue;\n return;\n }\n\n // We are an object field containing an object value\n context[field].value = {};\n Object.entries(fieldValue)\n .forEach( ([subField, value]) => {\n if (value.rel) { // is [field].value[subField] an action?\n // add any \"action\" value subfields to actions\n actions[`${field}-${subField.name || subField}`] = generateIdxAction(authClient, value, toPersist);\n } else {\n // add non-action value subfields to context\n context[field].value[subField] = value;\n }\n });\n });\n\n return { context, actions };\n};\n\nconst expandRelatesTo = (idxResponse, value) => {\n Object.keys(value).forEach(k => {\n if (k === 'relatesTo') {\n const query = Array.isArray(value[k]) ? value[k][0] : value[k];\n if (typeof query === 'string') {\n // eslint-disable-next-line new-cap\n const result = JSONPath({ path: query, json: idxResponse })[0];\n if (result) {\n value[k] = result;\n return;\n }\n }\n }\n if (Array.isArray(value[k])) {\n value[k].forEach(innerValue => expandRelatesTo(idxResponse, innerValue));\n }\n });\n};\n\nconst convertRemediationAction = (authClient: OktaAuthInterface, remediation, toPersist) => {\n const remediationActions = generateRemediationFunctions( authClient, [remediation], toPersist );\n const actionFn = remediationActions[remediation.name];\n return {\n ...remediation,\n action: actionFn,\n };\n};\n\nexport const parseIdxResponse = function parseIdxResponse( authClient: OktaAuthInterface, idxResponse, toPersist = {} ): {\n remediations: IdxRemediation[];\n context: IdxContext;\n actions: IdxActions;\n} {\n const remediationData = idxResponse.remediation?.value || [];\n\n remediationData.forEach(\n remediation => expandRelatesTo(idxResponse, remediation)\n );\n\n const remediations = remediationData.map(remediation => convertRemediationAction( authClient, remediation, toPersist ));\n\n const { context, actions } = parseNonRemediations( authClient, idxResponse, toPersist );\n\n return {\n remediations,\n context,\n actions,\n };\n};\n"],"file":"idxResponseParser.js"}

package/cjs/idx/{idx-js → idxState}/v1/makeIdxState.js RENAMED Viewed

@@ -21,7 +21,8 @@ var _idxResponseParser = require("./idxResponseParser");
  *
  * See the License for the specific language governing permissions and limitations under the License.
  */
-function makeIdxState(idxResponse, toPersist, requestDidSucceed) {
+// auth-js/types
+function makeIdxState(authClient, idxResponse, toPersist, requestDidSucceed) {
   var _rawIdxResponse$succe, _rawIdxResponse$succe2, _rawIdxResponse$succe3;
   const rawIdxResponse = idxResponse;
@@ -29,7 +30,7 @@ function makeIdxState(idxResponse, toPersist, requestDidSucceed) {
     remediations,
     context,
     actions
-  } = (0, _idxResponseParser.parseIdxResponse)(idxResponse, toPersist);
+  } = (0, _idxResponseParser.parseIdxResponse)(authClient, idxResponse, toPersist);
   const neededToProceed = [...remediations];
   const proceed = async function (remediationChoice, paramsFromUser = {}) {

package/cjs/idx/idxState/v1/makeIdxState.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../../../../lib/idx/idxState/v1/makeIdxState.ts"],"names":["makeIdxState","authClient","idxResponse","toPersist","requestDidSucceed","rawIdxResponse","remediations","context","actions","neededToProceed","proceed","remediationChoice","paramsFromUser","remediationChoiceObject","remediation","name","reject","action","findCode","item","interactionCode","successWithInteractionCode","value","rawIdxState"],"mappings":";;;;;;;;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGuE;AAGhE,SAASA,YAAT,CACLC,UADK,EAELC,WAFK,EAGLC,SAHK,EAILC,iBAJK,EAKQ;AAAA;;AACb,QAAMC,cAAc,GAAIH,WAAxB;AACA,QAAM;AAAEI,IAAAA,YAAF;AAAgBC,IAAAA,OAAhB;AAAyBC,IAAAA;AAAzB,MAAqC,yCAAkBP,UAAlB,EAA8BC,WAA9B,EAA2CC,SAA3C,CAA3C;AACA,QAAMM,eAAe,GAAG,CAAC,GAAGH,YAAJ,CAAxB;;AAEA,QAAMI,OAA+B,GAAG,gBAAgBC,iBAAhB,EAAmCC,cAAc,GAAG,EAApD,EAAyD;AAC/F;AACJ;AACA;AACA;AACA;AACA;AACI,UAAMC,uBAAuB,GAAG,mBAAAP,YAAY,MAAZ,CAAAA,YAAY,EAAOQ,WAAD,IAAiBA,WAAW,CAACC,IAAZ,KAAqBJ,iBAA5C,CAA5C;;AACA,QAAK,CAACE,uBAAN,EAAgC;AAC9B,aAAO,iBAAQG,MAAR,CAAgB,gCAA+BL,iBAAkB,GAAjE,CAAP;AACD;;AAED,WAAOE,uBAAuB,CAACI,MAAxB,CAA+BL,cAA/B,CAAP;AACD,GAbD;;AAeA,QAAMM,QAAQ,GAAGC,IAAI,IAAIA,IAAI,CAACJ,IAAL,KAAc,kBAAvC;;AACA,QAAMK,eAAe,4BAAGf,cAAc,CAACgB,0BAAlB,oFAAG,sBAA2CC,KAA9C,qFAAG,wEAAwDJ,QAAxD,CAAH,2DAAG,uBAAoEI,KAA5F;AAEA,SAAO;AACLZ,IAAAA,OADK;AAELD,IAAAA,eAFK;AAGLD,IAAAA,OAHK;AAILD,IAAAA,OAJK;AAKLgB,IAAAA,WAAW,EAAElB,cALR;AAMLe,IAAAA,eANK;AAOLjB,IAAAA,SAPK;AAQLC,IAAAA;AARK,GAAP;AAUD","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { IdxResponse } from '../../types/idx-js';\nimport { OktaAuthInterface, RawIdxResponse } from '../../../types'; // auth-js/types\nimport { parseIdxResponse } from './idxResponseParser';\n\nexport function makeIdxState( \n authClient: OktaAuthInterface,\n idxResponse: RawIdxResponse,\n toPersist,\n requestDidSucceed: boolean\n): IdxResponse {\n const rawIdxResponse = idxResponse;\n const { remediations, context, actions } = parseIdxResponse( authClient, idxResponse, toPersist );\n const neededToProceed = [...remediations];\n\n const proceed: IdxResponse['proceed'] = async function( remediationChoice, paramsFromUser = {} ) {\n /*\n remediationChoice is the name attribute on each form\n name should remain unique for items inside the remediation that are considered forms(identify, select-factor)\n name can be duplicate for items like redirect where its not considered a form(redirect)\n when names are not unique its a redirect to a href, so widget wont POST to idx-js layer.\n */\n const remediationChoiceObject = remediations.find((remediation) => remediation.name === remediationChoice);\n if ( !remediationChoiceObject ) {\n return Promise.reject(`Unknown remediation choice: [${remediationChoice}]`);\n }\n\n return remediationChoiceObject.action(paramsFromUser);\n };\n\n const findCode = item => item.name === 'interaction_code';\n const interactionCode = rawIdxResponse.successWithInteractionCode?.value?.find( findCode )?.value as string;\n\n return {\n proceed,\n neededToProceed,\n actions,\n context,\n rawIdxState: rawIdxResponse,\n interactionCode,\n toPersist,\n requestDidSucceed,\n };\n}\n"],"file":"makeIdxState.js"}

