@okta/okta-auth-js 6.4.1 → 6.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +25 -0
- package/README.md +1 -1
- package/cjs/OktaAuth.js.map +1 -1
- package/cjs/OktaUserAgent.js +2 -2
- package/cjs/TransactionManager.js +25 -13
- package/cjs/TransactionManager.js.map +1 -1
- package/cjs/crypto/node.js +11 -16
- package/cjs/crypto/node.js.map +1 -1
- package/cjs/errors/AuthApiError.js.map +1 -1
- package/cjs/errors/AuthSdkError.js.map +1 -1
- package/cjs/idx/authenticate.js.map +1 -1
- package/cjs/idx/authenticator/SecurityQuestionEnrollment.js +1 -1
- package/cjs/idx/authenticator/SecurityQuestionEnrollment.js.map +1 -1
- package/cjs/idx/authenticator/SecurityQuestionVerification.js +12 -1
- package/cjs/idx/authenticator/SecurityQuestionVerification.js.map +1 -1
- package/cjs/idx/cancel.js.map +1 -1
- package/cjs/idx/flow/AuthenticationFlow.js.map +1 -1
- package/cjs/idx/idxState/v1/generateIdxAction.js +0 -2
- package/cjs/idx/idxState/v1/generateIdxAction.js.map +1 -1
- package/cjs/idx/idxState/v1/idxResponseParser.js +10 -5
- package/cjs/idx/idxState/v1/idxResponseParser.js.map +1 -1
- package/cjs/idx/idxState/v1/makeIdxState.js +6 -0
- package/cjs/idx/idxState/v1/makeIdxState.js.map +1 -1
- package/cjs/idx/interact.js +16 -16
- package/cjs/idx/interact.js.map +1 -1
- package/cjs/idx/introspect.js +1 -1
- package/cjs/idx/introspect.js.map +1 -1
- package/cjs/idx/proceed.js.map +1 -1
- package/cjs/idx/recoverPassword.js.map +1 -1
- package/cjs/idx/register.js.map +1 -1
- package/cjs/idx/remediate.js +21 -21
- package/cjs/idx/remediate.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorEnrollmentData.js +17 -8
- package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
- package/cjs/idx/remediators/AuthenticatorVerificationData.js +2 -1
- package/cjs/idx/remediators/AuthenticatorVerificationData.js.map +1 -1
- package/cjs/idx/remediators/Base/AuthenticatorData.js +4 -3
- package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
- package/cjs/idx/remediators/Base/Remediator.js +1 -1
- package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
- package/cjs/idx/remediators/Base/SelectAuthenticator.js +20 -7
- package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js +2 -2
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/EnrollPoll.js +2 -2
- package/cjs/idx/remediators/EnrollPoll.js.map +1 -1
- package/cjs/idx/remediators/EnrollmentChannelData.js +2 -2
- package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -1
- package/cjs/idx/remediators/GenericRemediator/GenericRemediator.js +103 -0
- package/cjs/idx/remediators/GenericRemediator/GenericRemediator.js.map +1 -0
- package/cjs/idx/remediators/GenericRemediator/index.js +17 -0
- package/cjs/idx/remediators/GenericRemediator/index.js.map +1 -0
- package/cjs/idx/remediators/GenericRemediator/util.js +81 -0
- package/cjs/idx/remediators/GenericRemediator/util.js.map +1 -0
- package/cjs/idx/remediators/Identify.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js +1 -1
- package/cjs/idx/remediators/SelectAuthenticatorUnlockAccount.js.map +1 -1
- package/cjs/idx/remediators/SelectEnrollmentChannel.js +3 -2
- package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -1
- package/cjs/idx/remediators/index.js +13 -0
- package/cjs/idx/remediators/index.js.map +1 -1
- package/cjs/idx/run.js +54 -16
- package/cjs/idx/run.js.map +1 -1
- package/cjs/idx/startTransaction.js.map +1 -1
- package/cjs/idx/transactionMeta.js +4 -2
- package/cjs/idx/transactionMeta.js.map +1 -1
- package/cjs/idx/types/api.js +42 -0
- package/cjs/idx/types/api.js.map +1 -0
- package/cjs/idx/types/idx-js.js.map +1 -1
- package/cjs/idx/types/index.js +27 -51
- package/cjs/idx/types/index.js.map +1 -1
- package/cjs/idx/types/options.js +2 -0
- package/cjs/idx/types/options.js.map +1 -0
- package/cjs/idx/unlockAccount.js.map +1 -1
- package/cjs/idx/util.js +58 -10
- package/cjs/idx/util.js.map +1 -1
- package/cjs/oidc/exchangeCodeForTokens.js.map +1 -1
- package/cjs/options/index.js +6 -0
- package/cjs/options/index.js.map +1 -1
- package/cjs/types/Transaction.js.map +1 -1
- package/dist/okta-auth-js.min.js +1 -1
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.umd.js +1 -1
- package/dist/okta-auth-js.umd.js.map +1 -1
- package/esm/esm.browser.js +567 -301
- package/esm/esm.browser.js.map +1 -1
- package/esm/esm.node.mjs +567 -301
- package/esm/esm.node.mjs.map +1 -1
- package/lib/OktaAuth.d.ts +2 -2
- package/lib/TransactionManager.d.ts +4 -3
- package/lib/errors/AuthApiError.d.ts +2 -2
- package/lib/errors/AuthSdkError.d.ts +2 -2
- package/lib/idx/authenticate.d.ts +1 -3
- package/lib/idx/authenticator/SecurityQuestionVerification.d.ts +1 -0
- package/lib/idx/cancel.d.ts +2 -3
- package/lib/idx/emailVerify.d.ts +1 -1
- package/lib/idx/idxState/v1/generateIdxAction.d.ts +2 -2
- package/lib/idx/interact.d.ts +2 -16
- package/lib/idx/introspect.d.ts +1 -7
- package/lib/idx/proceed.d.ts +1 -9
- package/lib/idx/recoverPassword.d.ts +1 -3
- package/lib/idx/register.d.ts +1 -3
- package/lib/idx/remediate.d.ts +3 -10
- package/lib/idx/remediators/AuthenticatorEnrollmentData.d.ts +1 -11
- package/lib/idx/remediators/AuthenticatorVerificationData.d.ts +2 -2
- package/lib/idx/remediators/Base/AuthenticatorData.d.ts +5 -1
- package/lib/idx/remediators/Base/Remediator.d.ts +5 -4
- package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +8 -3
- package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +2 -1
- package/lib/idx/remediators/EnrollPoll.d.ts +2 -2
- package/lib/idx/remediators/EnrollmentChannelData.d.ts +8 -4
- package/lib/idx/remediators/GenericRemediator/GenericRemediator.d.ts +9 -0
- package/lib/idx/remediators/GenericRemediator/index.d.ts +1 -0
- package/lib/idx/remediators/GenericRemediator/util.d.ts +3 -0
- package/lib/idx/remediators/SelectAuthenticatorUnlockAccount.d.ts +1 -1
- package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +8 -4
- package/lib/idx/remediators/index.d.ts +1 -0
- package/lib/idx/run.d.ts +1 -10
- package/lib/idx/startTransaction.d.ts +2 -3
- package/lib/idx/types/api.d.ts +104 -0
- package/lib/idx/types/idx-js.d.ts +16 -5
- package/lib/idx/types/index.d.ts +4 -110
- package/lib/idx/types/options.d.ts +46 -0
- package/lib/idx/unlockAccount.d.ts +1 -3
- package/lib/idx/util.d.ts +4 -3
- package/lib/types/OAuth.d.ts +2 -0
- package/lib/types/OktaAuthOptions.d.ts +28 -11
- package/lib/types/Storage.d.ts +2 -1
- package/lib/types/Transaction.d.ts +8 -28
- package/lib/types/api.d.ts +12 -36
- package/package.json +6 -5
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
|
|
4
|
+
|
|
5
|
+
exports.unwrapFormValue = unwrapFormValue;
|
|
6
|
+
exports.hasValidInputValue = hasValidInputValue;
|
|
7
|
+
|
|
8
|
+
var _entries = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/entries"));
|
|
9
|
+
|
|
10
|
+
var _map = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/map"));
|
|
11
|
+
|
|
12
|
+
var _keys = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/keys"));
|
|
13
|
+
|
|
14
|
+
var _includes = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/includes"));
|
|
15
|
+
|
|
16
|
+
var _reduce = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/reduce"));
|
|
17
|
+
|
|
18
|
+
/* eslint-disable complexity */
|
|
19
|
+
function unwrapFormValue(remediation) {
|
|
20
|
+
const res = {};
|
|
21
|
+
|
|
22
|
+
for (const [key, value] of (0, _entries.default)(remediation)) {
|
|
23
|
+
if (value === null || typeof value === 'undefined') {
|
|
24
|
+
continue;
|
|
25
|
+
}
|
|
26
|
+
|
|
27
|
+
if (Array.isArray(value)) {
|
|
28
|
+
res[key] = (0, _map.default)(value).call(value, unwrapFormValue);
|
|
29
|
+
} else if (typeof value === 'object') {
|
|
30
|
+
var _context, _context2;
|
|
31
|
+
|
|
32
|
+
const formKeys = (0, _keys.default)(value); // detect patterns like:
|
|
33
|
+
// value -> form -> value | form -> value
|
|
34
|
+
|
|
35
|
+
if ((0, _includes.default)(_context = ['value', 'form']).call(_context, key) && formKeys.length === 1 && (0, _includes.default)(_context2 = ['value', 'form']).call(_context2, formKeys[0])) {
|
|
36
|
+
// unwrap nested form
|
|
37
|
+
const unwrappedForm = unwrapFormValue(value);
|
|
38
|
+
(0, _entries.default)(unwrappedForm).forEach(([key, value]) => {
|
|
39
|
+
res[key] = value;
|
|
40
|
+
});
|
|
41
|
+
} else {
|
|
42
|
+
// dfs
|
|
43
|
+
res[key] = unwrapFormValue(value);
|
|
44
|
+
}
|
|
45
|
+
} else {
|
|
46
|
+
// handle primitive value
|
|
47
|
+
res[key] = value;
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
return res;
|
|
52
|
+
} // only check if value is required for now
|
|
53
|
+
// TODO: support SDK layer type based input validation
|
|
54
|
+
|
|
55
|
+
|
|
56
|
+
function hasValidInputValue(input, values) {
|
|
57
|
+
const fn = (input, values, requiredTracker) => {
|
|
58
|
+
const {
|
|
59
|
+
name,
|
|
60
|
+
value,
|
|
61
|
+
required
|
|
62
|
+
} = input;
|
|
63
|
+
const isRequired = required || requiredTracker // TODO: confirm with backend why `required` meta is missing for authenticator remediation
|
|
64
|
+
|| name === 'authenticator';
|
|
65
|
+
|
|
66
|
+
if (!isRequired) {
|
|
67
|
+
return true;
|
|
68
|
+
}
|
|
69
|
+
|
|
70
|
+
if (Array.isArray(value)) {
|
|
71
|
+
return (0, _reduce.default)(value).call(value, (acc, item) => {
|
|
72
|
+
return acc && fn(item, values[name], isRequired);
|
|
73
|
+
}, true);
|
|
74
|
+
} else {
|
|
75
|
+
return !!(values && values[name]);
|
|
76
|
+
}
|
|
77
|
+
};
|
|
78
|
+
|
|
79
|
+
return fn(input, values, false);
|
|
80
|
+
}
|
|
81
|
+
//# sourceMappingURL=util.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../../../lib/idx/remediators/GenericRemediator/util.ts"],"names":["unwrapFormValue","remediation","res","key","value","Array","isArray","formKeys","length","unwrappedForm","forEach","hasValidInputValue","input","values","fn","requiredTracker","name","required","isRequired","acc","item"],"mappings":";;;;;;;;;;;;;;;;;AAAA;AAGO,SAASA,eAAT,CAAyBC,WAAzB,EAA6C;AAClD,QAAMC,GAAG,GAAG,EAAZ;;AACA,OAAK,MAAM,CAACC,GAAD,EAAMC,KAAN,CAAX,IAA2B,sBAAeH,WAAf,CAA3B,EAAwD;AACtD,QAAIG,KAAK,KAAK,IAAV,IAAkB,OAAOA,KAAP,KAAiB,WAAvC,EAAoD;AAClD;AACD;;AAED,QAAIC,KAAK,CAACC,OAAN,CAAcF,KAAd,CAAJ,EAA0B;AACxBF,MAAAA,GAAG,CAACC,GAAD,CAAH,GAAW,kBAAAC,KAAK,MAAL,CAAAA,KAAK,EAAKJ,eAAL,CAAhB;AACD,KAFD,MAEO,IAAI,OAAOI,KAAP,KAAiB,QAArB,EAA+B;AAAA;;AACpC,YAAMG,QAAQ,GAAG,mBAAYH,KAAZ,CAAjB,CADoC,CAEpC;AACA;;AACA,UAAI,mCAAC,OAAD,EAAU,MAAV,kBAA2BD,GAA3B,KACCI,QAAQ,CAACC,MAAT,KAAoB,CADrB,IAEC,oCAAC,OAAD,EAAU,MAAV,mBAA2BD,QAAQ,CAAC,CAAD,CAAnC,CAFL,EAGE;AACA;AACA,cAAME,aAAa,GAAGT,eAAe,CAACI,KAAD,CAArC;AACA,8BAAeK,aAAf,EAA8BC,OAA9B,CAAsC,CAAC,CAACP,GAAD,EAAMC,KAAN,CAAD,KAAkB;AACtDF,UAAAA,GAAG,CAACC,GAAD,CAAH,GAAWC,KAAX;AACD,SAFD;AAGD,OATD,MASO;AACL;AACAF,QAAAA,GAAG,CAACC,GAAD,CAAH,GAAWH,eAAe,CAACI,KAAD,CAA1B;AACD;AACF,KAjBM,MAiBA;AACL;AACAF,MAAAA,GAAG,CAACC,GAAD,CAAH,GAAWC,KAAX;AACD;AACF;;AAED,SAAOF,GAAP;AACD,C,CAED;AACA;;;AACO,SAASS,kBAAT,CAA4BC,KAA5B,EAAmCC,MAAnC,EAA2C;AAChD,QAAMC,EAAE,GAAG,CAACF,KAAD,EAAQC,MAAR,EAAgBE,eAAhB,KAAoC;AAC7C,UAAM;AAAEC,MAAAA,IAAF;AAAQZ,MAAAA,KAAR;AAAea,MAAAA;AAAf,QAA4BL,KAAlC;AACA,UAAMM,UAAU,GAAGD,QAAQ,IACtBF,eADc,CAEjB;AAFiB,OAGdC,IAAI,KAAK,eAHd;;AAIA,QAAI,CAACE,UAAL,EAAiB;AACf,aAAO,IAAP;AACD;;AAED,QAAIb,KAAK,CAACC,OAAN,CAAcF,KAAd,CAAJ,EAA0B;AACxB,aAAO,qBAAAA,KAAK,MAAL,CAAAA,KAAK,EAAQ,CAACe,GAAD,EAAMC,IAAN,KAAe;AACjC,eAAOD,GAAG,IAAIL,EAAE,CAACM,IAAD,EAAOP,MAAM,CAACG,IAAD,CAAb,EAAqBE,UAArB,CAAhB;AACD,OAFW,EAET,IAFS,CAAZ;AAGD,KAJD,MAIO;AACL,aAAO,CAAC,EAAEL,MAAM,IAAIA,MAAM,CAACG,IAAD,CAAlB,CAAR;AACD;AACF,GAjBD;;AAmBA,SAAOF,EAAE,CAACF,KAAD,EAAQC,MAAR,EAAgB,KAAhB,CAAT;AACD","sourcesContent":["/* eslint-disable complexity */\nimport { Input } from '../../types';\n\nexport function unwrapFormValue(remediation): Input { \n const res = {};\n for (const [key, value] of Object.entries(remediation)) {\n if (value === null || typeof value === 'undefined') {\n continue;\n }\n\n if (Array.isArray(value)) {\n res[key] = value.map(unwrapFormValue);\n } else if (typeof value === 'object') {\n const formKeys = Object.keys(value as object);\n // detect patterns like:\n // value -> form -> value | form -> value\n if (['value', 'form'].includes(key) \n && formKeys.length === 1 \n && ['value', 'form'].includes(formKeys[0])\n ) {\n // unwrap nested form\n const unwrappedForm = unwrapFormValue(value);\n Object.entries(unwrappedForm).forEach(([key, value]) => {\n res[key] = value;\n });\n } else {\n // dfs\n res[key] = unwrapFormValue(value);\n }\n } else {\n // handle primitive value\n res[key] = value;\n }\n }\n\n return res as Input;\n}\n\n// only check if value is required for now\n// TODO: support SDK layer type based input validation\nexport function hasValidInputValue(input, values) {\n const fn = (input, values, requiredTracker) => {\n const { name, value, required } = input;\n const isRequired = required \n || requiredTracker \n // TODO: confirm with backend why `required` meta is missing for authenticator remediation\n || name === 'authenticator';\n if (!isRequired) {\n return true;\n }\n\n if (Array.isArray(value)) {\n return value.reduce((acc, item) => {\n return acc && fn(item, values[name], isRequired);\n }, true);\n } else {\n return !!