@okta/okta-auth-js 6.5.3 → 6.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +23 -0
- package/cjs/OktaAuth.js +23 -21
- package/cjs/OktaAuth.js.map +1 -1
- package/cjs/OktaUserAgent.js +2 -2
- package/cjs/ServiceManager.js +9 -9
- package/cjs/ServiceManager.js.map +1 -1
- package/cjs/TokenManager.js +6 -0
- package/cjs/TokenManager.js.map +1 -1
- package/cjs/errors/index.js +5 -0
- package/cjs/errors/index.js.map +1 -1
- package/cjs/http/request.js.map +1 -1
- package/cjs/idx/authenticate.js.map +1 -1
- package/cjs/idx/cancel.js.map +1 -1
- package/cjs/idx/emailVerify.js.map +1 -1
- package/cjs/idx/flow/FlowSpecification.js.map +1 -1
- package/cjs/idx/idxState/index.js +1 -1
- package/cjs/idx/idxState/index.js.map +1 -1
- package/cjs/idx/idxState/v1/generateIdxAction.js +2 -4
- package/cjs/idx/idxState/v1/generateIdxAction.js.map +1 -1
- package/cjs/idx/idxState/v1/idxResponseParser.js.map +1 -1
- package/cjs/idx/idxState/v1/makeIdxState.js.map +1 -1
- package/cjs/idx/idxState/v1/remediationParser.js.map +1 -1
- package/cjs/idx/interact.js +1 -3
- package/cjs/idx/interact.js.map +1 -1
- package/cjs/idx/introspect.js.map +1 -1
- package/cjs/idx/poll.js.map +1 -1
- package/cjs/idx/proceed.js.map +1 -1
- package/cjs/idx/recoverPassword.js.map +1 -1
- package/cjs/idx/register.js.map +1 -1
- package/cjs/idx/remediate.js +8 -12
- package/cjs/idx/remediate.js.map +1 -1
- package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
- package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
- package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
- package/cjs/idx/remediators/EnrollPoll.js.map +1 -1
- package/cjs/idx/remediators/EnrollmentChannelData.js.map +1 -1
- package/cjs/idx/remediators/GenericRemediator/GenericRemediator.js +1 -3
- package/cjs/idx/remediators/GenericRemediator/GenericRemediator.js.map +1 -1
- package/cjs/idx/remediators/GenericRemediator/util.js +7 -1
- package/cjs/idx/remediators/GenericRemediator/util.js.map +1 -1
- package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -1
- package/cjs/idx/run.js +8 -10
- package/cjs/idx/run.js.map +1 -1
- package/cjs/idx/startTransaction.js.map +1 -1
- package/cjs/idx/transactionMeta.js.map +1 -1
- package/cjs/idx/types/api.js.map +1 -1
- package/cjs/idx/unlockAccount.js.map +1 -1
- package/cjs/idx/util.js +22 -27
- package/cjs/idx/util.js.map +1 -1
- package/cjs/oidc/endpoints/token.js.map +1 -1
- package/cjs/oidc/endpoints/well-known.js.map +1 -1
- package/cjs/oidc/exchangeCodeForTokens.js.map +1 -1
- package/cjs/oidc/getToken.js.map +1 -1
- package/cjs/oidc/getUserInfo.js.map +1 -1
- package/cjs/oidc/getWithPopup.js.map +1 -1
- package/cjs/oidc/getWithRedirect.js.map +1 -1
- package/cjs/oidc/getWithoutPrompt.js.map +1 -1
- package/cjs/oidc/handleOAuthResponse.js +1 -3
- package/cjs/oidc/handleOAuthResponse.js.map +1 -1
- package/cjs/oidc/renewToken.js.map +1 -1
- package/cjs/oidc/renewTokensWithRefresh.js +26 -15
- package/cjs/oidc/renewTokensWithRefresh.js.map +1 -1
- package/cjs/oidc/revokeToken.js.map +1 -1
- package/cjs/oidc/util/browser.js.map +1 -1
- package/cjs/oidc/util/defaultTokenParams.js.map +1 -1
- package/cjs/oidc/util/errors.js +8 -0
- package/cjs/oidc/util/errors.js.map +1 -1
- package/cjs/oidc/util/loginRedirect.js.map +1 -1
- package/cjs/oidc/util/oauth.js.map +1 -1
- package/cjs/oidc/util/oauthMeta.js.map +1 -1
- package/cjs/oidc/util/prepareTokenParams.js.map +1 -1
- package/cjs/oidc/util/validateClaims.js.map +1 -1
- package/cjs/oidc/verifyToken.js.map +1 -1
- package/cjs/options/index.js +5 -2
- package/cjs/options/index.js.map +1 -1
- package/cjs/tx/AuthTransaction.js +1 -1
- package/cjs/tx/AuthTransaction.js.map +1 -1
- package/cjs/tx/api.js +3 -5
- package/cjs/tx/api.js.map +1 -1
- package/cjs/tx/poll.js +1 -3
- package/cjs/tx/poll.js.map +1 -1
- package/dist/okta-auth-js.min.js +1 -1
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.umd.js +1 -1
- package/dist/okta-auth-js.umd.js.map +1 -1
- package/esm/esm.browser.js +577 -446
- package/esm/esm.browser.js.map +1 -1
- package/esm/esm.node.mjs +577 -446
- package/esm/esm.node.mjs.map +1 -1
- package/lib/OktaAuth.d.ts +4 -4
- package/lib/ServiceManager.d.ts +2 -2
- package/lib/TokenManager.d.ts +1 -0
- package/lib/errors/index.d.ts +2 -1
- package/lib/http/request.d.ts +4 -4
- package/lib/idx/authenticate.d.ts +2 -2
- package/lib/idx/cancel.d.ts +2 -2
- package/lib/idx/emailVerify.d.ts +2 -2
- package/lib/idx/flow/FlowSpecification.d.ts +2 -2
- package/lib/idx/idxState/index.d.ts +3 -3
- package/lib/idx/idxState/v1/generateIdxAction.d.ts +2 -2
- package/lib/idx/idxState/v1/idxResponseParser.d.ts +3 -3
- package/lib/idx/idxState/v1/makeIdxState.d.ts +3 -3
- package/lib/idx/idxState/v1/remediationParser.d.ts +2 -2
- package/lib/idx/interact.d.ts +2 -2
- package/lib/idx/introspect.d.ts +2 -2
- package/lib/idx/poll.d.ts +2 -2
- package/lib/idx/proceed.d.ts +3 -3
- package/lib/idx/recoverPassword.d.ts +2 -2
- package/lib/idx/register.d.ts +2 -2
- package/lib/idx/remediate.d.ts +2 -2
- package/lib/idx/remediators/Base/AuthenticatorData.d.ts +2 -2
- package/lib/idx/remediators/Base/Remediator.d.ts +2 -2
- package/lib/idx/remediators/Base/SelectAuthenticator.d.ts +2 -2
- package/lib/idx/remediators/Base/VerifyAuthenticator.d.ts +2 -2
- package/lib/idx/remediators/EnrollPoll.d.ts +2 -2
- package/lib/idx/remediators/EnrollmentChannelData.d.ts +2 -2
- package/lib/idx/remediators/GenericRemediator/GenericRemediator.d.ts +2 -2
- package/lib/idx/remediators/SelectEnrollmentChannel.d.ts +2 -2
- package/lib/idx/run.d.ts +2 -2
- package/lib/idx/startTransaction.d.ts +2 -2
- package/lib/idx/transactionMeta.d.ts +7 -7
- package/lib/idx/types/api.d.ts +0 -1
- package/lib/idx/unlockAccount.d.ts +2 -2
- package/lib/idx/util.d.ts +6 -6
- package/lib/oidc/endpoints/token.d.ts +2 -2
- package/lib/oidc/endpoints/well-known.d.ts +3 -3
- package/lib/oidc/exchangeCodeForTokens.d.ts +2 -2
- package/lib/oidc/getToken.d.ts +2 -2
- package/lib/oidc/getUserInfo.d.ts +2 -2
- package/lib/oidc/getWithPopup.d.ts +2 -2
- package/lib/oidc/getWithRedirect.d.ts +2 -2
- package/lib/oidc/getWithoutPrompt.d.ts +2 -2
- package/lib/oidc/handleOAuthResponse.d.ts +2 -2
- package/lib/oidc/renewToken.d.ts +2 -2
- package/lib/oidc/renewTokensWithRefresh.d.ts +2 -2
- package/lib/oidc/revokeToken.d.ts +2 -2
- package/lib/oidc/util/browser.d.ts +2 -2
- package/lib/oidc/util/defaultTokenParams.d.ts +2 -2
- package/lib/oidc/util/errors.d.ts +3 -2
- package/lib/oidc/util/loginRedirect.d.ts +4 -4
- package/lib/oidc/util/oauth.d.ts +4 -4
- package/lib/oidc/util/oauthMeta.d.ts +2 -2
- package/lib/oidc/util/prepareTokenParams.d.ts +5 -5
- package/lib/oidc/util/validateClaims.d.ts +2 -2
- package/lib/oidc/verifyToken.d.ts +2 -2
- package/lib/tx/api.d.ts +2 -3
- package/lib/types/OktaAuthOptions.d.ts +2 -2
- package/lib/types/Service.d.ts +2 -2
- package/lib/types/TokenManager.d.ts +1 -0
- package/lib/types/UserClaims.d.ts +4 -1
- package/lib/types/api.d.ts +28 -8
- package/package.json +13 -23
package/cjs/idx/run.js
CHANGED
|
@@ -41,7 +41,7 @@ var _util = require("./util");
|
|
|
41
41
|
/* eslint-disable max-statements, complexity, max-depth */
|
|
42
42
|
function initializeValues(options) {
|
|
43
43
|
// remove known options, everything else is assumed to be a value
|
|
44
|
-
const knownOptions = ['flow', 'remediators', 'actions', 'withCredentials', 'step', 'shouldProceedWithEmailAuthenticator'];
|
|
44
|
+
const knownOptions = ['flow', 'remediators', 'actions', 'withCredentials', 'step', 'useGenericRemediator', 'exchangeCodeForTokens', 'shouldProceedWithEmailAuthenticator'];
|
|
45
45
|
const values = { ...options
|
|
46
46
|
};
|
|
47
47
|
knownOptions.forEach(option => {
|
|
@@ -51,17 +51,17 @@ function initializeValues(options) {
|
|
|
51
51
|
}
|
|
52
52
|
|
|
53
53
|
function initializeData(authClient, data) {
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
const {
|
|
54
|
+
let {
|
|
57
55
|
options
|
|
58
56
|
} = data;
|
|
57
|
+
options = { ...authClient.options.idx,
|
|
58
|
+
...options
|
|
59
|
+
};
|
|
59
60
|
let {
|
|
60
61
|
flow,
|
|
61
62
|
withCredentials,
|
|
62
63
|
remediators,
|
|
63
|
-
actions
|
|
64
|
-
useGenericRemediator
|
|
64
|
+
actions
|
|
65
65
|
} = options;
|
|
66
66
|
const status = _types.IdxStatus.PENDING; // certain options can be set by the flow specification
|
|
67
67
|
|
|
@@ -76,14 +76,12 @@ function initializeData(authClient, data) {
|
|
|
76
76
|
actions = actions || flowSpec.actions;
|
|
77
77
|
}
|
|
78
78
|
|
|
79
|
-
useGenericRemediator = useGenericRemediator || ((_authClient$options$i = authClient.options.idx) === null || _authClient$options$i === void 0 ? void 0 : _authClient$options$i.useGenericRemediator) || false;
|
|
80
79
|
return { ...data,
|
|
81
80
|
options: { ...options,
|
|
82
81
|
flow,
|
|
83
82
|
withCredentials,
|
|
84
83
|
remediators,
|
|
85
|
-
actions
|
|
86
|
-
useGenericRemediator
|
|
84
|
+
actions
|
|
87
85
|
},
|
|
88
86
|
status
|
|
89
87
|
};
|
|
@@ -248,7 +246,7 @@ async function finalizeData(authClient, data) {
|
|
|
248
246
|
shouldSaveResponse = !!(idxResponse.requestDidSucceed || idxResponse.stepUp);
|
|
249
247
|
enabledFeatures = (0, _util.getEnabledFeatures)(idxResponse);
|
|
250
248
|
availableSteps = (0, _util.getAvailableSteps)(authClient, idxResponse, options.useGenericRemediator);
|
|
251
|
-
messages = (0, _util.getMessagesFromResponse)(idxResponse);
|
|
249
|
+
messages = (0, _util.getMessagesFromResponse)(idxResponse, options);
|
|
252
250
|
terminal = (0, _util.isTerminalResponse)(idxResponse);
|
|
253
251
|
}
|
|
254
252
|
|
package/cjs/idx/run.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["initializeValues","options","knownOptions","values","forEach","option","initializeData","authClient","data","flow","withCredentials","remediators","actions","useGenericRemediator","status","IdxStatus","PENDING","idx","getFlow","setFlow","flowSpec","getDataFromIntrospect","stateHandle","version","state","scopes","recoveryToken","activationToken","maxAge","idxResponse","meta","interactionHandle","transactionManager","clear","interactResponse","getDataFromRemediate","autoRemediate","step","shouldProceedWithEmailAuthenticator","shouldRemediate","rawIdxState","idxResponseFromRemediation","nextStep","canceled","getTokens","interactionCode","clientId","codeVerifier","ignoreSignature","redirectUri","urls","tokenResponse","token","exchangeCodeForTokens","tokens","finalizeData","shouldSaveResponse","shouldClearTransaction","clearSharedStorage","enabledFeatures","availableSteps","messages","terminal","requestDidSucceed","stepUp","TERMINAL","hasActions","length","hasErrors","msg","class","isTerminalSuccess","CANCELED","SUCCESS","handleError","err","error","FAILURE","run","rawIdxResponse","saveIdxResponse","context","neededToProceed","proceed"],"mappings":";;;;;;;;;;AAeA;;AACA;;AACA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AAjCA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAwCA,SAASA,gBAAT,CAA0BC,OAA1B,EAA+C;AAC7C;AACA,QAAMC,YAAY,GAAG,CACnB,MADmB,EAEnB,aAFmB,EAGnB,SAHmB,EAInB,iBAJmB,EAKnB,MALmB,EAMnB,qCANmB,CAArB;AAQA,QAAMC,MAAM,GAAG,EAAE,GAAGF;AAAL,GAAf;AACAC,EAAAA,YAAY,CAACE,OAAb,CAAqBC,MAAM,IAAI;AAC7B,WAAOF,MAAM,CAACE,MAAD,CAAb;AACD,GAFD;AAGA,SAAOF,MAAP;AACD;;AAED,SAASG,cAAT,CAAwBC,UAAxB,EAAoCC,IAApC,EAA4D;AAAA;;AAC1D,QAAM;AAAEP,IAAAA;AAAF,MAAcO,IAApB;AACA,MAAI;AACFC,IAAAA,IADE;AAEFC,IAAAA,eAFE;AAGFC,IAAAA,WAHE;AAIFC,IAAAA,OAJE;AAKFC,IAAAA;AALE,MAMAZ,OANJ;AAQA,QAAMa,MAAM,GAAGC,iBAAUC,OAAzB,CAV0D,CAY1D;;AACAP,EAAAA,IAAI,GAAGA,IAAI,IAAIF,UAAU,CAACU,GAAX,CAAeC,OAAf,EAAR,IAAoC,SAA3C;;AACA,MAAIT,IAAJ,EAAU;AACRF,IAAAA,UAAU,CAACU,GAAX,CAAeE,OAAf,CAAuBV,IAAvB;AACA,UAAMW,QAAQ,GAAG,gCAAqBb,UAArB,EAAiCE,IAAjC,CAAjB,CAFQ,CAGR;;AACAC,IAAAA,eAAe,GAAI,OAAOA,eAAP,KAA2B,WAA5B,GAA2CA,eAA3C,GAA6DU,QAAQ,CAACV,eAAxF;AACAC,IAAAA,WAAW,GAAGA,WAAW,IAAIS,QAAQ,CAACT,WAAtC;AACAC,IAAAA,OAAO,GAAGA,OAAO,IAAIQ,QAAQ,CAACR,OAA9B;AACD;;AAEDC,EAAAA,oBAAoB,GAAGA,oBAAoB,8BAAIN,UAAU,CAACN,OAAX,CAAmBgB,GAAvB,0DAAI,sBAAwBJ,oBAA5B,CAApB,IAAwE,KAA/F;AAEA,SAAO,EACL,GAAGL,IADE;AAELP,IAAAA,OAAO,EAAE,EACP,GAAGA,OADI;AAEPQ,MAAAA,IAFO;AAGPC,MAAAA,eAHO;AAIPC,MAAAA,WAJO;AAKPC,MAAAA,OALO;AAMPC,MAAAA;AANO,KAFJ;AAULC,IAAAA;AAVK,GAAP;AAYD;;AAED,eAAeO,qBAAf,CAAqCd,UAArC,EAAiDC,IAAjD,EAAkF;AAChF,QAAM;AAAEP,IAAAA;AAAF,MAAcO,IAApB;AACA,QAAM;AACJc,IAAAA,WADI;AAEJZ,IAAAA,eAFI;AAGJa,IAAAA,OAHI;AAIJC,IAAAA,KAJI;AAKJC,IAAAA,MALI;AAMJC,IAAAA,aANI;AAOJC,IAAAA,eAPI;AAQJC,IAAAA;AARI,MASF3B,OATJ;AAWA,MAAI4B,WAAJ;AACA,MAAIC,IAAI,GAAG,8CAAwBvB,UAAxB,EAAoC;AAAEiB,IAAAA,KAAF;AAASE,IAAAA,aAAT;AAAwBC,IAAAA;AAAxB,GAApC,CAAX,CAdgF,CAcW;;AAE3F,MAAIL,WAAJ,EAAiB;AACfO,IAAAA,WAAW,GAAG,MAAM,4BAAWtB,UAAX,EAAuB;AAAEG,MAAAA,eAAF;AAAmBa,MAAAA,OAAnB;AAA4BD,MAAAA;AAA5B,KAAvB,CAApB;AACD,GAFD,MAEO;AAAA;;AACL,QAAIS,iBAAiB,YAAGD,IAAH,0CAAG,MAAMC,iBAA9B,CADK,CAC4C;;AACjD,QAAI,CAACA,iBAAL,EAAwB;AACtB;AACAxB,MAAAA,UAAU,CAACyB,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAAS3B,UAAT,EAAqB;AAClDG,QAAAA,eADkD;AAElDc,QAAAA,KAFkD;AAGlDC,QAAAA,MAHkD;AAIlDE,QAAAA,eAJkD;AAKlDD,QAAAA,aALkD;AAMlDE,QAAAA;AANkD,OAArB,CAA/B;AAQAG,MAAAA,iBAAiB,GAAGG,gBAAgB,CAACH,iBAArC;AACAD,MAAAA,IAAI,GAAGI,gBAAgB,CAACJ,IAAxB;AACD,KAfI,CAiBL;;;AACAD,IAAAA,WAAW,GAAG,MAAM,4BAAWtB,UAAX,EAAuB;AAAEG,MAAAA,eAAF;AAAmBa,MAAAA,OAAnB;AAA4BQ,MAAAA;AAA5B,KAAvB,CAApB;AACD;;AACD,SAAO,EAAE,GAAGvB,IAAL;AAAWqB,IAAAA,WAAX;AAAwBC,IAAAA;AAAxB,GAAP;AACD;;AAED,eAAeK,oBAAf,CAAoC5B,UAApC,EAAgDC,IAAhD,EAAiF;AAC/E,MAAI;AACFqB,IAAAA,WADE;AAEF5B,IAAAA,OAFE;AAGFE,IAAAA;AAHE,MAIAK,IAJJ;AAMA,QAAM;AACJ4B,IAAAA,aADI;AAEJzB,IAAAA,WAFI;AAGJC,IAAAA,OAHI;AAIJH,IAAAA,IAJI;AAKJ4B,IAAAA,IALI;AAMJC,IAAAA,mCANI;AAMiC;AACrCzB,IAAAA;AAPI,MAQFZ,OARJ;AAUA,QAAMsC,eAAe,GAAIH,aAAa,KAAK,KAAlB,KAA4BzB,WAAW,IAAIC,OAAf,IAA0ByB,IAAtD,CAAzB;;AACA,MAAI,CAACE,eAAL,EAAsB;AACpB,WAAO/B,IAAP;AACD;;AAEDL,EAAAA,MAAM,GAAG,EACP,GAAGA,MADI;AAEPmB,IAAAA,WAAW,EAAEO,WAAW,CAAEW,WAAb,CAAyBlB;AAF/B,GAAT,CAtB+E,CA2B/E;;AACA,QAAM;AACJO,IAAAA,WAAW,EAAEY,0BADT;AAEJC,IAAAA,QAFI;AAGJC,IAAAA;AAHI,MAIF,MAAM,0BACRpC,UADQ,EAERsB,WAFQ,EAGR1B,MAHQ,EAIR;AACEQ,IAAAA,WADF;AAEEC,IAAAA,OAFF;AAGEH,IAAAA,IAHF;AAIE4B,IAAAA,IAJF;AAKEC,IAAAA,mCALF;AAKuC;AACrCzB,IAAAA;AANF,GAJQ,CAJV;AAiBAgB,EAAAA,WAAW,GAAGY,0BAAd;AAEA,SAAO,EAAE,GAAGjC,IAAL;AAAWqB,IAAAA,WAAX;AAAwBa,IAAAA,QAAxB;AAAkCC,IAAAA;AAAlC,GAAP;AACD;;AAED,eAAeC,SAAf,CAAyBrC,UAAzB,EAAqCC,IAArC,EAAqE;AACnE,MAAI;AAAEsB,IAAAA,IAAF;AAAQD,IAAAA;AAAR,MAAwBrB,IAA5B;AACA,QAAM;AAAEqC,IAAAA;AAAF,MAAsBhB,WAA5B;AACA,QAAM;AACJiB,IAAAA,QADI;AAEJC,IAAAA,YAFI;AAGJC,IAAAA,eAHI;AAIJC,IAAAA,WAJI;AAKJC,IAAAA,IALI;AAMJzB,IAAAA;AANI,MAOFK,IAPJ;AAQA,QAAMqB,aAAa,GAAG,MAAM5C,UAAU,CAAC6C,KAAX,CAAiBC,qBAAjB,CAAuC;AACjER,IAAAA,eADiE;AAEjEC,IAAAA,QAFiE;AAGjEC,IAAAA,YAHiE;AAIjEC,IAAAA,eAJiE;AAKjEC,IAAAA,WALiE;AAMjExB,IAAAA;AANiE,GAAvC,EAOzByB,IAPyB,CAA5B;AAQA,SAAOC,aAAa,CAACG,MAArB;AACD;;AAED,eAAeC,YAAf,CAA4BhD,UAA5B,EAAwCC,IAAxC,EAAyE;AACvE,MAAI;AACFP,IAAAA,OADE;AAEF4B,IAAAA,WAFE;AAGFc,IAAAA,QAHE;AAIF7B,IAAAA;AAJE,MAKAN,IALJ;AAMA,QAAM;AAAE6C,IAAAA;AAAF,MAA4BpD,OAAlC;AACA,MAAIuD,kBAAkB,GAAG,KAAzB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAIC,kBAAkB,GAAG,IAAzB;AACA,MAAIb,eAAJ;AACA,MAAIS,MAAJ;AACA,MAAIK,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;;AAEA,MAAIjC,WAAJ,EAAiB;AACf2B,IAAAA,kBAAkB,GAAG,CAAC,EAAE3B,WAAW,CAACkC,iBAAZ,IAAiClC,WAAW,CAACmC,MAA/C,CAAtB;AACAL,IAAAA,eAAe,GAAG,8BAAmB9B,WAAnB,CAAlB;AACA+B,IAAAA,cAAc,GAAG,6BAAkBrD,UAAlB,EAA8BsB,WAA9B,EAA2C5B,OAAO,CAACY,oBAAnD,CAAjB;AACAgD,IAAAA,QAAQ,GAAG,mCAAwBhC,WAAxB,CAAX;AACAiC,IAAAA,QAAQ,GAAG,8BAAmBjC,WAAnB,CAAX;AACD;;AAED,MAAIiC,QAAJ,EAAc;AACZhD,IAAAA,MAAM,GAAGC,iBAAUkD,QAAnB,CADY,CAGZ;AACA;AACA;AACA;;AACA,UAAMC,UAAU,GAAG,mBAAYrC,WAAW,CAAEjB,OAAzB,EAAkCuD,MAAlC,GAA2C,CAA9D;AACA,UAAMC,SAAS,GAAG,CAAC,CAAC,mBAAAP,QAAQ,MAAR,CAAAA,QAAQ,EAAMQ,GAAG,IAAIA,GAAG,CAACC,KAAJ,KAAc,OAA3B,CAA5B;AACA,UAAMC,iBAAiB,GAAG,CAACL,UAAD,IAAe,CAACE,SAAhB,IAA6BvC,WAAW,CAAEkC,iBAAb,KAAmC,IAA1F;;AACA,QAAIQ,iBAAJ,EAAuB;AACrBd,MAAAA,sBAAsB,GAAG,IAAzB;AACD,KAFD,MAEO;AACL;AACAD,MAAAA,kBAAkB,GAAGA,kBAAkB,IAAIU,UAA3C;AACD,KAfW,CAgBZ;;;AACAR,IAAAA,kBAAkB,GAAG,KAArB;AACD,GAlBD,MAkBO,IAAIf,QAAJ,EAAc;AACnB7B,IAAAA,MAAM,GAAGC,iBAAUyD,QAAnB;AACAf,IAAAA,sBAAsB,GAAG,IAAzB;AACD,GAHM,MAGA,IAAI5B,WAAJ,aAAIA,WAAJ,eAAIA,WAAW,CAAEgB,eAAjB,EAAkC;AACvCA,IAAAA,eAAe,GAAGhB,WAAW,CAACgB,eAA9B;;AACA,QAAIQ,qBAAqB,KAAK,KAA9B,EAAqC;AACnCvC,MAAAA,MAAM,GAAGC,iBAAU0D,OAAnB;AACAhB,MAAAA,sBAAsB,GAAG,KAAzB;AACD,KAHD,MAGO;AACLH,MAAAA,MAAM,GAAG,MAAMV,SAAS,CAACrC,UAAD,EAAaC,IAAb,CAAxB;AACAM,MAAAA,MAAM,GAAGC,iBAAU0D,OAAnB;AACAhB,MAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;;AACD,SAAO,EACL,GAAGjD,IADE;AAELM,IAAAA,MAFK;AAGL+B,IAAAA,eAHK;AAILS,IAAAA,MAJK;AAKLE,IAAAA,kBALK;AAMLC,IAAAA,sBANK;AAOLC,IAAAA,kBAPK;AAQLC,IAAAA,eARK;AASLC,IAAAA,cATK;AAULC,IAAAA,QAVK;AAWLC,IAAAA;AAXK,GAAP;AAaD;;AAED,SAASY,WAAT,CAAqBC,GAArB,EAA0BnE,IAA1B,EAAkD;AAChD,MAAI;AAAEoE,IAAAA,KAAF;AAAS9D,IAAAA,MAAT;AAAiB2C,IAAAA;AAAjB,MAA4CjD,IAAhD,CADgD,CAGhD;;AACA,MAAI,0BAAcmE,GAAd,CAAJ,EAAwB;AACtBC,IAAAA,KAAK,GAAGD,GAAR;AACA7D,IAAAA,MAAM,GAAGC,iBAAU8D,OAAnB;AACApB,IAAAA,sBAAsB,GAAG,IAAzB;AACD,GAJD,MAIO;AACL;AACA,UAAMkB,GAAN;AACD;;AAED,SAAO,EAAE,GAAGnE,IAAL;AAAWoE,IAAAA,KAAX;AAAkB9D,IAAAA,MAAlB;AAA0B2C,IAAAA;AAA1B,GAAP;AACD;;AAEM,eAAeqB,GAAf,CACLvE,UADK,EAELN,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIO,IAAa,GAAG;AAClBP,IAAAA,OADkB;AAElBE,IAAAA,MAAM,EAAEH,gBAAgB,CAACC,OAAD;AAFN,GAApB;AAKAO,EAAAA,IAAI,GAAGF,cAAc,CAACC,UAAD,EAAaC,IAAb,CAArB;;AACA,MAAI;AACFA,IAAAA,IAAI,GAAG,MAAMa,qBAAqB,CAACd,UAAD,EAAaC,IAAb,CAAlC;AACAA,IAAAA,IAAI,GAAG,MAAM2B,oBAAoB,CAAC5B,UAAD,EAAaC,IAAb,CAAjC;AACD,GAHD,CAGE,OAAOmE,GAAP,EAAY;AACZnE,IAAAA,IAAI,GAAGkE,WAAW,CAACC,GAAD,EAAMnE,IAAN,CAAlB;AACD;;AACDA,EAAAA,IAAI,GAAG,MAAM+C,YAAY,CAAChD,UAAD,EAAaC,IAAb,CAAzB;AAEA,QAAM;AACJqB,IAAAA,WADI;AAEJC,IAAAA,IAFI;AAGJ0B,IAAAA,kBAHI;AAIJC,IAAAA,sBAJI;AAKJC,IAAAA,kBALI;AAMJ5C,IAAAA,MANI;AAOJ6C,IAAAA,eAPI;AAQJC,IAAAA,cARI;AASJN,IAAAA,MATI;AAUJZ,IAAAA,QAVI;AAWJmB,IAAAA,QAXI;AAYJe,IAAAA,KAZI;AAaJ/B,IAAAA;AAbI,MAcFrC,IAdJ;;AAgBA,MAAIiD,sBAAJ,EAA4B;AAC1BlD,IAAAA,UAAU,CAACyB,kBAAX,CAA8BC,KAA9B,CAAoC;AAAEyB,MAAAA;AAAF,KAApC;AACD,GAFD,MAGK;AACH;AACA,8CAAoBnD,UAApB,EAAgC,EAAE,GAAGuB;AAAL,KAAhC;;AAEA,QAAI0B,kBAAJ,EAAwB;AAAA;;AACtB;AACA,YAAM;AAAEhB,QAAAA,WAAW,EAAEuC,cAAf;AAA+BhB,QAAAA;AAA/B,UAAqDlC,WAA3D;AACAtB,MAAAA,UAAU,CAACyB,kBAAX,CAA8BgD,eAA9B,CAA8C;AAC5CD,QAAAA,cAD4C;AAE5ChB,QAAAA,iBAF4C;AAG5CzC,QAAAA,WAAW,cAAEO,WAAW,CAAEoD,OAAf,6CAAE,SAAsB3D,WAHS;AAI5CS,QAAAA,iBAAiB,EAAED,IAAF,aAAEA,IAAF,uBAAEA,IAAI,CAAEC;AAJmB,OAA9C;AAMD;AACF,GAhDwB,CAkDzB;;;AACA,QAAM;AAAEnB,IAAAA,OAAF;AAAWqE,IAAAA,OAAX;AAAoBC,IAAAA,eAApB;AAAqCC,IAAAA,OAArC;AAA8C3C,IAAAA,WAA9C;AAA2DuB,IAAAA,iBAA3D;AAA8EC,IAAAA;AAA9E,MAAyFnC,WAAW,IAAI,EAA9G;AACA,SAAO;AACLf,IAAAA,MAAM,EAAEA,MADH;AAEL,QAAIgB,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAFK;AAGL,QAAI6B,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAHK;AAIL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CAJK;AAKL,QAAIN,MAAM,IAAI;AAAEA,MAAAA;AAAF,KAAd,CALK;AAML,QAAIZ,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CANK;AAOL,QAAImB,QAAQ,IAAIA,QAAQ,CAACM,MAArB,IAA+B;AAAEN,MAAAA;AAAF,KAAnC,CAPK;AAQL,QAAIe,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb,CARK;AASL,QAAIZ,MAAM,IAAI;AAAEA,MAAAA;AAAF,KAAd,CATK;AAULnB,IAAAA,eAVK;AAUY;AAEjB;AACAjC,IAAAA,OAAO,EAAEA,OAbJ;AAcLqE,IAAAA,OAAO,EAAEA,OAdJ;AAeLC,IAAAA,eAAe,EAAEA,eAfZ;AAgBLC,IAAAA,OAAO,EAAEA,OAhBJ;AAiBL3C,IAAAA,WAAW,EAAEA,WAjBR;AAkBLuB,IAAAA;AAlBK,GAAP;AAoBD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate } from './remediate';\nimport { getFlowSpecification } from './flow';\nimport * as remediators from './remediators';\nimport { \n OktaAuthInterface,\n IdxStatus,\n IdxTransaction,\n IdxFeature,\n NextStep,\n RunOptions,\n IdxTransactionMeta,\n Tokens,\n APIError,\n} from '../types';\nimport { IdxMessage, IdxResponse, isIdxResponse } from './types/idx-js';\nimport { getSavedTransactionMeta, saveTransactionMeta } from './transactionMeta';\nimport { getAvailableSteps, getEnabledFeatures, getMessagesFromResponse, isTerminalResponse } from './util';\ndeclare interface RunData {\n options: RunOptions;\n values: remediators.RemediationValues;\n status?: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError | IdxResponse;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n idxResponse?: IdxResponse;\n canceled?: boolean;\n interactionCode?: string;\n shouldSaveResponse?: boolean;\n shouldClearTransaction?: boolean;\n clearSharedStorage?: boolean;\n terminal?: boolean;\n}\n\nfunction initializeValues(options: RunOptions) {\n // remove known options, everything else is assumed to be a value\n const knownOptions = [\n 'flow', \n 'remediators', \n 'actions', \n 'withCredentials', \n 'step', \n 'shouldProceedWithEmailAuthenticator'\n ];\n const values = { ...options };\n knownOptions.forEach(option => {\n delete values[option];\n });\n return values;\n}\n\nfunction initializeData(authClient, data: RunData): RunData {\n const { options } = data;\n let {\n flow,\n withCredentials,\n remediators,\n actions,\n useGenericRemediator\n } = options;\n\n const status = IdxStatus.PENDING;\n\n // certain options can be set by the flow specification\n flow = flow || authClient.idx.getFlow() || 'default';\n if (flow) {\n authClient.idx.setFlow(flow);\n const flowSpec = getFlowSpecification(authClient, flow);\n // Favor option values over flow spec\n withCredentials = (typeof withCredentials !== 'undefined') ? withCredentials : flowSpec.withCredentials;\n remediators = remediators || flowSpec.remediators;\n actions = actions || flowSpec.actions;\n }\n\n useGenericRemediator = useGenericRemediator || authClient.options.idx?.useGenericRemediator || false;\n\n return { \n ...data,\n options: { \n ...options, \n flow, \n withCredentials, \n remediators, \n actions,\n useGenericRemediator\n },\n status\n };\n}\n\nasync function getDataFromIntrospect(authClient, data: RunData): Promise<RunData> {\n const { options } = data;\n const {\n stateHandle,\n withCredentials,\n version,\n state,\n scopes,\n recoveryToken,\n activationToken,\n maxAge,\n } = options;\n\n let idxResponse;\n let meta = getSavedTransactionMeta(authClient, { state, recoveryToken, activationToken }); // may be undefined\n\n if (stateHandle) {\n idxResponse = await introspect(authClient, { withCredentials, version, stateHandle });\n } else {\n let interactionHandle = meta?.interactionHandle; // may be undefined\n if (!interactionHandle) {\n // start a new transaction\n authClient.transactionManager.clear();\n const interactResponse = await interact(authClient, {\n withCredentials,\n state,\n scopes,\n activationToken,\n recoveryToken,\n maxAge,\n }); \n interactionHandle = interactResponse.interactionHandle;\n meta = interactResponse.meta;\n }\n \n // Introspect to get idx response\n idxResponse = await introspect(authClient, { withCredentials, version, interactionHandle });\n }\n return { ...data, idxResponse, meta };\n}\n\nasync function getDataFromRemediate(authClient, data: RunData): Promise<RunData> {\n let {\n idxResponse,\n options,\n values\n } = data;\n\n const {\n autoRemediate,\n remediators,\n actions,\n flow,\n step,\n shouldProceedWithEmailAuthenticator, // will be removed in next major version\n useGenericRemediator,\n } = options;\n \n const shouldRemediate = (autoRemediate !== false && (remediators || actions || step));\n if (!shouldRemediate) {\n return data;\n }\n\n values = { \n ...values, \n stateHandle: idxResponse!.rawIdxState.stateHandle \n };\n\n // Can we handle the remediations?\n const { \n idxResponse: idxResponseFromRemediation, \n nextStep,\n canceled,\n } = await remediate(\n authClient,\n idxResponse!, \n values, \n {\n remediators,\n actions,\n flow,\n step,\n shouldProceedWithEmailAuthenticator, // will be removed in next major version\n useGenericRemediator,\n }\n );\n idxResponse = idxResponseFromRemediation;\n\n return { ...data, idxResponse, nextStep, canceled };\n}\n\nasync function getTokens(authClient, data: RunData): Promise<Tokens> {\n let { meta, idxResponse } = data;\n const { interactionCode } = idxResponse as IdxResponse;\n const {\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n urls,\n scopes,\n } = meta as IdxTransactionMeta;\n const tokenResponse = await authClient.token.exchangeCodeForTokens({\n interactionCode,\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n scopes\n }, urls);\n return tokenResponse.tokens;\n}\n\nasync function finalizeData(authClient, data: RunData): Promise<RunData> {\n let {\n options,\n idxResponse,\n canceled,\n status,\n } = data;\n const { exchangeCodeForTokens } = options;\n let shouldSaveResponse = false;\n let shouldClearTransaction = false;\n let clearSharedStorage = true;\n let interactionCode;\n let tokens;\n let enabledFeatures;\n let availableSteps;\n let messages;\n let terminal;\n\n if (idxResponse) {\n shouldSaveResponse = !!(idxResponse.requestDidSucceed || idxResponse.stepUp);\n enabledFeatures = getEnabledFeatures(idxResponse);\n availableSteps = getAvailableSteps(authClient, idxResponse, options.useGenericRemediator);\n messages = getMessagesFromResponse(idxResponse);\n terminal = isTerminalResponse(idxResponse);\n }\n\n if (terminal) {\n status = IdxStatus.TERMINAL;\n\n // In most cases a terminal response should not clear transaction data. The user should cancel or skip to continue.\n // A terminal \"success\" is a non-error response with no further actions available.\n // In these narrow cases, saved transaction data should be cleared.\n // One example of a terminal success is when the email verify flow is continued in another tab\n const hasActions = Object.keys(idxResponse!.actions).length > 0;\n const hasErrors = !!messages.find(msg => msg.class === 'ERROR');\n const isTerminalSuccess = !hasActions && !hasErrors && idxResponse!.requestDidSucceed === true;\n if (isTerminalSuccess) {\n shouldClearTransaction = true;\n } else {\n // only save response if there are actions available (ignore messages)\n shouldSaveResponse = shouldSaveResponse && hasActions;\n }\n // leave shared storage intact so the transaction can be continued in another tab\n clearSharedStorage = false;\n } else if (canceled) {\n status = IdxStatus.CANCELED;\n shouldClearTransaction = true;\n } else if (idxResponse?.interactionCode) { \n interactionCode = idxResponse.interactionCode;\n if (exchangeCodeForTokens === false) {\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = false;\n } else {\n tokens = await getTokens(authClient, data);\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = true;\n }\n }\n return {\n ...data,\n status,\n interactionCode,\n tokens,\n shouldSaveResponse,\n shouldClearTransaction,\n clearSharedStorage,\n enabledFeatures,\n availableSteps,\n messages,\n terminal\n };\n}\n\nfunction handleError(err, data: RunData): RunData {\n let { error, status, shouldClearTransaction } = data;\n\n // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors\n if (isIdxResponse(err)) {\n error = err;\n status = IdxStatus.FAILURE;\n shouldClearTransaction = true;\n } else {\n // error is not an IDX response, throw it like a regular error\n throw err;\n }\n\n return { ...data, error, status, shouldClearTransaction };\n}\n\nexport async function run(\n authClient: OktaAuthInterface, \n options: RunOptions = {},\n): Promise<IdxTransaction> {\n let data: RunData = {\n options,\n values: initializeValues(options)\n };\n\n data = initializeData(authClient, data);\n try {\n data = await getDataFromIntrospect(authClient, data);\n data = await getDataFromRemediate(authClient, data);\n } catch (err) {\n data = handleError(err, data);\n }\n data = await finalizeData(authClient, data);\n\n const {\n idxResponse,\n meta,\n shouldSaveResponse,\n shouldClearTransaction,\n clearSharedStorage,\n status,\n enabledFeatures,\n availableSteps,\n tokens,\n nextStep,\n messages,\n error,\n interactionCode\n } = data;\n\n if (shouldClearTransaction) {\n authClient.transactionManager.clear({ clearSharedStorage });\n }\n else {\n // ensures state is saved to sessionStorage\n saveTransactionMeta(authClient, { ...meta });\n\n if (shouldSaveResponse) {\n // Save intermediate idx response in storage to reduce introspect call\n const { rawIdxState: rawIdxResponse, requestDidSucceed } = idxResponse!;\n authClient.transactionManager.saveIdxResponse({\n rawIdxResponse,\n requestDidSucceed,\n stateHandle: idxResponse!.context?.stateHandle,\n interactionHandle: meta?.interactionHandle\n });\n }\n }\n \n // copy all fields from idxResponse which are needed by the widget\n const { actions, context, neededToProceed, proceed, rawIdxState, requestDidSucceed, stepUp } = idxResponse || {};\n return {\n status: status!,\n ...(meta && { meta }),\n ...(enabledFeatures && { enabledFeatures }),\n ...(availableSteps && { availableSteps }),\n ...(tokens && { tokens }),\n ...(nextStep && { nextStep }),\n ...(messages && messages.length && { messages }),\n ...(error && { error }),\n ...(stepUp && { stepUp }),\n interactionCode, // if options.exchangeCodeForTokens is false\n\n // from idx-js\n actions: actions!,\n context: context!,\n neededToProceed: neededToProceed!,\n proceed: proceed!,\n rawIdxState: rawIdxState!,\n requestDidSucceed\n };\n}\n"],"file":"run.js"}
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/run.ts"],"names":["initializeValues","options","knownOptions","values","forEach","option","initializeData","authClient","data","idx","flow","withCredentials","remediators","actions","status","IdxStatus","PENDING","getFlow","setFlow","flowSpec","getDataFromIntrospect","stateHandle","version","state","scopes","recoveryToken","activationToken","maxAge","idxResponse","meta","interactionHandle","transactionManager","clear","interactResponse","getDataFromRemediate","autoRemediate","step","shouldProceedWithEmailAuthenticator","useGenericRemediator","shouldRemediate","rawIdxState","idxResponseFromRemediation","nextStep","canceled","getTokens","interactionCode","clientId","codeVerifier","ignoreSignature","redirectUri","urls","tokenResponse","token","exchangeCodeForTokens","tokens","finalizeData","shouldSaveResponse","shouldClearTransaction","clearSharedStorage","enabledFeatures","availableSteps","messages","terminal","requestDidSucceed","stepUp","TERMINAL","hasActions","length","hasErrors","msg","class","isTerminalSuccess","CANCELED","SUCCESS","handleError","err","error","FAILURE","run","rawIdxResponse","saveIdxResponse","context","neededToProceed","proceed"],"mappings":";;;;;;;;;;AAeA;;AACA;;AACA;;AACA;;AAEA;;AAWA;;AACA;;AACA;;AAjCA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAGA;AAwCA,SAASA,gBAAT,CAA0BC,OAA1B,EAA+C;AAC7C;AACA,QAAMC,YAAY,GAAG,CACnB,MADmB,EAEnB,aAFmB,EAGnB,SAHmB,EAInB,iBAJmB,EAKnB,MALmB,EAMnB,sBANmB,EAOnB,uBAPmB,EAQnB,qCARmB,CAArB;AAUA,QAAMC,MAAM,GAAG,EAAE,GAAGF;AAAL,GAAf;AACAC,EAAAA,YAAY,CAACE,OAAb,CAAqBC,MAAM,IAAI;AAC7B,WAAOF,MAAM,CAACE,MAAD,CAAb;AACD,GAFD;AAGA,SAAOF,MAAP;AACD;;AAED,SAASG,cAAT,CAAwBC,UAAxB,EAAoCC,IAApC,EAA4D;AAC1D,MAAI;AAAEP,IAAAA;AAAF,MAAcO,IAAlB;AACAP,EAAAA,OAAO,GAAG,EACR,GAAGM,UAAU,CAACN,OAAX,CAAmBQ,GADd;AAER,OAAGR;AAFK,GAAV;AAIA,MAAI;AACFS,IAAAA,IADE;AAEFC,IAAAA,eAFE;AAGFC,IAAAA,WAHE;AAIFC,IAAAA;AAJE,MAKAZ,OALJ;AAOA,QAAMa,MAAM,GAAGC,iBAAUC,OAAzB,CAb0D,CAe1D;;AACAN,EAAAA,IAAI,GAAGA,IAAI,IAAIH,UAAU,CAACE,GAAX,CAAeQ,OAAf,EAAR,IAAoC,SAA3C;;AACA,MAAIP,IAAJ,EAAU;AACRH,IAAAA,UAAU,CAACE,GAAX,CAAeS,OAAf,CAAuBR,IAAvB;AACA,UAAMS,QAAQ,GAAG,gCAAqBZ,UAArB,EAAiCG,IAAjC,CAAjB,CAFQ,CAGR;;AACAC,IAAAA,eAAe,GAAI,OAAOA,eAAP,KAA2B,WAA5B,GAA2CA,eAA3C,GAA6DQ,QAAQ,CAACR,eAAxF;AACAC,IAAAA,WAAW,GAAGA,WAAW,IAAIO,QAAQ,CAACP,WAAtC;AACAC,IAAAA,OAAO,GAAGA,OAAO,IAAIM,QAAQ,CAACN,OAA9B;AACD;;AAED,SAAO,EACL,GAAGL,IADE;AAELP,IAAAA,OAAO,EAAE,EACP,GAAGA,OADI;AAEPS,MAAAA,IAFO;AAGPC,MAAAA,eAHO;AAIPC,MAAAA,WAJO;AAKPC,MAAAA;AALO,KAFJ;AASLC,IAAAA;AATK,GAAP;AAWD;;AAED,eAAeM,qBAAf,CAAqCb,UAArC,EAAiDC,IAAjD,EAAkF;AAChF,QAAM;AAAEP,IAAAA;AAAF,MAAcO,IAApB;AACA,QAAM;AACJa,IAAAA,WADI;AAEJV,IAAAA,eAFI;AAGJW,IAAAA,OAHI;AAIJC,IAAAA,KAJI;AAKJC,IAAAA,MALI;AAMJC,IAAAA,aANI;AAOJC,IAAAA,eAPI;AAQJC,IAAAA;AARI,MASF1B,OATJ;AAWA,MAAI2B,WAAJ;AACA,MAAIC,IAAI,GAAG,8CAAwBtB,UAAxB,EAAoC;AAAEgB,IAAAA,KAAF;AAASE,IAAAA,aAAT;AAAwBC,IAAAA;AAAxB,GAApC,CAAX,CAdgF,CAcW;;AAE3F,MAAIL,WAAJ,EAAiB;AACfO,IAAAA,WAAW,GAAG,MAAM,4BAAWrB,UAAX,EAAuB;AAAEI,MAAAA,eAAF;AAAmBW,MAAAA,OAAnB;AAA4BD,MAAAA;AAA5B,KAAvB,CAApB;AACD,GAFD,MAEO;AAAA;;AACL,QAAIS,iBAAiB,YAAGD,IAAH,0CAAG,MAAMC,iBAA9B,CADK,CAC4C;;AACjD,QAAI,CAACA,iBAAL,EAAwB;AACtB;AACAvB,MAAAA,UAAU,CAACwB,kBAAX,CAA8BC,KAA9B;AACA,YAAMC,gBAAgB,GAAG,MAAM,wBAAS1B,UAAT,EAAqB;AAClDI,QAAAA,eADkD;AAElDY,QAAAA,KAFkD;AAGlDC,QAAAA,MAHkD;AAIlDE,QAAAA,eAJkD;AAKlDD,QAAAA,aALkD;AAMlDE,QAAAA;AANkD,OAArB,CAA/B;AAQAG,MAAAA,iBAAiB,GAAGG,gBAAgB,CAACH,iBAArC;AACAD,MAAAA,IAAI,GAAGI,gBAAgB,CAACJ,IAAxB;AACD,KAfI,CAiBL;;;AACAD,IAAAA,WAAW,GAAG,MAAM,4BAAWrB,UAAX,EAAuB;AAAEI,MAAAA,eAAF;AAAmBW,MAAAA,OAAnB;AAA4BQ,MAAAA;AAA5B,KAAvB,CAApB;AACD;;AACD,SAAO,EAAE,GAAGtB,IAAL;AAAWoB,IAAAA,WAAX;AAAwBC,IAAAA;AAAxB,GAAP;AACD;;AAED,eAAeK,oBAAf,CAAoC3B,UAApC,EAAgDC,IAAhD,EAAiF;AAC/E,MAAI;AACFoB,IAAAA,WADE;AAEF3B,IAAAA,OAFE;AAGFE,IAAAA;AAHE,MAIAK,IAJJ;AAMA,QAAM;AACJ2B,IAAAA,aADI;AAEJvB,IAAAA,WAFI;AAGJC,IAAAA,OAHI;AAIJH,IAAAA,IAJI;AAKJ0B,IAAAA,IALI;AAMJC,IAAAA,mCANI;AAMiC;AACrCC,IAAAA;AAPI,MAQFrC,OARJ;AAUA,QAAMsC,eAAe,GAAIJ,aAAa,KAAK,KAAlB,KAA4BvB,WAAW,IAAIC,OAAf,IAA0BuB,IAAtD,CAAzB;;AACA,MAAI,CAACG,eAAL,EAAsB;AACpB,WAAO/B,IAAP;AACD;;AAEDL,EAAAA,MAAM,GAAG,EACP,GAAGA,MADI;AAEPkB,IAAAA,WAAW,EAAEO,WAAW,CAAEY,WAAb,CAAyBnB;AAF/B,GAAT,CAtB+E,CA2B/E;;AACA,QAAM;AACJO,IAAAA,WAAW,EAAEa,0BADT;AAEJC,IAAAA,QAFI;AAGJC,IAAAA;AAHI,MAIF,MAAM,0BACRpC,UADQ,EAERqB,WAFQ,EAGRzB,MAHQ,EAIR;AACES,IAAAA,WADF;AAEEC,IAAAA,OAFF;AAGEH,IAAAA,IAHF;AAIE0B,IAAAA,IAJF;AAKEC,IAAAA,mCALF;AAKuC;AACrCC,IAAAA;AANF,GAJQ,CAJV;AAiBAV,EAAAA,WAAW,GAAGa,0BAAd;AAEA,SAAO,EAAE,GAAGjC,IAAL;AAAWoB,IAAAA,WAAX;AAAwBc,IAAAA,QAAxB;AAAkCC,IAAAA;AAAlC,GAAP;AACD;;AAED,eAAeC,SAAf,CAAyBrC,UAAzB,EAAqCC,IAArC,EAAqE;AACnE,MAAI;AAAEqB,IAAAA,IAAF;AAAQD,IAAAA;AAAR,MAAwBpB,IAA5B;AACA,QAAM;AAAEqC,IAAAA;AAAF,MAAsBjB,WAA5B;AACA,QAAM;AACJkB,IAAAA,QADI;AAEJC,IAAAA,YAFI;AAGJC,IAAAA,eAHI;AAIJC,IAAAA,WAJI;AAKJC,IAAAA,IALI;AAMJ1B,IAAAA;AANI,MAOFK,IAPJ;AAQA,QAAMsB,aAAa,GAAG,MAAM5C,UAAU,CAAC6C,KAAX,CAAiBC,qBAAjB,CAAuC;AACjER,IAAAA,eADiE;AAEjEC,IAAAA,QAFiE;AAGjEC,IAAAA,YAHiE;AAIjEC,IAAAA,eAJiE;AAKjEC,IAAAA,WALiE;AAMjEzB,IAAAA;AANiE,GAAvC,EAOzB0B,IAPyB,CAA5B;AAQA,SAAOC,aAAa,CAACG,MAArB;AACD;;AAED,eAAeC,YAAf,CAA4BhD,UAA5B,EAAwCC,IAAxC,EAAyE;AACvE,MAAI;AACFP,IAAAA,OADE;AAEF2B,IAAAA,WAFE;AAGFe,IAAAA,QAHE;AAIF7B,IAAAA;AAJE,MAKAN,IALJ;AAMA,QAAM;AAAE6C,IAAAA;AAAF,MAA4BpD,OAAlC;AACA,MAAIuD,kBAAkB,GAAG,KAAzB;AACA,MAAIC,sBAAsB,GAAG,KAA7B;AACA,MAAIC,kBAAkB,GAAG,IAAzB;AACA,MAAIb,eAAJ;AACA,MAAIS,MAAJ;AACA,MAAIK,eAAJ;AACA,MAAIC,cAAJ;AACA,MAAIC,QAAJ;AACA,MAAIC,QAAJ;;AAEA,MAAIlC,WAAJ,EAAiB;AACf4B,IAAAA,kBAAkB,GAAG,CAAC,EAAE5B,WAAW,CAACmC,iBAAZ,IAAiCnC,WAAW,CAACoC,MAA/C,CAAtB;AACAL,IAAAA,eAAe,GAAG,8BAAmB/B,WAAnB,CAAlB;AACAgC,IAAAA,cAAc,GAAG,6BAAkBrD,UAAlB,EAA8BqB,WAA9B,EAA2C3B,OAAO,CAACqC,oBAAnD,CAAjB;AACAuB,IAAAA,QAAQ,GAAG,mCAAwBjC,WAAxB,EAAqC3B,OAArC,CAAX;AACA6D,IAAAA,QAAQ,GAAG,8BAAmBlC,WAAnB,CAAX;AACD;;AAED,MAAIkC,QAAJ,EAAc;AACZhD,IAAAA,MAAM,GAAGC,iBAAUkD,QAAnB,CADY,CAGZ;AACA;AACA;AACA;;AACA,UAAMC,UAAU,GAAG,mBAAYtC,WAAW,CAAEf,OAAzB,EAAkCsD,MAAlC,GAA2C,CAA9D;AACA,UAAMC,SAAS,GAAG,CAAC,CAAC,mBAAAP,QAAQ,MAAR,CAAAA,QAAQ,EAAMQ,GAAG,IAAIA,GAAG,CAACC,KAAJ,KAAc,OAA3B,CAA5B;AACA,UAAMC,iBAAiB,GAAG,CAACL,UAAD,IAAe,CAACE,SAAhB,IAA6BxC,WAAW,CAAEmC,iBAAb,KAAmC,IAA1F;;AACA,QAAIQ,iBAAJ,EAAuB;AACrBd,MAAAA,sBAAsB,GAAG,IAAzB;AACD,KAFD,MAEO;AACL;AACAD,MAAAA,kBAAkB,GAAGA,kBAAkB,IAAIU,UAA3C;AACD,KAfW,CAgBZ;;;AACAR,IAAAA,kBAAkB,GAAG,KAArB;AACD,GAlBD,MAkBO,IAAIf,QAAJ,EAAc;AACnB7B,IAAAA,MAAM,GAAGC,iBAAUyD,QAAnB;AACAf,IAAAA,sBAAsB,GAAG,IAAzB;AACD,GAHM,MAGA,IAAI7B,WAAJ,aAAIA,WAAJ,eAAIA,WAAW,CAAEiB,eAAjB,EAAkC;AACvCA,IAAAA,eAAe,GAAGjB,WAAW,CAACiB,eAA9B;;AACA,QAAIQ,qBAAqB,KAAK,KAA9B,EAAqC;AACnCvC,MAAAA,MAAM,GAAGC,iBAAU0D,OAAnB;AACAhB,MAAAA,sBAAsB,GAAG,KAAzB;AACD,KAHD,MAGO;AACLH,MAAAA,MAAM,GAAG,MAAMV,SAAS,CAACrC,UAAD,EAAaC,IAAb,CAAxB;AACAM,MAAAA,MAAM,GAAGC,iBAAU0D,OAAnB;AACAhB,MAAAA,sBAAsB,GAAG,IAAzB;AACD;AACF;;AACD,SAAO,EACL,GAAGjD,IADE;AAELM,IAAAA,MAFK;AAGL+B,IAAAA,eAHK;AAILS,IAAAA,MAJK;AAKLE,IAAAA,kBALK;AAMLC,IAAAA,sBANK;AAOLC,IAAAA,kBAPK;AAQLC,IAAAA,eARK;AASLC,IAAAA,cATK;AAULC,IAAAA,QAVK;AAWLC,IAAAA;AAXK,GAAP;AAaD;;AAED,SAASY,WAAT,CAAqBC,GAArB,EAA0BnE,IAA1B,EAAkD;AAChD,MAAI;AAAEoE,IAAAA,KAAF;AAAS9D,IAAAA,MAAT;AAAiB2C,IAAAA;AAAjB,MAA4CjD,IAAhD,CADgD,CAGhD;;AACA,MAAI,0BAAcmE,GAAd,CAAJ,EAAwB;AACtBC,IAAAA,KAAK,GAAGD,GAAR;AACA7D,IAAAA,MAAM,GAAGC,iBAAU8D,OAAnB;AACApB,IAAAA,sBAAsB,GAAG,IAAzB;AACD,GAJD,MAIO;AACL;AACA,UAAMkB,GAAN;AACD;;AAED,SAAO,EAAE,GAAGnE,IAAL;AAAWoE,IAAAA,KAAX;AAAkB9D,IAAAA,MAAlB;AAA0B2C,IAAAA;AAA1B,GAAP;AACD;;AAEM,eAAeqB,GAAf,CACLvE,UADK,EAELN,OAAmB,GAAG,EAFjB,EAGoB;AACzB,MAAIO,IAAa,GAAG;AAClBP,IAAAA,OADkB;AAElBE,IAAAA,MAAM,EAAEH,gBAAgB,CAACC,OAAD;AAFN,GAApB;AAKAO,EAAAA,IAAI,GAAGF,cAAc,CAACC,UAAD,EAAaC,IAAb,CAArB;;AACA,MAAI;AACFA,IAAAA,IAAI,GAAG,MAAMY,qBAAqB,CAACb,UAAD,EAAaC,IAAb,CAAlC;AACAA,IAAAA,IAAI,GAAG,MAAM0B,oBAAoB,CAAC3B,UAAD,EAAaC,IAAb,CAAjC;AACD,GAHD,CAGE,OAAOmE,GAAP,EAAY;AACZnE,IAAAA,IAAI,GAAGkE,WAAW,CAACC,GAAD,EAAMnE,IAAN,CAAlB;AACD;;AACDA,EAAAA,IAAI,GAAG,MAAM+C,YAAY,CAAChD,UAAD,EAAaC,IAAb,CAAzB;AAEA,QAAM;AACJoB,IAAAA,WADI;AAEJC,IAAAA,IAFI;AAGJ2B,IAAAA,kBAHI;AAIJC,IAAAA,sBAJI;AAKJC,IAAAA,kBALI;AAMJ5C,IAAAA,MANI;AAOJ6C,IAAAA,eAPI;AAQJC,IAAAA,cARI;AASJN,IAAAA,MATI;AAUJZ,IAAAA,QAVI;AAWJmB,IAAAA,QAXI;AAYJe,IAAAA,KAZI;AAaJ/B,IAAAA;AAbI,MAcFrC,IAdJ;;AAgBA,MAAIiD,sBAAJ,EAA4B;AAC1BlD,IAAAA,UAAU,CAACwB,kBAAX,CAA8BC,KAA9B,CAAoC;AAAE0B,MAAAA;AAAF,KAApC;AACD,GAFD,MAGK;AACH;AACA,8CAAoBnD,UAApB,EAAgC,EAAE,GAAGsB;AAAL,KAAhC;;AAEA,QAAI2B,kBAAJ,EAAwB;AAAA;;AACtB;AACA,YAAM;AAAEhB,QAAAA,WAAW,EAAEuC,cAAf;AAA+BhB,QAAAA;AAA/B,UAAqDnC,WAA3D;AACArB,MAAAA,UAAU,CAACwB,kBAAX,CAA8BiD,eAA9B,CAA8C;AAC5CD,QAAAA,cAD4C;AAE5ChB,QAAAA,iBAF4C;AAG5C1C,QAAAA,WAAW,cAAEO,WAAW,CAAEqD,OAAf,6CAAE,SAAsB5D,WAHS;AAI5CS,QAAAA,iBAAiB,EAAED,IAAF,aAAEA,IAAF,uBAAEA,IAAI,CAAEC;AAJmB,OAA9C;AAMD;AACF,GAhDwB,CAkDzB;;;AACA,QAAM;AAAEjB,IAAAA,OAAF;AAAWoE,IAAAA,OAAX;AAAoBC,IAAAA,eAApB;AAAqCC,IAAAA,OAArC;AAA8C3C,IAAAA,WAA9C;AAA2DuB,IAAAA,iBAA3D;AAA8EC,IAAAA;AAA9E,MAAyFpC,WAAW,IAAI,EAA9G;AACA,SAAO;AACLd,IAAAA,MAAM,EAAEA,MADH;AAEL,QAAIe,IAAI,IAAI;AAAEA,MAAAA;AAAF,KAAZ,CAFK;AAGL,QAAI8B,eAAe,IAAI;AAAEA,MAAAA;AAAF,KAAvB,CAHK;AAIL,QAAIC,cAAc,IAAI;AAAEA,MAAAA;AAAF,KAAtB,CAJK;AAKL,QAAIN,MAAM,IAAI;AAAEA,MAAAA;AAAF,KAAd,CALK;AAML,QAAIZ,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CANK;AAOL,QAAImB,QAAQ,IAAIA,QAAQ,CAACM,MAArB,IAA+B;AAAEN,MAAAA;AAAF,KAAnC,CAPK;AAQL,QAAIe,KAAK,IAAI;AAAEA,MAAAA;AAAF,KAAb,CARK;AASL,QAAIZ,MAAM,IAAI;AAAEA,MAAAA;AAAF,KAAd,CATK;AAULnB,IAAAA,eAVK;AAUY;AAEjB;AACAhC,IAAAA,OAAO,EAAEA,OAbJ;AAcLoE,IAAAA,OAAO,EAAEA,OAdJ;AAeLC,IAAAA,eAAe,EAAEA,eAfZ;AAgBLC,IAAAA,OAAO,EAAEA,OAhBJ;AAiBL3C,IAAAA,WAAW,EAAEA,WAjBR;AAkBLuB,IAAAA;AAlBK,GAAP;AAoBD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* eslint-disable max-statements, complexity, max-depth */\nimport { interact } from './interact';\nimport { introspect } from './introspect';\nimport { remediate } from './remediate';\nimport { getFlowSpecification } from './flow';\nimport * as remediators from './remediators';\nimport { \n OktaAuthIdxInterface,\n IdxStatus,\n IdxTransaction,\n IdxFeature,\n NextStep,\n RunOptions,\n IdxTransactionMeta,\n Tokens,\n APIError,\n} from '../types';\nimport { IdxMessage, IdxResponse, isIdxResponse } from './types/idx-js';\nimport { getSavedTransactionMeta, saveTransactionMeta } from './transactionMeta';\nimport { getAvailableSteps, getEnabledFeatures, getMessagesFromResponse, isTerminalResponse } from './util';\ndeclare interface RunData {\n options: RunOptions;\n values: remediators.RemediationValues;\n status?: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError | IdxResponse;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n idxResponse?: IdxResponse;\n canceled?: boolean;\n interactionCode?: string;\n shouldSaveResponse?: boolean;\n shouldClearTransaction?: boolean;\n clearSharedStorage?: boolean;\n terminal?: boolean;\n}\n\nfunction initializeValues(options: RunOptions) {\n // remove known options, everything else is assumed to be a value\n const knownOptions = [\n 'flow', \n 'remediators', \n 'actions', \n 'withCredentials', \n 'step',\n 'useGenericRemediator',\n 'exchangeCodeForTokens',\n 'shouldProceedWithEmailAuthenticator'\n ];\n const values = { ...options };\n knownOptions.forEach(option => {\n delete values[option];\n });\n return values;\n}\n\nfunction initializeData(authClient, data: RunData): RunData {\n let { options } = data;\n options = {\n ...authClient.options.idx,\n ...options\n };\n let {\n flow,\n withCredentials,\n remediators,\n actions,\n } = options;\n\n const status = IdxStatus.PENDING;\n\n // certain options can be set by the flow specification\n flow = flow || authClient.idx.getFlow() || 'default';\n if (flow) {\n authClient.idx.setFlow(flow);\n const flowSpec = getFlowSpecification(authClient, flow);\n // Favor option values over flow spec\n withCredentials = (typeof withCredentials !== 'undefined') ? withCredentials : flowSpec.withCredentials;\n remediators = remediators || flowSpec.remediators;\n actions = actions || flowSpec.actions;\n }\n\n return { \n ...data,\n options: { \n ...options, \n flow, \n withCredentials, \n remediators, \n actions,\n },\n status\n };\n}\n\nasync function getDataFromIntrospect(authClient, data: RunData): Promise<RunData> {\n const { options } = data;\n const {\n stateHandle,\n withCredentials,\n version,\n state,\n scopes,\n recoveryToken,\n activationToken,\n maxAge,\n } = options;\n\n let idxResponse;\n let meta = getSavedTransactionMeta(authClient, { state, recoveryToken, activationToken }); // may be undefined\n\n if (stateHandle) {\n idxResponse = await introspect(authClient, { withCredentials, version, stateHandle });\n } else {\n let interactionHandle = meta?.interactionHandle; // may be undefined\n if (!interactionHandle) {\n // start a new transaction\n authClient.transactionManager.clear();\n const interactResponse = await interact(authClient, {\n withCredentials,\n state,\n scopes,\n activationToken,\n recoveryToken,\n maxAge,\n }); \n interactionHandle = interactResponse.interactionHandle;\n meta = interactResponse.meta;\n }\n \n // Introspect to get idx response\n idxResponse = await introspect(authClient, { withCredentials, version, interactionHandle });\n }\n return { ...data, idxResponse, meta };\n}\n\nasync function getDataFromRemediate(authClient, data: RunData): Promise<RunData> {\n let {\n idxResponse,\n options,\n values\n } = data;\n\n const {\n autoRemediate,\n remediators,\n actions,\n flow,\n step,\n shouldProceedWithEmailAuthenticator, // will be removed in next major version\n useGenericRemediator,\n } = options;\n \n const shouldRemediate = (autoRemediate !== false && (remediators || actions || step));\n if (!shouldRemediate) {\n return data;\n }\n\n values = { \n ...values, \n stateHandle: idxResponse!.rawIdxState.stateHandle \n };\n\n // Can we handle the remediations?\n const { \n idxResponse: idxResponseFromRemediation, \n nextStep,\n canceled,\n } = await remediate(\n authClient,\n idxResponse!, \n values, \n {\n remediators,\n actions,\n flow,\n step,\n shouldProceedWithEmailAuthenticator, // will be removed in next major version\n useGenericRemediator,\n }\n );\n idxResponse = idxResponseFromRemediation;\n\n return { ...data, idxResponse, nextStep, canceled };\n}\n\nasync function getTokens(authClient, data: RunData): Promise<Tokens> {\n let { meta, idxResponse } = data;\n const { interactionCode } = idxResponse as IdxResponse;\n const {\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n urls,\n scopes,\n } = meta as IdxTransactionMeta;\n const tokenResponse = await authClient.token.exchangeCodeForTokens({\n interactionCode,\n clientId,\n codeVerifier,\n ignoreSignature,\n redirectUri,\n scopes\n }, urls);\n return tokenResponse.tokens;\n}\n\nasync function finalizeData(authClient, data: RunData): Promise<RunData> {\n let {\n options,\n idxResponse,\n canceled,\n status,\n } = data;\n const { exchangeCodeForTokens } = options;\n let shouldSaveResponse = false;\n let shouldClearTransaction = false;\n let clearSharedStorage = true;\n let interactionCode;\n let tokens;\n let enabledFeatures;\n let availableSteps;\n let messages;\n let terminal;\n\n if (idxResponse) {\n shouldSaveResponse = !!(idxResponse.requestDidSucceed || idxResponse.stepUp);\n enabledFeatures = getEnabledFeatures(idxResponse);\n availableSteps = getAvailableSteps(authClient, idxResponse, options.useGenericRemediator);\n messages = getMessagesFromResponse(idxResponse, options);\n terminal = isTerminalResponse(idxResponse);\n }\n\n if (terminal) {\n status = IdxStatus.TERMINAL;\n\n // In most cases a terminal response should not clear transaction data. The user should cancel or skip to continue.\n // A terminal \"success\" is a non-error response with no further actions available.\n // In these narrow cases, saved transaction data should be cleared.\n // One example of a terminal success is when the email verify flow is continued in another tab\n const hasActions = Object.keys(idxResponse!.actions).length > 0;\n const hasErrors = !!messages.find(msg => msg.class === 'ERROR');\n const isTerminalSuccess = !hasActions && !hasErrors && idxResponse!.requestDidSucceed === true;\n if (isTerminalSuccess) {\n shouldClearTransaction = true;\n } else {\n // only save response if there are actions available (ignore messages)\n shouldSaveResponse = shouldSaveResponse && hasActions;\n }\n // leave shared storage intact so the transaction can be continued in another tab\n clearSharedStorage = false;\n } else if (canceled) {\n status = IdxStatus.CANCELED;\n shouldClearTransaction = true;\n } else if (idxResponse?.interactionCode) { \n interactionCode = idxResponse.interactionCode;\n if (exchangeCodeForTokens === false) {\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = false;\n } else {\n tokens = await getTokens(authClient, data);\n status = IdxStatus.SUCCESS;\n shouldClearTransaction = true;\n }\n }\n return {\n ...data,\n status,\n interactionCode,\n tokens,\n shouldSaveResponse,\n shouldClearTransaction,\n clearSharedStorage,\n enabledFeatures,\n availableSteps,\n messages,\n terminal\n };\n}\n\nfunction handleError(err, data: RunData): RunData {\n let { error, status, shouldClearTransaction } = data;\n\n // current version of idx-js will throw/reject IDX responses. Handle these differently than regular errors\n if (isIdxResponse(err)) {\n error = err;\n status = IdxStatus.FAILURE;\n shouldClearTransaction = true;\n } else {\n // error is not an IDX response, throw it like a regular error\n throw err;\n }\n\n return { ...data, error, status, shouldClearTransaction };\n}\n\nexport async function run(\n authClient: OktaAuthIdxInterface, \n options: RunOptions = {},\n): Promise<IdxTransaction> {\n let data: RunData = {\n options,\n values: initializeValues(options)\n };\n\n data = initializeData(authClient, data);\n try {\n data = await getDataFromIntrospect(authClient, data);\n data = await getDataFromRemediate(authClient, data);\n } catch (err) {\n data = handleError(err, data);\n }\n data = await finalizeData(authClient, data);\n\n const {\n idxResponse,\n meta,\n shouldSaveResponse,\n shouldClearTransaction,\n clearSharedStorage,\n status,\n enabledFeatures,\n availableSteps,\n tokens,\n nextStep,\n messages,\n error,\n interactionCode\n } = data;\n\n if (shouldClearTransaction) {\n authClient.transactionManager.clear({ clearSharedStorage });\n }\n else {\n // ensures state is saved to sessionStorage\n saveTransactionMeta(authClient, { ...meta });\n\n if (shouldSaveResponse) {\n // Save intermediate idx response in storage to reduce introspect call\n const { rawIdxState: rawIdxResponse, requestDidSucceed } = idxResponse!;\n authClient.transactionManager.saveIdxResponse({\n rawIdxResponse,\n requestDidSucceed,\n stateHandle: idxResponse!.context?.stateHandle,\n interactionHandle: meta?.interactionHandle\n });\n }\n }\n \n // copy all fields from idxResponse which are needed by the widget\n const { actions, context, neededToProceed, proceed, rawIdxState, requestDidSucceed, stepUp } = idxResponse || {};\n return {\n status: status!,\n ...(meta && { meta }),\n ...(enabledFeatures && { enabledFeatures }),\n ...(availableSteps && { availableSteps }),\n ...(tokens && { tokens }),\n ...(nextStep && { nextStep }),\n ...(messages && messages.length && { messages }),\n ...(error && { error }),\n ...(stepUp && { stepUp }),\n interactionCode, // if options.exchangeCodeForTokens is false\n\n // from idx-js\n actions: actions!,\n context: context!,\n neededToProceed: neededToProceed!,\n proceed: proceed!,\n rawIdxState: rawIdxState!,\n requestDidSucceed\n };\n}\n"],"file":"run.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear","exchangeCodeForTokens"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAqB,GAAG,EAFnB,EAGoB;AACzB;AACAD,EAAAA,UAAU,CAACE,kBAAX,CAA8BC,KAA9B;AAEA,SAAO,cAAIH,UAAJ,EAAgB;AACrBI,IAAAA,qBAAqB,EAAE,KADF;AAErB,OAAGH;AAFkB,GAAhB,CAAP;AAID","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport {
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/startTransaction.ts"],"names":["startTransaction","authClient","options","transactionManager","clear","exchangeCodeForTokens"],"mappings":";;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,eAAeA,gBAAf,CACLC,UADK,EAELC,OAAqB,GAAG,EAFnB,EAGoB;AACzB;AACAD,EAAAA,UAAU,CAACE,kBAAX,CAA8BC,KAA9B;AAEA,SAAO,cAAIH,UAAJ,EAAgB;AACrBI,IAAAA,qBAAqB,EAAE,KADF;AAErB,OAAGH;AAFkB,GAAhB,CAAP;AAID","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { OktaAuthIdxInterface, IdxTransaction, StartOptions } from '../types';\n\nexport async function startTransaction(\n authClient: OktaAuthIdxInterface, \n options: StartOptions = {}\n): Promise<IdxTransaction> {\n // Clear IDX response cache and saved transaction meta (if any)\n authClient.transactionManager.clear();\n\n return run(authClient, {\n exchangeCodeForTokens: false,\n ...options\n });\n}\n"],"file":"startTransaction.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","options","tokenParams","token","prepareTokenParams","pkceMeta","flow","withCredentials","activationToken","undefined","recoveryToken","maxAge","meta","hasSavedInteractionHandle","savedMeta","getSavedTransactionMeta","interactionHandle","transactionManager","load","e","isTransactionMetaValid","getTransactionMeta","validExistingMeta","saveTransactionMeta","save","muteWarning","clearTransactionMeta","clear","keys","isTransactionMetaValidForOptions","isTransactionMetaValidForFlow","shouldValidateFlow","mismatch","some","key","value"],"mappings":";;;;;;;;;;;;AAcA;;AACA;;AAfA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,qBAAf,CACLC,UADK,EAELC,OAA+B,GAAG,EAF7B,EAGwB;AAC7B,QAAMC,WAAW,GAAG,MAAMF,UAAU,CAACG,KAAX,CAAiBC,kBAAjB,CAAoCH,OAApC,CAA1B;AACA,QAAMI,QAAQ,GAAG,2BAAgBL,UAAhB,EAA4BE,WAA5B,CAAjB;AACA,MAAI;AACFI,IAAAA,IAAI,GAAG,SADL;AAEFC,IAAAA,eAAe,GAAG,IAFhB;AAGFC,IAAAA,eAAe,GAAGC,SAHhB;AAIFC,IAAAA,aAAa,GAAGD,SAJd;AAKFE,IAAAA,MAAM,GAAGF;AALP,MAMA,EAAE,GAAGT,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GANJ,CAH6B,CASc;;AAE3C,QAAMW,IAAwB,GAAG,EAC/B,GAAGP,QAD4B;AAE/BC,IAAAA,IAF+B;AAG/BC,IAAAA,eAH+B;AAI/BC,IAAAA,eAJ+B;AAK/BE,IAAAA,aAL+B;AAM/BC,IAAAA;AAN+B,GAAjC;AAQA,SAAOC,IAAP;AACD;;AAEM,SAASC,yBAAT,CAAmCb,UAAnC,
