@okta/okta-auth-js 6.4.1 → 6.5.0

package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/idx/authenticator/SecurityQuestionEnrollment.ts"],"names":["SecurityQuestionEnrollment","Authenticator","canVerify","values","credentials","questionKey","answer","question","mapCredentials","getInputs","name","type","required","label"],"mappings":";;;;AAAA;;AASO,MAAMA,0BAAN,SAAyCC,4BAAzC,CAAqF;AAC1FC,EAAAA,SAAS,CAACC,MAAD,EAAuC;AAC9C,UAAM;AAAEC,MAAAA;AAAF,QAAkBD,MAAxB;;AACA,QAAIC,WAAW,IAAIA,WAAW,CAACC,WAA3B,IAA0CD,WAAW,CAACE,MAA1D,EAAkE;AAChE,aAAO,IAAP;AACD;;AACD,UAAM;AAAED,MAAAA,WAAF;AAAeE,MAAAA,QAAf;AAAyBD,MAAAA;AAAzB,QAAoCH,MAA1C;AACA,WAAO,CAAC,EAAEE,WAAW,IAAIC,MAAjB,CAAD,IAA6B,CAAC,EAAEC,QAAQ,IAAID,MAAd,CAArC;AACD;;AAEDE,EAAAA,cAAc,CAACL,MAAD,EAAgE;AAC5E,UAAM;AAAEE,MAAAA,WAAF;AAAeE,MAAAA,QAAf;AAAyBD,MAAAA;AAAzB,QAAoCH,MAA1C;;AACA,QAAI,CAACE,WAAD,IAAgB,CAACE,QAAjB,IAA6B,CAACD,MAAlC,EAA0C;AACxC;AACD;;AACD,WAAO;AACLD,MAAAA,WAAW,EAAEE,QAAQ,GAAG,QAAH,GAAcF,WAD9B;AAELE,MAAAA,QAFK;AAGLD,MAAAA;AAHK,KAAP;AAKD;;AAEDG,EAAAA,SAAS,GAAG;AACV,WAAO,CACL;AAAEC,MAAAA,IAAI,EAAE,aAAR;AAAuBC,MAAAA,IAAI,EAAE,QAA7B;AAAuCC,MAAAA,QAAQ,EAAE;AAAjD,KADK,EAEL;AAAEF,MAAAA,IAAI,EAAE,UAAR;AAAoBC,MAAAA,IAAI,EAAE,QAA1B;AAAoCE,MAAAA,KAAK,EAAE;AAA3C,KAFK,EAGL;AAAEH,MAAAA,IAAI,EAAE,QAAR;AAAkBC,MAAAA,IAAI,EAAE,QAAxB;AAAkCE,MAAAA,KAAK,EAAE,QAAzC;AAAmDD,MAAAA,QAAQ,EAAE;AAA7D,KAHK,CAAP;AAKD;;AA5ByF","sourcesContent":["import { Authenticator, Credentials } from './Authenticator';\n\nexport interface SecurityQuestionEnrollValues {\n  questionKey?: string;\n  question?: string;\n  answer?: string;\n  credentials?: Credentials;\n}\n\nexport class SecurityQuestionEnrollment extends Authenticator<SecurityQuestionEnrollValues> {\n  canVerify(values: SecurityQuestionEnrollValues) {\n    const { credentials } = values;\n    if (credentials && credentials.questionKey && credentials.answer) {\n      return true;\n    }\n    const { questionKey, question, answer } = values;\n    return !!(questionKey && answer) || !!(question && answer);\n  }\n\n  mapCredentials(values: SecurityQuestionEnrollValues): Credentials | undefined {\n    const { questionKey, question, answer } = values;\n    if (!questionKey && !question && !answer) {\n      return;\n    }\n    return {\n      questionKey: question ? 'custom' : questionKey,\n      question,\n      answer\n    };\n  }\n\n  getInputs() {\n    return [\n      { name: 'questionKey', type: 'string', required: true },\n      { name: 'question', type: 'string', label: 'Create a security question' },\n      { name: 'answer', type: 'string', label: 'Answer', required: true },\n    ];\n  }\n}\n"],"file":"SecurityQuestionEnrollment.js"}
+{"version":3,"sources":["../../../../lib/idx/authenticator/SecurityQuestionEnrollment.ts"],"names":["SecurityQuestionEnrollment","Authenticator","canVerify","values","credentials","questionKey","answer","question","mapCredentials","getInputs","name","type","required","label"],"mappings":";;;;AAAA;;AASO,MAAMA,0BAAN,SAAyCC,4BAAzC,CAAqF;AAC1FC,EAAAA,SAAS,CAACC,MAAD,EAAuC;AAC9C,UAAM;AAAEC,MAAAA;AAAF,QAAkBD,MAAxB;;AACA,QAAIC,WAAW,IAAIA,WAAW,CAACC,WAA3B,IAA0CD,WAAW,CAACE,MAA1D,EAAkE;AAChE,aAAO,IAAP;AACD;;AACD,UAAM;AAAED,MAAAA,WAAF;AAAeE,MAAAA,QAAf;AAAyBD,MAAAA;AAAzB,QAAoCH,MAA1C;AACA,WAAO,CAAC,EAAEE,WAAW,IAAIC,MAAjB,CAAD,IAA6B,CAAC,EAAEC,QAAQ,IAAID,MAAd,CAArC;AACD;;AAEDE,EAAAA,cAAc,CAACL,MAAD,EAAgE;AAC5E,UAAM;AAAEE,MAAAA,WAAF;AAAeE,MAAAA,QAAf;AAAyBD,MAAAA;AAAzB,QAAoCH,MAA1C;;AACA,QAAI,CAACG,MAAD,IAAY,CAACD,WAAD,IAAgB,CAACE,QAAjC,EAA4C;AAC1C;AACD;;AACD,WAAO;AACLF,MAAAA,WAAW,EAAEE,QAAQ,GAAG,QAAH,GAAcF,WAD9B;AAELE,MAAAA,QAFK;AAGLD,MAAAA;AAHK,KAAP;AAKD;;AAEDG,EAAAA,SAAS,GAAG;AACV,WAAO,CACL;AAAEC,MAAAA,IAAI,EAAE,aAAR;AAAuBC,MAAAA,IAAI,EAAE,QAA7B;AAAuCC,MAAAA,QAAQ,EAAE;AAAjD,KADK,EAEL;AAAEF,MAAAA,IAAI,EAAE,UAAR;AAAoBC,MAAAA,IAAI,EAAE,QAA1B;AAAoCE,MAAAA,KAAK,EAAE;AAA3C,KAFK,EAGL;AAAEH,MAAAA,IAAI,EAAE,QAAR;AAAkBC,MAAAA,IAAI,EAAE,QAAxB;AAAkCE,MAAAA,KAAK,EAAE,QAAzC;AAAmDD,MAAAA,QAAQ,EAAE;AAA7D,KAHK,CAAP;AAKD;;AA5ByF","sourcesContent":["import { Authenticator, Credentials } from './Authenticator';\n\nexport interface SecurityQuestionEnrollValues {\n  questionKey?: string;\n  question?: string;\n  answer?: string;\n  credentials?: Credentials;\n}\n\nexport class SecurityQuestionEnrollment extends Authenticator<SecurityQuestionEnrollValues> {\n  canVerify(values: SecurityQuestionEnrollValues) {\n    const { credentials } = values;\n    if (credentials && credentials.questionKey && credentials.answer) {\n      return true;\n    }\n    const { questionKey, question, answer } = values;\n    return !!(questionKey && answer) || !!(question && answer);\n  }\n\n  mapCredentials(values: SecurityQuestionEnrollValues): Credentials | undefined {\n    const { questionKey, question, answer } = values;\n    if (!answer || (!questionKey && !question)) {\n      return;\n    }\n    return {\n      questionKey: question ? 'custom' : questionKey,\n      question,\n      answer\n    };\n  }\n\n  getInputs() {\n    return [\n      { name: 'questionKey', type: 'string', required: true },\n      { name: 'question', type: 'string', label: 'Create a security question' },\n      { name: 'answer', type: 'string', label: 'Answer', required: true },\n    ];\n  }\n}\n"],"file":"SecurityQuestionEnrollment.js"}

package/cjs/idx/authenticator/SecurityQuestionVerification.js

@@ -7,7 +7,18 @@ var _Authenticator = require("./Authenticator");
 /* eslint-disable @typescript-eslint/no-non-null-assertion */
 class SecurityQuestionVerification extends _Authenticator.Authenticator {
   canVerify(values) {
-    return !!values.answer;
+    const {
+      credentials
+    } = values;
+
+    if (credentials && credentials.answer) {
+      return true;
+    }
+
+    const {
+      answer
+    } = values;
+    return !!answer;
   }
 
   mapCredentials(values) {

package/cjs/idx/authenticator/SecurityQuestionVerification.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/idx/authenticator/SecurityQuestionVerification.ts"],"names":["SecurityQuestionVerification","Authenticator","canVerify","values","answer","mapCredentials","questionKey","meta","contextualData","enrolledQuestion","getInputs","name","type","label","required"],"mappings":";;;;AACA;;AADA;AAOO,MAAMA,4BAAN,SAA2CC,4BAA3C,CAA6F;AAClGC,EAAAA,SAAS,CAACC,MAAD,EAA6C;AACpD,WAAO,CAAC,CAACA,MAAM,CAACC,MAAhB;AACD;;AAEDC,EAAAA,cAAc,CAACF,MAAD,EAAsE;AAClF,UAAM;AAAEC,MAAAA;AAAF,QAAaD,MAAnB;;AACA,QAAI,CAACC,MAAL,EAAa;AACX;AACD;;AACD,WAAO;AACLE,MAAAA,WAAW,EAAE,KAAKC,IAAL,CAAUC,cAAV,CAA0BC,gBAA1B,CAA4CH,WADpD;AAELF,MAAAA;AAFK,KAAP;AAID;;AAEDM,EAAAA,SAAS,GAAG;AACV,WAAO,CACL;AAAEC,MAAAA,IAAI,EAAE,QAAR;AAAkBC,MAAAA,IAAI,EAAE,QAAxB;AAAkCC,MAAAA,KAAK,EAAE,QAAzC;AAAmDC,MAAAA,QAAQ,EAAE;AAA7D,KADK,CAAP;AAGD;;AApBiG","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport { Authenticator, Credentials } from './Authenticator';\n\nexport interface SecurityQuestionVerificationValues {\n  answer?: string;\n}\n\nexport class SecurityQuestionVerification extends Authenticator<SecurityQuestionVerificationValues> {\n  canVerify(values: SecurityQuestionVerificationValues) {\n    return !!values.answer;\n  }\n\n  mapCredentials(values: SecurityQuestionVerificationValues): Credentials | undefined {\n    const { answer } = values;\n    if (!answer) {\n      return;\n    }\n    return {\n      questionKey: this.meta.contextualData!.enrolledQuestion!.questionKey,\n      answer\n    };\n  }\n\n  getInputs() {\n    return [\n      { name: 'answer', type: 'string', label: 'Answer', required: true }\n    ];\n  }\n}\n"],"file":"SecurityQuestionVerification.js"}
+{"version":3,"sources":["../../../../lib/idx/authenticator/SecurityQuestionVerification.ts"],"names":["SecurityQuestionVerification","Authenticator","canVerify","values","credentials","answer","mapCredentials","questionKey","meta","contextualData","enrolledQuestion","getInputs","name","type","label","required"],"mappings":";;;;AACA;;AADA;AAQO,MAAMA,4BAAN,SAA2CC,4BAA3C,CAA6F;AAClGC,EAAAA,SAAS,CAACC,MAAD,EAA6C;AACpD,UAAM;AAAEC,MAAAA;AAAF,QAAkBD,MAAxB;;AACA,QAAIC,WAAW,IAAIA,WAAW,CAACC,MAA/B,EAAuC;AACrC,aAAO,IAAP;AACD;;AACD,UAAM;AAAEA,MAAAA;AAAF,QAAaF,MAAnB;AACA,WAAO,CAAC,CAACE,MAAT;AACD;;AAEDC,EAAAA,cAAc,CAACH,MAAD,EAAsE;AAClF,UAAM;AAAEE,MAAAA;AAAF,QAAaF,MAAnB;;AACA,QAAI,CAACE,MAAL,EAAa;AACX;AACD;;AACD,WAAO;AACLE,MAAAA,WAAW,EAAE,KAAKC,IAAL,CAAUC,cAAV,CAA0BC,gBAA1B,CAA4CH,WADpD;AAELF,MAAAA;AAFK,KAAP;AAID;;AAEDM,EAAAA,SAAS,GAAG;AACV,WAAO,CACL;AAAEC,MAAAA,IAAI,EAAE,QAAR;AAAkBC,MAAAA,IAAI,EAAE,QAAxB;AAAkCC,MAAAA,KAAK,EAAE,QAAzC;AAAmDC,MAAAA,QAAQ,EAAE;AAA7D,KADK,CAAP;AAGD;;AAzBiG","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport { Authenticator, Credentials } from './Authenticator';\n\nexport interface SecurityQuestionVerificationValues {\n  answer?: string;\n  credentials?: Credentials;\n}\n\nexport class SecurityQuestionVerification extends Authenticator<SecurityQuestionVerificationValues> {\n  canVerify(values: SecurityQuestionVerificationValues) {\n    const { credentials } = values;\n    if (credentials && credentials.answer) {\n      return true;\n    }\n    const { answer } = values;\n    return !!answer;\n  }\n\n  mapCredentials(values: SecurityQuestionVerificationValues): Credentials | undefined {\n    const { answer } = values;\n    if (!answer) {\n      return;\n    }\n    return {\n      questionKey: this.meta.contextualData!.enrolledQuestion!.questionKey,\n      answer\n    };\n  }\n\n  getInputs() {\n    return [\n      { name: 'answer', type: 'string', label: 'Answer', required: true }\n    ];\n  }\n}\n"],"file":"SecurityQuestionVerification.js"}

package/cjs/idx/cancel.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/cancel.ts"],"names":["cancel","authClient","options","meta","transactionManager","load","flowSpec","flow","actions"],"mappings":";;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAQO,eAAeA,MAAf,CAAuBC,UAAvB,EAAsDC,OAAtD,EAA+E;AACpF,QAAMC,IAAI,GAAGF,UAAU,CAACG,kBAAX,CAA8BC,IAA9B,EAAb;AACA,QAAMC,QAAQ,GAAG,gCAAqBL,UAArB,EAAiCE,IAAI,CAACI,IAAtC,CAAjB;AACA,SAAO,cAAIN,UAAJ,EAAgB,EACrB,GAAGC,OADkB;AAErB,OAAGI,QAFkB;AAGrBE,IAAAA,OAAO,EAAE,CAAC,QAAD;AAHY,GAAhB,CAAP;AAKD","sourcesContent":["/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuthInterface, IdxOptions, IdxTransactionMeta } from '../types';\nimport { run } from './run';\nimport { getFlowSpecification } from './flow';\n\nexport type CancelOptions = IdxOptions;\n\nexport async function cancel (authClient: OktaAuthInterface, options?: CancelOptions) {\n  const meta = authClient.transactionManager.load() as IdxTransactionMeta;\n  const flowSpec = getFlowSpecification(authClient, meta.flow);\n  return run(authClient, {\n    ...options,\n    ...flowSpec,\n    actions: ['cancel']\n  });\n}\n"],"file":"cancel.js"}
+{"version":3,"sources":["../../../lib/idx/cancel.ts"],"names":["cancel","authClient","options","meta","transactionManager","load","flowSpec","flow","actions"],"mappings":";;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,eAAeA,MAAf,CAAuBC,UAAvB,EAAsDC,OAAtD,EAA+E;AACpF,QAAMC,IAAI,GAAGF,UAAU,CAACG,kBAAX,CAA8BC,IAA9B,EAAb;AACA,QAAMC,QAAQ,GAAG,gCAAqBL,UAArB,EAAiCE,IAAI,CAACI,IAAtC,CAAjB;AACA,SAAO,cAAIN,UAAJ,EAAgB,EACrB,GAAGC,OADkB;AAErB,OAAGI,QAFkB;AAGrBE,IAAAA,OAAO,EAAE,CAAC,QAAD;AAHY,GAAhB,CAAP;AAKD","sourcesContent":["/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuthInterface, CancelOptions, IdxTransactionMeta } from '../types';\nimport { run } from './run';\nimport { getFlowSpecification } from './flow';\n\nexport async function cancel (authClient: OktaAuthInterface, options?: CancelOptions) {\n  const meta = authClient.transactionManager.load() as IdxTransactionMeta;\n  const flowSpec = getFlowSpecification(authClient, meta.flow);\n  return run(authClient, {\n    ...options,\n    ...flowSpec,\n    actions: ['cancel']\n  });\n}\n"],"file":"cancel.js"}

package/cjs/idx/flow/AuthenticationFlow.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/idx/flow/AuthenticationFlow.ts"],"names":["AuthenticationFlow","Identify","SelectAuthenticatorAuthenticate","SelectAuthenticatorEnroll","AuthenticatorEnrollmentData","AuthenticatorVerificationData","EnrollAuthenticator","ChallengeAuthenticator","ChallengePoll","ReEnrollAuthenticator","EnrollPoll","RedirectIdp","Skip"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAkBO,MAAMA,kBAAmC,GAAG;AACjD,cAAYC,qBADqC;AAEjD,uCAAqCC,4CAFY;AAGjD,iCAA+BC,sCAHkB;AAIjD,mCAAiCC,wCAJgB;AAKjD,qCAAmCC,0CALc;AAMjD,0BAAwBC,gCANyB;AAOjD,6BAA2BC,mCAPsB;AAQjD,oBAAkBC,0BAR+B;AASjD,4BAA0BC,kCATuB;AAUjD,iBAAeC,uBAVkC;AAWjD,kBAAgBC,wBAXiC;AAYjD,UAAQC;AAZyC,CAA5C","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { RemediationFlow } from './RemediationFlow';\nimport { \n  Identify,\n  SelectAuthenticatorAuthenticate,\n  ChallengeAuthenticator,\n  ReEnrollAuthenticator,\n  RedirectIdp,\n  AuthenticatorEnrollmentData,\n  SelectAuthenticatorEnroll,\n  EnrollAuthenticator,\n  AuthenticatorVerificationData,\n  EnrollPoll,\n  ChallengePoll, Skip\n} from '../remediators';\n\nexport const AuthenticationFlow: RemediationFlow = {\n  'identify': Identify,\n  'select-authenticator-authenticate': SelectAuthenticatorAuthenticate,\n  'select-authenticator-enroll': SelectAuthenticatorEnroll,\n  'authenticator-enrollment-data': AuthenticatorEnrollmentData,\n  'authenticator-verification-data': AuthenticatorVerificationData,\n  'enroll-authenticator': EnrollAuthenticator,\n  'challenge-authenticator': ChallengeAuthenticator,\n  'challenge-poll': ChallengePoll,\n  'reenroll-authenticator': ReEnrollAuthenticator,\n  'enroll-poll': EnrollPoll,\n  'redirect-idp': RedirectIdp,\n  'skip': Skip,\n};\n"],"file":"AuthenticationFlow.js"}
+{"version":3,"sources":["../../../../lib/idx/flow/AuthenticationFlow.ts"],"names":["AuthenticationFlow","Identify","SelectAuthenticatorAuthenticate","SelectAuthenticatorEnroll","AuthenticatorEnrollmentData","AuthenticatorVerificationData","EnrollAuthenticator","ChallengeAuthenticator","ChallengePoll","ReEnrollAuthenticator","EnrollPoll","RedirectIdp","Skip"],"mappings":";;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAmBO,MAAMA,kBAAmC,GAAG;AACjD,cAAYC,qBADqC;AAEjD,uCAAqCC,4CAFY;AAGjD,iCAA+BC,sCAHkB;AAIjD,mCAAiCC,wCAJgB;AAKjD,qCAAmCC,0CALc;AAMjD,0BAAwBC,gCANyB;AAOjD,6BAA2BC,mCAPsB;AAQjD,oBAAkBC,0BAR+B;AASjD,4BAA0BC,kCATuB;AAUjD,iBAAeC,uBAVkC;AAWjD,kBAAgBC,wBAXiC;AAYjD,UAAQC;AAZyC,CAA5C","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { RemediationFlow } from './RemediationFlow';\nimport { \n  Identify,\n  SelectAuthenticatorAuthenticate,\n  ChallengeAuthenticator,\n  ReEnrollAuthenticator,\n  RedirectIdp,\n  AuthenticatorEnrollmentData,\n  SelectAuthenticatorEnroll,\n  EnrollAuthenticator,\n  AuthenticatorVerificationData,\n  EnrollPoll,\n  ChallengePoll, \n  Skip\n} from '../remediators';\n\nexport const AuthenticationFlow: RemediationFlow = {\n  'identify': Identify,\n  'select-authenticator-authenticate': SelectAuthenticatorAuthenticate,\n  'select-authenticator-enroll': SelectAuthenticatorEnroll,\n  'authenticator-enrollment-data': AuthenticatorEnrollmentData,\n  'authenticator-verification-data': AuthenticatorVerificationData,\n  'enroll-authenticator': EnrollAuthenticator,\n  'challenge-authenticator': ChallengeAuthenticator,\n  'challenge-poll': ChallengePoll,\n  'reenroll-authenticator': ReEnrollAuthenticator,\n  'enroll-poll': EnrollPoll,\n  'redirect-idp': RedirectIdp,\n  'skip': Skip,\n};\n"],"file":"AuthenticationFlow.js"}

package/cjs/idx/idxState/v1/generateIdxAction.js

@@ -27,8 +27,6 @@ var _AuthApiError = _interopRequireDefault(require("../../../errors/AuthApiError
  */
 