package/cjs/idx/{idx-js → idxState}/v1/parsers.js RENAMED Viewed

@@ -15,6 +15,7 @@ var _makeIdxState = require("./makeIdxState");
  *
  * See the License for the specific language governing permissions and limitations under the License.
  */
+// eslint-disable-next-line @typescript-eslint/ban-ts-comment
 // @ts-nocheck
 var _default = {
   makeIdxState: _makeIdxState.makeIdxState

package/cjs/idx/idxState/v1/parsers.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../../../../lib/idx/idxState/v1/parsers.ts"],"names":["makeIdxState"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;eAGe;AACbA,EAAAA,YAAY,EAAZA;AADa,C","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nimport { makeIdxState } from './makeIdxState';\n\nexport default {\n makeIdxState,\n};\n"],"file":"parsers.js"}

package/cjs/idx/{idx-js → idxState}/v1/remediationParser.js RENAMED Viewed

@@ -21,10 +21,12 @@ var _generateIdxAction = _interopRequireDefault(require("./generateIdxAction"));
  *
  * See the License for the specific language governing permissions and limitations under the License.
  */
+// eslint-disable-next-line @typescript-eslint/ban-ts-comment
 // @ts-nocheck
-const generateRemediationFunctions = function generateRemediationFunctions(remediationValue, toPersist = {}) {
+// auth-js/types
+const generateRemediationFunctions = function generateRemediationFunctions(authClient, remediationValue, toPersist = {}) {
   return (0, _fromEntries.default)((0, _map.default)(remediationValue).call(remediationValue, remediation => {
-    return [remediation.name, (0, _generateIdxAction.default)(remediation, toPersist)];
+    return [remediation.name, (0, _generateIdxAction.default)(authClient, remediation, toPersist)];
   }));
 };

package/cjs/idx/idxState/v1/remediationParser.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../../../../lib/idx/idxState/v1/remediationParser.ts"],"names":["generateRemediationFunctions","authClient","remediationValue","toPersist","remediation","name"],"mappings":";;;;;;;;;;AAeA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACuD;AAGhD,MAAMA,4BAA4B,GAAG,SAASA,4BAAT,CAC1CC,UAD0C,EAE1CC,gBAF0C,EAG1CC,SAAS,GAAG,EAH8B,EAI1C;AACA,SAAO,0BAAoB,kBAAAD,gBAAgB,MAAhB,CAAAA,gBAAgB,EAAME,WAAW,IAAI;AAC9D,WAAO,CACLA,WAAW,CAACC,IADP,EAEL,gCAAkBJ,UAAlB,EAA8BG,WAA9B,EAA2CD,SAA3C,CAFK,CAAP;AAID,GAL0C,CAApC,CAAP;AAMD,CAXM","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nimport { OktaAuthInterface } from '../../../types'; // auth-js/types\nimport generateIdxAction from './generateIdxAction';\n\nexport const generateRemediationFunctions = function generateRemediationFunctions(\n authClient: OktaAuthInterface,\n remediationValue,\n toPersist = {}\n) {\n return Object.fromEntries( remediationValue.map( remediation => {\n return [\n remediation.name,\n generateIdxAction(authClient, remediation, toPersist),\n ];\n }) );\n};\n"],"file":"remediationParser.js"}