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/transactionMeta.ts"],"names":["createTransactionMeta","authClient","options","tokenParams","token","prepareTokenParams","pkceMeta","flow","withCredentials","activationToken","undefined","recoveryToken","maxAge","meta","hasSavedInteractionHandle","savedMeta","getSavedTransactionMeta","interactionHandle","transactionManager","load","e","isTransactionMetaValid","getTransactionMeta","validExistingMeta","saveTransactionMeta","save","muteWarning","clearTransactionMeta","clear","keys","isTransactionMetaValidForOptions","isTransactionMetaValidForFlow","shouldValidateFlow","mismatch","some","key","value"],"mappings":";;;;;;;;;;;;AAcA;;AACA;;AAfA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMA;AACO,eAAeA,qBAAf,CACLC,UADK,EAELC,OAA+B,GAAG,EAF7B,EAGwB;AAC7B,QAAMC,WAAW,GAAG,MAAMF,UAAU,CAACG,KAAX,CAAiBC,kBAAjB,CAAoCH,OAApC,CAA1B;AACA,QAAMI,QAAQ,GAAG,2BAAgBL,UAAhB,EAA4BE,WAA5B,CAAjB;AACA,MAAI;AACFI,IAAAA,IAAI,GAAG,SADL;AAEFC,IAAAA,eAAe,GAAG,IAFhB;AAGFC,IAAAA,eAAe,GAAGC,SAHhB;AAIFC,IAAAA,aAAa,GAAGD,SAJd;AAKFE,IAAAA,MAAM,GAAGF;AALP,MAMA,EAAE,GAAGT,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GANJ,CAH6B,CASc;;AAE3C,QAAMW,IAAwB,GAAG,EAC/B,GAAGP,QAD4B;AAE/BC,IAAAA,IAF+B;AAG/BC,IAAAA,eAH+B;AAI/BC,IAAAA,eAJ+B;AAK/BE,IAAAA,aAL+B;AAM/BC,IAAAA;AAN+B,GAAjC;AAQA,SAAOC,IAAP;AACD;;AAEM,SAASC,yBAAT,CAAmCb,UAAnC,EAAqEC,OAArE,EAAgH;AACrH,QAAMa,SAAS,GAAGC,uBAAuB,CAACf,UAAD,EAAaC,OAAb,CAAzC;;AACA,MAAIa,SAAJ,aAAIA,SAAJ,eAAIA,SAAS,CAAEE,iBAAf,EAAkC;AAChC,WAAO,IAAP;AACD;;AACD,SAAO,KAAP;AACD,C,CAED;;;AACO,SAASD,uBAAT,CACLf,UADK,EAELC,OAFK,EAG2B;AAChCA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AACAA,EAAAA,OAAO,GAAG,EAAE,GAAGD,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GAAV,CAFgC,CAEiB;;AACjD,MAAIa,SAAJ;;AACA,MAAI;AACFA,IAAAA,SAAS,GAAGd,UAAU,CAACiB,kBAAX,CAA8BC,IAA9B,CAAmCjB,OAAnC,CAAZ;AACD,GAFD,CAEE,OAAOkB,CAAP,EAAU,CACV;AACD;;AAED,MAAI,CAACL,SAAL,EAAgB;AACd;AACD;;AAED,MAAIM,sBAAsB,CAACN,SAAD,EAAYb,OAAZ,CAA1B,EAAgD;AAC9C,WAAOa,SAAP;AACD,GAhB+B,CAkBhC;AACA;AACA;;;AACA,kBAAK,sEACH,4DADF;AAGD;;AAEM,eAAeO,kBAAf,CACLrB,UADK,EAELC,OAFK,EAGwB;AAC7BA,EAAAA,OAAO,GAAG,sBAAWA,OAAX,CAAV;AACAA,EAAAA,OAAO,GAAG,EAAE,GAAGD,UAAU,CAACC,OAAhB;AAAyB,OAAGA;AAA5B,GAAV,CAF6B,CAEoB;AACjD;;AACA,QAAMqB,iBAAiB,GAAGP,uBAAuB,CAACf,UAAD,EAAaC,OAAb,CAAjD;;AACA,MAAIqB,iBAAJ,EAAuB;AACrB,WAAOA,iBAAP;AACD,GAP4B,CAQ7B;;;AACA,SAAOvB,qBAAqB,CAACC,UAAD,EAAaC,OAAb,CAA5B;AACD;;AAEM,SAASsB,mBAAT,CAA8BvB,UAA9B,EAAgEY,IAAhE,EAA4E;AACjFZ,EAAAA,UAAU,CAACiB,kBAAX,CAA8BO,IAA9B,CAAmCZ,IAAnC,EAAyC;AAAEa,IAAAA,WAAW,EAAE;AAAf,GAAzC;AACD;;AAEM,SAASC,oBAAT,CAA+B1B,UAA/B,EAAuE;AAC5EA,EAAAA,UAAU,CAACiB,kBAAX,CAA8BU,KAA9B;AACD;;AAEM,SAASP,sBAAT,CAAiCR,IAAjC,EAAuCX,OAA+B,GAAI,EAA1E,EAAuF;AAC5F;AACA,QAAM2B,IAAI,GAAG,CACX,QADW,EAEX,UAFW,EAGX,aAHW,EAIX,OAJW,EAKX,eALW,EAMX,qBANW,EAOX,iBAPW,EAQX,eARW,CAAb;;AAUA,MAAIC,gCAAgC,CAACjB,IAAD,EAAOX,OAAP,EAAgB2B,IAAhB,CAAhC,KAA0D,KAA9D,EAAqE;AACnE,WAAO,KAAP;AACD,GAd2F,CAgB5F;;;AACA,QAAM;AAAEtB,IAAAA;AAAF,MAAWL,OAAjB;;AACA,MAAI6B,6BAA6B,CAAClB,IAAD,EAAON,IAAP,CAA7B,KAA8C,KAAlD,EAAyD;AACvD,WAAO,KAAP;AACD;;AAED,SAAO,IAAP;AACD;;AAEM,SAASwB,6BAAT,CAAuClB,IAAvC,EAA6CN,IAA7C,EAAmD;AACxD;AACA,QAAMyB,kBAAkB,GAAGzB,IAAI,IAAIA,IAAI,KAAK,SAAjB,IAA8BA,IAAI,KAAK,SAAlE;;AACA,MAAIyB,kBAAJ,EAAwB;AACtB,QAAIzB,IAAI,KAAKM,IAAI,CAACN,IAAlB,EAAwB;AACtB;AACA,aAAO,KAAP;AACD;AACF;;AACD,SAAO,IAAP;AACD;;AAEM,SAASuB,gCAAT,CAA0CjB,IAA1C,EAAgDX,OAAhD,EAAyD2B,IAAzD,EAA+D;AACpE;AACA;AACA,QAAMI,QAAQ,GAAGJ,IAAI,CAACK,IAAL,CAAUC,GAAG,IAAI;AAChC,UAAMC,KAAK,GAAGlC,OAAO,CAACiC,GAAD,CAArB;;AACA,QAAIC,KAAK,IAAIA,KAAK,KAAKvB,IAAI,CAACsB,GAAD,CAA3B,EAAkC;AAChC,aAAO,IAAP;AACD;AACF,GALgB,CAAjB;AAMA,SAAO,CAACF,QAAR;AACD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2021, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuthIdxInterface, IdxTransactionMeta, TransactionMetaOptions, PKCETransactionMeta } from '../types';\nimport { removeNils, warn } from '../util';\nimport { createOAuthMeta } from '../oidc';\n\n// Calculate new values\nexport async function createTransactionMeta(\n authClient: OktaAuthIdxInterface,\n options: TransactionMetaOptions = {}\n): Promise<IdxTransactionMeta> {\n const tokenParams = await authClient.token.prepareTokenParams(options);\n const pkceMeta = createOAuthMeta(authClient, tokenParams) as PKCETransactionMeta;\n let {\n flow = 'default',\n withCredentials = true,\n activationToken = undefined,\n recoveryToken = undefined,\n maxAge = undefined,\n } = { ...authClient.options, ...options }; // local options override SDK options\n\n const meta: IdxTransactionMeta = {\n ...pkceMeta,\n flow,\n withCredentials,\n activationToken,\n recoveryToken,\n maxAge\n };\n return meta;\n}\n\nexport function hasSavedInteractionHandle(authClient: OktaAuthIdxInterface, options?: TransactionMetaOptions): boolean {\n const savedMeta = getSavedTransactionMeta(authClient, options);\n if (savedMeta?.interactionHandle) {\n return true;\n }\n return false;\n}\n\n// Returns the saved transaction meta, if it exists and is valid\nexport function getSavedTransactionMeta(\n authClient: OktaAuthIdxInterface,\n options?: TransactionMetaOptions\n): IdxTransactionMeta | undefined {\n options = removeNils(options);\n options = { ...authClient.options, ...options }; // local options override SDK options\n let savedMeta;\n try {\n savedMeta = authClient.transactionManager.load(options) as IdxTransactionMeta;\n } catch (e) {\n // ignore errors here\n }\n\n if (!savedMeta) {\n return;\n }\n\n if (isTransactionMetaValid(savedMeta, options)) {\n return savedMeta;\n }\n\n // existing meta is not valid for this configuration\n // this is common when changing configuration in local development environment\n // in a production environment, this may indicate that two apps are sharing a storage key\n warn('Saved transaction meta does not match the current configuration. ' + \n 'This may indicate that two apps are sharing a storage key.');\n\n}\n\nexport async function getTransactionMeta(\n authClient: OktaAuthIdxInterface,\n options?: TransactionMetaOptions\n): Promise<IdxTransactionMeta> {\n options = removeNils(options);\n options = { ...authClient.options, ...options }; // local options override SDK options\n // Load existing transaction meta from storage\n const validExistingMeta = getSavedTransactionMeta(authClient, options);\n if (validExistingMeta) {\n return validExistingMeta;\n }\n // No existing? Create new transaction meta.\n return createTransactionMeta(authClient, options);\n}\n\nexport function saveTransactionMeta (authClient: OktaAuthIdxInterface, meta): void {\n authClient.transactionManager.save(meta, { muteWarning: true });\n}\n\nexport function clearTransactionMeta (authClient: OktaAuthIdxInterface): void {\n authClient.transactionManager.clear();\n}\n\nexport function isTransactionMetaValid (meta, options: TransactionMetaOptions = {}): boolean {\n // Validate against certain options. If these exist in options, they must match in meta\n const keys = [\n 'issuer',\n 'clientId',\n 'redirectUri',\n 'state',\n 'codeChallenge',\n 'codeChallengeMethod',\n 'activationToken',\n 'recoveryToken'\n ];\n if (isTransactionMetaValidForOptions(meta, options, keys) === false) {\n return false;\n }\n\n // Validate configured flow\n const { flow } = options;\n if (isTransactionMetaValidForFlow(meta, flow) === false) {\n return false;\n }\n\n return true;\n}\n\nexport function isTransactionMetaValidForFlow(meta, flow) {\n // Specific flows should not share transaction data\n const shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';\n if (shouldValidateFlow) {\n if (flow !== meta.flow) {\n // The flow has changed; abandon the old transaction\n return false;\n }\n }\n return true;\n}\n\nexport function isTransactionMetaValidForOptions(meta, options, keys) {\n // returns false if values in meta do not match options\n // if the option does not have a value for a specific key, it is ignored\n const mismatch = keys.some(key => {\n const value = options[key];\n if (value && value !== meta[key]) {\n return true;\n }\n });\n return !mismatch;\n}\n"],"file":"transactionMeta.js"}
|
package/cjs/idx/types/api.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/idx/types/api.ts"],"names":["IdxStatus","AuthenticatorKey","IdxFeature","isAuthenticator","obj","key","id"],"mappings":";;;;IAkBYA,S;;;WAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;GAAAA,S,yBAAAA,S;;IAQAC,gB;;;WAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;GAAAA,gB,gCAAAA,gB;;IAmDAC,U;;;WAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;GAAAA,U,0BAAAA,U;;
|
|
1
|
+
{"version":3,"sources":["../../../../lib/idx/types/api.ts"],"names":["IdxStatus","AuthenticatorKey","IdxFeature","isAuthenticator","obj","key","id"],"mappings":";;;;IAkBYA,S;;;WAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;AAAAA,EAAAA,S;GAAAA,S,yBAAAA,S;;IAQAC,gB;;;WAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;AAAAA,EAAAA,gB;GAAAA,gB,gCAAAA,gB;;IAmDAC,U;;;WAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;AAAAA,EAAAA,U;GAAAA,U,0BAAAA,U;;AA8CL,SAASC,eAAT,CAAyBC,GAAzB,EAAyD;AAC9D,SAAOA,GAAG,KAAKA,GAAG,CAACC,GAAJ,IAAWD,GAAG,CAACE,EAApB,CAAV;AACD","sourcesContent":["import { APIError } from '../../types/api';\nimport { Tokens } from '../../types/Token';\nimport { PKCETransactionMeta } from '../../types/Transaction';\nimport { FlowIdentifier } from './FlowIdentifier';\nimport {\n IdxActions,\n IdxAuthenticator,\n IdxContext,\n IdxForm,\n IdxMessage,\n IdxOption,\n IdxRemediation,\n IdxResponse,\n RawIdxResponse,\n IdxActionParams,\n IdpConfig,\n} from './idx-js';\n\nexport enum IdxStatus {\n SUCCESS = 'SUCCESS',\n PENDING = 'PENDING',\n FAILURE = 'FAILURE',\n TERMINAL = 'TERMINAL',\n CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n OKTA_PASSWORD = 'okta_password',\n OKTA_EMAIL = 'okta_email',\n PHONE_NUMBER = 'phone_number',\n GOOGLE_AUTHENTICATOR = 'google_otp',\n SECURITY_QUESTION = 'security_question',\n OKTA_VERIFY = 'okta_verify',\n WEBAUTHN = 'webauthn',\n}\n\nexport type Input = {\n name: string;\n key?: string;\n type?: string;\n label?: string;\n value?: string | {form: IdxForm} | Input[];\n minLength?: number;\n maxLength?: number;\n secret?: boolean;\n required?: boolean;\n options?: IdxOption[];\n mutable?: boolean;\n visible?: boolean;\n}\n\n\nexport interface IdxPollOptions {\n required?: boolean;\n refresh?: number;\n}\n\nexport type NextStep = {\n name: string;\n authenticator?: IdxAuthenticator;\n canSkip?: boolean;\n canResend?: boolean;\n inputs?: Input[];\n options?: IdxOption[];\n poll?: IdxPollOptions;\n authenticatorEnrollments?: IdxAuthenticator[];\n // eslint-disable-next-line no-use-before-define\n action?: (params?: IdxActionParams) => Promise<IdxTransaction>;\n idp?: IdpConfig;\n href?: string;\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n refresh?: number;\n}\n\nexport enum IdxFeature {\n PASSWORD_RECOVERY = 'recover-password',\n REGISTRATION = 'enroll-profile',\n SOCIAL_IDP = 'redirect-idp',\n ACCOUNT_UNLOCK = 'unlock-account',\n}\n\nexport interface IdxTransactionMeta extends PKCETransactionMeta {\n interactionHandle?: string;\n remediations?: string[];\n flow?: FlowIdentifier;\n withCredentials?: boolean;\n activationToken?: string;\n recoveryToken?: string;\n maxAge?: string | number;\n}\n\nexport interface IdxTransaction {\n status: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError | IdxResponse;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n requestDidSucceed?: boolean;\n stepUp?: boolean;\n \n // from idx-js, used by signin widget\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n context: IdxContext;\n}\n\n\nexport type Authenticator = {\n id?: string;\n key?: string;\n methodType?: string;\n phoneNumber?: string;\n};\n\nexport function isAuthenticator(obj: any): obj is Authenticator {\n return obj && (obj.key || obj.id);\n}\n\nexport interface RemediationResponse {\n idxResponse: IdxResponse;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n terminal?: boolean;\n canceled?: boolean;\n}\n\nexport interface InteractResponse {\n state?: string;\n interactionHandle: string;\n meta: IdxTransactionMeta;\n}\n"],"file":"api.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/unlockAccount.ts"],"names":["unlockAccount","authClient","options","flow","enabledFeatures","autoRemediate","IdxFeature","ACCOUNT_UNLOCK","AuthSdkError"],"mappings":";;;;;;;;AAaA;;AACA;;AACA;;AACA;;AACA;;AAjBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAcO,eAAeA,aAAf,CACLC,UADK,
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/unlockAccount.ts"],"names":["unlockAccount","authClient","options","flow","enabledFeatures","autoRemediate","IdxFeature","ACCOUNT_UNLOCK","AuthSdkError"],"mappings":";;;;;;;;AAaA;;AACA;;AACA;;AACA;;AACA;;AAjBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAcO,eAAeA,aAAf,CACLC,UADK,EAC6BC,OAA6B,GAAG,EAD7D,EAEoB;AACzBA,EAAAA,OAAO,CAACC,IAAR,GAAe,eAAf,CADyB,CAGzB;;AACA,MAAI,CAAC,gDAA0BF,UAA1B,CAAL,EAA4C;AAC1C,UAAM;AAAEG,MAAAA;AAAF,QAAsB,MAAM,wCAAiBH,UAAjB,EAA6B,EAAE,GAAGC,OAAL;AAAcG,MAAAA,aAAa,EAAE;AAA7B,KAA7B,CAAlC;;AACA,QAAID,eAAe,IAAI,CAAC,uBAAAA,eAAe,MAAf,CAAAA,eAAe,EAAUE,kBAAWC,cAArB,CAAvC,EAA6E;AAC3E,YAAM,IAAIC,oBAAJ,CACJ,uFADI,CAAN;AAGD;AACF;;AAED,SAAO,cAAIP,UAAJ,EAAgB,EAAE,GAAGC;AAAL,GAAhB,CAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { run } from './run';\nimport { hasSavedInteractionHandle } from './transactionMeta';\nimport { startTransaction } from './startTransaction';\nimport { AuthSdkError } from '../errors';\nimport { \n OktaAuthIdxInterface, \n AccountUnlockOptions, \n IdxTransaction,\n IdxFeature,\n} from '../types';\n\nexport async function unlockAccount(\n authClient: OktaAuthIdxInterface, options: AccountUnlockOptions = {}\n): Promise<IdxTransaction> {\n options.flow = 'unlockAccount';\n\n // Only check at the beginning of the transaction\n if (!hasSavedInteractionHandle(authClient)) {\n const { enabledFeatures } = await startTransaction(authClient, { ...options, autoRemediate: false });\n if (enabledFeatures && !enabledFeatures.includes(IdxFeature.ACCOUNT_UNLOCK)) {\n throw new AuthSdkError(\n 'Self Service Account Unlock is not supported based on your current org configuration.'\n );\n }\n }\n\n return run(authClient, { ...options });\n}\n"],"file":"unlockAccount.js"}
|
package/cjs/idx/util.js
CHANGED
|
@@ -38,8 +38,6 @@ var remediators = _interopRequireWildcard(require("./remediators"));
|
|
|
38
38
|
|
|
39
39
|
var _GenericRemediator = require("./remediators/GenericRemediator");
|
|
40
40
|
|
|
41
|
-
var _proceed = require("./proceed");
|
|
42
|
-
|
|
43
41
|
var _types = require("./types");
|
|
44
42
|
|
|
45
43
|
var _idxJs = require("./types/idx-js");
|
|
@@ -98,7 +96,7 @@ function getMessagesFromIdxRemediationValue(value) {
|
|
|
98
96
|
}, []);
|
|
99
97
|
}
|
|
100
98
|
|
|
101
|
-
function getMessagesFromResponse(idxResponse) {
|
|
99
|
+
function getMessagesFromResponse(idxResponse, options) {
|
|
102
100
|
var _rawIdxState$messages, _context;
|
|
103
101
|
|
|
104
102
|
let messages = [];
|
|
@@ -112,13 +110,17 @@ function getMessagesFromResponse(idxResponse) {
|
|
|
112
110
|
if (globalMessages) {
|
|
113
111
|
messages = [...messages, ...globalMessages];
|
|
114
112
|
} // Handle field messages for current flow
|
|
113
|
+
// Preserve existing logic for general cases, remove in the next major version
|
|
114
|
+
// Follow ion response format for top level messages when useGenericRemediator is true
|
|
115
115
|
|
|
116
116
|
|
|
117
|
-
|
|
118
|
-
|
|
117
|
+
if (!options.useGenericRemediator) {
|
|
118
|
+
for (let remediation of neededToProceed) {
|
|
119
|
+
const fieldMessages = getMessagesFromIdxRemediationValue(remediation.value);
|
|
119
120
|
|
|
120
|
-
|
|
121
|
-
|
|
121
|
+
if (fieldMessages) {
|
|
122
|
+
messages = [...messages, ...fieldMessages];
|
|
123
|
+
}
|
|
122
124
|
}
|
|
123
125
|
} // API may return identical error on same field, filter by i18n key
|
|
124
126
|
|
|
@@ -201,7 +203,7 @@ function getAvailableSteps(authClient, idxResponse, useGenericRemediator) {
|
|
|
201
203
|
res.push({
|
|
202
204
|
name,
|
|
203
205
|
action: async params => {
|
|
204
|
-
return
|
|
206
|
+
return authClient.idx.proceed({
|
|
205
207
|
actions: [{
|
|
206
208
|
name,
|
|
207
209
|
params
|
|
@@ -333,7 +335,7 @@ function getNextStep(authClient, remediator, idxResponse) {
|
|
|
333
335
|
};
|
|
334
336
|
}
|
|
335
337
|
|
|
336
|
-
function handleIdxError(authClient, e,
|
|
338
|
+
function handleIdxError(authClient, e, options = {}) {
|
|
337
339
|
// Handle idx messages
|
|
338
340
|
let idxResponse = (0, _idxJs.isIdxResponse)(e) ? e : null;