 /* eslint-disable max-len, complexity */
-// eslint-disable-next-line @typescript-eslint/ban-ts-comment
-// @ts-nocheck
 const generateDirectFetch = function generateDirectFetch(authClient, {
   actionDefinition,
   defaultParamsForAction = {},

package/cjs/idx/idxState/v1/generateIdxAction.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../../lib/idx/idxState/v1/generateIdxAction.ts"],"names":["generateDirectFetch","authClient","actionDefinition","defaultParamsForAction","immutableParamsForAction","toPersist","target","href","params","headers","accepts","body","response","url","method","args","withCredentials","err","AuthApiError","xhr","payload","responseJSON","JSON","parse","responseText","wwwAuthHeader","idxResponse","status","stepUp","generateIdxAction","generator","defaultParams","neededParams","immutableParams","action","name"],"mappings":";;;;;;;;AAeA;;AAGA;;AACA;;AACA;;AApBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AAQA,MAAMA,mBAAmB,GAAG,SAASA,mBAAT,CAA6BC,UAA7B,EAA4D;AACtFC,EAAAA,gBADsF;AAEtFC,EAAAA,sBAAsB,GAAG,EAF6D;AAGtFC,EAAAA,wBAAwB,GAAG,EAH2D;AAItFC,EAAAA,SAAS,GAAG;AAJ0E,CAA5D,EAKzB;AACD,QAAMC,MAAM,GAAGJ,gBAAgB,CAACK,IAAhC;AACA,SAAO,gBAAeC,MAAuB,GAAG,EAAzC,EAAmE;AACxE,UAAMC,OAAO,GAAG;AACd,sBAAgB,kBADF;AAEd,gBAAUP,gBAAgB,CAACQ,OAAjB,IAA4B;AAFxB,KAAhB;AAIA,UAAMC,IAAI,GAAG,wBAAe,EAC1B,GAAGR,sBADuB;AAE1B,SAAGK,MAFuB;AAG1B,SAAGJ;AAHuB,KAAf,CAAb;;AAMA,QAAI;AAAA;;AACF,YAAMQ,QAAQ,GAAG,MAAM,uBAAYX,UAAZ,EAAwB;AAC7CY,QAAAA,GAAG,EAAEP,MADwC;AAE7CQ,QAAAA,MAAM,EAAEZ,gBAAgB,CAACY,MAFoB;AAG7CL,QAAAA,OAH6C;AAI7CM,QAAAA,IAAI,EAAEJ,IAJuC;AAK7CK,QAAAA,eAAe,2BAAEX,SAAF,aAAEA,SAAF,uBAAEA,SAAS,CAAEW,eAAb,yEAAgC;AALF,OAAxB,CAAvB;AAQA,aAAO,gCAAaf,UAAb,EAAyB,EAAE,GAAGW;AAAL,OAAzB,EAA0CP,SAA1C,EAAqD,IAArD,CAAP;AACD,KAVD,CAWA,OAAOY,GAAP,EAAY;AACV,UAAI,EAAEA,GAAG,YAAYC,qBAAjB,KAAkC,EAACD,GAAD,aAACA,GAAD,eAACA,GAAG,CAAEE,GAAN,CAAtC,EAAiD;AAC/C,cAAMF,GAAN;AACD;;AAED,YAAML,QAAQ,GAAGK,GAAG,CAACE,GAArB;AACA,YAAMC,OAAO,GAAGR,QAAQ,CAACS,YAAT,IAAyBC,IAAI,CAACC,KAAL,CAAWX,QAAQ,CAACY,YAApB,CAAzC;AACA,YAAMC,aAAa,GAAGb,QAAQ,CAACH,OAAT,CAAiB,kBAAjB,KAAwCG,QAAQ,CAACH,OAAT,CAAiB,kBAAjB,CAA9D;AAEA,YAAMiB,WAAW,GAAG,gCAAazB,UAAb,EAAyB,EAAE,GAAGmB;AAAL,OAAzB,EAAyCf,SAAzC,EAAoD,KAApD,CAApB;;AACA,UAAIO,QAAQ,CAACe,MAAT,KAAoB,GAApB,IAA2BF,aAAa,KAAK,mCAAjD,EAAsF;AACpF;AACA;AACA;AACA;AACAC,QAAAA,WAAW,CAACE,MAAZ,GAAqB,IAArB;AACD,OAhBS,CAkBV;;;AACA,YAAMF,WAAN;AACD;AACF,GA3CD;AA4CD,CAnDD,C,CAqDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AAEA,MAAMG,iBAAiB,GAAG,SAASA,iBAAT,CAA4B5B,UAA5B,EAA2DC,gBAA3D,EAA6EG,SAA7E,EAAyF;AACjH;AACA;AACA,QAAMyB,SAAS,GAAG9B,mBAAlB;AACA,QAAM;AAAE+B,IAAAA,aAAF;AAAiBC,IAAAA,YAAjB;AAA+BC,IAAAA;AAA/B,MAAmD,kDAAgC/B,gBAAhC,CAAzD;AAEA,QAAMgC,MAAM,GAAGJ,SAAS,CAAC7B,UAAD,EAAa;AACnCC,IAAAA,gBADmC;AAEnCC,IAAAA,sBAAsB,EAAE4B,aAAa,CAAC7B,gBAAgB,CAACiC,IAAlB,CAFF;AAGnC/B,IAAAA,wBAAwB,EAAE6B,eAAe,CAAC/B,gBAAgB,CAACiC,IAAlB,CAHN;AAInC9B,IAAAA;AAJmC,GAAb,CAAxB;AAMA6B,EAAAA,MAAM,CAACF,YAAP,GAAsBA,YAAtB;AACA,SAAOE,MAAP;AACD,CAdD;;eAgBeL,iB","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable max-len, complexity */\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nimport { httpRequest } from '../../../http';\nimport { OktaAuthInterface } from '../../../types';    // auth-js/types\nimport { IdxActionParams } from '../../types/idx-js';\nimport { divideActionParamsByMutability } from './actionParser';\nimport { makeIdxState } from './makeIdxState';\nimport AuthApiError from '../../../errors/AuthApiError';\n\nconst generateDirectFetch = function generateDirectFetch(authClient: OktaAuthInterface, { \n  actionDefinition, \n  defaultParamsForAction = {}, \n  immutableParamsForAction = {}, \n  toPersist = {}\n}) {\n  const target = actionDefinition.href;\n  return async function(params: IdxActionParams = {}): Promise<IdxResponse> {\n    const headers = {\n      'Content-Type': 'application/json',\n      'Accept': actionDefinition.accepts || 'application/ion+json',\n    };\n    const body = JSON.stringify({\n      ...defaultParamsForAction,\n      ...params,\n      ...immutableParamsForAction\n    });\n\n    try {\n      const response = await httpRequest(authClient, {\n        url: target,\n        method: actionDefinition.method,\n        headers,\n        args: body,\n        withCredentials: toPersist?.withCredentials ?? true\n      });\n\n      return makeIdxState(authClient, { ...response }, toPersist, true);\n    }\n    catch (err) {\n      if (!(err instanceof AuthApiError) || !err?.xhr) {\n        throw err;\n      }\n\n      const response = err.xhr;\n      const payload = response.responseJSON || JSON.parse(response.responseText);\n      const wwwAuthHeader = response.headers['WWW-Authenticate'] || response.headers['www-authenticate'];\n\n      const idxResponse = makeIdxState(authClient, { ...payload }, toPersist, false);\n      if (response.status === 401 && wwwAuthHeader === 'Oktadevicejwt realm=\"Okta Device\"') {\n        // Okta server responds 401 status code with WWW-Authenticate header and new remediation\n        // so that the iOS/MacOS credential SSO extension (Okta Verify) can intercept\n        // the response reaches here when Okta Verify is not installed\n        // set `stepUp` to true if flow should be continued without showing any errors\n        idxResponse.stepUp = true;\n      }\n\n      // Throw IDX response if request did not succeed. This behavior will be removed in version 7.0: OKTA-481844\n      throw idxResponse;\n    }\n  };\n};\n\n// TODO: Resolve in M2: Either build the final polling solution or remove this code\n// const generatePollingFetch = function generatePollingFetch( { actionDefinition, defaultParamsForAction = {}, immutableParamsForAction = {} } ) {\n//   // TODO: Discussions ongoing about when/how to terminate polling: OKTA-246581\n//   const target = actionDefinition.href;\n//   return async function(params) {\n//     return fetch(target, {\n//       method: actionDefinition.method,\n//       headers: {\n//         'content-type': actionDefinition.accepts,\n//       },\n//       body: JSON.stringify({ ...defaultParamsForAction, ...params, ...immutableParamsForAction })\n//     })\n//       .then( response => response.ok ? response.json() : response.json().then( err => Promise.reject(err)) )\n//       .then( idxResponse => makeIdxState(authClient, idxResponse) );\n//   };\n// };\n\nconst generateIdxAction = function generateIdxAction( authClient: OktaAuthInterface, actionDefinition, toPersist ) {\n  // TODO: leaving this here to see where the polling is EXPECTED to drop into the code, but removing any accidental trigger of incomplete code\n  // const generator =  actionDefinition.refresh ? generatePollingFetch : generateDirectFetch;\n  const generator = generateDirectFetch;\n  const { defaultParams, neededParams, immutableParams } = divideActionParamsByMutability( actionDefinition );\n\n  const action = generator(authClient, {\n    actionDefinition,\n    defaultParamsForAction: defaultParams[actionDefinition.name],\n    immutableParamsForAction: immutableParams[actionDefinition.name],\n    toPersist\n  });\n  action.neededParams = neededParams;\n  return action;\n};\n\nexport default generateIdxAction;\n"],"file":"generateIdxAction.js"}
+{"version":3,"sources":["../../../../../lib/idx/idxState/v1/generateIdxAction.ts"],"names":["generateDirectFetch","authClient","actionDefinition","defaultParamsForAction","immutableParamsForAction","toPersist","target","href","params","headers","accepts","body","response","url","method","args","withCredentials","err","AuthApiError","xhr","payload","responseJSON","JSON","parse","responseText","wwwAuthHeader","idxResponse","status","stepUp","generateIdxAction","generator","defaultParams","neededParams","immutableParams","action","name"],"mappings":";;;;;;;;AAaA;;AAGA;;AACA;;AACA;;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAQA,MAAMA,mBAAmB,GAAG,SAASA,mBAAT,CAA6BC,UAA7B,EAA4D;AACtFC,EAAAA,gBADsF;AAEtFC,EAAAA,sBAAsB,GAAG,EAF6D;AAGtFC,EAAAA,wBAAwB,GAAG,EAH2D;AAItFC,EAAAA,SAAS,GAAG;AAJ0E,CAA5D,EAKN;AACpB,QAAMC,MAAM,GAAGJ,gBAAgB,CAACK,IAAhC;AACA,SAAO,gBAAeC,MAAuB,GAAG,EAAzC,EAAmE;AACxE,UAAMC,OAAO,GAAG;AACd,sBAAgB,kBADF;AAEd,gBAAUP,gBAAgB,CAACQ,OAAjB,IAA4B;AAFxB,KAAhB;AAIA,UAAMC,IAAI,GAAG,wBAAe,EAC1B,GAAGR,sBADuB;AAE1B,SAAGK,MAFuB;AAG1B,SAAGJ;AAHuB,KAAf,CAAb;;AAMA,QAAI;AAAA;;AACF,YAAMQ,QAAQ,GAAG,MAAM,uBAAYX,UAAZ,EAAwB;AAC7CY,QAAAA,GAAG,EAAEP,MADwC;AAE7CQ,QAAAA,MAAM,EAAEZ,gBAAgB,CAACY,MAFoB;AAG7CL,QAAAA,OAH6C;AAI7CM,QAAAA,IAAI,EAAEJ,IAJuC;AAK7CK,QAAAA,eAAe,2BAAEX,SAAF,aAAEA,SAAF,uBAAEA,SAAS,CAAEW,eAAb,yEAAgC;AALF,OAAxB,CAAvB;AAQA,aAAO,gCAAaf,UAAb,EAAyB,EAAE,GAAGW;AAAL,OAAzB,EAA0CP,SAA1C,EAAqD,IAArD,CAAP;AACD,KAVD,CAWA,OAAOY,GAAP,EAAY;AACV,UAAI,EAAEA,GAAG,YAAYC,qBAAjB,KAAkC,EAACD,GAAD,aAACA,GAAD,eAACA,GAAG,CAAEE,GAAN,CAAtC,EAAiD;AAC/C,cAAMF,GAAN;AACD;;AAED,YAAML,QAAQ,GAAGK,GAAG,CAACE,GAArB;AACA,YAAMC,OAAO,GAAGR,QAAQ,CAACS,YAAT,IAAyBC,IAAI,CAACC,KAAL,CAAWX,QAAQ,CAACY,YAApB,CAAzC;AACA,YAAMC,aAAa,GAAGb,QAAQ,CAACH,OAAT,CAAiB,kBAAjB,KAAwCG,QAAQ,CAACH,OAAT,CAAiB,kBAAjB,CAA9D;AAEA,YAAMiB,WAAW,GAAG,gCAAazB,UAAb,EAAyB,EAAE,GAAGmB;AAAL,OAAzB,EAAyCf,SAAzC,EAAoD,KAApD,CAApB;;AACA,UAAIO,QAAQ,CAACe,MAAT,KAAoB,GAApB,IAA2BF,aAAa,KAAK,mCAAjD,EAAsF;AACpF;AACA;AACA;AACA;AACAC,QAAAA,WAAW,CAACE,MAAZ,GAAqB,IAArB;AACD,OAhBS,CAkBV;;;AACA,YAAMF,WAAN;AACD;AACF,GA3CD;AA4CD,CAnDD,C,CAqDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AAEA,MAAMG,iBAAiB,GAAG,SAASA,iBAAT,CAA4B5B,UAA5B,EAA2DC,gBAA3D,EAA6EG,SAA7E,EAA4G;AACpI;AACA;AACA,QAAMyB,SAAS,GAAG9B,mBAAlB;AACA,QAAM;AAAE+B,IAAAA,aAAF;AAAiBC,IAAAA,YAAjB;AAA+BC,IAAAA;AAA/B,MAAmD,kDAAgC/B,gBAAhC,CAAzD;AAEA,QAAMgC,MAAM,GAAGJ,SAAS,CAAC7B,UAAD,EAAa;AACnCC,IAAAA,gBADmC;AAEnCC,IAAAA,sBAAsB,EAAE4B,aAAa,CAAC7B,gBAAgB,CAACiC,IAAlB,CAFF;AAGnC/B,IAAAA,wBAAwB,EAAE6B,eAAe,CAAC/B,gBAAgB,CAACiC,IAAlB,CAHN;AAInC9B,IAAAA;AAJmC,GAAb,CAAxB;AAMA6B,EAAAA,MAAM,CAACF,YAAP,GAAsBA,YAAtB;AACA,SAAOE,MAAP;AACD,CAdD;;eAgBeL,iB","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable max-len, complexity */\nimport { httpRequest } from '../../../http';\nimport { OktaAuthInterface } from '../../../types';    // auth-js/types\nimport { IdxActionFunction, IdxActionParams, IdxResponse, IdxToPersist } from '../../types/idx-js';\nimport { divideActionParamsByMutability } from './actionParser';\nimport { makeIdxState } from './makeIdxState';\nimport AuthApiError from '../../../errors/AuthApiError';\n\nconst generateDirectFetch = function generateDirectFetch(authClient: OktaAuthInterface, { \n  actionDefinition, \n  defaultParamsForAction = {}, \n  immutableParamsForAction = {}, \n  toPersist = {} as IdxToPersist\n}): IdxActionFunction {\n  const target = actionDefinition.href;\n  return async function(params: IdxActionParams = {}): Promise<IdxResponse> {\n    const headers = {\n      'Content-Type': 'application/json',\n      'Accept': actionDefinition.accepts || 'application/ion+json',\n    };\n    const body = JSON.stringify({\n      ...defaultParamsForAction,\n      ...params,\n      ...immutableParamsForAction\n    });\n\n    try {\n      const response = await httpRequest(authClient, {\n        url: target,\n        method: actionDefinition.method,\n        headers,\n        args: body,\n        withCredentials: toPersist?.withCredentials ?? true\n      });\n\n      return makeIdxState(authClient, { ...response }, toPersist, true);\n    }\n    catch (err) {\n      if (!(err instanceof AuthApiError) || !err?.xhr) {\n        throw err;\n      }\n\n      const response = err.xhr;\n      const payload = response.responseJSON || JSON.parse(response.responseText);\n      const wwwAuthHeader = response.headers['WWW-Authenticate'] || response.headers['www-authenticate'];\n\n      const idxResponse = makeIdxState(authClient, { ...payload }, toPersist, false);\n      if (response.status === 401 && wwwAuthHeader === 'Oktadevicejwt realm=\"Okta Device\"') {\n        // Okta server responds 401 status code with WWW-Authenticate header and new remediation\n        // so that the iOS/MacOS credential SSO extension (Okta Verify) can intercept\n        // the response reaches here when Okta Verify is not installed\n        // set `stepUp` to true if flow should be continued without showing any errors\n        idxResponse.stepUp = true;\n      }\n\n      // Throw IDX response if request did not succeed. This behavior will be removed in version 7.0: OKTA-481844\n      throw idxResponse;\n    }\n  };\n};\n\n// TODO: Resolve in M2: Either build the final polling solution or remove this code\n// const generatePollingFetch = function generatePollingFetch( { actionDefinition, defaultParamsForAction = {}, immutableParamsForAction = {} } ) {\n//   // TODO: Discussions ongoing about when/how to terminate polling: OKTA-246581\n//   const target = actionDefinition.href;\n//   return async function(params) {\n//     return fetch(target, {\n//       method: actionDefinition.method,\n//       headers: {\n//         'content-type': actionDefinition.accepts,\n//       },\n//       body: JSON.stringify({ ...defaultParamsForAction, ...params, ...immutableParamsForAction })\n//     })\n//       .then( response => response.ok ? response.json() : response.json().then( err => Promise.reject(err)) )\n//       .then( idxResponse => makeIdxState(authClient, idxResponse) );\n//   };\n// };\n\nconst generateIdxAction = function generateIdxAction( authClient: OktaAuthInterface, actionDefinition, toPersist ): IdxActionFunction {\n  // TODO: leaving this here to see where the polling is EXPECTED to drop into the code, but removing any accidental trigger of incomplete code\n  // const generator =  actionDefinition.refresh ? generatePollingFetch : generateDirectFetch;\n  const generator = generateDirectFetch;\n  const { defaultParams, neededParams, immutableParams } = divideActionParamsByMutability( actionDefinition );\n\n  const action = generator(authClient, {\n    actionDefinition,\n    defaultParamsForAction: defaultParams[actionDefinition.name],\n    immutableParamsForAction: immutableParams[actionDefinition.name],\n    toPersist\n  });\n  action.neededParams = neededParams;\n  return action;\n};\n\nexport default generateIdxAction;\n"],"file":"generateIdxAction.js"}