(values && values[name]);\n }\n };\n\n return fn(input, values, false);\n}\n"],"file":"util.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/remediators/Identify.ts"],"names":["Identify","Remediator","canRemediate","identifier","getData","mapCredentials","credentials","password","passcode","getInputCredentials","input","form","value","name","required"],"mappings":";;;;;;;;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYO,MAAMA,QAAN,SAAuBC,sBAAvB,CAAkD;AAAA;AAAA;AAAA,+CAGjD;AACJ,oBAAc,CAAC,UAAD;AADV,KAHiD;AAAA;;AAOvDC,EAAAA,YAAY,
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/remediators/Identify.ts"],"names":["Identify","Remediator","canRemediate","identifier","getData","mapCredentials","credentials","password","passcode","getInputCredentials","input","form","value","name","required"],"mappings":";;;;;;;;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYO,MAAMA,QAAN,SAAuBC,sBAAvB,CAAkD;AAAA;AAAA;AAAA,+CAGjD;AACJ,oBAAc,CAAC,UAAD;AADV,KAHiD;AAAA;;AAOvDC,EAAAA,YAAY,GAAY;AACtB,UAAM;AAAEC,MAAAA;AAAF,QAAiB,KAAKC,OAAL,EAAvB;AACA,WAAO,CAAC,CAACD,UAAT;AACD;;AAEDE,EAAAA,cAAc,GAAG;AACf,UAAM;AAAEC,MAAAA,WAAF;AAAeC,MAAAA;AAAf,6BAA4B,IAA5B,CAAN;;AACA,QAAI,CAACD,WAAD,IAAgB,CAACC,QAArB,EAA+B;AAC7B;AACD;;AACD,WAAOD,WAAW,IAAI;AAAEE,MAAAA,QAAQ,EAAED;AAAZ,KAAtB;AACD;;AAEDE,EAAAA,mBAAmB,CAACC,KAAD,EAAQ;AACzB,WAAO,EACL,GAAGA,KAAK,CAACC,IAAN,CAAWC,KAAX,CAAiB,CAAjB,CADE;AAELC,MAAAA,IAAI,EAAE,UAFD;AAGLC,MAAAA,QAAQ,EAAEJ,KAAK,CAACI;AAHX,KAAP;AAKD;;AA1BsD;;;8BAA5Cd,Q,qBACc,U","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Credentials } from '../authenticator';\nimport { Remediator, RemediationValues } from './Base/Remediator';\n\nexport interface IdentifyValues extends RemediationValues {\n username?: string;\n password?: string;\n credentials?: Credentials;\n}\n\nexport class Identify extends Remediator<IdentifyValues> {\n static remediationName = 'identify';\n\n map = {\n 'identifier': ['username']\n };\n\n canRemediate(): boolean {\n const { identifier } = this.getData();\n return !!identifier;\n }\n\n mapCredentials() {\n const { credentials, password } = this.values;\n if (!credentials && !password) {\n return;\n }\n return credentials || { passcode: password };\n }\n\n getInputCredentials(input) {\n return {\n ...input.form.value[0],\n name: 'password',\n required: input.required\n };\n }\n\n}\n"],"file":"Identify.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/remediators/SelectAuthenticatorAuthenticate.ts"],"names":["SelectAuthenticatorAuthenticate","SelectAuthenticator","constructor","remediation","values","options","isRecoveryFlow","flow","hasPasswordInOptions","some","relatesTo","key","AuthenticatorKey","OKTA_PASSWORD","password","authenticators"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAEA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYO,MAAMA,+BAAN,SAA8CC,wCAA9C,CAAyG;AAG9GC,EAAAA,WAAW,
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/remediators/SelectAuthenticatorAuthenticate.ts"],"names":["SelectAuthenticatorAuthenticate","SelectAuthenticator","constructor","remediation","values","options","isRecoveryFlow","flow","hasPasswordInOptions","some","relatesTo","key","AuthenticatorKey","OKTA_PASSWORD","password","authenticators"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAEA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYO,MAAMA,+BAAN,SAA8CC,wCAA9C,CAAyG;AAG9GC,EAAAA,WAAW,CACTC,WADS,EAETC,MAAiC,GAAG,EAF3B,EAGTC,OAAyB,GAAG,EAHnB,EAIT;AAAA;;AACA,UAAMF,WAAN,EAAmBC,MAAnB,EAA2BC,OAA3B,EADA,CAGA;;AACA,UAAMC,cAAc,GAAG,KAAKD,OAAL,CAAaE,IAAb,KAAsB,iBAA7C;AACA,UAAMC,oBAAoB,4BAAG,2CAAgCL,WAAhC,EAC1BE,OADuB,0DAAG,sBACjBI,IADiB,CACZ,CAAC;AAAEC,MAAAA;AAAF,KAAD,KAAmB,CAAAA,SAAS,SAAT,IAAAA,SAAS,WAAT,YAAAA,SAAS,CAAEC,GAAX,MAAmBC,wBAAiBC,aAD3C,CAA7B;;AAEA,QAAIL,oBAAoB,KAAKF,cAAc,IAAI,2BAAYQ,QAAnC,CAAxB,EAAsE;AACpE,iCAAYC,cAAZ,GAA6B,CAC3B,IAAG,2BAAYA,cAAZ,IAA8B,EAAjC,CAD2B,EAE3B;AAAEJ,QAAAA,GAAG,EAAEC,wBAAiBC;AAAxB,OAF2B,CAA7B;AAID;AACF;;AApB6G;;;8BAAnGb,+B,qBACc,mC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { SelectAuthenticator, SelectAuthenticatorValues } from './Base/SelectAuthenticator';\nimport { getAuthenticatorFromRemediation } from './util';\nimport { IdxRemediation } from '../types/idx-js';\nimport { AuthenticatorKey, Authenticator, RemediateOptions } from '../types';\n\nexport type SelectAuthenticatorAuthenticateValues = SelectAuthenticatorValues & {\n password?: string;\n};\n\nexport class SelectAuthenticatorAuthenticate extends SelectAuthenticator<SelectAuthenticatorAuthenticateValues> {\n static remediationName = 'select-authenticator-authenticate';\n\n constructor(\n remediation: IdxRemediation, \n values: SelectAuthenticatorValues = {}, \n options: RemediateOptions = {}\n ) {\n super(remediation, values, options);\n\n // Preset password authenticator to trigger recover action\n const isRecoveryFlow = this.options.flow === 'recoverPassword';\n const hasPasswordInOptions = getAuthenticatorFromRemediation(remediation)\n .options?.some(({ relatesTo }) => relatesTo?.key === AuthenticatorKey.OKTA_PASSWORD);\n if (hasPasswordInOptions && (isRecoveryFlow || this.values.password)) {\n this.values.authenticators = [\n ...this.values.authenticators || [],\n { key: AuthenticatorKey.OKTA_PASSWORD }\n ] as Authenticator[];\n }\n }\n}\n"],"file":"SelectAuthenticatorAuthenticate.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/remediators/SelectAuthenticatorUnlockAccount.ts"],"names":["SelectAuthenticatorUnlockAccount","SelectAuthenticator","identifier","canRemediate","getData","mapAuthenticator","remediationValue","authenticatorMap","methodTypeOption","selectedOption","value","form","name","methodTypeValue","methodType","options","getInputUsername","
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/remediators/SelectAuthenticatorUnlockAccount.ts"],"names":["SelectAuthenticatorUnlockAccount","SelectAuthenticator","identifier","canRemediate","getData","mapAuthenticator","remediationValue","authenticatorMap","methodTypeOption","selectedOption","value","form","name","methodTypeValue","methodType","options","getInputUsername","type"],"mappings":";;;;;;;;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAaO,MAAMA,gCAAN,SAA+CC,wCAA/C,CAA2G;AAAA;AAAA;AAAA,+CAI1G;AACJC,MAAAA,UAAU,EAAE,CAAC,UAAD;AADR,KAJ0G;AAAA;;AAQhHC,EAAAA,YAAY,GAAG;AACb,UAAMD,UAAU,GAAG,KAAKE,OAAL,CAAa,YAAb,CAAnB;AACA,WAAO,CAAC,CAACF,UAAF,IAAgB,MAAMC,YAAN,EAAvB;AACD;;AAEDE,EAAAA,gBAAgB,CAACC,gBAAD,EAAwC;AAAA;;AACtD,UAAMC,gBAAgB,GAAG,MAAMF,gBAAN,CAAuBC,gBAAvB,CAAzB;AACA,UAAME,gBAAgB,2BAAG,KAAKC,cAAR,yDAAG,mDAAqBC,KAArB,CAA2BC,IAA3B,CAAgCD,KAAhC,iBAA2C,CAAC;AAAEE,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAK,YAAlE,CAAzB,CAFsD,CAItD;AACA;AACA;;AACA,UAAMC,eAAe,GAAG,2BAAYC,UAAZ,KACtBN,gBADsB,aACtBA,gBADsB,uBACtBA,gBAAgB,CAAEE,KADI,MACeF,gBADf,aACeA,gBADf,gDACeA,gBAAgB,CAAEO,OADjC,oFACe,sBAA4B,CAA5B,CADf,2DACe,uBAAgCL,KAD/C,CAAxB;;AAGA,QAAIG,eAAJ,EAAqB;AACnB,aAAO,EACL,GAAGN,gBADE;AAELO,QAAAA,UAAU,EAAED;AAFP,OAAP;AAID;;AAED,WAAON,gBAAP;AACD;;AAEDS,EAAAA,gBAAgB,GAAI;AAClB,WAAO;AAAEJ,MAAAA,IAAI,EAAE,UAAR;AAAoBK,MAAAA,IAAI,EAAE;AAA1B,KAAP;AACD;;AAnC+G;;;8BAArGjB,gC,qBACc,qC","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { SelectAuthenticator, SelectAuthenticatorValues } from './Base/SelectAuthenticator';\nimport { Authenticator } from '../../types';\nimport { IdxRemediationValue } from '../types/idx-js';\n\n\nexport type SelectAuthenticatorUnlockAccountValues = SelectAuthenticatorValues & {\n identifier?: string;\n methodType?: string;\n};\n\nexport class SelectAuthenticatorUnlockAccount extends SelectAuthenticator<SelectAuthenticatorUnlockAccountValues> {\n static remediationName = 'select-authenticator-unlock-account';\n authenticator?: Authenticator;\n\n map = {\n identifier: ['username']\n };\n\n canRemediate() {\n const identifier = this.getData('identifier');\n return !!identifier && super.canRemediate();\n }\n\n mapAuthenticator(remediationValue: IdxRemediationValue) {\n const authenticatorMap = super.mapAuthenticator(remediationValue);\n const methodTypeOption = this.selectedOption?.value.form.value.find(({ name }) => name === 'methodType');\n\n // defaults to 'manually defined' value\n // 2nd: option may have pre-defined value, like stateHandle\n // 3rd: if only a single OV option is available, default to that option\n const methodTypeValue = this.values.methodType ||\n methodTypeOption?.value as string || methodTypeOption?.options?.[0]?.value as string;\n\n if (methodTypeValue) {\n return {\n ...authenticatorMap,\n methodType: methodTypeValue\n };\n }\n\n return authenticatorMap;\n }\n\n getInputUsername () {\n return { name: 'username', type: 'string' };\n }\n\n}\n"],"file":"SelectAuthenticatorUnlockAccount.js"}
|
|
@@ -36,11 +36,12 @@ class SelectEnrollmentChannel extends _Remediator.Remediator {
|
|
|
36
36
|
return Boolean((0, _values.default)(this).channel);
|
|
37
37
|
}
|
|
38
38
|
|
|
39
|
-
getNextStep(context) {
|
|
40
|
-
const common = super.getNextStep();
|
|
39
|
+
getNextStep(authClient, context) {
|
|
40
|
+
const common = super.getNextStep(authClient, context);
|
|
41
41
|
const options = this.getChannels();
|
|
42
42
|
const authenticator = context.currentAuthenticator.value;
|
|
43
43
|
return { ...common,
|
|
44
|
+
// TODO: remove options field in the next major version - OKTA-491236
|
|
44
45
|
...(options && {
|
|
45
46
|
options
|
|
46
47
|
}),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/remediators/SelectEnrollmentChannel.ts"],"names":["SelectEnrollmentChannel","Remediator","canRemediate","Boolean","channel","getNextStep","context","common","options","getChannels","authenticator","currentAuthenticator","value","remediation","remediationValue","form","name","getData","id","stateHandle","getValuesAfterProceed","trimmedValues","valueKey","values"],"mappings":";;;;;;;;;;;;;;;;;;AAaA;;AAEA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAaO,MAAMA,uBAAN,SAAsCC,sBAAtC,CAAgF;AAGrFC,EAAAA,YAAY,GAAG;AACb,WAAOC,OAAO,CAAC,2BAAYC,OAAb,CAAd;AACD;;AAEDC,EAAAA,WAAW,CAACC,