package/cjs/idx/interact.js CHANGED Viewed

@@ -1,11 +1,7 @@
 "use strict";
-var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
 exports.interact = interact;
-var _idxJs = _interopRequireDefault(require("./idx-js"));
 var _transactionMeta = require("./transactionMeta");
 var _oidc = require("../oidc");
@@ -14,6 +10,8 @@ var _ = require(".");
 var _util = require("../util");
+var _http = require("../http");
 /* eslint-disable @typescript-eslint/no-non-null-assertion */
 /*!
@@ -29,6 +27,8 @@ var _util = require("../util");
  */
 /* eslint complexity:[0,8] */
+/* eslint-enable camelcase */
 function getResponse(meta) {
   return {
     meta,
@@ -39,7 +39,7 @@ function getResponse(meta) {
 async function interact(authClient, options = {}) {
-  var _meta;
+  var _meta, _withCredentials;
   options = (0, _util.removeNils)(options);
   let meta = (0, _transactionMeta.getSavedTransactionMeta)(authClient, options); // If meta exists, it has been validated against all options
@@ -65,26 +65,47 @@ async function interact(authClient, options = {}) {
     recoveryToken
   } = meta;
   const clientSecret = options.clientSecret || authClient.options.clientSecret;
-  const interactionHandle = await _idxJs.default.interact({
-    withCredentials,
-    // OAuth
-    clientId,
-    baseUrl,
-    scopes,
-    state,
-    redirectUri,
-    // PKCE
-    codeChallenge,
-    codeChallengeMethod,
-    // Activation
-    activationToken,
-    // Recovery
-    recoveryToken,
+  withCredentials = (_withCredentials = withCredentials) !== null && _withCredentials !== void 0 ? _withCredentials : true;
+  /* eslint-disable camelcase */
+  const url = `${baseUrl}/v1/interact`;
+  const params = {
+    client_id: clientId,
+    scope: scopes.join(' '),
+    redirect_uri: redirectUri,
+    code_challenge: codeChallenge,
+    code_challenge_method: codeChallengeMethod,
+    state
+  };
+  if (activationToken) {
+    params.activation_token = activationToken;
+  }
+  if (recoveryToken) {
+    params.recovery_token = recoveryToken;
+  }
+  if (clientSecret) {
     // X-Device-Token header need to pair with `client_secret`
     // eslint-disable-next-line max-len
     // https://oktawiki.atlassian.net/wiki/spaces/eng/pages/2445902453/Support+Device+Binding+in+interact#Scenario-1%3A-Non-User-Agent-with-Confidential-Client-(top-priority)
-    clientSecret
+    params.client_secret = clientSecret;
+  }
+  /* eslint-enable camelcase */
+  const headers = {
+    'Content-Type': 'application/x-www-form-urlencoded'
+  };
+  const resp = await (0, _http.httpRequest)(authClient, {
+    method: 'POST',
+    url,
+    headers,
+    withCredentials,
+    args: params
   });
+  const interactionHandle = resp.interaction_handle;
   const newMeta = { ...meta,
     interactionHandle,
     // Options which can be passed into interact() should be saved in the meta