|
|
339
341
|
|
|
@@ -346,23 +348,16 @@ function handleIdxError(authClient, e, remediator) {
|
|
|
346
348
|
requestDidSucceed: false
|
|
347
349
|
};
|
|
348
350
|
const terminal = isTerminalResponse(idxResponse);
|
|
349
|
-
const
|
|
350
|
-
|
|
351
|
-
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
terminal
|
|
355
|
-
|
|
356
|
-
|
|
357
|
-
|
|
358
|
-
|
|
359
|
-
|
|
360
|
-
idxResponse,
|
|
361
|
-
messages,
|
|
362
|
-
...(nextStep && {
|
|
363
|
-
nextStep
|
|
364
|
-
})
|
|
365
|
-
};
|
|
366
|
-
}
|
|
351
|
+
const remediator = getRemediator(idxResponse.neededToProceed, {}, options);
|
|
352
|
+
const nextStep = remediator && getNextStep(authClient, remediator, idxResponse);
|
|
353
|
+
return {
|
|
354
|
+
idxResponse,
|
|
355
|
+
...(terminal && {
|
|
356
|
+
terminal
|
|
357
|
+
}),
|
|
358
|
+
...(!terminal && nextStep && {
|
|
359
|
+
nextStep
|
|
360
|
+
})
|
|
361
|
+
};
|
|
367
362
|
}
|
|
368
363
|
//# sourceMappingURL=util.js.map
|
package/cjs/idx/util.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/idx/util.ts"],"names":["isTerminalResponse","idxResponse","neededToProceed","interactionCode","length","canSkipFn","some","name","canResendFn","actions","actionName","getMessagesFromIdxRemediationValue","value","Array","isArray","messages","form","messagesFromForm","options","optionValues","forEach","option","messagesFromOptions","getMessagesFromResponse","rawIdxState","globalMessages","message","remediation","fieldMessages","seen","filtered","key","i18n","getEnabledFeatures","res","push","IdxFeature","PASSWORD_RECOVERY","REGISTRATION","SOCIAL_IDP","ACCOUNT_UNLOCK","getAvailableSteps","authClient","useGenericRemediator","remediatorMap","remediators","map","remediatorClass","remediationName","T","getRemediatorClass","remediator","getNextStep","context","action","params","filterValuesForRemediation","values","remediations","r","valuesForRemediation","entry","undefined","GenericRemediator","getRemediator","idxRemediations","step","remediatorCandidates","isRemeditionInFlow","canRemediate","nextStep","canSkip","canResend","handleIdxError","e","requestDidSucceed","terminal"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;AACA;;AAEA;;AACA;;AACA;;AACA;;;;;;AAGO,SAASA,kBAAT,CAA4BC,WAA5B,EAAsD;AAC3D,QAAM;AAAEC,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA7C;AACA,SAAO,CAACC,eAAe,CAACE,MAAjB,IAA2B,CAACD,eAAnC;AACD;;AAEM,SAASE,SAAT,CAAmBJ,WAAnB,EAA6C;AAClD,SAAOA,WAAW,CAACC,eAAZ,CAA4BI,IAA5B,CAAiC,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,MAAxD,CAAP;AACD;;AAEM,SAASC,WAAT,CAAqBP,WAArB,EAA+C;AACpD,SAAO,mBAAYA,WAAW,CAACQ,OAAxB,EAAiCH,IAAjC,CAAsCI,UAAU,IAAI,uBAAAA,UAAU,MAAV,CAAAA,UAAU,EAAU,QAAV,CAA9D,CAAP;AACD;;AAEM,SAASC,kCAAT,CACLC,KADK,EAEqB;AAC1B,MAAI,CAACA,KAAD,IAAU,CAACC,KAAK,CAACC,OAAN,CAAcF,KAAd,CAAf,EAAqC;AACnC;AACD;;AACD,SAAO,qBAAAA,KAAK,MAAL,CAAAA,KAAK,EAAQ,CAACG,QAAD,EAAWH,KAAX,KAAqB;AACvC,QAAIA,KAAK,CAACG,QAAV,EAAoB;AAClBA,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGH,KAAK,CAACG,QAAN,CAAeH,KAAhC,CAAX;AACD;;AACD,QAAIA,KAAK,CAACI,IAAV,EAAgB;AACd,YAAMC,gBAAgB,GAAGN,kCAAkC,CAACC,KAAK,CAACI,IAAN,CAAWJ,KAAZ,CAAlC,IAAwD,EAAjF;AACAG,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGE,gBAAjB,CAAX;AACD;;AACD,QAAIL,KAAK,CAACM,OAAV,EAAmB;AACjB,UAAIC,YAAY,GAAG,EAAnB;AACAP,MAAAA,KAAK,CAACM,OAAN,CAAcE,OAAd,CAAsBC,MAAM,IAAI;AAC9B,YAAI,CAACA,MAAM,CAACT,KAAR,IAAiB,OAAOS,MAAM,CAACT,KAAd,KAAwB,QAA7C,EAAuD;AACrD;AACD;;AACDO,QAAAA,YAAY,GAAG,CAAC,GAAGA,YAAJ,EAAkBE,MAAM,CAACT,KAAzB,CAAf;AACD,OALD;AAMA,YAAMU,mBAAmB,GAAGX,kCAAkC,CAACQ,YAAD,CAAlC,IAAoD,EAAhF;AACAJ,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGO,mBAAjB,CAAX;AACD;;AACD,WAAOP,QAAP;AACD,GApBW,EAoBT,EApBS,CAAZ;AAqBD;;AAEM,SAASQ,uBAAT,CAAiCtB,WAAjC,EAAyE;AAAA;;AAC9E,MAAIc,QAAsB,GAAG,EAA7B;AACA,QAAM;AAAES,IAAAA,WAAF;AAAetB,IAAAA;AAAf,MAAmCD,WAAzC,CAF8E,CAI9E;;AACA,QAAMwB,cAAc,4BAAGD,WAAW,CAACT,QAAf,0DAAG,mDAAsBH,KAAtB,iBAAgCc,OAAO,IAAIA,OAA3C,CAAvB;;AACA,MAAID,cAAJ,EAAoB;AAClBV,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGU,cAAjB,CAAX;AACD,GAR6E,CAU9E;;;AACA,OAAK,IAAIE,WAAT,IAAwBzB,eAAxB,EAAyC;AACvC,UAAM0B,aAAa,GAAGjB,kCAAkC,CAACgB,WAAW,CAACf,KAAb,CAAxD;;AACA,QAAIgB,aAAJ,EAAmB;AACjBb,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGa,aAAjB,CAAX;AACD;AACF,GAhB6E,CAkB9E;;;AACA,QAAMC,IAAI,GAAG,EAAb;AACAd,EAAAA,QAAQ,GAAG,qBAAAA,QAAQ,MAAR,CAAAA,QAAQ,EAAQ,CAACe,QAAD,EAAWJ,OAAX,KAAuB;AAAA;;AAChD,UAAMK,GAAG,oBAAGL,OAAO,CAACM,IAAX,kDAAG,cAAcD,GAA1B;;AACA,QAAIA,GAAG,IAAIF,IAAI,CAACE,GAAD,CAAf,EAAsB;AACpB,aAAOD,QAAP;AACD;;AACDD,IAAAA,IAAI,CAACE,GAAD,CAAJ,GAAYL,OAAZ;AACAI,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAcJ,OAAd,CAAX;AACA,WAAOI,QAAP;AACD,GARkB,EAQhB,EARgB,CAAnB;AASA,SAAOf,QAAP;AACD;;AAGM,SAASkB,kBAAT,CAA4BhC,WAA5B,EAAoE;AACzE,QAAMiC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAEzB,IAAAA,OAAF;AAAWP,IAAAA;AAAX,MAA+BD,WAArC;;AAEA,MAAIQ,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3CyB,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAInC,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxE2B,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWE,YAApB;AACD;;AAED,MAAIpC,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/D2B,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWG,UAApB;AACD;;AAED,MAAIrC,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,gBAA5C,CAAJ,EAAmE;AACjE2B,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWI,cAApB;AACD;;AAED,SAAON,GAAP;AACD;;AAEM,SAASO,iBAAT,CACLC,UADK,EAELzC,WAFK,EAGL0C,oBAHK,EAIO;AAAA;;AACZ,QAAMT,GAAe,GAAG,EAAxB;AAEA,QAAMU,aAAoD,GAAG,sDAAcC,WAAd,mBACnD,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChC;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GAP0D,EAOxD,EAPwD,CAA7D;;AASA,OAAK,IAAInB,WAAT,IAAwB1B,WAAW,CAACC,eAApC,EAAqD;AACnD,UAAM+C,CAAC,GAAGC,kBAAkB,CAACvB,WAAD,EAAc;AAAEgB,MAAAA,oBAAF;AAAwBE,MAAAA,WAAW,EAAED;AAArC,KAAd,CAA5B;;AACA,QAAIK,CAAJ,EAAO;AACL,YAAME,UAAsB,GAAG,IAAIF,CAAJ,CAAMtB,WAAN,CAA/B;AACAO,MAAAA,GAAG,CAACC,IAAJ,CAAUgB,UAAU,CAACC,WAAX,CAAuBV,UAAvB,EAAmCzC,WAAW,CAACoD,OAA/C,CAAV;AACD;AACF;;AAED,OAAK,MAAM,CAAC9C,IAAD,CAAX,IAAqB,sBAAgBN,WAAW,CAACQ,OAAZ,IAAuB,EAAvC,CAArB,EAAkE;AAChEyB,IAAAA,GAAG,CAACC,IAAJ,CAAS;AACP5B,MAAAA,IADO;AAEP+C,MAAAA,MAAM,EAAE,MAAOC,MAAP,IAAmB;AACzB,eAAO,sBAAQb,UAAR,EAAoB;AACzBjC,UAAAA,OAAO,EAAE,CAAC;AAAEF,YAAAA,IAAF;AAAQgD,YAAAA;AAAR,WAAD;AADgB,SAApB,CAAP;AAGD;AANM,KAAT;AAQD;;AAED,SAAOrB,GAAP;AACD;;AAEM,SAASsB,0BAAT,CACLvD,WADK,EAEL+C,eAFK,EAGLS,MAHK,EAIc;AAAA;;AACnB,QAAMC,YAAY,GAAGzD,WAAW,CAACC,eAAZ,IAA+B,EAApD;AACA,QAAMyB,WAAW,GAAG,mBAAA+B,YAAY,MAAZ,CAAAA,YAAY,EAAMC,CAAC,IAAIA,CAAC,CAACpD,IAAF,KAAWyC,eAAtB,CAAhC;;AACA,MAAI,CAACrB,WAAL,EAAkB;AAChB;AACA,oBAAM,gCAA+BqB,eAAgB,kCAArD;AACA,WAAOS,MAAP;AACD,GAPkB,CASnB;;;AACA,QAAMG,oBAAoB,GAAG,iCAAAjC,WAAW,CAACf,KAAZ,kBAA0B,CAACsB,GAAD,EAAM2B,KAAN,KAAgB;AACrE,UAAM;AAAEtD,MAAAA,IAAF;AAAQK,MAAAA;AAAR,QAAkBiD,KAAxB;;AACA,QAAItD,IAAI,KAAK,aAAb,EAA4B;AAC1B2B,MAAAA,GAAG,CAAC3B,IAAD,CAAH,GAAYK,KAAZ,CAD0B,CACP;AACpB,KAFD,MAEO;AACLsB,MAAAA,GAAG,CAAC3B,IAAD,CAAH,GAAYkD,MAAM,CAAClD,IAAD,CAAlB,CADK,CACqB;AAC3B;;AACD,WAAO2B,GAAP;AACD,GAR4B,EAQ1B,EAR0B,CAA7B;AASA,SAAO0B,oBAAP;AACD;;AAED,SAASV,kBAAT,CAA4BvB,WAA5B,EAAyDT,OAAzD,EAAoF;AAClF,QAAM;AAAEyB,IAAAA,oBAAF;AAAwBE,IAAAA;AAAxB,MAAwC3B,OAA9C;;AAEA,MAAI,CAACS,WAAL,EAAkB;AAChB,WAAOmC,SAAP;AACD;;AAED,MAAInB,oBAAJ,EAA0B;AACxB,WAAOoB,oCAAP;AACD,GATiF,CAWlF;;;AACA,SAAOlB,WAAW,CAAElB,WAAW,CAACpB,IAAd,CAAlB;AACD,C,CAED;AACA;;;AACO,SAASyD,aAAT,CACLC,eADK,EAELR,MAFK,EAGLvC,OAHK,EAImB;AACxB;AACA,QAAM2B,WAAW,GAAG3B,OAAO,CAAC2B,WAA5B;AACA,QAAMF,oBAAoB,GAAGzB,OAAO,CAACyB,oBAArC;AAEA,MAAIQ,UAAJ,CALwB,CAMxB;;AACA,MAAIjC,OAAO,CAACgD,IAAZ,EAAkB;AAChB;AACA,UAAMvC,WAAW,GAAG,mBAAAsC,eAAe,MAAf,CAAAA,eAAe,EAAM,CAAC;AAAE1D,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAKW,OAAO,CAACgD,IAArC,CAAnC;;AACA,QAAIvC,WAAJ,EAAiB;AACf,YAAMsB,CAAC,GAAGC,kBAAkB,CAACvB,WAAD,EAAcT,OAAd,CAA5B;AACA,aAAO+B,CAAC,GAAG,IAAIA,CAAJ,CAAMtB,WAAN,EAAmB8B,MAAnB,EAA2BvC,OAA3B,CAAH,GAAyC4C,SAAjD;AACD,KAHD,MAGO;AACL;AACA,sBAAM,SAAQ5C,OAAO,CAACgD,IAAK,kCAA3B;AACA;AACD;AACF;;AAED,QAAMC,oBAAkC,GAAG,EAA3C;;AACA,MAAIxB,oBAAJ,EAA0B;AACxB;AACAwB,IAAAA,oBAAoB,CAAChC,IAArB,CAA0B,IAAI4B,oCAAJ,CAAsBE,eAAe,CAAC,CAAD,CAArC,EAA0CR,MAA1C,EAAkDvC,OAAlD,CAA1B;AACD,GAHD,MAGO;AACL,SAAK,IAAIS,WAAT,IAAwBsC,eAAxB,EAAyC;AAAA;;AACvC,YAAMG,kBAAkB,GAAG,sDAAYvB,WAAZ,mBAA4ClB,WAAW,CAACpB,IAAxD,CAA3B;;AACA,UAAI,CAAC6D,kBAAL,EAAyB;AACvB;AACD,OAJsC,CAMvC;;;AACA,YAAMnB,CAAC,GAAGC,kBAAkB,CAACvB,WAAD,EAAcT,OAAd,CAA5B;AACAiC,MAAAA,UAAU,GAAG,IAAIF,CAAJ,CAAMtB,WAAN,EAAmB8B,MAAnB,EAA2BvC,OAA3B,CAAb;;AACA,UAAIiC,UAAU,CAACkB,YAAX,EAAJ,EAA+B;AAC7B;AACA,eAAOlB,UAAP;AACD,OAZsC,CAavC;AACA;;;AACAgB,MAAAA,oBAAoB,CAAChC,IAArB,CAA0BgB,UAA1B;AACD;AACF;;AAED,SAAOgB,oBAAoB,CAAC,CAAD,CAA3B;AACD;;AAGM,SAASf,WAAT,CACLV,UADK,EAC0BS,UAD1B,EACkDlD,WADlD,EAEK;AACV,QAAMqE,QAAQ,GAAGnB,UAAU,CAACC,WAAX,CAAuBV,UAAvB,EAAmCzC,WAAW,CAACoD,OAA/C,CAAjB;AACA,QAAMkB,OAAO,GAAGlE,SAAS,CAACJ,WAAD,CAAzB;AACA,QAAMuE,SAAS,GAAGhE,WAAW,CAACP,WAAD,CAA7B;AACA,SAAO,EACL,GAAGqE,QADE;AAEL,QAAIC,OAAO,IAAI;AAACA,MAAAA;AAAD,KAAf,CAFK;AAGL,QAAIC,SAAS,IAAI;AAACA,MAAAA;AAAD,KAAjB;AAHK,GAAP;AAKD;;AAEM,SAASC,cAAT,CAAwB/B,UAAxB,EAAuDgC,CAAvD,EAA0DvB,UAA1D,EAA4F;AACjG;AACA,MAAIlD,WAAW,GAAG,0BAAcyE,CAAd,IAAmBA,CAAnB,GAAuB,IAAzC;;AACA,MAAI,CAACzE,WAAL,EAAkB;AAChB;AACA,UAAMyE,CAAN;AACD;;AACDzE,EAAAA,WAAW,GAAG,EACZ,GAAGA,WADS;AAEZ0E,IAAAA,iBAAiB,EAAE;AAFP,GAAd;AAIA,QAAMC,QAAQ,GAAG5E,kBAAkB,CAACC,WAAD,CAAnC;AACA,QAAMc,QAAQ,GAAGQ,uBAAuB,CAACtB,WAAD,CAAxC;;AACA,MAAI2E,QAAJ,EAAc;AACZ,WAAO;AAAE3E,MAAAA,WAAF;AAAe2E,MAAAA,QAAf;AAAyB7D,MAAAA;AAAzB,KAAP;AACD,GAFD,MAEO;AACL,UAAMuD,QAAQ,GAAGnB,UAAU,IAAIC,WAAW,CAACV,UAAD,EAAaS,UAAb,EAAyBlD,WAAzB,CAA1C;AACA,WAAO;AACLA,MAAAA,WADK;AAELc,MAAAA,QAFK;AAGL,UAAIuD,QAAQ,IAAI;AAAEA,QAAAA;AAAF,OAAhB;AAHK,KAAP;AAKD;AACF","sourcesContent":["import { warn } from '../util';\nimport * as remediators from './remediators';\nimport { RemediationValues, Remediator, RemediatorConstructor } from './remediators';\nimport { GenericRemediator } from './remediators/GenericRemediator';\nimport { proceed } from './proceed';\nimport { IdxFeature, NextStep, RemediateOptions, RemediationResponse } from './types';\nimport { IdxMessage, IdxRemediation, IdxRemediationValue, IdxResponse, isIdxResponse } from './types/idx-js';\nimport { OktaAuthInterface } from '../types';\n\nexport function isTerminalResponse(idxResponse: IdxResponse) {\n const { neededToProceed, interactionCode } = idxResponse;\n return !neededToProceed.length && !interactionCode;\n}\n\nexport function canSkipFn(idxResponse: IdxResponse) {\n return idxResponse.neededToProceed.some(({ name }) => name === 'skip');\n}\n\nexport function canResendFn(idxResponse: IdxResponse) {\n return Object.keys(idxResponse.actions).some(actionName => actionName.includes('resend'));\n}\n\nexport function getMessagesFromIdxRemediationValue(\n value?: IdxRemediationValue[]\n): IdxMessage[] | undefined {\n if (!value || !Array.isArray(value)) {\n return;\n }\n return value.reduce((messages, value) => {\n if (value.messages) {\n messages = [...messages, ...value.messages.value] as never;\n }\n if (value.form) {\n const messagesFromForm = getMessagesFromIdxRemediationValue(value.form.value) || [];\n messages = [...messages, ...messagesFromForm] as never;\n } \n if (value.options) {\n let optionValues = [];\n value.options.forEach(option => {\n if (!option.value || typeof option.value === 'string') {\n return;\n }\n optionValues = [...optionValues, option.value] as never;\n });\n const messagesFromOptions = getMessagesFromIdxRemediationValue(optionValues) || [];\n messages = [...messages, ...messagesFromOptions] as never;\n }\n return messages;\n }, []);\n}\n\nexport function getMessagesFromResponse(idxResponse: IdxResponse): IdxMessage[] {\n let messages: IdxMessage[] = [];\n const { rawIdxState, neededToProceed } = idxResponse;\n\n // Handle global messages\n const globalMessages = rawIdxState.messages?.value.map(message => message);\n if (globalMessages) {\n messages = [...messages, ...globalMessages] as never;\n }\n\n // Handle field messages for current flow\n for (let remediation of neededToProceed) {\n const fieldMessages = getMessagesFromIdxRemediationValue(remediation.value);\n if (fieldMessages) {\n messages = [...messages, ...fieldMessages] as never;\n }\n }\n\n // API may return identical error on same field, filter by i18n key\n const seen = {};\n messages = messages.reduce((filtered, message) => {\n const key = message.i18n?.key;\n if (key && seen[key]) {\n return filtered;\n }\n seen[key] = message;\n filtered = [...filtered, message] as never;\n return filtered;\n }, []);\n return messages;\n}\n\n\nexport function getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n const res = [];\n const { actions, neededToProceed } = idxResponse;\n\n if (actions['currentAuthenticator-recover']) {\n res.push(IdxFeature.PASSWORD_RECOVERY as never);\n }\n\n if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n res.push(IdxFeature.REGISTRATION as never);\n }\n\n if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n res.push(IdxFeature.SOCIAL_IDP as never);\n }\n\n if (neededToProceed.some(({ name }) => name === 'unlock-account')) {\n res.push(IdxFeature.ACCOUNT_UNLOCK as never);\n }\n\n return res;\n}\n\nexport function getAvailableSteps(\n authClient: OktaAuthInterface, \n idxResponse: IdxResponse, \n useGenericRemediator?: boolean\n): NextStep[] {\n const res: NextStep[] = [];\n\n const remediatorMap: Record<string, RemediatorConstructor> = Object.values(remediators)\n .reduce((map, remediatorClass) => {\n // Only add concrete subclasses to the map\n if (remediatorClass.remediationName) {\n map[remediatorClass.remediationName] = remediatorClass;\n }\n return map;\n }, {});\n\n for (let remediation of idxResponse.neededToProceed) {\n const T = getRemediatorClass(remediation, { useGenericRemediator, remediators: remediatorMap });\n if (T) {\n const remediator: Remediator = new T(remediation);\n res.push (remediator.getNextStep(authClient, idxResponse.context) as never);\n }\n }\n\n for (const [name] of Object.entries((idxResponse.actions || {}))) {\n res.push({ \n name, \n action: async (params?) => {\n return proceed(authClient, { \n actions: [{ name, params }] \n });\n }\n });\n }\n\n return res;\n}\n\nexport function filterValuesForRemediation(\n idxResponse: IdxResponse,\n remediationName: string,\n values: RemediationValues\n): RemediationValues {\n const remediations = idxResponse.neededToProceed || [];\n const remediation = remediations.find(r => r.name === remediationName);\n if (!remediation) {\n // step was specified, but remediation was not found. This is unexpected!\n warn(`filterValuesForRemediation: \"${remediationName}\" did not match any remediations`);\n return values;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const valuesForRemediation = remediation.value!.reduce((res, entry) => {\n const { name, value } = entry;\n if (name === 'stateHandle') {\n res[name] = value; // use the stateHandle value in the remediation\n } else {\n res[name] = values[name]; // use the value provided by the caller\n }\n return res;\n }, {});\n return valuesForRemediation;\n}\n\nfunction getRemediatorClass(remediation: IdxRemediation, options: RemediateOptions) {\n const { useGenericRemediator, remediators } = options;\n \n if (!remediation) {\n return undefined;\n }\n\n if (useGenericRemediator) {\n return GenericRemediator;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return remediators![remediation.name];\n}\n\n// Return first match idxRemediation in allowed remediators\n// eslint-disable-next-line complexity\nexport function getRemediator(\n idxRemediations: IdxRemediation[],\n values: RemediationValues,\n options: RemediateOptions,\n): Remediator | undefined {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const remediators = options.remediators!;\n const useGenericRemediator = options.useGenericRemediator;\n\n let remediator: Remediator;\n // remediation name specified by caller - fast-track remediator lookup \n if (options.step) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const remediation = idxRemediations.find(({ name }) => name === options.step)!;\n if (remediation) {\n const T = getRemediatorClass(remediation, options);\n return T ? new T(remediation, values, options) : undefined;\n } else {\n // step was specified, but remediation was not found. This is unexpected!\n warn(`step \"${options.step}\" did not match any remediations`);\n return;\n }\n }\n\n const remediatorCandidates: Remediator[] = [];\n if (useGenericRemediator) {\n // always pick the first remediation for when use GenericRemediator\n remediatorCandidates.push(new GenericRemediator(idxRemediations[0], values, options));\n } else {\n for (let remediation of idxRemediations) {\n const isRemeditionInFlow = Object.keys(remediators as object).includes(remediation.name);\n if (!isRemeditionInFlow) {\n continue;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const T = getRemediatorClass(remediation, options)!;\n remediator = new T(remediation, values, options);\n if (remediator.canRemediate()) {\n // found the remediator\n return remediator;\n }\n // remediator cannot handle the current values\n // maybe return for next step\n remediatorCandidates.push(remediator); \n }\n }\n \n return remediatorCandidates[0];\n}\n\n\nexport function getNextStep(\n authClient: OktaAuthInterface, remediator: Remediator, idxResponse: IdxResponse\n): NextStep {\n const nextStep = remediator.getNextStep(authClient, idxResponse.context);\n const canSkip = canSkipFn(idxResponse);\n const canResend = canResendFn(idxResponse);\n return {\n ...nextStep,\n ...(canSkip && {canSkip}),\n ...(canResend && {canResend}),\n };\n}\n\nexport function handleIdxError(authClient: OktaAuthInterface, e, remediator?): RemediationResponse {\n // Handle idx messages\n let idxResponse = isIdxResponse(e) ? e : null;\n if (!idxResponse) {\n // Thrown error terminates the interaction with idx\n throw e;\n }\n idxResponse = {\n ...idxResponse,\n requestDidSucceed: false\n };\n const terminal = isTerminalResponse(idxResponse);\n const messages = getMessagesFromResponse(idxResponse);\n if (terminal) {\n return { idxResponse, terminal, messages };\n } else {\n const nextStep = remediator && getNextStep(authClient, remediator, idxResponse);\n return { \n idxResponse,\n messages, \n ...(nextStep && { nextStep }) \n };\n }\n}\n"],"file":"util.js"}