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/remediators/SelectEnrollmentChannel.ts"],"names":["SelectEnrollmentChannel","Remediator","canRemediate","Boolean","channel","getNextStep","authClient","context","common","options","getChannels","authenticator","currentAuthenticator","value","remediation","remediationValue","form","name","getData","id","stateHandle","getValuesAfterProceed","trimmedValues","valueKey","values"],"mappings":";;;;;;;;;;;;;;;;;;AAaA;;AAEA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAaO,MAAMA,uBAAN,SAAsCC,sBAAtC,CAAgF;AAGrFC,EAAAA,YAAY,GAAG;AACb,WAAOC,OAAO,CAAC,2BAAYC,OAAb,CAAd;AACD;;AAEDC,EAAAA,WAAW,CAACC,UAAD,EAAgCC,OAAhC,EAAqD;AAC9D,UAAMC,MAAM,GAAG,MAAMH,WAAN,CAAkBC,UAAlB,EAA8BC,OAA9B,CAAf;AACA,UAAME,OAAO,GAAG,KAAKC,WAAL,EAAhB;AACA,UAAMC,aAAa,GAAGJ,OAAO,CAACK,oBAAR,CAA6BC,KAAnD;AACA,WAAO,EACL,GAAGL,MADE;AAEL;AACA,UAAIC,OAAO,IAAI;AAAEA,QAAAA;AAAF,OAAf,CAHK;AAILE,MAAAA;AAJK,KAAP;AAMD;;AAEOD,EAAAA,WAAW,GAA4B;AAAA;;AAC7C,UAAMC,aAAkC,GAAG,2CAAgC,KAAKG,WAArC,CAA3C;AACA,UAAMC,gBAAgB,GAAGJ,aAAa,CAACE,KAAvC;AACA,oCAAO,8BAAAE,gBAAgB,CAACC,IAAjB,CAAsBH,KAAtB,iBAAiC,CAAC;AAAEI,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAK,SAAxD,CAAP,0DAAO,sBAAoER,OAA3E;AACD;;AAEDS,EAAAA,OAAO,GAAG;AACR;AACA,UAAMH,gBAAgB,GAAG,KAAKD,WAAL,CAAkBD,KAAlB,CAAyB,CAAzB,EAA4BA,KAArD;AACA,WAAO;AACLF,MAAAA,aAAa,EAAE;AACbQ,QAAAA,EAAE,EAAEJ,gBAAgB,CAACC,IAAjB,CAAsBH,KAAtB,CAA4B,CAA5B,EAA+BA,KADtB;AAEbT,QAAAA,OAAO,EAAE,2BAAYA;AAFR,OADV;AAKLgB,MAAAA,WAAW,EAAE,2BAAYA;AALpB,KAAP;AAQD;;AAEDC,EAAAA,qBAAqB,GAAkC;AAAA;;AACrD,QAAIC,aAAa,GAAG,yEAAY,IAAZ,oBAAgCC,QAAQ,IAAIA,QAAQ,KAAK,SAAzD,CAApB;AACA,WAAO,qBAAAD,aAAa,MAAb,CAAAA,aAAa,EAAQ,CAACE,MAAD,EAASD,QAAT,MAAuB,EAAC,GAAGC,MAAJ;AAAY,OAACD,QAAD,GAAY,2BAAYA,QAAZ;AAAxB,KAAvB,CAAR,EAAgF,EAAhF,CAApB;AACD;;AAzCoF;;;8BAA1EvB,uB,qBACc,2B","sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Base/Remediator';\nimport { IdxRemediationValueForm, IdxOption, IdxRemediationValue, IdxContext } from '../types/idx-js';\nimport { getAuthenticatorFromRemediation } from './util';\nimport { OktaAuthInterface } from '../../types';\n\n\nexport type SelectEnrollmentChannelValues = RemediationValues & {\n channel?: string;\n};\n\nexport class SelectEnrollmentChannel extends Remediator<SelectEnrollmentChannelValues> {\n static remediationName = 'select-enrollment-channel';\n\n canRemediate() {\n return Boolean(this.values.channel);\n }\n\n getNextStep(authClient: OktaAuthInterface, context: IdxContext) {\n const common = super.getNextStep(authClient, context);\n const options = this.getChannels();\n const authenticator = context.currentAuthenticator.value;\n return {\n ...common,\n // TODO: remove options field in the next major version - OKTA-491236\n ...(options && { options }),\n authenticator,\n };\n }\n\n private getChannels(): IdxOption[] | undefined {\n const authenticator: IdxRemediationValue = getAuthenticatorFromRemediation(this.remediation);\n const remediationValue = authenticator.value as IdxRemediationValueForm;\n return remediationValue.form.value.find(({ name }) => name === 'channel')?.options;\n }\n\n getData() {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const remediationValue = this.remediation!.value![0].value as IdxRemediationValueForm;\n return {\n authenticator: {\n id: remediationValue.form.value[0].value,\n channel: this.values.channel,\n },\n stateHandle: this.values.stateHandle,\n\n };\n }\n\n getValuesAfterProceed(): SelectEnrollmentChannelValues {\n let trimmedValues = Object.keys(this.values).filter(valueKey => valueKey !== 'channel');\n return trimmedValues.reduce((values, valueKey) => ({...values, [valueKey]: this.values[valueKey]}), {});\n }\n}\n"],"file":"SelectEnrollmentChannel.js"}
|
|
@@ -248,4 +248,17 @@ _Object$keys(_Skip).forEach(function (key) {
|
|
|
248
248
|
}
|
|
249
249
|
});
|
|
250
250
|
});
|
|
251
|
+
|
|
252
|
+
var _GenericRemediator = require("./GenericRemediator");
|
|
253
|
+
|
|
254
|
+
_Object$keys(_GenericRemediator).forEach(function (key) {
|
|
255
|
+
if (key === "default" || key === "__esModule") return;
|
|
256
|
+
if (key in exports && exports[key] === _GenericRemediator[key]) return;
|
|
257
|
+
Object.defineProperty(exports, key, {
|
|
258
|
+
enumerable: true,
|
|
259
|
+
get: function () {
|
|
260
|
+
return _GenericRemediator[key];
|
|
261
|
+
}
|
|
262
|
+
});
|
|
263
|
+
});
|
|
251
264
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/remediators/index.ts"],"names":[],"mappings":";;;;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './Base/Remediator';\nexport * from './EnrollAuthenticator';\nexport * from './EnrollPoll';\nexport * from './SelectEnrollmentChannel';\nexport * from './EnrollmentChannelData';\nexport * from './ChallengeAuthenticator';\nexport * from './ChallengePoll';\nexport * from './ResetAuthenticator';\nexport * from './EnrollProfile';\nexport * from './Identify';\nexport * from './ReEnrollAuthenticator';\nexport * from './RedirectIdp';\nexport * from './SelectAuthenticatorAuthenticate';\nexport * from './SelectAuthenticatorEnroll';\nexport * from './SelectAuthenticatorUnlockAccount';\nexport * from './SelectEnrollProfile';\nexport * from './AuthenticatorVerificationData';\nexport * from './AuthenticatorEnrollmentData';\nexport * from './Skip';\n"],"file":"index.js"}
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/remediators/index.ts"],"names":[],"mappings":";;;;AAaA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;AACA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nexport * from './Base/Remediator';\nexport * from './EnrollAuthenticator';\nexport * from './EnrollPoll';\nexport * from './SelectEnrollmentChannel';\nexport * from './EnrollmentChannelData';\nexport * from './ChallengeAuthenticator';\nexport * from './ChallengePoll';\nexport * from './ResetAuthenticator';\nexport * from './EnrollProfile';\nexport * from './Identify';\nexport * from './ReEnrollAuthenticator';\nexport * from './RedirectIdp';\nexport * from './SelectAuthenticatorAuthenticate';\nexport * from './SelectAuthenticatorEnroll';\nexport * from './SelectAuthenticatorUnlockAccount';\nexport * from './SelectEnrollProfile';\nexport * from './AuthenticatorVerificationData';\nexport * from './AuthenticatorEnrollmentData';\nexport * from './Skip';\nexport * from './GenericRemediator';\n"],"file":"index.js"}
|
package/cjs/idx/run.js
CHANGED
|
@@ -1,7 +1,13 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
+
var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
|
|
4
|
+
|
|
3
5
|
exports.run = run;
|
|
4
6
|
|
|
7
|
+
var _keys = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/object/keys"));
|
|
8
|
+
|
|
9
|
+
var _find = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/find"));
|
|
10
|
+
|
|
5
11
|
var _interact = require("./interact");
|
|
6
12
|
|
|
7
13
|
var _introspect = require("./introspect");
|
|
@@ -45,6 +51,8 @@ function initializeValues(options) {
|
|
|
45
51
|
}
|
|
46
52
|
|
|
47
53
|
function initializeData(authClient, data) {
|
|
54
|
+
var _authClient$options$i;
|
|
55
|
+
|
|
48
56
|
const {
|
|
49
57
|
options
|
|
50
58
|
} = data;
|
|
@@ -52,7 +60,8 @@ function initializeData(authClient, data) {
|
|
|
52
60
|
flow,
|
|
53
61
|
withCredentials,
|
|
54
62
|
remediators,
|
|
55
|
-
actions
|
|
63
|
+
actions,
|
|
64
|
+
useGenericRemediator
|
|
56
65
|
} = options;
|
|
57
66
|
const status = _types.IdxStatus.PENDING; // certain options can be set by the flow specification
|
|
58
67
|
|
|
@@ -67,12 +76,14 @@ function initializeData(authClient, data) {
|
|
|
67
76
|
actions = actions || flowSpec.actions;
|
|
68
77
|
}
|
|
69
78
|
|
|
79
|
+
useGenericRemediator = useGenericRemediator || ((_authClient$options$i = authClient.options.idx) === null || _authClient$options$i === void 0 ? void 0 : _authClient$options$i.useGenericRemediator) || false;
|
|
70
80
|
return { ...data,
|
|
71
81
|
options: { ...options,
|
|
72
82
|
flow,
|
|
73
83
|
withCredentials,
|
|
74
84
|
remediators,
|
|
75
|
-
actions
|
|
85
|
+
actions,
|
|
86
|
+
useGenericRemediator
|
|
76
87
|
},
|
|
77
88
|
status
|
|
78
89
|
};
|
|
@@ -89,7 +100,8 @@ async function getDataFromIntrospect(authClient, data) {
|
|
|
89
100
|
state,
|
|
90
101
|
scopes,
|
|
91
102
|
recoveryToken,
|
|
92
|
-
activationToken
|
|
103
|
+
activationToken,
|
|
104
|
+
maxAge
|
|
93
105
|
} = options;
|
|
94
106
|
let idxResponse;
|
|
95
107
|
let meta = (0, _transactionMeta.getSavedTransactionMeta)(authClient, {
|
|
@@ -117,7 +129,8 @@ async function getDataFromIntrospect(authClient, data) {
|
|
|
117
129
|
state,
|
|
118
130
|
scopes,
|
|
119
131
|
activationToken,
|
|
120
|
-
recoveryToken
|
|
132
|
+
recoveryToken,
|
|
133
|
+
maxAge
|
|
121
134
|
});
|
|
122
135
|
interactionHandle = interactResponse.interactionHandle;
|
|
123
136
|
meta = interactResponse.meta;
|
|
@@ -137,7 +150,7 @@ async function getDataFromIntrospect(authClient, data) {
|
|
|
137
150
|
};
|
|
138
151
|
}
|
|
139
152
|
|
|
140
|
-
async function getDataFromRemediate(data) {
|
|
153
|
+
async function getDataFromRemediate(authClient, data) {
|
|
141
154
|
let {
|
|
142
155
|
idxResponse,
|
|
143
156
|
options,
|
|
@@ -149,8 +162,9 @@ async function getDataFromRemediate(data) {
|
|
|
149
162
|
actions,
|
|
150
163
|
flow,
|
|
151
164
|
step,
|
|
152
|
-
shouldProceedWithEmailAuthenticator
|
|
153
|
-
|
|
165
|
+
shouldProceedWithEmailAuthenticator,
|
|
166
|
+
// will be removed in next major version
|
|
167
|
+
useGenericRemediator
|
|
154
168
|
} = options;
|
|
155
169
|
const shouldRemediate = autoRemediate !== false && (remediators || actions || step);
|
|
156
170
|
|
|
@@ -166,13 +180,14 @@ async function getDataFromRemediate(data) {
|
|
|
166
180
|
idxResponse: idxResponseFromRemediation,
|
|
167
181
|
nextStep,
|
|
168
182
|
canceled
|
|
169
|
-
} = await (0, _remediate.remediate)(idxResponse, values, {
|
|
183
|
+
} = await (0, _remediate.remediate)(authClient, idxResponse, values, {
|
|
170
184
|
remediators,
|
|
171
185
|
actions,
|
|
172
186
|
flow,
|
|
173
187
|
step,
|
|
174
|
-
shouldProceedWithEmailAuthenticator
|
|
175
|
-
|
|
188
|
+
shouldProceedWithEmailAuthenticator,
|
|
189
|
+
// will be removed in next major version
|
|
190
|
+
useGenericRemediator
|
|
176
191
|
});
|
|
177
192
|
idxResponse = idxResponseFromRemediation;
|
|
178
193
|
return { ...data,
|
|
@@ -219,6 +234,7 @@ async function finalizeData(authClient, data) {
|
|
|
219
234
|
const {
|
|
220
235
|
exchangeCodeForTokens
|
|
221
236
|
} = options;
|
|
237
|
+
let shouldSaveResponse = false;
|
|
222
238
|
let shouldClearTransaction = false;
|
|
223
239
|
let clearSharedStorage = true;
|
|
224
240
|
let interactionCode;
|
|
@@ -229,15 +245,31 @@ async function finalizeData(authClient, data) {
|
|
|
229
245
|
let terminal;
|
|
230
246
|
|
|
231
247
|
if (idxResponse) {
|
|
248
|
+
shouldSaveResponse = !!(idxResponse.requestDidSucceed || idxResponse.stepUp);
|
|
232
249
|
enabledFeatures = (0, _util.getEnabledFeatures)(idxResponse);
|
|
233
|
-
availableSteps = (0, _util.getAvailableSteps)(idxResponse);
|
|
250
|
+
availableSteps = (0, _util.getAvailableSteps)(authClient, idxResponse, options.useGenericRemediator);
|
|
234
251
|
messages = (0, _util.getMessagesFromResponse)(idxResponse);
|
|
235
252
|
terminal = (0, _util.isTerminalResponse)(idxResponse);
|
|
236
253
|
}
|
|
237
254
|
|
|
238
255
|
if (terminal) {
|
|
239
|
-
status = _types.IdxStatus.TERMINAL;
|
|
240
|
-
|
|
256
|
+
status = _types.IdxStatus.TERMINAL; // In most cases a terminal response should not clear transaction data. The user should cancel or skip to continue.
