@okta/okta-auth-js 6.4.0 → 6.4.3

package/CHANGELOG.md

@@ -1,5 +1,25 @@
 # Changelog
 
+## 6.4.3
+
+### Fixes
+
+- [#1182](https://github.com/okta/okta-auth-js/pull/1182) Fixes security question verification to accept `credentials.answer`
+- [#1184](https://github.com/okta/okta-auth-js/pull/1184) Fixes type declarations: `ApiError`, `responseType`, `responseMode`
+- [#1185](https://github.com/okta/okta-auth-js/pull/1185) Fixes "cancel" and "skip" action called after receiving a terminal or error response
+
+## 6.4.2
+
+### Fixes
+
+- [#1180](https://github.com/okta/okta-auth-js/pull/1180) Fixes commonjs bundle `dynamic import` transpiling issue
+
+## 6.4.1
+
+### Fixes
+
+[#1177](https://github.com/okta/okta-auth-js/pull/1177) - fixes issue with repeated calls to `oktaAuth.start()`
+
 ## 6.4
 
 ### Features

package/cjs/OktaAuth.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../lib/OktaAuth.ts"],"names":["OktaAuth","constructor","args","features","options","storageManager","StorageManager","cookies","storageUtil","transactionManager","TransactionManager","_oktaUserAgent","OktaUserAgent","tx","status","transactionStatus","bind","resume","resumeTransaction","exists","transactionExists","_get","name","storage","get","introspect","introspectAuthn","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","getPKCEStorage","getLegacyPKCEStorage","getHttpCache","_pending","handleLogin","redirectUri","window","location","origin","maxClockSkew","DEFAULT_MAX_CLOCK_SKEW","ignoreLifetime","session","close","closeSession","sessionExists","getSession","refresh","refreshSession","setCookieAndRedirect","_tokenQueue","PromiseQueue","useQueue","method","prototype","push","getWithRedirectFn","getWithRedirect","getWithRedirectApi","_setLocation","url","parseFromUrlFn","parseFromUrl","parseFromUrlApi","_getHistory","history","_getLocation","_getDocument","document","token","prepareTokenParams","exchangeCodeForTokens","getWithoutPrompt","getWithPopup","decode","decodeToken","revoke","revokeToken","renew","renewToken","renewTokensWithRefresh","renewTokens","getUserInfo","verify","verifyToken","isLoginRedirect","syncMethods","forEach","key","boundStartTransaction","startTransaction","idx","interact","authenticate","register","start","poll","proceed","cancel","recoverPassword","handleInteractionCodeRedirect","isInteractionRequired","isInteractionRequiredError","handleEmailVerifyCallback","isEmailVerifyCallback","parseEmailVerifyCallback","isEmailVerifyCallbackError","getSavedTransactionMeta","createTransactionMeta","getTransactionMeta","saveTransactionMeta","clearTransactionMeta","isTransactionMetaValid","setFlow","flow","getFlow","canProceed","unlockAccount","http","setRequestHeader","fingerprint","emitter","Emitter","tokenManager","TokenManager","authStateManager","AuthStateManager","serviceManager","ServiceManager","services","updateAuthState","stop","setHeaders","headers","signIn","opts","signInWithCredentials","_postToTransaction","sendFingerprint","then","signInWithRedirect","originalUri","additionalParams","setOriginalUri","params","scopes","clear","catch","e","errorCode","revokeAccessToken","accessToken","getTokens","accessTokenKey","getStorageKeyByType","remove","resolve","revokeRefreshToken","refreshToken","refreshTokenKey","getSignOutRedirectUrl","idToken","postLogoutRedirectUri","state","getTokensSync","logoutUrl","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","currentUri","href","reload","assign","clearTokensBeforeRedirect","addPendingRemoveFlags","webfinger","isAuthenticated","autoRenew","autoRemove","getOptions","shouldRenew","onExpiredToken","shouldRemove","hasExpired","undefined","getUser","getIdToken","getAccessToken","getRefreshToken","storeTokensFromRedirect","tokens","setTokens","sessionStorage","browserStorage","getSessionStorage","setItem","REFERRER_PATH_STORAGE_KEY","sharedStorage","getOriginalUriStorage","getOriginalUri","getItem","removeOriginalUri","removeItem","handleLoginRedirect","oAuthResponse","restoreOriginalUri","replace","isPKCE","hasResponseType","responseType","Array","isArray","length","isAuthorizationCodeFlow","getIssuerOrigin","issuer","split","forgotPassword","verifyRecoveryToken","invokeApiMethod","crypto","webauthn","constants"],"mappings":";;;;;;;;;;;;;;;;;;;;AAeA;;AAuCA;;AAQA;;AACA;;AAOA;;AAmBA;;AAEA;;AACA;;AACA;;AACA;;AAKA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAkBA;;AACA;;AACA;;AAWA;;;;;;AA3IA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AA2HA;AACA;AACA;AAGA,MAAMA,QAAN,CAAmE;AAsBjEC,EAAAA,WAAW,CAACC,IAAD,EAAwB;AAAA,oDAXXC,QAWW;AACjC,UAAMC,OAAO,GAAG,KAAKA,OAAL,GAAe,2BAAaF,IAAb,CAA/B,CADiC,CAEjC;;AACA,SAAKG,cAAL,GAAsB,IAAIC,8BAAJ,CAAmBF,OAAO,CAACC,cAA3B,EAA4CD,OAAO,CAACG,OAApD,EAA8DH,OAAO,CAACI,WAAtE,CAAtB;AACA,SAAKC,kBAAL,GAA0B,IAAIC,2BAAJ,CAAuB,qBAAc;AAC7DL,MAAAA,cAAc,EAAE,KAAKA;AADwC,KAAd,EAE9CD,OAAO,CAACK,kBAFsC,CAAvB,CAA1B;AAGA,SAAKE,cAAL,GAAsB,IAAIC,4BAAJ,EAAtB;AAEA,SAAKC,EAAL,GAAU;AACRC,MAAAA,MAAM,EAAEC,sBAAkBC,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CADA;AAERC,MAAAA,MAAM,EAAEC,sBAAkBF,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAFA;AAGRG,MAAAA,MAAM,EAAE,qBAAcC,sBAAkBJ,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAAd,EAAkD;AACxDK,QAAAA,IAAI,EAAGC,IAAD,IAAU;AACd;AACA,gBAAMC,OAAO,GAAGnB,OAAO,CAACI,WAAR,CAAqBe,OAArC;AACA,iBAAOA,OAAO,CAACC,GAAR,CAAYF,IAAZ,CAAP;AACD;AALuD,OAAlD,CAHA;AAURG,MAAAA,UAAU,EAAEC,oBAAgBV,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAVJ,KAAV;AAaA,SAAKW,IAAL,GAAY;AACVC,MAAAA,6BAA6B,EAAEC,cAAKD,6BAD1B;AAEVE,MAAAA,gBAAgB,EAAED,cAAKC,gBAFb;AAGVC,MAAAA,gBAAgB,EAAEF,cAAKE;AAHb,KAAZ,CAtBiC,CA4BjC;;AACA,yBAAc,KAAK3B,OAAL,CAAaI,WAA3B,EAAwC;AACtCwB,MAAAA,cAAc,EAAE,KAAK3B,cAAL,CAAoB4B,oBAApB,CAAyCjB,IAAzC,CAA8C,KAAKX,cAAnD,CADsB;AAEtC6B,MAAAA,YAAY,EAAE,KAAK7B,cAAL,CAAoB6B,YAApB,CAAiClB,IAAjC,CAAsC,KAAKX,cAA3C;AAFwB,KAAxC;AAKA,SAAK8B,QAAL,GAAgB;AAAEC,MAAAA,WAAW,EAAE;AAAf,KAAhB;;AAEA,QAAI,yBAAJ,EAAiB;AACf,WAAKhC,OAAL,GAAe,qBAAc,KAAKA,OAAnB,EAA4B;AACzCiC,QAAAA,WAAW,EAAE,yBAAcnC,IAAI,CAACmC,WAAnB,EAAgCC,MAAM,CAACC,QAAP,CAAgBC,MAAhD,CAD4B,CAC6B;;AAD7B,OAA5B,CAAf;AAGD,KAxCgC,CA0CjC;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,QAAI,CAACtC,IAAI,CAACuC,YAAN,IAAsBvC,IAAI,CAACuC,YAAL,KAAsB,CAAhD,EAAmD;AACjD,WAAKrC,OAAL,CAAaqC,YAAb,GAA4BC,gCAA5B;AACD,KAFD,MAEO;AACL,WAAKtC,OAAL,CAAaqC,YAAb,GAA4BvC,IAAI,CAACuC,YAAjC;AACD,KArDgC,CAuDjC;AACA;AACA;;;AACA,SAAKrC,OAAL,CAAauC,cAAb,GAA8B,CAAC,CAACzC,IAAI,CAACyC,cAArC;AAEA,SAAKC,OAAL,GAAe;AACbC,MAAAA,KAAK,EAAEC,sBAAa9B,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CADM;AAEbG,MAAAA,MAAM,EAAE4B,uBAAc/B,IAAd,CAAmB,IAAnB,EAAyB,IAAzB,CAFK;AAGbQ,MAAAA,GAAG,EAAEwB,oBAAWhC,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAHQ;AAIbiC,MAAAA,OAAO,EAAEC,wBAAelC,IAAf,CAAoB,IAApB,EAA0B,IAA1B,CAJI;AAKbmC,MAAAA,oBAAoB,EAAEA,8BAAqBnC,IAArB,CAA0B,IAA1B,EAAgC,IAAhC;AALT,KAAf;AAQA,SAAKoC,WAAL,GAAmB,IAAIC,qBAAJ,EAAnB;;AACA,UAAMC,QAAQ,GAAIC,MAAD,IAAY;AAC3B,aAAOF,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4BzC,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAP;AACD,KAFD,CArEiC,CAyEjC;;;AACA,UAAMG,iBAAiB,GAAGJ,QAAQ,CAACK,sBAAgB3C,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAAD,CAAlC;AACA,UAAM4C,kBAAsC,GAAG,qBAAcF,iBAAd,EAAiC;AAC9E;AACAG,MAAAA,YAAY,EAAE,UAASC,GAAT,EAAc;AAC1BxB,QAAAA,MAAM,CAACC,QAAP,GAAkBuB,GAAlB;AACD;AAJ6E,KAAjC,CAA/C,CA3EiC,CAiFjC;;AACA,UAAMC,cAAc,GAAGT,QAAQ,CAACU,mBAAahD,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAAD,CAA/B;AACA,UAAMiD,eAAsC,GAAG,qBAAcF,cAAd,EAA8B;AAC3E;AACAG,MAAAA,WAAW,EAAE,YAAW;AACtB,eAAO5B,MAAM,CAAC6B,OAAd;AACD,OAJ0E;AAM3E;AACAC,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO9B,MAAM,CAACC,QAAd;AACD,OAT0E;AAW3E;AACA8B,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO/B,MAAM,CAACgC,QAAd;AACD;AAd0E,KAA9B,CAA/C;AAgBA,SAAKC,KAAL,GAAa;AACXC,MAAAA,kBAAkB,EAAEA,yBAAmBxD,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CADT;AAEXyD,MAAAA,qBAAqB,EAAEA,4BAAsBzD,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAFZ;AAGX0D,MAAAA,gBAAgB,EAAEA,uBAAiB1D,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAHP;AAIX2D,MAAAA,YAAY,EAAEA,mBAAa3D,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAJH;AAKX2C,MAAAA,eAAe,EAAEC,kBALN;AAMXI,MAAAA,YAAY,EAAEC,eANH;AAOXW,MAAAA,MAAM,EAAEC,iBAPG;AAQXC,MAAAA,MAAM,EAAEC,kBAAY/D,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CARG;AASXgE,MAAAA,KAAK,EAAEC,iBAAWjE,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CATI;AAUXkE,MAAAA,sBAAsB,EAAEA,6BAAuBlE,IAAvB,CAA4B,IAA5B,EAAkC,IAAlC,CAVb;AAWXmE,MAAAA,WAAW,EAAEA,kBAAYnE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAXF;AAYXoE,MAAAA,WAAW,EAAEA,kBAAYpE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAZF;AAaXqE,MAAAA,MAAM,EAAEC,kBAAYtE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAbG;AAcXuE,MAAAA,eAAe,EAAEA,sBAAgBvE,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAdN,KAAb,CAnGiC,CAmHjC;;AACA,UAAMwE,WAAW,GAAG,CAClB;AACA,YAFkB,EAGlB,iBAHkB,EAIlB;AACA,qBALkB,EAMlB,cANkB,CAApB;AAQA,uBAAY,KAAKjB,KAAjB,EAAwBkB,OAAxB,CAAgCC,GAAG,IAAI;AACrC,UAAI,sBAAAF,WAAW,MAAX,CAAAA,WAAW,EAASE,GAAT,CAAX,IAA4B,CAAhC,EAAmC;AAAE;AACnC;AACD;;AACD,UAAInC,MAAM,GAAG,KAAKgB,KAAL,CAAWmB,GAAX,CAAb;AACA,WAAKnB,KAAL,CAAWmB,GAAX,IAAkBrC,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4BzC,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAlB;AACD,KAND,EA5HiC,CAoIjC;;AACA,UAAMoC,qBAAqB,GAAGC,sBAAiB5E,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAA9B;;AACA,SAAK6E,GAAL,GAAW;AACTC,MAAAA,QAAQ,EAAEA,cAAS9E,IAAT,CAAc,IAAd,EAAoB,IAApB,CADD;AAETS,MAAAA,UAAU,EAAEA,gBAAWT,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAFH;AAGT+E,MAAAA,YAAY,EAAEA,kBAAa/E,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAHL;AAITgF,MAAAA,QAAQ,EAAEA,cAAShF,IAAT,CAAc,IAAd,EAAoB,IAApB,CAJD;AAKTiF,MAAAA,KAAK,EAAEN,qBALE;AAMTC,MAAAA,gBAAgB,EAAED,qBANT;AAMgC;AACzCO,MAAAA,IAAI,EAAEA,UAAKlF,IAAL,CAAU,IAAV,EAAgB,IAAhB,CAPG;AAQTmF,MAAAA,OAAO,EAAEA,aAAQnF,IAAR,CAAa,IAAb,EAAmB,IAAnB,CARA;AASToF,MAAAA,MAAM,EAAEA,YAAOpF,IAAP,CAAY,IAAZ,EAAkB,IAAlB,CATC;AAUTqF,MAAAA,eAAe,EAAEA,qBAAgBrF,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAVR;AAYT;AACAsF,MAAAA,6BAA6B,EAAEA,mCAA8BtF,IAA9B,CAAmC,IAAnC,EAAyC,IAAzC,CAbtB;AAeT;AACAuF,MAAAA,qBAAqB,EAAEA,4BAAsBvF,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAhBd;AAiBTwF,MAAAA,0BAA0B,EAA1BA,gCAjBS;AAmBT;AACAC,MAAAA,yBAAyB,EAAEA,+BAA0BzF,IAA1B,CAA+B,IAA/B,EAAqC,IAArC,CApBlB;AAqBT0F,MAAAA,qBAAqB,EAArBA,0BArBS;AAsBTC,MAAAA,wBAAwB,EAAxBA,6BAtBS;AAuBTC,MAAAA,0BAA0B,EAA1BA,+BAvBS;AAyBTC,MAAAA,uBAAuB,EAAEA,yCAAwB7F,IAAxB,CAA6B,IAA7B,EAAmC,IAAnC,CAzBhB;AA0BT8F,MAAAA,qBAAqB,EAAEA,uCAAsB9F,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CA1Bd;AA2BT+F,MAAAA,kBAAkB,EAAEA,oCAAmB/F,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CA3BX;AA4BTgG,MAAAA,mBAAmB,EAAEA,qCAAoBhG,IAApB,CAAyB,IAAzB,EAA+B,IAA/B,CA5BZ;AA6BTiG,MAAAA,oBAAoB,EAAEA,sCAAqBjG,IAArB,CAA0B,IAA1B,EAAgC,IAAhC,CA7Bb;AA8BTkG,MAAAA,sBAAsB,EAAtBA,uCA9BS;AA+BTC,MAAAA,OAAO,EAAGC,IAAD,IAA0B;AACjC,aAAKhH,OAAL,CAAagH,IAAb,GAAoBA,IAApB;AACD,OAjCQ;AAkCTC,MAAAA,OAAO,EAAE,MAAkC;AACzC,eAAO,KAAKjH,OAAL,CAAagH,IAApB;AACD,OApCQ;AAqCTE,MAAAA,UAAU,EAAEA,gBAAWtG,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CArCH;AAsCTuG,MAAAA,aAAa,EAAEA,mBAAcvG,IAAd,CAAmB,IAAnB,EAAyB,IAAzB;AAtCN,KAAX,CAtIiC,CA+KjC;;AACA,SAAKwG,IAAL,GAAY;AACVC,MAAAA,gBAAgB,EAAEA,uBAAiBzG,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AADR,KAAZ,CAhLiC,CAoLjC;;AACA,SAAK0G,WAAL,GAAmBA,qBAAY1G,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAAnB;AAEA,SAAK2G,OAAL,GAAe,IAAIC,oBAAJ,EAAf,CAvLiC,CAyLjC;;AACA,SAAKC,YAAL,GAAoB,IAAIC,0BAAJ,CAAiB,IAAjB,EAAuB5H,IAAI,CAAC2H,YAA5B,CAApB,CA1LiC,CA4LjC;;AACA,SAAKE,gBAAL,GAAwB,IAAIC,kCAAJ,CAAqB,IAArB,CAAxB,CA7LiC,CA+LjC;;AACA,SAAKC,cAAL,GAAsB,IAAIC,8BAAJ,CAAmB,IAAnB,EAAyBhI,IAAI,CAACiI,QAA9B,CAAtB;AACD;;AAEDlC,EAAAA,KAAK,GAAG;AACN;AACA,SAAK4B,YAAL,CAAkB5B,KAAlB;;AACA,QAAI,CAAC,KAAK1B,KAAL,CAAWgB,eAAX,EAAL,EAAmC;AACjC,WAAKwC,gBAAL,CAAsBK,eAAtB;AACD;;AACD,SAAKH,cAAL,CAAoBhC,KAApB;AACD;;AAEDoC,EAAAA,IAAI,GAAG;AACL;AACA,SAAKR,YAAL,CAAkBQ,IAAlB;AACA,SAAKJ,cAAL,CAAoBI,IAApB;AACD;;AAEDC,EAAAA,UAAU,CAACC,OAAD,EAAU;AAClB,SAAKnI,OAAL,CAAamI,OAAb,GAAuB,qBAAc,EAAd,EAAkB,KAAKnI,OAAL,CAAamI,OAA/B,EAAwCA,OAAxC,CAAvB;AACD,GA1OgE,CA6OjE;;;AACY,QAANC,MAAM,CAACC,IAAD,EAAgD;AAC1D,WAAO,KAAKC,qBAAL,CAA2BD,IAA3B,CAAP;AACD,GAhPgE,CAkPjE;;;AAC2B,QAArBC,qBAAqB,CAACD,IAAD,EAA+D;AACxFA,IAAAA,IAAI,GAAG,iBAAMA,IAAI,IAAI,EAAd,CAAP;;AACA,UAAME,kBAAkB,GAAIvI,OAAD,IAAc;AACvC,aAAOqI,IAAI,CAACG,eAAZ;AACA,aAAO,2BAAkB,IAAlB,EAAwB,eAAxB,EAAyCH,IAAzC,EAA+CrI,OAA/C,CAAP;AACD,KAHD;;AAIA,QAAI,CAACqI,IAAI,CAACG,eAAV,EAA2B;AACzB,aAAOD,kBAAkB,EAAzB;AACD;;AACD,WAAO,KAAKjB,WAAL,GACNmB,IADM,CACD,UAASnB,WAAT,EAAsB;AAC1B,aAAOiB,kBAAkB,CAAC;AACxBJ,QAAAA,OAAO,EAAE;AACP,kCAAwBb;AADjB;AADe,OAAD,CAAzB;AAKD,KAPM,CAAP;AAQD;;AAEuB,QAAlBoB,kBAAkB,CAACL,IAA+B,GAAG,EAAnC,EAAuC;AAC7D,UAAM;AAAEM,MAAAA,WAAF;AAAe,SAAGC;AAAlB,QAAuCP,IAA7C;;AACA,QAAG,KAAKtG,QAAL,CAAcC,WAAjB,EAA8B;AAC5B;AACA;AACD;;AAED,SAAKD,QAAL,CAAcC,WAAd,GAA4B,IAA5B;;AACA,QAAI;AACF;AACA,UAAI2G,WAAJ,EAAiB;AACf,aAAKE,cAAL,CAAoBF,WAApB;AACD;;AACD,YAAMG,MAAM,GAAG,qBAAc;AAC3B;AACAC,QAAAA,MAAM,EAAE,KAAK/I,OAAL,CAAa+I,MAAb,IAAuB,CAAC,QAAD,EAAW,OAAX,EAAoB,SAApB;AAFJ,OAAd,EAGZH,gBAHY,CAAf;AAIA,YAAM,KAAKzE,KAAL,CAAWZ,eAAX,CAA2BuF,MAA3B,CAAN;AACD,KAVD,SAUU;AACR,WAAK/G,QAAL,CAAcC,WAAd,GAA4B,KAA5B;AACD;AACF,GA3RgE,CA6RjE;;;AACAU,EAAAA,YAAY,GAAqB;AAC/B,WAAO,KAAKF,OAAL,CAAaC,KAAb,GAAqB;AAArB,KACNgG,IADM,CACD,YAAY;AAChB;AACA,WAAKhB,YAAL,CAAkBuB,KAAlB;AACD,KAJM,EAKNC,KALM,CAKA,UAASC,CAAT,EAAY;AACjB,UAAIA,CAAC,CAAChI,IAAF,KAAW,cAAX,IAA6BgI,CAAC,CAACC,SAAF,KAAgB,UAAjD,EAA6D;AAC3D;AACA,eAAO,IAAP;AACD;;AACD,YAAMD,CAAN;AACD,KAXM,CAAP;AAYD,GA3SgE,CA6SjE;;;AACuB,QAAjBE,iBAAiB,CAACC,WAAD,EAA8C;AACnE,QAAI,CAACA,WAAL,EAAkB;AAChBA,MAAAA,WAAW,GAAG,CAAC,MAAM,KAAK5B,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCD,WAApD;AACA,YAAME,cAAc,GAAG,KAAK9B,YAAL,CAAkB+B,mBAAlB,CAAsC,aAAtC,CAAvB;AACA,WAAK/B,YAAL,CAAkBgC,MAAlB,CAAyBF,cAAzB;AACD,KALkE,CAMnE;;;AACA,QAAI,CAACF,WAAL,EAAkB;AAChB,aAAO,iBAAQK,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKvF,KAAL,CAAWO,MAAX,CAAkB2E,WAAlB,CAAP;AACD,GAzTgE,CA2TjE;;;AACwB,QAAlBM,kBAAkB,CAACC,YAAD,EAAgD;AACtE,QAAI,CAACA,YAAL,EAAmB;AACjBA,MAAAA,YAAY,GAAG,CAAC,MAAM,KAAKnC,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCM,YAArD;AACA,YAAMC,eAAe,GAAG,KAAKpC,YAAL,CAAkB+B,mBAAlB,CAAsC,cAAtC,CAAxB;AACA,WAAK/B,YAAL,CAAkBgC,MAAlB,CAAyBI,eAAzB;AACD,KALqE,CAMtE;;;AACA,QAAI,CAACD,YAAL,EAAmB;AACjB,aAAO,iBAAQF,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKvF,KAAL,CAAWO,MAAX,CAAkBkF,YAAlB,CAAP;AACD;;AAEDE,EAAAA,qBAAqB,CAAC9J,OAAkC,GAAG,EAAtC,EAA0C;AAC7D,QAAI;AACF+J,MAAAA,OADE;AAEFC,MAAAA,qBAFE;AAGFC,MAAAA;AAHE,QAIAjK,OAJJ;;AAKA,QAAI,CAAC+J,OAAL,EAAc;AACZA,MAAAA,OAAO,GAAG,KAAKtC,YAAL,CAAkByC,aAAlB,GAAkCH,OAA5C;AACD;;AACD,QAAI,CAACA,OAAL,EAAc;AACZ,aAAO,EAAP;AACD;;AACD,QAAI,CAACC,qBAAL,EAA4B;AAC1BA,MAAAA,qBAAqB,GAAG,KAAKhK,OAAL,CAAagK,qBAArC;AACD;;AAED,UAAMG,SAAS,GAAG,wBAAa,IAAb,EAAmBA,SAArC;AACA,UAAMC,WAAW,GAAGL,OAAO,CAACA,OAA5B,CAjB6D,CAiBxB;;AACrC,QAAIM,SAAS,GAAGF,SAAS,GAAG,iBAAZ,GAAgCG,kBAAkB,CAACF,WAAD,CAAlE;;AACA,QAAIJ,qBAAJ,EAA2B;AACzBK,MAAAA,SAAS,IAAI,+BAA+BC,kBAAkB,CAACN,qBAAD,CAA9D;AACD,KArB4D,CAsB7D;;;AACA,QAAIC,KAAJ,EAAW;AACTI,MAAAA,SAAS,IAAI,YAAYC,kBAAkB,CAACL,KAAD,CAA3C;AACD;;AAED,WAAOI,SAAP;AACD,GArWgE,CAuWjE;;;AACa,QAAPE,OAAO,CAACvK,OAAD,EAA2B;AACtCA,IAAAA,OAAO,GAAG,qBAAc,EAAd,EAAkBA,OAAlB,CAAV,CADsC,CAGtC;;AACA,QAAIwK,UAAU,GAAGtI,MAAM,CAACC,QAAP,CAAgBC,MAAjC;AACA,QAAIqI,UAAU,GAAGvI,MAAM,CAACC,QAAP,CAAgBuI,IAAjC;AACA,QAAIV,qBAAqB,GAAGhK,OAAO,CAACgK,qBAAR,IACvB,KAAKhK,OAAL,CAAagK,qBADU,IAEvBQ,UAFL;AAIA,QAAInB,WAAW,GAAGrJ,OAAO,CAACqJ,WAA1B;AACA,QAAIO,YAAY,GAAG5J,OAAO,CAAC4J,YAA3B;AACA,QAAIR,iBAAiB,GAAGpJ,OAAO,CAACoJ,iBAAR,KAA8B,KAAtD;AACA,QAAIO,kBAAkB,GAAG3J,OAAO,CAAC2J,kBAAR,KAA+B,KAAxD;;AAEA,QAAIA,kBAAkB,IAAI,OAAOC,YAAP,KAAwB,WAAlD,EAA+D;AAC7DA,MAAAA,YAAY,GAAG,KAAKnC,YAAL,CAAkByC,aAAlB,GAAkCN,YAAjD;AACD;;AAED,QAAIR,iBAAiB,IAAI,OAAOC,WAAP,KAAuB,WAAhD,EAA6D;AAC3DA,MAAAA,WAAW,GAAG,KAAK5B,YAAL,CAAkByC,aAAlB,GAAkCb,WAAhD;AACD;;AAED,QAAI,CAACrJ,OAAO,CAAC+J,OAAb,EAAsB;AACpB/J,MAAAA,OAAO,CAAC+J,OAAR,GAAkB,KAAKtC,YAAL,CAAkByC,aAAlB,GAAkCH,OAApD;AACD;;AAED,QAAIJ,kBAAkB,IAAIC,YAA1B,EAAwC;AACtC,YAAM,KAAKD,kBAAL,CAAwBC,YAAxB,CAAN;AACD;;AAED,QAAIR,iBAAiB,IAAIC,WAAzB,EAAsC;AACpC,YAAM,KAAKD,iBAAL,CAAuBC,WAAvB,CAAN;AACD;;AAED,UAAMgB,SAAS,GAAG,KAAKP,qBAAL,CAA2B,EAAE,GAAG9J,OAAL;AAAcgK,MAAAA;AAAd,KAA3B,CAAlB,CAnCsC,CAoCtC;AACA;;AACA,QAAI,CAACK,SAAL,EAAgB;AACd;AACA,aAAO,KAAK3H,YAAL,GAAoB;AAApB,OACN+F,IADM,CACD,YAAW;AACf,YAAIuB,qBAAqB,KAAKS,UAA9B,EAA0C;AACxCvI,UAAAA,MAAM,CAACC,QAAP,CAAgBwI,MAAhB,GADwC,CACd;AAC3B,SAFD,MAEO;AACLzI,UAAAA,MAAM,CAACC,QAAP,CAAgByI,MAAhB,CAAuBZ,qBAAvB;AACD;AACF,OAPM,CAAP;AAQD,KAVD,MAUO;AACL,UAAIhK,OAAO,CAAC6K,yBAAZ,EAAuC;AACrC;AACA,aAAKpD,YAAL,CAAkBuB,KAAlB;AACD,OAHD,MAGO;AACL,aAAKvB,YAAL,CAAkBqD,qBAAlB;AACD,OANI,CAOL;;;AACA5I,MAAAA,MAAM,CAACC,QAAP,CAAgByI,MAAhB,CAAuBP,SAAvB;AACD;AACF;;AAEDU,EAAAA,SAAS,CAAC1C,IAAD,EAAwB;AAC/B,QAAI3E,GAAG,GAAG,2BAA2B,yBAAc2E,IAAd,CAArC;AACA,QAAIrI,OAAO,GAAG;AACZmI,MAAAA,OAAO,EAAE;AACP,kBAAU;AADH;AADG,KAAd;AAKA,WAAO,eAAI,IAAJ,EAAUzE,GAAV,EAAe1D,OAAf,CAAP;AACD,GA5agE,CA8ajE;AACA;AACA;AAEA;AACA;;;AACqB,QAAfgL,eAAe,CAAChL,OAA+B,GAAG,EAAnC,EAAyD;AAC5E;AACA,UAAM;AAAEiL,MAAAA,SAAF;AAAaC,MAAAA;AAAb,QAA4B,KAAKzD,YAAL,CAAkB0D,UAAlB,EAAlC;AAEA,UAAMC,WAAW,GAAGpL,OAAO,CAACqL,cAAR,GAAyBrL,OAAO,CAACqL,cAAR,KAA2B,OAApD,GAA8DJ,SAAlF;AACA,UAAMK,YAAY,GAAGtL,OAAO,CAACqL,cAAR,GAAyBrL,OAAO,CAACqL,cAAR,KAA2B,QAApD,GAA+DH,UAApF;AAEA,QAAI;AAAE7B,MAAAA;AAAF,QAAkB,KAAK5B,YAAL,CAAkByC,aAAlB,EAAtB;;AACA,QAAIb,WAAW,IAAI,KAAK5B,YAAL,CAAkB8D,UAAlB,CAA6BlC,WAA7B,CAAnB,EAA8D;AAC5DA,MAAAA,WAAW,GAAGmC,SAAd;;AACA,UAAIJ,WAAJ,EAAiB;AACf,YAAI;AACF/B,UAAAA,WAAW,GAAG,MAAM,KAAK5B,YAAL,CAAkB7C,KAAlB,CAAwB,aAAxB,CAApB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAI0G,YAAJ,EAAkB;AACvB,aAAK7D,YAAL,CAAkBgC,MAAlB,CAAyB,aAAzB;AACD;AACF;;AAED,QAAI;AAAEM,MAAAA;AAAF,QAAc,KAAKtC,YAAL,CAAkByC,aAAlB,EAAlB;;AACA,QAAIH,OAAO,IAAI,KAAKtC,YAAL,CAAkB8D,UAAlB,CAA6BxB,OAA7B,CAAf,EAAsD;AACpDA,MAAAA,OAAO,GAAGyB,SAAV;;AACA,UAAIJ,WAAJ,EAAiB;AACf,YAAI;AACFrB,UAAAA,OAAO,GAAG,MAAM,KAAKtC,YAAL,CAAkB7C,KAAlB,CAAwB,SAAxB,CAAhB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAI0G,YAAJ,EAAkB;AACvB,aAAK7D,YAAL,CAAkBgC,MAAlB,CAAyB,SAAzB;AACD;AACF;;AAED,WAAO,CAAC,EAAEJ,WAAW,IAAIU,OAAjB,CAAR;AACD;;AAEY,QAAP0B,OAAO,GAAwB;AACnC,UAAM;AAAE1B,MAAAA,OAAF;AAAWV,MAAAA;AAAX,QAA2B,KAAK5B,YAAL,CAAkByC,aAAlB,EAAjC;AACA,WAAO,KAAK/F,KAAL,CAAWa,WAAX,CAAuBqE,WAAvB,EAAoCU,OAApC,CAAP;AACD;;AAED2B,EAAAA,UAAU,GAAuB;AAC/B,UAAM;AAAE3B,MAAAA;AAAF,QAAc,KAAKtC,YAAL,CAAkByC,aAAlB,EAApB;AACA,WAAOH,OAAO,GAAGA,OAAO,CAACA,OAAX,GAAqByB,SAAnC;AACD;;AAEDG,EAAAA,cAAc,GAAuB;AACnC,UAAM;AAAEtC,MAAAA;AAAF,QAAkB,KAAK5B,YAAL,CAAkByC,aAAlB,EAAxB;AACA,WAAOb,WAAW,GAAGA,WAAW,CAACA,WAAf,GAA6BmC,SAA/C;AACD;;AAEDI,EAAAA,eAAe,GAAuB;AACpC,UAAM;AAAEhC,MAAAA;AAAF,QAAmB,KAAKnC,YAAL,CAAkByC,aAAlB,EAAzB;AACA,WAAON,YAAY,GAAGA,YAAY,CAACA,YAAhB,GAA+B4B,SAAlD;AACD;AAED;AACF;AACA;;;AAC+B,QAAvBK,uBAAuB,GAAkB;AAC7C,UAAM;AAAEC,MAAAA;AAAF,QAAa,MAAM,KAAK3H,KAAL,CAAWP,YAAX,EAAzB;AACA,SAAK6D,YAAL,CAAkBsE,SAAlB,CAA4BD,MAA5B;AACD;;AAEDjD,EAAAA,cAAc,CAACF,WAAD,EAAsBsB,KAAtB,EAA4C;AACxD;AACA,UAAM+B,cAAc,GAAGC,wBAAeC,iBAAf,EAAvB;;AACAF,IAAAA,cAAc,CAACG,OAAf,CAAuBC,mCAAvB,EAAkDzD,WAAlD,EAHwD,CAKxD;;AACAsB,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAKpM,cAAL,CAAoBqM,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACF,OAAd,CAAsBlC,KAAtB,EAA6BtB,WAA7B;AACD;AACF;;AAED4D,EAAAA,cAAc,CAACtC,KAAD,EAAqC;AACjD;AACAA,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAKpM,cAAL,CAAoBqM,qBAApB,EAAtB;AACA,YAAM3D,WAAW,GAAG0D,aAAa,CAACG,OAAd,CAAsBvC,KAAtB,CAApB;;AACA,UAAItB,WAAJ,EAAiB;AACf,eAAOA,WAAP;AACD;AACF,KATgD,CAWjD;;;AACA,UAAMxH,OAAO,GAAG8K,wBAAeC,iBAAf,EAAhB;;AACA,WAAO/K,OAAO,GAAGA,OAAO,CAACqL,OAAR,CAAgBJ,mCAAhB,KAA8CZ,SAAjD,GAA6DA,SAA3E;AACD;;AAEDiB,EAAAA,iBAAiB,CAACxC,KAAD,EAAuB;AACtC;AACA,UAAM9I,OAAO,GAAG8K,wBAAeC,iBAAf,EAAhB;;AACA/K,IAAAA,OAAO,CAACuL,UAAR,CAAmBN,mCAAnB,EAHsC,CAKtC;;AACAnC,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAKpM,cAAL,CAAoBqM,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACK,UAAd,IAA4BL,aAAa,CAACK,UAAd,CAAyBzC,KAAzB,CAA5B;AACD;AACF;;AAED9E,EAAAA,eAAe,GAAY;AACzB,WAAO,2BAAgB,IAAhB,CAAP;AACD;;AAEwB,QAAnBwH,mBAAmB,CAACb,MAAD,EAAkBnD,WAAlB,EAAuD;AAC9E,QAAIsB,KAAK,GAAG,KAAKjK,OAAL,CAAaiK,KAAzB,CAD8E,CAG9E;;AACA,QAAI6B,MAAJ,EAAY;AACV,WAAKrE,YAAL,CAAkBsE,SAAlB,CAA4BD,MAA5B;AACAnD,MAAAA,WAAW,GAAGA,WAAW,IAAI,KAAK4D,cAAL,CAAoB,KAAKvM,OAAL,CAAaiK,KAAjC,CAA7B;AACD,KAHD,MAGO,IAAI,KAAK9E,eAAL,EAAJ,EAA4B;AACjC,UAAI;AACF;AACA,cAAMyH,aAAa,GAAG,MAAM,6CAA0B,IAA1B,EAAgC,EAAhC,CAA5B;AACA3C,QAAAA,KAAK,GAAG2C,aAAa,CAAC3C,KAAtB;AACAtB,QAAAA,WAAW,GAAGA,WAAW,IAAI,KAAK4D,cAAL,CAAoBtC,KAApB,CAA7B;AACA,cAAM,KAAK4B,uBAAL,EAAN;AACD,OAND,CAME,OAAM3C,CAAN,EAAS;AACT;AACA,cAAM,KAAKvB,gBAAL,CAAsBK,eAAtB,EAAN;AACA,cAAMkB,CAAN;AACD;AACF,KAZM,MAYA;AACL,aADK,CACG;AACT,KArB6E,CAuB9E;;;AACA,UAAM,KAAKvB,gBAAL,CAAsBK,eAAtB,EAAN,CAxB8E,CA0B9E;;AACA,SAAKyE,iBAAL,CAAuBxC,KAAvB,EA3B8E,CA6B9E;;AACA,UAAM;AAAE4C,MAAAA;AAAF,QAAyB,KAAK7M,OAApC;;AACA,QAAI6M,kBAAJ,EAAwB;AACtB,YAAMA,kBAAkB,CAAC,IAAD,EAAOlE,WAAP,CAAxB;AACD,KAFD,MAEO,IAAIA,WAAJ,EAAiB;AACtBzG,MAAAA,MAAM,CAACC,QAAP,CAAgB2K,OAAhB,CAAwBnE,WAAxB;AACD;AACF;;AAEDoE,EAAAA,MAAM,GAAY;AAChB,WAAO,CAAC,CAAC,KAAK/M,OAAL,CAAauB,IAAtB;AACD;;AAEDyL,EAAAA,eAAe,CAACC,YAAD,EAAgC;AAC7C,QAAID,eAAe,GAAG,KAAtB;;AACA,QAAIE,KAAK,CAACC,OAAN,CAAc,KAAKnN,OAAL,CAAaiN,YAA3B,KAA4C,KAAKjN,OAAL,CAAaiN,YAAb,CAA0BG,MAA1E,EAAkF;AAAA;;AAChFJ,MAAAA,eAAe,GAAG,sCAAKhN,OAAL,CAAaiN,YAAb,iBAAkCA,YAAlC,KAAmD,CAArE;AACD,KAFD,MAEO;AACLD,MAAAA,eAAe,GAAG,KAAKhN,OAAL,CAAaiN,YAAb,KAA8BA,YAAhD;AACD;;AACD,WAAOD,eAAP;AACD;;AAEDK,EAAAA,uBAAuB,GAAY;AACjC,WAAO,KAAKL,eAAL,CAAqB,MAArB,CAAP;AACD,GA1lBgE,CA4lBjE;AACA;AACA;AACA;;;AAEAM,EAAAA,eAAe,GAAW;AACxB;AACA;AACA,WAAO,KAAKtN,OAAL,CAAauN,MAAb,CAAqBC,KAArB,CAA2B,UAA3B,EAAuC,CAAvC,CAAP;AACD,GArmBgE,CAumBjE;;;AACAC,EAAAA,cAAc,CAACpF,IAAD,EAAiC;AAC7C,WAAO,2BAAkB,IAAlB,EAAwB,iCAAxB,EAA2DA,IAA3D,CAAP;AACD,GA1mBgE,CA4mBjE;;;AACAlB,EAAAA,aAAa,CAACkB,IAAD,EAAwD;AACnE,WAAO,2BAAkB,IAAlB,EAAwB,+BAAxB,EAAyDA,IAAzD,CAAP;AACD,GA/mBgE,CAinBjE;;;AACAqF,EAAAA,mBAAmB,CAACrF,IAAD,EAA6D;AAC9E,WAAO,2BAAkB,IAAlB,EAAwB,8BAAxB,EAAwDA,IAAxD,CAAP;AACD,GApnBgE,CAsnBjE;;;AACqB,QAAfsF,eAAe,CAAC3N,OAAD,EAA4C;AAC/D,QAAI,CAACA,OAAO,CAACqJ,WAAb,EAA0B;AACxB,YAAMA,WAAW,GAAG,CAAC,MAAM,KAAK5B,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCD,WAA1D;AACArJ,MAAAA,OAAO,CAACqJ,WAAR,GAAsBA,WAAtB,aAAsBA,WAAtB,uBAAsBA,WAAW,CAAEA,WAAnC;AACD;;AACD,WAAO,uBAAY,IAAZ,EAAkBrJ,OAAlB,CAAP;AACD;;AA7nBgE,C,CAgoBnE;;;8BAhoBMJ,Q,cAQ2BG,Q;8BAR3BH,Q,YASuBgO,M;8BATvBhO,Q,cAU2BiO,Q;AAunBjCjO,QAAQ,CAACG,QAAT,GAAoBH,QAAQ,CAACwD,SAAT,CAAmBrD,QAAnB,GAA8BA,QAAlD,C,CAEA;;AACA,qBAAcH,QAAd,EAAwB;AACtBkO,EAAAA;AADsB,CAAxB;eAIelO,Q","sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* global window */\n\nimport { \n  DEFAULT_MAX_CLOCK_SKEW, \n  REFERRER_PATH_STORAGE_KEY\n} from './constants';\nimport * as constants from './constants';\nimport {\n  OktaAuthInterface,\n  OktaAuthOptions, \n  AccessToken, \n  IDToken,\n  RefreshToken,\n  TokenAPI, \n  FeaturesAPI, \n  CryptoAPI,\n  WebauthnAPI,\n  SignoutAPI, \n  FingerprintAPI,\n  UserClaims, \n  SigninWithRedirectOptions,\n  SigninWithCredentialsOptions,\n  SignoutOptions,\n  Tokens,\n  ForgotPasswordOptions,\n  VerifyRecoveryTokenOptions,\n  TransactionAPI,\n  SessionAPI,\n  SigninAPI,\n  PkceAPI,\n  SigninOptions,\n  IdxAPI,\n  SignoutRedirectUrlOptions,\n  HttpAPI,\n  FlowIdentifier,\n  GetWithRedirectAPI,\n  ParseFromUrlInterface,\n  GetWithRedirectFunction,\n  RequestOptions,\n  IsAuthenticatedOptions,\n} from './types';\nimport {\n  transactionStatus,\n  resumeTransaction,\n  transactionExists,\n  introspectAuthn,\n  postToTransaction,\n  AuthTransaction\n} from './tx';\nimport PKCE from './oidc/util/pkce';\nimport {\n  closeSession,\n  sessionExists,\n  getSession,\n  refreshSession,\n  setCookieAndRedirect\n} from './session';\nimport {\n  getOAuthUrls,\n  getWithoutPrompt,\n  getWithPopup,\n  getWithRedirect,\n  isLoginRedirect,\n  parseFromUrl,\n  decodeToken,\n  revokeToken,\n  renewToken,\n  renewTokens,\n  renewTokensWithRefresh,\n  getUserInfo,\n  verifyToken,\n  prepareTokenParams,\n  exchangeCodeForTokens,\n  isInteractionRequiredError,\n  isInteractionRequired,\n} from './oidc';\nimport { isBrowser } from './features';\nimport * as features from './features';\nimport * as crypto from './crypto';\nimport * as webauthn from './crypto/webauthn';\nimport browserStorage from './browser/browserStorage';\nimport { \n  toQueryString, \n  toAbsoluteUrl,\n  clone,\n} from './util';\nimport { TokenManager } from './TokenManager';\nimport { ServiceManager } from './ServiceManager';\nimport { get, httpRequest, setRequestHeader } from './http';\nimport PromiseQueue from './PromiseQueue';\nimport fingerprint from './browser/fingerprint';\nimport { AuthStateManager } from './AuthStateManager';\nimport { StorageManager } from './StorageManager';\nimport TransactionManager from './TransactionManager';\nimport { buildOptions } from './options';\nimport {\n  interact,\n  introspect,\n  authenticate,\n  cancel,\n  poll,\n  proceed,\n  register,\n  recoverPassword,\n  unlockAccount,\n  startTransaction,\n  handleInteractionCodeRedirect,\n  canProceed,\n  handleEmailVerifyCallback,\n  isEmailVerifyCallback,\n  parseEmailVerifyCallback,\n  isEmailVerifyCallbackError\n} from './idx';\nimport { OktaUserAgent } from './OktaUserAgent';\nimport { parseOAuthResponseFromUrl } from './oidc/parseFromUrl';\nimport {\n  getSavedTransactionMeta,\n  createTransactionMeta,\n  getTransactionMeta,\n  saveTransactionMeta,\n  clearTransactionMeta,\n  isTransactionMetaValid\n} from './idx/transactionMeta';\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport Emitter from 'tiny-emitter';\n\nclass OktaAuth implements OktaAuthInterface, SigninAPI, SignoutAPI {\n  options: OktaAuthOptions;\n  storageManager: StorageManager;\n  transactionManager: TransactionManager;\n  tx: TransactionAPI;\n  idx: IdxAPI;\n  session: SessionAPI;\n  pkce: PkceAPI;\n  static features: FeaturesAPI = features;\n  static crypto: CryptoAPI = crypto;\n  static webauthn: WebauthnAPI = webauthn;\n  features: FeaturesAPI = features;\n  token: TokenAPI;\n  _tokenQueue: PromiseQueue;\n  emitter: any;\n  tokenManager: TokenManager;\n  authStateManager: AuthStateManager;\n  serviceManager: ServiceManager;\n  http: HttpAPI;\n  fingerprint: FingerprintAPI;\n  _oktaUserAgent: OktaUserAgent;\n  _pending: { handleLogin: boolean };\n  constructor(args: OktaAuthOptions) {\n    const options = this.options = buildOptions(args);\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    this.storageManager = new StorageManager(options.storageManager!, options.cookies!, options.storageUtil!);\n    this.transactionManager = new TransactionManager(Object.assign({\n      storageManager: this.storageManager,\n    }, options.transactionManager));\n    this._oktaUserAgent = new OktaUserAgent();\n\n    this.tx = {\n      status: transactionStatus.bind(null, this),\n      resume: resumeTransaction.bind(null, this),\n      exists: Object.assign(transactionExists.bind(null, this), {\n        _get: (name) => {\n          // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n          const storage = options.storageUtil!.storage;\n          return storage.get(name);\n        }\n      }),\n      introspect: introspectAuthn.bind(null, this)\n    };\n\n    this.pkce = {\n      DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n      generateVerifier: PKCE.generateVerifier,\n      computeChallenge: PKCE.computeChallenge\n    };\n\n    // Add shims for compatibility, these will be removed in next major version. OKTA-362589\n    Object.assign(this.options.storageUtil, {\n      getPKCEStorage: this.storageManager.getLegacyPKCEStorage.bind(this.storageManager),\n      getHttpCache: this.storageManager.getHttpCache.bind(this.storageManager),\n    });\n\n    this._pending = { handleLogin: false };\n\n    if (isBrowser()) {\n      this.options = Object.assign(this.options, {\n        redirectUri: toAbsoluteUrl(args.redirectUri, window.location.origin), // allow relative URIs\n      });\n    }\n\n    // Digital clocks will drift over time, so the server\n    // can misalign with the time reported by the browser.\n    // The maxClockSkew allows relaxing the time-based\n    // validation of tokens (in seconds, not milliseconds).\n    // It currently defaults to 300, because 5 min is the\n    // default maximum tolerance allowed by Kerberos.\n    // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n    if (!args.maxClockSkew && args.maxClockSkew !== 0) {\n      this.options.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n    } else {\n      this.options.maxClockSkew = args.maxClockSkew;\n    }\n\n    // As some end user's devices can have their date \n    // and time incorrectly set, allow for the disabling\n    // of the jwt liftetime validation\n    this.options.ignoreLifetime = !!args.ignoreLifetime;\n\n    this.session = {\n      close: closeSession.bind(null, this),\n      exists: sessionExists.bind(null, this),\n      get: getSession.bind(null, this),\n      refresh: refreshSession.bind(null, this),\n      setCookieAndRedirect: setCookieAndRedirect.bind(null, this)\n    };\n\n    this._tokenQueue = new PromiseQueue();\n    const useQueue = (method) => {\n      return PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n    };\n\n    // eslint-disable-next-line max-len\n    const getWithRedirectFn = useQueue(getWithRedirect.bind(null, this)) as GetWithRedirectFunction;\n    const getWithRedirectApi: GetWithRedirectAPI = Object.assign(getWithRedirectFn, {\n      // This is exposed so we can set window.location in our tests\n      _setLocation: function(url) {\n        window.location = url;\n      }\n    });\n    // eslint-disable-next-line max-len\n    const parseFromUrlFn = useQueue(parseFromUrl.bind(null, this)) as ParseFromUrlInterface;\n    const parseFromUrlApi: ParseFromUrlInterface = Object.assign(parseFromUrlFn, {\n      // This is exposed so we can mock getting window.history in our tests\n      _getHistory: function() {\n        return window.history;\n      },\n\n      // This is exposed so we can mock getting window.location in our tests\n      _getLocation: function() {\n        return window.location;\n      },\n\n      // This is exposed so we can mock getting window.document in our tests\n      _getDocument: function() {\n        return window.document;\n      }\n    });\n    this.token = {\n      prepareTokenParams: prepareTokenParams.bind(null, this),\n      exchangeCodeForTokens: exchangeCodeForTokens.bind(null, this),\n      getWithoutPrompt: getWithoutPrompt.bind(null, this),\n      getWithPopup: getWithPopup.bind(null, this),\n      getWithRedirect: getWithRedirectApi,\n      parseFromUrl: parseFromUrlApi,\n      decode: decodeToken,\n      revoke: revokeToken.bind(null, this),\n      renew: renewToken.bind(null, this),\n      renewTokensWithRefresh: renewTokensWithRefresh.bind(null, this),\n      renewTokens: renewTokens.bind(null, this),\n      getUserInfo: getUserInfo.bind(null, this),\n      verify: verifyToken.bind(null, this),\n      isLoginRedirect: isLoginRedirect.bind(null, this)\n    };\n    // Wrap all async token API methods using MethodQueue to avoid issues with concurrency\n    const syncMethods = [\n      // sync methods\n      'decode',\n      'isLoginRedirect',\n      // already bound\n      'getWithRedirect',\n      'parseFromUrl'\n    ];\n    Object.keys(this.token).forEach(key => {\n      if (syncMethods.indexOf(key) >= 0) { // sync methods should not be wrapped\n        return;\n      }\n      var method = this.token[key];\n      this.token[key] = PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n    });\n\n    // IDX\n    const boundStartTransaction = startTransaction.bind(null, this);\n    this.idx = {\n      interact: interact.bind(null, this),\n      introspect: introspect.bind(null, this),\n      authenticate: authenticate.bind(null, this),\n      register: register.bind(null, this),\n      start: boundStartTransaction,\n      startTransaction: boundStartTransaction, // Use `start` instead. `startTransaction` will be removed in 7.0\n      poll: poll.bind(null, this),\n      proceed: proceed.bind(null, this),\n      cancel: cancel.bind(null, this),\n      recoverPassword: recoverPassword.bind(null, this),\n\n      // oauth redirect callback\n      handleInteractionCodeRedirect: handleInteractionCodeRedirect.bind(null, this),\n\n      // interaction required callback\n      isInteractionRequired: isInteractionRequired.bind(null, this),\n      isInteractionRequiredError,\n\n      // email verify callback\n      handleEmailVerifyCallback: handleEmailVerifyCallback.bind(null, this),\n      isEmailVerifyCallback,\n      parseEmailVerifyCallback,\n      isEmailVerifyCallbackError,\n      \n      getSavedTransactionMeta: getSavedTransactionMeta.bind(null, this),\n      createTransactionMeta: createTransactionMeta.bind(null, this),\n      getTransactionMeta: getTransactionMeta.bind(null, this),\n      saveTransactionMeta: saveTransactionMeta.bind(null, this),\n      clearTransactionMeta: clearTransactionMeta.bind(null, this),\n      isTransactionMetaValid,\n      setFlow: (flow: FlowIdentifier) => {\n        this.options.flow = flow;\n      },\n      getFlow: (): FlowIdentifier | undefined => {\n        return this.options.flow;\n      },\n      canProceed: canProceed.bind(null, this),\n      unlockAccount: unlockAccount.bind(null, this),\n    };\n\n    // HTTP\n    this.http = {\n      setRequestHeader: setRequestHeader.bind(null, this)\n    };\n\n    // Fingerprint API\n    this.fingerprint = fingerprint.bind(null, this);\n\n    this.emitter = new Emitter();\n\n    // TokenManager\n    this.tokenManager = new TokenManager(this, args.tokenManager);\n\n    // AuthStateManager\n    this.authStateManager = new AuthStateManager(this);\n\n    // ServiceManager\n    this.serviceManager = new ServiceManager(this, args.services);\n  }\n\n  start() {\n    // TODO: review tokenManager.start\n    this.tokenManager.start();\n    if (!this.token.isLoginRedirect()) {\n      this.authStateManager.updateAuthState();\n    }\n    this.serviceManager.start();\n  }\n\n  stop() {\n    // TODO: review tokenManager.stop\n    this.tokenManager.stop();\n    this.serviceManager.stop();\n  }\n\n  setHeaders(headers) {\n    this.options.headers = Object.assign({}, this.options.headers, headers);\n  }\n\n\n  // Authn  V1\n  async signIn(opts: SigninOptions): Promise<AuthTransaction> {\n    return this.signInWithCredentials(opts as SigninWithCredentialsOptions);\n  }\n\n  // Authn  V1\n  async signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthTransaction> {\n    opts = clone(opts || {});\n    const _postToTransaction = (options?) => {\n      delete opts.sendFingerprint;\n      return postToTransaction(this, '/api/v1/authn', opts, options);\n    };\n    if (!opts.sendFingerprint) {\n      return _postToTransaction();\n    }\n    return this.fingerprint()\n    .then(function(fingerprint) {\n      return _postToTransaction({\n        headers: {\n          'X-Device-Fingerprint': fingerprint\n        }\n      });\n    });\n  }\n\n  async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n    const { originalUri, ...additionalParams } = opts;\n    if(this._pending.handleLogin) { \n      // Don't trigger second round\n      return;\n    }\n\n    this._pending.handleLogin = true;\n    try {\n      // Trigger default signIn redirect flow\n      if (originalUri) {\n        this.setOriginalUri(originalUri);\n      }\n      const params = Object.assign({\n        // TODO: remove this line when default scopes are changed OKTA-343294\n        scopes: this.options.scopes || ['openid', 'email', 'profile']\n      }, additionalParams);\n      await this.token.getWithRedirect(params);\n    } finally {\n      this._pending.handleLogin = false;\n    }\n  }\n\n  // Ends the current Okta SSO session without redirecting to Okta.\n  closeSession(): Promise<unknown> {\n    return this.session.close() // DELETE /api/v1/sessions/me\n    .then(async () => {\n      // Clear all local tokens\n      this.tokenManager.clear();\n    })\n    .catch(function(e) {\n      if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n        // Session does not exist or has already been closed\n        return null;\n      }\n      throw e;\n    });\n  }\n  \n  // Revokes the access token for the application session\n  async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n    if (!accessToken) {\n      accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n      const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n      this.tokenManager.remove(accessTokenKey);\n    }\n    // Access token may have been removed. In this case, we will silently succeed.\n    if (!accessToken) {\n      return Promise.resolve(null);\n    }\n    return this.token.revoke(accessToken);\n  }\n\n  // Revokes the refresh token for the application session\n  async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n    if (!refreshToken) {\n      refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n      const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n      this.tokenManager.remove(refreshTokenKey);\n    }\n    // Refresh token may have been removed. In this case, we will silently succeed.\n    if (!refreshToken) {\n      return Promise.resolve(null);\n    }\n    return this.token.revoke(refreshToken);\n  }\n\n  getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n    let {\n      idToken,\n      postLogoutRedirectUri,\n      state,\n    } = options;\n    if (!idToken) {\n      idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n    }\n    if (!idToken) {\n      return '';\n    }\n    if (!postLogoutRedirectUri) {\n      postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n    }\n\n    const logoutUrl = getOAuthUrls(this).logoutUrl;\n    const idTokenHint = idToken.idToken; // a string\n    let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n    if (postLogoutRedirectUri) {\n      logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n    } \n    // State allows option parameters to be passed to logout redirect uri\n    if (state) {\n      logoutUri += '&state=' + encodeURIComponent(state);\n    }\n\n    return logoutUri;\n  }\n\n  // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n  async signOut(options?: SignoutOptions) {\n    options = Object.assign({}, options);\n  \n    // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n    var defaultUri = window.location.origin;\n    var currentUri = window.location.href;\n    var postLogoutRedirectUri = options.postLogoutRedirectUri\n      || this.options.postLogoutRedirectUri\n      || defaultUri;\n  \n    var accessToken = options.accessToken;\n    var refreshToken = options.refreshToken;\n    var revokeAccessToken = options.revokeAccessToken !