|
|
1
|
+
{"version":3,"sources":["../../../lib/idx/util.ts"],"names":["isTerminalResponse","idxResponse","neededToProceed","interactionCode","length","canSkipFn","some","name","canResendFn","actions","actionName","getMessagesFromIdxRemediationValue","value","Array","isArray","messages","form","messagesFromForm","options","optionValues","forEach","option","messagesFromOptions","getMessagesFromResponse","rawIdxState","globalMessages","message","useGenericRemediator","remediation","fieldMessages","seen","filtered","key","i18n","getEnabledFeatures","res","push","IdxFeature","PASSWORD_RECOVERY","REGISTRATION","SOCIAL_IDP","ACCOUNT_UNLOCK","getAvailableSteps","authClient","remediatorMap","remediators","map","remediatorClass","remediationName","T","getRemediatorClass","remediator","getNextStep","context","action","params","idx","proceed","filterValuesForRemediation","values","remediations","r","valuesForRemediation","entry","undefined","GenericRemediator","getRemediator","idxRemediations","step","remediatorCandidates","isRemeditionInFlow","canRemediate","nextStep","canSkip","canResend","handleIdxError","e","requestDidSucceed","terminal"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;AACA;;AAEA;;AACA;;AACA;;;;;;AAGO,SAASA,kBAAT,CAA4BC,WAA5B,EAAsD;AAC3D,QAAM;AAAEC,IAAAA,eAAF;AAAmBC,IAAAA;AAAnB,MAAuCF,WAA7C;AACA,SAAO,CAACC,eAAe,CAACE,MAAjB,IAA2B,CAACD,eAAnC;AACD;;AAEM,SAASE,SAAT,CAAmBJ,WAAnB,EAA6C;AAClD,SAAOA,WAAW,CAACC,eAAZ,CAA4BI,IAA5B,CAAiC,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,MAAxD,CAAP;AACD;;AAEM,SAASC,WAAT,CAAqBP,WAArB,EAA+C;AACpD,SAAO,mBAAYA,WAAW,CAACQ,OAAxB,EAAiCH,IAAjC,CAAsCI,UAAU,IAAI,uBAAAA,UAAU,MAAV,CAAAA,UAAU,EAAU,QAAV,CAA9D,CAAP;AACD;;AAEM,SAASC,kCAAT,CACLC,KADK,EAEqB;AAC1B,MAAI,CAACA,KAAD,IAAU,CAACC,KAAK,CAACC,OAAN,CAAcF,KAAd,CAAf,EAAqC;AACnC;AACD;;AACD,SAAO,qBAAAA,KAAK,MAAL,CAAAA,KAAK,EAAQ,CAACG,QAAD,EAAWH,KAAX,KAAqB;AACvC,QAAIA,KAAK,CAACG,QAAV,EAAoB;AAClBA,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGH,KAAK,CAACG,QAAN,CAAeH,KAAhC,CAAX;AACD;;AACD,QAAIA,KAAK,CAACI,IAAV,EAAgB;AACd,YAAMC,gBAAgB,GAAGN,kCAAkC,CAACC,KAAK,CAACI,IAAN,CAAWJ,KAAZ,CAAlC,IAAwD,EAAjF;AACAG,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGE,gBAAjB,CAAX;AACD;;AACD,QAAIL,KAAK,CAACM,OAAV,EAAmB;AACjB,UAAIC,YAAY,GAAG,EAAnB;AACAP,MAAAA,KAAK,CAACM,OAAN,CAAcE,OAAd,CAAsBC,MAAM,IAAI;AAC9B,YAAI,CAACA,MAAM,CAACT,KAAR,IAAiB,OAAOS,MAAM,CAACT,KAAd,KAAwB,QAA7C,EAAuD;AACrD;AACD;;AACDO,QAAAA,YAAY,GAAG,CAAC,GAAGA,YAAJ,EAAkBE,MAAM,CAACT,KAAzB,CAAf;AACD,OALD;AAMA,YAAMU,mBAAmB,GAAGX,kCAAkC,CAACQ,YAAD,CAAlC,IAAoD,EAAhF;AACAJ,MAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGO,mBAAjB,CAAX;AACD;;AACD,WAAOP,QAAP;AACD,GApBW,EAoBT,EApBS,CAAZ;AAqBD;;AAEM,SAASQ,uBAAT,CAAiCtB,WAAjC,EAA2DiB,OAA3D,EAA8F;AAAA;;AACnG,MAAIH,QAAsB,GAAG,EAA7B;AACA,QAAM;AAAES,IAAAA,WAAF;AAAetB,IAAAA;AAAf,MAAmCD,WAAzC,CAFmG,CAInG;;AACA,QAAMwB,cAAc,4BAAGD,WAAW,CAACT,QAAf,0DAAG,mDAAsBH,KAAtB,iBAAgCc,OAAO,IAAIA,OAA3C,CAAvB;;AACA,MAAID,cAAJ,EAAoB;AAClBV,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGU,cAAjB,CAAX;AACD,GARkG,CAUnG;AACA;AACA;;;AACA,MAAI,CAACP,OAAO,CAACS,oBAAb,EAAmC;AACjC,SAAK,IAAIC,WAAT,IAAwB1B,eAAxB,EAAyC;AACvC,YAAM2B,aAAa,GAAGlB,kCAAkC,CAACiB,WAAW,CAAChB,KAAb,CAAxD;;AACA,UAAIiB,aAAJ,EAAmB;AACjBd,QAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAc,GAAGc,aAAjB,CAAX;AACD;AACF;AACF,GApBkG,CAsBnG;;;AACA,QAAMC,IAAI,GAAG,EAAb;AACAf,EAAAA,QAAQ,GAAG,qBAAAA,QAAQ,MAAR,CAAAA,QAAQ,EAAQ,CAACgB,QAAD,EAAWL,OAAX,KAAuB;AAAA;;AAChD,UAAMM,GAAG,oBAAGN,OAAO,CAACO,IAAX,kDAAG,cAAcD,GAA1B;;AACA,QAAIA,GAAG,IAAIF,IAAI,CAACE,GAAD,CAAf,EAAsB;AACpB,aAAOD,QAAP;AACD;;AACDD,IAAAA,IAAI,CAACE,GAAD,CAAJ,GAAYN,OAAZ;AACAK,IAAAA,QAAQ,GAAG,CAAC,GAAGA,QAAJ,EAAcL,OAAd,CAAX;AACA,WAAOK,QAAP;AACD,GARkB,EAQhB,EARgB,CAAnB;AASA,SAAOhB,QAAP;AACD;;AAGM,SAASmB,kBAAT,CAA4BjC,WAA5B,EAAoE;AACzE,QAAMkC,GAAG,GAAG,EAAZ;AACA,QAAM;AAAE1B,IAAAA,OAAF;AAAWP,IAAAA;AAAX,MAA+BD,WAArC;;AAEA,MAAIQ,OAAO,CAAC,8BAAD,CAAX,EAA6C;AAC3C0B,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWC,iBAApB;AACD;;AAED,MAAIpC,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,uBAA5C,CAAJ,EAA0E;AACxE4B,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWE,YAApB;AACD;;AAED,MAAIrC,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,cAA5C,CAAJ,EAAiE;AAC/D4B,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWG,UAApB;AACD;;AAED,MAAItC,eAAe,CAACI,IAAhB,CAAqB,CAAC;AAAEC,IAAAA;AAAF,GAAD,KAAcA,IAAI,KAAK,gBAA5C,CAAJ,EAAmE;AACjE4B,IAAAA,GAAG,CAACC,IAAJ,CAASC,kBAAWI,cAApB;AACD;;AAED,SAAON,GAAP;AACD;;AAEM,SAASO,iBAAT,CACLC,UADK,EAEL1C,WAFK,EAGL0B,oBAHK,EAIO;AAAA;;AACZ,QAAMQ,GAAe,GAAG,EAAxB;AAEA,QAAMS,aAAoD,GAAG,sDAAcC,WAAd,mBACnD,CAACC,GAAD,EAAMC,eAAN,KAA0B;AAChC;AACA,QAAIA,eAAe,CAACC,eAApB,EAAqC;AACnCF,MAAAA,GAAG,CAACC,eAAe,CAACC,eAAjB,CAAH,GAAuCD,eAAvC;AACD;;AACD,WAAOD,GAAP;AACD,GAP0D,EAOxD,EAPwD,CAA7D;;AASA,OAAK,IAAIlB,WAAT,IAAwB3B,WAAW,CAACC,eAApC,EAAqD;AACnD,UAAM+C,CAAC,GAAGC,kBAAkB,CAACtB,WAAD,EAAc;AAAED,MAAAA,oBAAF;AAAwBkB,MAAAA,WAAW,EAAED;AAArC,KAAd,CAA5B;;AACA,QAAIK,CAAJ,EAAO;AACL,YAAME,UAAsB,GAAG,IAAIF,CAAJ,CAAMrB,WAAN,CAA/B;AACAO,MAAAA,GAAG,CAACC,IAAJ,CAAUe,UAAU,CAACC,WAAX,CAAuBT,UAAvB,EAAmC1C,WAAW,CAACoD,OAA/C,CAAV;AACD;AACF;;AAED,OAAK,MAAM,CAAC9C,IAAD,CAAX,IAAqB,sBAAgBN,WAAW,CAACQ,OAAZ,IAAuB,EAAvC,CAArB,EAAkE;AAChE0B,IAAAA,GAAG,CAACC,IAAJ,CAAS;AACP7B,MAAAA,IADO;AAEP+C,MAAAA,MAAM,EAAE,MAAOC,MAAP,IAAmB;AACzB,eAAOZ,UAAU,CAACa,GAAX,CAAeC,OAAf,CAAuB;AAC5BhD,UAAAA,OAAO,EAAE,CAAC;AAAEF,YAAAA,IAAF;AAAQgD,YAAAA;AAAR,WAAD;AADmB,SAAvB,CAAP;AAGD;AANM,KAAT;AAQD;;AAED,SAAOpB,GAAP;AACD;;AAEM,SAASuB,0BAAT,CACLzD,WADK,EAEL+C,eAFK,EAGLW,MAHK,EAIc;AAAA;;AACnB,QAAMC,YAAY,GAAG3D,WAAW,CAACC,eAAZ,IAA+B,EAApD;AACA,QAAM0B,WAAW,GAAG,mBAAAgC,YAAY,MAAZ,CAAAA,YAAY,EAAMC,CAAC,IAAIA,CAAC,CAACtD,IAAF,KAAWyC,eAAtB,CAAhC;;AACA,MAAI,CAACpB,WAAL,EAAkB;AAChB;AACA,oBAAM,gCAA+BoB,eAAgB,kCAArD;AACA,WAAOW,MAAP;AACD,GAPkB,CASnB;;;AACA,QAAMG,oBAAoB,GAAG,iCAAAlC,WAAW,CAAChB,KAAZ,kBAA0B,CAACuB,GAAD,EAAM4B,KAAN,KAAgB;AACrE,UAAM;AAAExD,MAAAA,IAAF;AAAQK,MAAAA;AAAR,QAAkBmD,KAAxB;;AACA,QAAIxD,IAAI,KAAK,aAAb,EAA4B;AAC1B4B,MAAAA,GAAG,CAAC5B,IAAD,CAAH,GAAYK,KAAZ,CAD0B,CACP;AACpB,KAFD,MAEO;AACLuB,MAAAA,GAAG,CAAC5B,IAAD,CAAH,GAAYoD,MAAM,CAACpD,IAAD,CAAlB,CADK,CACqB;AAC3B;;AACD,WAAO4B,GAAP;AACD,GAR4B,EAQ1B,EAR0B,CAA7B;AASA,SAAO2B,oBAAP;AACD;;AAED,SAASZ,kBAAT,CAA4BtB,WAA5B,EAAyDV,OAAzD,EAAoF;AAClF,QAAM;AAAES,IAAAA,oBAAF;AAAwBkB,IAAAA;AAAxB,MAAwC3B,OAA9C;;AAEA,MAAI,CAACU,WAAL,EAAkB;AAChB,WAAOoC,SAAP;AACD;;AAED,MAAIrC,oBAAJ,EAA0B;AACxB,WAAOsC,oCAAP;AACD,GATiF,CAWlF;;;AACA,SAAOpB,WAAW,CAAEjB,WAAW,CAACrB,IAAd,CAAlB;AACD,C,CAED;AACA;;;AACO,SAAS2D,aAAT,CACLC,eADK,EAELR,MAFK,EAGLzC,OAHK,EAImB;AACxB;AACA,QAAM2B,WAAW,GAAG3B,OAAO,CAAC2B,WAA5B;AACA,QAAMlB,oBAAoB,GAAGT,OAAO,CAACS,oBAArC;AAEA,MAAIwB,UAAJ,CALwB,CAMxB;;AACA,MAAIjC,OAAO,CAACkD,IAAZ,EAAkB;AAChB;AACA,UAAMxC,WAAW,GAAG,mBAAAuC,eAAe,MAAf,CAAAA,eAAe,EAAM,CAAC;AAAE5D,MAAAA;AAAF,KAAD,KAAcA,IAAI,KAAKW,OAAO,CAACkD,IAArC,CAAnC;;AACA,QAAIxC,WAAJ,EAAiB;AACf,YAAMqB,CAAC,GAAGC,kBAAkB,CAACtB,WAAD,EAAcV,OAAd,CAA5B;AACA,aAAO+B,CAAC,GAAG,IAAIA,CAAJ,CAAMrB,WAAN,EAAmB+B,MAAnB,EAA2BzC,OAA3B,CAAH,GAAyC8C,SAAjD;AACD,KAHD,MAGO;AACL;AACA,sBAAM,SAAQ9C,OAAO,CAACkD,IAAK,kCAA3B;AACA;AACD;AACF;;AAED,QAAMC,oBAAkC,GAAG,EAA3C;;AACA,MAAI1C,oBAAJ,EAA0B;AACxB;AACA0C,IAAAA,oBAAoB,CAACjC,IAArB,CAA0B,IAAI6B,oCAAJ,CAAsBE,eAAe,CAAC,CAAD,CAArC,EAA0CR,MAA1C,EAAkDzC,OAAlD,CAA1B;AACD,GAHD,MAGO;AACL,SAAK,IAAIU,WAAT,IAAwBuC,eAAxB,EAAyC;AAAA;;AACvC,YAAMG,kBAAkB,GAAG,sDAAYzB,WAAZ,mBAA4CjB,WAAW,CAACrB,IAAxD,CAA3B;;AACA,UAAI,CAAC+D,kBAAL,EAAyB;AACvB;AACD,OAJsC,CAMvC;;;AACA,YAAMrB,CAAC,GAAGC,kBAAkB,CAACtB,WAAD,EAAcV,OAAd,CAA5B;AACAiC,MAAAA,UAAU,GAAG,IAAIF,CAAJ,CAAMrB,WAAN,EAAmB+B,MAAnB,EAA2BzC,OAA3B,CAAb;;AACA,UAAIiC,UAAU,CAACoB,YAAX,EAAJ,EAA+B;AAC7B;AACA,eAAOpB,UAAP;AACD,OAZsC,CAavC;AACA;;;AACAkB,MAAAA,oBAAoB,CAACjC,IAArB,CAA0Be,UAA1B;AACD;AACF;;AAED,SAAOkB,oBAAoB,CAAC,CAAD,CAA3B;AACD;;AAGM,SAASjB,WAAT,CACLT,UADK,EAC6BQ,UAD7B,EACqDlD,WADrD,EAEK;AACV,QAAMuE,QAAQ,GAAGrB,UAAU,CAACC,WAAX,CAAuBT,UAAvB,EAAmC1C,WAAW,CAACoD,OAA/C,CAAjB;AACA,QAAMoB,OAAO,GAAGpE,SAAS,CAACJ,WAAD,CAAzB;AACA,QAAMyE,SAAS,GAAGlE,WAAW,CAACP,WAAD,CAA7B;AACA,SAAO,EACL,GAAGuE,QADE;AAEL,QAAIC,OAAO,IAAI;AAACA,MAAAA;AAAD,KAAf,CAFK;AAGL,QAAIC,SAAS,IAAI;AAACA,MAAAA;AAAD,KAAjB;AAHK,GAAP;AAKD;;AAEM,SAASC,cAAT,CAAwBhC,UAAxB,EAA0DiC,CAA1D,EAA6D1D,OAAO,GAAG,EAAvE,EAAgG;AACrG;AACA,MAAIjB,WAAW,GAAG,0BAAc2E,CAAd,IAAmBA,CAAnB,GAAuB,IAAzC;;AACA,MAAI,CAAC3E,WAAL,EAAkB;AAChB;AACA,UAAM2E,CAAN;AACD;;AACD3E,EAAAA,WAAW,GAAG,EACZ,GAAGA,WADS;AAEZ4E,IAAAA,iBAAiB,EAAE;AAFP,GAAd;AAIA,QAAMC,QAAQ,GAAG9E,kBAAkB,CAACC,WAAD,CAAnC;AACA,QAAMkD,UAAU,GAAGe,aAAa,CAACjE,WAAW,CAACC,eAAb,EAA8B,EAA9B,EAAkCgB,OAAlC,CAAhC;AACA,QAAMsD,QAAQ,GAAGrB,UAAU,IAAIC,WAAW,CAACT,UAAD,EAAaQ,UAAb,EAAyBlD,WAAzB,CAA1C;AACA,SAAO;AACLA,IAAAA,WADK;AAEL,QAAI6E,QAAQ,IAAI;AAAEA,MAAAA;AAAF,KAAhB,CAFK;AAGL,QAAI,CAACA,QAAD,IAAaN,QAAb,IAAyB;AAAEA,MAAAA;AAAF,KAA7B;AAHK,GAAP;AAKD","sourcesContent":["import { warn } from '../util';\nimport * as remediators from './remediators';\nimport { RemediationValues, Remediator, RemediatorConstructor } from './remediators';\nimport { GenericRemediator } from './remediators/GenericRemediator';\nimport { IdxFeature, NextStep, RemediateOptions, RemediationResponse, RunOptions } from './types';\nimport { IdxMessage, IdxRemediation, IdxRemediationValue, IdxResponse, isIdxResponse } from './types/idx-js';\nimport { OktaAuthIdxInterface } from '../types';\n\nexport function isTerminalResponse(idxResponse: IdxResponse) {\n const { neededToProceed, interactionCode } = idxResponse;\n return !neededToProceed.length && !interactionCode;\n}\n\nexport function canSkipFn(idxResponse: IdxResponse) {\n return idxResponse.neededToProceed.some(({ name }) => name === 'skip');\n}\n\nexport function canResendFn(idxResponse: IdxResponse) {\n return Object.keys(idxResponse.actions).some(actionName => actionName.includes('resend'));\n}\n\nexport function getMessagesFromIdxRemediationValue(\n value?: IdxRemediationValue[]\n): IdxMessage[] | undefined {\n if (!value || !Array.isArray(value)) {\n return;\n }\n return value.reduce((messages, value) => {\n if (value.messages) {\n messages = [...messages, ...value.messages.value] as never;\n }\n if (value.form) {\n const messagesFromForm = getMessagesFromIdxRemediationValue(value.form.value) || [];\n messages = [...messages, ...messagesFromForm] as never;\n } \n if (value.options) {\n let optionValues = [];\n value.options.forEach(option => {\n if (!option.value || typeof option.value === 'string') {\n return;\n }\n optionValues = [...optionValues, option.value] as never;\n });\n const messagesFromOptions = getMessagesFromIdxRemediationValue(optionValues) || [];\n messages = [...messages, ...messagesFromOptions] as never;\n }\n return messages;\n }, []);\n}\n\nexport function getMessagesFromResponse(idxResponse: IdxResponse, options: RunOptions): IdxMessage[] {\n let messages: IdxMessage[] = [];\n const { rawIdxState, neededToProceed } = idxResponse;\n\n // Handle global messages\n const globalMessages = rawIdxState.messages?.value.map(message => message);\n if (globalMessages) {\n messages = [...messages, ...globalMessages] as never;\n }\n\n // Handle field messages for current flow\n // Preserve existing logic for general cases, remove in the next major version\n // Follow ion response format for top level messages when useGenericRemediator is true\n if (!options.useGenericRemediator) {\n for (let remediation of neededToProceed) {\n const fieldMessages = getMessagesFromIdxRemediationValue(remediation.value);\n if (fieldMessages) {\n messages = [...messages, ...fieldMessages] as never;\n }\n }\n }\n\n // API may return identical error on same field, filter by i18n key\n const seen = {};\n messages = messages.reduce((filtered, message) => {\n const key = message.i18n?.key;\n if (key && seen[key]) {\n return filtered;\n }\n seen[key] = message;\n filtered = [...filtered, message] as never;\n return filtered;\n }, []);\n return messages;\n}\n\n\nexport function getEnabledFeatures(idxResponse: IdxResponse): IdxFeature[] {\n const res = [];\n const { actions, neededToProceed } = idxResponse;\n\n if (actions['currentAuthenticator-recover']) {\n res.push(IdxFeature.PASSWORD_RECOVERY as never);\n }\n\n if (neededToProceed.some(({ name }) => name === 'select-enroll-profile')) {\n res.push(IdxFeature.REGISTRATION as never);\n }\n\n if (neededToProceed.some(({ name }) => name === 'redirect-idp')) {\n res.push(IdxFeature.SOCIAL_IDP as never);\n }\n\n if (neededToProceed.some(({ name }) => name === 'unlock-account')) {\n res.push(IdxFeature.ACCOUNT_UNLOCK as never);\n }\n\n return res;\n}\n\nexport function getAvailableSteps(\n authClient: OktaAuthIdxInterface, \n idxResponse: IdxResponse, \n useGenericRemediator?: boolean\n): NextStep[] {\n const res: NextStep[] = [];\n\n const remediatorMap: Record<string, RemediatorConstructor> = Object.values(remediators)\n .reduce((map, remediatorClass) => {\n // Only add concrete subclasses to the map\n if (remediatorClass.remediationName) {\n map[remediatorClass.remediationName] = remediatorClass;\n }\n return map;\n }, {});\n\n for (let remediation of idxResponse.neededToProceed) {\n const T = getRemediatorClass(remediation, { useGenericRemediator, remediators: remediatorMap });\n if (T) {\n const remediator: Remediator = new T(remediation);\n res.push (remediator.getNextStep(authClient, idxResponse.context) as never);\n }\n }\n\n for (const [name] of Object.entries((idxResponse.actions || {}))) {\n res.push({ \n name, \n action: async (params?) => {\n return authClient.idx.proceed({ \n actions: [{ name, params }] \n });\n }\n });\n }\n\n return res;\n}\n\nexport function filterValuesForRemediation(\n idxResponse: IdxResponse,\n remediationName: string,\n values: RemediationValues\n): RemediationValues {\n const remediations = idxResponse.neededToProceed || [];\n const remediation = remediations.find(r => r.name === remediationName);\n if (!remediation) {\n // step was specified, but remediation was not found. This is unexpected!\n warn(`filterValuesForRemediation: \"${remediationName}\" did not match any remediations`);\n return values;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const valuesForRemediation = remediation.value!.reduce((res, entry) => {\n const { name, value } = entry;\n if (name === 'stateHandle') {\n res[name] = value; // use the stateHandle value in the remediation\n } else {\n res[name] = values[name]; // use the value provided by the caller\n }\n return res;\n }, {});\n return valuesForRemediation;\n}\n\nfunction getRemediatorClass(remediation: IdxRemediation, options: RemediateOptions) {\n const { useGenericRemediator, remediators } = options;\n \n if (!remediation) {\n return undefined;\n }\n\n if (useGenericRemediator) {\n return GenericRemediator;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return remediators![remediation.name];\n}\n\n// Return first match idxRemediation in allowed remediators\n// eslint-disable-next-line complexity\nexport function getRemediator(\n idxRemediations: IdxRemediation[],\n values: RemediationValues,\n options: RemediateOptions,\n): Remediator | undefined {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const remediators = options.remediators!;\n const useGenericRemediator = options.useGenericRemediator;\n\n let remediator: Remediator;\n // remediation name specified by caller - fast-track remediator lookup \n if (options.step) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const remediation = idxRemediations.find(({ name }) => name === options.step)!;\n if (remediation) {\n const T = getRemediatorClass(remediation, options);\n return T ? new T(remediation, values, options) : undefined;\n } else {\n // step was specified, but remediation was not found. This is unexpected!