package/cjs/idx/idxState/v1/idxResponseParser.js

@@ -109,11 +109,16 @@ const expandRelatesTo = (idxResponse, value) => {
 };
 
 const convertRemediationAction = (authClient, remediation, toPersist) => {
-  const remediationActions = (0, _remediationParser.generateRemediationFunctions)(authClient, [remediation], toPersist);
-  const actionFn = remediationActions[remediation.name];
-  return { ...remediation,
-    action: actionFn
-  };
+  // Only remediation that has `rel` field (indicator for form submission) can have http action
+  if (remediation.rel) {
+    const remediationActions = (0, _remediationParser.generateRemediationFunctions)(authClient, [remediation], toPersist);
+    const actionFn = remediationActions[remediation.name];
+    return { ...remediation,
+      action: actionFn
+    };
+  }
+
+  return remediation;
 };
 
 const parseIdxResponse = function parseIdxResponse(authClient, idxResponse, toPersist = {}) {

package/cjs/idx/idxState/v1/idxResponseParser.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../../lib/idx/idxState/v1/idxResponseParser.ts"],"names":["SKIP_FIELDS","field","parseNonRemediations","authClient","idxResponse","toPersist","actions","context","forEach","fieldIsObject","rel","name","value","fieldValue","type","info","subField","expandRelatesTo","k","query","Array","isArray","result","path","json","innerValue","convertRemediationAction","remediation","remediationActions","actionFn","action","parseIdxResponse","remediationData","remediations"],"mappings":";;;;;;;;;;;;;;;;AAgBA;;AACA;;AACA;;;;AAEA,MAAMA,WAAW,GAAG,0BAAmB,8BACrC,aADqC,EACtB;AACf,SAFqC,CAE1B;AAF0B,kBAG/BC,KAAD,IAAW,CAAEA,KAAF,EAAS,CAAC,CAAC,iBAAX,CAHqB,CAAnB,CAApB;;AAKO,MAAMC,oBAAoB,GAAG,SAASA,oBAAT,CAA+BC,UAA/B,EAA8DC,WAA9D,EAA2EC,SAAS,GAAG,EAAvF,EAA4F;AAAA;;AAC9H,QAAMC,OAAO,GAAG,EAAhB;AACA,QAAMC,OAAO,GAAG,EAAhB;AAEA,sDAAYH,WAAZ,mBACWH,KAAK,IAAI,CAACD,WAAW,CAACC,KAAD,CADhC,EAEGO,OAFH,CAEYP,KAAK,IAAI;AACjB,UAAMQ,aAAa,GAAG,OAAOL,WAAW,CAACH,KAAD,CAAlB,KAA8B,QAA9B,IAA0C,CAAC,CAACG,WAAW,CAACH,KAAD,CAA7E;;AAEA,QAAK,CAACQ,aAAN,EAAsB;AACpB;AACAF,MAAAA,OAAO,CAACN,KAAD,CAAP,GAAiBG,WAAW,CAACH,KAAD,CAA5B;AACA;AACD;;AAED,QAAKG,WAAW,CAACH,KAAD,CAAX,CAAmBS,GAAxB,EAA8B;AAC5B;AACAJ,MAAAA,OAAO,CAACF,WAAW,CAACH,KAAD,CAAX,CAAmBU,IAApB,CAAP,GAAmC,gCAAkBR,UAAlB,EAA8BC,WAAW,CAACH,KAAD,CAAzC,EAAkDI,SAAlD,CAAnC;AACA;AACD;;AAED,UAAM;AAAEO,MAAAA,KAAK,EAAEC,UAAT;AAAqBC,MAAAA,IAArB;AAA2B,SAAGC;AAA9B,QAAsCX,WAAW,CAACH,KAAD,CAAvD;AACAM,IAAAA,OAAO,CAACN,KAAD,CAAP,GAAiB;AAAEa,MAAAA,IAAF;AAAQ,SAAGC;AAAX,KAAjB,CAhBiB,CAgBkB;;AAEnC,QAAKD,IAAI,KAAK,QAAd,EAAyB;AACvB;AACAP,MAAAA,OAAO,CAACN,KAAD,CAAP,CAAeW,KAAf,GAAuBC,UAAvB;AACA;AACD,KAtBgB,CAwBjB;;;AACAN,IAAAA,OAAO,CAACN,KAAD,CAAP,CAAeW,KAAf,GAAuB,EAAvB;AACA,0BAAeC,UAAf,EACGL,OADH,CACY,CAAC,CAACQ,QAAD,EAAWJ,KAAX,CAAD,KAAuB;AAC/B,UAAIA,KAAK,CAACF,GAAV,EAAe;AAAE;AACf;AACAJ,QAAAA,OAAO,CAAE,GAAEL,KAAM,IAAGe,QAAQ,CAACL,IAAT,IAAiBK,QAAS,EAAvC,CAAP,GAAmD,gCAAkBb,UAAlB,EAA8BS,KAA9B,EAAqCP,SAArC,CAAnD;AACD,OAHD,MAGO;AACL;AACAE,QAAAA,OAAO,CAACN,KAAD,CAAP,CAAeW,KAAf,CAAqBI,QAArB,IAAiCJ,KAAjC;AACD;AACF,KATH;AAUD,GAtCH;AAwCA,SAAO;AAAEL,IAAAA,OAAF;AAAWD,IAAAA;AAAX,GAAP;AACD,CA7CM;;;;AA+CP,MAAMW,eAAe,GAAG,CAACb,WAAD,EAAcQ,KAAd,KAAwB;AAC9C,qBAAYA,KAAZ,EAAmBJ,OAAnB,CAA2BU,CAAC,IAAI;AAC9B,QAAIA,CAAC,KAAK,WAAV,EAAuB;AACrB,YAAMC,KAAK,GAAGC,KAAK,CAACC,OAAN,CAAcT,KAAK,CAACM,CAAD,CAAnB,IAA0BN,KAAK,CAACM,CAAD,CAAL,CAAS,CAAT,CAA1B,GAAwCN,KAAK,CAACM,CAAD,CAA3D;;AACA,UAAI,OAAOC,KAAP,KAAiB,QAArB,EAA+B;AAC7B;AACA,cAAMG,MAAM,GAAG,4BAAS;AAAEC,UAAAA,IAAI,EAAEJ,KAAR;AAAeK,UAAAA,IAAI,EAAEpB;AAArB,SAAT,EAA6C,CAA7C,CAAf;;AACA,YAAIkB,MAAJ,EAAY;AACVV,UAAAA,KAAK,CAACM,CAAD,CAAL,GAAWI,MAAX;AACA;AACD;AACF;AACF;;AACD,QAAIF,KAAK,CAACC,OAAN,CAAcT,KAAK,CAACM,CAAD,CAAnB,CAAJ,EAA6B;AAC3BN,MAAAA,KAAK,CAACM,CAAD,CAAL,CAASV,OAAT,CAAiBiB,UAAU,IAAIR,eAAe,CAACb,WAAD,EAAcqB,UAAd,CAA9C;AACD;AACF,GAfD;AAgBD,CAjBD;;AAmBA,MAAMC,wBAAwB,GAAG,CAACvB,UAAD,EAAgCwB,WAAhC,EAA6CtB,SAA7C,KAA2D;AAC1F,QAAMuB,kBAAkB,GAAG,qDAA8BzB,UAA9B,EAA0C,CAACwB,WAAD,CAA1C,EAAyDtB,SAAzD,CAA3B;AACA,QAAMwB,QAAQ,GAAGD,kBAAkB,CAACD,WAAW,CAAChB,IAAb,CAAnC;AACA,SAAO,EACL,GAAGgB,WADE;AAELG,IAAAA,MAAM,EAAED;AAFH,GAAP;AAID,CAPD;;AASO,MAAME,gBAAgB,GAAG,SAASA,gBAAT,CAA2B5B,UAA3B,EAA0DC,WAA1D,EAAuEC,SAAS,GAAG,EAAnF,EAI9B;AAAA;;AACA,QAAM2B,eAAe,GAAG,0BAAA5B,WAAW,CAACuB,WAAZ,gFAAyBf,KAAzB,KAAkC,EAA1D;AAEAoB,EAAAA,eAAe,CAACxB,OAAhB,CACEmB,WAAW,IAAIV,eAAe,CAACb,WAAD,EAAcuB,WAAd,CADhC;AAIA,QAAMM,YAAY,GAAG,kBAAAD,eAAe,MAAf,CAAAA,eAAe,EAAKL,WAAW,IAAID,wBAAwB,CAAEvB,UAAF,EAAcwB,WAAd,EAA2BtB,SAA3B,CAA5C,CAApC;AAEA,QAAM;AAAEE,IAAAA,OAAF;AAAWD,IAAAA;AAAX,MAAuBJ,oBAAoB,CAAEC,UAAF,EAAcC,WAAd,EAA2BC,SAA3B,CAAjD;AAEA,SAAO;AACL4B,IAAAA,YADK;AAEL1B,IAAAA,OAFK;AAGLD,IAAAA;AAHK,GAAP;AAKD,CApBM","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable max-len */\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nimport { OktaAuthInterface } from '../../../types';    // auth-js/types\nimport { generateRemediationFunctions } from './remediationParser';\nimport generateIdxAction from './generateIdxAction';\nimport { JSONPath } from 'jsonpath-plus';\n\nconst SKIP_FIELDS = Object.fromEntries([\n  'remediation', // remediations are put into proceed/neededToProceed\n  'context', // the API response of 'context' isn't externally useful.  We ignore it and put all non-action (contextual) info into idxState.context\n].map( (field) => [ field, !!'skip this field' ] ));\n\nexport const parseNonRemediations = function parseNonRemediations( authClient: OktaAuthInterface, idxResponse, toPersist = {} ) {\n  const actions = {};\n  const context = {};\n\n  Object.keys(idxResponse)\n    .filter( field => !SKIP_FIELDS[field])\n    .forEach( field => {\n      const fieldIsObject = typeof idxResponse[field] === 'object' && !!idxResponse[field];\n\n      if ( !fieldIsObject ) {\n        // simple fields are contextual info\n        context[field] = idxResponse[field];\n        return;\n      }\n\n      if ( idxResponse[field].rel ) {\n        // top level actions\n        actions[idxResponse[field].name] = generateIdxAction(authClient, idxResponse[field], toPersist);\n        return;\n      }\n\n      const { value: fieldValue, type, ...info} = idxResponse[field];\n      context[field] = { type, ...info}; // add the non-action parts as context\n\n      if ( type !== 'object' ) {\n        // only object values hold actions\n        context[field].value = fieldValue;\n        return;\n      }\n\n      // We are an object field containing an object value\n      context[field].value = {};\n      Object.entries(fieldValue)\n        .forEach( ([subField, value]) => {\n          if (value.rel) { // is [field].value[subField] an action?\n            // add any \"action\" value subfields to actions\n            actions[`${field}-${subField.name || subField}`] = generateIdxAction(authClient, value, toPersist);\n          } else {\n            // add non-action value subfields to context\n            context[field].value[subField] = value;\n          }\n        });\n    });\n\n  return { context, actions };\n};\n\nconst expandRelatesTo = (idxResponse, value) => {\n  Object.keys(value).forEach(k => {\n    if (k === 'relatesTo') {\n      const query = Array.isArray(value[k]) ? value[k][0] : value[k];\n      if (typeof query === 'string') {\n        // eslint-disable-next-line new-cap\n        const result = JSONPath({ path: query, json: idxResponse })[0];\n        if (result) {\n          value[k] = result;\n          return;\n        }\n      }\n    }\n    if (Array.isArray(value[k])) {\n      value[k].forEach(innerValue => expandRelatesTo(idxResponse, innerValue));\n    }\n  });\n};\n\nconst convertRemediationAction = (authClient: OktaAuthInterface, remediation, toPersist) => {\n  const remediationActions = generateRemediationFunctions( authClient, [remediation], toPersist );\n  const actionFn = remediationActions[remediation.name];\n  return {\n    ...remediation,\n    action: actionFn,\n  };\n};\n\nexport const parseIdxResponse = function parseIdxResponse( authClient: OktaAuthInterface, idxResponse, toPersist = {} ): {\n  remediations: IdxRemediation[];\n  context: IdxContext;\n  actions: IdxActions;\n} {\n  const remediationData = idxResponse.remediation?.value || [];\n\n  remediationData.forEach(\n    remediation => expandRelatesTo(idxResponse, remediation)\n  );\n\n  const remediations = remediationData.map(remediation => convertRemediationAction( authClient, remediation, toPersist ));\n\n  const { context, actions } = parseNonRemediations( authClient, idxResponse, toPersist );\n\n  return {\n    remediations,\n    context,\n    actions,\n  };\n};\n"],"file":"idxResponseParser.js"}
+{"version":3,"sources":["../../../../../lib/idx/idxState/v1/idxResponseParser.ts"],"names":["SKIP_FIELDS","field","parseNonRemediations","authClient","idxResponse","toPersist","actions","context","forEach","fieldIsObject","rel","name","value","fieldValue","type","info","subField","expandRelatesTo","k","query","Array","isArray","result","path","json","innerValue","convertRemediationAction","remediation","remediationActions","actionFn","action","parseIdxResponse","remediationData","remediations"],"mappings":";;;;;;;;;;;;;;;;AAgBA;;AACA;;AACA;;;;AAEA,MAAMA,WAAW,GAAG,0BAAmB,8BACrC,aADqC,EACtB;AACf,SAFqC,CAE1B;AAF0B,kBAG/BC,KAAD,IAAW,CAAEA,KAAF,EAAS,CAAC,CAAC,iBAAX,CAHqB,CAAnB,CAApB;;AAKO,MAAMC,oBAAoB,GAAG,SAASA,oBAAT,CAA+BC,UAA/B,EAA8DC,WAA9D,EAA2EC,SAAS,GAAG,EAAvF,EAA4F;AAAA;;AAC9H,QAAMC,OAAO,GAAG,EAAhB;AACA,QAAMC,OAAO,GAAG,EAAhB;AAEA,sDAAYH,WAAZ,mBACWH,KAAK,IAAI,CAACD,WAAW,CAACC,KAAD,CADhC,EAEGO,OAFH,CAEYP,KAAK,IAAI;AACjB,UAAMQ,aAAa,GAAG,OAAOL,WAAW,CAACH,KAAD,CAAlB,KAA8B,QAA9B,IAA0C,CAAC,CAACG,WAAW,CAACH,KAAD,CAA7E;;AAEA,QAAK,CAACQ,aAAN,EAAsB;AACpB;AACAF,MAAAA,OAAO,CAACN,KAAD,CAAP,GAAiBG,WAAW,CAACH,KAAD,CAA5B;AACA;AACD;;AAED,QAAKG,WAAW,CAACH,KAAD,CAAX,CAAmBS,GAAxB,EAA8B;AAC5B;AACAJ,MAAAA,OAAO,CAACF,WAAW,CAACH,KAAD,CAAX,CAAmBU,IAApB,CAAP,GAAmC,gCAAkBR,UAAlB,EAA8BC,WAAW,CAACH,KAAD,CAAzC,EAAkDI,SAAlD,CAAnC;AACA;AACD;;AAED,UAAM;AAAEO,MAAAA,KAAK,EAAEC,UAAT;AAAqBC,MAAAA,IAArB;AAA2B,SAAGC;AAA9B,QAAsCX,WAAW,CAACH,KAAD,CAAvD;AACAM,IAAAA,OAAO,CAACN,KAAD,CAAP,GAAiB;AAAEa,MAAAA,IAAF;AAAQ,SAAGC;AAAX,KAAjB,CAhBiB,CAgBkB;;AAEnC,QAAKD,IAAI,KAAK,QAAd,EAAyB;AACvB;AACAP,MAAAA,OAAO,CAACN,KAAD,CAAP,CAAeW,KAAf,GAAuBC,UAAvB;AACA;AACD,KAtBgB,CAwBjB;;;AACAN,IAAAA,OAAO,CAACN,KAAD,CAAP,CAAeW,KAAf,GAAuB,EAAvB;AACA,0BAAeC,UAAf,EACGL,OADH,CACY,CAAC,CAACQ,QAAD,EAAWJ,KAAX,CAAD,KAAuB;AAC/B,UAAIA,KAAK,CAACF,GAAV,EAAe;AAAE;AACf;AACAJ,QAAAA,OAAO,CAAE,GAAEL,KAAM,IAAGe,QAAQ,CAACL,IAAT,IAAiBK,QAAS,EAAvC,CAAP,GAAmD,gCAAkBb,UAAlB,EAA8BS,KAA9B,EAAqCP,SAArC,CAAnD;AACD,OAHD,MAGO;AACL;AACAE,QAAAA,OAAO,CAACN,KAAD,CAAP,CAAeW,KAAf,CAAqBI,QAArB,IAAiCJ,KAAjC;AACD;AACF,KATH;AAUD,GAtCH;AAwCA,SAAO;AAAEL,IAAAA,OAAF;AAAWD,IAAAA;AAAX,GAAP;AACD,CA7CM;;;;AA+CP,MAAMW,eAAe,GAAG,CAACb,WAAD,EAAcQ,KAAd,KAAwB;AAC9C,qBAAYA,KAAZ,EAAmBJ,OAAnB,CAA2BU,CAAC,IAAI;AAC9B,QAAIA,CAAC,KAAK,WAAV,EAAuB;AACrB,YAAMC,KAAK,GAAGC,KAAK,CAACC,OAAN,CAAcT,KAAK,CAACM,CAAD,CAAnB,IAA0BN,KAAK,CAACM,CAAD,CAAL,CAAS,CAAT,CAA1B,GAAwCN,KAAK,CAACM,CAAD,CAA3D;;AACA,UAAI,OAAOC,KAAP,KAAiB,QAArB,EAA+B;AAC7B;AACA,cAAMG,MAAM,GAAG,4BAAS;AAAEC,UAAAA,IAAI,EAAEJ,KAAR;AAAeK,UAAAA,IAAI,EAAEpB;AAArB,SAAT,EAA6C,CAA7C,CAAf;;AACA,YAAIkB,MAAJ,EAAY;AACVV,UAAAA,KAAK,CAACM,CAAD,CAAL,GAAWI,MAAX;AACA;AACD;AACF;AACF;;AACD,QAAIF,KAAK,CAACC,OAAN,CAAcT,KAAK,CAACM,CAAD,CAAnB,CAAJ,EAA6B;AAC3BN,MAAAA,KAAK,CAACM,CAAD,CAAL,CAASV,OAAT,CAAiBiB,UAAU,IAAIR,eAAe,CAACb,WAAD,EAAcqB,UAAd,CAA9C;AACD;AACF,GAfD;AAgBD,CAjBD;;AAmBA,MAAMC,wBAAwB,GAAG,CAACvB,UAAD,EAAgCwB,WAAhC,EAA6CtB,SAA7C,KAA2D;AAC1F;AACA,MAAIsB,WAAW,CAACjB,GAAhB,EAAqB;AACnB,UAAMkB,kBAAkB,GAAG,qDAA8BzB,UAA9B,EAA0C,CAACwB,WAAD,CAA1C,EAAyDtB,SAAzD,CAA3B;AACA,UAAMwB,QAAQ,GAAGD,kBAAkB,CAACD,WAAW,CAAChB,IAAb,CAAnC;AACA,WAAO,EACL,GAAGgB,WADE;AAELG,MAAAA,MAAM,EAAED;AAFH,KAAP;AAID;;AAED,SAAOF,WAAP;AACD,CAZD;;AAcO,MAAMI,gBAAgB,GAAG,SAASA,gBAAT,CAA2B5B,UAA3B,EAA0DC,WAA1D,EAAuEC,SAAS,GAAG,EAAnF,EAI9B;AAAA;;AACA,QAAM2B,eAAe,GAAG,0BAAA5B,WAAW,CAACuB,WAAZ,gFAAyBf,KAAzB,KAAkC,EAA1D;AAEAoB,EAAAA,eAAe,CAACxB,OAAhB,CACEmB,WAAW,IAAIV,eAAe,CAACb,WAAD,EAAcuB,WAAd,CADhC;AAIA,QAAMM,YAAY,GAAG,kBAAAD,eAAe,MAAf,CAAAA,eAAe,EAAKL,WAAW,IAAID,wBAAwB,CAAEvB,UAAF,EAAcwB,WAAd,EAA2BtB,SAA3B,CAA5C,CAApC;AAEA,QAAM;AAAEE,IAAAA,OAAF;AAAWD,IAAAA;AAAX,MAAuBJ,oBAAoB,CAAEC,UAAF,EAAcC,WAAd,EAA2BC,SAA3B,CAAjD;AAEA,SAAO;AACL4B,IAAAA,YADK;AAEL1B,IAAAA,OAFK;AAGLD,IAAAA;AAHK,GAAP;AAKD,CApBM","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable max-len */\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nimport { OktaAuthInterface } from '../../../types';    // auth-js/types\nimport { generateRemediationFunctions } from './remediationParser';\nimport generateIdxAction from './generateIdxAction';\nimport { JSONPath } from 'jsonpath-plus';\n\nconst SKIP_FIELDS = Object.fromEntries([\n  'remediation', // remediations are put into proceed/neededToProceed\n  'context', // the API response of 'context' isn't externally useful.  We ignore it and put all non-action (contextual) info into idxState.context\n].map( (field) => [ field, !!'skip this field' ] ));\n\nexport const parseNonRemediations = function parseNonRemediations( authClient: OktaAuthInterface, idxResponse, toPersist = {} ) {\n  const actions = {};\n  const context = {};\n\n  Object.keys(idxResponse)\n    .filter( field => !SKIP_FIELDS[field])\n    .forEach( field => {\n      const fieldIsObject = typeof idxResponse[field] === 'object' && !!idxResponse[field];\n\n      if ( !fieldIsObject ) {\n        // simple fields are contextual info\n        context[field] = idxResponse[field];\n        return;\n      }\n\n      if ( idxResponse[field].rel ) {\n        // top level actions\n        actions[idxResponse[field].name] = generateIdxAction(authClient, idxResponse[field], toPersist);\n        return;\n      }\n\n      const { value: fieldValue, type, ...info} = idxResponse[field];\n      context[field] = { type, ...info}; // add the non-action parts as context\n\n      if ( type !== 'object' ) {\n        // only object values hold actions\n        context[field].value = fieldValue;\n        return;\n      }\n\n      // We are an object field containing an object value\n      context[field].value = {};\n      Object.entries(fieldValue)\n        .forEach( ([subField, value]) => {\n          if (value.rel) { // is [field].value[subField] an action?\n            // add any \"action\" value subfields to actions\n            actions[`${field}-${subField.name || subField}`] = generateIdxAction(authClient, value, toPersist);\n          } else {\n            // add non-action value subfields to context\n            context[field].value[subField] = value;\n          }\n        });\n    });\n\n  return { context, actions };\n};\n\nconst expandRelatesTo = (idxResponse, value) => {\n  Object.keys(value).forEach(k => {\n    if (k === 'relatesTo') {\n      const query = Array.isArray(value[k]) ? value[k][0] : value[k];\n      if (typeof query === 'string') {\n        // eslint-disable-next-line new-cap\n        const result = JSONPath({ path: query, json: idxResponse })[0];\n        if (result) {\n          value[k] = result;\n          return;\n        }\n      }\n    }\n    if (Array.isArray(value[k])) {\n      value[k].forEach(innerValue => expandRelatesTo(idxResponse, innerValue));\n    }\n  });\n};\n\nconst convertRemediationAction = (authClient: OktaAuthInterface, remediation, toPersist) => {\n  // Only remediation that has `rel` field (indicator for form submission) can have http action\n  if (remediation.rel) {\n    const remediationActions = generateRemediationFunctions( authClient, [remediation], toPersist );\n    const actionFn = remediationActions[remediation.name];\n    return {\n      ...remediation,\n      action: actionFn,\n    };\n  }\n  \n  return remediation;\n};\n\nexport const parseIdxResponse = function parseIdxResponse( authClient: OktaAuthInterface, idxResponse, toPersist = {} ): {\n  remediations: IdxRemediation[];\n  context: IdxContext;\n  actions: IdxActions;\n} {\n  const remediationData = idxResponse.remediation?.value || [];\n\n  remediationData.forEach(\n    remediation => expandRelatesTo(idxResponse, remediation)\n  );\n\n  const remediations = remediationData.map(remediation => convertRemediationAction( authClient, remediation, toPersist ));\n\n  const { context, actions } = parseNonRemediations( authClient, idxResponse, toPersist );\n\n  return {\n    remediations,\n    context,\n    actions,\n  };\n};\n"],"file":"idxResponseParser.js"}