== false;\n    var revokeRefreshToken = options.revokeRefreshToken !== false;\n  \n    if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n      refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n    }\n\n    if (revokeAccessToken && typeof accessToken === 'undefined') {\n      accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n    }\n  \n    if (!options.idToken) {\n      options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n    }\n\n    if (revokeRefreshToken && refreshToken) {\n      await this.revokeRefreshToken(refreshToken);\n    }\n\n    if (revokeAccessToken && accessToken) {\n      await this.revokeAccessToken(accessToken);\n    }\n\n    const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n    // No logoutUri? This can happen if the storage was cleared.\n    // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n    if (!logoutUri) {\n      // local tokens are cleared once session is closed\n      return this.closeSession() // can throw if the user cannot be signed out\n      .then(function() {\n        if (postLogoutRedirectUri === currentUri) {\n          window.location.reload(); // force a hard reload if URI is not changing\n        } else {\n          window.location.assign(postLogoutRedirectUri);\n        }\n      });\n    } else {\n      if (options.clearTokensBeforeRedirect) {\n        // Clear all local tokens\n        this.tokenManager.clear();\n      } else {\n        this.tokenManager.addPendingRemoveFlags();\n      }\n      // Flow ends with logout redirect\n      window.location.assign(logoutUri);\n    }\n  }\n\n  webfinger(opts): Promise<object> {\n    var url = '/.well-known/webfinger' + toQueryString(opts);\n    var options = {\n      headers: {\n        'Accept': 'application/jrd+json'\n      }\n    };\n    return get(this, url, options);\n  }\n\n  //\n  // Common Methods from downstream SDKs\n  //\n\n  // Returns true if both accessToken and idToken are not expired\n  // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n  async isAuthenticated(options: IsAuthenticatedOptions = {}): Promise<boolean> {\n    // TODO: remove dependency on tokenManager options in next major version - OKTA-473815\n    const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n    const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;\n    const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;\n\n    let { accessToken } = this.tokenManager.getTokensSync();\n    if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n      accessToken = undefined;\n      if (shouldRenew) {\n        try {\n          accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n        } catch {\n          // Renew errors will emit an \"error\" event \n        }\n      } else if (shouldRemove) {\n        this.tokenManager.remove('accessToken');\n      }\n    }\n\n    let { idToken } = this.tokenManager.getTokensSync();\n    if (idToken && this.tokenManager.hasExpired(idToken)) {\n      idToken = undefined;\n      if (shouldRenew) {\n        try {\n          idToken = await this.tokenManager.renew('idToken') as IDToken;\n        } catch {\n          // Renew errors will emit an \"error\" event \n        }\n      } else if (shouldRemove) {\n        this.tokenManager.remove('idToken');\n      }\n    }\n\n    return !!(accessToken && idToken);\n  }\n\n  async getUser(): Promise<UserClaims> {\n    const { idToken, accessToken } = this.tokenManager.getTokensSync();\n    return this.token.getUserInfo(accessToken, idToken);\n  }\n\n  getIdToken(): string | undefined {\n    const { idToken } = this.tokenManager.getTokensSync();\n    return idToken ? idToken.idToken : undefined;\n  }\n\n  getAccessToken(): string | undefined {\n    const { accessToken } = this.tokenManager.getTokensSync();\n    return accessToken ? accessToken.accessToken : undefined;\n  }\n\n  getRefreshToken(): string | undefined {\n    const { refreshToken } = this.tokenManager.getTokensSync();\n    return refreshToken ? refreshToken.refreshToken : undefined;\n  }\n\n  /**\n   * Store parsed tokens from redirect url\n   */\n  async storeTokensFromRedirect(): Promise<void> {\n    const { tokens } = await this.token.parseFromUrl();\n    this.tokenManager.setTokens(tokens);\n  }\n\n  setOriginalUri(originalUri: string, state?: string): void {\n    // always store in session storage\n    const sessionStorage = browserStorage.getSessionStorage();\n    sessionStorage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n\n    // to support multi-tab flows, set a state in constructor or pass as param\n    state = state || this.options.state;\n    if (state) {\n      const sharedStorage = this.storageManager.getOriginalUriStorage();\n      sharedStorage.setItem(state, originalUri);\n    }\n  }\n\n  getOriginalUri(state?: string): string | undefined {\n    // Prefer shared storage (if state is available)\n    state = state || this.options.state;\n    if (state) {\n      const sharedStorage = this.storageManager.getOriginalUriStorage();\n      const originalUri = sharedStorage.getItem(state);\n      if (originalUri) {\n        return originalUri;\n      }\n    }\n\n    // Try to load from session storage\n    const storage = browserStorage.getSessionStorage();\n    return storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) || undefined : undefined;\n  }\n\n  removeOriginalUri(state?: string): void {\n    // Remove from sessionStorage\n    const storage = browserStorage.getSessionStorage();\n    storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n\n    // Also remove from shared storage\n    state = state || this.options.state;\n    if (state) {\n      const sharedStorage = this.storageManager.getOriginalUriStorage();\n      sharedStorage.removeItem && sharedStorage.removeItem(state);\n    }\n  }\n\n  isLoginRedirect(): boolean {\n    return isLoginRedirect(this);\n  }\n\n  async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n    let state = this.options.state;\n\n    // Store tokens and update AuthState by the emitted events\n    if (tokens) {\n      this.tokenManager.setTokens(tokens);\n      originalUri = originalUri || this.getOriginalUri(this.options.state);\n    } else if (this.isLoginRedirect()) {\n      try {\n        // For redirect flow, get state from the URL and use it to retrieve the originalUri\n        const oAuthResponse = await parseOAuthResponseFromUrl(this, {});\n        state = oAuthResponse.state;\n        originalUri = originalUri || this.getOriginalUri(state);\n        await this.storeTokensFromRedirect();\n      } catch(e) {\n        // auth state should be updated\n        await this.authStateManager.updateAuthState();\n        throw e;\n      }\n    } else {\n      return; // nothing to do\n    }\n    \n    // ensure auth state has been updated\n    await this.authStateManager.updateAuthState();\n\n    // clear originalUri from storage\n    this.removeOriginalUri(state);\n\n    // Redirect to originalUri\n    const { restoreOriginalUri } = this.options;\n    if (restoreOriginalUri) {\n      await restoreOriginalUri(this, originalUri);\n    } else if (originalUri) {\n      window.location.replace(originalUri);\n    }\n  }\n\n  isPKCE(): boolean {\n    return !!this.options.pkce;\n  }\n\n  hasResponseType(responseType: string): boolean {\n    let hasResponseType = false;\n    if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n      hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n    } else {\n      hasResponseType = this.options.responseType === responseType;\n    }\n    return hasResponseType;\n  }\n\n  isAuthorizationCodeFlow(): boolean {\n    return this.hasResponseType('code');\n  }\n\n  // { username, password, (relayState), (context) }\n  // signIn(opts: SignInWithCredentialsOptions): Promise<AuthTransaction> {\n  //   return postToTransaction(this, '/api/v1/authn', opts);\n  // }\n\n  getIssuerOrigin(): string {\n    // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    return this.options.issuer!.split('/oauth2/')[0];\n  }\n\n  // { username, (relayState) }\n  forgotPassword(opts): Promise<AuthTransaction> {\n    return postToTransaction(this, '/api/v1/authn/recovery/password', opts);\n  }\n\n  // { username, (relayState) }\n  unlockAccount(opts: ForgotPasswordOptions): Promise<AuthTransaction> {\n    return postToTransaction(this, '/api/v1/authn/recovery/unlock', opts);\n  }\n\n  // { recoveryToken }\n  verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthTransaction> {\n    return postToTransaction(this, '/api/v1/authn/recovery/token', opts);\n  }\n\n  // Escape hatch method to make arbitrary OKTA API call\n  async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n    if (!options.accessToken) {\n      const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n      options.accessToken = accessToken?.accessToken;\n    }\n    return httpRequest(this, options);\n  }\n}\n\n// Hoist feature detection functions to prototype & static type\nOktaAuth.features = OktaAuth.prototype.features = features;\n\n// Also hoist constants for CommonJS users\nObject.assign(OktaAuth, {\n  constants\n});\n\nexport default OktaAuth;"],"file":"OktaAuth.js"}
+{"version":3,"sources":["../../lib/OktaAuth.ts"],"names":["OktaAuth","constructor","args","features","options","storageManager","StorageManager","cookies","storageUtil","transactionManager","TransactionManager","_oktaUserAgent","OktaUserAgent","tx","status","transactionStatus","bind","resume","resumeTransaction","exists","transactionExists","_get","name","storage","get","introspect","introspectAuthn","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","getPKCEStorage","getLegacyPKCEStorage","getHttpCache","_pending","handleLogin","redirectUri","window","location","origin","maxClockSkew","DEFAULT_MAX_CLOCK_SKEW","ignoreLifetime","session","close","closeSession","sessionExists","getSession","refresh","refreshSession","setCookieAndRedirect","_tokenQueue","PromiseQueue","useQueue","method","prototype","push","getWithRedirectFn","getWithRedirect","getWithRedirectApi","_setLocation","url","parseFromUrlFn","parseFromUrl","parseFromUrlApi","_getHistory","history","_getLocation","_getDocument","document","token","prepareTokenParams","exchangeCodeForTokens","getWithoutPrompt","getWithPopup","decode","decodeToken","revoke","revokeToken","renew","renewToken","renewTokensWithRefresh","renewTokens","getUserInfo","verify","verifyToken","isLoginRedirect","syncMethods","forEach","key","boundStartTransaction","startTransaction","idx","interact","authenticate","register","start","poll","proceed","cancel","recoverPassword","handleInteractionCodeRedirect","isInteractionRequired","isInteractionRequiredError","handleEmailVerifyCallback","isEmailVerifyCallback","parseEmailVerifyCallback","isEmailVerifyCallbackError","getSavedTransactionMeta","createTransactionMeta","getTransactionMeta","saveTransactionMeta","clearTransactionMeta","isTransactionMetaValid","setFlow","flow","getFlow","canProceed","unlockAccount","http","setRequestHeader","fingerprint","emitter","Emitter","tokenManager","TokenManager","authStateManager","AuthStateManager","serviceManager","ServiceManager","services","updateAuthState","stop","setHeaders","headers","signIn","opts","signInWithCredentials","_postToTransaction","sendFingerprint","then","signInWithRedirect","originalUri","additionalParams","setOriginalUri","params","scopes","clear","catch","e","errorCode","revokeAccessToken","accessToken","getTokens","accessTokenKey","getStorageKeyByType","remove","resolve","revokeRefreshToken","refreshToken","refreshTokenKey","getSignOutRedirectUrl","idToken","postLogoutRedirectUri","state","getTokensSync","logoutUrl","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","currentUri","href","reload","assign","clearTokensBeforeRedirect","addPendingRemoveFlags","webfinger","isAuthenticated","autoRenew","autoRemove","getOptions","shouldRenew","onExpiredToken","shouldRemove","hasExpired","undefined","getUser","getIdToken","getAccessToken","getRefreshToken","storeTokensFromRedirect","tokens","setTokens","sessionStorage","browserStorage","getSessionStorage","setItem","REFERRER_PATH_STORAGE_KEY","sharedStorage","getOriginalUriStorage","getOriginalUri","getItem","removeOriginalUri","removeItem","handleLoginRedirect","oAuthResponse","restoreOriginalUri","replace","isPKCE","hasResponseType","responseType","Array","isArray","length","isAuthorizationCodeFlow","getIssuerOrigin","issuer","split","forgotPassword","verifyRecoveryToken","invokeApiMethod","crypto","webauthn","constants"],"mappings":";;;;;;;;;;;;;;;;;;;;AAeA;;AAwCA;;AAQA;;AACA;;AAOA;;AAmBA;;AAEA;;AACA;;AACA;;AACA;;AAKA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAkBA;;AACA;;AACA;;AAWA;;;;;;AA5IA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AA4HA;AACA;AACA;AAGA,MAAMA,QAAN,CAAmE;AAsBjEC,EAAAA,WAAW,CAACC,IAAD,EAAwB;AAAA,oDAXXC,QAWW;AACjC,UAAMC,OAAO,GAAG,KAAKA,OAAL,GAAe,2BAAaF,IAAb,CAA/B,CADiC,CAEjC;;AACA,SAAKG,cAAL,GAAsB,IAAIC,8BAAJ,CAAmBF,OAAO,CAACC,cAA3B,EAA4CD,OAAO,CAACG,OAApD,EAA8DH,OAAO,CAACI,WAAtE,CAAtB;AACA,SAAKC,kBAAL,GAA0B,IAAIC,2BAAJ,CAAuB,qBAAc;AAC7DL,MAAAA,cAAc,EAAE,KAAKA;AADwC,KAAd,EAE9CD,OAAO,CAACK,kBAFsC,CAAvB,CAA1B;AAGA,SAAKE,cAAL,GAAsB,IAAIC,4BAAJ,EAAtB;AAEA,SAAKC,EAAL,GAAU;AACRC,MAAAA,MAAM,EAAEC,sBAAkBC,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CADA;AAERC,MAAAA,MAAM,EAAEC,sBAAkBF,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAFA;AAGRG,MAAAA,MAAM,EAAE,qBAAcC,sBAAkBJ,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAAd,EAAkD;AACxDK,QAAAA,IAAI,EAAGC,IAAD,IAAU;AACd;AACA,gBAAMC,OAAO,GAAGnB,OAAO,CAACI,WAAR,CAAqBe,OAArC;AACA,iBAAOA,OAAO,CAACC,GAAR,CAAYF,IAAZ,CAAP;AACD;AALuD,OAAlD,CAHA;AAURG,MAAAA,UAAU,EAAEC,oBAAgBV,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAVJ,KAAV;AAaA,SAAKW,IAAL,GAAY;AACVC,MAAAA,6BAA6B,EAAEC,cAAKD,6BAD1B;AAEVE,MAAAA,gBAAgB,EAAED,cAAKC,gBAFb;AAGVC,MAAAA,gBAAgB,EAAEF,cAAKE;AAHb,KAAZ,CAtBiC,CA4BjC;;AACA,yBAAc,KAAK3B,OAAL,CAAaI,WAA3B,EAAwC;AACtCwB,MAAAA,cAAc,EAAE,KAAK3B,cAAL,CAAoB4B,oBAApB,CAAyCjB,IAAzC,CAA8C,KAAKX,cAAnD,CADsB;AAEtC6B,MAAAA,YAAY,EAAE,KAAK7B,cAAL,CAAoB6B,YAApB,CAAiClB,IAAjC,CAAsC,KAAKX,cAA3C;AAFwB,KAAxC;AAKA,SAAK8B,QAAL,GAAgB;AAAEC,MAAAA,WAAW,EAAE;AAAf,KAAhB;;AAEA,QAAI,yBAAJ,EAAiB;AACf,WAAKhC,OAAL,GAAe,qBAAc,KAAKA,OAAnB,EAA4B;AACzCiC,QAAAA,WAAW,EAAE,yBAAcnC,IAAI,CAACmC,WAAnB,EAAgCC,MAAM,CAACC,QAAP,CAAgBC,MAAhD,CAD4B,CAC6B;;AAD7B,OAA5B,CAAf;AAGD,KAxCgC,CA0CjC;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,QAAI,CAACtC,IAAI,CAACuC,YAAN,IAAsBvC,IAAI,CAACuC,YAAL,KAAsB,CAAhD,EAAmD;AACjD,WAAKrC,OAAL,CAAaqC,YAAb,GAA4BC,gCAA5B;AACD,KAFD,MAEO;AACL,WAAKtC,OAAL,CAAaqC,YAAb,GAA4BvC,IAAI,CAACuC,YAAjC;AACD,KArDgC,CAuDjC;AACA;AACA;;;AACA,SAAKrC,OAAL,CAAauC,cAAb,GAA8B,CAAC,CAACzC,IAAI,CAACyC,cAArC;AAEA,SAAKC,OAAL,GAAe;AACbC,MAAAA,KAAK,EAAEC,sBAAa9B,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CADM;AAEbG,MAAAA,MAAM,EAAE4B,uBAAc/B,IAAd,CAAmB,IAAnB,EAAyB,IAAzB,CAFK;AAGbQ,MAAAA,GAAG,EAAEwB,oBAAWhC,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAHQ;AAIbiC,MAAAA,OAAO,EAAEC,wBAAelC,IAAf,CAAoB,IAApB,EAA0B,IAA1B,CAJI;AAKbmC,MAAAA,oBAAoB,EAAEA,8BAAqBnC,IAArB,CAA0B,IAA1B,EAAgC,IAAhC;AALT,KAAf;AAQA,SAAKoC,WAAL,GAAmB,IAAIC,qBAAJ,EAAnB;;AACA,UAAMC,QAAQ,GAAIC,MAAD,IAAY;AAC3B,aAAOF,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4BzC,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAP;AACD,KAFD,CArEiC,CAyEjC;;;AACA,UAAMG,iBAAiB,GAAGJ,QAAQ,CAACK,sBAAgB3C,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAAD,CAAlC;AACA,UAAM4C,kBAAsC,GAAG,qBAAcF,iBAAd,EAAiC;AAC9E;AACAG,MAAAA,YAAY,EAAE,UAASC,GAAT,EAAc;AAC1BxB,QAAAA,MAAM,CAACC,QAAP,GAAkBuB,GAAlB;AACD;AAJ6E,KAAjC,CAA/C,CA3EiC,CAiFjC;;AACA,UAAMC,cAAc,GAAGT,QAAQ,CAACU,mBAAahD,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAAD,CAA/B;AACA,UAAMiD,eAAsC,GAAG,qBAAcF,cAAd,EAA8B;AAC3E;AACAG,MAAAA,WAAW,EAAE,YAAW;AACtB,eAAO5B,MAAM,CAAC6B,OAAd;AACD,OAJ0E;AAM3E;AACAC,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO9B,MAAM,CAACC,QAAd;AACD,OAT0E;AAW3E;AACA8B,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO/B,MAAM,CAACgC,QAAd;AACD;AAd0E,KAA9B,CAA/C;AAgBA,SAAKC,KAAL,GAAa;AACXC,MAAAA,kBAAkB,EAAEA,yBAAmBxD,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CADT;AAEXyD,MAAAA,qBAAqB,EAAEA,4BAAsBzD,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAFZ;AAGX0D,MAAAA,gBAAgB,EAAEA,uBAAiB1D,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAHP;AAIX2D,MAAAA,YAAY,EAAEA,mBAAa3D,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAJH;AAKX2C,MAAAA,eAAe,EAAEC,kBALN;AAMXI,MAAAA,YAAY,EAAEC,eANH;AAOXW,MAAAA,MAAM,EAAEC,iBAPG;AAQXC,MAAAA,MAAM,EAAEC,kBAAY/D,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CARG;AASXgE,MAAAA,KAAK,EAAEC,iBAAWjE,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CATI;AAUXkE,MAAAA,sBAAsB,EAAEA,6BAAuBlE,IAAvB,CAA4B,IAA5B,EAAkC,IAAlC,CAVb;AAWXmE,MAAAA,WAAW,EAAEA,kBAAYnE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAXF;AAYXoE,MAAAA,WAAW,EAAEA,kBAAYpE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAZF;AAaXqE,MAAAA,MAAM,EAAEC,kBAAYtE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAbG;AAcXuE,MAAAA,eAAe,EAAEA,sBAAgBvE,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAdN,KAAb,CAnGiC,CAmHjC;;AACA,UAAMwE,WAAW,GAAG,CAClB;AACA,YAFkB,EAGlB,iBAHkB,EAIlB;AACA,qBALkB,EAMlB,cANkB,CAApB;AAQA,uBAAY,KAAKjB,KAAjB,EAAwBkB,OAAxB,CAAgCC,GAAG,IAAI;AACrC,UAAI,sBAAAF,WAAW,MAAX,CAAAA,WAAW,EAASE,GAAT,CAAX,IAA4B,CAAhC,EAAmC;AAAE;AACnC;AACD;;AACD,UAAInC,MAAM,GAAG,KAAKgB,KAAL,CAAWmB,GAAX,CAAb;AACA,WAAKnB,KAAL,CAAWmB,GAAX,IAAkBrC,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4BzC,IAA5B,CAAiC,KAAKoC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAlB;AACD,KAND,EA5HiC,CAoIjC;;AACA,UAAMoC,qBAAqB,GAAGC,sBAAiB5E,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAA9B;;AACA,SAAK6E,GAAL,GAAW;AACTC,MAAAA,QAAQ,EAAEA,cAAS9E,IAAT,CAAc,IAAd,EAAoB,IAApB,CADD;AAETS,MAAAA,UAAU,EAAEA,gBAAWT,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAFH;AAGT+E,MAAAA,YAAY,EAAEA,kBAAa/E,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAHL;AAITgF,MAAAA,QAAQ,EAAEA,cAAShF,IAAT,CAAc,IAAd,EAAoB,IAApB,CAJD;AAKTiF,MAAAA,KAAK,EAAEN,qBALE;AAMTC,MAAAA,gBAAgB,EAAED,qBANT;AAMgC;AACzCO,MAAAA,IAAI,EAAEA,UAAKlF,IAAL,CAAU,IAAV,EAAgB,IAAhB,CAPG;AAQTmF,MAAAA,OAAO,EAAEA,aAAQnF,IAAR,CAAa,IAAb,EAAmB,IAAnB,CARA;AASToF,MAAAA,MAAM,EAAEA,YAAOpF,IAAP,CAAY,IAAZ,EAAkB,IAAlB,CATC;AAUTqF,MAAAA,eAAe,EAAEA,qBAAgBrF,