|
|
257
|
+
// A terminal "success" is a non-error response with no further actions available.
|
|
258
|
+
// In these narrow cases, saved transaction data should be cleared.
|
|
259
|
+
// One example of a terminal success is when the email verify flow is continued in another tab
|
|
260
|
+
|
|
261
|
+
const hasActions = (0, _keys.default)(idxResponse.actions).length > 0;
|
|
262
|
+
const hasErrors = !!(0, _find.default)(messages).call(messages, msg => msg.class === 'ERROR');
|
|
263
|
+
const isTerminalSuccess = !hasActions && !hasErrors && idxResponse.requestDidSucceed === true;
|
|
264
|
+
|
|
265
|
+
if (isTerminalSuccess) {
|
|
266
|
+
shouldClearTransaction = true;
|
|
267
|
+
} else {
|
|
268
|
+
// only save response if there are actions available (ignore messages)
|
|
269
|
+
shouldSaveResponse = shouldSaveResponse && hasActions;
|
|
270
|
+
} // leave shared storage intact so the transaction can be continued in another tab
|
|
271
|
+
|
|
272
|
+
|
|
241
273
|
clearSharedStorage = false;
|
|
242
274
|
} else if (canceled) {
|
|
243
275
|
status = _types.IdxStatus.CANCELED;
|
|
@@ -259,6 +291,7 @@ async function finalizeData(authClient, data) {
|
|
|
259
291
|
status,
|
|
260
292
|
interactionCode,
|
|
261
293
|
tokens,
|
|
294
|
+
shouldSaveResponse,
|
|
262
295
|
shouldClearTransaction,
|
|
263
296
|
clearSharedStorage,
|
|
264
297
|
enabledFeatures,
|
|
@@ -300,7 +333,7 @@ async function run(authClient, options = {}) {
|
|
|
300
333
|
|
|
301
334
|
try {
|
|
302
335
|
data = await getDataFromIntrospect(authClient, data);
|
|
303
|
-
data = await getDataFromRemediate(data);
|
|
336
|
+
data = await getDataFromRemediate(authClient, data);
|
|
304
337
|
} catch (err) {
|
|
305
338
|
data = handleError(err, data);
|
|
306
339
|
}
|
|
@@ -309,6 +342,7 @@ async function run(authClient, options = {}) {
|
|
|
309
342
|
const {
|
|
310
343
|
idxResponse,
|
|
311
344
|
meta,
|
|
345
|
+
shouldSaveResponse,
|
|
312
346
|
shouldClearTransaction,
|
|
313
347
|
clearSharedStorage,
|
|
314
348
|
status,
|
|
@@ -330,7 +364,9 @@ async function run(authClient, options = {}) {
|
|
|
330
364
|
(0, _transactionMeta.saveTransactionMeta)(authClient, { ...meta
|
|
331
365
|
});
|
|
332
366
|
|
|
333
|
-
if (
|
|
367
|
+
if (shouldSaveResponse) {
|
|
368
|
+
var _context;
|
|
369
|
+
|
|
334
370
|
// Save intermediate idx response in storage to reduce introspect call
|
|
335
371
|
const {
|
|
336
372
|
rawIdxState: rawIdxResponse,
|
|
@@ -338,7 +374,9 @@ async function run(authClient, options = {}) {
|
|
|
338
374
|
} = idxResponse;
|
|
339
375
|
authClient.transactionManager.saveIdxResponse({
|
|
340
376
|
rawIdxResponse,
|
|
341
|
-
requestDidSucceed
|
|
377
|
+
requestDidSucceed,
|
|
378
|
+
stateHandle: (_context = idxResponse.context) === null || _context === void 0 ? void 0 : _context.stateHandle,
|
|
379
|
+
interactionHandle: meta === null || meta === void 0 ? void 0 : meta.interactionHandle
|
|
342
380
|
});
|
|
343
381
|
}
|
|
344
382
|
} // from idx-js, used by the widget
|
package/cjs/idx/run.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["initializeValues","options","knownOptions","values","forEach","option","initializeData","authClient","data","flow","withCredentials","remediators","actions","status","IdxStatus","PENDING","idx","getFlow","setFlow","flowSpec","getDataFromIntrospect","stateHandle","version","state","scopes","recoveryToken","activationToken","idxResponse","meta","interactionHandle","transactionManager","clear","interactResponse","getDataFromRemediate","autoRemediate","step","shouldProceedWithEmailAuthenticator","shouldRemediate","rawIdxState","idxResponseFromRemediation","nextStep","canceled","getTokens","interactionCode","clientId","codeVerifier","ignoreSignature","redirectUri","urls","tokenResponse","token","exchangeCodeForTokens","tokens","finalizeData","shouldClearTransaction","clearSharedStorage","enabledFeatures","availableSteps","messages","terminal","TERMINAL","CANCELED","SUCCESS","handleError","err","error","FAILURE","run","rawIdxResponse","requestDidSucceed","saveIdxResponse","context","neededToProceed","proceed","length"],"mappings":";;;;AAeA;;AACA;;AACA;;AACA;;AAEA;;AAWA;;AACA;;AAEA;;AAlCA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAgDA,SAASA,gBAAT,CAA0BC,OAA1B,EAA+C;AAC7C;AACA,QAAMC,YAAY,GAAG,CACnB,MADmB,EAEnB,aAFmB,EAGnB,SAHmB,EAInB,iBAJmB,EAKnB,MALmB,EAMnB,qCANmB,CAArB;AAQA,QAAMC,MAAM,GAAG,EAAE,GAAGF;AAAL,GAAf;AACAC,EAAAA,YAAY,CAACE,OAAb,CAAqBC,MAAM,IAAI;AAC7B,WAAOF,MAAM,CAACE,MAAD,CAAb;AACD,GAFD;AAGA,SAAOF,MAAP;AACD;;AAED,SAASG,cAAT,CAAwBC,UAAxB,EAAoCC,IAApC,EAA4D;AAC1D,QAAM;AAAEP,IAAAA;AAAF,MAAcO,IAApB;AACA,MAAI;AACFC,IAAAA,IADE;AAEFC,IAAAA,eAFE;AAGFC,IAAAA,WAHE;AAIFC,IAAAA;AAJE,MAKAX,OALJ;AAOA,QAAMY,MAAM,GAAGC,iBAAUC,OAAzB,CAT0D,CAW1D;;AACAN,EAAAA,IAAI,GAAGA,IAAI,IAAIF,UAAU,CAACS,GAAX,CAAeC,OAAf,EAAR,IAAoC,SAA3C;;AACA,MAAIR,IAAJ,EAAU;AACRF,IAAAA,UAAU,CAACS,GAAX,CAAeE,OAAf,CAAuBT,IAAvB;AACA,UAAMU,QAAQ,GAAG,gCAAqBZ,UAArB,EAAiCE,IAAjC,CAAjB,CAFQ,CAGR;;AACAC,IAAAA,eAAe,GAAI,OAAOA,eAAP,KAA2B,WAA5B,GAA2CA,eAA3C,GAA6DS,QAAQ,CAACT,eAAxF;AACAC,IAAAA,WAAW,GAAGA,WAAW,IAAIQ,QAAQ,CAACR,WAAtC;AACAC,IAAAA,OAAO,GAAGA,OAAO,IAAIO,QAAQ,CAACP,OAA9B;AACD;;AACD,SAAO,EACL,GAAGJ,IADE;AAELP,IAAAA,OAAO,EAAE,EAAE,GAAGA,OAAL;AAAcQ,MAAAA,IAAd;AAAoBC,MAAAA,eAApB;AAAqCC,MAAAA,WAArC;AAAkDC,MAAAA;AAAlD,KAFJ;AAGLC,IAAAA;AAHK,GAAP;AAKD;;AAED,eAAeO,qBAAf,CAAqCb,UAArC,EAAiDC,IAAjD,EAAkF;AAChF,QAAM;AAAEP,IAAAA;AAAF,MAAcO,IAApB;AACA,QAAM;AACJa,IAAAA,WADI;AAEJX,IAAAA,eAFI;AAGJY,IAAAA,OAHI;AAIJC,IAAAA,KAJI;AAKJC,IAAAA,MALI;AAMJC,IAAAA,aANI;AAOJC,IAAAA;AAPI,MAQFzB,OARJ;AAUA,MAAI0B,WAAJ;AACA,MAAIC,IAAI,GAAG,8CAAwBrB,UAAxB,EAAoC;AAAEgB,IAAAA,KAAF;AAASE,IAAAA,aAAT;AAAwBC,IAAAA;AAAxB,GAApC,CAAX,CAbgF,CAaW;;AAE3F,MAAIL,WAAJ,EAAiB;AACfM,IAAAA,WAAW,GAAG,MAAM,4BAAWpB,UAAX,EAAuB;AAAEG,MAAAA,eAAF;AAAmBY,MAAAA,OAAnB;AAA4BD,MAAAA;AAA5B,KAAvB,CAApB;AACD,GAFD,MAEO;AAAA;;AACL,QAAIQ,iBAAiB,YAAGD,IAAH,0CAAG,MAAMC,iBAA9B,CADK,CAC4C;;AACjD,QAAI,CAACA,iBAAL,EAAwB;AACtB;AACAtB,MAAAA,UAAU,CAACuB,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAASzB,UAAT,EAAqB;AAClDG,QAAAA,eADkD;AAElDa,QAAAA,KAFkD;AAGlDC,QAAAA,MAHkD;AAIlDE,QAAAA,eAJkD;AAKlDD,QAAAA;AALkD,OAArB,CAA/B;AAOAI,MAAAA,iBAAiB,GAAGG,gBAAgB,CAACH,iBAArC;AACAD,MAAAA,IAAI,GAAGI,gBAAgB,CAACJ,IAAxB;AACD,KAdI,CAgBL;;;AACAD,IAAAA,WAAW,GAAG,MAAM,4BAAWpB,UAAX,EAAuB;AAAEG,MAAAA,eAAF;AAAmBY,MAAAA,OAAnB;AAA4BO,MAAAA;AAA5B,KAAvB,CAApB;AACD;;AACD,SAAO,EAAE,GAAGrB,IAAL;AAAWmB,IAAAA,WAAX;AAAwBC,IAAAA;AAAxB,GAAP;AACD;;AAED,eAAeK,oBAAf,CAAoCzB,IAApC,EAAqE;AACnE,MAAI;AACFmB,IAAAA,WADE;AAEF1B,IAAAA,OAFE;AAGFE,IAAAA;AAHE,MAIAK,IAJJ;AAMA,QAAM;AACJ0B,IAAAA,aADI;AAEJvB,IAAAA,WAFI;AAGJC,IAAAA,OAHI;AAIJH,IAAAA,IAJI;AAKJ0B,IAAAA,IALI;AAMJC,IAAAA,mCANI,CAMiC;;AANjC,MAOFnC,OAPJ;AASA,QAAMoC,eAAe,GAAIH,aAAa,KAAK,KAAlB,KAA4BvB,WAAW,IAAIC,OAAf,IAA0BuB,IAAtD,CAAzB;;AACA,MAAI,CAACE,eAAL,EAAsB;AACpB,WAAO7B,IAAP;AACD;;AAEDL,EAAAA,MAAM,GAAG,EACP,GAAGA,MADI;AAEPkB,IAAAA,WAAW,EAAEM,WAAW,CAAEW,WAAb,CAAyBjB;AAF/B,GAAT,CArBmE,CA0BnE;;AACA,QAAM;AACJM,IAAAA,WAAW,EAAEY,0BADT;AAEJC,IAAAA,QAFI;AAGJC,IAAAA;AAHI,MAIF,MAAM,0BAAUd,WAAV,EAAwBxB,MAAxB,EAAgC;AACxCQ,IAAAA,WADwC;AAExCC,IAAAA,OAFwC;AAGxCH,IAAAA,IAHwC;AAIxC0B,IAAAA,IAJwC;AAKxCC,IAAAA,mCALwC,CAKH;;AALG,GAAhC,CAJV;AAWAT,EAAAA,WAAW,GAAGY,0BAAd;AAEA,SAAO,EAAE,GAAG/B,IAAL;AAAWmB,IAAAA,WAAX;AAAwBa,IAAAA,QAAxB;AAAkCC,IAAAA;AAAlC,GAAP;AACD;;AAED,eAAeC,SAAf,CAAyBnC,UAAzB,EAAqCC,IAArC,EAAqE;AACnE,MAAI;AAAEoB,IAAAA,IAAF;AAAQD,IAAAA;AAAR,MAAwBnB,IAA5B;AACA,QAAM;AAAEmC,IAAAA;AAAF,MAAsBhB,WAA5B;AACA,QAAM;AACJiB,IAAAA,QADI;AAEJC,IAAAA,YAFI;AAGJC,IAAAA,eAHI;AAIJC,IAAAA,WAJI;AAKJC,IAAAA,IALI;AAMJxB,IAAAA;AANI,MAOFI,IAPJ;AAQA,QAAMqB,aAAa,GAAG,MAAM1C,UAAU,CAAC2C,KAAX,CAAiBC,qBAAjB,CAAuC;AACjER,IAAAA,eADiE;AAEjEC,IAAAA,QAFiE;AAGjEC,IAAAA,YAHiE;AAIjEC,IAAAA,eAJiE;AAKjEC,IAAAA,WALiE;AAMjEvB,IAAAA;AANiE,GAAvC,EAOzBwB,IAPyB,CAA5B;AAQA,SAAOC,aAAa,CAACG,MAArB;AACD;;AAED,eAAeC,YAAf,CAA4B9C,UAA5B,EAAwCC,IAAxC,EAAyE;AACvE,MAAI;AACFP,IAAAA,OADE;AAEF0B,IAAAA,WAFE;AAGFc,IAAAA,QAHE;AAIF5B,IAAAA;AAJE,MAKAL,IALJ;AAMA,QAAM;AAAE2C,IAAAA;AAAF,MAA4BlD,OAAlC;AACA,MAAIqD,sBAAsB,GAAG,KAA7B;AACA,MAAIC,kBAAkB,GAAG,IAAzB;AACA,MAAIZ,eAAJ;AACA,MAAIS,MAAJ;AACA,MAAII,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;;AAEA,MAAIhC,WAAJ,EAAiB;AACf6B,IAAAA,eAAe,GAAG,8BAAmB7B,WAAnB,CAAlB;AACA8B,IAAAA,cAAc,GAAG,6BAAkB9B,WAAlB,CAAjB;AACA+B,IAAAA,QAAQ,GAAG,mCAAwB/B,WAAxB,CAAX;AACAgC,IAAAA,QAAQ,GAAG,8BAAmBhC,WAAnB,CAAX;AACD;;AAED,MAAIgC,QAAJ,EAAc;AACZ9C,IAAAA,MAAM,GAAGC,iBAAU8C,QAAnB;AACAN,IAAAA,sBAAsB,GAAG,IAAzB;AACAC,IAAAA,kBAAkB,GAAG,KAArB;AACD,GAJD,MAIO,IAAId,QAAJ,EAAc;AACnB5B,IAAAA,MAAM,GAAGC,iBAAU+C,QAAnB;AACAP,IAAAA,sBAAsB,GAAG,IAAzB;AACD,GAHM,MAGA,IAAI3B,WAAJ,aAAIA,WAAJ,eAAIA,WAAW,CAAEgB,eAAjB,EAAkC;AACvCA,IAAAA,eAAe,GAAGhB,WAAW,CAACgB,eAA9B;;AACA,QAAIQ,qBAAqB,KAAK,KAA9B,EAAqC;AACnCtC,MAAAA,MAAM,GAAGC,iBAAUgD,OAAnB;AACAR,MAAAA,sBAAsB,GAAG,KAAzB;AACD,KAHD,MAGO;AACLF,MAAAA,MAAM,GAAG,MAAMV,SAAS,CAACnC,UAAD,EAAaC,IAAb,CAAxB;AACAK,MAAAA,MAAM,GAAGC,iBAAUgD,OAAnB;AACAR,MAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;;AACD,SAAO,EACL,GAAG9C,IADE;AAELK,IAAAA,MAFK;AAGL8B,IAAAA,eAHK;AAILS,IAAAA,MAJK;AAKLE,IAAAA,sBALK;AAMLC,IAAAA,kBANK;AAOLC,IAAAA,eAPK;AAQLC,IAAAA,cARK;AASLC,IAAAA,QATK;AAULC,IAAAA;AAVK,GAAP;AAYD;;AAED,SAASI,WAAT,CAAqBC,GAArB,EAA0BxD,IAA1B,EAAkD;AAChD,MAAI;AAAEyD,IAAAA,KAAF;AAASpD,IAAAA,MAAT;AAAiByC,IAAAA;AAAjB,MAA4C9C,IAAhD,CADgD,CAGhD;;AACA,MAAI,0BAAcwD,GAAd,CAAJ,EAAwB;AACtBC,IAAAA,KAAK,GAAGD,GAAR;AACAnD,IAAAA,MAAM,GAAGC,iBAAUoD,OAAnB;AACAZ,IAAAA,sBAAsB,GAAG,IAAzB;AACD,GAJD,MAIO;AACL;AACA,UAAMU,GAAN;AACD;;AAED,SAAO,EAAE,GAAGxD,IAAL;AAAWyD,IAAAA,KAAX;AAAkBpD,IAAAA,MAAlB;AAA0ByC,IAAAA;AAA1B,GAAP;AACD;;AAEM,eAAea,GAAf,CACL5D,UADK,EAELN,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIO,IAAa,GAAG;AAClBP,IAAAA,OADkB;AAElBE,IAAAA,MAAM,EAAEH,gBAAgB,CAACC,OAAD;AAFN,GAApB;AAKAO,EAAAA,IAAI,GAAGF,cAAc,CAACC,UAAD,EAAaC,IAAb,CAArB;;AACA,MAAI;AACFA,IAAAA,IAAI,GAAG,MAAMY,qBAAqB,CAACb,UAAD,EAAaC,IAAb,CAAlC;AACAA,IAAAA,IAAI,GAAG,MAAMyB,oBAAoB,CAACzB,IAAD,CAAjC;AACD,GAHD,CAGE,OAAOwD,GAAP,EAAY;AACZxD,IAAAA,IAAI,GAAGuD,WAAW,CAACC,GAAD,EAAMxD,IAAN,CAAlB;AACD;;AACDA,EAAAA,IAAI,GAAG,MAAM6C,YAAY,CAAC9C,UAAD,EAAaC,IAAb,CAAzB;AAEA,QAAM;AACJmB,IAAAA,WADI;AAEJC,IAAAA,IAFI;AAGJ0B,IAAAA,sBAHI;AAIJC,IAAAA,kBAJI;AAKJ1C,IAAAA,MALI;AAMJ2C,IAAAA,eANI;AAOJC,IAAAA,cAPI;AAQJL,IAAAA,MARI;AASJZ,IAAAA,QATI;AAUJkB,IAAAA,QAVI;AAWJO,IAAAA,KAXI;AAYJtB,IAAAA;AAZI,MAaFnC,IAbJ;;AAeA,MAAI8C,sBAAJ,EAA4B;AAC1B/C,IAAAA,UAAU,CAACuB,kBAAX,CAA8BC,KAA9B,CAAoC;AAAEwB,MAAAA;AAAF,KAApC;AACD,GAFD,MAGK;AACH;AACA,8CAAoBhD,UAApB,EAAgC,EAAE,GAAGqB;AAAL,KAAhC;;AAEA,QAAID,WAAJ,EAAiB;AACf;AACA,YAAM;AAAEW,QAAAA,WAAW,EAAE8B,cAAf;AAA+BC,QAAAA;AAA/B,UAAqD1C,WAA3D;AACApB,MAAAA,UAAU,CAACuB,kBAAX,CAA8BwC,eAA9B,CAA8C;AAC5CF,QAAAA,cAD4C;AAE5CC,QAAAA;AAF4C,OAA9C;AAID;AAEF,GA9CwB,CAgDzB;;;AACA,QAAM;AAAEzD,IAAAA,OAAF;AAAW2D,IAAAA,OAAX;AAAoBC,IAAAA,eAApB;AAAqCC,IAAAA,OAArC;AAA8CnC,IAAAA,WAA9C;AAA2D+B,IAAAA;AAA3D,MAAiF1C,WAAW,IAAI,EAAtG;AACA,SAAO;AACLd,IAAAA,MAAM,EAAEA,MADH;AAEL,QAAIe,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAFK;AAGL,QAAI4B,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAHK;AAIL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CAJK;AAKL,QAAIL,MAAM,IAAI;AAAEA,MAAAA;AAAF,KAAd,CALK;AAML,QAAIZ,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CANK;AAOL,QAAIkB,QAAQ,IAAIA,QAAQ,CAACgB,MAArB,IAA+B;AAAEhB,MAAAA;AAAF,KAAnC,CAPK;AAQL,QAAIO,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb,CARK;AASLtB,IAAAA,eATK;AASY;AAEjB;AACA/B,IAAAA,OAAO,EAAEA,OAZJ;AAaL2D,IAAAA,OAAO,EAAEA,OAbJ;AAcLC,IAAAA,eAAe,EAAEA,eAdZ;AAeLC,IAAAA,OAAO,EAAEA,OAfJ;AAgBLnC,IAAAA,WAAW,EAAEA,WAhBR;AAiBL+B,IAAAA;AAjBK,GAAP;AAmBD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate, RemediateOptions } from './remediate';\nimport { getFlowSpecification, RemediationFlow } from './flow';\nimport * as remediators from './remediators';\nimport { \n OktaAuthInterface,\n IdxStatus,\n IdxTransaction,\n IdxFeature,\n NextStep,\n FlowIdentifier,\n IdxTransactionMeta,\n Tokens,\n APIError,\n} from '../types';\nimport { IdxMessage, IdxResponse, isIdxResponse } from './types/idx-js';\nimport { getSavedTransactionMeta, saveTransactionMeta } from './transactionMeta';\nimport { ProceedOptions } from './proceed';\nimport { getAvailableSteps, getEnabledFeatures, getMessagesFromResponse, isTerminalResponse } from './util';\n\nexport type RunOptions = ProceedOptions & RemediateOptions & {\n flow?: FlowIdentifier;\n remediators?: RemediationFlow;\n actions?: string[];\n withCredentials?: boolean;\n}\n\ndeclare interface RunData {\n options: RunOptions;\n values: remediators.RemediationValues;\n status?: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError | IdxResponse;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n idxResponse?: IdxResponse;\n canceled?: boolean;\n interactionCode?: string;\n shouldClearTransaction?: boolean;\n clearSharedStorage?: boolean;\n terminal?: boolean;\n}\n\nfunction initializeValues(options: RunOptions) {\n // remove known options, everything else is assumed to be a value\n const knownOptions = [\n 'flow', \n 'remediators', \n 'actions', \n 'withCredentials', \n 'step', \n 'shouldProceedWithEmailAuthenticator'\n ];\n const values = { ...options };\n knownOptions.forEach(option => {\n delete values[option];\n });\n return values;\n}\n\nfunction initializeData(authClient, data: RunData): RunData {\n const { options } = data;\n let {\n flow,\n withCredentials,\n remediators,\n actions\n } = options;\n\n const status = IdxStatus.PENDING;\n\n // certain options can be set by the flow specification\n flow = flow || authClient.idx.getFlow() || 'default';\n if (flow) {\n authClient.idx.setFlow(flow);\n const flowSpec = getFlowSpecification(authClient, flow);\n // Favor option values over flow spec\n withCredentials = (typeof withCredentials !== 'undefined') ? withCredentials : flowSpec.withCredentials;\n remediators = remediators || flowSpec.remediators;\n actions = actions || flowSpec.actions;\n }\n return { \n ...data,\n options: { ...options, flow, withCredentials, remediators, actions },\n status\n };\n}\n\nasync function getDataFromIntrospect(authClient, data: RunData): Promise<RunData> {\n const { options } = data;\n const {\n stateHandle,\n withCredentials,\n version,\n state,\n scopes,\n recoveryToken,\n activationToken\n } = options;\n\n let idxResponse;\n let meta = getSavedTransactionMeta(authClient, { state, recoveryToken, activationToken }); // may be undefined\n\n if (stateHandle) {\n idxResponse = await introspect(authClient, { withCredentials, version, stateHandle });\n } else {\n let interactionHandle = meta?.interactionHandle; // may be undefined\n if (!interactionHandle) {\n // start a new transaction\n authClient.transactionManager.clear();\n const interactResponse = await interact(authClient, {\n withCredentials,\n state,\n scopes,\n activationToken,\n recoveryToken\n }); \n interactionHandle = interactResponse.interactionHandle;\n meta = interactResponse.meta;\n }\n \n // Introspect to get idx response\n idxResponse = await introspect(authClient, { withCredentials, version, interactionHandle });\n }\n return { ...data, idxResponse, meta };\n}\n\nasync function getDataFromRemediate(data: RunData): Promise<RunData> {\n let {\n idxResponse,\n options,\n values\n } = data;\n\n const {\n autoRemediate,\n remediators,\n actions,\n flow,\n step,\n shouldProceedWithEmailAuthenticator, // will be removed in next major version\n } = options;\n \n const shouldRemediate = (autoRemediate !== false && (remediators || actions || step));\n if (!shouldRemediate) {\n return data;\n }\n\n values = { \n ...values, \n stateHandle: idxResponse!.rawIdxState.stateHandle \n };\n\n // Can we handle the remediations?\n const { \n idxResponse: idxResponseFromRemediation, \n nextStep,\n canceled,\n } = await remediate(idxResponse!, values, {\n remediators,\n actions,\n flow,\n step,\n shouldProceedWithEmailAuthenticator, // will be removed in next major version\n });\n idxResponse = idxResponseFromRemediation;\n\n return { ...data, idxResponse, nextStep, canceled };\n}\n\nasync function getTokens(authClient, data: RunData): Promise<Tokens> {\n let { meta, idxResponse } = data;\n const { interactionCode } = idxResponse as IdxResponse;\n const {\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n urls,\n scopes,\n } = meta as IdxTransactionMeta;\n const tokenResponse = await authClient.token.exchangeCodeForTokens({\n interactionCode,\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n scopes\n }, urls);\n return tokenResponse.tokens;\n}\n\nasync function finalizeData(authClient, data: RunData): Promise<RunData> {\n let {\n options,\n idxResponse,\n canceled,\n status,\n } = data;\n const { exchangeCodeForTokens } = options;\n let shouldClearTransaction = false;\n let clearSharedStorage = true;\n let interactionCode;\n let tokens;\n let enabledFeatures;\n let availableSteps;\n let messages;\n let terminal;\n\n if (idxResponse) {\n enabledFeatures = getEnabledFeatures(idxResponse);\n availableSteps = getAvailableSteps(idxResponse);\n messages = getMessagesFromResponse(idxResponse);\n terminal = isTerminalResponse(idxResponse);\n }\n\n if (terminal) {\n status = IdxStatus.TERMINAL;\n shouldClearTransaction = true;\n clearSharedStorage = false;\n } else if (canceled) {\n status = IdxStatus.CANCELED;\n shouldClearTransaction = true;\n } else if (idxResponse?.interactionCode) { \n interactionCode = idxResponse.interactionCode;\n if (exchangeCodeForTokens === false) {\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = false;\n } else {\n tokens = await getTokens(authClient, data);\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = true;\n }\n }\n return {\n ...data,\n status,\n interactionCode,\n tokens,\n shouldClearTransaction,\n clearSharedStorage,\n enabledFeatures,\n availableSteps,\n messages,\n terminal\n };\n}\n\nfunction handleError(err, data: RunData): RunData {\n let { error, status, shouldClearTransaction } = data;\n\n // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors\n if (isIdxResponse(err)) {\n error = err;\n status = IdxStatus.FAILURE;\n shouldClearTransaction = true;\n } else {\n // error is not an IDX response, throw it like a regular error\n throw err;\n }\n\n return { ...data, error, status, shouldClearTransaction };\n}\n\nexport async function run(\n authClient: OktaAuthInterface, \n options: RunOptions = {},\n): Promise<IdxTransaction> {\n let data: RunData = {\n options,\n values: initializeValues(options)\n };\n\n data = initializeData(authClient, data);\n try {\n data = await getDataFromIntrospect(authClient, data);\n data = await getDataFromRemediate(data);\n } catch (err) {\n data = handleError(err, data);\n }\n data = await finalizeData(authClient, data);\n\n const {\n idxResponse,\n meta,\n shouldClearTransaction,\n clearSharedStorage,\n status,\n enabledFeatures,\n availableSteps,\n tokens,\n nextStep,\n messages,\n error,\n interactionCode\n } = data;\n\n if (shouldClearTransaction) {\n authClient.transactionManager.clear({ clearSharedStorage });\n }\n else {\n // ensures state is saved to sessionStorage\n saveTransactionMeta(authClient, { ...meta });\n\n if (idxResponse) {\n // Save intermediate idx response in storage to reduce introspect call\n const { rawIdxState: rawIdxResponse, requestDidSucceed } = idxResponse;\n authClient.transactionManager.saveIdxResponse({\n rawIdxResponse,\n requestDidSucceed\n });\n }\n\n }\n \n // from idx-js, used by the widget\n const { actions, context, neededToProceed, proceed, rawIdxState, requestDidSucceed } = idxResponse || {};\n return {\n status: status!,\n ...(meta && { meta }),\n ...(enabledFeatures && { enabledFeatures }),\n ...(availableSteps && { availableSteps }),\n ...(tokens && { tokens }),\n ...(nextStep && { nextStep }),\n ...(messages && messages.length && { messages }),\n ...(error && { error }),\n interactionCode, // if options.exchangeCodeForTokens is false\n\n // from idx-js\n actions: actions!,\n context: context!,\n neededToProceed: neededToProceed!,\n proceed: proceed!,\n rawIdxState: rawIdxState!,\n requestDidSucceed\n };\n}\n"],"file":"run.js"}