package/cjs/idx/idxState/v1/makeIdxState.js

@@ -46,6 +46,12 @@ function makeIdxState(authClient, idxResponse, toPersist, requestDidSucceed) {
       return _promise.default.reject(`Unknown remediation choice: [${remediationChoice}]`);
     }
 
+    const actionFn = remediationChoiceObject.action;
+
+    if (typeof actionFn !== 'function') {
+      return _promise.default.reject(`Current remediation cannot make form submit action: [${remediationChoice}]`);
+    }
+
     return remediationChoiceObject.action(paramsFromUser);
   };
 

package/cjs/idx/idxState/v1/makeIdxState.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../../lib/idx/idxState/v1/makeIdxState.ts"],"names":["makeIdxState","authClient","idxResponse","toPersist","requestDidSucceed","rawIdxResponse","remediations","context","actions","neededToProceed","proceed","remediationChoice","paramsFromUser","remediationChoiceObject","remediation","name","reject","action","findCode","item","interactionCode","successWithInteractionCode","value","rawIdxState"],"mappings":";;;;;;;;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGuE;AAGhE,SAASA,YAAT,CACLC,UADK,EAELC,WAFK,EAGLC,SAHK,EAILC,iBAJK,EAKQ;AAAA;;AACb,QAAMC,cAAc,GAAIH,WAAxB;AACA,QAAM;AAAEI,IAAAA,YAAF;AAAgBC,IAAAA,OAAhB;AAAyBC,IAAAA;AAAzB,MAAqC,yCAAkBP,UAAlB,EAA8BC,WAA9B,EAA2CC,SAA3C,CAA3C;AACA,QAAMM,eAAe,GAAG,CAAC,GAAGH,YAAJ,CAAxB;;AAEA,QAAMI,OAA+B,GAAG,gBAAgBC,iBAAhB,EAAmCC,cAAc,GAAG,EAApD,EAAyD;AAC/F;AACJ;AACA;AACA;AACA;AACA;AACI,UAAMC,uBAAuB,GAAG,mBAAAP,YAAY,MAAZ,CAAAA,YAAY,EAAOQ,WAAD,IAAiBA,WAAW,CAACC,IAAZ,KAAqBJ,iBAA5C,CAA5C;;AACA,QAAK,CAACE,uBAAN,EAAgC;AAC9B,aAAO,iBAAQG,MAAR,CAAgB,gCAA+BL,iBAAkB,GAAjE,CAAP;AACD;;AAED,WAAOE,uBAAuB,CAACI,MAAxB,CAA+BL,cAA/B,CAAP;AACD,GAbD;;AAeA,QAAMM,QAAQ,GAAGC,IAAI,IAAIA,IAAI,CAACJ,IAAL,KAAc,kBAAvC;;AACA,QAAMK,eAAe,4BAAGf,cAAc,CAACgB,0BAAlB,oFAAG,sBAA2CC,KAA9C,qFAAG,wEAAwDJ,QAAxD,CAAH,2DAAG,uBAAoEI,KAA5F;AAEA,SAAO;AACLZ,IAAAA,OADK;AAELD,IAAAA,eAFK;AAGLD,IAAAA,OAHK;AAILD,IAAAA,OAJK;AAKLgB,IAAAA,WAAW,EAAElB,cALR;AAMLe,IAAAA,eANK;AAOLjB,IAAAA,SAPK;AAQLC,IAAAA;AARK,GAAP;AAUD","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { IdxResponse } from '../../types/idx-js';\nimport { OktaAuthInterface, RawIdxResponse } from '../../../types';    // auth-js/types\nimport { parseIdxResponse } from './idxResponseParser';\n\nexport function makeIdxState( \n  authClient: OktaAuthInterface,\n  idxResponse: RawIdxResponse,\n  toPersist,\n  requestDidSucceed: boolean\n): IdxResponse {\n  const rawIdxResponse =  idxResponse;\n  const { remediations, context, actions } = parseIdxResponse( authClient, idxResponse, toPersist );\n  const neededToProceed = [...remediations];\n\n  const proceed: IdxResponse['proceed'] = async function( remediationChoice, paramsFromUser = {} ) {\n    /*\n    remediationChoice is the name attribute on each form\n    name should remain unique for items inside the remediation that are considered forms(identify, select-factor)\n    name can be duplicate for items like redirect where its not considered a form(redirect)\n    when names are not unique its a redirect to a href, so widget wont POST to idx-js layer.\n    */\n    const remediationChoiceObject = remediations.find((remediation) => remediation.name === remediationChoice);\n    if ( !remediationChoiceObject ) {\n      return Promise.reject(`Unknown remediation choice: [${remediationChoice}]`);\n    }\n\n    return remediationChoiceObject.action(paramsFromUser);\n  };\n\n  const findCode = item => item.name === 'interaction_code';\n  const interactionCode = rawIdxResponse.successWithInteractionCode?.value?.find( findCode )?.value as string;\n\n  return {\n    proceed,\n    neededToProceed,\n    actions,\n    context,\n    rawIdxState: rawIdxResponse,\n    interactionCode,\n    toPersist,\n    requestDidSucceed,\n  };\n}\n"],"file":"makeIdxState.js"}
+{"version":3,"sources":["../../../../../lib/idx/idxState/v1/makeIdxState.ts"],"names":["makeIdxState","authClient","idxResponse","toPersist","requestDidSucceed","rawIdxResponse","remediations","context","actions","neededToProceed","proceed","remediationChoice","paramsFromUser","remediationChoiceObject","remediation","name","reject","actionFn","action","findCode","item","interactionCode","successWithInteractionCode","value","rawIdxState"],"mappings":";;;;;;;;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGuE;AAGhE,SAASA,YAAT,CACLC,UADK,EAELC,WAFK,EAGLC,SAHK,EAILC,iBAJK,EAKQ;AAAA;;AACb,QAAMC,cAAc,GAAIH,WAAxB;AACA,QAAM;AAAEI,IAAAA,YAAF;AAAgBC,IAAAA,OAAhB;AAAyBC,IAAAA;AAAzB,MAAqC,yCAAkBP,UAAlB,EAA8BC,WAA9B,EAA2CC,SAA3C,CAA3C;AACA,QAAMM,eAAe,GAAG,CAAC,GAAGH,YAAJ,CAAxB;;AAEA,QAAMI,OAA+B,GAAG,gBAAgBC,iBAAhB,EAAmCC,cAAc,GAAG,EAApD,EAAyD;AAC/F;AACJ;AACA;AACA;AACA;AACA;AACI,UAAMC,uBAAuB,GAAG,mBAAAP,YAAY,MAAZ,CAAAA,YAAY,EAAOQ,WAAD,IAAiBA,WAAW,CAACC,IAAZ,KAAqBJ,iBAA5C,CAA5C;;AACA,QAAK,CAACE,uBAAN,EAAgC;AAC9B,aAAO,iBAAQG,MAAR,CAAgB,gCAA+BL,iBAAkB,GAAjE,CAAP;AACD;;AAED,UAAMM,QAAQ,GAAGJ,uBAAuB,CAACK,MAAzC;;AACA,QAAI,OAAOD,QAAP,KAAoB,UAAxB,EAAoC;AAClC,aAAO,iBAAQD,MAAR,CAAgB,wDAAuDL,iBAAkB,GAAzF,CAAP;AACD;;AAED,WAAOE,uBAAuB,CAACK,MAAxB,CAA+BN,cAA/B,CAAP;AACD,GAlBD;;AAoBA,QAAMO,QAAQ,GAAGC,IAAI,IAAIA,IAAI,CAACL,IAAL,KAAc,kBAAvC;;AACA,QAAMM,eAAe,4BAAGhB,cAAc,CAACiB,0BAAlB,oFAAG,sBAA2CC,KAA9C,qFAAG,wEAAwDJ,QAAxD,CAAH,2DAAG,uBAAoEI,KAA5F;AAEA,SAAO;AACLb,IAAAA,OADK;AAELD,IAAAA,eAFK;AAGLD,IAAAA,OAHK;AAILD,IAAAA,OAJK;AAKLiB,IAAAA,WAAW,EAAEnB,cALR;AAMLgB,IAAAA,eANK;AAOLlB,IAAAA,SAPK;AAQLC,IAAAA;AARK,GAAP;AAUD","sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { IdxResponse } from '../../types/idx-js';\nimport { OktaAuthInterface, RawIdxResponse } from '../../../types';    // auth-js/types\nimport { parseIdxResponse } from './idxResponseParser';\n\nexport function makeIdxState( \n  authClient: OktaAuthInterface,\n  idxResponse: RawIdxResponse,\n  toPersist,\n  requestDidSucceed: boolean\n): IdxResponse {\n  const rawIdxResponse =  idxResponse;\n  const { remediations, context, actions } = parseIdxResponse( authClient, idxResponse, toPersist );\n  const neededToProceed = [...remediations];\n\n  const proceed: IdxResponse['proceed'] = async function( remediationChoice, paramsFromUser = {} ) {\n    /*\n    remediationChoice is the name attribute on each form\n    name should remain unique for items inside the remediation that are considered forms(identify, select-factor)\n    name can be duplicate for items like redirect where its not considered a form(redirect)\n    when names are not unique its a redirect to a href, so widget wont POST to idx-js layer.\n    */\n    const remediationChoiceObject = remediations.find((remediation) => remediation.name === remediationChoice);\n    if ( !remediationChoiceObject ) {\n      return Promise.reject(`Unknown remediation choice: [${remediationChoice}]`);\n    }\n\n    const actionFn = remediationChoiceObject.action;\n    if (typeof actionFn !== 'function') {\n      return Promise.reject(`Current remediation cannot make form submit action: [${remediationChoice}]`);\n    }\n\n    return remediationChoiceObject.action(paramsFromUser);\n  };\n\n  const findCode = item => item.name === 'interaction_code';\n  const interactionCode = rawIdxResponse.successWithInteractionCode?.value?.find( findCode )?.value as string;\n\n  return {\n    proceed,\n    neededToProceed,\n    actions,\n    context,\n    rawIdxState: rawIdxResponse,\n    interactionCode,\n    toPersist,\n    requestDidSucceed,\n  };\n}\n"],"file":"makeIdxState.js"}

package/cjs/idx/interact.js

@@ -62,7 +62,8 @@ async function interact(authClient, options = {}) {
     codeChallenge,
     codeChallengeMethod,
     activationToken,
-    recoveryToken
+    recoveryToken,
+    maxAge
   } = meta;
   const clientSecret = options.clientSecret || authClient.options.clientSecret;
   withCredentials = (_withCredentials = withCredentials) !== null && _withCredentials !== void 0 ? _withCredentials : true;
@@ -75,26 +76,25 @@ async function interact(authClient, options = {}) {
     redirect_uri: redirectUri,
     code_challenge: codeChallenge,
     code_challenge_method: codeChallengeMethod,
-    state
-  };
-
-  if (activationToken) {
-    params.activation_token = activationToken;
-  }
-
-  if (recoveryToken) {
-    params.recovery_token = recoveryToken;
-  }
-
-  if (clientSecret) {
+    state,
+    ...(activationToken && {
+      activation_token: activationToken
+    }),
+    ...(recoveryToken && {
+      recovery_token: recoveryToken
+    }),
     // X-Device-Token header need to pair with `client_secret`
     // eslint-disable-next-line max-len
     // https://oktawiki.atlassian.net/wiki/spaces/eng/pages/2445902453/Support+Device+Binding+in+interact#Scenario-1%3A-Non-User-Agent-with-Confidential-Client-(top-priority)
-    params.client_secret = clientSecret;
-  }
+    ...(clientSecret && {
+      client_secret: clientSecret
+    }),
+    ...(maxAge && {
+      max_age: maxAge
+    })
+  };
   /* eslint-enable camelcase */
 
-
   const headers = {
     'Content-Type': 'application/x-www-form-urlencoded'
   };