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAVR;AAYT;AACAsF,MAAAA,6BAA6B,EAAEA,mCAA8BtF,IAA9B,CAAmC,IAAnC,EAAyC,IAAzC,CAbtB;AAeT;AACAuF,MAAAA,qBAAqB,EAAEA,4BAAsBvF,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAhBd;AAiBTwF,MAAAA,0BAA0B,EAA1BA,gCAjBS;AAmBT;AACAC,MAAAA,yBAAyB,EAAEA,+BAA0BzF,IAA1B,CAA+B,IAA/B,EAAqC,IAArC,CApBlB;AAqBT0F,MAAAA,qBAAqB,EAArBA,0BArBS;AAsBTC,MAAAA,wBAAwB,EAAxBA,6BAtBS;AAuBTC,MAAAA,0BAA0B,EAA1BA,+BAvBS;AAyBTC,MAAAA,uBAAuB,EAAEA,yCAAwB7F,IAAxB,CAA6B,IAA7B,EAAmC,IAAnC,CAzBhB;AA0BT8F,MAAAA,qBAAqB,EAAEA,uCAAsB9F,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CA1Bd;AA2BT+F,MAAAA,kBAAkB,EAAEA,oCAAmB/F,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CA3BX;AA4BTgG,MAAAA,mBAAmB,EAAEA,qCAAoBhG,IAApB,CAAyB,IAAzB,EAA+B,IAA/B,CA5BZ;AA6BTiG,MAAAA,oBAAoB,EAAEA,sCAAqBjG,IAArB,CAA0B,IAA1B,EAAgC,IAAhC,CA7Bb;AA8BTkG,MAAAA,sBAAsB,EAAtBA,uCA9BS;AA+BTC,MAAAA,OAAO,EAAGC,IAAD,IAA0B;AACjC,aAAKhH,OAAL,CAAagH,IAAb,GAAoBA,IAApB;AACD,OAjCQ;AAkCTC,MAAAA,OAAO,EAAE,MAAkC;AACzC,eAAO,KAAKjH,OAAL,CAAagH,IAApB;AACD,OApCQ;AAqCTE,MAAAA,UAAU,EAAEA,gBAAWtG,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CArCH;AAsCTuG,MAAAA,aAAa,EAAEA,mBAAcvG,IAAd,CAAmB,IAAnB,EAAyB,IAAzB;AAtCN,KAAX,CAtIiC,CA+KjC;;AACA,SAAKwG,IAAL,GAAY;AACVC,MAAAA,gBAAgB,EAAEA,uBAAiBzG,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AADR,KAAZ,CAhLiC,CAoLjC;;AACA,SAAK0G,WAAL,GAAmBA,qBAAY1G,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAAnB;AAEA,SAAK2G,OAAL,GAAe,IAAIC,oBAAJ,EAAf,CAvLiC,CAyLjC;;AACA,SAAKC,YAAL,GAAoB,IAAIC,0BAAJ,CAAiB,IAAjB,EAAuB5H,IAAI,CAAC2H,YAA5B,CAApB,CA1LiC,CA4LjC;;AACA,SAAKE,gBAAL,GAAwB,IAAIC,kCAAJ,CAAqB,IAArB,CAAxB,CA7LiC,CA+LjC;;AACA,SAAKC,cAAL,GAAsB,IAAIC,8BAAJ,CAAmB,IAAnB,EAAyBhI,IAAI,CAACiI,QAA9B,CAAtB;AACD;;AAEDlC,EAAAA,KAAK,GAAG;AACN;AACA,SAAK4B,YAAL,CAAkB5B,KAAlB;;AACA,QAAI,CAAC,KAAK1B,KAAL,CAAWgB,eAAX,EAAL,EAAmC;AACjC,WAAKwC,gBAAL,CAAsBK,eAAtB;AACD;;AACD,SAAKH,cAAL,CAAoBhC,KAApB;AACD;;AAEDoC,EAAAA,IAAI,GAAG;AACL;AACA,SAAKR,YAAL,CAAkBQ,IAAlB;AACA,SAAKJ,cAAL,CAAoBI,IAApB;AACD;;AAEDC,EAAAA,UAAU,CAACC,OAAD,EAAU;AAClB,SAAKnI,OAAL,CAAamI,OAAb,GAAuB,qBAAc,EAAd,EAAkB,KAAKnI,OAAL,CAAamI,OAA/B,EAAwCA,OAAxC,CAAvB;AACD,GA1OgE,CA6OjE;;;AACY,QAANC,MAAM,CAACC,IAAD,EAAgD;AAC1D,WAAO,KAAKC,qBAAL,CAA2BD,IAA3B,CAAP;AACD,GAhPgE,CAkPjE;;;AAC2B,QAArBC,qBAAqB,CAACD,IAAD,EAA+D;AACxFA,IAAAA,IAAI,GAAG,iBAAMA,IAAI,IAAI,EAAd,CAAP;;AACA,UAAME,kBAAkB,GAAIvI,OAAD,IAAc;AACvC,aAAOqI,IAAI,CAACG,eAAZ;AACA,aAAO,2BAAkB,IAAlB,EAAwB,eAAxB,EAAyCH,IAAzC,EAA+CrI,OAA/C,CAAP;AACD,KAHD;;AAIA,QAAI,CAACqI,IAAI,CAACG,eAAV,EAA2B;AACzB,aAAOD,kBAAkB,EAAzB;AACD;;AACD,WAAO,KAAKjB,WAAL,GACNmB,IADM,CACD,UAASnB,WAAT,EAAsB;AAC1B,aAAOiB,kBAAkB,CAAC;AACxBJ,QAAAA,OAAO,EAAE;AACP,kCAAwBb;AADjB;AADe,OAAD,CAAzB;AAKD,KAPM,CAAP;AAQD;;AAEuB,QAAlBoB,kBAAkB,CAACL,IAA+B,GAAG,EAAnC,EAAuC;AAC7D,UAAM;AAAEM,MAAAA,WAAF;AAAe,SAAGC;AAAlB,QAAuCP,IAA7C;;AACA,QAAG,KAAKtG,QAAL,CAAcC,WAAjB,EAA8B;AAC5B;AACA;AACD;;AAED,SAAKD,QAAL,CAAcC,WAAd,GAA4B,IAA5B;;AACA,QAAI;AACF;AACA,UAAI2G,WAAJ,EAAiB;AACf,aAAKE,cAAL,CAAoBF,WAApB;AACD;;AACD,YAAMG,MAAM,GAAG,qBAAc;AAC3B;AACAC,QAAAA,MAAM,EAAE,KAAK/I,OAAL,CAAa+I,MAAb,IAAuB,CAAC,QAAD,EAAW,OAAX,EAAoB,SAApB;AAFJ,OAAd,EAGZH,gBAHY,CAAf;AAIA,YAAM,KAAKzE,KAAL,CAAWZ,eAAX,CAA2BuF,MAA3B,CAAN;AACD,KAVD,SAUU;AACR,WAAK/G,QAAL,CAAcC,WAAd,GAA4B,KAA5B;AACD;AACF,GA3RgE,CA6RjE;;;AACAU,EAAAA,YAAY,GAAqB;AAC/B,WAAO,KAAKF,OAAL,CAAaC,KAAb,GAAqB;AAArB,KACNgG,IADM,CACD,YAAY;AAChB;AACA,WAAKhB,YAAL,CAAkBuB,KAAlB;AACD,KAJM,EAKNC,KALM,CAKA,UAASC,CAAT,EAAY;AACjB,UAAIA,CAAC,CAAChI,IAAF,KAAW,cAAX,IAA6BgI,CAAC,CAACC,SAAF,KAAgB,UAAjD,EAA6D;AAC3D;AACA,eAAO,IAAP;AACD;;AACD,YAAMD,CAAN;AACD,KAXM,CAAP;AAYD,GA3SgE,CA6SjE;;;AACuB,QAAjBE,iBAAiB,CAACC,WAAD,EAA8C;AACnE,QAAI,CAACA,WAAL,EAAkB;AAChBA,MAAAA,WAAW,GAAG,CAAC,MAAM,KAAK5B,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCD,WAApD;AACA,YAAME,cAAc,GAAG,KAAK9B,YAAL,CAAkB+B,mBAAlB,CAAsC,aAAtC,CAAvB;AACA,WAAK/B,YAAL,CAAkBgC,MAAlB,CAAyBF,cAAzB;AACD,KALkE,CAMnE;;;AACA,QAAI,CAACF,WAAL,EAAkB;AAChB,aAAO,iBAAQK,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKvF,KAAL,CAAWO,MAAX,CAAkB2E,WAAlB,CAAP;AACD,GAzTgE,CA2TjE;;;AACwB,QAAlBM,kBAAkB,CAACC,YAAD,EAAgD;AACtE,QAAI,CAACA,YAAL,EAAmB;AACjBA,MAAAA,YAAY,GAAG,CAAC,MAAM,KAAKnC,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCM,YAArD;AACA,YAAMC,eAAe,GAAG,KAAKpC,YAAL,CAAkB+B,mBAAlB,CAAsC,cAAtC,CAAxB;AACA,WAAK/B,YAAL,CAAkBgC,MAAlB,CAAyBI,eAAzB;AACD,KALqE,CAMtE;;;AACA,QAAI,CAACD,YAAL,EAAmB;AACjB,aAAO,iBAAQF,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAKvF,KAAL,CAAWO,MAAX,CAAkBkF,YAAlB,CAAP;AACD;;AAEDE,EAAAA,qBAAqB,CAAC9J,OAAkC,GAAG,EAAtC,EAA0C;AAC7D,QAAI;AACF+J,MAAAA,OADE;AAEFC,MAAAA,qBAFE;AAGFC,MAAAA;AAHE,QAIAjK,OAJJ;;AAKA,QAAI,CAAC+J,OAAL,EAAc;AACZA,MAAAA,OAAO,GAAG,KAAKtC,YAAL,CAAkByC,aAAlB,GAAkCH,OAA5C;AACD;;AACD,QAAI,CAACA,OAAL,EAAc;AACZ,aAAO,EAAP;AACD;;AACD,QAAI,CAACC,qBAAL,EAA4B;AAC1BA,MAAAA,qBAAqB,GAAG,KAAKhK,OAAL,CAAagK,qBAArC;AACD;;AAED,UAAMG,SAAS,GAAG,wBAAa,IAAb,EAAmBA,SAArC;AACA,UAAMC,WAAW,GAAGL,OAAO,CAACA,OAA5B,CAjB6D,CAiBxB;;AACrC,QAAIM,SAAS,GAAGF,SAAS,GAAG,iBAAZ,GAAgCG,kBAAkB,CAACF,WAAD,CAAlE;;AACA,QAAIJ,qBAAJ,EAA2B;AACzBK,MAAAA,SAAS,IAAI,+BAA+BC,kBAAkB,CAACN,qBAAD,CAA9D;AACD,KArB4D,CAsB7D;;;AACA,QAAIC,KAAJ,EAAW;AACTI,MAAAA,SAAS,IAAI,YAAYC,kBAAkB,CAACL,KAAD,CAA3C;AACD;;AAED,WAAOI,SAAP;AACD,GArWgE,CAuWjE;;;AACa,QAAPE,OAAO,CAACvK,OAAD,EAA2B;AACtCA,IAAAA,OAAO,GAAG,qBAAc,EAAd,EAAkBA,OAAlB,CAAV,CADsC,CAGtC;;AACA,QAAIwK,UAAU,GAAGtI,MAAM,CAACC,QAAP,CAAgBC,MAAjC;AACA,QAAIqI,UAAU,GAAGvI,MAAM,CAACC,QAAP,CAAgBuI,IAAjC;AACA,QAAIV,qBAAqB,GAAGhK,OAAO,CAACgK,qBAAR,IACvB,KAAKhK,OAAL,CAAagK,qBADU,IAEvBQ,UAFL;AAIA,QAAInB,WAAW,GAAGrJ,OAAO,CAACqJ,WAA1B;AACA,QAAIO,YAAY,GAAG5J,OAAO,CAAC4J,YAA3B;AACA,QAAIR,iBAAiB,GAAGpJ,OAAO,CAACoJ,iBAAR,KAA8B,KAAtD;AACA,QAAIO,kBAAkB,GAAG3J,OAAO,CAAC2J,kBAAR,KAA+B,KAAxD;;AAEA,QAAIA,kBAAkB,IAAI,OAAOC,YAAP,KAAwB,WAAlD,EAA+D;AAC7DA,MAAAA,YAAY,GAAG,KAAKnC,YAAL,CAAkByC,aAAlB,GAAkCN,YAAjD;AACD;;AAED,QAAIR,iBAAiB,IAAI,OAAOC,WAAP,KAAuB,WAAhD,EAA6D;AAC3DA,MAAAA,WAAW,GAAG,KAAK5B,YAAL,CAAkByC,aAAlB,GAAkCb,WAAhD;AACD;;AAED,QAAI,CAACrJ,OAAO,CAAC+J,OAAb,EAAsB;AACpB/J,MAAAA,OAAO,CAAC+J,OAAR,GAAkB,KAAKtC,YAAL,CAAkByC,aAAlB,GAAkCH,OAApD;AACD;;AAED,QAAIJ,kBAAkB,IAAIC,YAA1B,EAAwC;AACtC,YAAM,KAAKD,kBAAL,CAAwBC,YAAxB,CAAN;AACD;;AAED,QAAIR,iBAAiB,IAAIC,WAAzB,EAAsC;AACpC,YAAM,KAAKD,iBAAL,CAAuBC,WAAvB,CAAN;AACD;;AAED,UAAMgB,SAAS,GAAG,KAAKP,qBAAL,CAA2B,EAAE,GAAG9J,OAAL;AAAcgK,MAAAA;AAAd,KAA3B,CAAlB,CAnCsC,CAoCtC;AACA;;AACA,QAAI,CAACK,SAAL,EAAgB;AACd;AACA,aAAO,KAAK3H,YAAL,GAAoB;AAApB,OACN+F,IADM,CACD,YAAW;AACf,YAAIuB,qBAAqB,KAAKS,UAA9B,EAA0C;AACxCvI,UAAAA,MAAM,CAACC,QAAP,CAAgBwI,MAAhB,GADwC,CACd;AAC3B,SAFD,MAEO;AACLzI,UAAAA,MAAM,CAACC,QAAP,CAAgByI,MAAhB,CAAuBZ,qBAAvB;AACD;AACF,OAPM,CAAP;AAQD,KAVD,MAUO;AACL,UAAIhK,OAAO,CAAC6K,yBAAZ,EAAuC;AACrC;AACA,aAAKpD,YAAL,CAAkBuB,KAAlB;AACD,OAHD,MAGO;AACL,aAAKvB,YAAL,CAAkBqD,qBAAlB;AACD,OANI,CAOL;;;AACA5I,MAAAA,MAAM,CAACC,QAAP,CAAgByI,MAAhB,CAAuBP,SAAvB;AACD;AACF;;AAEDU,EAAAA,SAAS,CAAC1C,IAAD,EAAwB;AAC/B,QAAI3E,GAAG,GAAG,2BAA2B,yBAAc2E,IAAd,CAArC;AACA,QAAIrI,OAAO,GAAG;AACZmI,MAAAA,OAAO,EAAE;AACP,kBAAU;AADH;AADG,KAAd;AAKA,WAAO,eAAI,IAAJ,EAAUzE,GAAV,EAAe1D,OAAf,CAAP;AACD,GA5agE,CA8ajE;AACA;AACA;AAEA;AACA;;;AACqB,QAAfgL,eAAe,CAAChL,OAA+B,GAAG,EAAnC,EAAyD;AAC5E;AACA,UAAM;AAAEiL,MAAAA,SAAF;AAAaC,MAAAA;AAAb,QAA4B,KAAKzD,YAAL,CAAkB0D,UAAlB,EAAlC;AAEA,UAAMC,WAAW,GAAGpL,OAAO,CAACqL,cAAR,GAAyBrL,OAAO,CAACqL,cAAR,KAA2B,OAApD,GAA8DJ,SAAlF;AACA,UAAMK,YAAY,GAAGtL,OAAO,CAACqL,cAAR,GAAyBrL,OAAO,CAACqL,cAAR,KAA2B,QAApD,GAA+DH,UAApF;AAEA,QAAI;AAAE7B,MAAAA;AAAF,QAAkB,KAAK5B,YAAL,CAAkByC,aAAlB,EAAtB;;AACA,QAAIb,WAAW,IAAI,KAAK5B,YAAL,CAAkB8D,UAAlB,CAA6BlC,WAA7B,CAAnB,EAA8D;AAC5DA,MAAAA,WAAW,GAAGmC,SAAd;;AACA,UAAIJ,WAAJ,EAAiB;AACf,YAAI;AACF/B,UAAAA,WAAW,GAAG,MAAM,KAAK5B,YAAL,CAAkB7C,KAAlB,CAAwB,aAAxB,CAApB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAI0G,YAAJ,EAAkB;AACvB,aAAK7D,YAAL,CAAkBgC,MAAlB,CAAyB,aAAzB;AACD;AACF;;AAED,QAAI;AAAEM,MAAAA;AAAF,QAAc,KAAKtC,YAAL,CAAkByC,aAAlB,EAAlB;;AACA,QAAIH,OAAO,IAAI,KAAKtC,YAAL,CAAkB8D,UAAlB,CAA6BxB,OAA7B,CAAf,EAAsD;AACpDA,MAAAA,OAAO,GAAGyB,SAAV;;AACA,UAAIJ,WAAJ,EAAiB;AACf,YAAI;AACFrB,UAAAA,OAAO,GAAG,MAAM,KAAKtC,YAAL,CAAkB7C,KAAlB,CAAwB,SAAxB,CAAhB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAI0G,YAAJ,EAAkB;AACvB,aAAK7D,YAAL,CAAkBgC,MAAlB,CAAyB,SAAzB;AACD;AACF;;AAED,WAAO,CAAC,EAAEJ,WAAW,IAAIU,OAAjB,CAAR;AACD;;AAEY,QAAP0B,OAAO,GAAwB;AACnC,UAAM;AAAE1B,MAAAA,OAAF;AAAWV,MAAAA;AAAX,QAA2B,KAAK5B,YAAL,CAAkByC,aAAlB,EAAjC;AACA,WAAO,KAAK/F,KAAL,CAAWa,WAAX,CAAuBqE,WAAvB,EAAoCU,OAApC,CAAP;AACD;;AAED2B,EAAAA,UAAU,GAAuB;AAC/B,UAAM;AAAE3B,MAAAA;AAAF,QAAc,KAAKtC,YAAL,CAAkByC,aAAlB,EAApB;AACA,WAAOH,OAAO,GAAGA,OAAO,CAACA,OAAX,GAAqByB,SAAnC;AACD;;AAEDG,EAAAA,cAAc,GAAuB;AACnC,UAAM;AAAEtC,MAAAA;AAAF,QAAkB,KAAK5B,YAAL,CAAkByC,aAAlB,EAAxB;AACA,WAAOb,WAAW,GAAGA,WAAW,CAACA,WAAf,GAA6BmC,SAA/C;AACD;;AAEDI,EAAAA,eAAe,GAAuB;AACpC,UAAM;AAAEhC,MAAAA;AAAF,QAAmB,KAAKnC,YAAL,CAAkByC,aAAlB,EAAzB;AACA,WAAON,YAAY,GAAGA,YAAY,CAACA,YAAhB,GAA+B4B,SAAlD;AACD;AAED;AACF;AACA;;;AAC+B,QAAvBK,uBAAuB,GAAkB;AAC7C,UAAM;AAAEC,MAAAA;AAAF,QAAa,MAAM,KAAK3H,KAAL,CAAWP,YAAX,EAAzB;AACA,SAAK6D,YAAL,CAAkBsE,SAAlB,CAA4BD,MAA5B;AACD;;AAEDjD,EAAAA,cAAc,CAACF,WAAD,EAAsBsB,KAAtB,EAA4C;AACxD;AACA,UAAM+B,cAAc,GAAGC,wBAAeC,iBAAf,EAAvB;;AACAF,IAAAA,cAAc,CAACG,OAAf,CAAuBC,mCAAvB,EAAkDzD,WAAlD,EAHwD,CAKxD;;AACAsB,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAKpM,cAAL,CAAoBqM,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACF,OAAd,CAAsBlC,KAAtB,EAA6BtB,WAA7B;AACD;AACF;;AAED4D,EAAAA,cAAc,CAACtC,KAAD,EAAqC;AACjD;AACAA,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAKpM,cAAL,CAAoBqM,qBAApB,EAAtB;AACA,YAAM3D,WAAW,GAAG0D,aAAa,CAACG,OAAd,CAAsBvC,KAAtB,CAApB;;AACA,UAAItB,WAAJ,EAAiB;AACf,eAAOA,WAAP;AACD;AACF,KATgD,CAWjD;;;AACA,UAAMxH,OAAO,GAAG8K,wBAAeC,iBAAf,EAAhB;;AACA,WAAO/K,OAAO,GAAGA,OAAO,CAACqL,OAAR,CAAgBJ,mCAAhB,KAA8CZ,SAAjD,GAA6DA,SAA3E;AACD;;AAEDiB,EAAAA,iBAAiB,CAACxC,KAAD,EAAuB;AACtC;AACA,UAAM9I,OAAO,GAAG8K,wBAAeC,iBAAf,EAAhB;;AACA/K,IAAAA,OAAO,CAACuL,UAAR,CAAmBN,mCAAnB,EAHsC,CAKtC;;AACAnC,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKjK,OAAL,CAAaiK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAKpM,cAAL,CAAoBqM,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACK,UAAd,IAA4BL,aAAa,CAACK,UAAd,CAAyBzC,KAAzB,CAA5B;AACD;AACF;;AAED9E,EAAAA,eAAe,GAAY;AACzB,WAAO,2BAAgB,IAAhB,CAAP;AACD;;AAEwB,QAAnBwH,mBAAmB,CAACb,MAAD,EAAkBnD,WAAlB,EAAuD;AAC9E,QAAIsB,KAAK,GAAG,KAAKjK,OAAL,CAAaiK,KAAzB,CAD8E,CAG9E;;AACA,QAAI6B,MAAJ,EAAY;AACV,WAAKrE,YAAL,CAAkBsE,SAAlB,CAA4BD,MAA5B;AACAnD,MAAAA,WAAW,GAAGA,WAAW,IAAI,KAAK4D,cAAL,CAAoB,KAAKvM,OAAL,CAAaiK,KAAjC,CAA7B;AACD,KAHD,MAGO,IAAI,KAAK9E,eAAL,EAAJ,EAA4B;AACjC,UAAI;AACF;AACA,cAAMyH,aAAa,GAAG,MAAM,6CAA0B,IAA1B,EAAgC,EAAhC,CAA5B;AACA3C,QAAAA,KAAK,GAAG2C,aAAa,CAAC3C,KAAtB;AACAtB,QAAAA,WAAW,GAAGA,WAAW,IAAI,KAAK4D,cAAL,CAAoBtC,KAApB,CAA7B;AACA,cAAM,KAAK4B,uBAAL,EAAN;AACD,OAND,CAME,OAAM3C,CAAN,EAAS;AACT;AACA,cAAM,KAAKvB,gBAAL,CAAsBK,eAAtB,EAAN;AACA,cAAMkB,CAAN;AACD;AACF,KAZM,MAYA;AACL,aADK,CACG;AACT,KArB6E,CAuB9E;;;AACA,UAAM,KAAKvB,gBAAL,CAAsBK,eAAtB,EAAN,CAxB8E,CA0B9E;;AACA,SAAKyE,iBAAL,CAAuBxC,KAAvB,EA3B8E,CA6B9E;;AACA,UAAM;AAAE4C,MAAAA;AAAF,QAAyB,KAAK7M,OAApC;;AACA,QAAI6M,kBAAJ,EAAwB;AACtB,YAAMA,kBAAkB,CAAC,IAAD,EAAOlE,WAAP,CAAxB;AACD,KAFD,MAEO,IAAIA,WAAJ,EAAiB;AACtBzG,MAAAA,MAAM,CAACC,QAAP,CAAgB2K,OAAhB,CAAwBnE,WAAxB;AACD;AACF;;AAEDoE,EAAAA,MAAM,GAAY;AAChB,WAAO,CAAC,CAAC,KAAK/M,OAAL,CAAauB,IAAtB;AACD;;AAEDyL,EAAAA,eAAe,CAACC,YAAD,EAA2C;AACxD,QAAID,eAAe,GAAG,KAAtB;;AACA,QAAIE,KAAK,CAACC,OAAN,CAAc,KAAKnN,OAAL,CAAaiN,YAA3B,KAA4C,KAAKjN,OAAL,CAAaiN,YAAb,CAA0BG,MAA1E,EAAkF;AAAA;;AAChFJ,MAAAA,eAAe,GAAG,sCAAKhN,OAAL,CAAaiN,YAAb,iBAAkCA,YAAlC,KAAmD,CAArE;AACD,KAFD,MAEO;AACLD,MAAAA,eAAe,GAAG,KAAKhN,OAAL,CAAaiN,YAAb,KAA8BA,YAAhD;AACD;;AACD,WAAOD,eAAP;AACD;;AAEDK,EAAAA,uBAAuB,GAAY;AACjC,WAAO,KAAKL,eAAL,CAAqB,MAArB,CAAP;AACD,GA1lBgE,CA4lBjE;AACA;AACA;AACA;;;AAEAM,EAAAA,eAAe,GAAW;AACxB;AACA;AACA,WAAO,KAAKtN,OAAL,CAAauN,MAAb,CAAqBC,KAArB,CAA2B,UAA3B,EAAuC,CAAvC,CAAP;AACD,GArmBgE,CAumBjE;;;AACAC,EAAAA,cAAc,CAACpF,IAAD,EAAiC;AAC7C,WAAO,2BAAkB,IAAlB,EAAwB,iCAAxB,EAA2DA,IAA3D,CAAP;AACD,GA1mBgE,CA4mBjE;;;AACAlB,EAAAA,aAAa,CAACkB,IAAD,EAAwD;AACnE,WAAO,2BAAkB,IAAlB,EAAwB,+BAAxB,EAAyDA,IAAzD,CAAP;AACD,GA/mBgE,CAinBjE;;;AACAqF,EAAAA,mBAAmB,CAACrF,IAAD,EAA6D;AAC9E,WAAO,2BAAkB,IAAlB,EAAwB,8BAAxB,EAAwDA,IAAxD,CAAP;AACD,GApnBgE,CAsnBjE;;;AACqB,QAAfsF,eAAe,CAAC3N,OAAD,EAA4C;AAC/D,QAAI,CAACA,OAAO,CAACqJ,WAAb,EAA0B;AACxB,YAAMA,WAAW,GAAG,CAAC,MAAM,KAAK5B,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCD,WAA1D;AACArJ,MAAAA,OAAO,CAACqJ,WAAR,GAAsBA,WAAtB,aAAsBA,WAAtB,uBAAsBA,WAAW,CAAEA,WAAnC;AACD;;AACD,WAAO,uBAAY,IAAZ,EAAkBrJ,OAAlB,CAAP;AACD;;AA7nBgE,C,CAgoBnE;;;8BAhoBMJ,Q,cAQ2BG,Q;8BAR3BH,Q,YASuBgO,M;8BATvBhO,Q,cAU2BiO,Q;AAunBjCjO,QAAQ,CAACG,QAAT,GAAoBH,QAAQ,CAACwD,SAAT,CAAmBrD,QAAnB,GAA8BA,QAAlD,C,CAEA;;AACA,qBAAcH,QAAd,EAAwB;AACtBkO,EAAAA;AADsB,CAAxB;eAIelO,Q","sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* global window */\n\nimport { \n  DEFAULT_MAX_CLOCK_SKEW, \n  REFERRER_PATH_STORAGE_KEY\n} from './constants';\nimport * as constants from './constants';\nimport {\n  OktaAuthInterface,\n  OktaAuthOptions, \n  AccessToken, \n  IDToken,\n  RefreshToken,\n  TokenAPI, \n  FeaturesAPI, \n  CryptoAPI,\n  WebauthnAPI,\n  SignoutAPI, \n  FingerprintAPI,\n  UserClaims, \n  SigninWithRedirectOptions,\n  SigninWithCredentialsOptions,\n  SignoutOptions,\n  Tokens,\n  ForgotPasswordOptions,\n  VerifyRecoveryTokenOptions,\n  TransactionAPI,\n  SessionAPI,\n  SigninAPI,\n  PkceAPI,\n  SigninOptions,\n  IdxAPI,\n  SignoutRedirectUrlOptions,\n  HttpAPI,\n  FlowIdentifier,\n  GetWithRedirectAPI,\n  ParseFromUrlInterface,\n  GetWithRedirectFunction,\n  RequestOptions,\n  IsAuthenticatedOptions,\n  OAuthResponseType,\n} from './types';\nimport {\n  transactionStatus,\n  resumeTransaction,\n  transactionExists,\n  introspectAuthn,\n  postToTransaction,\n  AuthTransaction\n} from './tx';\nimport PKCE from './oidc/util/pkce';\nimport {\n  closeSession,\n  sessionExists,\n  getSession,\n  refreshSession,\n  setCookieAndRedirect\n} from './session';\nimport {\n  getOAuthUrls,\n  getWithoutPrompt,\n  getWithPopup,\n  getWithRedirect,\n  isLoginRedirect,\n  parseFromUrl,\n  decodeToken,\n  revokeToken,\n  renewToken,\n  renewTokens,\n  renewTokensWithRefresh,\n  getUserInfo,\n  verifyToken,\n  prepareTokenParams,\n  exchangeCodeForTokens,\n  isInteractionRequiredError,\n  isInteractionRequired,\n} from './oidc';\nimport { isBrowser } from './features';\nimport * as features from './features';\nimport * as crypto from './crypto';\nimport * as webauthn from './crypto/webauthn';\nimport browserStorage from './browser/browserStorage';\nimport { \n  toQueryString, \n  toAbsoluteUrl,\n  clone,\n} from './util';\nimport { TokenManager } from './TokenManager';\nimport { ServiceManager } from './ServiceManager';\nimport { get, httpRequest, setRequestHeader } from './http';\nimport PromiseQueue from './PromiseQueue';\nimport fingerprint from './browser/fingerprint';\nimport { AuthStateManager } from './AuthStateManager';\nimport { StorageManager } from './StorageManager';\nimport TransactionManager from './TransactionManager';\nimport { buildOptions } from './options';\nimport {\n  interact,\n  introspect,\n  authenticate,\n  cancel,\n  poll,\n  proceed,\n  register,\n  recoverPassword,\n  unlockAccount,\n  startTransaction,\n  handleInteractionCodeRedirect,\n  canProceed,\n  handleEmailVerifyCallback,\n  isEmailVerifyCallback,\n  parseEmailVerifyCallback,\n  isEmailVerifyCallbackError\n} from './idx';\nimport { OktaUserAgent } from './OktaUserAgent';\nimport { parseOAuthResponseFromUrl } from './oidc/parseFromUrl';\nimport {\n  getSavedTransactionMeta,\n  createTransactionMeta,\n  getTransactionMeta,\n  saveTransactionMeta,\n  clearTransactionMeta,\n  isTransactionMetaValid\n} from './idx/transactionMeta';\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport Emitter from 'tiny-emitter';\n\nclass OktaAuth implements OktaAuthInterface, SigninAPI, SignoutAPI {\n  options: OktaAuthOptions;\n  storageManager: StorageManager;\n  transactionManager: TransactionManager;\n  tx: TransactionAPI;\n  idx: IdxAPI;\n  session: SessionAPI;\n  pkce: PkceAPI;\n  static features: FeaturesAPI = features;\n  static crypto: CryptoAPI = crypto;\n  static webauthn: WebauthnAPI = webauthn;\n  features: FeaturesAPI = features;\n  token: TokenAPI;\n  _tokenQueue: PromiseQueue;\n  emitter: any;\n  tokenManager: TokenManager;\n  authStateManager: AuthStateManager;\n  serviceManager: ServiceManager;\n  http: HttpAPI;\n  fingerprint: FingerprintAPI;\n  _oktaUserAgent: OktaUserAgent;\n  _pending: { handleLogin: boolean };\n  constructor(args: OktaAuthOptions) {\n    const options = this.options = buildOptions(args);\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    this.storageManager = new StorageManager(options.storageManager!, options.cookies!, options.storageUtil!);\n    this.transactionManager = new TransactionManager(Object.assign({\n      storageManager: this.storageManager,\n    }, options.transactionManager));\n    this._oktaUserAgent = new OktaUserAgent();\n\n    this.tx = {\n      status: transactionStatus.bind(null, this),\n      resume: resumeTransaction.bind(null, this),\n      exists: Object.assign(transactionExists.bind(null, this), {\n        _get: (name) => {\n          // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n          const storage = options.storageUtil!.storage;\n          return storage.get(name);\n        }\n      }),\n      introspect: introspectAuthn.bind(null, this)\n    };\n\n    this.pkce = {\n      DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n      generateVerifier: PKCE.generateVerifier,\n      computeChallenge: PKCE.computeChallenge\n    };\n\n    // Add shims for compatibility, these will be removed in next major version. OKTA-362589\n    Object.assign(this.options.storageUtil, {\n      getPKCEStorage: this.storageManager.getLegacyPKCEStorage.bind(this.storageManager),\n      getHttpCache: this.storageManager.getHttpCache.bind(this.storageManager),\n    });\n\n    this._pending = { handleLogin: false };\n\n    if (isBrowser()) {\n      this.options = Object.assign(this.options, {\n        redirectUri: toAbsoluteUrl(args.redirectUri, window.location.origin), // allow relative URIs\n      });\n    }\n\n    // Digital clocks will drift over time, so the server\n    // can misalign with the time reported by the browser.\n    // The maxClockSkew allows relaxing the time-based\n    // validation of tokens (in seconds, not milliseconds).\n    // It currently defaults to 300, because 5 min is the\n    // default maximum tolerance allowed by Kerberos.\n    // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n    if (!args.maxClockSkew && args.maxClockSkew !== 0) {\n      this.options.