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["initializeValues","options","knownOptions","values","forEach","option","initializeData","authClient","data","flow","withCredentials","remediators","actions","useGenericRemediator","status","IdxStatus","PENDING","idx","getFlow","setFlow","flowSpec","getDataFromIntrospect","stateHandle","version","state","scopes","recoveryToken","activationToken","maxAge","idxResponse","meta","interactionHandle","transactionManager","clear","interactResponse","getDataFromRemediate","autoRemediate","step","shouldProceedWithEmailAuthenticator","shouldRemediate","rawIdxState","idxResponseFromRemediation","nextStep","canceled","getTokens","interactionCode","clientId","codeVerifier","ignoreSignature","redirectUri","urls","tokenResponse","token","exchangeCodeForTokens","tokens","finalizeData","shouldSaveResponse","shouldClearTransaction","clearSharedStorage","enabledFeatures","availableSteps","messages","terminal","requestDidSucceed","stepUp","TERMINAL","hasActions","length","hasErrors","msg","class","isTerminalSuccess","CANCELED","SUCCESS","handleError","err","error","FAILURE","run","rawIdxResponse","saveIdxResponse","context","neededToProceed","proceed"],"mappings":";;;;;;;;;;AAeA;;AACA;;AACA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AAjCA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAwCA,SAASA,gBAAT,CAA0BC,OAA1B,EAA+C;AAC7C;AACA,QAAMC,YAAY,GAAG,CACnB,MADmB,EAEnB,aAFmB,EAGnB,SAHmB,EAInB,iBAJmB,EAKnB,MALmB,EAMnB,qCANmB,CAArB;AAQA,QAAMC,MAAM,GAAG,EAAE,GAAGF;AAAL,GAAf;AACAC,EAAAA,YAAY,CAACE,OAAb,CAAqBC,MAAM,IAAI;AAC7B,WAAOF,MAAM,CAACE,MAAD,CAAb;AACD,GAFD;AAGA,SAAOF,MAAP;AACD;;AAED,SAASG,cAAT,CAAwBC,UAAxB,EAAoCC,IAApC,EAA4D;AAAA;;AAC1D,QAAM;AAAEP,IAAAA;AAAF,MAAcO,IAApB;AACA,MAAI;AACFC,IAAAA,IADE;AAEFC,IAAAA,eAFE;AAGFC,IAAAA,WAHE;AAIFC,IAAAA,OAJE;AAKFC,IAAAA;AALE,MAMAZ,OANJ;AAQA,QAAMa,MAAM,GAAGC,iBAAUC,OAAzB,CAV0D,CAY1D;;AACAP,EAAAA,IAAI,GAAGA,IAAI,IAAIF,UAAU,CAACU,GAAX,CAAeC,OAAf,EAAR,IAAoC,SAA3C;;AACA,MAAIT,IAAJ,EAAU;AACRF,IAAAA,UAAU,CAACU,GAAX,CAAeE,OAAf,CAAuBV,IAAvB;AACA,UAAMW,QAAQ,GAAG,gCAAqBb,UAArB,EAAiCE,IAAjC,CAAjB,CAFQ,CAGR;;AACAC,IAAAA,eAAe,GAAI,OAAOA,eAAP,KAA2B,WAA5B,GAA2CA,eAA3C,GAA6DU,QAAQ,CAACV,eAAxF;AACAC,IAAAA,WAAW,GAAGA,WAAW,IAAIS,QAAQ,CAACT,WAAtC;AACAC,IAAAA,OAAO,GAAGA,OAAO,IAAIQ,QAAQ,CAACR,OAA9B;AACD;;AAEDC,EAAAA,oBAAoB,GAAGA,oBAAoB,8BAAIN,UAAU,CAACN,OAAX,CAAmBgB,GAAvB,0DAAI,sBAAwBJ,oBAA5B,CAApB,IAAwE,KAA/F;AAEA,SAAO,EACL,GAAGL,IADE;AAELP,IAAAA,OAAO,EAAE,EACP,GAAGA,OADI;AAEPQ,MAAAA,IAFO;AAGPC,MAAAA,eAHO;AAIPC,MAAAA,WAJO;AAKPC,MAAAA,OALO;AAMPC,MAAAA;AANO,KAFJ;AAULC,IAAAA;AAVK,GAAP;AAYD;;AAED,eAAeO,qBAAf,CAAqCd,UAArC,EAAiDC,IAAjD,EAAkF;AAChF,QAAM;AAAEP,IAAAA;AAAF,MAAcO,IAApB;AACA,QAAM;AACJc,IAAAA,WADI;AAEJZ,IAAAA,eAFI;AAGJa,IAAAA,OAHI;AAIJC,IAAAA,KAJI;AAKJC,IAAAA,MALI;AAMJC,IAAAA,aANI;AAOJC,IAAAA,eAPI;AAQJC,IAAAA;AARI,MASF3B,OATJ;AAWA,MAAI4B,WAAJ;AACA,MAAIC,IAAI,GAAG,8CAAwBvB,UAAxB,EAAoC;AAAEiB,IAAAA,KAAF;AAASE,IAAAA,aAAT;AAAwBC,IAAAA;AAAxB,GAApC,CAAX,CAdgF,CAcW;;AAE3F,MAAIL,WAAJ,EAAiB;AACfO,IAAAA,WAAW,GAAG,MAAM,4BAAWtB,UAAX,EAAuB;AAAEG,MAAAA,eAAF;AAAmBa,MAAAA,OAAnB;AAA4BD,MAAAA;AAA5B,KAAvB,CAApB;AACD,GAFD,MAEO;AAAA;;AACL,QAAIS,iBAAiB,YAAGD,IAAH,0CAAG,MAAMC,iBAA9B,CADK,CAC4C;;AACjD,QAAI,CAACA,iBAAL,EAAwB;AACtB;AACAxB,MAAAA,UAAU,CAACyB,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAAS3B,UAAT,EAAqB;AAClDG,QAAAA,eADkD;AAElDc,QAAAA,KAFkD;AAGlDC,QAAAA,MAHkD;AAIlDE,QAAAA,eAJkD;AAKlDD,QAAAA,aALkD;AAMlDE,QAAAA;AANkD,OAArB,CAA/B;AAQAG,MAAAA,iBAAiB,GAAGG,gBAAgB,CAACH,iBAArC;AACAD,MAAAA,IAAI,GAAGI,gBAAgB,CAACJ,IAAxB;AACD,KAfI,CAiBL;;;AACAD,IAAAA,WAAW,GAAG,MAAM,4BAAWtB,UAAX,EAAuB;AAAEG,MAAAA,eAAF;AAAmBa,MAAAA,OAAnB;AAA4BQ,MAAAA;AAA5B,KAAvB,CAApB;AACD;;AACD,SAAO,EAAE,GAAGvB,IAAL;AAAWqB,IAAAA,WAAX;AAAwBC,IAAAA;AAAxB,GAAP;AACD;;AAED,eAAeK,oBAAf,CAAoC5B,UAApC,EAAgDC,IAAhD,EAAiF;AAC/E,MAAI;AACFqB,IAAAA,WADE;AAEF5B,IAAAA,OAFE;AAGFE,IAAAA;AAHE,MAIAK,IAJJ;AAMA,QAAM;AACJ4B,IAAAA,aADI;AAEJzB,IAAAA,WAFI;AAGJC,IAAAA,OAHI;AAIJH,IAAAA,IAJI;AAKJ4B,IAAAA,IALI;AAMJC,IAAAA,mCANI;AAMiC;AACrCzB,IAAAA;AAPI,MAQFZ,OARJ;AAUA,QAAMsC,eAAe,GAAIH,aAAa,KAAK,KAAlB,KAA4BzB,WAAW,IAAIC,OAAf,IAA0ByB,IAAtD,CAAzB;;AACA,MAAI,CAACE,eAAL,EAAsB;AACpB,WAAO/B,IAAP;AACD;;AAEDL,EAAAA,MAAM,GAAG,EACP,GAAGA,MADI;AAEPmB,IAAAA,WAAW,EAAEO,WAAW,CAAEW,WAAb,CAAyBlB;AAF/B,GAAT,CAtB+E,CA2B/E;;AACA,QAAM;AACJO,IAAAA,WAAW,EAAEY,0BADT;AAEJC,IAAAA,QAFI;AAGJC,IAAAA;AAHI,MAIF,MAAM,0BACRpC,UADQ,EAERsB,WAFQ,EAGR1B,MAHQ,EAIR;AACEQ,IAAAA,WADF;AAEEC,IAAAA,OAFF;AAGEH,IAAAA,IAHF;AAIE4B,IAAAA,IAJF;AAKEC,IAAAA,mCALF;AAKuC;AACrCzB,IAAAA;AANF,GAJQ,CAJV;AAiBAgB,EAAAA,WAAW,GAAGY,0BAAd;AAEA,SAAO,EAAE,GAAGjC,IAAL;AAAWqB,IAAAA,WAAX;AAAwBa,IAAAA,QAAxB;AAAkCC,IAAAA;AAAlC,GAAP;AACD;;AAED,eAAeC,SAAf,CAAyBrC,UAAzB,EAAqCC,IAArC,EAAqE;AACnE,MAAI;AAAEsB,IAAAA,IAAF;AAAQD,IAAAA;AAAR,MAAwBrB,IAA5B;AACA,QAAM;AAAEqC,IAAAA;AAAF,MAAsBhB,WAA5B;AACA,QAAM;AACJiB,IAAAA,QADI;AAEJC,IAAAA,YAFI;AAGJC,IAAAA,eAHI;AAIJC,IAAAA,WAJI;AAKJC,IAAAA,IALI;AAMJzB,IAAAA;AANI,MAOFK,IAPJ;AAQA,QAAMqB,aAAa,GAAG,MAAM5C,UAAU,CAAC6C,KAAX,CAAiBC,qBAAjB,CAAuC;AACjER,IAAAA,eADiE;AAEjEC,IAAAA,QAFiE;AAGjEC,IAAAA,YAHiE;AAIjEC,IAAAA,eAJiE;AAKjEC,IAAAA,WALiE;AAMjExB,IAAAA;AANiE,GAAvC,EAOzByB,IAPyB,CAA5B;AAQA,SAAOC,aAAa,CAACG,MAArB;AACD;;AAED,eAAeC,YAAf,CAA4BhD,UAA5B,EAAwCC,IAAxC,EAAyE;AACvE,MAAI;AACFP,IAAAA,OADE;AAEF4B,IAAAA,WAFE;AAGFc,IAAAA,QAHE;AAIF7B,IAAAA;AAJE,MAKAN,IALJ;AAMA,QAAM;AAAE6C,IAAAA;AAAF,MAA4BpD,OAAlC;AACA,MAAIuD,kBAAkB,GAAG,KAAzB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAIC,kBAAkB,GAAG,IAAzB;AACA,MAAIb,eAAJ;AACA,MAAIS,MAAJ;AACA,MAAIK,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;;AAEA,MAAIjC,WAAJ,EAAiB;AACf2B,IAAAA,kBAAkB,GAAG,CAAC,EAAE3B,WAAW,CAACkC,iBAAZ,IAAiClC,WAAW,CAACmC,MAA/C,CAAtB;AACAL,IAAAA,eAAe,GAAG,8BAAmB9B,WAAnB,CAAlB;AACA+B,IAAAA,cAAc,GAAG,6BAAkBrD,UAAlB,EAA8BsB,WAA9B,EAA2C5B,OAAO,CAACY,oBAAnD,CAAjB;AACAgD,IAAAA,QAAQ,GAAG,mCAAwBhC,WAAxB,CAAX;AACAiC,IAAAA,QAAQ,GAAG,8BAAmBjC,WAAnB,CAAX;AACD;;AAED,MAAIiC,QAAJ,EAAc;AACZhD,IAAAA,MAAM,GAAGC,iBAAUkD,QAAnB,CADY,CAGZ;AACA;AACA;AACA;;AACA,UAAMC,UAAU,GAAG,mBAAYrC,WAAW,CAAEjB,OAAzB,EAAkCuD,MAAlC,GAA2C,CAA9D;AACA,UAAMC,SAAS,GAAG,CAAC,CAAC,mBAAAP,QAAQ,MAAR,CAAAA,QAAQ,EAAMQ,GAAG,IAAIA,GAAG,CAACC,KAAJ,KAAc,OAA3B,CAA5B;AACA,UAAMC,iBAAiB,GAAG,CAACL,UAAD,IAAe,CAACE,SAAhB,IAA6BvC,WAAW,CAAEkC,iBAAb,KAAmC,IAA1F;;AACA,QAAIQ,iBAAJ,EAAuB;AACrBd,MAAAA,sBAAsB,GAAG,IAAzB;AACD,KAFD,MAEO;AACL;AACAD,MAAAA,kBAAkB,GAAGA,kBAAkB,IAAIU,UAA3C;AACD,KAfW,CAgBZ;;;AACAR,IAAAA,kBAAkB,GAAG,KAArB;AACD,GAlBD,MAkBO,IAAIf,QAAJ,EAAc;AACnB7B,IAAAA,MAAM,GAAGC,iBAAUyD,QAAnB;AACAf,IAAAA,sBAAsB,GAAG,IAAzB;AACD,GAHM,MAGA,IAAI5B,WAAJ,aAAIA,WAAJ,eAAIA,WAAW,CAAEgB,eAAjB,EAAkC;AACvCA,IAAAA,eAAe,GAAGhB,WAAW,CAACgB,eAA9B;;AACA,QAAIQ,qBAAqB,KAAK,KAA9B,EAAqC;AACnCvC,MAAAA,MAAM,GAAGC,iBAAU0D,OAAnB;AACAhB,MAAAA,sBAAsB,GAAG,KAAzB;AACD,KAHD,MAGO;AACLH,MAAAA,MAAM,GAAG,MAAMV,SAAS,CAACrC,UAAD,EAAaC,IAAb,CAAxB;AACAM,MAAAA,MAAM,GAAGC,iBAAU0D,OAAnB;AACAhB,MAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;;AACD,SAAO,EACL,GAAGjD,IADE;AAELM,IAAAA,MAFK;AAGL+B,IAAAA,eAHK;AAILS,IAAAA,MAJK;AAKLE,IAAAA,kBALK;AAMLC,IAAAA,sBANK;AAOLC,IAAAA,kBAPK;AAQLC,IAAAA,eARK;AASLC,IAAAA,cATK;AAULC,IAAAA,QAVK;AAWLC,IAAAA;AAXK,GAAP;AAaD;;AAED,SAASY,WAAT,CAAqBC,GAArB,EAA0BnE,IAA1B,EAAkD;AAChD,MAAI;AAAEoE,IAAAA,KAAF;AAAS9D,IAAAA,MAAT;AAAiB2C,IAAAA;AAAjB,MAA4CjD,IAAhD,CADgD,CAGhD;;AACA,MAAI,0BAAcmE,GAAd,CAAJ,EAAwB;AACtBC,IAAAA,KAAK,GAAGD,GAAR;AACA7D,IAAAA,MAAM,GAAGC,iBAAU8D,OAAnB;AACApB,IAAAA,sBAAsB,GAAG,IAAzB;AACD,GAJD,MAIO;AACL;AACA,UAAMkB,GAAN;AACD;;AAED,SAAO,EAAE,GAAGnE,IAAL;AAAWoE,IAAAA,KAAX;AAAkB9D,IAAAA,MAAlB;AAA0B2C,IAAAA;AAA1B,GAAP;AACD;;AAEM,eAAeqB,GAAf,CACLvE,UADK,EAELN,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIO,IAAa,GAAG;AAClBP,IAAAA,OADkB;AAElBE,IAAAA,MAAM,EAAEH,gBAAgB,CAACC,OAAD;AAFN,GAApB;AAKAO,EAAAA,IAAI,GAAGF,cAAc,CAACC,UAAD,EAAaC,IAAb,CAArB;;AACA,MAAI;AACFA,IAAAA,IAAI,GAAG,MAAMa,qBAAqB,CAACd,UAAD,EAAaC,IAAb,CAAlC;AACAA,IAAAA,IAAI,GAAG,MAAM2B,oBAAoB,CAAC5B,UAAD,EAAaC,IAAb,CAAjC;AACD,GAHD,CAGE,OAAOmE,GAAP,EAAY;AACZnE,IAAAA,IAAI,GAAGkE,WAAW,CAACC,GAAD,EAAMnE,IAAN,CAAlB;AACD;;AACDA,EAAAA,IAAI,GAAG,MAAM+C,YAAY,CAAChD,UAAD,EAAaC,IAAb,CAAzB;AAEA,QAAM;AACJqB,IAAAA,WADI;AAEJC,IAAAA,IAFI;AAGJ0B,IAAAA,kBAHI;AAIJC,IAAAA,sBAJI;AAKJC,IAAAA,kBALI;AAMJ5C,IAAAA,MANI;AAOJ6C,IAAAA,eAPI;AAQJC,IAAAA,cARI;AASJN,IAAAA,MATI;AAUJZ,IAAAA,QAVI;AAWJmB,IAAAA,QAXI;AAYJe,IAAAA,KAZI;AAaJ/B,IAAAA;AAbI,MAcFrC,IAdJ;;AAgBA,MAAIiD,sBAAJ,EAA4B;AAC1BlD,IAAAA,UAAU,CAACyB,kBAAX,CAA8BC,KAA9B,CAAoC;AAAEyB,MAAAA;AAAF,KAApC;AACD,GAFD,MAGK;AACH;AACA,8CAAoBnD,UAApB,EAAgC,EAAE,GAAGuB;AAAL,KAAhC;;AAEA,QAAI0B,kBAAJ,EAAwB;AAAA;;AACtB;AACA,YAAM;AAAEhB,QAAAA,WAAW,EAAEuC,cAAf;AAA+BhB,QAAAA;AAA/B,UAAqDlC,WAA3D;AACAtB,MAAAA,UAAU,CAACyB,kBAAX,CAA8BgD,eAA9B,CAA8C;AAC5CD,QAAAA,cAD4C;AAE5ChB,QAAAA,iBAF4C;AAG5CzC,QAAAA,WAAW,cAAEO,WAAW,CAAEoD,OAAf,6CAAE,SAAsB3D,WAHS;AAI5CS,QAAAA,iBAAiB,EAAED,IAAF,aAAEA,IAAF,uBAAEA,IAAI,CAAEC;AAJmB,OAA9C;AAMD;AACF,GAhDwB,CAkDzB;;;AACA,QAAM;AAAEnB,IAAAA,OAAF;AAAWqE,IAAAA,OAAX;AAAoBC,IAAAA,eAApB;AAAqCC,IAAAA,OAArC;AAA8C3C,IAAAA,WAA9C;AAA2DuB,IAAAA;AAA3D,MAAiFlC,WAAW,IAAI,EAAtG;AACA,SAAO;AACLf,IAAAA,MAAM,EAAEA,MADH;AAEL,QAAIgB,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAFK;AAGL,QAAI6B,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAHK;AAIL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CAJK;AAKL,QAAIN,MAAM,IAAI;AAAEA,MAAAA;AAAF,KAAd,CALK;AAML,QAAIZ,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CANK;AAOL,QAAImB,QAAQ,IAAIA,QAAQ,CAACM,MAArB,IAA+B;AAAEN,MAAAA;AAAF,KAAnC,CAPK;AAQL,QAAIe,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb,CARK;AASL/B,IAAAA,eATK;AASY;AAEjB;AACAjC,IAAAA,OAAO,EAAEA,OAZJ;AAaLqE,IAAAA,OAAO,EAAEA,OAbJ;AAcLC,IAAAA,eAAe,EAAEA,eAdZ;AAeLC,IAAAA,OAAO,EAAEA,OAfJ;AAgBL3C,IAAAA,WAAW,EAAEA,WAhBR;AAiBLuB,IAAAA;AAjBK,GAAP;AAmBD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate } from './remediate';\nimport { getFlowSpecification } from './flow';\nimport * as remediators from './remediators';\nimport { \n OktaAuthInterface,\n IdxStatus,\n IdxTransaction,\n IdxFeature,\n NextStep,\n