package/cjs/idx/interact.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../lib/idx/interact.ts"],"names":["getResponse","meta","interactionHandle","state","interact","authClient","options","baseUrl","clientId","redirectUri","scopes","withCredentials","codeChallenge","codeChallengeMethod","activationToken","recoveryToken","clientSecret","~~idx~~","newMeta"],"mappings":"~~;;;;;;AAaA~~;;~~AAEA~~;;AACA;;AACA;;AACA;;AAlBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;~~AAyBA~~,SAASA,WAAT,CAAqBC,IAArB,EAAiE;AAC/D,SAAO;AACLA,IAAAA,IADK;AAELC,IAAAA,iBAAiB,EAAED,IAAI,CAACC,iBAFnB;AAGLC,IAAAA,KAAK,EAAEF,IAAI,CAACE;AAHP,GAAP;AAKD,C,CAED;;;AACO,eAAeC,QAAf,CACLC,UADK,EAELC,OAAwB,GAAG,EAFtB,EAGsB;AAAA;;AAC3BA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AAEA,MAAIL,IAAI,GAAG,8CAAwBI,UAAxB,EAAoCC,OAApC,CAAX,CAH2B,CAI3B;;AAEA,eAAIL,IAAJ,kCAAI,MAAMC,iBAAV,EAA6B;AAC3B,WAAOF,WAAW,CAACC,IAAD,CAAlB,CAD2B,CACD;AAC3B,GAR0B,CAU3B;;;AACAA,EAAAA,IAAI,GAAG,MAAM,6BAAsBI,UAAtB,EAAkC,EAAE,GAAGJ,IAAL;AAAW,OAAGK;AAAd,GAAlC,CAAb;AACA,QAAMC,OAAO,GAAG,2BAAgBF,UAAhB,CAAhB;AACA,MAAI;AACFG,IAAAA,QADE;AAEFC,IAAAA,WAFE;AAGFN,IAAAA,KAHE;AAIFO,IAAAA,MAJE;AAKFC,IAAAA,eALE;AAMFC,IAAAA,aANE;AAOFC,IAAAA,mBAPE;AAQFC,IAAAA,eARE;AASFC,IAAAA;AATE,MAUAd,IAVJ;AAWA,QAAMe,YAAY,GAAGV,OAAO,CAACU,YAAR,IAAwBX,UAAU,CAACC,OAAX,CAAmBU,YAAhE;AAEA,~~QAAMd~~,~~iBAAiB~~,GAAG,~~MAAMe~~,~~eAAIb~~,~~QAAJ~~,~~CAAa~~;~~AAC3CO~~,IAAAA,~~eAD2C~~;~~AAG3C;AACAH~~,IAAAA,~~QAJ2C~~;~~AAK3CD~~,IAAAA,~~OAL2C~~;~~AAM3CG~~,IAAAA,~~MAN2C~~;~~AAO3CP~~,IAAAA,~~KAP2C~~;~~AAQ3CM~~,IAAAA,~~WAR2C~~;~~AAU3C~~;~~AACAG~~,IAAAA,~~aAX2C~~;~~AAY3CC~~,~~IAAAA~~,~~mBAZ2C~~;~~AAc3C~~;~~AACAC~~,IAAAA,~~eAf2C~~;~~AAiB3C~~;~~AACAC~~,IAAAA,~~aAlB2C~~;~~AAoB3C~~;~~AACA~~;~~AACA~~;~~AACAC~~,IAAAA;~~AAvB2C~~,~~GAAb~~,~~CAAhC~~;~~AAyBA~~,~~QAAME~~,OAAO,GAAG,EACd,~~GAAGjB~~,IADW;AAEdC,IAAAA,iBAFc;AAId;AACAS,IAAAA,eALc;AAMdR,IAAAA,KANc;AAOdO,IAAAA,MAPc;AAQdK,IAAAA,aARc;AASdD,IAAAA;AATc,GAAhB,~~CAnD2B~~,~~CA8D3B~~;;AACA,4CAAoBT,UAApB,~~EAAgCa~~,OAAhC;AAEA,~~SAAOlB~~,WAAW,~~CAACkB~~,OAAD,CAAlB;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion /\n/!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n \n See the License for the specific language governing permissions and limitations under the License.\n /\n/ eslint complexity:[0,8] */\nimport ~~idx from './idx-js';\nimport~~ { OktaAuthInterface, IdxTransactionMeta } from '../types';\nimport { getSavedTransactionMeta, saveTransactionMeta } from './transactionMeta';\nimport { getOAuthBaseUrl } from '../oidc';\nimport { createTransactionMeta } from '.';\nimport { removeNils } from '../util';\n\nexport interface InteractOptions {\n withCredentials?: boolean;\n state?: string;\n scopes?: string[];\n codeChallenge?: string;\n codeChallengeMethod?: string;\n activationToken?: string;\n recoveryToken?: string;\n clientSecret?: string;\n}\n\nexport interface InteractResponse {\n state?: string;\n interactionHandle: string;\n meta: IdxTransactionMeta;\n}\n\nfunction getResponse(meta: IdxTransactionMeta): InteractResponse {\n return {\n meta,\n interactionHandle: meta.interactionHandle!,\n state: meta.state\n };\n}\n\n// Begin or resume a transaction. Returns an interaction handle\nexport async function interact (\n authClient: OktaAuthInterface, \n options: InteractOptions = {}\n): Promise<InteractResponse> {\n options = removeNils(options);\n\n let meta = getSavedTransactionMeta(authClient, options);\n // If meta exists, it has been validated against all options\n\n if (meta?.interactionHandle) {\n return getResponse(meta); // Saved transaction, return meta\n }\n\n // Create new meta, respecting previous meta if it has been set and is not overridden\n meta = await createTransactionMeta(authClient, { ...meta, ...options });\n const baseUrl = getOAuthBaseUrl(authClient);\n let {\n clientId,\n redirectUri,\n state,\n scopes,\n withCredentials,\n codeChallenge,\n codeChallengeMethod,\n activationToken,\n recoveryToken,\n } = meta as IdxTransactionMeta;\n const clientSecret = options.clientSecret \|\| authClient.options.clientSecret;\n\n const ~~interactionHandle~~ = ~~await~~ ~~idx.interact(~~{\n ~~withCredentials,\n\n //~~ ~~OAuth\n~~ clientId~~, \n baseUrl~~,\n scopes,\n ~~state,\n~~ redirectUri,\n\n // ~~PKCE\n~~ codeChallenge,\n codeChallengeMethod,\n\n // ~~Activation~~\n activationToken,\n \n // ~~Recovery~~\n recoveryToken,\n\n // X-Device-Token header need to pair with `client_secret`\n // eslint-disable-next-line max-len\n // https://oktawiki.atlassian.net/wiki/spaces/eng/pages/2445902453/Support+Device+Binding+in+interact#Scenario-1%3A-Non-User-Agent-with-Confidential-Client-(top-priority)\n clientSecret\n });\n const newMeta = {\n ...meta,\n interactionHandle,\n \n // Options which can be passed into interact() should be saved in the meta\n withCredentials,\n state,\n scopes,\n recoveryToken,\n activationToken\n };\n // Save transaction meta so it can be resumed\n saveTransactionMeta(authClient, newMeta);\n\n return getResponse(newMeta);\n}\n"],"file":"interact.js"}