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n    } else {\n      this.options.maxClockSkew = args.maxClockSkew;\n    }\n\n    // As some end user's devices can have their date \n    // and time incorrectly set, allow for the disabling\n    // of the jwt liftetime validation\n    this.options.ignoreLifetime = !!args.ignoreLifetime;\n\n    this.session = {\n      close: closeSession.bind(null, this),\n      exists: sessionExists.bind(null, this),\n      get: getSession.bind(null, this),\n      refresh: refreshSession.bind(null, this),\n      setCookieAndRedirect: setCookieAndRedirect.bind(null, this)\n    };\n\n    this._tokenQueue = new PromiseQueue();\n    const useQueue = (method) => {\n      return PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n    };\n\n    // eslint-disable-next-line max-len\n    const getWithRedirectFn = useQueue(getWithRedirect.bind(null, this)) as GetWithRedirectFunction;\n    const getWithRedirectApi: GetWithRedirectAPI = Object.assign(getWithRedirectFn, {\n      // This is exposed so we can set window.location in our tests\n      _setLocation: function(url) {\n        window.location = url;\n      }\n    });\n    // eslint-disable-next-line max-len\n    const parseFromUrlFn = useQueue(parseFromUrl.bind(null, this)) as ParseFromUrlInterface;\n    const parseFromUrlApi: ParseFromUrlInterface = Object.assign(parseFromUrlFn, {\n      // This is exposed so we can mock getting window.history in our tests\n      _getHistory: function() {\n        return window.history;\n      },\n\n      // This is exposed so we can mock getting window.location in our tests\n      _getLocation: function() {\n        return window.location;\n      },\n\n      // This is exposed so we can mock getting window.document in our tests\n      _getDocument: function() {\n        return window.document;\n      }\n    });\n    this.token = {\n      prepareTokenParams: prepareTokenParams.bind(null, this),\n      exchangeCodeForTokens: exchangeCodeForTokens.bind(null, this),\n      getWithoutPrompt: getWithoutPrompt.bind(null, this),\n      getWithPopup: getWithPopup.bind(null, this),\n      getWithRedirect: getWithRedirectApi,\n      parseFromUrl: parseFromUrlApi,\n      decode: decodeToken,\n      revoke: revokeToken.bind(null, this),\n      renew: renewToken.bind(null, this),\n      renewTokensWithRefresh: renewTokensWithRefresh.bind(null, this),\n      renewTokens: renewTokens.bind(null, this),\n      getUserInfo: getUserInfo.bind(null, this),\n      verify: verifyToken.bind(null, this),\n      isLoginRedirect: isLoginRedirect.bind(null, this)\n    };\n    // Wrap all async token API methods using MethodQueue to avoid issues with concurrency\n    const syncMethods = [\n      // sync methods\n      'decode',\n      'isLoginRedirect',\n      // already bound\n      'getWithRedirect',\n      'parseFromUrl'\n    ];\n    Object.keys(this.token).forEach(key => {\n      if (syncMethods.indexOf(key) >= 0) { // sync methods should not be wrapped\n        return;\n      }\n      var method = this.token[key];\n      this.token[key] = PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n    });\n\n    // IDX\n    const boundStartTransaction = startTransaction.bind(null, this);\n    this.idx = {\n      interact: interact.bind(null, this),\n      introspect: introspect.bind(null, this),\n      authenticate: authenticate.bind(null, this),\n      register: register.bind(null, this),\n      start: boundStartTransaction,\n      startTransaction: boundStartTransaction, // Use `start` instead. `startTransaction` will be removed in 7.0\n      poll: poll.bind(null, this),\n      proceed: proceed.bind(null, this),\n      cancel: cancel.bind(null, this),\n      recoverPassword: recoverPassword.bind(null, this),\n\n      // oauth redirect callback\n      handleInteractionCodeRedirect: handleInteractionCodeRedirect.bind(null, this),\n\n      // interaction required callback\n      isInteractionRequired: isInteractionRequired.bind(null, this),\n      isInteractionRequiredError,\n\n      // email verify callback\n      handleEmailVerifyCallback: handleEmailVerifyCallback.bind(null, this),\n      isEmailVerifyCallback,\n      parseEmailVerifyCallback,\n      isEmailVerifyCallbackError,\n      \n      getSavedTransactionMeta: getSavedTransactionMeta.bind(null, this),\n      createTransactionMeta: createTransactionMeta.bind(null, this),\n      getTransactionMeta: getTransactionMeta.bind(null, this),\n      saveTransactionMeta: saveTransactionMeta.bind(null, this),\n      clearTransactionMeta: clearTransactionMeta.bind(null, this),\n      isTransactionMetaValid,\n      setFlow: (flow: FlowIdentifier) => {\n        this.options.flow = flow;\n      },\n      getFlow: (): FlowIdentifier | undefined => {\n        return this.options.flow;\n      },\n      canProceed: canProceed.bind(null, this),\n      unlockAccount: unlockAccount.bind(null, this),\n    };\n\n    // HTTP\n    this.http = {\n      setRequestHeader: setRequestHeader.bind(null, this)\n    };\n\n    // Fingerprint API\n    this.fingerprint = fingerprint.bind(null, this);\n\n    this.emitter = new Emitter();\n\n    // TokenManager\n    this.tokenManager = new TokenManager(this, args.tokenManager);\n\n    // AuthStateManager\n    this.authStateManager = new AuthStateManager(this);\n\n    // ServiceManager\n    this.serviceManager = new ServiceManager(this, args.services);\n  }\n\n  start() {\n    // TODO: review tokenManager.start\n    this.tokenManager.start();\n    if (!this.token.isLoginRedirect()) {\n      this.authStateManager.updateAuthState();\n    }\n    this.serviceManager.start();\n  }\n\n  stop() {\n    // TODO: review tokenManager.stop\n    this.tokenManager.stop();\n    this.serviceManager.stop();\n  }\n\n  setHeaders(headers) {\n    this.options.headers = Object.assign({}, this.options.headers, headers);\n  }\n\n\n  // Authn  V1\n  async signIn(opts: SigninOptions): Promise<AuthTransaction> {\n    return this.signInWithCredentials(opts as SigninWithCredentialsOptions);\n  }\n\n  // Authn  V1\n  async signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthTransaction> {\n    opts = clone(opts || {});\n    const _postToTransaction = (options?) => {\n      delete opts.sendFingerprint;\n      return postToTransaction(this, '/api/v1/authn', opts, options);\n    };\n    if (!opts.sendFingerprint) {\n      return _postToTransaction();\n    }\n    return this.fingerprint()\n    .then(function(fingerprint) {\n      return _postToTransaction({\n        headers: {\n          'X-Device-Fingerprint': fingerprint\n        }\n      });\n    });\n  }\n\n  async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n    const { originalUri, ...additionalParams } = opts;\n    if(this._pending.handleLogin) { \n      // Don't trigger second round\n      return;\n    }\n\n    this._pending.handleLogin = true;\n    try {\n      // Trigger default signIn redirect flow\n      if (originalUri) {\n        this.setOriginalUri(originalUri);\n      }\n      const params = Object.assign({\n        // TODO: remove this line when default scopes are changed OKTA-343294\n        scopes: this.options.scopes || ['openid', 'email', 'profile']\n      }, additionalParams);\n      await this.token.getWithRedirect(params);\n    } finally {\n      this._pending.handleLogin = false;\n    }\n  }\n\n  // Ends the current Okta SSO session without redirecting to Okta.\n  closeSession(): Promise<unknown> {\n    return this.session.close() // DELETE /api/v1/sessions/me\n    .then(async () => {\n      // Clear all local tokens\n      this.tokenManager.clear();\n    })\n    .catch(function(e) {\n      if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n        // Session does not exist or has already been closed\n        return null;\n      }\n      throw e;\n    });\n  }\n  \n  // Revokes the access token for the application session\n  async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n    if (!accessToken) {\n      accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n      const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n      this.tokenManager.remove(accessTokenKey);\n    }\n    // Access token may have been removed. In this case, we will silently succeed.\n    if (!accessToken) {\n      return Promise.resolve(null);\n    }\n    return this.token.revoke(accessToken);\n  }\n\n  // Revokes the refresh token for the application session\n  async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n    if (!refreshToken) {\n      refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n      const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n      this.tokenManager.remove(refreshTokenKey);\n    }\n    // Refresh token may have been removed. In this case, we will silently succeed.\n    if (!refreshToken) {\n      return Promise.resolve(null);\n    }\n    return this.token.revoke(refreshToken);\n  }\n\n  getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n    let {\n      idToken,\n      postLogoutRedirectUri,\n      state,\n    } = options;\n    if (!idToken) {\n      idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n    }\n    if (!idToken) {\n      return '';\n    }\n    if (!postLogoutRedirectUri) {\n      postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n    }\n\n    const logoutUrl = getOAuthUrls(this).logoutUrl;\n    const idTokenHint = idToken.idToken; // a string\n    let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n    if (postLogoutRedirectUri) {\n      logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n    } \n    // State allows option parameters to be passed to logout redirect uri\n    if (state) {\n      logoutUri += '&state=' + encodeURIComponent(state);\n    }\n\n    return logoutUri;\n  }\n\n  // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n  async signOut(options?: SignoutOptions) {\n    options = Object.assign({}, options);\n  \n    // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n    var defaultUri = window.location.origin;\n    var currentUri = window.location.href;\n    var postLogoutRedirectUri = options.postLogoutRedirectUri\n      || this.options.postLogoutRedirectUri\n      || defaultUri;\n  \n    var accessToken = options.accessToken;\n    var refreshToken = options.refreshToken;\n    var revokeAccessToken = options.revokeAccessToken !== false;\n    var revokeRefreshToken = options.revokeRefreshToken !== false;\n  \n    if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n      refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n    }\n\n    if (revokeAccessToken && typeof accessToken === 'undefined') {\n      accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n    }\n  \n    if (!options.idToken) {\n      options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n    }\n\n    if (revokeRefreshToken && refreshToken) {\n      await this.revokeRefreshToken(refreshToken);\n    }\n\n    if (revokeAccessToken && accessToken) {\n      await this.revokeAccessToken(accessToken);\n    }\n\n    const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n    // No logoutUri? This can happen if the storage was cleared.\n    // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n    if (!logoutUri) {\n      // local tokens are cleared once session is closed\n      return this.closeSession() // can throw if the user cannot be signed out\n      .then(function() {\n        if (postLogoutRedirectUri === currentUri) {\n          window.location.reload(); // force a hard reload if URI is not changing\n        } else {\n          window.location.assign(postLogoutRedirectUri);\n        }\n      });\n    } else {\n      if (options.clearTokensBeforeRedirect) {\n        // Clear all local tokens\n        this.tokenManager.clear();\n      } else {\n        this.tokenManager.addPendingRemoveFlags();\n      }\n      // Flow ends with logout redirect\n      window.location.assign(logoutUri);\n    }\n  }\n\n  webfinger(opts): Promise<object> {\n    var url = '/.well-known/webfinger' + toQueryString(opts);\n    var options = {\n      headers: {\n        'Accept': 'application/jrd+json'\n      }\n    };\n    return get(this, url, options);\n  }\n\n  //\n  // Common Methods from downstream SDKs\n  //\n\n  // Returns true if both accessToken and idToken are not expired\n  // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n  async isAuthenticated(options: IsAuthenticatedOptions = {}): Promise<boolean> {\n    // TODO: remove dependency on tokenManager options in next major version - OKTA-473815\n    const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n    const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;\n    const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;\n\n    let { accessToken } = this.tokenManager.getTokensSync();\n    if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n      accessToken = undefined;\n      if (shouldRenew) {\n        try {\n          accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n        } catch {\n          // Renew errors will emit an \"error\" event \n        }\n      } else if (shouldRemove) {\n        this.tokenManager.remove('accessToken');\n      }\n    }\n\n    let { idToken } = this.tokenManager.getTokensSync();\n    if (idToken && this.tokenManager.hasExpired(idToken)) {\n      idToken = undefined;\n      if (shouldRenew) {\n        try {\n          idToken = await this.tokenManager.renew('idToken') as IDToken;\n        } catch {\n          // Renew errors will emit an \"error\" event \n        }\n      } else if (shouldRemove) {\n        this.tokenManager.remove('idToken');\n      }\n    }\n\n    return !!(accessToken && idToken);\n  }\n\n  async getUser(): Promise<UserClaims> {\n    const { idToken, accessToken } = this.tokenManager.getTokensSync();\n    return this.token.getUserInfo(accessToken, idToken);\n  }\n\n  getIdToken(): string | undefined {\n    const { idToken } = this.tokenManager.getTokensSync();\n    return idToken ? idToken.idToken : undefined;\n  }\n\n  getAccessToken(): string | undefined {\n    const { accessToken } = this.tokenManager.getTokensSync();\n    return accessToken ? accessToken.accessToken : undefined;\n  }\n\n  getRefreshToken(): string | undefined {\n    const { refreshToken } = this.tokenManager.getTokensSync();\n    return refreshToken ? refreshToken.refreshToken : undefined;\n  }\n\n  /**\n   * Store parsed tokens from redirect url\n   */\n  async storeTokensFromRedirect(): Promise<void> {\n    const { tokens } = await this.token.parseFromUrl();\n    this.tokenManager.setTokens(tokens);\n  }\n\n  setOriginalUri(originalUri: string, state?: string): void {\n    // always store in session storage\n    const sessionStorage = browserStorage.getSessionStorage();\n    sessionStorage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n\n    // to support multi-tab flows, set a state in constructor or pass as param\n    state = state || this.options.state;\n    if (state) {\n      const sharedStorage = this.storageManager.getOriginalUriStorage();\n      sharedStorage.setItem(state, originalUri);\n    }\n  }\n\n  getOriginalUri(state?: string): string | undefined {\n    // Prefer shared storage (if state is available)\n    state = state || this.options.state;\n    if (state) {\n      const sharedStorage = this.storageManager.getOriginalUriStorage();\n      const originalUri = sharedStorage.getItem(state);\n      if (originalUri) {\n        return originalUri;\n      }\n    }\n\n    // Try to load from session storage\n    const storage = browserStorage.getSessionStorage();\n    return storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) || undefined : undefined;\n  }\n\n  removeOriginalUri(state?: string): void {\n    // Remove from sessionStorage\n    const storage = browserStorage.getSessionStorage();\n    storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n\n    // Also remove from shared storage\n    state = state || this.options.state;\n    if (state) {\n      const sharedStorage = this.storageManager.getOriginalUriStorage();\n      sharedStorage.removeItem && sharedStorage.removeItem(state);\n    }\n  }\n\n  isLoginRedirect(): boolean {\n    return isLoginRedirect(this);\n  }\n\n  async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n    let state = this.options.state;\n\n    // Store tokens and update AuthState by the emitted events\n    if (tokens) {\n      this.tokenManager.setTokens(tokens);\n      originalUri = originalUri || this.getOriginalUri(this.options.state);\n    } else if (this.isLoginRedirect()) {\n      try {\n        // For redirect flow, get state from the URL and use it to retrieve the originalUri\n        const oAuthResponse = await parseOAuthResponseFromUrl(this, {});\n        state = oAuthResponse.state;\n        originalUri = originalUri || this.getOriginalUri(state);\n        await this.storeTokensFromRedirect();\n      } catch(e) {\n        // auth state should be updated\n        await this.authStateManager.updateAuthState();\n        throw e;\n      }\n    } else {\n      return; // nothing to do\n    }\n    \n    // ensure auth state has been updated\n    await this.authStateManager.updateAuthState();\n\n    // clear originalUri from storage\n    this.removeOriginalUri(state);\n\n    // Redirect to originalUri\n    const { restoreOriginalUri } = this.options;\n    if (restoreOriginalUri) {\n      await restoreOriginalUri(this, originalUri);\n    } else if (originalUri) {\n      window.location.replace(originalUri);\n    }\n  }\n\n  isPKCE(): boolean {\n    return !!this.options.pkce;\n  }\n\n  hasResponseType(responseType: OAuthResponseType): boolean {\n    let hasResponseType = false;\n    if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n      hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n    } else {\n      hasResponseType = this.options.responseType === responseType;\n    }\n    return hasResponseType;\n  }\n\n  isAuthorizationCodeFlow(): boolean {\n    return this.hasResponseType('code');\n  }\n\n  // { username, password, (relayState), (context) }\n  // signIn(opts: SignInWithCredentialsOptions): Promise<AuthTransaction> {\n  //   return postToTransaction(this, '/api/v1/authn', opts);\n  // }\n\n  getIssuerOrigin(): string {\n    // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    return this.options.issuer!.split('/oauth2/')[0];\n  }\n\n  // { username, (relayState) }\n  forgotPassword(opts): Promise<AuthTransaction> {\n    return postToTransaction(this, '/api/v1/authn/recovery/password', opts);\n  }\n\n  // { username, (relayState) }\n  unlockAccount(opts: ForgotPasswordOptions): Promise<AuthTransaction> {\n    return postToTransaction(this, '/api/v1/authn/recovery/unlock', opts);\n  }\n\n  // { recoveryToken }\n  verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthTransaction> {\n    return postToTransaction(this, '/api/v1/authn/recovery/token', opts);\n  }\n\n  // Escape hatch method to make arbitrary OKTA API call\n  async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n    if (!options.accessToken) {\n      const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n      options.accessToken = accessToken?.accessToken;\n    }\n    return httpRequest(this, options);\n  }\n}\n\n// Hoist feature detection functions to prototype & static type\nOktaAuth.features = OktaAuth.prototype.features = features;\n\n// Also hoist constants for CommonJS users\nObject.assign(OktaAuth, {\n  constants\n});\n\nexport default OktaAuth;"],"file":"OktaAuth.js"}