package/cjs/idx/interact.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/interact.ts"],"names":["getResponse","meta","interactionHandle","state","interact","authClient","options","baseUrl","clientId","redirectUri","scopes","withCredentials","codeChallenge","codeChallengeMethod","activationToken","recoveryToken","clientSecret","url","params","client_id","scope","join","redirect_uri","code_challenge","code_challenge_method","activation_token","recovery_token","client_secret","headers","resp","method","args","interaction_handle","newMeta"],"mappings":";;;;AAcA;;AACA;;AACA;;AACA;;AACA;;AAlBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AAqCA;AAEA,SAASA,WAAT,CAAqBC,IAArB,EAAiE;AAC/D,SAAO;AACLA,IAAAA,IADK;AAELC,IAAAA,iBAAiB,EAAED,IAAI,CAACC,iBAFnB;AAGLC,IAAAA,KAAK,EAAEF,IAAI,CAACE;AAHP,GAAP;AAKD,C,CAED;;;AACO,eAAeC,QAAf,CACLC,UADK,EAELC,OAAwB,GAAG,EAFtB,EAGsB;AAAA;;AAC3BA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AAEA,MAAIL,IAAI,GAAG,8CAAwBI,UAAxB,EAAoCC,OAApC,CAAX,CAH2B,CAI3B;;AAEA,eAAIL,IAAJ,kCAAI,MAAMC,iBAAV,EAA6B;AAC3B,WAAOF,WAAW,CAACC,IAAD,CAAlB,CAD2B,CACD;AAC3B,GAR0B,CAU3B;;;AACAA,EAAAA,IAAI,GAAG,MAAM,6BAAsBI,UAAtB,EAAkC,EAAE,GAAGJ,IAAL;AAAW,OAAGK;AAAd,GAAlC,CAAb;AACA,QAAMC,OAAO,GAAG,2BAAgBF,UAAhB,CAAhB;AACA,MAAI;AACFG,IAAAA,QADE;AAEFC,IAAAA,WAFE;AAGFN,IAAAA,KAHE;AAIFO,IAAAA,MAJE;AAKFC,IAAAA,eALE;AAMFC,IAAAA,aANE;AAOFC,IAAAA,mBAPE;AAQFC,IAAAA,eARE;AASFC,IAAAA;AATE,MAUAd,IAVJ;AAWA,QAAMe,YAAY,GAAGV,OAAO,CAACU,YAAR,IAAwBX,UAAU,CAACC,OAAX,CAAmBU,YAAhE;AACAL,EAAAA,eAAe,uBAAGA,eAAH,+DAAsB,IAArC;AAEA;;AACA,QAAMM,GAAG,GAAI,GAAEV,OAAQ,cAAvB;AACA,QAAMW,MAAM,GAAG;AACbC,IAAAA,SAAS,EAAEX,QADE;AAEbY,IAAAA,KAAK,EAAEV,MAAM,CAACW,IAAP,CAAY,GAAZ,CAFM;AAGbC,IAAAA,YAAY,EAAEb,WAHD;AAIbc,IAAAA,cAAc,EAAEX,aAJH;AAKbY,IAAAA,qBAAqB,EAAEX,mBALV;AAMbV,IAAAA;AANa,GAAf;;AAQA,MAAIW,eAAJ,EAAqB;AACnBI,IAAAA,MAAM,CAACO,gBAAP,GAA0BX,eAA1B;AACD;;AACD,MAAIC,aAAJ,EAAmB;AACjBG,IAAAA,MAAM,CAACQ,cAAP,GAAwBX,aAAxB;AACD;;AACD,MAAIC,YAAJ,EAAkB;AAClB;AACA;AACA;AACEE,IAAAA,MAAM,CAACS,aAAP,GAAuBX,YAAvB;AACD;AACD;;;AAEA,QAAMY,OAAO,GAAG;AACd,oBAAgB;AADF,GAAhB;AAIA,QAAMC,IAAI,GAAG,MAAM,uBAAYxB,UAAZ,EAAwB;AACzCyB,IAAAA,MAAM,EAAE,MADiC;AAEzCb,IAAAA,GAFyC;AAGzCW,IAAAA,OAHyC;AAIzCjB,IAAAA,eAJyC;AAKzCoB,IAAAA,IAAI,EAAEb;AALmC,GAAxB,CAAnB;AAOA,QAAMhB,iBAAiB,GAAG2B,IAAI,CAACG,kBAA/B;AAEA,QAAMC,OAAO,GAAG,EACd,GAAGhC,IADW;AAEdC,IAAAA,iBAFc;AAId;AACAS,IAAAA,eALc;AAMdR,IAAAA,KANc;AAOdO,IAAAA,MAPc;AAQdK,IAAAA,aARc;AASdD,IAAAA;AATc,GAAhB,CAhE2B,CA2E3B;;AACA,4CAAoBT,UAApB,EAAgC4B,OAAhC;AAEA,SAAOjC,WAAW,CAACiC,OAAD,CAAlB;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* eslint complexity:[0,8] */\nimport { OktaAuthInterface, IdxTransactionMeta } from '../types';\nimport { getSavedTransactionMeta, saveTransactionMeta } from './transactionMeta';\nimport { getOAuthBaseUrl } from '../oidc';\nimport { createTransactionMeta } from '.';\nimport { removeNils } from '../util';\nimport { httpRequest } from '../http';\n\nexport interface InteractOptions {\n  withCredentials?: boolean;\n  state?: string;\n  scopes?: string[];\n  codeChallenge?: string;\n  codeChallengeMethod?: string;\n  activationToken?: string;\n  recoveryToken?: string;\n  clientSecret?: string;\n}\n\nexport interface InteractResponse {\n  state?: string;\n  interactionHandle: string;\n  meta: IdxTransactionMeta;\n}\n\n/* eslint-disable camelcase */\nexport interface InteractParams {\n  client_id: string;\n  scope: string;\n  redirect_uri: string;\n  code_challenge: string;\n  code_challenge_method: string;\n  state: string;\n  activation_token?: string;\n  recovery_token?: string;\n  client_secret?: string;\n}\n/* eslint-enable camelcase */\n\nfunction getResponse(meta: IdxTransactionMeta): InteractResponse {\n  return {\n    meta,\n    interactionHandle: meta.interactionHandle!,\n    state: meta.state\n  };\n}\n\n// Begin or resume a transaction. Returns an interaction handle\nexport async function interact (\n  authClient: OktaAuthInterface, \n  options: InteractOptions = {}\n): Promise<InteractResponse> {\n  options = removeNils(options);\n\n  let meta = getSavedTransactionMeta(authClient, options);\n  // If meta exists, it has been validated against all options\n\n  if (meta?.interactionHandle) {\n    return getResponse(meta); // Saved transaction, return meta\n  }\n\n  // Create new meta, respecting previous meta if it has been set and is not overridden\n  meta = await createTransactionMeta(authClient, { ...meta, ...options });\n  const baseUrl = getOAuthBaseUrl(authClient);\n  let {\n    clientId,\n    redirectUri,\n    state,\n    scopes,\n    withCredentials,\n    codeChallenge,\n    codeChallengeMethod,\n    activationToken,\n    recoveryToken,\n  } = meta as IdxTransactionMeta;\n  const clientSecret = options.clientSecret || authClient.options.clientSecret;\n  withCredentials = withCredentials ?? true;\n\n  /* eslint-disable camelcase */\n  const url = `${baseUrl}/v1/interact`;\n  const params = {\n    client_id: clientId,\n    scope: scopes.join(' '),\n    redirect_uri: redirectUri,\n    code_challenge: codeChallenge,\n    code_challenge_method: codeChallengeMethod,\n    state,\n  } as InteractParams;\n  if (activationToken) {\n    params.activation_token = activationToken;\n  }\n  if (recoveryToken) {\n    params.recovery_token = recoveryToken;\n  }\n  if (clientSecret) {\n  // X-Device-Token header need to pair with `client_secret`\n  // eslint-disable-next-line max-len\n  // https://oktawiki.atlassian.net/wiki/spaces/eng/pages/2445902453/Support+Device+Binding+in+interact#Scenario-1%3A-Non-User-Agent-with-Confidential-Client-(top-priority)\n    params.client_secret = clientSecret;\n  }\n  /* eslint-enable camelcase */\n\n  const headers = {\n    'Content-Type': 'application/x-www-form-urlencoded',\n  };\n\n  const resp = await httpRequest(authClient, {\n    method: 'POST',\n    url,\n    headers,\n    withCredentials,\n    args: params\n  });\n  const interactionHandle = resp.interaction_handle;\n\n  const newMeta = {\n    ...meta,\n    interactionHandle,\n    \n    // Options which can be passed into interact() should be saved in the meta\n    withCredentials,\n    state,\n    scopes,\n    recoveryToken,\n    activationToken\n  };\n  // Save transaction meta so it can be resumed\n  saveTransactionMeta(authClient, newMeta);\n\n  return getResponse(newMeta);\n}\n"],"file":"interact.js"}
+{"version":3,"sources":["../../../lib/idx/interact.ts"],"names":["getResponse","meta","interactionHandle","state","interact","authClient","options","baseUrl","clientId","redirectUri","scopes","withCredentials","codeChallenge","codeChallengeMethod","activationToken","recoveryToken","maxAge","clientSecret","url","params","client_id","scope","join","redirect_uri","code_challenge","code_challenge_method","activation_token","recovery_token","client_secret","max_age","headers","resp","method","args","interaction_handle","newMeta"],"mappings":";;;;AAcA;;AACA;;AACA;;AACA;;AACA;;AAlBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AAsBA;AAEA,SAASA,WAAT,CAAqBC,IAArB,EAAiE;AAC/D,SAAO;AACLA,IAAAA,IADK;AAELC,IAAAA,iBAAiB,EAAED,IAAI,CAACC,iBAFnB;AAGLC,IAAAA,KAAK,EAAEF,IAAI,CAACE;AAHP,GAAP;AAKD,C,CAED;;;AACO,eAAeC,QAAf,CACLC,UADK,EAELC,OAAwB,GAAG,EAFtB,EAGsB;AAAA;;AAC3BA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AAEA,MAAIL,IAAI,GAAG,8CAAwBI,UAAxB,EAAoCC,OAApC,CAAX,CAH2B,CAI3B;;AAEA,eAAIL,IAAJ,kCAAI,MAAMC,iBAAV,EAA6B;AAC3B,WAAOF,WAAW,CAACC,IAAD,CAAlB,CAD2B,CACD;AAC3B,GAR0B,CAU3B;;;AACAA,EAAAA,IAAI,GAAG,MAAM,6BAAsBI,UAAtB,EAAkC,EAAE,GAAGJ,IAAL;AAAW,OAAGK;AAAd,GAAlC,CAAb;AACA,QAAMC,OAAO,GAAG,2BAAgBF,UAAhB,CAAhB;AACA,MAAI;AACFG,IAAAA,QADE;AAEFC,IAAAA,WAFE;AAGFN,IAAAA,KAHE;AAIFO,IAAAA,MAJE;AAKFC,IAAAA,eALE;AAMFC,IAAAA,aANE;AAOFC,IAAAA,mBAPE;AAQFC,IAAAA,eARE;AASFC,IAAAA,aATE;AAUFC,IAAAA;AAVE,MAWAf,IAXJ;AAYA,QAAMgB,YAAY,GAAGX,OAAO,CAACW,YAAR,IAAwBZ,UAAU,CAACC,OAAX,CAAmBW,YAAhE;AACAN,EAAAA,eAAe,uBAAGA,eAAH,+DAAsB,IAArC;AAEA;;AACA,QAAMO,GAAG,GAAI,GAAEX,OAAQ,cAAvB;AACA,QAAMY,MAAM,GAAG;AACbC,IAAAA,SAAS,EAAEZ,QADE;AAEba,IAAAA,KAAK,EAAEX,MAAM,CAAEY,IAAR,CAAa,GAAb,CAFM;AAGbC,IAAAA,YAAY,EAAEd,WAHD;AAIbe,IAAAA,cAAc,EAAEZ,aAJH;AAKba,IAAAA,qBAAqB,EAAEZ,mBALV;AAMbV,IAAAA,KANa;AAOb,QAAIW,eAAe,IAAI;AAAEY,MAAAA,gBAAgB,EAAEZ;AAApB,KAAvB,CAPa;AAQb,QAAIC,aAAa,IAAI;AAAEY,MAAAA,cAAc,EAAEZ;AAAlB,KAArB,CARa;AASb;AACA;AACA;AACA,QAAIE,YAAY,IAAI;AAAEW,MAAAA,aAAa,EAAEX;AAAjB,KAApB,CAZa;AAab,QAAID,MAAM,IAAI;AAAEa,MAAAA,OAAO,EAAEb;AAAX,KAAd;AAba,GAAf;AAeA;;AAEA,QAAMc,OAAO,GAAG;AACd,oBAAgB;AADF,GAAhB;AAIA,QAAMC,IAAI,GAAG,MAAM,uBAAY1B,UAAZ,EAAwB;AACzC2B,IAAAA,MAAM,EAAE,MADiC;AAEzCd,IAAAA,GAFyC;AAGzCY,IAAAA,OAHyC;AAIzCnB,IAAAA,eAJyC;AAKzCsB,IAAAA,IAAI,EAAEd;AALmC,GAAxB,CAAnB;AAOA,QAAMjB,iBAAiB,GAAG6B,IAAI,CAACG,kBAA/B;AAEA,QAAMC,OAAO,GAAG,EACd,GAAGlC,IADW;AAEdC,IAAAA,iBAFc;AAId;AACAS,IAAAA,eALc;AAMdR,IAAAA,KANc;AAOdO,IAAAA,MAPc;AAQdK,IAAAA,aARc;AASdD,IAAAA;AATc,GAAhB,CA5D2B,CAuE3B;;AACA,4CAAoBT,UAApB,EAAgC8B,OAAhC;AAEA,SAAOnC,WAAW,CAACmC,OAAD,CAAlB;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* eslint complexity:[0,8] */\nimport { OktaAuthInterface, IdxTransactionMeta, InteractOptions, InteractResponse } from '../types';\nimport { getSavedTransactionMeta, saveTransactionMeta } from './transactionMeta';\nimport { getOAuthBaseUrl } from '../oidc';\nimport { createTransactionMeta } from '.';\nimport { removeNils } from '../util';\nimport { httpRequest } from '../http';\n\n\n/* eslint-disable camelcase */\nexport interface InteractParams {\n  client_id: string;\n  scope: string;\n  redirect_uri: string;\n  code_challenge: string;\n  code_challenge_method: string;\n  state: string;\n  activation_token?: string;\n  recovery_token?: string;\n  client_secret?: string;\n  max_age?: string | number;\n}\n/* eslint-enable camelcase */\n\nfunction getResponse(meta: IdxTransactionMeta): InteractResponse {\n  return {\n    meta,\n    interactionHandle: meta.interactionHandle!,\n    state: meta.state\n  };\n}\n\n// Begin or resume a transaction. Returns an interaction handle\nexport async function interact (\n  authClient: OktaAuthInterface, \n  options: InteractOptions = {}\n): Promise<InteractResponse> {\n  options = removeNils(options);\n\n  let meta = getSavedTransactionMeta(authClient, options);\n  // If meta exists, it has been validated against all options\n\n  if (meta?.interactionHandle) {\n    return getResponse(meta); // Saved transaction, return meta\n  }\n\n  // Create new meta, respecting previous meta if it has been set and is not overridden\n  meta = await createTransactionMeta(authClient, { ...meta, ...options });\n  const baseUrl = getOAuthBaseUrl(authClient);\n  let {\n    clientId,\n    redirectUri,\n    state,\n    scopes,\n    withCredentials,\n    codeChallenge,\n    codeChallengeMethod,\n    activationToken,\n    recoveryToken,\n    maxAge\n  } = meta as IdxTransactionMeta;\n  const clientSecret = options.clientSecret || authClient.options.clientSecret;\n  withCredentials = withCredentials ?? true;\n\n  /* eslint-disable camelcase */\n  const url = `${baseUrl}/v1/interact`;\n  const params = {\n    client_id: clientId,\n    scope: scopes!.join(' '),\n    redirect_uri: redirectUri,\n    code_challenge: codeChallenge,\n    code_challenge_method: codeChallengeMethod,\n    state,\n    ...(activationToken && { activation_token: activationToken }),\n    ...(recoveryToken && { recovery_token: recoveryToken }),\n    // X-Device-Token header need to pair with `client_secret`\n    // eslint-disable-next-line max-len\n    // https://oktawiki.atlassian.net/wiki/spaces/eng/pages/2445902453/Support+Device+Binding+in+interact#Scenario-1%3A-Non-User-Agent-with-Confidential-Client-(top-priority)\n    ...(clientSecret && { client_secret: clientSecret }),\n    ...(maxAge && { max_age: maxAge })\n  } as InteractParams;\n  /* eslint-enable camelcase */\n\n  const headers = {\n    'Content-Type': 'application/x-www-form-urlencoded',\n  };\n\n  const resp = await httpRequest(authClient, {\n    method: 'POST',\n    url,\n    headers,\n    withCredentials,\n    args: params\n  });\n  const interactionHandle = resp.interaction_handle;\n\n  const newMeta = {\n    ...meta,\n    interactionHandle,\n    \n    // Options which can be passed into interact() should be saved in the meta\n    withCredentials,\n    state,\n    scopes,\n    recoveryToken,\n    activationToken\n  };\n  // Save transaction meta so it can be resumed\n  saveTransactionMeta(authClient, newMeta);\n\n  return getResponse(newMeta);\n}\n"],"file":"interact.js"}

package/cjs/idx/introspect.js

@@ -31,7 +31,7 @@ async function introspect(authClient, options = {}) {
   let rawIdxResponse;
   let requestDidSucceed; // try load from storage first
 
-  const savedIdxResponse = authClient.transactionManager.loadIdxResponse();
+  const savedIdxResponse = authClient.transactionManager.loadIdxResponse(options);
 
   if (savedIdxResponse) {
     rawIdxResponse = savedIdxResponse.rawIdxResponse;