RunOptions,\n IdxTransactionMeta,\n Tokens,\n APIError,\n} from '../types';\nimport { IdxMessage, IdxResponse, isIdxResponse } from './types/idx-js';\nimport { getSavedTransactionMeta, saveTransactionMeta } from './transactionMeta';\nimport { getAvailableSteps, getEnabledFeatures, getMessagesFromResponse, isTerminalResponse } from './util';\ndeclare interface RunData {\n options: RunOptions;\n values: remediators.RemediationValues;\n status?: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError | IdxResponse;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n idxResponse?: IdxResponse;\n canceled?: boolean;\n interactionCode?: string;\n shouldSaveResponse?: boolean;\n shouldClearTransaction?: boolean;\n clearSharedStorage?: boolean;\n terminal?: boolean;\n}\n\nfunction initializeValues(options: RunOptions) {\n // remove known options, everything else is assumed to be a value\n const knownOptions = [\n 'flow', \n 'remediators', \n 'actions', \n 'withCredentials', \n 'step', \n 'shouldProceedWithEmailAuthenticator'\n ];\n const values = { ...options };\n knownOptions.forEach(option => {\n delete values[option];\n });\n return values;\n}\n\nfunction initializeData(authClient, data: RunData): RunData {\n const { options } = data;\n let {\n flow,\n withCredentials,\n remediators,\n actions,\n useGenericRemediator\n } = options;\n\n const status = IdxStatus.PENDING;\n\n // certain options can be set by the flow specification\n flow = flow || authClient.idx.getFlow() || 'default';\n if (flow) {\n authClient.idx.setFlow(flow);\n const flowSpec = getFlowSpecification(authClient, flow);\n // Favor option values over flow spec\n withCredentials = (typeof withCredentials !== 'undefined') ? withCredentials : flowSpec.withCredentials;\n remediators = remediators || flowSpec.remediators;\n actions = actions || flowSpec.actions;\n }\n\n useGenericRemediator = useGenericRemediator || authClient.options.idx?.useGenericRemediator || false;\n\n return { \n ...data,\n options: { \n ...options, \n flow, \n withCredentials, \n remediators, \n actions,\n useGenericRemediator\n },\n status\n };\n}\n\nasync function getDataFromIntrospect(authClient, data: RunData): Promise<RunData> {\n const { options } = data;\n const {\n stateHandle,\n withCredentials,\n version,\n state,\n scopes,\n recoveryToken,\n activationToken,\n maxAge,\n } = options;\n\n let idxResponse;\n let meta = getSavedTransactionMeta(authClient, { state, recoveryToken, activationToken }); // may be undefined\n\n if (stateHandle) {\n idxResponse = await introspect(authClient, { withCredentials, version, stateHandle });\n } else {\n let interactionHandle = meta?.interactionHandle; // may be undefined\n if (!interactionHandle) {\n // start a new transaction\n authClient.transactionManager.clear();\n const interactResponse = await interact(authClient, {\n withCredentials,\n state,\n scopes,\n activationToken,\n recoveryToken,\n maxAge,\n }); \n interactionHandle = interactResponse.interactionHandle;\n meta = interactResponse.meta;\n }\n \n // Introspect to get idx response\n idxResponse = await introspect(authClient, { withCredentials, version, interactionHandle });\n }\n return { ...data, idxResponse, meta };\n}\n\nasync function getDataFromRemediate(authClient, data: RunData): Promise<RunData> {\n let {\n idxResponse,\n options,\n values\n } = data;\n\n const {\n autoRemediate,\n remediators,\n actions,\n flow,\n step,\n shouldProceedWithEmailAuthenticator, // will be removed in next major version\n useGenericRemediator,\n } = options;\n \n const shouldRemediate = (autoRemediate !== false && (remediators || actions || step));\n if (!shouldRemediate) {\n return data;\n }\n\n values = { \n ...values, \n stateHandle: idxResponse!.rawIdxState.stateHandle \n };\n\n // Can we handle the remediations?\n const { \n idxResponse: idxResponseFromRemediation, \n nextStep,\n canceled,\n } = await remediate(\n authClient,\n idxResponse!, \n values, \n {\n remediators,\n actions,\n flow,\n step,\n shouldProceedWithEmailAuthenticator, // will be removed in next major version\n useGenericRemediator,\n }\n );\n idxResponse = idxResponseFromRemediation;\n\n return { ...data, idxResponse, nextStep, canceled };\n}\n\nasync function getTokens(authClient, data: RunData): Promise<Tokens> {\n let { meta, idxResponse } = data;\n const { interactionCode } = idxResponse as IdxResponse;\n const {\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n urls,\n scopes,\n } = meta as IdxTransactionMeta;\n const tokenResponse = await authClient.token.exchangeCodeForTokens({\n interactionCode,\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n scopes\n }, urls);\n return tokenResponse.tokens;\n}\n\nasync function finalizeData(authClient, data: RunData): Promise<RunData> {\n let {\n options,\n idxResponse,\n canceled,\n status,\n } = data;\n const { exchangeCodeForTokens } = options;\n let shouldSaveResponse = false;\n let shouldClearTransaction = false;\n let clearSharedStorage = true;\n let interactionCode;\n let tokens;\n let enabledFeatures;\n let availableSteps;\n let messages;\n let terminal;\n\n if (idxResponse) {\n shouldSaveResponse = !!(idxResponse.requestDidSucceed || idxResponse.stepUp);\n enabledFeatures = getEnabledFeatures(idxResponse);\n availableSteps = getAvailableSteps(authClient, idxResponse, options.useGenericRemediator);\n messages = getMessagesFromResponse(idxResponse);\n terminal = isTerminalResponse(idxResponse);\n }\n\n if (terminal) {\n status = IdxStatus.TERMINAL;\n\n // In most cases a terminal response should not clear transaction data. The user should cancel or skip to continue.\n // A terminal \"success\" is a non-error response with no further actions available.\n // In these narrow cases, saved transaction data should be cleared.\n // One example of a terminal success is when the email verify flow is continued in another tab\n const hasActions = Object.keys(idxResponse!.actions).length > 0;\n const hasErrors = !!messages.find(msg => msg.class === 'ERROR');\n const isTerminalSuccess = !hasActions && !hasErrors && idxResponse!.requestDidSucceed === true;\n if (isTerminalSuccess) {\n shouldClearTransaction = true;\n } else {\n // only save response if there are actions available (ignore messages)\n shouldSaveResponse = shouldSaveResponse && hasActions;\n }\n // leave shared storage intact so the transaction can be continued in another tab\n clearSharedStorage = false;\n } else if (canceled) {\n status = IdxStatus.CANCELED;\n shouldClearTransaction = true;\n } else if (idxResponse?.interactionCode) { \n interactionCode = idxResponse.interactionCode;\n if (exchangeCodeForTokens === false) {\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = false;\n } else {\n tokens = await getTokens(authClient, data);\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = true;\n }\n }\n return {\n ...data,\n status,\n interactionCode,\n tokens,\n shouldSaveResponse,\n shouldClearTransaction,\n clearSharedStorage,\n enabledFeatures,\n availableSteps,\n messages,\n terminal\n };\n}\n\nfunction handleError(err, data: RunData): RunData {\n let { error, status, shouldClearTransaction } = data;\n\n // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors\n if (isIdxResponse(err)) {\n error = err;\n status = IdxStatus.FAILURE;\n shouldClearTransaction = true;\n } else {\n // error is not an IDX response, throw it like a regular error\n throw err;\n }\n\n return { ...data, error, status, shouldClearTransaction };\n}\n\nexport async function run(\n authClient: OktaAuthInterface, \n options: RunOptions = {},\n): Promise<IdxTransaction> {\n let data: RunData = {\n options,\n values: initializeValues(options)\n };\n\n data = initializeData(authClient, data);\n try {\n data = await getDataFromIntrospect(authClient, data);\n data = await getDataFromRemediate(authClient, data);\n } catch (err) {\n data = handleError(err, data);\n }\n data = await finalizeData(authClient, data);\n\n const {\n idxResponse,\n meta,\n shouldSaveResponse,\n shouldClearTransaction,\n clearSharedStorage,\n status,\n enabledFeatures,\n availableSteps,\n tokens,\n nextStep,\n messages,\n error,\n interactionCode\n } = data;\n\n if (shouldClearTransaction) {\n authClient.transactionManager.clear({ clearSharedStorage });\n }\n else {\n // ensures state is saved to sessionStorage\n saveTransactionMeta(authClient, { ...meta });\n\n if (shouldSaveResponse) {\n // Save intermediate idx response in storage to reduce introspect call\n const { rawIdxState: rawIdxResponse, requestDidSucceed } = idxResponse!;\n authClient.transactionManager.saveIdxResponse({\n rawIdxResponse,\n requestDidSucceed,\n stateHandle: idxResponse!.context?.stateHandle,\n interactionHandle: meta?.interactionHandle\n });\n }\n }\n \n // from idx-js, used by the widget\n const { actions, context, neededToProceed, proceed, rawIdxState, requestDidSucceed } = idxResponse || {};\n return {\n status: status!,\n ...(meta && { meta }),\n ...(enabledFeatures && { enabledFeatures }),\n ...(availableSteps && { availableSteps }),\n ...(tokens && { tokens }),\n ...(nextStep && { nextStep }),\n ...(messages && messages.length && { messages }),\n ...(error && { error }),\n interactionCode, // if options.exchangeCodeForTokens is false\n\n // from idx-js\n actions: actions!,\n context: context!,\n neededToProceed: neededToProceed!,\n proceed: proceed!,\n rawIdxState: rawIdxState!,\n requestDidSucceed\n };\n}\n"],"file":"run.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear","exchangeCodeForTokens"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,eAAeA,gBAAf,CACLC,UADK,EAELC,
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear","exchangeCodeForTokens"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAqB,GAAG,EAFnB,EAGoB;AACzB;AACAD,EAAAA,UAAU,CAACE,kBAAX,CAA8BC,KAA9B;AAEA,SAAO,cAAIH,UAAJ,EAAgB;AACrBI,IAAAA,qBAAqB,EAAE,KADF;AAErB,OAAGH;AAFkB,GAAhB,CAAP;AAID","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { OktaAuthInterface, IdxTransaction, StartOptions } from '../types';\n\nexport async function startTransaction(\n authClient: OktaAuthInterface, \n options: StartOptions = {}\n): Promise<IdxTransaction> {\n // Clear IDX response cache and saved transaction meta (if any)\n authClient.transactionManager.clear();\n\n return run(authClient, {\n exchangeCodeForTokens: false,\n ...options\n });\n}\n"],"file":"startTransaction.js"}