package/cjs/OktaUserAgent.js

@@ -21,7 +21,7 @@ var _features = require("./features");
 class OktaUserAgent {
   constructor() {
     // add base sdk env
-    this.environments = [`okta-auth-js/${"6.4.0"}`];
+    this.environments = [`okta-auth-js/${"6.4.3"}`];
   }
 
   addEnvironment(env) {
@@ -36,7 +36,7 @@ class OktaUserAgent {
   }
 
   getVersion() {
-    return "6.4.0";
+    return "6.4.3";
   }
 
   maybeAddNodeEnvironment() {

package/cjs/ServiceManager.js

@@ -89,7 +89,7 @@ class ServiceManager {
 
   start() {
     if (this.started) {
-      this.stop();
+      return; // noop if services have already started
     } // only start election if a leader is required
 
 

package/cjs/ServiceManager.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../lib/ServiceManager.ts"],"names":["ServiceManager","constructor","sdk","options","autoRenew","autoRemove","syncStorage","tokenManager","getOptions","defaultOptions","started","services","onLeaderDuplicate","bind","onLeader","knownServices","forEach","name","svc","createService","set","canUseLeaderElection","startServices","isLeader","elector","hasLeader","isLeaderRequired","some","srv","requiresLeadership","start","stop","startElector","stopElector","stopServices","getService","get","canStart","isStarted","channel","broadcastChannelName","BroadcastChannel","onduplicate","awaitLeadership","then","die","undefined","close","service","AutoRenewService","SyncStorageService","Error"],"mappings":";;;;;;;;;;;;;;AAmBA;;AAKA;;AACA;;AAzBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAiBO,MAAMA,cAAN,CAAwD;AAgB7DC,EAAAA,WAAW,CAACC,GAAD,EAAgBC,OAA8B,GAAG,EAAjD,EAAqD;AAC9D,SAAKD,GAAL,GAAWA,GAAX,CAD8D,CAG9D;;AACA,UAAM;AAAEE,MAAAA,SAAF;AAAaC,MAAAA,UAAb;AAAyBC,MAAAA;AAAzB,QAAyCJ,GAAG,CAACK,YAAJ,CAAiBC,UAAjB,EAA/C;AACA,SAAKL,OAAL,GAAe,qBAAc,EAAd,EACbH,cAAc,CAACS,cADF,EAEb;AAAEL,MAAAA,SAAF;AAAaC,MAAAA,UAAb;AAAyBC,MAAAA;AAAzB,KAFa,EAGbH,OAHa,CAAf;AAMA,SAAKO,OAAL,GAAe,KAAf;AACA,SAAKC,QAAL,GAAgB,kBAAhB;AACA,SAAKC,iBAAL,GAAyB,KAAKA,iBAAL,CAAuBC,IAAvB,CAA4B,IAA5B,CAAzB;AACA,SAAKC,QAAL,GAAgB,KAAKA,QAAL,CAAcD,IAAd,CAAmB,IAAnB,CAAhB;AAEAb,IAAAA,cAAc,CAACe,aAAf,CAA6BC,OAA7B,CAAqCC,IAAI,IAAI;AAC3C,YAAMC,GAAG,GAAG,KAAKC,aAAL,CAAmBF,IAAnB,CAAZ;;AACA,UAAIC,GAAJ,EAAS;AACP,aAAKP,QAAL,CAAcS,GAAd,CAAkBH,IAAlB,EAAwBC,GAAxB;AACD;AACF,KALD;AAMD;;AAEiC,SAApBG,oBAAoB,GAAG;AACnC,WAAO,0BAAP;AACD;;AAEOP,EAAAA,QAAQ,GAAG;AACjB,QAAI,KAAKJ,OAAT,EAAkB;AAChB;AACA,WAAKY,aAAL;AACD;AACF;;AAEOV,EAAAA,iBAAiB,GAAG,CAC3B;;AAEDW,EAAAA,QAAQ,GAAG;AAAA;;AACT,WAAO,CAAC,mBAAC,KAAKC,OAAN,0CAAC,cAAcD,QAAf,CAAR;AACD;;AAEDE,EAAAA,SAAS,GAAG;AAAA;;AACV,6BAAO,KAAKD,OAAZ,mDAAO,eAAcC,SAArB;AACD;;AAEDC,EAAAA,gBAAgB,GAAG;AAAA;;AACjB,WAAO,CAAC,GAAG,qCAAKf,QAAL,gBAAJ,EAA4BgB,IAA5B,CAAiCC,GAAG,IAAIA,GAAG,CAACC,kBAAJ,EAAxC,CAAP;AACD;;AAEDC,EAAAA,KAAK,GAAG;AACN,QAAI,KAAKpB,OAAT,EAAkB;AAChB,WAAKqB,IAAL;AACD,KAHK,CAIN;;;AACA,QAAI,KAAKL,gBAAL,EAAJ,EAA6B;AAC3B,WAAKM,YAAL;AACD;;AACD,SAAKV,aAAL;AACA,SAAKZ,OAAL,GAAe,IAAf;AACD;;AAEDqB,EAAAA,IAAI,GAAG;AACL,SAAKE,WAAL;AACA,SAAKC,YAAL;AACA,SAAKxB,OAAL,GAAe,KAAf;AACD;;AAEDyB,EAAAA,UAAU,CAAClB,IAAD,EAA6C;AACrD,WAAO,KAAKN,QAAL,CAAcyB,GAAd,CAAkBnB,IAAlB,CAAP;AACD;;AAEOK,EAAAA,aAAa,GAAG;AACtB,SAAK,MAAMM,GAAX,IAAkB,sCAAKjB,QAAL,iBAAlB,EAA0C;AAAA;;AACxC,YAAM0B,QAAQ,GAAGT,GAAG,CAACS,QAAJ,MAAkB,CAACT,GAAG,CAACU,SAAJ,EAAnB,KAAuCV,GAAG,CAACC,kBAAJ,KAA2B,KAAKN,QAAL,EAA3B,GAA6C,IAApF,CAAjB;;AACA,UAAIc,QAAJ,EAAc;AACZT,QAAAA,GAAG,CAACE,KAAJ;AACD;AACF;AACF;;AAEOI,EAAAA,YAAY,GAAG;AACrB,SAAK,MAAMN,GAAX,IAAkB,sCAAKjB,QAAL,iBAAlB,EAA0C;AAAA;;AACxCiB,MAAAA,GAAG,CAACG,IAAJ;AACD;AACF;;AAEOC,EAAAA,YAAY,GAAG;AACrB,SAAKC,WAAL;;AACA,QAAIjC,cAAc,CAACqB,oBAAf,EAAJ,EAA2C;AACzC,UAAI,CAAC,KAAKkB,OAAV,EAAmB;AACjB,cAAM;AAAEC,UAAAA;AAAF,YAA2B,KAAKrC,OAAtC;AACA,aAAKoC,OAAL,GAAe,IAAIE,kCAAJ,CAAqBD,oBAArB,CAAf;AACD;;AACD,UAAI,CAAC,KAAKhB,OAAV,EAAmB;AACjB,aAAKA,OAAL,GAAe,4CAAqB,KAAKe,OAA1B,CAAf;AACA,aAAKf,OAAL,CAAakB,WAAb,GAA2B,KAAK9B,iBAAhC;AACA,aAAKY,OAAL,CAAamB,eAAb,GAA+BC,IAA/B,CAAoC,KAAK9B,QAAzC;AACD;AACF;AACF;;AAEOmB,EAAAA,WAAW,GAAG;AACpB,QAAI,KAAKT,OAAT,EAAkB;AAAA;;AAChB,6BAAKA,OAAL,kEAAcqB,GAAd;AACA,WAAKrB,OAAL,GAAesB,SAAf;AACA,4BAAKP,OAAL,gEAAcQ,KAAd;AACA,WAAKR,OAAL,GAAeO,SAAf;AACD;AACF;;AAEO3B,EAAAA,aAAa,CAACF,IAAD,EAAiC;AACpD,UAAMV,YAAY,GAAG,KAAKL,GAAL,CAASK,YAA9B;AAEA,QAAIyC,OAAJ;;AACA,YAAQ/B,IAAR;AACE,WAAK,WAAL;AACE+B,QAAAA,OAAO,GAAG,IAAIC,0BAAJ,CAAqB1C,YAArB,EAAmC,EAAC,GAAG,KAAKJ;AAAT,SAAnC,CAAV;AACA;;AACF,WAAK,aAAL;AACE6C,QAAAA,OAAO,GAAG,IAAIE,4BAAJ,CAAuB3C,YAAvB,EAAqC,EAAC,GAAG,KAAKJ;AAAT,SAArC,CAAV;AACA;;AACF;AACE,cAAM,IAAIgD,KAAJ,CAAW,mBAAkBlC,IAAK,EAAlC,CAAN;AARJ;;AAUA,WAAO+B,OAAP;AACD;;AA9I4D;;;8BAAlDhD,c,mBAQoB,CAAC,WAAD,EAAc,aAAd,C;8BARpBA,c,oBAUqB;AAC9BI,EAAAA,SAAS,EAAE,IADmB;AAE9BC,EAAAA,UAAU,EAAE,IAFkB;AAG9BC,EAAAA,WAAW,EAAE;AAHiB,C","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport {\n  ServiceManagerInterface,\n  ServiceInterface,\n  ServiceManagerOptions\n} from './types';\nimport { OktaAuth } from '.';\nimport {\n  BroadcastChannel,\n  createLeaderElection,\n  LeaderElector\n} from 'broadcast-channel';\nimport { AutoRenewService, SyncStorageService } from './services';\nimport { isBrowser } from './features';\n\nexport class ServiceManager implements ServiceManagerInterface {\n  private sdk: OktaAuth;\n  private options: ServiceManagerOptions;\n  private services: Map<string, ServiceInterface>;\n  private channel?: BroadcastChannel;\n  private elector?: LeaderElector;\n  private started: boolean;\n\n  private static knownServices = ['autoRenew', 'syncStorage'];\n\n  private static defaultOptions = {\n    autoRenew: true,\n    autoRemove: true,\n    syncStorage: true\n  };\n\n  constructor(sdk: OktaAuth, options: ServiceManagerOptions = {}) {\n    this.sdk = sdk;\n\n    // TODO: backwards compatibility, remove in next major version - OKTA-473815\n    const { autoRenew, autoRemove, syncStorage } = sdk.tokenManager.getOptions();\n    this.options = Object.assign({}, \n      ServiceManager.defaultOptions,\n      { autoRenew, autoRemove, syncStorage },\n      options\n    );\n\n    this.started = false;\n    this.services = new Map();\n    this.onLeaderDuplicate = this.onLeaderDuplicate.bind(this);\n    this.onLeader = this.onLeader.bind(this);\n\n    ServiceManager.knownServices.forEach(name => {\n      const svc = this.createService(name);\n      if (svc) {\n        this.services.set(name, svc);\n      }\n    });\n  }\n\n  public static canUseLeaderElection() {\n    return isBrowser();\n  }\n\n  private onLeader() {\n    if (this.started) {\n      // Start services that requires leadership\n      this.startServices();\n    }\n  }\n\n  private onLeaderDuplicate() {\n  }\n\n  isLeader() {\n    return !!this.elector?.isLeader;\n  }\n\n  hasLeader() {\n    return this.elector?.hasLeader;\n  }\n\n  isLeaderRequired() {\n    return [...this.services.values()].some(srv => srv.requiresLeadership());\n  }\n\n  start() {\n    if (this.started) {\n      this.stop();\n    }\n    // only start election if a leader is required\n    if (this.isLeaderRequired()) {\n      this.startElector();\n    }\n    this.startServices();\n    this.started = true;\n  }\n  \n  stop() {\n    this.stopElector();\n    this.stopServices();\n    this.started = false;\n  }\n\n  getService(name: string): ServiceInterface | undefined {\n    return this.services.get(name);\n  }\n\n  private startServices() {\n    for (const srv of this.services.values()) {\n      const canStart = srv.canStart() && !srv.isStarted() && (srv.requiresLeadership() ? this.isLeader() : true);\n      if (canStart) {\n        srv.start();\n      }\n    }\n  }\n\n  private stopServices() {\n    for (const srv of this.services.values()) {\n      srv.stop();\n    }\n  }\n\n  private startElector() {\n    this.stopElector();\n    if (ServiceManager.canUseLeaderElection()) {\n      if (!this.channel) {\n        const { broadcastChannelName } = this.options;\n        this.channel = new BroadcastChannel(broadcastChannelName as string);\n      }\n      if (!this.elector) {\n        this.elector = createLeaderElection(this.channel);\n        this.elector.onduplicate = this.onLeaderDuplicate;\n        this.elector.awaitLeadership().then(this.onLeader);\n      }\n    }\n  }\n\n  private stopElector() {\n    if (this.elector) {\n      this.elector?.die();\n      this.elector = undefined;\n      this.channel?.close();\n      this.channel = undefined;\n    }\n  }\n\n  private createService(name: string): ServiceInterface {\n    const tokenManager = this.sdk.tokenManager;\n\n    let service: ServiceInterface | undefined;\n    switch (name) {\n      case 'autoRenew':\n        service = new AutoRenewService(tokenManager, {...this.options});\n        break;\n      case 'syncStorage':\n        service = new SyncStorageService(tokenManager, {...this.options});\n        break;\n      default:\n        throw new Error(`Unknown service ${name}`);\n    }\n    return service;\n  }\n\n}\n"],"file":"ServiceManager.js"}
+{"version":3,"sources":["../../lib/ServiceManager.ts"],"names":["ServiceManager","constructor","sdk","options","autoRenew","autoRemove","syncStorage","tokenManager","getOptions","defaultOptions","started","services","onLeaderDuplicate","bind","onLeader","knownServices","forEach","name","svc","createService","set","canUseLeaderElection","startServices","isLeader","elector","hasLeader","isLeaderRequired","some","srv","requiresLeadership","start","startElector","stop","stopElector","stopServices","getService","get","canStart","isStarted","channel","broadcastChannelName","BroadcastChannel","onduplicate","awaitLeadership","then","die","undefined","close","service","AutoRenewService","SyncStorageService","Error"],"mappings":";;;;;;;;;;;;;;AAmBA;;AAKA;;AACA;;AAzBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAiBO,MAAMA,cAAN,CAAwD;AAgB7DC,EAAAA,WAAW,CAACC,GAAD,EAAgBC,OAA8B,GAAG,EAAjD,EAAqD;AAC9D,SAAKD,GAAL,GAAWA,GAAX,CAD8D,CAG9D;;AACA,UAAM;AAAEE,MAAAA,SAAF;AAAaC,MAAAA,UAAb;AAAyBC,MAAAA;AAAzB,QAAyCJ,GAAG,CAACK,YAAJ,CAAiBC,UAAjB,EAA/C;AACA,SAAKL,OAAL,GAAe,qBAAc,EAAd,EACbH,cAAc,CAACS,cADF,EAEb;AAAEL,MAAAA,SAAF;AAAaC,MAAAA,UAAb;AAAyBC,MAAAA;AAAzB,KAFa,EAGbH,OAHa,CAAf;AAMA,SAAKO,OAAL,GAAe,KAAf;AACA,SAAKC,QAAL,GAAgB,kBAAhB;AACA,SAAKC,iBAAL,GAAyB,KAAKA,iBAAL,CAAuBC,IAAvB,CAA4B,IAA5B,CAAzB;AACA,SAAKC,QAAL,GAAgB,KAAKA,QAAL,CAAcD,IAAd,CAAmB,IAAnB,CAAhB;AAEAb,IAAAA,cAAc,CAACe,aAAf,CAA6BC,OAA7B,CAAqCC,IAAI,IAAI;AAC3C,YAAMC,GAAG,GAAG,KAAKC,aAAL,CAAmBF,IAAnB,CAAZ;;AACA,UAAIC,GAAJ,EAAS;AACP,aAAKP,QAAL,CAAcS,GAAd,CAAkBH,IAAlB,EAAwBC,GAAxB;AACD;AACF,KALD;AAMD;;AAEiC,SAApBG,oBAAoB,GAAG;AACnC,WAAO,0BAAP;AACD;;AAEOP,EAAAA,QAAQ,GAAG;AACjB,QAAI,KAAKJ,OAAT,EAAkB;AAChB;AACA,WAAKY,aAAL;AACD;AACF;;AAEOV,EAAAA,iBAAiB,GAAG,CAC3B;;AAEDW,EAAAA,QAAQ,GAAG;AAAA;;AACT,WAAO,CAAC,mBAAC,KAAKC,OAAN,0CAAC,cAAcD,QAAf,CAAR;AACD;;AAEDE,EAAAA,SAAS,GAAG;AAAA;;AACV,6BAAO,KAAKD,OAAZ,mDAAO,eAAcC,SAArB;AACD;;AAEDC,EAAAA,gBAAgB,GAAG;AAAA;;AACjB,WAAO,CAAC,GAAG,qCAAKf,QAAL,gBAAJ,EAA4BgB,IAA5B,CAAiCC,GAAG,IAAIA,GAAG,CAACC,kBAAJ,EAAxC,CAAP;AACD;;AAEDC,EAAAA,KAAK,GAAG;AACN,QAAI,KAAKpB,OAAT,EAAkB;AAChB,aADgB,CACJ;AACb,KAHK,CAIN;;;AACA,QAAI,KAAKgB,gBAAL,EAAJ,EAA6B;AAC3B,WAAKK,YAAL;AACD;;AACD,SAAKT,aAAL;AACA,SAAKZ,OAAL,GAAe,IAAf;AACD;;AAEDsB,EAAAA,IAAI,GAAG;AACL,SAAKC,WAAL;AACA,SAAKC,YAAL;AACA,SAAKxB,OAAL,GAAe,KAAf;AACD;;AAEDyB,EAAAA,UAAU,CAAClB,IAAD,EAA6C;AACrD,WAAO,KAAKN,QAAL,CAAcyB,GAAd,CAAkBnB,IAAlB,CAAP;AACD;;AAEOK,EAAAA,aAAa,GAAG;AACtB,SAAK,MAAMM,GAAX,IAAkB,sCAAKjB,QAAL,iBAAlB,EAA0C;AAAA;;AACxC,YAAM0B,QAAQ,GAAGT,GAAG,CAACS,QAAJ,MAAkB,CAACT,GAAG,CAACU,SAAJ,EAAnB,KAAuCV,GAAG,CAACC,kBAAJ,KAA2B,KAAKN,QAAL,EAA3B,GAA6C,IAApF,CAAjB;;AACA,UAAIc,QAAJ,EAAc;AACZT,QAAAA,GAAG,CAACE,KAAJ;AACD;AACF;AACF;;AAEOI,EAAAA,YAAY,GAAG;AACrB,SAAK,MAAMN,GAAX,IAAkB,sCAAKjB,QAAL,iBAAlB,EAA0C;AAAA;;AACxCiB,MAAAA,GAAG,CAACI,IAAJ;AACD;AACF;;AAEOD,EAAAA,YAAY,GAAG;AACrB,SAAKE,WAAL;;AACA,QAAIjC,cAAc,CAACqB,oBAAf,EAAJ,EAA2C;AACzC,UAAI,CAAC,KAAKkB,OAAV,EAAmB;AACjB,cAAM;AAAEC,UAAAA;AAAF,YAA2B,KAAKrC,OAAtC;AACA,aAAKoC,OAAL,GAAe,IAAIE,kCAAJ,CAAqBD,oBAArB,CAAf;AACD;;AACD,UAAI,CAAC,KAAKhB,OAAV,EAAmB;AACjB,aAAKA,OAAL,GAAe,4CAAqB,KAAKe,OAA1B,CAAf;AACA,aAAKf,OAAL,CAAakB,WAAb,GAA2B,KAAK9B,iBAAhC;AACA,aAAKY,OAAL,CAAamB,eAAb,GAA+BC,IAA/B,CAAoC,KAAK9B,QAAzC;AACD;AACF;AACF;;AAEOmB,EAAAA,WAAW,GAAG;AACpB,QAAI,KAAKT,OAAT,EAAkB;AAAA;;AAChB,6BAAKA,OAAL,kEAAcqB,GAAd;AACA,WAAKrB,OAAL,GAAesB,SAAf;AACA,4BAAKP,OAAL,gEAAcQ,KAAd;AACA,WAAKR,OAAL,GAAeO,SAAf;AACD;AACF;;AAEO3B,EAAAA,aAAa,CAACF,IAAD,EAAiC;AACpD,UAAMV,YAAY,GAAG,KAAKL,GAAL,CAASK,YAA9B;AAEA,QAAIyC,OAAJ;;AACA,YAAQ/B,IAAR;AACE,WAAK,WAAL;AACE+B,QAAAA,OAAO,GAAG,IAAIC,0BAAJ,CAAqB1C,YAArB,EAAmC,EAAC,GAAG,KAAKJ;AAAT,SAAnC,CAAV;AACA;;AACF,WAAK,aAAL;AACE6C,QAAAA,OAAO,GAAG,IAAIE,4BAAJ,CAAuB3C,YAAvB,EAAqC,EAAC,GAAG,KAAKJ;AAAT,SAArC,CAAV;AACA;;AACF;AACE,cAAM,IAAIgD,KAAJ,CAAW,mBAAkBlC,IAAK,EAAlC,CAAN;AARJ;;AAUA,WAAO+B,OAAP;AACD;;AA9I4D;;;8BAAlDhD,c,mBAQoB,CAAC,WAAD,EAAc,aAAd,C;8BARpBA,c,oBAUqB;AAC9BI,EAAAA,SAAS,EAAE,IADmB;AAE9BC,EAAAA,UAAU,EAAE,IAFkB;AAG9BC,EAAAA,WAAW,EAAE;AAHiB,C","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport {\n  ServiceManagerInterface,\n  ServiceInterface,\n  ServiceManagerOptions\n} from './types';\nimport { OktaAuth } from '.';\nimport {\n  BroadcastChannel,\n  createLeaderElection,\n  LeaderElector\n} from 'broadcast-channel';\nimport { AutoRenewService, SyncStorageService } from './services';\nimport { isBrowser } from './features';\n\nexport class ServiceManager implements ServiceManagerInterface {\n  private sdk: OktaAuth;\n  private options: ServiceManagerOptions;\n  private services: Map<string, ServiceInterface>;\n  private channel?: BroadcastChannel;\n  private elector?: LeaderElector;\n  private started: boolean;\n\n  private static knownServices = ['autoRenew', 'syncStorage'];\n\n  private static defaultOptions = {\n    autoRenew: true,\n    autoRemove: true,\n    syncStorage: true\n  };\n\n  constructor(sdk: OktaAuth, options: ServiceManagerOptions = {}) {\n    this.sdk = sdk;\n\n    // TODO: backwards compatibility, remove in next major version - OKTA-473815\n    const { autoRenew, autoRemove, syncStorage } = sdk.tokenManager.getOptions();\n    this.options = Object.assign({}, \n      ServiceManager.defaultOptions,\n      { autoRenew, autoRemove, syncStorage },\n      options\n    );\n\n    this.started = false;\n    this.services = new Map();\n    this.onLeaderDuplicate = this.onLeaderDuplicate.bind(this);\n    this.onLeader = this.onLeader.bind(this);\n\n    ServiceManager.knownServices.forEach(name => {\n      const svc = this.createService(name);\n      if (svc) {\n        this.services.set(name, svc);\n      }\n    });\n  }\n\n  public static canUseLeaderElection() {\n    return isBrowser();\n  }\n\n  private onLeader() {\n    if (this.started) {\n      // Start services that requires leadership\n      this.startServices();\n    }\n  }\n\n  private onLeaderDuplicate() {\n  }\n\n  isLeader() {\n    return !!this.elector?.isLeader;\n  }\n\n  hasLeader() {\n    return this.elector?.hasLeader;\n  }\n\n  isLeaderRequired() {\n    return [...this.services.values()].some(srv => srv.requiresLeadership());\n  }\n\n  start() {\n    if (this.started) {\n      return;     // noop if services have already started\n    }\n    // only start election if a leader is required\n    if (this.isLeaderRequired()) {\n      this.startElector();\n    }\n    this.startServices();\n    this.started = true;\n  }\n  \n  stop() {\n    this.stopElector();\n    this.stopServices();\n    this.started = false;\n  }\n\n  getService(name: string): ServiceInterface | undefined {\n    return this.services.get(name);\n  }\n\n  private startServices() {\n    for (const srv of this.services.values()) {\n      const canStart = srv.canStart() && !srv.isStarted() && (srv.requiresLeadership() ? this.isLeader() : true);\n      if (canStart) {\n        srv.start();\n      }\n    }\n  }\n\n  private stopServices() {\n    for (const srv of this.services.values()) {\n      srv.stop();\n    }\n  }\n\n  private startElector() {\n    this.stopElector();\n    if (ServiceManager.canUseLeaderElection()) {\n      if (!this.channel) {\n        const { broadcastChannelName } = this.options;\n        this.channel = new BroadcastChannel(broadcastChannelName as string);\n      }\n      if (!this.elector) {\n        this.elector = createLeaderElection(this.channel);\n        this.elector.onduplicate = this.onLeaderDuplicate;\n        this.elector.awaitLeadership().then(this.onLeader);\n      }\n    }\n  }\n\n  private stopElector() {\n    if (this.elector) {\n      this.elector?.die();\n      this.elector = undefined;\n      this.channel?.close();\n      this.channel = undefined;\n    }\n  }\n\n  private createService(name: string): ServiceInterface {\n    const tokenManager = this.sdk.tokenManager;\n\n    let service: ServiceInterface | undefined;\n    switch (name) {\n      case 'autoRenew':\n        service = new AutoRenewService(tokenManager, {...this.options});\n        break;\n      case 'syncStorage':\n        service = new SyncStorageService(tokenManager, {...this.options});\n        break;\n      default:\n        throw new Error(`Unknown service ${name}`);\n    }\n    return service;\n  }\n\n}\n"],"file":"ServiceManager.js"}