package/cjs/idx/introspect.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/introspect.ts"],"names":["introspect","authClient","options","rawIdxResponse","requestDidSucceed","savedIdxResponse","transactionManager","loadIdxResponse","version","IDX_API_VERSION","domain","interactionHandle","stateHandle","withCredentials","url","body","stateToken","headers","Accept","method","args","err","xhr","responseJSON"],"mappings":";;;;AAaA;;AAEA;;AACA;;AACA;;AACA;;AACA;;AAnBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAiBO,eAAeA,UAAf,CACLC,UADK,EAELC,OAA0B,GAAG,EAFxB,EAGiB;AACtB,MAAIC,cAAJ;AACA,MAAIC,iBAAJ,CAFsB,CAItB;;AACA,QAAMC,gBAAgB,GAAGJ,UAAU,CAACK,kBAAX,CAA8BC,eAA9B,EAAzB;;AACA,MAAIF,gBAAJ,EAAsB;AACpBF,IAAAA,cAAc,GAAGE,gBAAgB,CAACF,cAAlC;AACAC,IAAAA,iBAAiB,GAAGC,gBAAgB,CAACD,iBAArC;AACD,GATqB,CAWtB;;;AACA,MAAI,CAACD,cAAL,EAAqB;AAAA;;AACnB,UAAMK,OAAO,GAAGN,OAAO,CAACM,OAAR,IAAmBC,0BAAnC;AACA,UAAMC,MAAM,GAAG,0BAAeT,UAAf,CAAf;AACA,UAAM;AAAEU,MAAAA,iBAAF;AAAqBC,MAAAA;AAArB,QAAqCV,OAA3C;AACA,UAAMW,eAAe,4BAAGX,OAAO,CAACW,eAAX,yEAA8B,IAAnD;;AACA,QAAI;AACFT,MAAAA,iBAAiB,GAAG,IAApB;AACA,2CAAsBI,OAAtB;AACA,YAAMM,GAAG,GAAI,GAAEJ,MAAO,qBAAtB;AACA,YAAMK,IAAI,GAAGH,WAAW,GAAG;AAAEI,QAAAA,UAAU,EAAEJ;AAAd,OAAH,GAAiC;AAAED,QAAAA;AAAF,OAAzD;AACA,YAAMM,OAAO,GAAG;AACd,wBAAiB,sCAAqCT,OAAQ,EADhD;AACmD;AACjEU,QAAAA,MAAM,EAAG,sCAAqCV,OAAQ;AAFxC,OAAhB;AAIAL,MAAAA,cAAc,GAAG,MAAM,uBAAYF,UAAZ,EAAwB;AAC7CkB,QAAAA,MAAM,EAAE,MADqC;AAE7CL,QAAAA,GAF6C;AAG7CG,QAAAA,OAH6C;AAI7CJ,QAAAA,eAJ6C;AAK7CO,QAAAA,IAAI,EAAEL;AALuC,OAAxB,CAAvB;AAOD,KAhBD,CAgBE,OAAOM,GAAP,EAAY;AACZ,UAAI,4BAAeA,GAAf,KAAuBA,GAAG,CAACC,GAA3B,IAAkC,6BAAiBD,GAAG,CAACC,GAAJ,CAAQC,YAAzB,CAAtC,EAA8E;AAC5EpB,QAAAA,cAAc,GAAGkB,GAAG,CAACC,GAAJ,CAAQC,YAAzB;AACAnB,QAAAA,iBAAiB,GAAG,KAApB;AACD,OAHD,MAGO;AACL,cAAMiB,GAAN;AACD;AACF;AACF;;AAED,QAAM;AAAER,IAAAA;AAAF,MAAsBX,OAA5B;AACA,SAAO,4BAAaD,UAAb,EAAyBE,cAAzB,EAAyC;AAAEU,IAAAA;AAAF,GAAzC,EAA8DT,iBAA9D,CAAP;AACD","sourcesContent":["/* eslint-disable complexity */\n/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { makeIdxState, validateVersionConfig } from './idxState';\nimport { OktaAuthInterface } from '../types';\nimport { IdxResponse, isRawIdxResponse } from './types/idx-js';\nimport { getOAuthDomain } from '../oidc';\nimport { IDX_API_VERSION } from '../constants';\nimport { httpRequest } from '../http';\nimport { isAuthApiError } from '../errors';\n\nexport interface IntrospectOptions {\n  withCredentials?: boolean;\n  interactionHandle?: string;\n  stateHandle?: string;\n  version?: string;\n}\n\nexport async function introspect (\n  authClient: OktaAuthInterface, \n  options: IntrospectOptions = {}\n): Promise<IdxResponse> {\n  let rawIdxResponse;\n  let requestDidSucceed;\n\n  // try load from storage first\n  const savedIdxResponse = authClient.transactionManager.loadIdxResponse();\n  if (savedIdxResponse) {\n    rawIdxResponse = savedIdxResponse.rawIdxResponse;\n    requestDidSucceed = savedIdxResponse.requestDidSucceed;\n  }\n\n  // call idx.introspect if no existing idx response available in storage\n  if (!rawIdxResponse) {\n    const version = options.version || IDX_API_VERSION;\n    const domain = getOAuthDomain(authClient);\n    const { interactionHandle, stateHandle } = options;\n    const withCredentials = options.withCredentials ?? true;\n    try {\n      requestDidSucceed = true;\n      validateVersionConfig(version);\n      const url = `${domain}/idp/idx/introspect`;\n      const body = stateHandle ? { stateToken: stateHandle } : { interactionHandle };\n      const headers = {\n        'Content-Type': `application/ion+json; okta-version=${version}`, // Server wants this version info\n        Accept: `application/ion+json; okta-version=${version}`,\n      };\n      rawIdxResponse = await httpRequest(authClient, {\n        method: 'POST',\n        url,\n        headers,\n        withCredentials,\n        args: body\n      });\n    } catch (err) {\n      if (isAuthApiError(err) && err.xhr && isRawIdxResponse(err.xhr.responseJSON)) {\n        rawIdxResponse = err.xhr.responseJSON;\n        requestDidSucceed = false;\n      } else {\n        throw err;\n      }\n    }\n  }\n\n  const { withCredentials } = options;\n  return makeIdxState(authClient, rawIdxResponse, { withCredentials }, requestDidSucceed);\n}\n"],"file":"introspect.js"}
+{"version":3,"sources":["../../../lib/idx/introspect.ts"],"names":["introspect","authClient","options","rawIdxResponse","requestDidSucceed","savedIdxResponse","transactionManager","loadIdxResponse","version","IDX_API_VERSION","domain","interactionHandle","stateHandle","withCredentials","url","body","stateToken","headers","Accept","method","args","err","xhr","responseJSON"],"mappings":";;;;AAaA;;AAEA;;AACA;;AACA;;AACA;;AACA;;AAnBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAUO,eAAeA,UAAf,CACLC,UADK,EAELC,OAA0B,GAAG,EAFxB,EAGiB;AACtB,MAAIC,cAAJ;AACA,MAAIC,iBAAJ,CAFsB,CAItB;;AACA,QAAMC,gBAAgB,GAAGJ,UAAU,CAACK,kBAAX,CAA8BC,eAA9B,CAA8CL,OAA9C,CAAzB;;AACA,MAAIG,gBAAJ,EAAsB;AACpBF,IAAAA,cAAc,GAAGE,gBAAgB,CAACF,cAAlC;AACAC,IAAAA,iBAAiB,GAAGC,gBAAgB,CAACD,iBAArC;AACD,GATqB,CAWtB;;;AACA,MAAI,CAACD,cAAL,EAAqB;AAAA;;AACnB,UAAMK,OAAO,GAAGN,OAAO,CAACM,OAAR,IAAmBC,0BAAnC;AACA,UAAMC,MAAM,GAAG,0BAAeT,UAAf,CAAf;AACA,UAAM;AAAEU,MAAAA,iBAAF;AAAqBC,MAAAA;AAArB,QAAqCV,OAA3C;AACA,UAAMW,eAAe,4BAAGX,OAAO,CAACW,eAAX,yEAA8B,IAAnD;;AACA,QAAI;AACFT,MAAAA,iBAAiB,GAAG,IAApB;AACA,2CAAsBI,OAAtB;AACA,YAAMM,GAAG,GAAI,GAAEJ,MAAO,qBAAtB;AACA,YAAMK,IAAI,GAAGH,WAAW,GAAG;AAAEI,QAAAA,UAAU,EAAEJ;AAAd,OAAH,GAAiC;AAAED,QAAAA;AAAF,OAAzD;AACA,YAAMM,OAAO,GAAG;AACd,wBAAiB,sCAAqCT,OAAQ,EADhD;AACmD;AACjEU,QAAAA,MAAM,EAAG,sCAAqCV,OAAQ;AAFxC,OAAhB;AAIAL,MAAAA,cAAc,GAAG,MAAM,uBAAYF,UAAZ,EAAwB;AAC7CkB,QAAAA,MAAM,EAAE,MADqC;AAE7CL,QAAAA,GAF6C;AAG7CG,QAAAA,OAH6C;AAI7CJ,QAAAA,eAJ6C;AAK7CO,QAAAA,IAAI,EAAEL;AALuC,OAAxB,CAAvB;AAOD,KAhBD,CAgBE,OAAOM,GAAP,EAAY;AACZ,UAAI,4BAAeA,GAAf,KAAuBA,GAAG,CAACC,GAA3B,IAAkC,6BAAiBD,GAAG,CAACC,GAAJ,CAAQC,YAAzB,CAAtC,EAA8E;AAC5EpB,QAAAA,cAAc,GAAGkB,GAAG,CAACC,GAAJ,CAAQC,YAAzB;AACAnB,QAAAA,iBAAiB,GAAG,KAApB;AACD,OAHD,MAGO;AACL,cAAMiB,GAAN;AACD;AACF;AACF;;AAED,QAAM;AAAER,IAAAA;AAAF,MAAsBX,OAA5B;AACA,SAAO,4BAAaD,UAAb,EAAyBE,cAAzB,EAAyC;AAAEU,IAAAA;AAAF,GAAzC,EAA8DT,iBAA9D,CAAP;AACD","sourcesContent":["/* eslint-disable complexity */\n/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { makeIdxState, validateVersionConfig } from './idxState';\nimport { IntrospectOptions, OktaAuthInterface } from '../types';\nimport { IdxResponse, isRawIdxResponse } from './types/idx-js';\nimport { getOAuthDomain } from '../oidc';\nimport { IDX_API_VERSION } from '../constants';\nimport { httpRequest } from '../http';\nimport { isAuthApiError } from '../errors';\n\nexport async function introspect (\n  authClient: OktaAuthInterface, \n  options: IntrospectOptions = {}\n): Promise<IdxResponse> {\n  let rawIdxResponse;\n  let requestDidSucceed;\n\n  // try load from storage first\n  const savedIdxResponse = authClient.transactionManager.loadIdxResponse(options);\n  if (savedIdxResponse) {\n    rawIdxResponse = savedIdxResponse.rawIdxResponse;\n    requestDidSucceed = savedIdxResponse.requestDidSucceed;\n  }\n\n  // call idx.introspect if no existing idx response available in storage\n  if (!rawIdxResponse) {\n    const version = options.version || IDX_API_VERSION;\n    const domain = getOAuthDomain(authClient);\n    const { interactionHandle, stateHandle } = options;\n    const withCredentials = options.withCredentials ?? true;\n    try {\n      requestDidSucceed = true;\n      validateVersionConfig(version);\n      const url = `${domain}/idp/idx/introspect`;\n      const body = stateHandle ? { stateToken: stateHandle } : { interactionHandle };\n      const headers = {\n        'Content-Type': `application/ion+json; okta-version=${version}`, // Server wants this version info\n        Accept: `application/ion+json; okta-version=${version}`,\n      };\n      rawIdxResponse = await httpRequest(authClient, {\n        method: 'POST',\n        url,\n        headers,\n        withCredentials,\n        args: body\n      });\n    } catch (err) {\n      if (isAuthApiError(err) && err.xhr && isRawIdxResponse(err.xhr.responseJSON)) {\n        rawIdxResponse = err.xhr.responseJSON;\n        requestDidSucceed = false;\n      } else {\n        throw err;\n      }\n    }\n  }\n\n  const { withCredentials } = options;\n  return makeIdxState(authClient, rawIdxResponse, { withCredentials }, requestDidSucceed);\n}\n"],"file":"introspect.js"}

package/cjs/idx/proceed.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/proceed.ts"],"names":["canProceed","authClient","options","meta","stateHandle","proceed","AuthSdkError","flow","state"],"mappings":";;;;;AAiBA;;AASA;;AACA;;AA3BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA2BO,SAASA,UAAT,CAAoBC,UAApB,EAAmDC,OAAuB,GAAG,EAA7E,EAA0F;AAC/F,QAAMC,IAAI,GAAG,8CAAwBF,UAAxB,EAAoCC,OAApC,CAAb;AACA,SAAO,CAAC,EAAEC,IAAI,IAAID,OAAO,CAACE,WAAlB,CAAR;AACD;;AAEM,eAAeC,OAAf,CACLJ,UADK,EAELC,OAAuB,GAAG,EAFrB,EAGoB;AAEzB,MAAI,CAACF,UAAU,CAACC,UAAD,EAAaC,OAAb,CAAf,EAAsC;AACpC,UAAM,IAAII,oBAAJ,CAAiB,0DAAjB,CAAN;AACD;;AAED,MAAI;AAAEC,IAAAA,IAAF;AAAQC,IAAAA;AAAR,MAAkBN,OAAtB;;AACA,MAAI,CAACK,IAAL,EAAW;AACT,UAAMJ,IAAI,GAAG,8CAAwBF,UAAxB,EAAoC;AAAEO,MAAAA;AAAF,KAApC,CAAb;AACAD,IAAAA,IAAI,GAAGJ,IAAH,aAAGA,IAAH,uBAAGA,IAAI,CAAEI,IAAb;AACD;;AAED,SAAO,cAAIN,UAAJ,EAAgB,EACrB,GAAGC,OADkB;AAErBK,IAAAA;AAFqB,GAAhB,CAAP;AAID","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { \n  OktaAuthInterface,\n  IdxTransaction,\n} from '../types';\nimport { run } from './run';\nimport { AuthenticationOptions } from './authenticate';\nimport {\n  EnrollPollValues as EnrollPollOptions,\n  SelectEnrollmentChannelValues as SelectEnrollmentChannelOptions\n} from './remediators';\nimport { RegistrationOptions } from './register';\nimport { PasswordRecoveryOptions } from './recoverPassword';\nimport { AccountUnlockOptions } from './unlockAccount';\nimport { getSavedTransactionMeta } from './transactionMeta';\nimport { AuthSdkError } from '../errors';\n\nexport type ProceedOptions = AuthenticationOptions\n  & RegistrationOptions\n  & PasswordRecoveryOptions\n  & AccountUnlockOptions\n  & EnrollPollOptions\n  & SelectEnrollmentChannelOptions\n  & { step?: string };\n\nexport function canProceed(authClient: OktaAuthInterface, options: ProceedOptions = {}): boolean {\n  const meta = getSavedTransactionMeta(authClient, options);\n  return !!(meta || options.stateHandle);\n}\n\nexport async function proceed(\n  authClient: OktaAuthInterface,\n  options: ProceedOptions = {}\n): Promise<IdxTransaction> {\n\n  if (!canProceed(authClient, options)) {\n    throw new AuthSdkError('Unable to proceed: saved transaction could not be loaded');\n  }\n\n  let { flow, state } = options;\n  if (!flow) {\n    const meta = getSavedTransactionMeta(authClient, { state });\n    flow = meta?.flow;\n  }\n\n  return run(authClient, { \n    ...options, \n    flow\n  });\n}\n"],"file":"proceed.js"}
+{"version":3,"sources":["../../../lib/idx/proceed.ts"],"names":["canProceed","authClient","options","meta","stateHandle","proceed","AuthSdkError","flow","state"],"mappings":";;;;;AAkBA;;AACA;;AACA;;AApBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYO,SAASA,UAAT,CAAoBC,UAApB,EAAmDC,OAAuB,GAAG,EAA7E,EAA0F;AAC/F,QAAMC,IAAI,GAAG,8CAAwBF,UAAxB,EAAoCC,OAApC,CAAb;AACA,SAAO,CAAC,EAAEC,IAAI,IAAID,OAAO,CAACE,WAAlB,CAAR;AACD;;AAEM,eAAeC,OAAf,CACLJ,UADK,EAELC,OAAuB,GAAG,EAFrB,EAGoB;AAEzB,MAAI,CAACF,UAAU,CAACC,UAAD,EAAaC,OAAb,CAAf,EAAsC;AACpC,UAAM,IAAII,oBAAJ,CAAiB,0DAAjB,CAAN;AACD;;AAED,MAAI;AAAEC,IAAAA,IAAF;AAAQC,IAAAA;AAAR,MAAkBN,OAAtB;;AACA,MAAI,CAACK,IAAL,EAAW;AACT,UAAMJ,IAAI,GAAG,8CAAwBF,UAAxB,EAAoC;AAAEO,MAAAA;AAAF,KAApC,CAAb;AACAD,IAAAA,IAAI,GAAGJ,IAAH,aAAGA,IAAH,uBAAGA,IAAI,CAAEI,IAAb;AACD;;AAED,SAAO,cAAIN,UAAJ,EAAgB,EACrB,GAAGC,OADkB;AAErBK,IAAAA;AAFqB,GAAhB,CAAP;AAID","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { \n  OktaAuthInterface,\n  IdxTransaction,\n  ProceedOptions,\n} from '../types';\nimport { run } from './run';\nimport { getSavedTransactionMeta } from './transactionMeta';\nimport { AuthSdkError } from '../errors';\n\nexport function canProceed(authClient: OktaAuthInterface, options: ProceedOptions = {}): boolean {\n  const meta = getSavedTransactionMeta(authClient, options);\n  return !!(meta || options.stateHandle);\n}\n\nexport async function proceed(\n  authClient: OktaAuthInterface,\n  options: ProceedOptions = {}\n): Promise<IdxTransaction> {\n\n  if (!canProceed(authClient, options)) {\n    throw new AuthSdkError('Unable to proceed: saved transaction could not be loaded');\n  }\n\n  let { flow, state } = options;\n  if (!flow) {\n    const meta = getSavedTransactionMeta(authClient, { state });\n    flow = meta?.flow;\n  }\n\n  return run(authClient, { \n    ...options, \n    flow\n  });\n}\n"],"file":"proceed.js"}

package/cjs/idx/recoverPassword.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/recoverPassword.ts"],"names":["recoverPassword","authClient","options","flowSpec"],"mappings":";;;;AAaA;;AASA;;AAtBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA2BO,eAAeA,eAAf,CACLC,UADK,EAC0BC,OAAgC,GAAG,EAD7D,EAEoB;AACzB,QAAMC,QAAQ,GAAG,gCAAqBF,UAArB,EAAiC,iBAAjC,CAAjB;AACA,SAAO,cACLA,UADK,EAEL,EACE,GAAGC,OADL;AAEE,OAAGC;AAFL,GAFK,CAAP;AAOD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport {\n  IdentifyValues,\n  SelectAuthenticatorAuthenticateValues,\n  ChallengeAuthenticatorValues,\n  AuthenticatorVerificationDataValues,\n  ResetAuthenticatorValues,\n  ReEnrollAuthenticatorValues,\n} from './remediators';\nimport { getFlowSpecification } from './flow';\nimport { \n  OktaAuthInterface, \n  IdxOptions, \n  IdxTransaction,\n} from '../types';\n\nexport type PasswordRecoveryOptions = IdxOptions \n  & IdentifyValues \n  & SelectAuthenticatorAuthenticateValues \n  & ChallengeAuthenticatorValues \n  & ResetAuthenticatorValues\n  & AuthenticatorVerificationDataValues\n  & ReEnrollAuthenticatorValues;\n\nexport async function recoverPassword(\n  authClient: OktaAuthInterface, options: PasswordRecoveryOptions = {}\n): Promise<IdxTransaction> {\n  const flowSpec = getFlowSpecification(authClient, 'recoverPassword');\n  return run(\n    authClient, \n    { \n      ...options,\n      ...flowSpec,\n    }\n  );\n}\n"],"file":"recoverPassword.js"}
+{"version":3,"sources":["../../../lib/idx/recoverPassword.ts"],"names":["recoverPassword","authClient","options","flowSpec"],"mappings":";;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAWO,eAAeA,eAAf,CACLC,UADK,EAC0BC,OAAgC,GAAG,EAD7D,EAEoB;AACzB,QAAMC,QAAQ,GAAG,gCAAqBF,UAArB,EAAiC,iBAAjC,CAAjB;AACA,SAAO,cACLA,UADK,EAEL,EACE,GAAGC,OADL;AAEE,OAAGC;AAFL,GAFK,CAAP;AAOD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { getFlowSpecification } from './flow';\nimport { \n  OktaAuthInterface, \n  PasswordRecoveryOptions, \n  IdxTransaction,\n} from '../types';\n\nexport async function recoverPassword(\n  authClient: OktaAuthInterface, options: PasswordRecoveryOptions = {}\n): Promise<IdxTransaction> {\n  const flowSpec = getFlowSpecification(authClient, 'recoverPassword');\n  return run(\n    authClient, \n    { \n      ...options,\n      ...flowSpec,\n    }\n  );\n}\n"],"file":"recoverPassword.js"}