1	+ {"version":3,"sources":["../../../lib/idx/interact.ts"],"names":["getResponse","meta","interactionHandle","state","interact","authClient","options","baseUrl","clientId","redirectUri","scopes","withCredentials","codeChallenge","codeChallengeMethod","activationToken","recoveryToken","clientSecret","url","params","client_id","scope","join","redirect_uri","code_challenge","code_challenge_method","activation_token","recovery_token","client_secret","headers","resp","method","args","interaction_handle","newMeta"],"mappings":";;;;AAcA;;AACA;;AACA;;AACA;;AACA;;AAlBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AAqCA;AAEA,SAASA,WAAT,CAAqBC,IAArB,EAAiE;AAC/D,SAAO;AACLA,IAAAA,IADK;AAELC,IAAAA,iBAAiB,EAAED,IAAI,CAACC,iBAFnB;AAGLC,IAAAA,KAAK,EAAEF,IAAI,CAACE;AAHP,GAAP;AAKD,C,CAED;;;AACO,eAAeC,QAAf,CACLC,UADK,EAELC,OAAwB,GAAG,EAFtB,EAGsB;AAAA;;AAC3BA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AAEA,MAAIL,IAAI,GAAG,8CAAwBI,UAAxB,EAAoCC,OAApC,CAAX,CAH2B,CAI3B;;AAEA,eAAIL,IAAJ,kCAAI,MAAMC,iBAAV,EAA6B;AAC3B,WAAOF,WAAW,CAACC,IAAD,CAAlB,CAD2B,CACD;AAC3B,GAR0B,CAU3B;;;AACAA,EAAAA,IAAI,GAAG,MAAM,6BAAsBI,UAAtB,EAAkC,EAAE,GAAGJ,IAAL;AAAW,OAAGK;AAAd,GAAlC,CAAb;AACA,QAAMC,OAAO,GAAG,2BAAgBF,UAAhB,CAAhB;AACA,MAAI;AACFG,IAAAA,QADE;AAEFC,IAAAA,WAFE;AAGFN,IAAAA,KAHE;AAIFO,IAAAA,MAJE;AAKFC,IAAAA,eALE;AAMFC,IAAAA,aANE;AAOFC,IAAAA,mBAPE;AAQFC,IAAAA,eARE;AASFC,IAAAA;AATE,MAUAd,IAVJ;AAWA,QAAMe,YAAY,GAAGV,OAAO,CAACU,YAAR,IAAwBX,UAAU,CAACC,OAAX,CAAmBU,YAAhE;AACAL,EAAAA,eAAe,uBAAGA,eAAH,+DAAsB,IAArC;AAEA;;AACA,QAAMM,GAAG,GAAI,GAAEV,OAAQ,cAAvB;AACA,QAAMW,MAAM,GAAG;AACbC,IAAAA,SAAS,EAAEX,QADE;AAEbY,IAAAA,KAAK,EAAEV,MAAM,CAACW,IAAP,CAAY,GAAZ,CAFM;AAGbC,IAAAA,YAAY,EAAEb,WAHD;AAIbc,IAAAA,cAAc,EAAEX,aAJH;AAKbY,IAAAA,qBAAqB,EAAEX,mBALV;AAMbV,IAAAA;AANa,GAAf;;AAQA,MAAIW,eAAJ,EAAqB;AACnBI,IAAAA,MAAM,CAACO,gBAAP,GAA0BX,eAA1B;AACD;;AACD,MAAIC,aAAJ,EAAmB;AACjBG,IAAAA,MAAM,CAACQ,cAAP,GAAwBX,aAAxB;AACD;;AACD,MAAIC,YAAJ,EAAkB;AAClB;AACA;AACA;AACEE,IAAAA,MAAM,CAACS,aAAP,GAAuBX,YAAvB;AACD;AACD;;;AAEA,QAAMY,OAAO,GAAG;AACd,oBAAgB;AADF,GAAhB;AAIA,QAAMC,IAAI,GAAG,MAAM,uBAAYxB,UAAZ,EAAwB;AACzCyB,IAAAA,MAAM,EAAE,MADiC;AAEzCb,IAAAA,GAFyC;AAGzCW,IAAAA,OAHyC;AAIzCjB,IAAAA,eAJyC;AAKzCoB,IAAAA,IAAI,EAAEb;AALmC,GAAxB,CAAnB;AAOA,QAAMhB,iBAAiB,GAAG2B,IAAI,CAACG,kBAA/B;AAEA,QAAMC,OAAO,GAAG,EACd,GAAGhC,IADW;AAEdC,IAAAA,iBAFc;AAId;AACAS,IAAAA,eALc;AAMdR,IAAAA,KANc;AAOdO,IAAAA,MAPc;AAQdK,IAAAA,aARc;AASdD,IAAAA;AATc,GAAhB,CAhE2B,CA2E3B;;AACA,4CAAoBT,UAApB,EAAgC4B,OAAhC;AAEA,SAAOjC,WAAW,CAACiC,OAAD,CAAlB;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion /\n/!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n \n See the License for the specific language governing permissions and limitations under the License.\n /\n/ eslint complexity:[0,8] /\nimport { OktaAuthInterface, IdxTransactionMeta } from '../types';\nimport { getSavedTransactionMeta, saveTransactionMeta } from './transactionMeta';\nimport { getOAuthBaseUrl } from '../oidc';\nimport { createTransactionMeta } from '.';\nimport { removeNils } from '../util';\nimport { httpRequest } from '../http';\n\nexport interface InteractOptions {\n withCredentials?: boolean;\n state?: string;\n scopes?: string[];\n codeChallenge?: string;\n codeChallengeMethod?: string;\n activationToken?: string;\n recoveryToken?: string;\n clientSecret?: string;\n}\n\nexport interface InteractResponse {\n state?: string;\n interactionHandle: string;\n meta: IdxTransactionMeta;\n}\n\n/ eslint-disable camelcase /\nexport interface InteractParams {\n client_id: string;\n scope: string;\n redirect_uri: string;\n code_challenge: string;\n code_challenge_method: string;\n state: string;\n activation_token?: string;\n recovery_token?: string;\n client_secret?: string;\n}\n/ eslint-enable camelcase /\n\nfunction getResponse(meta: IdxTransactionMeta): InteractResponse {\n return {\n meta,\n interactionHandle: meta.interactionHandle!,\n state: meta.state\n };\n}\n\n// Begin or resume a transaction. Returns an interaction handle\nexport async function interact (\n authClient: OktaAuthInterface, \n options: InteractOptions = {}\n): Promise<InteractResponse> {\n options = removeNils(options);\n\n let meta = getSavedTransactionMeta(authClient, options);\n // If meta exists, it has been validated against all options\n\n if (meta?.interactionHandle) {\n return getResponse(meta); // Saved transaction, return meta\n }\n\n // Create new meta, respecting previous meta if it has been set and is not overridden\n meta = await createTransactionMeta(authClient, { ...meta, ...options });\n const baseUrl = getOAuthBaseUrl(authClient);\n let {\n clientId,\n redirectUri,\n state,\n scopes,\n withCredentials,\n codeChallenge,\n codeChallengeMethod,\n activationToken,\n recoveryToken,\n } = meta as IdxTransactionMeta;\n const clientSecret = options.clientSecret \|\| authClient.options.clientSecret;\n withCredentials = withCredentials ?? true;\n\n / eslint-disable camelcase /\n const url = `${baseUrl}/v1/interact`;\n const params = {\n client_id: clientId,\n scope: scopes.join(' '),\n redirect_uri: redirectUri,\n code_challenge: codeChallenge,\n code_challenge_method: codeChallengeMethod,\n state,\n } as InteractParams;\n if (activationToken) {\n params.activation_token = activationToken;\n }\n if (recoveryToken) {\n params.recovery_token = recoveryToken;\n }\n if (clientSecret) {\n // X-Device-Token header need to pair with `client_secret`\n // eslint-disable-next-line max-len\n // https://oktawiki.atlassian.net/wiki/spaces/eng/pages/2445902453/Support+Device+Binding+in+interact#Scenario-1%3A-Non-User-Agent-with-Confidential-Client-(top-priority)\n params.client_secret = clientSecret;\n }\n / eslint-enable camelcase */\n\n const headers = {\n 'Content-Type': 'application/x-www-form-urlencoded',\n };\n\n const resp = await httpRequest(authClient, {\n method: 'POST',\n url,\n headers,\n withCredentials,\n args: params\n });\n const interactionHandle = resp.interaction_handle;\n\n const newMeta = {\n ...meta,\n interactionHandle,\n \n // Options which can be passed into interact() should be saved in the meta\n withCredentials,\n state,\n scopes,\n recoveryToken,\n activationToken\n };\n // Save transaction meta so it can be resumed\n saveTransactionMeta(authClient, newMeta);\n\n return getResponse(newMeta);\n}\n"],"file":"interact.js"}