package/cjs/TransactionManager.js

@@ -49,9 +49,7 @@ class TransactionManager {
     const transactionStorage = this.storageManager.getTransactionStorage();
     const meta = transactionStorage.getStorage(); // Clear primary storage (by default, sessionStorage on browser)
 
-    transactionStorage.clearStorage(); // clear IDX response storage
-
-    this.clearIdxResponse(); // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow
+    transactionStorage.clearStorage(); // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow
 
     if (this.enableSharedStorage && options.clearSharedStorage !== false) {
       const state = options.state || (meta === null || meta === void 0 ? void 0 : meta.state);
@@ -61,6 +59,10 @@ class TransactionManager {
       }
     }
 
+    if (options.clearIdxResponse !== false) {
+      this.clearIdxResponse();
+    }
+
     if (!this.legacyWidgetSupport) {
       return;
     } // This is for compatibility with older versions of the signin widget. OKTA-304806
@@ -305,10 +307,7 @@ class TransactionManager {
     // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');
   }
 
-  saveIdxResponse({
-    rawIdxResponse,
-    requestDidSucceed
-  }) {
+  saveIdxResponse(data) {
     if (!this.saveLastResponse) {
       return;
     }
@@ -319,13 +318,11 @@ class TransactionManager {
       return;
     }
 
-    storage.setStorage({
-      rawIdxResponse,
-      requestDidSucceed
-    });
-  }
+    storage.setStorage(data);
+  } // eslint-disable-next-line complexity
+
 
-  loadIdxResponse() {
+  loadIdxResponse(options) {
     if (!this.saveLastResponse) {
       return null;
     }
@@ -342,6 +339,21 @@ class TransactionManager {
       return null;
     }
 
+    if (options) {
+      const {
+        stateHandle,
+        interactionHandle
+      } = options;
+
+      if (stateHandle && storedValue.stateHandle !== stateHandle) {
+        return null;
+      }
+
+      if (interactionHandle && storedValue.interactionHandle !== interactionHandle) {
+        return null;
+      }
+    }
+
     return storedValue;
   }
 

package/cjs/TransactionManager.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","saveLastResponse","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearIdxResponse","clearSharedStorage","state","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","undefined","getLegacyOAuthParamsStorage","saveIdxResponse","rawIdxResponse","requestDidSucceed","getIdxResponseStorage","loadIdxResponse","storedValue"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAEA;;AAYA;;AACA;;AACA;;AA9BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA8Be,MAAMA,kBAAN,CAAyB;AAUtCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C;AACA,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,gBAAL,GAAwBP,OAAO,CAACO,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKP,OAAL,GAAeA,OAAf;AACD,GApBqC,CAsBtC;;;AACAQ,EAAAA,KAAK,CAACR,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMS,kBAAmC,GAAG,KAAKR,cAAL,CAAoBS,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,SAAKC,gBAAL,GAR+C,CAU/C;;AACA,QAAI,KAAKR,mBAAL,IAA4BN,OAAO,CAACe,kBAAR,KAA+B,KAA/D,EAAsE;AACpE,YAAMC,KAAK,GAAGhB,OAAO,CAACgB,KAAR,KAAiBL,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEK,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKf,cAAvC,EAAuDe,KAAvD;AACD;AACF;;AAED,QAAI,CAAC,KAAKd,mBAAV,EAA+B;AAC7B;AACD,KApB8C,CAsB/C;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GArDqC,CAuDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBX,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIsB,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACvB,OAAO,CAACwB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKL,mBAAL,IAA4BK,IAAI,CAACK,KAArC,EAA4C;AAC1C,yDAA+B,KAAKf,cAApC,EAAoDU,IAAI,CAACK,KAAzD,EAAgEL,IAAhE;AACD;;AAED,QAAI,CAACX,OAAO,CAACiB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKd,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMqB,aAA4B,GAAG,KAAKzB,cAAL,CAAoBW,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKtB,gBAAT,EAA2B;AACzB,cAAM;AACJuB,UAAAA,YADI;AAEJZ,UAAAA,KAFI;AAGJa,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBZ,UAAAA,KAFkB;AAGlBa,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkD,wBAAeF,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK/B,eAAL,IAAwBQ,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBE,qCAAtB,EAAkD1B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKzB,eAAL,IAAwBO,IAAI,CAACK,KAAjC,EAAwC;AACtC;AACAU,QAAAA,aAAa,CAACS,OAAd,CAAsBG,qCAAtB,EAAkD3B,IAAI,CAACK,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDuB,EAAAA,MAAM,CAACvC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMW,IAAI,GAAG,KAAK6B,IAAL,CAAUxC,OAAV,CAAb;AACA,aAAO,CAAC,CAACW,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GA/HqC,CAiItC;AACA;;;AACA6B,EAAAA,IAAI,CAACxC,OAA+B,GAAG,EAAnC,EAA+D;AAEjE,QAAIW,IAAJ,CAFiE,CAIjE;;AACA,QAAI,KAAKL,mBAAL,IAA4BN,OAAO,CAACgB,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKf,cAAxB,EAD6C,CACJ;;AACzCU,MAAAA,IAAI,GAAG,qDAAiC,KAAKV,cAAtC,EAAsDD,OAAO,CAACgB,KAA9D,CAAP;;AACA,UAAI,8BAAkBL,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKT,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtBgE,CAwBjE;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKO,qBAAL,EAApB;AACA,6BAAc9B,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAMuB,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACA,6BAAchC,IAAd,EAAoB+B,QAApB;AACD,OAHD,SAGU;AACR,aAAKtB,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAlLqC,CAoLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,cAAc,GAAwB;AACpC,QAAIrB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;AAC3B,eAAOxB,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;AAC3B,eAAOxB,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAIyB,oBAAJ,CAAiB,yJAAjB,EAA4KC,SAA5K,CAAN;AACD;;AAED/B,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED4B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAInB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIc,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDG,EAAAA,eAAe,CAAC;AAAEC,IAAAA,cAAF;AAAkBC,IAAAA;AAAlB,GAAD,EAAgE;AAC7E,QAAI,CAAC,KAAK9C,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,qBAApB,EAAhB;;AACA,QAAI,CAAChC,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB;AAAE2B,MAAAA,cAAF;AAAkBC,MAAAA;AAAlB,KAAnB;AACD;;AAEDE,EAAAA,eAAe,GAA4B;AACzC,QAAI,CAAC,KAAKhD,gBAAV,EAA4B;AAC1B,aAAO,IAAP;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,qBAApB,EAAhB;;AACA,QAAI,CAAChC,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMkC,WAAW,GAAGlC,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC4C,WAAD,IAAgB,CAAC,6BAAiBA,WAAW,CAACJ,cAA7B,CAArB,EAAmE;AACjE,aAAO,IAAP;AACD;;AACD,WAAOI,WAAP;AACD;;AAED1C,EAAAA,gBAAgB,GAAS;AACvB,QAAI,CAAC,KAAKP,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBqD,qBAApB,EAAhB;AACAhC,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AA7SqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport { StorageManager } from './StorageManager';\nimport {\n  StorageProvider,\n  TransactionMeta,\n  isTransactionMeta,\n  isOAuthTransactionMeta,\n  PKCETransactionMeta,\n  OAuthTransactionMeta,\n  TransactionMetaOptions,\n  TransactionManagerOptions,\n  CookieStorage,\n  SavedIdxResponse\n} from './types';\nimport { isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n  clearTransactionFromSharedStorage,\n  loadTransactionFromSharedStorage,\n  pruneSharedStorage,\n  saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n  clearSharedStorage?: boolean;\n}\nexport default class TransactionManager {\n  options: TransactionManagerOptions;\n  storageManager: StorageManager;\n  legacyWidgetSupport: boolean;\n  saveNonceCookie: boolean;\n  saveStateCookie: boolean;\n  saveParamsCookie: boolean;\n  enableSharedStorage: boolean;\n  saveLastResponse: boolean;\n\n  constructor(options: TransactionManagerOptions) {\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    this.storageManager = options.storageManager!;\n    this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n    this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n    this.saveStateCookie = options.saveStateCookie === false ? false : true;\n    this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n    this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n    this.saveLastResponse = options.saveLastResponse === false ? false : true;\n    this.options = options;\n  }\n\n  // eslint-disable-next-line complexity\n  clear(options: ClearTransactionMetaOptions = {}) {\n    const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n    const meta = transactionStorage.getStorage();\n\n    // Clear primary storage (by default, sessionStorage on browser)\n    transactionStorage.clearStorage();\n\n    // clear IDX response storage\n    this.clearIdxResponse();\n\n    // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow\n    if (this.enableSharedStorage && options.clearSharedStorage !== false) {\n      const state = options.state || meta?.state;\n      if (state) {\n        clearTransactionFromSharedStorage(this.storageManager, state);\n      }\n    }\n  \n    if (!this.legacyWidgetSupport) {\n      return;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      this.clearLegacyOAuthParams();\n    }\n\n    if (options.pkce) {\n      this.clearLegacyPKCE();\n    }\n  }\n\n  // eslint-disable-next-line complexity\n  save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n    // There must be only one transaction executing at a time.\n    // Before saving, check to see if a transaction is already stored.\n    // An existing transaction indicates a concurrency/race/overlap condition\n\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    const obj = storage.getStorage();\n    // oie process may need to update transaction in the middle of process for tracking purpose\n    // false alarm might be caused \n    // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n    if (isTransactionMeta(obj) && !options.muteWarning) {\n      // eslint-disable-next-line max-len\n      warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n    }\n\n    storage.setStorage(meta);\n\n    // Shared storage allows continuation of transaction in another tab\n    if (this.enableSharedStorage && meta.state) {\n      saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n    }\n\n    if (!options.oauth) {\n      return;\n    }\n  \n    // Legacy cookie storage\n    if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n      const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n      if (this.saveParamsCookie) {\n        const { \n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        } = meta;\n        const oauthParams = {\n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        };\n        cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n      }\n\n      if (this.saveNonceCookie && meta.nonce) {\n        // Set nonce cookie for servers to validate nonce in id_token\n        cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n      }\n\n      if (this.saveStateCookie && meta.state) {\n        // Set state cookie for servers to validate state\n        cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n      }\n    }\n  }\n\n  exists(options: TransactionMetaOptions = {}): boolean {\n    try {\n      const meta = this.load(options);\n      return !!meta;\n    } catch {\n      return false;\n    }\n  }\n\n  // load transaction meta from storage\n  // eslint-disable-next-line complexity,max-statements\n  load(options: TransactionMetaOptions = {}): TransactionMeta | null {\n\n    let meta: TransactionMeta;\n\n    // If state was passed, try loading transaction data from shared storage\n    if (this.enableSharedStorage && options.state) {\n      pruneSharedStorage(this.storageManager); // prune before load\n      meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n      if (isTransactionMeta(meta)) {\n        return meta;\n      }\n    }\n\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    meta = storage.getStorage();\n    if (isTransactionMeta(meta)) {\n      // if we have meta in the new location, there is no need to go further\n      return meta;\n    }\n\n    if (!this.legacyWidgetSupport) {\n      return null;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      try {\n        const oauthParams = this.loadLegacyOAuthParams();\n        Object.assign(meta, oauthParams);\n      } finally {\n        this.clearLegacyOAuthParams();\n      }\n    }\n\n    if (options.pkce) {\n      try {\n        const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n        Object.assign(meta, pkceMeta);\n      } finally {\n        this.clearLegacyPKCE();\n      }\n    }\n\n    if (isTransactionMeta(meta)) {\n      return meta;\n    }\n    return null;\n  }\n\n  // This is for compatibility with older versions of the signin widget. OKTA-304806\n  clearLegacyPKCE(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyPKCE(): PKCETransactionMeta {\n    let storage: StorageProvider;\n    let obj;\n    \n    // Try reading from localStorage first.\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n\n    // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n    \n    // If meta is not valid, throw an exception to avoid misleading server-side error\n    // The most likely cause of this error is trying to handle a callback twice\n    // eslint-disable-next-line max-len\n    throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);\n  }\n\n  clearLegacyOAuthParams(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyOAuthParams(): OAuthTransactionMeta {\n    let storage: StorageProvider;\n    let oauthParams;\n  \n    // load first from session storage\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      oauthParams = storage.getStorage();\n    }\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n    // try to load from cookie\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      oauthParams = storage.getStorage();\n    }\n\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n\n    throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n    // Something is there but we don't recognize it\n    // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n  }\n\n  saveIdxResponse({ rawIdxResponse, requestDidSucceed }: SavedIdxResponse): void {\n    if (!this.saveLastResponse) {\n      return;\n    }\n    const storage = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return;\n    }\n    storage.setStorage({ rawIdxResponse, requestDidSucceed });\n  }\n\n  loadIdxResponse(): SavedIdxResponse | null {\n    if (!this.saveLastResponse) {\n      return null;\n    }\n    const storage = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return null;\n    }\n    const storedValue = storage.getStorage();\n    if (!storedValue || !isRawIdxResponse(storedValue.rawIdxResponse)) {\n      return null;\n    }\n    return storedValue;\n  }\n\n  clearIdxResponse(): void {\n    if (!this.saveLastResponse) {\n      return;\n    }\n    const storage = this.storageManager.getIdxResponseStorage();\n    storage?.clearStorage();\n  }\n}"],"file":"TransactionManager.js"}
+{"version":3,"sources":["../../lib/TransactionManager.ts"],"names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","saveLastResponse","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearSharedStorage","state","clearIdxResponse","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","undefined","getLegacyOAuthParamsStorage","saveIdxResponse","data","getIdxResponseStorage","loadIdxResponse","storedValue","rawIdxResponse","stateHandle","interactionHandle"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAEA;;AAaA;;AACA;;AACA;;AA/BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAgCe,MAAMA,kBAAN,CAAyB;AAUtCC,EAAAA,WAAW,CAACC,OAAD,EAAqC;AAC9C;AACA,SAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;AACA,SAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;AACA,SAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;AACA,SAAKC,gBAAL,GAAwBP,OAAO,CAACO,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;AACA,SAAKP,OAAL,GAAeA,OAAf;AACD,GApBqC,CAsBtC;;;AACAQ,EAAAA,KAAK,CAACR,OAAoC,GAAG,EAAxC,EAA4C;AAC/C,UAAMS,kBAAmC,GAAG,KAAKR,cAAL,CAAoBS,qBAApB,EAA5C;AACA,UAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;AACAH,IAAAA,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;AACA,QAAI,KAAKP,mBAAL,IAA4BN,OAAO,CAACc,kBAAR,KAA+B,KAA/D,EAAsE;AACpE,YAAMC,KAAK,GAAGf,OAAO,CAACe,KAAR,KAAiBJ,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEI,KAAvB,CAAd;;AACA,UAAIA,KAAJ,EAAW;AACT,8DAAkC,KAAKd,cAAvC,EAAuDc,KAAvD;AACD;AACF;;AAED,QAAIf,OAAO,CAACgB,gBAAR,KAA6B,KAAjC,EAAwC;AACtC,WAAKA,gBAAL;AACD;;AAED,QAAI,CAAC,KAAKd,mBAAV,EAA+B;AAC7B;AACD,KArB8C,CAuB/C;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,WAAKC,sBAAL;AACD;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,WAAKC,eAAL;AACD;AACF,GAtDqC,CAwDtC;;;AACAC,EAAAA,IAAI,CAACV,IAAD,EAAwBX,OAA+B,GAAG,EAA1D,EAA8D;AAChE;AACA;AACA;AAEA,QAAIsB,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACA,UAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;AACA;AACA;;AACA,QAAI,8BAAkBW,GAAlB,KAA0B,CAACvB,OAAO,CAACwB,WAAvC,EAAoD;AAClD;AACA,sBAAK,yGAAL;AACD;;AAEDF,IAAAA,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;AACA,QAAI,KAAKL,mBAAL,IAA4BK,IAAI,CAACI,KAArC,EAA4C;AAC1C,yDAA+B,KAAKd,cAApC,EAAoDU,IAAI,CAACI,KAAzD,EAAgEJ,IAAhE;AACD;;AAED,QAAI,CAACX,OAAO,CAACiB,KAAb,EAAoB;AAClB;AACD,KAxB+D,CA0BhE;;;AACA,QAAI,KAAKd,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;AACzE,YAAMqB,aAA4B,GAAG,KAAKzB,cAAL,CAAoBW,UAApB,CAA+B;AAAEe,QAAAA,WAAW,EAAE;AAAf,OAA/B,CAArC;;AAEA,UAAI,KAAKtB,gBAAT,EAA2B;AACzB,cAAM;AACJuB,UAAAA,YADI;AAEJb,UAAAA,KAFI;AAGJc,UAAAA,KAHI;AAIJC,UAAAA,MAJI;AAKJC,UAAAA,QALI;AAMJC,UAAAA,IANI;AAOJC,UAAAA;AAPI,YAQFtB,IARJ;AASA,cAAMuB,WAAW,GAAG;AAClBN,UAAAA,YADkB;AAElBb,UAAAA,KAFkB;AAGlBc,UAAAA,KAHkB;AAIlBC,UAAAA,MAJkB;AAKlBC,UAAAA,QALkB;AAMlBC,UAAAA,IANkB;AAOlBC,UAAAA;AAPkB,SAApB;AASAP,QAAAA,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkD,wBAAeF,WAAf,CAAlD,EAA+E,IAA/E;AACD;;AAED,UAAI,KAAK/B,eAAL,IAAwBQ,IAAI,CAACkB,KAAjC,EAAwC;AACtC;AACAH,QAAAA,aAAa,CAACS,OAAd,CAAsBE,qCAAtB,EAAkD1B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;AACD;;AAED,UAAI,KAAKzB,eAAL,IAAwBO,IAAI,CAACI,KAAjC,EAAwC;AACtC;AACAW,QAAAA,aAAa,CAACS,OAAd,CAAsBG,qCAAtB,EAAkD3B,IAAI,CAACI,KAAvD,EAA8D,IAA9D;AACD;AACF;AACF;;AAEDwB,EAAAA,MAAM,CAACvC,OAA+B,GAAG,EAAnC,EAAgD;AACpD,QAAI;AACF,YAAMW,IAAI,GAAG,KAAK6B,IAAL,CAAUxC,OAAV,CAAb;AACA,aAAO,CAAC,CAACW,IAAT;AACD,KAHD,CAGE,MAAM;AACN,aAAO,KAAP;AACD;AACF,GAhIqC,CAkItC;AACA;;;AACA6B,EAAAA,IAAI,CAACxC,OAA+B,GAAG,EAAnC,EAA+D;AAEjE,QAAIW,IAAJ,CAFiE,CAIjE;;AACA,QAAI,KAAKL,mBAAL,IAA4BN,OAAO,CAACe,KAAxC,EAA+C;AAC7C,6CAAmB,KAAKd,cAAxB,EAD6C,CACJ;;AACzCU,MAAAA,IAAI,GAAG,qDAAiC,KAAKV,cAAtC,EAAsDD,OAAO,CAACe,KAA9D,CAAP;;AACA,UAAI,8BAAkBJ,IAAlB,CAAJ,EAA6B;AAC3B,eAAOA,IAAP;AACD;AACF;;AAED,QAAIW,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;AACAC,IAAAA,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;AACA,QAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;AAC3B;AACA,aAAOA,IAAP;AACD;;AAED,QAAI,CAAC,KAAKT,mBAAV,EAA+B;AAC7B,aAAO,IAAP;AACD,KAtBgE,CAwBjE;;;AACA,QAAIF,OAAO,CAACiB,KAAZ,EAAmB;AACjB,UAAI;AACF,cAAMiB,WAAW,GAAG,KAAKO,qBAAL,EAApB;AACA,6BAAc9B,IAAd,EAAoBuB,WAApB;AACD,OAHD,SAGU;AACR,aAAKhB,sBAAL;AACD;AACF;;AAED,QAAIlB,OAAO,CAACmB,IAAZ,EAAkB;AAChB,UAAI;AACF,cAAMuB,QAA6B,GAAG,KAAKC,cAAL,EAAtC;AACA,6BAAchC,IAAd,EAAoB+B,QAApB;AACD,OAHD,SAGU;AACR,aAAKtB,eAAL;AACD;AACF;;AAED,QAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;AAC3B,aAAOA,IAAP;AACD;;AACD,WAAO,IAAP;AACD,GAnLqC,CAqLtC;;;AACAS,EAAAA,eAAe,GAAS;AACtB;AACA,QAAIE,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED8B,EAAAA,cAAc,GAAwB;AACpC,QAAIrB,OAAJ;AACA,QAAIC,GAAJ,CAFoC,CAIpC;;AACA,QAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;AACnEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;AAC3B,eAAOxB,GAAP;AACD;AACF,KAXmC,CAapC;;;AACA,QAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;AAAEnB,QAAAA,WAAW,EAAE;AAAf,OAAzC,CAAV;AACAJ,MAAAA,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;AACA,UAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;AAC3B,eAAOxB,GAAP;AACD;AACF,KApBmC,CAsBpC;AACA;AACA;;;AACA,UAAM,IAAIyB,oBAAJ,CAAiB,yJAAjB,EAA4KC,SAA5K,CAAN;AACD;;AAED/B,EAAAA,sBAAsB,GAAS;AAC7B;AACA,QAAII,OAAJ;;AAEA,QAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;;AAED,QAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAL,MAAAA,OAAO,CAACT,YAAR;AACD;AACF;;AAED4B,EAAAA,qBAAqB,GAAyB;AAC5C,QAAInB,OAAJ;AACA,QAAIY,WAAJ,CAF4C,CAI5C;;AACA,QAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;AACrEvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AACD,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD,KAX2C,CAa5C;;;AACA,QAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;AAC7DvB,MAAAA,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;AAAEvB,QAAAA,WAAW,EAAE;AAAf,OAAhD,CAAV;AACAO,MAAAA,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;AACD;;AAED,QAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;AACvC,aAAOA,WAAP;AACD;;AAGD,UAAM,IAAIc,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;AACA;AACD;;AAEDG,EAAAA,eAAe,CAACC,IAAD,EAA+B;AAC5C,QAAI,CAAC,KAAK7C,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBoD,qBAApB,EAAhB;;AACA,QAAI,CAAC/B,OAAL,EAAc;AACZ;AACD;;AACDA,IAAAA,OAAO,CAACG,UAAR,CAAmB2B,IAAnB;AACD,GAvRqC,CAyRtC;;;AACAE,EAAAA,eAAe,CAACtD,OAAD,EAAuD;AACpE,QAAI,CAAC,KAAKO,gBAAV,EAA4B;AAC1B,aAAO,IAAP;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBoD,qBAApB,EAAhB;;AACA,QAAI,CAAC/B,OAAL,EAAc;AACZ,aAAO,IAAP;AACD;;AACD,UAAMiC,WAAW,GAAGjC,OAAO,CAACV,UAAR,EAApB;;AACA,QAAI,CAAC2C,WAAD,IAAgB,CAAC,6BAAiBA,WAAW,CAACC,cAA7B,CAArB,EAAmE;AACjE,aAAO,IAAP;AACD;;AAED,QAAIxD,OAAJ,EAAa;AACX,YAAM;AAAEyD,QAAAA,WAAF;AAAeC,QAAAA;AAAf,UAAqC1D,OAA3C;;AACA,UAAIyD,WAAW,IAAIF,WAAW,CAACE,WAAZ,KAA4BA,WAA/C,EAA4D;AAC1D,eAAO,IAAP;AACD;;AACD,UAAIC,iBAAiB,IAAIH,WAAW,CAACG,iBAAZ,KAAkCA,iBAA3D,EAA8E;AAC5E,eAAO,IAAP;AACD;AACF;;AAED,WAAOH,WAAP;AACD;;AAEDvC,EAAAA,gBAAgB,GAAS;AACvB,QAAI,CAAC,KAAKT,gBAAV,EAA4B;AAC1B;AACD;;AACD,UAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBoD,qBAApB,EAAhB;AACA/B,IAAAA,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;AACD;;AA1TqC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport { StorageManager } from './StorageManager';\nimport {\n  StorageProvider,\n  TransactionMeta,\n  isTransactionMeta,\n  isOAuthTransactionMeta,\n  PKCETransactionMeta,\n  OAuthTransactionMeta,\n  TransactionMetaOptions,\n  TransactionManagerOptions,\n  CookieStorage,\n  SavedIdxResponse,\n  IntrospectOptions\n} from './types';\nimport { isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n  clearTransactionFromSharedStorage,\n  loadTransactionFromSharedStorage,\n  pruneSharedStorage,\n  saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n  clearSharedStorage?: boolean; // true by default\n  clearIdxResponse?: boolean; // true by default\n}\nexport default class TransactionManager {\n  options: TransactionManagerOptions;\n  storageManager: StorageManager;\n  legacyWidgetSupport: boolean;\n  saveNonceCookie: boolean;\n  saveStateCookie: boolean;\n  saveParamsCookie: boolean;\n  enableSharedStorage: boolean;\n  saveLastResponse: boolean;\n\n  constructor(options: TransactionManagerOptions) {\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    this.storageManager = options.storageManager!;\n    this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n    this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n    this.saveStateCookie = options.saveStateCookie === false ? false : true;\n    this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n    this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n    this.saveLastResponse = options.saveLastResponse === false ? false : true;\n    this.options = options;\n  }\n\n  // eslint-disable-next-line complexity\n  clear(options: ClearTransactionMetaOptions = {}) {\n    const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n    const meta = transactionStorage.getStorage();\n\n    // Clear primary storage (by default, sessionStorage on browser)\n    transactionStorage.clearStorage();\n\n    // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow\n    if (this.enableSharedStorage && options.clearSharedStorage !== false) {\n      const state = options.state || meta?.state;\n      if (state) {\n        clearTransactionFromSharedStorage(this.storageManager, state);\n      }\n    }\n\n    if (options.clearIdxResponse !== false) {\n      this.clearIdxResponse();\n    }\n    \n    if (!this.legacyWidgetSupport) {\n      return;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      this.clearLegacyOAuthParams();\n    }\n\n    if (options.pkce) {\n      this.clearLegacyPKCE();\n    }\n  }\n\n  // eslint-disable-next-line complexity\n  save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n    // There must be only one transaction executing at a time.\n    // Before saving, check to see if a transaction is already stored.\n    // An existing transaction indicates a concurrency/race/overlap condition\n\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    const obj = storage.getStorage();\n    // oie process may need to update transaction in the middle of process for tracking purpose\n    // false alarm might be caused \n    // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n    if (isTransactionMeta(obj) && !options.muteWarning) {\n      // eslint-disable-next-line max-len\n      warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n    }\n\n    storage.setStorage(meta);\n\n    // Shared storage allows continuation of transaction in another tab\n    if (this.enableSharedStorage && meta.state) {\n      saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n    }\n\n    if (!options.oauth) {\n      return;\n    }\n  \n    // Legacy cookie storage\n    if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n      const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n      if (this.saveParamsCookie) {\n        const { \n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        } = meta;\n        const oauthParams = {\n          responseType,\n          state,\n          nonce,\n          scopes,\n          clientId,\n          urls,\n          ignoreSignature\n        };\n        cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n      }\n\n      if (this.saveNonceCookie && meta.nonce) {\n        // Set nonce cookie for servers to validate nonce in id_token\n        cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n      }\n\n      if (this.saveStateCookie && meta.state) {\n        // Set state cookie for servers to validate state\n        cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n      }\n    }\n  }\n\n  exists(options: TransactionMetaOptions = {}): boolean {\n    try {\n      const meta = this.load(options);\n      return !!meta;\n    } catch {\n      return false;\n    }\n  }\n\n  // load transaction meta from storage\n  // eslint-disable-next-line complexity,max-statements\n  load(options: TransactionMetaOptions = {}): TransactionMeta | null {\n\n    let meta: TransactionMeta;\n\n    // If state was passed, try loading transaction data from shared storage\n    if (this.enableSharedStorage && options.state) {\n      pruneSharedStorage(this.storageManager); // prune before load\n      meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n      if (isTransactionMeta(meta)) {\n        return meta;\n      }\n    }\n\n    let storage: StorageProvider = this.storageManager.getTransactionStorage();\n    meta = storage.getStorage();\n    if (isTransactionMeta(meta)) {\n      // if we have meta in the new location, there is no need to go further\n      return meta;\n    }\n\n    if (!this.legacyWidgetSupport) {\n      return null;\n    }\n\n    // This is for compatibility with older versions of the signin widget. OKTA-304806\n    if (options.oauth) {\n      try {\n        const oauthParams = this.loadLegacyOAuthParams();\n        Object.assign(meta, oauthParams);\n      } finally {\n        this.clearLegacyOAuthParams();\n      }\n    }\n\n    if (options.pkce) {\n      try {\n        const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n        Object.assign(meta, pkceMeta);\n      } finally {\n        this.clearLegacyPKCE();\n      }\n    }\n\n    if (isTransactionMeta(meta)) {\n      return meta;\n    }\n    return null;\n  }\n\n  // This is for compatibility with older versions of the signin widget. OKTA-304806\n  clearLegacyPKCE(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyPKCE(): PKCETransactionMeta {\n    let storage: StorageProvider;\n    let obj;\n    \n    // Try reading from localStorage first.\n    if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n\n    // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n      obj = storage.getStorage();\n      if (obj && obj.codeVerifier) {\n        return obj;\n      }\n    }\n    \n    // If meta is not valid, throw an exception to avoid misleading server-side error\n    // The most likely cause of this error is trying to handle a callback twice\n    // eslint-disable-next-line max-len\n    throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);\n  }\n\n  clearLegacyOAuthParams(): void {\n    // clear storages\n    let storage: StorageProvider;\n\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      storage.clearStorage();\n    }\n\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      storage.clearStorage();\n    }\n  }\n\n  loadLegacyOAuthParams(): OAuthTransactionMeta {\n    let storage: StorageProvider;\n    let oauthParams;\n  \n    // load first from session storage\n    if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n      oauthParams = storage.getStorage();\n    }\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n    // try to load from cookie\n    if (this.storageManager.storageUtil.testStorageType('cookie')) {\n      storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n      oauthParams = storage.getStorage();\n    }\n\n    if (isOAuthTransactionMeta(oauthParams)) {\n      return oauthParams;\n    }\n\n\n    throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n    // Something is there but we don't recognize it\n    // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n  }\n\n  saveIdxResponse(data: SavedIdxResponse): void {\n    if (!this.saveLastResponse) {\n      return;\n    }\n    const storage = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return;\n    }\n    storage.setStorage(data);\n  }\n\n  // eslint-disable-next-line complexity\n  loadIdxResponse(options?: IntrospectOptions): SavedIdxResponse | null {\n    if (!this.saveLastResponse) {\n      return null;\n    }\n    const storage = this.storageManager.getIdxResponseStorage();\n    if (!storage) {\n      return null;\n    }\n    const storedValue = storage.getStorage();\n    if (!storedValue || !isRawIdxResponse(storedValue.rawIdxResponse)) {\n      return null;\n    }\n\n    if (options) {\n      const { stateHandle, interactionHandle } = options;\n      if (stateHandle && storedValue.stateHandle !== stateHandle) {\n        return null;\n      }\n      if (interactionHandle && storedValue.interactionHandle !== interactionHandle) {\n        return null;\n      }\n    }\n\n    return storedValue;\n  }\n\n  clearIdxResponse(): void {\n    if (!this.saveLastResponse) {\n      return;\n    }\n    const storage = this.storageManager.getIdxResponseStorage();\n    storage?.clearStorage();\n  }\n}"],"file":"TransactionManager.js"}