package/cjs/idx/register.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/register.ts"],"names":["register","authClient","options","enabledFeatures","availableSteps","flow","autoRemediate","activationToken","IdxFeature","REGISTRATION","error","AuthSdkError","some","name"],"mappings":";;;;;;;;AAaA;;AACA;;AACA;;AAQA;;AACA;;AAxBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA4BO,eAAeA,QAAf,CACLC,UADK,EAC0BC,OAA4B,GAAG,EADzD,EAEoB;AAEzB;AACA,MAAI,CAAC,gDAA0BD,UAA1B,CAAL,EAA4C;AAC1C,UAAM;AAAEE,MAAAA,eAAF;AAAmBC,MAAAA;AAAnB,QAAsC,MAAM,wCAAiBH,UAAjB,EAA6B,EAC7E,GAAGC,OAD0E;AAE7EG,MAAAA,IAAI,EAAE,UAFuE;AAG7EC,MAAAA,aAAa,EAAE;AAH8D,KAA7B,CAAlD;;AAKA,QAAI,CAACJ,OAAO,CAACK,eAAT,IAA4BJ,eAA5B,IAA+C,CAAC,uBAAAA,eAAe,MAAf,CAAAA,eAAe,EAAUK,kBAAWC,YAArB,CAAnE,EAAuG;AACrG,YAAMC,KAAK,GAAG,IAAIC,oBAAJ,CAAiB,wEAAjB,CAAd;AACA,YAAMD,KAAN,CAFqG,CAGvG;AACC;;AACD,QAAIR,OAAO,CAACK,eAAR,IAA2BH,cAA3B,aAA2BA,cAA3B,eAA2BA,cAAc,CAAEQ,IAAhB,CAAqB,CAAC;AAAEC,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAK,UAA5C,CAA/B,EAAwF;AACtF,YAAMH,KAAK,GAAG,IAAIC,oBAAJ,CAAiB,2EAAjB,CAAd;AACA,YAAMD,KAAN,CAFsF,CAGxF;AACC;AACF;;AAED,SAAO,cAAIT,UAAJ,EAAgB,EACrB,GAAGC,OADkB;AAErBG,IAAAA,IAAI,EAAE;AAFe,GAAhB,CAAP;AAID","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { hasSavedInteractionHandle } from './transactionMeta';\nimport { startTransaction } from './startTransaction';\nimport { \n  EnrollProfileValues,\n  SelectAuthenticatorEnrollValues,\n  EnrollAuthenticatorValues,\n  AuthenticatorEnrollmentDataValues,\n  SkipValues,\n} from './remediators';\nimport { AuthSdkError } from '../errors';\nimport { \n  IdxOptions, \n  IdxTransaction, \n  OktaAuthInterface, \n  IdxFeature,\n} from '../types';\n\nexport type RegistrationOptions = IdxOptions \n  & EnrollProfileValues \n  & SelectAuthenticatorEnrollValues \n  & EnrollAuthenticatorValues \n  & AuthenticatorEnrollmentDataValues \n  & SkipValues;\n\nexport async function register(\n  authClient: OktaAuthInterface, options: RegistrationOptions = {}\n): Promise<IdxTransaction> {\n\n  // Only check at the beginning of the transaction\n  if (!hasSavedInteractionHandle(authClient)) {\n    const { enabledFeatures, availableSteps } = await startTransaction(authClient, {\n      ...options,\n      flow: 'register',\n      autoRemediate: false\n    });\n    if (!options.activationToken && enabledFeatures && !enabledFeatures.includes(IdxFeature.REGISTRATION)) {\n      const error = new AuthSdkError('Registration is not supported based on your current org configuration.');\n      throw error;\n    // return { status: IdxStatus.FAILURE, error } as unknown as IdxTransaction; // TODO: wny not just throw the error?\n    }\n    if (options.activationToken && availableSteps?.some(({ name }) => name === 'identify')) {\n      const error = new AuthSdkError('activationToken is not supported based on your current org configuration.');\n      throw error;\n    // return { status: IdxStatus.FAILURE, error } as unknown as IdxTransaction; // TODO: wny not just throw the error?\n    }\n  }\n\n  return run(authClient, {\n    ...options,\n    flow: 'register'\n  });\n}\n"],"file":"register.js"}
+{"version":3,"sources":["../../../lib/idx/register.ts"],"names":["register","authClient","options","enabledFeatures","availableSteps","flow","autoRemediate","activationToken","IdxFeature","REGISTRATION","error","AuthSdkError","some","name"],"mappings":";;;;;;;;AAaA;;AACA;;AACA;;AACA;;AACA;;AAjBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAcO,eAAeA,QAAf,CACLC,UADK,EAC0BC,OAA4B,GAAG,EADzD,EAEoB;AAEzB;AACA,MAAI,CAAC,gDAA0BD,UAA1B,CAAL,EAA4C;AAC1C,UAAM;AAAEE,MAAAA,eAAF;AAAmBC,MAAAA;AAAnB,QAAsC,MAAM,wCAAiBH,UAAjB,EAA6B,EAC7E,GAAGC,OAD0E;AAE7EG,MAAAA,IAAI,EAAE,UAFuE;AAG7EC,MAAAA,aAAa,EAAE;AAH8D,KAA7B,CAAlD;;AAKA,QAAI,CAACJ,OAAO,CAACK,eAAT,IAA4BJ,eAA5B,IAA+C,CAAC,uBAAAA,eAAe,MAAf,CAAAA,eAAe,EAAUK,kBAAWC,YAArB,CAAnE,EAAuG;AACrG,YAAMC,KAAK,GAAG,IAAIC,oBAAJ,CAAiB,wEAAjB,CAAd;AACA,YAAMD,KAAN,CAFqG,CAGvG;AACC;;AACD,QAAIR,OAAO,CAACK,eAAR,IAA2BH,cAA3B,aAA2BA,cAA3B,eAA2BA,cAAc,CAAEQ,IAAhB,CAAqB,CAAC;AAAEC,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAK,UAA5C,CAA/B,EAAwF;AACtF,YAAMH,KAAK,GAAG,IAAIC,oBAAJ,CAAiB,2EAAjB,CAAd;AACA,YAAMD,KAAN,CAFsF,CAGxF;AACC;AACF;;AAED,SAAO,cAAIT,UAAJ,EAAgB,EACrB,GAAGC,OADkB;AAErBG,IAAAA,IAAI,EAAE;AAFe,GAAhB,CAAP;AAID","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { hasSavedInteractionHandle } from './transactionMeta';\nimport { startTransaction } from './startTransaction';\nimport { AuthSdkError } from '../errors';\nimport { \n  RegistrationOptions, \n  IdxTransaction, \n  OktaAuthInterface, \n  IdxFeature,\n} from '../types';\n\nexport async function register(\n  authClient: OktaAuthInterface, options: RegistrationOptions = {}\n): Promise<IdxTransaction> {\n\n  // Only check at the beginning of the transaction\n  if (!hasSavedInteractionHandle(authClient)) {\n    const { enabledFeatures, availableSteps } = await startTransaction(authClient, {\n      ...options,\n      flow: 'register',\n      autoRemediate: false\n    });\n    if (!options.activationToken && enabledFeatures && !enabledFeatures.includes(IdxFeature.REGISTRATION)) {\n      const error = new AuthSdkError('Registration is not supported based on your current org configuration.');\n      throw error;\n    // return { status: IdxStatus.FAILURE, error } as unknown as IdxTransaction; // TODO: wny not just throw the error?\n    }\n    if (options.activationToken && availableSteps?.some(({ name }) => name === 'identify')) {\n      const error = new AuthSdkError('activationToken is not supported based on your current org configuration.');\n      throw error;\n    // return { status: IdxStatus.FAILURE, error } as unknown as IdxTransaction; // TODO: wny not just throw the error?\n    }\n  }\n\n  return run(authClient, {\n    ...options,\n    flow: 'register'\n  });\n}\n"],"file":"register.js"}

package/cjs/idx/remediate.js

@@ -60,7 +60,7 @@ function removeActionFromOptions(options, actionName) {
 } // This function is called recursively until it reaches success or cannot be remediated
 
 
-async function remediate(idxResponse, values, options) {
+async function remediate(authClient, idxResponse, values, options) {
   let {
     neededToProceed,
     interactionCode
@@ -73,18 +73,6 @@ async function remediate(idxResponse, values, options) {
     return {
       idxResponse
     };
-  } // Reach to terminal state
-
-
-  const terminal = (0, _util.isTerminalResponse)(idxResponse);
-  const messages = (0, _util.getMessagesFromResponse)(idxResponse);
-
-  if (terminal) {
-    return {
-      idxResponse,
-      terminal,
-      messages
-    };
   }
 
   const remediator = (0, _util.getRemediator)(neededToProceed, values, options); // Try actions in idxResponse first
@@ -113,7 +101,7 @@ async function remediate(idxResponse, values, options) {
             requestDidSucceed: true
           };
         } catch (e) {
-          return (0, _util.handleIdxError)(e, remediator);
+          return (0, _util.handleIdxError)(authClient, e, remediator);
         }
 
         if (action === 'cancel') {
@@ -123,7 +111,7 @@ async function remediate(idxResponse, values, options) {
           };
         }
 
-        return remediate(idxResponse, valuesWithoutExecutedAction, optionsWithoutExecutedAction); // recursive call
+        return remediate(authClient, idxResponse, valuesWithoutExecutedAction, optionsWithoutExecutedAction); // recursive call
       } // search for action in remediation list
 
 
@@ -138,12 +126,24 @@ async function remediate(idxResponse, values, options) {
             requestDidSucceed: true
           };
         } catch (e) {
-          return (0, _util.handleIdxError)(e, remediator);
+          return (0, _util.handleIdxError)(authClient, e, remediator);
         }
 
-        return remediate(idxResponse, values, optionsWithoutExecutedAction); // recursive call
+        return remediate(authClient, idxResponse, values, optionsWithoutExecutedAction); // recursive call
       }
     }
+  } // Do not attempt to remediate if response is in terminal state
+
+
+  const terminal = (0, _util.isTerminalResponse)(idxResponse);
+  const messages = (0, _util.getMessagesFromResponse)(idxResponse);
+
+  if (terminal) {
+    return {
+      idxResponse,
+      terminal,
+      messages
+    };
   }
 
   if (!remediator) {
@@ -159,7 +159,7 @@ async function remediate(idxResponse, values, options) {
           idxResponse
         };
       } catch (e) {
-        return (0, _util.handleIdxError)(e);
+        return (0, _util.handleIdxError)(authClient, e);
       }
     }
 
@@ -177,7 +177,7 @@ async function remediate(idxResponse, values, options) {
 
 
   if (!remediator.canRemediate()) {
-    const nextStep = (0, _util.getNextStep)(remediator, idxResponse);
+    const nextStep = (0, _util.getNextStep)(authClient, remediator, idxResponse);
     return {
       idxResponse,
       nextStep,
@@ -200,9 +200,9 @@ async function remediate(idxResponse, values, options) {
       step: undefined
     }; // do not re-use the step
 
-    return remediate(idxResponse, values, options); // recursive call
+    return remediate(authClient, idxResponse, values, options); // recursive call
   } catch (e) {
-    return (0, _util.handleIdxError)(e, remediator);
+    return (0, _util.handleIdxError)(authClient, e, remediator);
   }
 }
 //# sourceMappingURL=remediate.js.map