package/cjs/idx/introspect.js CHANGED Viewed

@@ -1,17 +1,21 @@
 "use strict";
-var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
 exports.introspect = introspect;
-var _idxJs = _interopRequireDefault(require("./idx-js"));
+var _idxState = require("./idxState");
-var _idxJs2 = require("./types/idx-js");
+var _idxJs = require("./types/idx-js");
 var _oidc = require("../oidc");
 var _constants = require("../constants");
+var _http = require("../http");
+var _errors = require("../errors");
+/* eslint-disable complexity */
 /*!
  * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -36,19 +40,40 @@ async function introspect(authClient, options = {}) {
   if (!rawIdxResponse) {
+    var _options$withCredenti;
     const version = options.version || _constants.IDX_API_VERSION;
     const domain = (0, _oidc.getOAuthDomain)(authClient);
+    const {
+      interactionHandle,
+      stateHandle
+    } = options;
+    const withCredentials = (_options$withCredenti = options.withCredentials) !== null && _options$withCredenti !== void 0 ? _options$withCredenti : true;
     try {
-      rawIdxResponse = await _idxJs.default.introspect({
-        domain,
-        ...options,
-        version
-      });
       requestDidSucceed = true;
+      (0, _idxState.validateVersionConfig)(version);
+      const url = `${domain}/idp/idx/introspect`;
+      const body = stateHandle ? {
+        stateToken: stateHandle
+      } : {
+        interactionHandle
+      };
+      const headers = {
+        'Content-Type': `application/ion+json; okta-version=${version}`,
+        // Server wants this version info
+        Accept: `application/ion+json; okta-version=${version}`
+      };
+      rawIdxResponse = await (0, _http.httpRequest)(authClient, {
+        method: 'POST',
+        url,
+        headers,
+        withCredentials,
+        args: body
+      });
     } catch (err) {
-      if ((0, _idxJs2.isRawIdxResponse)(err)) {
-        rawIdxResponse = err;
+      if ((0, _errors.isAuthApiError)(err) && err.xhr && (0, _idxJs.isRawIdxResponse)(err.xhr.responseJSON)) {
+        rawIdxResponse = err.xhr.responseJSON;
         requestDidSucceed = false;
       } else {
         throw err;
@@ -59,7 +84,7 @@ async function introspect(authClient, options = {}) {
   const {
     withCredentials
   } = options;
-  return _idxJs.default.makeIdxState(rawIdxResponse, {
+  return (0, _idxState.makeIdxState)(authClient, rawIdxResponse, {
     withCredentials
   }, requestDidSucceed);
 }