package/cjs/crypto/node.js

@@ -4,27 +4,22 @@ var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequ
 
 exports.webcrypto = exports.btoa = exports.atob = void 0;
 
+var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));
+
+var _weakMap = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/weak-map"));
+
+var _getOwnPropertyDescriptor = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/get-own-property-descriptor"));
+
 var _atob = _interopRequireDefault(require("atob"));
 
 var _btoa = _interopRequireDefault(require("btoa"));
 
 var _webcrypto = require("@peculiar/webcrypto");
 
-/*!
- * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
- * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
- *
- * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * 
- * See the License for the specific language governing permissions and limitations under the License.
- */
-
-/* global atob, btoa */
-// Ponyfill for NodeJS
-// Webpack config excludes this file
+function _getRequireWildcardCache(nodeInterop) { if (typeof _weakMap.default !== "function") return null; var cacheBabelInterop = new _weakMap.default(); var cacheNodeInterop = new _weakMap.default(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && _getOwnPropertyDescriptor.default; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? (0, _getOwnPropertyDescriptor.default)(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+
 let a;
 exports.atob = a;
 
@@ -45,7 +40,7 @@ if (typeof btoa !== 'undefined') {
 
 const crypto = (async () => {
   try {
-    return await import('crypto');
+    return await _promise.default.resolve().then(() => _interopRequireWildcard(require('crypto')));
   } catch (err) {
     // this environment has no crypto module!
     return undefined;

package/cjs/crypto/node.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/crypto/node.ts"],"names":["a","atob","atobModule","b","btoa","btoaModule","crypto","err","undefined","webcrypto","Crypto"],"mappings":";;;;;;AAkBA;;AACA;;AACA;;AApBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAEA;AACA;AAMA,IAAIA,CAAJ;;;AACA,IAAI,OAAOC,IAAP,KAAgB,WAApB,EAAiC;AAC/B,iBAAAD,CAAC,GAAGC,IAAJ;AACD,CAFD,MAEO;AACL,iBAAAD,CAAC,GAAGE,aAAJ;AACD;;AAID,IAAIC,CAAJ;;;AACA,IAAI,OAAOC,IAAP,KAAgB,WAApB,EAAiC;AAC/B,iBAAAD,CAAC,GAAGC,IAAJ;AACD,CAFD,MAEO;AACL,iBAAAD,CAAC,GAAGE,aAAJ;AACD;;AAGD,MAAMC,MAAM,GAAG,CAAC,YAAY;AAC1B,MAAI;AACF,WAAO,MAAM,OAAO,QAAP,CAAb;AACD,GAFD,CAEE,OAAOC,GAAP,EAAY;AACZ;AACA,WAAOC,SAAP;AACD;AACF,CAPc,GAAf;;AASA,IAAIC,SAAJ;;;AACA,IAAI,OAAOH,MAAP,KAAkB,WAAlB,IAAiCA,MAAM,CAAC,WAAD,CAA3C,EAA0D;AACxD,sBAAAG,SAAS,GAAGH,MAAM,CAAC,WAAD,CAAlB;AACD,CAFD,MAEO;AACL,sBAAAG,SAAS,GAAG,IAAIC,iBAAJ,EAAZ;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* global atob, btoa */\n\n// Ponyfill for NodeJS\n// Webpack config excludes this file\n\nimport atobModule from 'atob';\nimport btoaModule from 'btoa';\nimport { Crypto } from '@peculiar/webcrypto';\n\nlet a;\nif (typeof atob !== 'undefined') {\n  a = atob;\n} else {\n  a = atobModule;\n}\nexport { a as atob };\n\n\nlet b;\nif (typeof btoa !== 'undefined') {\n  b = btoa;\n} else {\n  b = btoaModule;\n}\nexport { b as btoa };\n\nconst crypto = (async () => {\n  try {\n    return await import('crypto');\n  } catch (err) {\n    // this environment has no crypto module!\n    return undefined;\n  }\n})();\n\nlet webcrypto;\nif (typeof crypto !== 'undefined' && crypto['webcrypto']) {\n  webcrypto = crypto['webcrypto'];\n} else {\n  webcrypto = new Crypto();\n}\n\nexport { webcrypto };\n"],"file":"node.js"}
+{"version":3,"sources":["../../../lib/crypto/node.ts"],"names":["a","atob","atobModule","b","btoa","btoaModule","crypto","err","undefined","webcrypto","Crypto"],"mappings":";;;;;;;;;;;;AAkBA;;AACA;;AACA;;;;;;AAEA,IAAIA,CAAJ;;;AACA,IAAI,OAAOC,IAAP,KAAgB,WAApB,EAAiC;AAC/B,iBAAAD,CAAC,GAAGC,IAAJ;AACD,CAFD,MAEO;AACL,iBAAAD,CAAC,GAAGE,aAAJ;AACD;;AAID,IAAIC,CAAJ;;;AACA,IAAI,OAAOC,IAAP,KAAgB,WAApB,EAAiC;AAC/B,iBAAAD,CAAC,GAAGC,IAAJ;AACD,CAFD,MAEO;AACL,iBAAAD,CAAC,GAAGE,aAAJ;AACD;;AAGD,MAAMC,MAAM,GAAG,CAAC,YAAY;AAC1B,MAAI;AACF,WAAO,4EAAa,QAAb,GAAP;AACD,GAFD,CAEE,OAAOC,GAAP,EAAY;AACZ;AACA,WAAOC,SAAP;AACD;AACF,CAPc,GAAf;;AASA,IAAIC,SAAJ;;;AACA,IAAI,OAAOH,MAAP,KAAkB,WAAlB,IAAiCA,MAAM,CAAC,WAAD,CAA3C,EAA0D;AACxD,sBAAAG,SAAS,GAAGH,MAAM,CAAC,WAAD,CAAlB;AACD,CAFD,MAEO;AACL,sBAAAG,SAAS,GAAG,IAAIC,iBAAJ,EAAZ;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* global atob, btoa */\n\n// Ponyfill for NodeJS\n// Webpack config excludes this file\n\nimport atobModule from 'atob';\nimport btoaModule from 'btoa';\nimport { Crypto } from '@peculiar/webcrypto';\n\nlet a;\nif (typeof atob !== 'undefined') {\n  a = atob;\n} else {\n  a = atobModule;\n}\nexport { a as atob };\n\n\nlet b;\nif (typeof btoa !== 'undefined') {\n  b = btoa;\n} else {\n  b = btoaModule;\n}\nexport { b as btoa };\n\nconst crypto = (async () => {\n  try {\n    return await import('crypto');\n  } catch (err) {\n    // this environment has no crypto module!\n    return undefined;\n  }\n})();\n\nlet webcrypto;\nif (typeof crypto !== 'undefined' && crypto['webcrypto']) {\n  webcrypto = crypto['webcrypto'];\n} else {\n  webcrypto = new Crypto();\n}\n\nexport { webcrypto };\n"],"file":"node.js"}

package/cjs/errors/AuthApiError.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/errors/AuthApiError.ts"],"names":["AuthApiError","CustomError","constructor","err","xhr","message","errorSummary","name","errorCode","errorLink","errorId","errorCauses"],"mappings":";;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKe,MAAMA,YAAN,SAA2BC,oBAA3B,CAA2D;AAQxEC,EAAAA,WAAW,CAACC,GAAD,EAAgBC,GAAhB,EAAoC;AAC7C,UAAMC,OAAO,GAAGF,GAAG,CAACG,YAApB;AACA,UAAMD,OAAN;AAEA,SAAKE,IAAL,GAAY,cAAZ;AACA,SAAKD,YAAL,GAAoBH,GAAG,CAACG,YAAxB;AACA,SAAKE,SAAL,GAAiBL,GAAG,CAACK,SAArB;AACA,SAAKC,SAAL,GAAiBN,GAAG,CAACM,SAArB;AACA,SAAKC,OAAL,GAAeP,GAAG,CAACO,OAAnB;AACA,SAAKC,WAAL,GAAmBR,GAAG,CAACQ,WAAvB;;AAEA,QAAIP,GAAJ,EAAS;AACP,WAAKA,GAAL,GAAWA,GAAX;AACD;AACF;;AAtBuE","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\nimport { APIError, HttpResponse } from '../types';\n\nexport default class AuthApiError extends CustomError implements APIError {\n  errorSummary: string;\n  errorCode?: string;\n  errorLink?: string;\n  errorId?: string;\n  errorCauses?: string[];\n  xhr?: HttpResponse;\n\n  constructor(err: APIError, xhr?: HttpResponse) {\n    const message = err.errorSummary;\n    super(message);\n\n    this.name = 'AuthApiError';\n    this.errorSummary = err.errorSummary;\n    this.errorCode = err.errorCode;\n    this.errorLink = err.errorLink;\n    this.errorId = err.errorId;\n    this.errorCauses = err.errorCauses;\n\n    if (xhr) {\n      this.xhr = xhr;\n    }\n  }\n}\n"],"file":"AuthApiError.js"}
+{"version":3,"sources":["../../../lib/errors/AuthApiError.ts"],"names":["AuthApiError","CustomError","constructor","err","xhr","message","errorSummary","name","errorCode","errorLink","errorId","errorCauses"],"mappings":";;;;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKe,MAAMA,YAAN,SAA2BC,oBAA3B,CAA2D;AAQxEC,EAAAA,WAAW,CAACC,GAAD,EAAgBC,GAAhB,EAAoC;AAC7C,UAAMC,OAAO,GAAGF,GAAG,CAACG,YAApB;AACA,UAAMD,OAAN;AAEA,SAAKE,IAAL,GAAY,cAAZ;AACA,SAAKD,YAAL,GAAoBH,GAAG,CAACG,YAAxB;AACA,SAAKE,SAAL,GAAiBL,GAAG,CAACK,SAArB;AACA,SAAKC,SAAL,GAAiBN,GAAG,CAACM,SAArB;AACA,SAAKC,OAAL,GAAeP,GAAG,CAACO,OAAnB;AACA,SAAKC,WAAL,GAAmBR,GAAG,CAACQ,WAAvB;;AAEA,QAAIP,GAAJ,EAAS;AACP,WAAKA,GAAL,GAAWA,GAAX;AACD;AACF;;AAtBuE","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\nimport { APIError, FieldError, HttpResponse } from '../types';\n\nexport default class AuthApiError extends CustomError implements APIError {\n  errorSummary: string;\n  errorCode?: string;\n  errorLink?: string;\n  errorId?: string;\n  errorCauses?: Array<FieldError>;\n  xhr?: HttpResponse;\n\n  constructor(err: APIError, xhr?: HttpResponse) {\n    const message = err.errorSummary;\n    super(message);\n\n    this.name = 'AuthApiError';\n    this.errorSummary = err.errorSummary;\n    this.errorCode = err.errorCode;\n    this.errorLink = err.errorLink;\n    this.errorId = err.errorId;\n    this.errorCauses = err.errorCauses;\n\n    if (xhr) {\n      this.xhr = xhr;\n    }\n  }\n}\n"],"file":"AuthApiError.js"}