\n warn(`step \"${options.step}\" did not match any remediations`);\n return;\n }\n }\n\n const remediatorCandidates: Remediator[] = [];\n if (useGenericRemediator) {\n // always pick the first remediation for when use GenericRemediator\n remediatorCandidates.push(new GenericRemediator(idxRemediations[0], values, options));\n } else {\n for (let remediation of idxRemediations) {\n const isRemeditionInFlow = Object.keys(remediators as object).includes(remediation.name);\n if (!isRemeditionInFlow) {\n continue;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const T = getRemediatorClass(remediation, options)!;\n remediator = new T(remediation, values, options);\n if (remediator.canRemediate()) {\n // found the remediator\n return remediator;\n }\n // remediator cannot handle the current values\n // maybe return for next step\n remediatorCandidates.push(remediator); \n }\n }\n \n return remediatorCandidates[0];\n}\n\n\nexport function getNextStep(\n authClient: OktaAuthIdxInterface, remediator: Remediator, idxResponse: IdxResponse\n): NextStep {\n const nextStep = remediator.getNextStep(authClient, idxResponse.context);\n const canSkip = canSkipFn(idxResponse);\n const canResend = canResendFn(idxResponse);\n return {\n ...nextStep,\n ...(canSkip && {canSkip}),\n ...(canResend && {canResend}),\n };\n}\n\nexport function handleIdxError(authClient: OktaAuthIdxInterface, e, options = {}): RemediationResponse {\n // Handle idx messages\n let idxResponse = isIdxResponse(e) ? e : null;\n if (!idxResponse) {\n // Thrown error terminates the interaction with idx\n throw e;\n }\n idxResponse = {\n ...idxResponse,\n requestDidSucceed: false\n };\n const terminal = isTerminalResponse(idxResponse);\n const remediator = getRemediator(idxResponse.neededToProceed, {}, options);\n const nextStep = remediator && getNextStep(authClient, remediator, idxResponse);\n return {\n idxResponse,\n ...(terminal && { terminal }),\n ...(!terminal && nextStep && { nextStep }) \n };\n}\n"],"file":"util.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/oidc/endpoints/token.ts"],"names":["validateOptions","options","clientId","AuthSdkError","redirectUri","authorizationCode","interactionCode","codeVerifier","getPostData","sdk","params","code","clientSecret","postToTokenEndpoint","urls","data","headers","url","tokenUrl","method","args","postRefreshToken","refreshToken","client_id","grant_type","scope","scopes","join","refresh_token","name","value","encodeURIComponent"],"mappings":";;;;;;;;;;;;;AAaA;;AAEA;;AACA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAQA,SAASA,eAAT,CAAyBC,OAAzB,EAA+C;AAC7C;AACA,MAAI,CAACA,OAAO,CAACC,QAAb,EAAuB;AACrB,UAAM,IAAIC,oBAAJ,CAAiB,yEAAjB,CAAN;AACD;;AAED,MAAI,CAACF,OAAO,CAACG,WAAb,EAA0B;AACxB,UAAM,IAAID,oBAAJ,CAAiB,oEAAjB,CAAN;AACD;;AAED,MAAI,CAACF,OAAO,CAACI,iBAAT,IAA8B,CAACJ,OAAO,CAACK,eAA3C,EAA4D;AAC1D,UAAM,IAAIH,oBAAJ,CAAiB,2EAAjB,CAAN;AACD;;AAED,MAAI,CAACF,OAAO,CAACM,YAAb,EAA2B;AACzB,UAAM,IAAIJ,oBAAJ,CAAiB,+EAAjB,CAAN;AACD;AACF;;AAED,SAASK,WAAT,CAAqBC,GAArB,EAA0BR,OAA1B,EAAwD;AAAA;;AACtD;AACA,MAAIS,MAAmB,GAAG,sBAAW;AACnC,iBAAaT,OAAO,CAACC,QADc;AAEnC,oBAAgBD,OAAO,CAACG,WAFW;AAGnC,kBAAcH,OAAO,CAACK,eAAR,GAA0B,kBAA1B,GAA+C,oBAH1B;AAInC,qBAAiBL,OAAO,CAACM;AAJU,GAAX,CAA1B;;AAOA,MAAIN,OAAO,CAACK,eAAZ,EAA6B;AAC3BI,IAAAA,MAAM,CAAC,kBAAD,CAAN,GAA6BT,OAAO,CAACK,eAArC;AACD,GAFD,MAEO,IAAIL,OAAO,CAACI,iBAAZ,EAA+B;AACpCK,IAAAA,MAAM,CAACC,IAAP,GAAcV,OAAO,CAACI,iBAAtB;AACD;;AAED,QAAM;AAAEO,IAAAA;AAAF,MAAmBH,GAAG,CAACR,OAA7B;;AACA,MAAIW,YAAJ,EAAkB;AAChBF,IAAAA,MAAM,CAAC,eAAD,CAAN,GAA0BE,YAA1B;AACD,GAlBqD,CAoBtD;;;AACA,SAAO,wDAAcF,MAAd,kBAA4B,CAA5B,CAAP;AACD,C,CAED;;;AACO,SAASG,mBAAT,CAA6BJ,GAA7B,EAAkCR,OAAlC,EAAwDa,IAAxD,EAAkG;AACvGd,EAAAA,eAAe,CAACC,OAAD,CAAf;AACA,MAAIc,IAAI,GAAGP,WAAW,CAACC,GAAD,EAAMR,OAAN,CAAtB;AAEA,QAAMe,OAAO,GAAG;AACd,oBAAgB;AADF,GAAhB;AAIA,SAAO,uBAAYP,GAAZ,EAAiB;AACtBQ,IAAAA,GAAG,EAAEH,IAAI,CAACI,QADY;AAEtBC,IAAAA,MAAM,EAAE,MAFc;AAGtBC,IAAAA,IAAI,EAAEL,IAHgB;AAItBC,IAAAA;AAJsB,GAAjB,CAAP;AAMD;;AAEM,SAASK,gBAAT,
|
|
1
|
+
{"version":3,"sources":["../../../../lib/oidc/endpoints/token.ts"],"names":["validateOptions","options","clientId","AuthSdkError","redirectUri","authorizationCode","interactionCode","codeVerifier","getPostData","sdk","params","code","clientSecret","postToTokenEndpoint","urls","data","headers","url","tokenUrl","method","args","postRefreshToken","refreshToken","client_id","grant_type","scope","scopes","join","refresh_token","name","value","encodeURIComponent"],"mappings":";;;;;;;;;;;;;AAaA;;AAEA;;AACA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAQA,SAASA,eAAT,CAAyBC,OAAzB,EAA+C;AAC7C;AACA,MAAI,CAACA,OAAO,CAACC,QAAb,EAAuB;AACrB,UAAM,IAAIC,oBAAJ,CAAiB,yEAAjB,CAAN;AACD;;AAED,MAAI,CAACF,OAAO,CAACG,WAAb,EAA0B;AACxB,UAAM,IAAID,oBAAJ,CAAiB,oEAAjB,CAAN;AACD;;AAED,MAAI,CAACF,OAAO,CAACI,iBAAT,IAA8B,CAACJ,OAAO,CAACK,eAA3C,EAA4D;AAC1D,UAAM,IAAIH,oBAAJ,CAAiB,2EAAjB,CAAN;AACD;;AAED,MAAI,CAACF,OAAO,CAACM,YAAb,EAA2B;AACzB,UAAM,IAAIJ,oBAAJ,CAAiB,+EAAjB,CAAN;AACD;AACF;;AAED,SAASK,WAAT,CAAqBC,GAArB,EAA0BR,OAA1B,EAAwD;AAAA;;AACtD;AACA,MAAIS,MAAmB,GAAG,sBAAW;AACnC,iBAAaT,OAAO,CAACC,QADc;AAEnC,oBAAgBD,OAAO,CAACG,WAFW;AAGnC,kBAAcH,OAAO,CAACK,eAAR,GAA0B,kBAA1B,GAA+C,oBAH1B;AAInC,qBAAiBL,OAAO,CAACM;AAJU,GAAX,CAA1B;;AAOA,MAAIN,OAAO,CAACK,eAAZ,EAA6B;AAC3BI,IAAAA,MAAM,CAAC,kBAAD,CAAN,GAA6BT,OAAO,CAACK,eAArC;AACD,GAFD,MAEO,IAAIL,OAAO,CAACI,iBAAZ,EAA+B;AACpCK,IAAAA,MAAM,CAACC,IAAP,GAAcV,OAAO,CAACI,iBAAtB;AACD;;AAED,QAAM;AAAEO,IAAAA;AAAF,MAAmBH,GAAG,CAACR,OAA7B;;AACA,MAAIW,YAAJ,EAAkB;AAChBF,IAAAA,MAAM,CAAC,eAAD,CAAN,GAA0BE,YAA1B;AACD,GAlBqD,CAoBtD;;;AACA,SAAO,wDAAcF,MAAd,kBAA4B,CAA5B,CAAP;AACD,C,CAED;;;AACO,SAASG,mBAAT,CAA6BJ,GAA7B,EAAkCR,OAAlC,EAAwDa,IAAxD,EAAkG;AACvGd,EAAAA,eAAe,CAACC,OAAD,CAAf;AACA,MAAIc,IAAI,GAAGP,WAAW,CAACC,GAAD,EAAMR,OAAN,CAAtB;AAEA,QAAMe,OAAO,GAAG;AACd,oBAAgB;AADF,GAAhB;AAIA,SAAO,uBAAYP,GAAZ,EAAiB;AACtBQ,IAAAA,GAAG,EAAEH,IAAI,CAACI,QADY;AAEtBC,IAAAA,MAAM,EAAE,MAFc;AAGtBC,IAAAA,IAAI,EAAEL,IAHgB;AAItBC,IAAAA;AAJsB,GAAjB,CAAP;AAMD;;AAEM,SAASK,gBAAT,CACLZ,GADK,EAELR,OAFK,EAGLqB,YAHK,EAImB;AAAA;;AACxB,SAAO,uBAAYb,GAAZ,EAAiB;AACtBQ,IAAAA,GAAG,EAAEK,YAAY,CAACJ,QADI;AAEtBC,IAAAA,MAAM,EAAE,MAFc;AAGtBH,IAAAA,OAAO,EAAE;AACP,sBAAgB;AADT,KAHa;AAOtBI,IAAAA,IAAI,EAAE,oDAAe;AACnBG,MAAAA,SAAS,EAAEtB,OAAO,CAACC,QADA;AACU;AAC7BsB,MAAAA,UAAU,EAAE,eAFO;AAEU;AAC7BC,MAAAA,KAAK,EAAEH,YAAY,CAACI,MAAb,CAAoBC,IAApB,CAAyB,GAAzB,CAHY;AAInBC,MAAAA,aAAa,EAAEN,YAAY,CAACA,YAJT,CAIuB;;AAJvB,KAAf,mBAKC,UAAU,CAACO,IAAD,EAAOC,KAAP,CAAV,EAAyB;AAC9B;AACA,aAAOD,IAAI,GAAG,GAAP,GAAaE,kBAAkB,CAACD,KAAD,CAAtC;AACD,KARK,EAQHH,IARG,CAQE,GARF;AAPgB,GAAjB,CAAP;AAiBD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../../errors';\nimport { CustomUrls, OAuthParams, OAuthResponse, OktaAuthHttpInterface, RefreshToken, TokenParams } from '../../types';\nimport { removeNils, toQueryString } from '../../util';\nimport { httpRequest } from '../../http';\n\nfunction validateOptions(options: TokenParams) {\n // Quick validation\n if (!options.clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');\n }\n\n if (!options.redirectUri) {\n throw new AuthSdkError('The redirectUri passed to /authorize must also be passed to /token');\n }\n\n if (!options.authorizationCode && !options.interactionCode) {\n throw new AuthSdkError('An authorization code (returned from /authorize) must be passed to /token');\n }\n\n if (!options.codeVerifier) {\n throw new AuthSdkError('The \"codeVerifier\" (generated and saved by your app) must be passed to /token');\n }\n}\n\nfunction getPostData(sdk, options: TokenParams): string {\n // Convert Token params to OAuth params, sent to the /token endpoint\n var params: OAuthParams = removeNils({\n 'client_id': options.clientId,\n 'redirect_uri': options.redirectUri,\n 'grant_type': options.interactionCode ? 'interaction_code' : 'authorization_code',\n 'code_verifier': options.codeVerifier\n });\n\n if (options.interactionCode) {\n params['interaction_code'] = options.interactionCode;\n } else if (options.authorizationCode) {\n params.code = options.authorizationCode;\n }\n\n const { clientSecret } = sdk.options;\n if (clientSecret) {\n params['client_secret'] = clientSecret;\n }\n\n // Encode as URL string\n return toQueryString(params).slice(1);\n}\n\n// exchange authorization code for an access token\nexport function postToTokenEndpoint(sdk, options: TokenParams, urls: CustomUrls): Promise<OAuthResponse> {\n validateOptions(options);\n var data = getPostData(sdk, options);\n\n const headers = {\n 'Content-Type': 'application/x-www-form-urlencoded'\n };\n\n return httpRequest(sdk, {\n url: urls.tokenUrl,\n method: 'POST',\n args: data,\n headers\n });\n}\n\nexport function postRefreshToken(\n sdk: OktaAuthHttpInterface,\n options: TokenParams,\n refreshToken: RefreshToken\n): Promise<OAuthResponse> {\n return httpRequest(sdk, {\n url: refreshToken.tokenUrl,\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n },\n\n args: Object.entries({\n client_id: options.clientId, // eslint-disable-line camelcase\n grant_type: 'refresh_token', // eslint-disable-line camelcase\n scope: refreshToken.scopes.join(' '),\n refresh_token: refreshToken.refreshToken, // eslint-disable-line camelcase\n }).map(function ([name, value]) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return name + '=' + encodeURIComponent(value!);\n }).join('&'),\n });\n}"],"file":"token.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../lib/oidc/endpoints/well-known.ts"],"names":["getWellKnown","sdk","issuer","authServerUri","options","cacheResponse","getKey","kid","httpCache","storageManager","getHttpCache","cookies","then","wellKnown","jwksUri","cacheContents","getStorage","cachedResponse","Date","now","expiresAt","cachedKey","response","clearStorage","res","key","AuthSdkError"],"mappings":";;;;;;;;;;;AAYA;;AACA;;AAEA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,YAAT,CAAsBC,GAAtB,
|
|
1
|
+
{"version":3,"sources":["../../../../lib/oidc/endpoints/well-known.ts"],"names":["getWellKnown","sdk","issuer","authServerUri","options","cacheResponse","getKey","kid","httpCache","storageManager","getHttpCache","cookies","then","wellKnown","jwksUri","cacheContents","getStorage","cachedResponse","Date","now","expiresAt","cachedKey","response","clearStorage","res","key","AuthSdkError"],"mappings":";;;;;;;;;;;AAYA;;AACA;;AAEA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,YAAT,CAAsBC,GAAtB,EAAkDC,MAAlD,EAA+F;AACpG,MAAIC,aAAa,GAAID,MAAM,IAAID,GAAG,CAACG,OAAJ,CAAYF,MAA3C;AACA,SAAO,eAAID,GAAJ,EAASE,aAAa,GAAG,mCAAzB,EAA8D;AACnEE,IAAAA,aAAa,EAAE;AADoD,GAA9D,CAAP;AAGD;;AAEM,SAASC,MAAT,CAAgBL,GAAhB,EAA4CC,MAA5C,EAA4DK,GAA5D,EAA0F;AAC/F,MAAIC,SAAS,GAAGP,GAAG,CAACQ,cAAJ,CAAmBC,YAAnB,CAAgCT,GAAG,CAACG,OAAJ,CAAYO,OAA5C,CAAhB;AAEA,SAAOX,YAAY,CAACC,GAAD,EAAMC,MAAN,CAAZ,CACNU,IADM,CACD,UAASC,SAAT,EAAoB;AACxB,QAAIC,OAAO,GAAGD,SAAS,CAAC,UAAD,CAAvB,CADwB,CAGxB;;AACA,QAAIE,aAAa,GAAGP,SAAS,CAACQ,UAAV,EAApB;AACA,QAAIC,cAAc,GAAGF,aAAa,CAACD,OAAD,CAAlC;;AACA,QAAIG,cAAc,IAAIC,IAAI,CAACC,GAAL,KAAW,IAAX,GAAkBF,cAAc,CAACG,SAAvD,EAAkE;AAChE,UAAIC,SAAS,GAAG,qDAAKJ,cAAc,CAACK,QAApB,GAAmC;AACjDf,QAAAA,GAAG,EAAEA;AAD4C,OAAnC,CAAhB;;AAIA,UAAIc,SAAJ,EAAe;AACb,eAAOA,SAAP;AACD;AACF,KAduB,CAgBxB;;;AACAb,IAAAA,SAAS,CAACe,YAAV,CAAuBT,OAAvB,EAjBwB,CAmBxB;;AACA,WAAO,eAAIb,GAAJ,EAASa,OAAT,EAAkB;AACvBT,MAAAA,aAAa,EAAE;AADQ,KAAlB,EAGNO,IAHM,CAGD,UAASY,GAAT,EAAc;AAClB,UAAIC,GAAG,GAAG,qDAAKD,GAAL,GAAe;AACvBjB,QAAAA,GAAG,EAAEA;AADkB,OAAf,CAAV;;AAIA,UAAIkB,GAAJ,EAAS;AACP,eAAOA,GAAP;AACD;;AAED,YAAM,IAAIC,qBAAJ,CAAiB,iBAAiBnB,GAAjB,GAAuB,uCAAxC,CAAN;AACD,KAbM,CAAP;AAcD,GAnCM,CAAP;AAoCD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { get } from '../../http';\nimport { find } from '../../util';\nimport { OktaAuthOIDCInterface, WellKnownResponse } from '../../types';\nimport AuthSdkError from '../../errors/AuthSdkError';\n\nexport function getWellKnown(sdk: OktaAuthOIDCInterface, issuer?: string): Promise<WellKnownResponse> {\n var authServerUri = (issuer || sdk.options.issuer);\n return get(sdk, authServerUri + '/.well-known/openid-configuration', {\n cacheResponse: true\n });\n}\n\nexport function getKey(sdk: OktaAuthOIDCInterface, issuer: string, kid: string): Promise<string> {\n var httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);\n\n return getWellKnown(sdk, issuer)\n .then(function(wellKnown) {\n var jwksUri = wellKnown['jwks_uri'];\n\n // Check our kid against the cached version (if it exists and isn't expired)\n var cacheContents = httpCache.getStorage();\n var cachedResponse = cacheContents[jwksUri];\n if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n var cachedKey = find(cachedResponse.response.keys, {\n kid: kid\n });\n\n if (cachedKey) {\n return cachedKey;\n }\n }\n\n // Remove cache for the key\n httpCache.clearStorage(jwksUri);\n\n // Pull the latest keys if the key wasn't in the cache\n return get(sdk, jwksUri, {\n cacheResponse: true\n })\n .then(function(res) {\n var key = find(res.keys, {\n kid: kid\n });\n\n if (key) {\n return key;\n }\n\n throw new AuthSdkError('The key id, ' + kid + ', was not found in the server\\'s keys');\n });\n });\n}\n"],"file":"well-known.js"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/oidc/exchangeCodeForTokens.ts"],"names":["exchangeCodeForTokens","sdk","tokenParams","urls","authorizationCode","interactionCode","codeVerifier","clientId","redirectUri","scopes","ignoreSignature","state","getTokenOptions","then","response","responseType","push","handleResponseOptions","code","finally","transactionManager","clear"],"mappings":";;;;;;;;;;AAeA;;AACA;;AACA;;AACA;;AAlBA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAOA;AACO,SAASA,qBAAT,CAA+BC,GAA/B,
|
|
1
|
+
{"version":3,"sources":["../../../lib/oidc/exchangeCodeForTokens.ts"],"names":["exchangeCodeForTokens","sdk","tokenParams","urls","authorizationCode","interactionCode","codeVerifier","clientId","redirectUri","scopes","ignoreSignature","state","getTokenOptions","then","response","responseType","push","handleResponseOptions","code","finally","transactionManager","clear"],"mappings":";;;;;;;;;;AAeA;;AACA;;AACA;;AACA;;AAlBA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAOA;AACO,SAASA,qBAAT,CAA+BC,GAA/B,EAA2DC,WAA3D,EAAqFC,IAArF,EAAgI;AACrIA,EAAAA,IAAI,GAAGA,IAAI,IAAI,wBAAaF,GAAb,EAAkBC,WAAlB,CAAf,CADqI,CAErI;;AACAA,EAAAA,WAAW,GAAG,qBAAc,EAAd,EAAkB,iCAAsBD,GAAtB,CAAlB,EAA8C,kBAAMC,WAAN,CAA9C,CAAd;AAEA,QAAM;AACJE,IAAAA,iBADI;AAEJC,IAAAA,eAFI;AAGJC,IAAAA,YAHI;AAIJC,IAAAA,QAJI;AAKJC,IAAAA,WALI;AAMJC,IAAAA,MANI;AAOJC,IAAAA,eAPI;AAQJC,IAAAA;AARI,MASFT,WATJ;AAWA,MAAIU,eAAe,GAAG;AACpBL,IAAAA,QADoB;AAEpBC,IAAAA,WAFoB;AAGpBJ,IAAAA,iBAHoB;AAIpBC,IAAAA,eAJoB;AAKpBC,IAAAA;AALoB,GAAtB;AAQA,SAAO,gCAAoBL,GAApB,EAAyBW,eAAzB,EAA0CT,IAA1C,EACJU,IADI,CACEC,QAAD,IAA6B;AAAA;;AAEjC;AACA;AACA;AACA,UAAMC,YAAiC,GAAG,CAAC,OAAD,CAA1C,CALiC,CAKoB;;AACrD,QAAI,iCAAAN,MAAM,MAAN,WAAgB,QAAhB,MAA8B,CAAC,CAAnC,EAAsC;AACpCM,MAAAA,YAAY,CAACC,IAAb,CAAkB,UAAlB,EADoC,CACL;AAChC;;AACD,UAAMC,qBAAkC,GAAG;AACzCV,MAAAA,QADyC;AAEzCC,MAAAA,WAFyC;AAGzCC,MAAAA,MAHyC;AAIzCM,MAAAA,YAJyC;AAKzCL,MAAAA;AALyC,KAA3C;AAOA,WAAO,8CAAoBT,GAApB,EAAyBgB,qBAAzB,EAAgDH,QAAhD,EAA0DX,IAA1D,EACJU,IADI,CACEC,QAAD,IAA6B;AACjC;AACAA,MAAAA,QAAQ,CAACI,IAAT,GAAgBd,iBAAhB;AACAU,MAAAA,QAAQ,CAACH,KAAT,GAAiBA,KAAjB;AACA,aAAOG,QAAP;AACD,KANI,CAAP;AAOD,GAxBI,EAyBJK,OAzBI,CAyBI,MAAM;AACblB,IAAAA,GAAG,CAACmB,kBAAJ,CAAuBC,KAAvB;AACD,GA3BI,CAAP;AA4BD","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/* eslint-disable max-len */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { CustomUrls, OAuthResponse, OAuthResponseType, OktaAuthOIDCInterface, TokenParams, TokenResponse } from '../types';\nimport { getOAuthUrls, getDefaultTokenParams } from './util';\nimport { clone } from '../util';\nimport { postToTokenEndpoint } from './endpoints/token';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n\n// codeVerifier is required. May pass either an authorizationCode or interactionCode\nexport function exchangeCodeForTokens(sdk: OktaAuthOIDCInterface, tokenParams: TokenParams, urls?: CustomUrls): Promise<TokenResponse> {\n urls = urls || getOAuthUrls(sdk, tokenParams);\n // build params using defaults + options\n tokenParams = Object.assign({}, getDefaultTokenParams(sdk), clone(tokenParams));\n\n const {\n authorizationCode,\n interactionCode,\n codeVerifier,\n clientId,\n redirectUri,\n scopes,\n ignoreSignature,\n state\n } = tokenParams;\n\n var getTokenOptions = {\n clientId,\n redirectUri,\n authorizationCode,\n interactionCode,\n codeVerifier,\n };\n\n return postToTokenEndpoint(sdk, getTokenOptions, urls)\n .then((response: OAuthResponse) => {\n\n // `handleOAuthResponse` hanadles responses from both `/authorize` and `/token` endpoints\n // Here we modify the response from `/token` so that it more closely matches a response from `/authorize`\n // `responseType` is used to validate that the expected tokens were returned\n const responseType: OAuthResponseType[] = ['token']; // an accessToken will always be returned\n if (scopes!.indexOf('openid') !== -1) {\n responseType.push('id_token'); // an idToken will be returned if \"openid\" is in the scopes\n }\n const handleResponseOptions: TokenParams = {\n clientId,\n redirectUri,\n scopes,\n responseType,\n ignoreSignature,\n };\n return handleOAuthResponse(sdk, handleResponseOptions, response, urls!)\n .then((response: TokenResponse) => {\n // For compatibility, \"code\" is returned in the TokenResponse. OKTA-326091\n response.code = authorizationCode;\n response.state = state!;\n return response;\n });\n })\n .finally(() => {\n sdk.transactionManager.clear();\n });\n}"],"file":"exchangeCodeForTokens.js"}