package/cjs/idx/introspect.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../lib/idx/introspect.ts"],"names":["introspect","authClient","options","rawIdxResponse","requestDidSucceed","savedIdxResponse","transactionManager","loadIdxResponse","version","IDX_API_VERSION","domain","~~idx~~","~~err~~","withCredentials","~~makeIdxState~~"],"mappings":"~~;;;;;;AAYA~~;;AAEA;;AACA;;AACA;;~~AAhBA~~;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;~~AAeO~~,eAAeA,UAAf,CACLC,UADK,EAELC,OAA0B,GAAG,EAFxB,EAGiB;AACtB,MAAIC,cAAJ;AACA,MAAIC,iBAAJ,CAFsB,CAItB;;AACA,QAAMC,gBAAgB,GAAGJ,UAAU,CAACK,kBAAX,CAA8BC,eAA9B,EAAzB;;AACA,MAAIF,gBAAJ,EAAsB;AACpBF,IAAAA,cAAc,GAAGE,gBAAgB,CAACF,cAAlC;AACAC,IAAAA,iBAAiB,GAAGC,gBAAgB,CAACD,iBAArC;AACD,GATqB,CAWtB;;;AACA,MAAI,CAACD,cAAL,EAAqB;AACnB,UAAMK,OAAO,GAAGN,OAAO,CAACM,OAAR,IAAmBC,0BAAnC;AACA,UAAMC,MAAM,GAAG,0BAAeT,UAAf,CAAf;;AACA,QAAI;~~AACFE~~,MAAAA,~~cAAc~~,GAAG,~~MAAMQ~~,~~eAAIX~~,~~UAAJ~~,~~CAAe~~;~~AAAEU~~,QAAAA,~~MAAF~~;~~AAAU~~,~~WAAGR~~,~~OAAb~~;~~AAAsBM~~,QAAAA;~~AAAtB~~,~~OAAf~~,~~CAAvB~~;~~AACAJ~~,MAAAA,~~iBAAiB~~,GAAG,~~IAApB~~;~~AACD~~,~~KAHD~~,~~CAGE~~,~~OAAOQ~~,GAAP,EAAY;AACZ,UAAI,~~8BAAiBA~~,~~GAAjB~~,~~CAAJ~~,~~EAA2B~~;~~AACzBT~~,QAAAA,cAAc,~~GAAGS~~,~~GAAjB~~;~~AACAR~~,QAAAA,iBAAiB,GAAG,KAApB;AACD,OAHD,MAGO;AACL,~~cAAMQ~~,GAAN;AACD;AACF;AACF;;AAED,QAAM;~~AAAEC~~,IAAAA;AAAF,MAAsBX,OAA5B;AACA,~~SAAOS~~,~~eAAIG~~,~~YAAJ~~,~~CAAiBX~~,~~cAAjB~~,~~EAAiC~~;AAAEU,IAAAA;AAAF,~~GAAjC~~,~~EAAsDT~~,~~iBAAtD~~,CAAP;AACD","sourcesContent":["/!\n Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n \n See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport ~~idx~~ from './~~idx-js~~';\nimport { OktaAuthInterface } from '../types';\nimport { IdxResponse, isRawIdxResponse } from './types/idx-js';\nimport { getOAuthDomain } from '../oidc';\nimport { IDX_API_VERSION } from '../constants';\n\nexport interface IntrospectOptions {\n withCredentials?: boolean;\n interactionHandle?: string;\n stateHandle?: string;\n version?: string;\n}\n\nexport async function introspect (\n authClient: OktaAuthInterface, \n options: IntrospectOptions = {}\n): Promise<IdxResponse> {\n let rawIdxResponse;\n let requestDidSucceed;\n\n // try load from storage first\n const savedIdxResponse = authClient.transactionManager.loadIdxResponse();\n if (savedIdxResponse) {\n rawIdxResponse = savedIdxResponse.rawIdxResponse;\n requestDidSucceed = savedIdxResponse.requestDidSucceed;\n }\n\n // call idx.introspect if no existing idx response available in storage\n if (!rawIdxResponse) {\n const version = options.version \|\| IDX_API_VERSION;\n const domain = getOAuthDomain(authClient);\n try {\n ~~rawIdxResponse~~ = ~~await~~ idx.introspect({ ~~domain,~~ ~~...options,~~ version });\n ~~requestDidSucceed~~ = ~~true~~;\n } catch (err) {\n if (isRawIdxResponse(err)) {\n rawIdxResponse = err;\n requestDidSucceed = false;\n } else {\n throw err;\n }\n }\n }\n\n const { withCredentials } = options;\n return ~~idx.~~makeIdxState(rawIdxResponse, { withCredentials }, requestDidSucceed);\n}\n"],"file":"introspect.js"}
1	+ {"version":3,"sources":["../../../lib/idx/introspect.ts"],"names":["introspect","authClient","options","rawIdxResponse","requestDidSucceed","savedIdxResponse","transactionManager","loadIdxResponse","version","IDX_API_VERSION","domain","interactionHandle","stateHandle","withCredentials","url","body","stateToken","headers","Accept","method","args","err","xhr","responseJSON"],"mappings":";;;;AAaA;;AAEA;;AACA;;AACA;;AACA;;AACA;;AAnBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAiBO,eAAeA,UAAf,CACLC,UADK,EAELC,OAA0B,GAAG,EAFxB,EAGiB;AACtB,