package/cjs/idx/remediate.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/idx/remediate.ts"],"names":["getActionFromValues","values","idxResponse","actions","action","resend","removeActionFromValues","undefined","removeActionFromOptions","options","actionName","entry","name","remediate","neededToProceed","interactionCode","flow","terminal","messages","remediator","actionFromValues","actionFromOptions","params","valuesWithoutExecutedAction","optionsWithoutExecutedAction","requestDidSucceed","e","canceled","remediationAction","proceed","step","AuthSdkError","acc","curr","canRemediate","nextStep","length","getName","data","getData","getValuesAfterProceed"],"mappings":";;;;;;;;;;;;;;;;AAcA;;AAQA;;AAtBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAiCA,SAASA,mBAAT,CAA6BC,MAA7B,EAAwDC,WAAxD,EAAsG;AAAA;;AACpG;AACA,SAAO,iDAAYA,WAAW,CAACC,OAAxB,kBAAsCC,MAAM,IAAI,CAAC,CAACH,MAAM,CAACI,MAAT,IAAmB,uBAAAD,MAAM,MAAN,CAAAA,MAAM,EAAU,SAAV,CAAzE,CAAP;AACD;;AAED,SAASE,sBAAT,CAAgCL,MAAhC,EAA8E;AAC5E;AACA,SAAO,EACL,GAAGA,MADE;AAELI,IAAAA,MAAM,EAAEE;AAFH,GAAP;AAID;;AAED,SAASC,uBAAT,CAAiCC,OAAjC,EAA4DC,UAA5D,EAAkG;AAChG,MAAIP,OAAO,GAAGM,OAAO,CAACN,OAAR,IAAmB,EAAjC;AACAA,EAAAA,OAAO,GAAG,qBAAAA,OAAO,MAAP,CAAAA,OAAO,EAAQQ,KAAK,IAAI;AAChC,QAAI,OAAOA,KAAP,KAAiB,QAArB,EAA+B;AAC7B,aAAOA,KAAK,KAAKD,UAAjB;AACD;;AACD,WAAOC,KAAK,CAACC,IAAN,KAAeF,UAAtB;AACD,GALgB,CAAjB;AAOA,SAAO,EAAE,GAAGD,OAAL;AAAcN,IAAAA;AAAd,GAAP;AACD,C,CAED;;;AACO,eAAeU,SAAf,CACLX,WADK,EAELD,MAFK,EAGLQ,OAHK,EAIyB;AAC9B,MAAI;AAAEK,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCb,WAA3C;AACA,QAAM;AAAEc,IAAAA;AAAF,MAAWP,OAAjB,CAF8B,CAI9B;;AACA,MAAIM,eAAJ,EAAqB;AACnB,WAAO;AAAEb,MAAAA;AAAF,KAAP;AACD,GAP6B,CAS9B;;;AACA,QAAMe,QAAQ,GAAG,8BAAmBf,WAAnB,CAAjB;AACA,QAAMgB,QAAQ,GAAG,mCAAwBhB,WAAxB,CAAjB;;AACA,MAAIe,QAAJ,EAAc;AACZ,WAAO;AAAEf,MAAAA,WAAF;AAAee,MAAAA,QAAf;AAAyBC,MAAAA;AAAzB,KAAP;AACD;;AAED,QAAMC,UAAU,GAAG,yBAAcL,eAAd,EAA+Bb,MAA/B,EAAuCQ,OAAvC,CAAnB,CAhB8B,CAkB9B;;AACA,QAAMW,gBAAgB,GAAGpB,mBAAmB,CAACC,MAAD,EAASC,WAAT,CAA5C;AACA,QAAMmB,iBAAiB,GAAGZ,OAAO,CAACN,OAAR,IAAmB,EAA7C;AACA,QAAMA,OAAO,GAAG,CACd,GAAGkB,iBADW,EAEd,IAAID,gBAAgB,IAAI,CAACA,gBAAD,CAApB,IAA0C,EAA9C,CAFc,CAAhB;;AAIA,MAAIjB,OAAJ,EAAa;AACX,SAAK,IAAIC,MAAT,IAAmBD,OAAnB,EAA4B;AAC1B;AACA,UAAImB,MAAuB,GAAG,EAA9B;;AACA,UAAI,OAAOlB,MAAP,KAAkB,QAAtB,EAAgC;AAC9BkB,QAAAA,MAAM,GAAGlB,MAAM,CAACkB,MAAP,IAAiB,EAA1B;AACAlB,QAAAA,MAAM,GAAGA,MAAM,CAACQ,IAAhB;AACD;;AACD,UAAIW,2BAA2B,GAAGjB,sBAAsB,CAACL,MAAD,CAAxD;AACA,UAAIuB,4BAA4B,GAAGhB,uBAAuB,CAACC,OAAD,EAAUL,MAAV,CAA1D;;AAEA,UAAI,OAAOF,WAAW,CAACC,OAAZ,CAAoBC,MAApB,CAAP,KAAuC,UAA3C,EAAuD;AACrD,YAAI;AACFF,UAAAA,WAAW,GAAG,MAAMA,WAAW,CAACC,OAAZ,CAAoBC,MAApB,EAA4BkB,MAA5B,CAApB;AACApB,UAAAA,WAAW,GAAG,EAAE,GAAGA,WAAL;AAAkBuB,YAAAA,iBAAiB,EAAE;AAArC,WAAd;AACD,SAHD,CAGE,OAAOC,CAAP,EAAU;AACV,iBAAO,0BAAeA,CAAf,EAAkBP,UAAlB,CAAP;AACD;;AACD,YAAIf,MAAM,KAAK,QAAf,EAAyB;AACvB,iBAAO;AAAEF,YAAAA,WAAF;AAAeyB,YAAAA,QAAQ,EAAE;AAAzB,WAAP;AACD;;AACD,eAAOd,SAAS,CAACX,WAAD,EAAcqB,2BAAd,EAA2CC,4BAA3C,CAAhB,CAVqD,CAUqC;AAC3F,OArByB,CAuB1B;;;AACA,YAAMI,iBAAiB,GAAG,mBAAAd,eAAe,MAAf,CAAAA,eAAe,EAAM,CAAC;AAAEF,QAAAA;AAAF,OAAD,KAAcA,IAAI,KAAKR,MAA7B,CAAzC;;AACA,UAAIwB,iBAAJ,EAAuB;AACrB,YAAI;AACF1B,UAAAA,WAAW,GAAG,MAAMA,WAAW,CAAC2B,OAAZ,CAAoBzB,MAApB,EAA4BkB,MAA5B,CAApB;AACApB,UAAAA,WAAW,GAAG,EAAE,GAAGA,WAAL;AAAkBuB,YAAAA,iBAAiB,EAAE;AAArC,WAAd;AACD,SAHD,CAIA,OAAOC,CAAP,EAAU;AACR,iBAAO,0BAAeA,CAAf,EAAkBP,UAAlB,CAAP;AACD;;AAED,eAAON,SAAS,CAACX,WAAD,EAAcD,MAAd,EAAsBuB,4BAAtB,CAAhB,CATqB,CASgD;AACtE;AACF;AACF;;AAED,MAAI,CAACL,UAAL,EAAiB;AACf,QAAIV,OAAO,CAACqB,IAAZ,EAAkB;AAChB7B,MAAAA,MAAM,GAAG,sCAA2BC,WAA3B,EAAwCO,OAAO,CAACqB,IAAhD,EAAsD7B,MAAtD,CAAT,CADgB,CACwD;;AACxE,UAAI;AACFC,QAAAA,WAAW,GAAG,MAAMA,WAAW,CAAC2B,OAAZ,CAAoBpB,OAAO,CAACqB,IAA5B,EAAkC7B,MAAlC,CAApB;AACAC,QAAAA,WAAW,GAAG,EAAE,GAAGA,WAAL;AAAkBuB,UAAAA,iBAAiB,EAAE;AAArC,SAAd;AACA,eAAO;AAAEvB,UAAAA;AAAF,SAAP;AACD,OAJD,CAIE,OAAMwB,CAAN,EAAS;AACT,eAAO,0BAAeA,CAAf,CAAP;AACD;AACF;;AACD,QAAIV,IAAI,KAAK,SAAb,EAAwB;AACtB,aAAO;AAAEd,QAAAA;AAAF,OAAP;AACD;;AACD,UAAM,IAAI6B,oBAAJ,CAAkB;AAC5B;AACA,uBAAuB,qBAAAjB,eAAe,MAAf,CAAAA,eAAe,EAAQ,CAACkB,GAAD,EAAMC,IAAN,KAAeD,GAAG,GAAGA,GAAG,GAAG,IAAN,GAAaC,IAAI,CAACrB,IAArB,GAA4BqB,IAAI,CAACrB,IAA3D,EAAiE,EAAjE,CAAqE;AAC3G,KAHU,CAAN;AAID,GAnF6B,CAqF9B;;;AACA,MAAI,CAACO,UAAU,CAACe,YAAX,EAAL,EAAgC;AAC9B,UAAMC,QAAQ,GAAG,uBAAYhB,UAAZ,EAAwBjB,WAAxB,CAAjB;AACA,WAAO;AACLA,MAAAA,WADK;AAELiC,MAAAA,QAFK;AAGLjB,MAAAA,QAAQ,EAAEA,QAAQ,CAACkB,MAAT,GAAkBlB,QAAlB,GAA4BX;AAHjC,KAAP;AAKD;;AAED,QAAMK,IAAI,GAAGO,UAAU,CAACkB,OAAX,EAAb;AACA,QAAMC,IAAI,GAAGnB,UAAU,CAACoB,OAAX,EAAb;;AACA,MAAI;AACFrC,IAAAA,WAAW,GAAG,MAAMA,WAAW,CAAC2B,OAAZ,CAAoBjB,IAApB,EAA0B0B,IAA1B,CAApB;AACApC,IAAAA,WAAW,GAAG,EAAE,GAAGA,WAAL;AAAkBuB,MAAAA,iBAAiB,EAAE;AAArC,KAAd,CAFE,CAGF;AACA;;AACAxB,IAAAA,MAAM,GAAGkB,UAAU,CAACqB,qBAAX,EAAT;AACA/B,IAAAA,OAAO,GAAG,EAAE,GAAGA,OAAL;AAAcqB,MAAAA,IAAI,EAAEvB;AAApB,KAAV,CANE,CAMyC;;AAC3C,WAAOM,SAAS,CAACX,WAAD,EAAcD,MAAd,EAAsBQ,OAAtB,CAAhB,CAPE,CAO8C;AACjD,GARD,CAQE,OAAOiB,CAAP,EAAU;AACV,WAAO,0BAAeA,CAAf,EAAkBP,UAAlB,CAAP;AACD;AACF","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, max-depth, complexity */\nimport { AuthSdkError } from '../errors';\nimport { RemediationValues } from './remediators';\nimport { FlowIdentifier, RemediationResponse } from './types';\nimport { RemediationFlow } from './flow';\nimport { \n  IdxResponse,\n  IdxActionParams, \n} from './types/idx-js';\nimport {\n  getMessagesFromResponse,\n  isTerminalResponse,\n  filterValuesForRemediation,\n  getRemediator,\n  getNextStep,\n  handleIdxError\n} from './util';\n\nexport interface RemediateActionWithOptionalParams {\n  name: string;\n  params?: IdxActionParams;\n}\n\nexport type RemediateAction = string | RemediateActionWithOptionalParams;\nexport interface RemediateOptions {\n  remediators?: RemediationFlow;\n  actions?: RemediateAction[];\n  flow?: FlowIdentifier;\n  step?: string;\n  shouldProceedWithEmailAuthenticator?: boolean; // will be removed in next major version\n}\n\n\nfunction getActionFromValues(values: RemediationValues, idxResponse: IdxResponse): string | undefined {\n  // Currently support resend actions only\n  return Object.keys(idxResponse.actions).find(action => !!values.resend && action.includes('-resend'));\n}\n\nfunction removeActionFromValues(values: RemediationValues): RemediationValues {\n  // Currently support resend actions only\n  return {\n    ...values,\n    resend: undefined\n  };\n}\n\nfunction removeActionFromOptions(options: RemediateOptions, actionName: string): RemediateOptions {\n  let actions = options.actions || [];\n  actions = actions.filter(entry => {\n    if (typeof entry === 'string') {\n      return entry !== actionName;\n    }\n    return entry.name !== actionName;\n  });\n\n  return { ...options, actions };\n}\n\n// This function is called recursively until it reaches success or cannot be remediated\nexport async function remediate(\n  idxResponse: IdxResponse,\n  values: RemediationValues,\n  options: RemediateOptions\n): Promise<RemediationResponse> {\n  let { neededToProceed, interactionCode } = idxResponse;\n  const { flow } = options;\n\n  // If the response contains an interaction code, there is no need to remediate\n  if (interactionCode) {\n    return { idxResponse };\n  }\n\n  // Reach to terminal state\n  const terminal = isTerminalResponse(idxResponse);\n  const messages = getMessagesFromResponse(idxResponse);\n  if (terminal) {\n    return { idxResponse, terminal, messages };\n  }\n\n  const remediator = getRemediator(neededToProceed, values, options);\n\n  // Try actions in idxResponse first\n  const actionFromValues = getActionFromValues(values, idxResponse);\n  const actionFromOptions = options.actions || [];\n  const actions = [\n    ...actionFromOptions,\n    ...(actionFromValues && [actionFromValues] || []),\n  ];\n  if (actions) {\n    for (let action of actions) {\n      // Action can either be specified as a string, or as an object with name and optional params\n      let params: IdxActionParams = {};\n      if (typeof action !== 'string') {\n        params = action.params || {};\n        action = action.name;\n      }\n      let valuesWithoutExecutedAction = removeActionFromValues(values);\n      let optionsWithoutExecutedAction = removeActionFromOptions(options, action);\n\n      if (typeof idxResponse.actions[action] === 'function') {\n        try {\n          idxResponse = await idxResponse.actions[action](params);\n          idxResponse = { ...idxResponse, requestDidSucceed: true };\n        } catch (e) {\n          return handleIdxError(e, remediator);\n        }\n        if (action === 'cancel') {\n          return { idxResponse, canceled: true };\n        }\n        return remediate(idxResponse, valuesWithoutExecutedAction, optionsWithoutExecutedAction); // recursive call\n      }\n\n      // search for action in remediation list\n      const remediationAction = neededToProceed.find(({ name }) => name === action);\n      if (remediationAction) {\n        try {\n          idxResponse = await idxResponse.proceed(action, params);\n          idxResponse = { ...idxResponse, requestDidSucceed: true };\n        }\n        catch (e) {\n          return handleIdxError(e, remediator);\n        }\n\n        return remediate(idxResponse, values, optionsWithoutExecutedAction); // recursive call\n      }\n    }\n  }\n\n  if (!remediator) {\n    if (options.step) {\n      values = filterValuesForRemediation(idxResponse, options.step, values); // include only requested values\n      try {\n        idxResponse = await idxResponse.proceed(options.step, values);\n        idxResponse = { ...idxResponse, requestDidSucceed: true };\n        return { idxResponse };\n      } catch(e) {\n        return handleIdxError(e);\n      }\n    }\n    if (flow === 'default') {\n      return { idxResponse };\n    }\n    throw new AuthSdkError(`\n      No remediation can match current flow, check policy settings in your org.\n      Remediations: [${neededToProceed.reduce((acc, curr) => acc ? acc + ' ,' + curr.name : curr.name, '')}]\n    `);\n  }\n\n  // Return next step to the caller\n  if (!remediator.canRemediate()) {\n    const nextStep = getNextStep(remediator, idxResponse);\n    return {\n      idxResponse,\n      nextStep,\n      messages: messages.length ? messages: undefined\n    };\n  }\n\n  const name = remediator.getName();\n  const data = remediator.getData();\n  try {\n    idxResponse = await idxResponse.proceed(name, data);\n    idxResponse = { ...idxResponse, requestDidSucceed: true };\n    // We may want to trim the values bag for the next remediation\n    // Let the remediator decide what the values should be (default to current values)\n    values = remediator.getValuesAfterProceed();\n    options = { ...options, step: undefined }; // do not re-use the step\n    return remediate(idxResponse, values, options); // recursive call\n  } catch (e) {\n    return handleIdxError(e, remediator);\n  }\n}\n"],"file":"remediate.js"}
+{"version":3,"sources":["../../../lib/idx/remediate.ts"],"names":["getActionFromValues","values","idxResponse","actions","action","resend","removeActionFromValues","undefined","removeActionFromOptions","options","actionName","entry","name","remediate","authClient","neededToProceed","interactionCode","flow","remediator","actionFromValues","actionFromOptions","params","valuesWithoutExecutedAction","optionsWithoutExecutedAction","requestDidSucceed","e","canceled","remediationAction","proceed","terminal","messages","step","AuthSdkError","acc","curr","canRemediate","nextStep","length","getName","data","getData","getValuesAfterProceed"],"mappings":";;;;;;;;;;;;;;;;AAeA;;AAOA;;AAtBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AA0BA,SAASA,mBAAT,CAA6BC,MAA7B,EAAwDC,WAAxD,EAAsG;AAAA;;AACpG;AACA,SAAO,iDAAYA,WAAW,CAACC,OAAxB,kBAAsCC,MAAM,IAAI,CAAC,CAACH,MAAM,CAACI,MAAT,IAAmB,uBAAAD,MAAM,MAAN,CAAAA,MAAM,EAAU,SAAV,CAAzE,CAAP;AACD;;AAED,SAASE,sBAAT,CAAgCL,MAAhC,EAA8E;AAC5E;AACA,SAAO,EACL,GAAGA,MADE;AAELI,IAAAA,MAAM,EAAEE;AAFH,GAAP;AAID;;AAED,SAASC,uBAAT,CAAiCC,OAAjC,EAA4DC,UAA5D,EAAkG;AAChG,MAAIP,OAAO,GAAGM,OAAO,CAACN,OAAR,IAAmB,EAAjC;AACAA,EAAAA,OAAO,GAAG,qBAAAA,OAAO,MAAP,CAAAA,OAAO,EAAQQ,KAAK,IAAI;AAChC,QAAI,OAAOA,KAAP,KAAiB,QAArB,EAA+B;AAC7B,aAAOA,KAAK,KAAKD,UAAjB;AACD;;AACD,WAAOC,KAAK,CAACC,IAAN,KAAeF,UAAtB;AACD,GALgB,CAAjB;AAOA,SAAO,EAAE,GAAGD,OAAL;AAAcN,IAAAA;AAAd,GAAP;AACD,C,CAED;;;AACO,eAAeU,SAAf,CACLC,UADK,EAELZ,WAFK,EAGLD,MAHK,EAILQ,OAJK,EAKyB;AAC9B,MAAI;AAAEM,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCd,WAA3C;AACA,QAAM;AAAEe,IAAAA;AAAF,MAAWR,OAAjB,CAF8B,CAI9B;;AACA,MAAIO,eAAJ,EAAqB;AACnB,WAAO;AAAEd,MAAAA;AAAF,KAAP;AACD;;AAED,QAAMgB,UAAU,GAAG,yBAAcH,eAAd,EAA+Bd,MAA/B,EAAuCQ,OAAvC,CAAnB,CAT8B,CAW9B;;AACA,QAAMU,gBAAgB,GAAGnB,mBAAmB,CAACC,MAAD,EAASC,WAAT,CAA5C;AACA,QAAMkB,iBAAiB,GAAGX,OAAO,CAACN,OAAR,IAAmB,EAA7C;AACA,QAAMA,OAAO,GAAG,CACd,GAAGiB,iBADW,EAEd,IAAID,gBAAgB,IAAI,CAACA,gBAAD,CAApB,IAA0C,EAA9C,CAFc,CAAhB;;AAIA,MAAIhB,OAAJ,EAAa;AACX,SAAK,IAAIC,MAAT,IAAmBD,OAAnB,EAA4B;AAC1B;AACA,UAAIkB,MAAuB,GAAG,EAA9B;;AACA,UAAI,OAAOjB,MAAP,KAAkB,QAAtB,EAAgC;AAC9BiB,QAAAA,MAAM,GAAGjB,MAAM,CAACiB,MAAP,IAAiB,EAA1B;AACAjB,QAAAA,MAAM,GAAGA,MAAM,CAACQ,IAAhB;AACD;;AACD,UAAIU,2BAA2B,GAAGhB,sBAAsB,CAACL,MAAD,CAAxD;AACA,UAAIsB,4BAA4B,GAAGf,uBAAuB,CAACC,OAAD,EAAUL,MAAV,CAA1D;;AAEA,UAAI,OAAOF,WAAW,CAACC,OAAZ,CAAoBC,MAApB,CAAP,KAAuC,UAA3C,EAAuD;AACrD,YAAI;AACFF,UAAAA,WAAW,GAAG,MAAMA,WAAW,CAACC,OAAZ,CAAoBC,MAApB,EAA4BiB,MAA5B,CAApB;AACAnB,UAAAA,WAAW,GAAG,EAAE,GAAGA,WAAL;AAAkBsB,YAAAA,iBAAiB,EAAE;AAArC,WAAd;AACD,SAHD,CAGE,OAAOC,CAAP,EAAU;AACV,iBAAO,0BAAeX,UAAf,EAA2BW,CAA3B,EAA8BP,UAA9B,CAAP;AACD;;AACD,YAAId,MAAM,KAAK,QAAf,EAAyB;AACvB,iBAAO;AAAEF,YAAAA,WAAF;AAAewB,YAAAA,QAAQ,EAAE;AAAzB,WAAP;AACD;;AACD,eAAOb,SAAS,CACdC,UADc,EAEdZ,WAFc,EAGdoB,2BAHc,EAIdC,4BAJc,CAAhB,CAVqD,CAelD;AACJ,OA1ByB,CA4B1B;;;AACA,YAAMI,iBAAiB,GAAG,mBAAAZ,eAAe,MAAf,CAAAA,eAAe,EAAM,CAAC;AAAEH,QAAAA;AAAF,OAAD,KAAcA,IAAI,KAAKR,MAA7B,CAAzC;;AACA,UAAIuB,iBAAJ,EAAuB;AACrB,YAAI;AACFzB,UAAAA,WAAW,GAAG,MAAMA,WAAW,CAAC0B,OAAZ,CAAoBxB,MAApB,EAA4BiB,MAA5B,CAApB;AACAnB,UAAAA,WAAW,GAAG,EAAE,GAAGA,WAAL;AAAkBsB,YAAAA,iBAAiB,EAAE;AAArC,WAAd;AACD,SAHD,CAIA,OAAOC,CAAP,EAAU;AACR,iBAAO,0BAAeX,UAAf,EAA2BW,CAA3B,EAA8BP,UAA9B,CAAP;AACD;;AAED,eAAOL,SAAS,CAACC,UAAD,EAAaZ,WAAb,EAA0BD,MAA1B,EAAkCsB,4BAAlC,CAAhB,CATqB,CAS4D;AAClF;AACF;AACF,GA7D6B,CA+D9B;;;AACA,QAAMM,QAAQ,GAAG,8BAAmB3B,WAAnB,CAAjB;AACA,QAAM4B,QAAQ,GAAG,mCAAwB5B,WAAxB,CAAjB;;AACA,MAAI2B,QAAJ,EAAc;AACZ,WAAO;AAAE3B,MAAAA,WAAF;AAAe2B,MAAAA,QAAf;AAAyBC,MAAAA;AAAzB,KAAP;AACD;;AAED,MAAI,CAACZ,UAAL,EAAiB;AACf,QAAIT,OAAO,CAACsB,IAAZ,EAAkB;AAChB9B,MAAAA,MAAM,GAAG,sCAA2BC,WAA3B,EAAwCO,OAAO,CAACsB,IAAhD,EAAsD9B,MAAtD,CAAT,CADgB,CACwD;;AACxE,UAAI;AACFC,QAAAA,WAAW,GAAG,MAAMA,WAAW,CAAC0B,OAAZ,CAAoBnB,OAAO,CAACsB,IAA5B,EAAkC9B,MAAlC,CAApB;AACAC,QAAAA,WAAW,GAAG,EAAE,GAAGA,WAAL;AAAkBsB,UAAAA,iBAAiB,EAAE;AAArC,SAAd;AACA,eAAO;AAAEtB,UAAAA;AAAF,SAAP;AACD,OAJD,CAIE,OAAMuB,CAAN,EAAS;AACT,eAAO,0BAAeX,UAAf,EAA2BW,CAA3B,CAAP;AACD;AACF;;AACD,QAAIR,IAAI,KAAK,SAAb,EAAwB;AACtB,aAAO;AAAEf,QAAAA;AAAF,OAAP;AACD;;AACD,UAAM,IAAI8B,oBAAJ,CAAkB;AAC5B;AACA,uBAAuB,qBAAAjB,eAAe,MAAf,CAAAA,eAAe,EAAQ,CAACkB,GAAD,EAAMC,IAAN,KAAeD,GAAG,GAAGA,GAAG,GAAG,IAAN,GAAaC,IAAI,CAACtB,IAArB,GAA4BsB,IAAI,CAACtB,IAA3D,EAAiE,EAAjE,CAAqE;AAC3G,KAHU,CAAN;AAID,GAxF6B,CA0F9B;;;AACA,MAAI,CAACM,UAAU,CAACiB,YAAX,EAAL,EAAgC;AAC9B,UAAMC,QAAQ,GAAG,uBAAYtB,UAAZ,EAAwBI,UAAxB,EAAoChB,WAApC,CAAjB;AACA,WAAO;AACLA,MAAAA,WADK;AAELkC,MAAAA,QAFK;AAGLN,MAAAA,QAAQ,EAAEA,QAAQ,CAACO,MAAT,GAAkBP,QAAlB,GAA4BvB;AAHjC,KAAP;AAKD;;AAED,QAAMK,IAAI,GAAGM,UAAU,CAACoB,OAAX,EAAb;AACA,QAAMC,IAAI,GAAGrB,UAAU,CAACsB,OAAX,EAAb;;AACA,MAAI;AACFtC,IAAAA,WAAW,GAAG,MAAMA,WAAW,CAAC0B,OAAZ,CAAoBhB,IAApB,EAA0B2B,IAA1B,CAApB;AACArC,IAAAA,WAAW,GAAG,EAAE,GAAGA,WAAL;AAAkBsB,MAAAA,iBAAiB,EAAE;AAArC,KAAd,CAFE,CAGF;AACA;;AACAvB,IAAAA,MAAM,GAAGiB,UAAU,CAACuB,qBAAX,EAAT;AACAhC,IAAAA,OAAO,GAAG,EAAE,GAAGA,OAAL;AAAcsB,MAAAA,IAAI,EAAExB;AAApB,KAAV,CANE,CAMyC;;AAC3C,WAAOM,SAAS,CAACC,UAAD,EAAaZ,WAAb,EAA0BD,MAA1B,EAAkCQ,OAAlC,CAAhB,CAPE,CAO0D;AAC7D,GARD,CAQE,OAAOgB,CAAP,EAAU;AACV,WAAO,0BAAeX,UAAf,EAA2BW,CAA3B,EAA8BP,UAA9B,CAAP;AACD;AACF","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, max-depth, complexity */\nimport { OktaAuthInterface } from '../types';\nimport { AuthSdkError } from '../errors';\nimport { RemediationValues } from './remediators';\nimport { RemediateOptions, RemediationResponse } from './types';\nimport { \n  IdxResponse,\n  IdxActionParams, \n} from './types/idx-js';\nimport {\n  getMessagesFromResponse,\n  isTerminalResponse,\n  filterValuesForRemediation,\n  getRemediator,\n  getNextStep,\n  handleIdxError\n} from './util';\n\nexport interface RemediateActionWithOptionalParams {\n  name: string;\n  params?: IdxActionParams;\n}\n\nexport type RemediateAction = string | RemediateActionWithOptionalParams;\n\n\nfunction getActionFromValues(values: RemediationValues, idxResponse: IdxResponse): string | undefined {\n  // Currently support resend actions only\n  return Object.keys(idxResponse.actions).find(action => !!values.resend && action.includes('-resend'));\n}\n\nfunction removeActionFromValues(values: RemediationValues): RemediationValues {\n  // Currently support resend actions only\n  return {\n    ...values,\n    resend: undefined\n  };\n}\n\nfunction removeActionFromOptions(options: RemediateOptions, actionName: string): RemediateOptions {\n  let actions = options.actions || [];\n  actions = actions.filter(entry => {\n    if (typeof entry === 'string') {\n      return entry !== actionName;\n    }\n    return entry.name !== actionName;\n  });\n\n  return { ...options, actions };\n}\n\n// This function is called recursively until it reaches success or cannot be remediated\nexport async function remediate(\n  authClient: OktaAuthInterface,\n  idxResponse: IdxResponse,\n  values: RemediationValues,\n  options: RemediateOptions\n): Promise<RemediationResponse> {\n  let { neededToProceed, interactionCode } = idxResponse;\n  const { flow } = options;\n\n  // If the response contains an interaction code, there is no need to remediate\n  if (interactionCode) {\n    return { idxResponse };\n  }\n\n  const remediator = getRemediator(neededToProceed, values, options);\n\n  // Try actions in idxResponse first\n  const actionFromValues = getActionFromValues(values, idxResponse);\n  const actionFromOptions = options.actions || [];\n  const actions = [\n    ...actionFromOptions,\n    ...(actionFromValues && [actionFromValues] || []),\n  ];\n  if (actions) {\n    for (let action of actions) {\n      // Action can either be specified as a string, or as an object with name and optional params\n      let params: IdxActionParams = {};\n      if (typeof action !== 'string') {\n        params = action.params || {};\n        action = action.name;\n      }\n      let valuesWithoutExecutedAction = removeActionFromValues(values);\n      let optionsWithoutExecutedAction = removeActionFromOptions(options, action);\n\n      if (typeof idxResponse.actions[action] === 'function') {\n        try {\n          idxResponse = await idxResponse.actions[action](params);\n          idxResponse = { ...idxResponse, requestDidSucceed: true };\n        } catch (e) {\n          return handleIdxError(authClient, e, remediator);\n        }\n        if (action === 'cancel') {\n          return { idxResponse, canceled: true };\n        }\n        return remediate(\n          authClient, \n          idxResponse, \n          valuesWithoutExecutedAction, \n          optionsWithoutExecutedAction\n        ); // recursive call\n      }\n\n      // search for action in remediation list\n      const remediationAction = neededToProceed.find(({ name }) => name === action);\n      if (remediationAction) {\n        try {\n          idxResponse = await idxResponse.proceed(action, params);\n          idxResponse = { ...idxResponse, requestDidSucceed: true };\n        }\n        catch (e) {\n          return handleIdxError(authClient, e, remediator);\n        }\n\n        return remediate(authClient, idxResponse, values, optionsWithoutExecutedAction); // recursive call\n      }\n    }\n  }\n\n  // Do not attempt to remediate if response is in terminal state\n  const terminal = isTerminalResponse(idxResponse);\n  const messages = getMessagesFromResponse(idxResponse);\n  if (terminal) {\n    return { idxResponse, terminal, messages };\n  }\n\n  if (!remediator) {\n    if (options.step) {\n      values = filterValuesForRemediation(idxResponse, options.step, values); // include only requested values\n      try {\n        idxResponse = await idxResponse.proceed(options.step, values);\n        idxResponse = { ...idxResponse, requestDidSucceed: true };\n        return { idxResponse };\n      } catch(e) {\n        return handleIdxError(authClient, e);\n      }\n    }\n    if (flow === 'default') {\n      return { idxResponse };\n    }\n    throw new AuthSdkError(`\n      No remediation can match current flow, check policy settings in your org.\n      Remediations: [${neededToProceed.reduce((acc, curr) => acc ? acc + ' ,' + curr.name : curr.name, '')}]\n    `);\n  }\n\n  // Return next step to the caller\n  if (!remediator.canRemediate()) {\n    const nextStep = getNextStep(authClient, remediator, idxResponse);\n    return {\n      idxResponse,\n      nextStep,\n      messages: messages.length ? messages: undefined\n    };\n  }\n\n  const name = remediator.getName();\n  const data = remediator.getData();\n  try {\n    idxResponse = await idxResponse.proceed(name, data);\n    idxResponse = { ...idxResponse, requestDidSucceed: true };\n    // We may want to trim the values bag for the next remediation\n    // Let the remediator decide what the values should be (default to current values)\n    values = remediator.getValuesAfterProceed();\n    options = { ...options, step: undefined }; // do not re-use the step\n    return remediate(authClient, idxResponse, values, options); // recursive call\n  } catch (e) {\n    return handleIdxError(authClient, e, remediator);\n  }\n}\n"],"file":"remediate.js"}