|
|
@@ -35,7 +35,8 @@ async function createTransactionMeta(authClient, options = {}) {
|
|
|
35
35
|
flow = 'default',
|
|
36
36
|
withCredentials = true,
|
|
37
37
|
activationToken = undefined,
|
|
38
|
-
recoveryToken = undefined
|
|
38
|
+
recoveryToken = undefined,
|
|
39
|
+
maxAge = undefined
|
|
39
40
|
} = { ...authClient.options,
|
|
40
41
|
...options
|
|
41
42
|
}; // local options override SDK options
|
|
@@ -44,7 +45,8 @@ async function createTransactionMeta(authClient, options = {}) {
|
|
|
44
45
|
flow,
|
|
45
46
|
withCredentials,
|
|
46
47
|
activationToken,
|
|
47
|
-
recoveryToken
|
|
48
|
+
recoveryToken,
|
|
49
|
+
maxAge
|
|
48
50
|
};
|
|
49
51
|
return meta;
|
|
50
52
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","options","tokenParams","token","prepareTokenParams","pkceMeta","flow","withCredentials","activationToken","undefined","recoveryToken","meta","hasSavedInteractionHandle","savedMeta","getSavedTransactionMeta","interactionHandle","transactionManager","load","e","isTransactionMetaValid","getTransactionMeta","validExistingMeta","saveTransactionMeta","save","muteWarning","clearTransactionMeta","clear","keys","isTransactionMetaValidForOptions","isTransactionMetaValidForFlow","shouldValidateFlow","mismatch","some","key","value"],"mappings":";;;;;;;;;;;;AAcA;;AACA;;AAfA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,qBAAf,CACLC,UADK,EAELC,OAA+B,GAAG,EAF7B,EAGwB;AAC7B,QAAMC,WAAW,GAAG,MAAMF,UAAU,CAACG,KAAX,CAAiBC,kBAAjB,CAAoCH,OAApC,CAA1B;AACA,QAAMI,QAAQ,GAAG,2BAAgBL,UAAhB,EAA4BE,WAA5B,CAAjB;AACA,MAAI;AACFI,IAAAA,IAAI,GAAG,SADL;AAEFC,IAAAA,eAAe,GAAG,IAFhB;AAGFC,IAAAA,eAAe,GAAGC,SAHhB;AAIFC,IAAAA,aAAa,GAAGD;
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","options","tokenParams","token","prepareTokenParams","pkceMeta","flow","withCredentials","activationToken","undefined","recoveryToken","maxAge","meta","hasSavedInteractionHandle","savedMeta","getSavedTransactionMeta","interactionHandle","transactionManager","load","e","isTransactionMetaValid","getTransactionMeta","validExistingMeta","saveTransactionMeta","save","muteWarning","clearTransactionMeta","clear","keys","isTransactionMetaValidForOptions","isTransactionMetaValidForFlow","shouldValidateFlow","mismatch","some","key","value"],"mappings":";;;;;;;;;;;;AAcA;;AACA;;AAfA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,qBAAf,CACLC,UADK,EAELC,OAA+B,GAAG,EAF7B,EAGwB;AAC7B,QAAMC,WAAW,GAAG,MAAMF,UAAU,CAACG,KAAX,CAAiBC,kBAAjB,CAAoCH,OAApC,CAA1B;AACA,QAAMI,QAAQ,GAAG,2BAAgBL,UAAhB,EAA4BE,WAA5B,CAAjB;AACA,MAAI;AACFI,IAAAA,IAAI,GAAG,SADL;AAEFC,IAAAA,eAAe,GAAG,IAFhB;AAGFC,IAAAA,eAAe,GAAGC,SAHhB;AAIFC,IAAAA,aAAa,GAAGD,SAJd;AAKFE,IAAAA,MAAM,GAAGF;AALP,MAMA,EAAE,GAAGT,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GANJ,CAH6B,CASc;;AAE3C,QAAMW,IAAwB,GAAG,EAC/B,GAAGP,QAD4B;AAE/BC,IAAAA,IAF+B;AAG/BC,IAAAA,eAH+B;AAI/BC,IAAAA,eAJ+B;AAK/BE,IAAAA,aAL+B;AAM/BC,IAAAA;AAN+B,GAAjC;AAQA,SAAOC,IAAP;AACD;;AAEM,SAASC,yBAAT,CAAmCb,UAAnC,EAAkEC,OAAlE,EAA6G;AAClH,QAAMa,SAAS,GAAGC,uBAAuB,CAACf,UAAD,EAAaC,OAAb,CAAzC;;AACA,MAAIa,SAAJ,aAAIA,SAAJ,eAAIA,SAAS,CAAEE,iBAAf,EAAkC;AAChC,WAAO,IAAP;AACD;;AACD,SAAO,KAAP;AACD,C,CAED;;;AACO,SAASD,uBAAT,CACLf,UADK,EAELC,OAFK,EAG2B;AAChCA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AACAA,EAAAA,OAAO,GAAG,EAAE,GAAGD,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GAAV,CAFgC,CAEiB;;AACjD,MAAIa,SAAJ;;AACA,MAAI;AACFA,IAAAA,SAAS,GAAGd,UAAU,CAACiB,kBAAX,CAA8BC,IAA9B,CAAmCjB,OAAnC,CAAZ;AACD,GAFD,CAEE,OAAOkB,CAAP,EAAU,CACV;AACD;;AAED,MAAI,CAACL,SAAL,EAAgB;AACd;AACD;;AAED,MAAIM,sBAAsB,CAACN,SAAD,EAAYb,OAAZ,CAA1B,EAAgD;AAC9C,WAAOa,SAAP;AACD,GAhB+B,CAkBhC;AACA;AACA;;;AACA,kBAAK,sEACH,4DADF;AAGD;;AAEM,eAAeO,kBAAf,CACLrB,UADK,EAELC,OAFK,EAGwB;AAC7BA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AACAA,EAAAA,OAAO,GAAG,EAAE,GAAGD,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GAAV,CAF6B,CAEoB;AACjD;;AACA,QAAMqB,iBAAiB,GAAGP,uBAAuB,CAACf,UAAD,EAAaC,OAAb,CAAjD;;AACA,MAAIqB,iBAAJ,EAAuB;AACrB,WAAOA,iBAAP;AACD,GAP4B,CAQ7B;;;AACA,SAAOvB,qBAAqB,CAACC,UAAD,EAAaC,OAAb,CAA5B;AACD;;AAEM,SAASsB,mBAAT,CAA8BvB,UAA9B,EAA6DY,IAA7D,EAAyE;AAC9EZ,EAAAA,UAAU,CAACiB,kBAAX,CAA8BO,IAA9B,CAAmCZ,IAAnC,EAAyC;AAAEa,IAAAA,WAAW,EAAE;AAAf,GAAzC;AACD;;AAEM,SAASC,oBAAT,CAA+B1B,UAA/B,EAAoE;AACzEA,EAAAA,UAAU,CAACiB,kBAAX,CAA8BU,KAA9B;AACD;;AAEM,SAASP,sBAAT,CAAiCR,IAAjC,EAAuCX,OAA+B,GAAI,EAA1E,EAAuF;AAC5F;AACA,QAAM2B,IAAI,GAAG,CACX,QADW,EAEX,UAFW,EAGX,aAHW,EAIX,OAJW,EAKX,eALW,EAMX,qBANW,EAOX,iBAPW,EAQX,eARW,CAAb;;AAUA,MAAIC,gCAAgC,CAACjB,IAAD,EAAOX,OAAP,EAAgB2B,IAAhB,CAAhC,KAA0D,KAA9D,EAAqE;AACnE,WAAO,KAAP;AACD,GAd2F,CAgB5F;;;AACA,QAAM;AAAEtB,IAAAA;AAAF,MAAWL,OAAjB;;AACA,MAAI6B,6BAA6B,CAAClB,IAAD,EAAON,IAAP,CAA7B,KAA8C,KAAlD,EAAyD;AACvD,WAAO,KAAP;AACD;;AAED,SAAO,IAAP;AACD;;AAEM,SAASwB,6BAAT,CAAuClB,IAAvC,EAA6CN,IAA7C,EAAmD;AACxD;AACA,QAAMyB,kBAAkB,GAAGzB,IAAI,IAAIA,IAAI,KAAK,SAAjB,IAA8BA,IAAI,KAAK,SAAlE;;AACA,MAAIyB,kBAAJ,EAAwB;AACtB,QAAIzB,IAAI,KAAKM,IAAI,CAACN,IAAlB,EAAwB;AACtB;AACA,aAAO,KAAP;AACD;AACF;;AACD,SAAO,IAAP;AACD;;AAEM,SAASuB,gCAAT,CAA0CjB,IAA1C,EAAgDX,OAAhD,EAAyD2B,IAAzD,EAA+D;AACpE;AACA;AACA,QAAMI,QAAQ,GAAGJ,IAAI,CAACK,IAAL,CAAUC,GAAG,IAAI;AAChC,UAAMC,KAAK,GAAGlC,OAAO,CAACiC,GAAD,CAArB;;AACA,QAAIC,KAAK,IAAIA,KAAK,KAAKvB,IAAI,CAACsB,GAAD,CAA3B,EAAkC;AAChC,aAAO,IAAP;AACD;AACF,GALgB,CAAjB;AAMA,SAAO,CAACF,QAAR;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuthInterface, IdxTransactionMeta, TransactionMetaOptions, PKCETransactionMeta } from '../types';\nimport { removeNils, warn } from '../util';\nimport { createOAuthMeta } from '../oidc';\n\n// Calculate new values\nexport async function createTransactionMeta(\n authClient: OktaAuthInterface,\n options: TransactionMetaOptions = {}\n): Promise<IdxTransactionMeta> {\n const tokenParams = await authClient.token.prepareTokenParams(options);\n const pkceMeta = createOAuthMeta(authClient, tokenParams) as PKCETransactionMeta;\n let {\n flow = 'default',\n withCredentials = true,\n activationToken = undefined,\n recoveryToken = undefined,\n maxAge = undefined,\n } = { ...authClient.options, ...options }; // local options override SDK options\n\n const meta: IdxTransactionMeta = {\n ...pkceMeta,\n flow,\n withCredentials,\n activationToken,\n recoveryToken,\n maxAge\n };\n return meta;\n}\n\nexport function hasSavedInteractionHandle(authClient: OktaAuthInterface, options?: TransactionMetaOptions): boolean {\n const savedMeta = getSavedTransactionMeta(authClient, options);\n if (savedMeta?.interactionHandle) {\n return true;\n }\n return false;\n}\n\n// Returns the saved transaction meta, if it exists and is valid\nexport function getSavedTransactionMeta(\n authClient: OktaAuthInterface,\n options?: TransactionMetaOptions\n): IdxTransactionMeta | undefined {\n options = removeNils(options);\n options = { ...authClient.options, ...options }; // local options override SDK options\n let savedMeta;\n try {\n savedMeta = authClient.transactionManager.load(options) as IdxTransactionMeta;\n } catch (e) {\n // ignore errors here\n }\n\n if (!savedMeta) {\n return;\n }\n\n if (isTransactionMetaValid(savedMeta, options)) {\n return savedMeta;\n }\n\n // existing meta is not valid for this configuration\n // this is common when changing configuration in local development environment\n // in a production environment, this may indicate that two apps are sharing a storage key\n warn('Saved transaction meta does not match the current configuration. ' + \n 'This may indicate that two apps are sharing a storage key.');\n\n}\n\nexport async function getTransactionMeta(\n authClient: OktaAuthInterface,\n options?: TransactionMetaOptions\n): Promise<IdxTransactionMeta> {\n options = removeNils(options);\n options = { ...authClient.options, ...options }; // local options override SDK options\n // Load existing transaction meta from storage\n const validExistingMeta = getSavedTransactionMeta(authClient, options);\n if (validExistingMeta) {\n return validExistingMeta;\n }\n // No existing? Create new transaction meta.\n return createTransactionMeta(authClient, options);\n}\n\nexport function saveTransactionMeta (authClient: OktaAuthInterface, meta): void {\n authClient.transactionManager.save(meta, { muteWarning: true });\n}\n\nexport function clearTransactionMeta (authClient: OktaAuthInterface): void {\n authClient.transactionManager.clear();\n}\n\nexport function isTransactionMetaValid (meta, options: TransactionMetaOptions = {}): boolean {\n // Validate against certain options. If these exist in options, they must match in meta\n const keys = [\n 'issuer',\n 'clientId',\n 'redirectUri',\n 'state',\n 'codeChallenge',\n 'codeChallengeMethod',\n 'activationToken',\n 'recoveryToken'\n ];\n if (isTransactionMetaValidForOptions(meta, options, keys) === false) {\n return false;\n }\n\n // Validate configured flow\n const { flow } = options;\n if (isTransactionMetaValidForFlow(meta, flow) === false) {\n return false;\n }\n\n return true;\n}\n\nexport function isTransactionMetaValidForFlow(meta, flow) {\n // Specific flows should not share transaction data\n const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';\n if (shouldValidateFlow) {\n if (flow !== meta.flow) {\n // The flow has changed; abandon the old transaction\n return false;\n }\n }\n return true;\n}\n\nexport function isTransactionMetaValidForOptions(meta, options, keys) {\n // returns false if values in meta do not match options\n // if the option does not have a value for a specific key, it is ignored\n const mismatch = keys.some(key => {\n const value = options[key];\n if (value && value !== meta[key]) {\n return true;\n }\n });\n return !mismatch;\n}\n"],"file":"transactionMeta.js"}
|