MAAIC,cAAJ;AACA,MAAIC,iBAAJ,CAFsB,CAItB;;AACA,QAAMC,gBAAgB,GAAGJ,UAAU,CAACK,kBAAX,CAA8BC,eAA9B,EAAzB;;AACA,MAAIF,gBAAJ,EAAsB;AACpBF,IAAAA,cAAc,GAAGE,gBAAgB,CAACF,cAAlC;AACAC,IAAAA,iBAAiB,GAAGC,gBAAgB,CAACD,iBAArC;AACD,GATqB,CAWtB;;;AACA,MAAI,CAACD,cAAL,EAAqB;AAAA;;AACnB,UAAMK,OAAO,GAAGN,OAAO,CAACM,OAAR,IAAmBC,0BAAnC;AACA,UAAMC,MAAM,GAAG,0BAAeT,UAAf,CAAf;AACA,UAAM;AAAEU,MAAAA,iBAAF;AAAqBC,MAAAA;AAArB,QAAqCV,OAA3C;AACA,UAAMW,eAAe,4BAAGX,OAAO,CAACW,eAAX,yEAA8B,IAAnD;;AACA,QAAI;AACFT,MAAAA,iBAAiB,GAAG,IAApB;AACA,2CAAsBI,OAAtB;AACA,YAAMM,GAAG,GAAI,GAAEJ,MAAO,qBAAtB;AACA,YAAMK,IAAI,GAAGH,WAAW,GAAG;AAAEI,QAAAA,UAAU,EAAEJ;AAAd,OAAH,GAAiC;AAAED,QAAAA;AAAF,OAAzD;AACA,YAAMM,OAAO,GAAG;AACd,wBAAiB,sCAAqCT,OAAQ,EADhD;AACmD;AACjEU,QAAAA,MAAM,EAAG,sCAAqCV,OAAQ;AAFxC,OAAhB;AAIAL,MAAAA,cAAc,GAAG,MAAM,uBAAYF,UAAZ,EAAwB;AAC7CkB,QAAAA,MAAM,EAAE,MADqC;AAE7CL,QAAAA,GAF6C;AAG7CG,QAAAA,OAH6C;AAI7CJ,QAAAA,eAJ6C;AAK7CO,QAAAA,IAAI,EAAEL;AALuC,OAAxB,CAAvB;AAOD,KAhBD,CAgBE,OAAOM,GAAP,EAAY;AACZ,UAAI,4BAAeA,GAAf,KAAuBA,GAAG,CAACC,GAA3B,IAAkC,6BAAiBD,GAAG,CAACC,GAAJ,CAAQC,YAAzB,CAAtC,EAA8E;AAC5EpB,QAAAA,cAAc,GAAGkB,GAAG,CAACC,GAAJ,CAAQC,YAAzB;AACAnB,QAAAA,iBAAiB,GAAG,KAApB;AACD,OAHD,MAGO;AACL,cAAMiB,GAAN;AACD;AACF;AACF;;AAED,QAAM;AAAER,IAAAA;AAAF,MAAsBX,OAA5B;AACA,SAAO,4BAAaD,UAAb,EAAyBE,cAAzB,EAAyC;AAAEU,IAAAA;AAAF,GAAzC,EAA8DT,iBAA9D,CAAP;AACD","sourcesContent":["/* eslint-disable complexity /\n/!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n \n See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { makeIdxState, validateVersionConfig } from './idxState';\nimport { OktaAuthInterface } from '../types';\nimport { IdxResponse, isRawIdxResponse } from './types/idx-js';\nimport { getOAuthDomain } from '../oidc';\nimport { IDX_API_VERSION } from '../constants';\nimport { httpRequest } from '../http';\nimport { isAuthApiError } from '../errors';\n\nexport interface IntrospectOptions {\n withCredentials?: boolean;\n interactionHandle?: string;\n stateHandle?: string;\n version?: string;\n}\n\nexport async function introspect (\n authClient: OktaAuthInterface, \n options: IntrospectOptions = {}\n): Promise<IdxResponse> {\n let rawIdxResponse;\n let requestDidSucceed;\n\n // try load from storage first\n const savedIdxResponse = authClient.transactionManager.loadIdxResponse();\n if (savedIdxResponse) {\n rawIdxResponse = savedIdxResponse.rawIdxResponse;\n requestDidSucceed = savedIdxResponse.requestDidSucceed;\n }\n\n // call idx.introspect if no existing idx response available in storage\n if (!rawIdxResponse) {\n const version = options.version \|\| IDX_API_VERSION;\n const domain = getOAuthDomain(authClient);\n const { interactionHandle, stateHandle } = options;\n const withCredentials = options.withCredentials ?? true;\n try {\n requestDidSucceed = true;\n validateVersionConfig(version);\n const url = `${domain}/idp/idx/introspect`;\n const body = stateHandle ? { stateToken: stateHandle } : { interactionHandle };\n const headers = {\n 'Content-Type': `application/ion+json; okta-version=${version}`, // Server wants this version info\n Accept: `application/ion+json; okta-version=${version}`,\n };\n rawIdxResponse = await httpRequest(authClient, {\n method: 'POST',\n url,\n headers,\n withCredentials,\n args: body\n });\n } catch (err) {\n if (isAuthApiError(err) && err.xhr && isRawIdxResponse(err.xhr.responseJSON)) {\n rawIdxResponse = err.xhr.responseJSON;\n requestDidSucceed = false;\n } else {\n throw err;\n }\n }\n }\n\n const { withCredentials } = options;\n return makeIdxState(authClient, rawIdxResponse, { withCredentials }, requestDidSucceed);\n}\n"],"file":"introspect.js"}