|
package/cjs/oidc/getToken.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../lib/oidc/getToken.ts"],"names":["getToken","sdk","options","arguments","length","reject","AuthSdkError","popupWindow","undefined","then","tokenParams","sessionTokenOverrides","prompt","responseMode","display","idpOverrides","sessionToken","idp","requestUrl","endpoint","urls","codeVerifier","tokenUrl","authorizeUrl","flowType","iframePromise","timeout","state","iframeEl","res","finally","document","body","contains","parentElement","removeChild","oauthPromise","features","isPopupPostMessageSupported","location","assign","popupPromise","resolve","closePoller","setInterval","closed","clearInterval","catch","err","close"],"mappings":";;;;;;;;;;AAeA;;AAMA;;AASA;;AACA;;AACA;;AA/BA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAmBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASA,QAAT,CAAkBC,GAAlB,EAA0CC,OAA1C,EAA8E;AACnF,MAAIC,SAAS,CAACC,MAAV,GAAmB,CAAvB,EAA0B;AACxB,WAAO,iBAAQC,MAAR,CAAe,IAAIC,qBAAJ,CAAiB,kEAAjB,CAAf,CAAP;AACD;;AAEDJ,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB,CALmF,CAOnF;AACA;;AACA,QAAMK,WAAW,GAAGL,OAAO,CAACK,WAA5B;AACAL,EAAAA,OAAO,CAACK,WAAR,GAAsBC,SAAtB;AAEA,SAAO,4CAAmBP,GAAnB,EAAwBC,OAAxB,EACJO,IADI,CACC,UAAUC,WAAV,EAAoC;AAExC;AACA,QAAIC,qBAAqB,GAAG;AAC1BC,MAAAA,MAAM,EAAE,MADkB;AAE1BC,MAAAA,YAAY,EAAE,mBAFY;AAG1BC,MAAAA,OAAO,EAAE;AAHiB,KAA5B;AAMA,QAAIC,YAAY,GAAG;AACjBD,MAAAA,OAAO,EAAE;AADQ,KAAnB;;AAIA,QAAIZ,OAAO,CAACc,YAAZ,EAA0B;AACxB,2BAAcN,WAAd,EAA2BC,qBAA3B;AACD,KAFD,MAEO,IAAIT,OAAO,CAACe,GAAZ,EAAiB;AACtB,2BAAcP,WAAd,EAA2BK,YAA3B;AACD,KAjBuC,CAmBxC;;;AACA,QAAIG,UAAJ,EACEC,QADF,EAEEC,IAFF,CApBwC,CAwBxC;;AACAA,IAAAA,IAAI,GAAG,wBAAanB,GAAb,EAAkBS,WAAlB,CAAP;AACAS,IAAAA,QAAQ,GAAGjB,OAAO,CAACmB,YAAR,GAAuBD,IAAI,CAACE,QAA5B,GAAuCF,IAAI,CAACG,YAAvD;AACAL,IAAAA,UAAU,GAAGC,QAAQ,GAAG,qCAAqBT,WAArB,CAAxB,CA3BwC,CA6BxC;;AACA,QAAIc,QAAJ;;AACA,QAAId,WAAW,CAACM,YAAZ,IAA4BN,WAAW,CAACI,OAAZ,KAAwB,IAAxD,EAA8D;AAC5DU,MAAAA,QAAQ,GAAG,QAAX;AACD,KAFD,MAEO,IAAId,WAAW,CAACI,OAAZ,KAAwB,OAA5B,EAAqC;AAC1CU,MAAAA,QAAQ,GAAG,OAAX;AACD,KAFM,MAEA;AACLA,MAAAA,QAAQ,GAAG,UAAX;AACD,KArCuC,CAuCxC;;;AACA,YAAQA,QAAR;AACE,WAAK,QAAL;AACE,YAAIC,aAAa,GAAG,kCAAuBxB,GAAvB,EAA4BC,OAAO,CAACwB,OAApC,EAA6ChB,WAAW,CAACiB,KAAzD,CAApB;AACA,YAAIC,QAAQ,GAAG,qBAAUV,UAAV,CAAf;AACA,eAAOO,aAAa,CACjBhB,IADI,CACC,UAAUoB,GAAV,EAAe;AACnB,iBAAO,8CAAoB5B,GAApB,EAAyBS,WAAzB,EAAsCmB,GAAtC,EAA4DT,IAA5D,CAAP;AACD,SAHI,EAIJU,OAJI,CAII,YAAY;AACnB,cAAIC,QAAQ,CAACC,IAAT,CAAcC,QAAd,CAAuBL,QAAvB,CAAJ,EAAsC;AAAA;;AACpC,qCAAAA,QAAQ,CAACM,aAAT,gFAAwBC,WAAxB,CAAoCP,QAApC;AACD;AACF,SARI,CAAP;;AAUF,WAAK,OAAL;AACE,YAAIQ,YAAJ,CADF,CACoB;AAElB;AACA;;AACA,YAAI1B,WAAW,CAACG,YAAZ,KAA6B,mBAAjC,EAAsD;AACpD,cAAI,CAACZ,GAAG,CAACoC,QAAJ,CAAaC,2BAAb,EAAL,EAAiD;AAC/C,kBAAM,IAAIhC,qBAAJ,CAAiB,qDAAjB,CAAN;AACD;;AACD8B,UAAAA,YAAY,GAAG,kCAAuBnC,GAAvB,EAA4BC,OAAO,CAACwB,OAApC,EAA6ChB,WAAW,CAACiB,KAAzD,CAAf;AACD,SAVH,CAYE;AACA;;;AACA,YAAIpB,WAAJ,EAAiB;AACfA,UAAAA,WAAW,CAACgC,QAAZ,CAAqBC,MAArB,CAA4BtB,UAA5B;AACD,SAhBH,CAkBE;;;AACA,YAAIuB,YAAY,GAAG,qBAAY,UAAUC,OAAV,EAAmBrC,MAAnB,EAA2B;AACxD,cAAIsC,WAAW,GAAGC,WAAW,CAAC,YAAY;AACxC,gBAAI,CAACrC,WAAD,IAAgBA,WAAW,CAACsC,MAAhC,EAAwC;AACtCC,cAAAA,aAAa,CAACH,WAAD,CAAb;AACAtC,cAAAA,MAAM,CAAC,IAAIC,qBAAJ,CAAiB,qCAAjB,CAAD,CAAN;AACD;AACF,WAL4B,EAK1B,GAL0B,CAA7B,CADwD,CAQxD;;AACA8B,UAAAA,YAAY,CACT3B,IADH,CACQ,UAAUoB,GAAV,EAAe;AACnBiB,YAAAA,aAAa,CAACH,WAAD,CAAb;AACAD,YAAAA,OAAO,CAACb,GAAD,CAAP;AACD,WAJH,EAKGkB,KALH,CAKS,UAAUC,GAAV,EAAe;AACpBF,YAAAA,aAAa,CAACH,WAAD,CAAb;AACAtC,YAAAA,MAAM,CAAC2C,GAAD,CAAN;AACD,WARH;AASD,SAlBkB,CAAnB;AAoBA,eAAOP,YAAY,CAChBhC,IADI,CACC,UAAUoB,GAAV,EAAe;AACnB,iBAAO,8CAAoB5B,GAApB,EAAyBS,WAAzB,EAAsCmB,GAAtC,EAA4DT,IAA5D,CAAP;AACD,SAHI,EAIJU,OAJI,CAII,YAAY;AACnB,cAAIvB,WAAW,IAAI,CAACA,WAAW,CAACsC,MAAhC,EAAwC;AACtCtC,YAAAA,WAAW,CAAC0C,KAAZ;AACD;AACF,SARI,CAAP;;AAUF;AACE,cAAM,IAAI3C,qBAAJ,CAAiB,8CAAjB,CAAN;AAhEJ;AAkED,GA3GI,CAAP;AA4GD","sourcesContent":["\n/* global document */\n/* eslint-disable complexity, max-statements */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport {\n getOAuthUrls,\n loadFrame,\n addPostMessageListener\n} from './util';\n\nimport AuthSdkError from '../errors/AuthSdkError';\n\nimport {\n OktaAuthInterface,\n TokenParams,\n PopupParams,\n OAuthResponse,\n} from '../types';\n\nimport { prepareTokenParams } from './util/prepareTokenParams';\nimport { buildAuthorizeParams } from './endpoints/authorize';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n/*\n * Retrieve an idToken from an Okta or a third party idp\n *\n * Two main flows:\n *\n * 1) Exchange a sessionToken for a token\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n * sessionToken: 'yourtoken'\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n *\n * Forced:\n * prompt: 'none'\n * responseMode: 'okta_post_message'\n * display: undefined\n *\n * 2) Get a token from an idp\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n * idp: defaults to Okta as an idp\n * prompt: no default. Pass 'none' to throw an error if user is not signed in\n *\n * Forced:\n * display: 'popup'\n *\n * Only common optional params shown. Any OAuth parameters not explicitly forced are available to override\n *\n * @param {Object} oauthOptions\n * @param {String} [oauthOptions.clientId] ID of this client\n * @param {String} [oauthOptions.redirectUri] URI that the iframe or popup will go to once authenticated\n * @param {String[]} [oauthOptions.scopes] OAuth 2.0 scopes to request (openid must be specified)\n * @param {String} [oauthOptions.idp] ID of an external IdP to use for user authentication\n * @param {String} [oauthOptions.sessionToken] Bootstrap Session Token returned by the Okta Authentication API\n * @param {String} [oauthOptions.prompt] Determines whether the Okta login will be displayed on failure.\n * Use 'none' to prevent this behavior\n *\n * @param {Object} options\n * @param {Integer} [options.timeout] Time in ms before the flow is automatically terminated. Defaults to 120000\n * @param {String} [options.popupTitle] Title dispayed in the popup.\n * Defaults to 'External Identity Provider User Authentication'\n */\nexport function getToken(sdk: OktaAuthInterface, options: TokenParams & PopupParams) {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getToken\" takes only a single set of options'));\n }\n\n options = options || {};\n\n // window object cannot be serialized, save for later use\n // TODO: move popup related params into a separate options object\n const popupWindow = options.popupWindow;\n options.popupWindow = undefined;\n\n return prepareTokenParams(sdk, options)\n .then(function (tokenParams: TokenParams) {\n\n // Start overriding any options that don't make sense\n var sessionTokenOverrides = {\n prompt: 'none',\n responseMode: 'okta_post_message',\n display: null\n };\n\n var idpOverrides = {\n display: 'popup'\n };\n\n if (options.sessionToken) {\n Object.assign(tokenParams, sessionTokenOverrides);\n } else if (options.idp) {\n Object.assign(tokenParams, idpOverrides);\n }\n\n // Use the query params to build the authorize url\n var requestUrl,\n endpoint,\n urls;\n\n // Get authorizeUrl and issuer\n urls = getOAuthUrls(sdk, tokenParams);\n endpoint = options.codeVerifier ? urls.tokenUrl : urls.authorizeUrl;\n requestUrl = endpoint + buildAuthorizeParams(tokenParams);\n\n // Determine the flow type\n var flowType;\n if (tokenParams.sessionToken || tokenParams.display === null) {\n flowType = 'IFRAME';\n } else if (tokenParams.display === 'popup') {\n flowType = 'POPUP';\n } else {\n flowType = 'IMPLICIT';\n }\n\n // Execute the flow type\n switch (flowType) {\n case 'IFRAME':\n var iframePromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n var iframeEl = loadFrame(requestUrl);\n return iframePromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n })\n .finally(function () {\n if (document.body.contains(iframeEl)) {\n iframeEl.parentElement?.removeChild(iframeEl);\n }\n });\n\n case 'POPUP':\n var oauthPromise; // resolves with OAuth response\n\n // Add listener on postMessage before window creation, so\n // postMessage isn't triggered before we're listening\n if (tokenParams.responseMode === 'okta_post_message') {\n if (!sdk.features.isPopupPostMessageSupported()) {\n throw new AuthSdkError('This browser doesn\\'t have full postMessage support');\n }\n oauthPromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n }\n\n // Redirect for authorization\n // popupWindown can be null when popup is blocked\n if (popupWindow) { \n popupWindow.location.assign(requestUrl);\n }\n\n // The popup may be closed without receiving an OAuth response. Setup a poller to monitor the window.\n var popupPromise = new Promise(function (resolve, reject) {\n var closePoller = setInterval(function () {\n if (!popupWindow || popupWindow.closed) {\n clearInterval(closePoller);\n reject(new AuthSdkError('Unable to parse OAuth flow response'));\n }\n }, 100);\n\n // Proxy the OAuth promise results\n oauthPromise\n .then(function (res) {\n clearInterval(closePoller);\n resolve(res);\n })\n .catch(function (err) {\n clearInterval(closePoller);\n reject(err);\n });\n });\n\n return popupPromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n })\n .finally(function () {\n if (popupWindow && !popupWindow.closed) {\n popupWindow.close();\n }\n });\n\n default:\n throw new AuthSdkError('The full page redirect flow is not supported');\n }\n });\n}"],"file":"getToken.js"}
|
|
1
|
+
{"version":3,"sources":["../../../lib/oidc/getToken.ts"],"names":["getToken","sdk","options","arguments","length","reject","AuthSdkError","popupWindow","undefined","then","tokenParams","sessionTokenOverrides","prompt","responseMode","display","idpOverrides","sessionToken","idp","requestUrl","endpoint","urls","codeVerifier","tokenUrl","authorizeUrl","flowType","iframePromise","timeout","state","iframeEl","res","finally","document","body","contains","parentElement","removeChild","oauthPromise","features","isPopupPostMessageSupported","location","assign","popupPromise","resolve","closePoller","setInterval","closed","clearInterval","catch","err","close"],"mappings":";;;;;;;;;;AAeA;;AAMA;;AASA;;AACA;;AACA;;AA/BA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAmBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASA,QAAT,CAAkBC,GAAlB,EAA8CC,OAA9C,EAAkF;AACvF,MAAIC,SAAS,CAACC,MAAV,GAAmB,CAAvB,EAA0B;AACxB,WAAO,iBAAQC,MAAR,CAAe,IAAIC,qBAAJ,CAAiB,kEAAjB,CAAf,CAAP;AACD;;AAEDJ,EAAAA,OAAO,GAAGA,OAAO,IAAI,EAArB,CALuF,CAOvF;AACA;;AACA,QAAMK,WAAW,GAAGL,OAAO,CAACK,WAA5B;AACAL,EAAAA,OAAO,CAACK,WAAR,GAAsBC,SAAtB;AAEA,SAAO,4CAAmBP,GAAnB,EAAwBC,OAAxB,EACJO,IADI,CACC,UAAUC,WAAV,EAAoC;AAExC;AACA,QAAIC,qBAAqB,GAAG;AAC1BC,MAAAA,MAAM,EAAE,MADkB;AAE1BC,MAAAA,YAAY,EAAE,mBAFY;AAG1BC,MAAAA,OAAO,EAAE;AAHiB,KAA5B;AAMA,QAAIC,YAAY,GAAG;AACjBD,MAAAA,OAAO,EAAE;AADQ,KAAnB;;AAIA,QAAIZ,OAAO,CAACc,YAAZ,EAA0B;AACxB,2BAAcN,WAAd,EAA2BC,qBAA3B;AACD,KAFD,MAEO,IAAIT,OAAO,CAACe,GAAZ,EAAiB;AACtB,2BAAcP,WAAd,EAA2BK,YAA3B;AACD,KAjBuC,CAmBxC;;;AACA,QAAIG,UAAJ,EACEC,QADF,EAEEC,IAFF,CApBwC,CAwBxC;;AACAA,IAAAA,IAAI,GAAG,wBAAanB,GAAb,EAAkBS,WAAlB,CAAP;AACAS,IAAAA,QAAQ,GAAGjB,OAAO,CAACmB,YAAR,GAAuBD,IAAI,CAACE,QAA5B,GAAuCF,IAAI,CAACG,YAAvD;AACAL,IAAAA,UAAU,GAAGC,QAAQ,GAAG,qCAAqBT,WAArB,CAAxB,CA3BwC,CA6BxC;;AACA,QAAIc,QAAJ;;AACA,QAAId,WAAW,CAACM,YAAZ,IAA4BN,WAAW,CAACI,OAAZ,KAAwB,IAAxD,EAA8D;AAC5DU,MAAAA,QAAQ,GAAG,QAAX;AACD,KAFD,MAEO,IAAId,WAAW,CAACI,OAAZ,KAAwB,OAA5B,EAAqC;AAC1CU,MAAAA,QAAQ,GAAG,OAAX;AACD,KAFM,MAEA;AACLA,MAAAA,QAAQ,GAAG,UAAX;AACD,KArCuC,CAuCxC;;;AACA,YAAQA,QAAR;AACE,WAAK,QAAL;AACE,YAAIC,aAAa,GAAG,kCAAuBxB,GAAvB,EAA4BC,OAAO,CAACwB,OAApC,EAA6ChB,WAAW,CAACiB,KAAzD,CAApB;AACA,YAAIC,QAAQ,GAAG,qBAAUV,UAAV,CAAf;AACA,eAAOO,aAAa,CACjBhB,IADI,CACC,UAAUoB,GAAV,EAAe;AACnB,iBAAO,8CAAoB5B,GAApB,EAAyBS,WAAzB,EAAsCmB,GAAtC,EAA4DT,IAA5D,CAAP;AACD,SAHI,EAIJU,OAJI,CAII,YAAY;AACnB,cAAIC,QAAQ,CAACC,IAAT,CAAcC,QAAd,CAAuBL,QAAvB,CAAJ,EAAsC;AAAA;;AACpC,qCAAAA,QAAQ,CAACM,aAAT,gFAAwBC,WAAxB,CAAoCP,QAApC;AACD;AACF,SARI,CAAP;;AAUF,WAAK,OAAL;AACE,YAAIQ,YAAJ,CADF,CACoB;AAElB;AACA;;AACA,YAAI1B,WAAW,CAACG,YAAZ,KAA6B,mBAAjC,EAAsD;AACpD,cAAI,CAACZ,GAAG,CAACoC,QAAJ,CAAaC,2BAAb,EAAL,EAAiD;AAC/C,kBAAM,IAAIhC,qBAAJ,CAAiB,qDAAjB,CAAN;AACD;;AACD8B,UAAAA,YAAY,GAAG,kCAAuBnC,GAAvB,EAA4BC,OAAO,CAACwB,OAApC,EAA6ChB,WAAW,CAACiB,KAAzD,CAAf;AACD,SAVH,CAYE;AACA;;;AACA,YAAIpB,WAAJ,EAAiB;AACfA,UAAAA,WAAW,CAACgC,QAAZ,CAAqBC,MAArB,CAA4BtB,UAA5B;AACD,SAhBH,CAkBE;;;AACA,YAAIuB,YAAY,GAAG,qBAAY,UAAUC,OAAV,EAAmBrC,MAAnB,EAA2B;AACxD,cAAIsC,WAAW,GAAGC,WAAW,CAAC,YAAY;AACxC,gBAAI,CAACrC,WAAD,IAAgBA,WAAW,CAACsC,MAAhC,EAAwC;AACtCC,cAAAA,aAAa,CAACH,WAAD,CAAb;AACAtC,cAAAA,MAAM,CAAC,IAAIC,qBAAJ,CAAiB,qCAAjB,CAAD,CAAN;AACD;AACF,WAL4B,EAK1B,GAL0B,CAA7B,CADwD,CAQxD;;AACA8B,UAAAA,YAAY,CACT3B,IADH,CACQ,UAAUoB,GAAV,EAAe;AACnBiB,YAAAA,aAAa,CAACH,WAAD,CAAb;AACAD,YAAAA,OAAO,CAACb,GAAD,CAAP;AACD,WAJH,EAKGkB,KALH,CAKS,UAAUC,GAAV,EAAe;AACpBF,YAAAA,aAAa,CAACH,WAAD,CAAb;AACAtC,YAAAA,MAAM,CAAC2C,GAAD,CAAN;AACD,WARH;AASD,SAlBkB,CAAnB;AAoBA,eAAOP,YAAY,CAChBhC,IADI,CACC,UAAUoB,GAAV,EAAe;AACnB,iBAAO,8CAAoB5B,GAApB,EAAyBS,WAAzB,EAAsCmB,GAAtC,EAA4DT,IAA5D,CAAP;AACD,SAHI,EAIJU,OAJI,CAII,YAAY;AACnB,cAAIvB,WAAW,IAAI,CAACA,WAAW,CAACsC,MAAhC,EAAwC;AACtCtC,YAAAA,WAAW,CAAC0C,KAAZ;AACD;AACF,SARI,CAAP;;AAUF;AACE,cAAM,IAAI3C,qBAAJ,CAAiB,8CAAjB,CAAN;AAhEJ;AAkED,GA3GI,CAAP;AA4GD","sourcesContent":["\n/* global document */\n/* eslint-disable complexity, max-statements */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport {\n getOAuthUrls,\n loadFrame,\n addPostMessageListener\n} from './util';\n\nimport AuthSdkError from '../errors/AuthSdkError';\n\nimport {\n OktaAuthOIDCInterface,\n TokenParams,\n PopupParams,\n OAuthResponse,\n} from '../types';\n\nimport { prepareTokenParams } from './util/prepareTokenParams';\nimport { buildAuthorizeParams } from './endpoints/authorize';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n/*\n * Retrieve an idToken from an Okta or a third party idp\n *\n * Two main flows:\n *\n * 1) Exchange a sessionToken for a token\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n * sessionToken: 'yourtoken'\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n *\n * Forced:\n * prompt: 'none'\n * responseMode: 'okta_post_message'\n * display: undefined\n *\n * 2) Get a token from an idp\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n * idp: defaults to Okta as an idp\n * prompt: no default. Pass 'none' to throw an error if user is not signed in\n *\n * Forced:\n * display: 'popup'\n *\n * Only common optional params shown. Any OAuth parameters not explicitly forced are available to override\n *\n * @param {Object} oauthOptions\n * @param {String} [oauthOptions.clientId] ID of this client\n * @param {String} [oauthOptions.redirectUri] URI that the iframe or popup will go to once authenticated\n * @param {String[]} [oauthOptions.scopes] OAuth 2.0 scopes to request (openid must be specified)\n * @param {String} [oauthOptions.idp] ID of an external IdP to use for user authentication\n * @param {String} [oauthOptions.sessionToken] Bootstrap Session Token returned by the Okta Authentication API\n * @param {String} [oauthOptions.prompt] Determines whether the Okta login will be displayed on failure.\n * Use 'none' to prevent this behavior\n *\n * @param {Object} options\n * @param {Integer} [options.timeout] Time in ms before the flow is automatically terminated. Defaults to 120000\n * @param {String} [options.popupTitle] Title dispayed in the popup.\n * Defaults to 'External Identity Provider User Authentication'\n */\nexport function getToken(sdk: OktaAuthOIDCInterface, options: TokenParams & PopupParams) {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getToken\" takes only a single set of options'));\n }\n\n options = options || {};\n\n // window object cannot be serialized, save for later use\n // TODO: move popup related params into a separate options object\n const popupWindow = options.popupWindow;\n options.popupWindow = undefined;\n\n return prepareTokenParams(sdk, options)\n .then(function (tokenParams: TokenParams) {\n\n // Start overriding any options that don't make sense\n var sessionTokenOverrides = {\n prompt: 'none',\n responseMode: 'okta_post_message',\n display: null\n };\n\n var idpOverrides = {\n display: 'popup'\n };\n\n if (options.sessionToken) {\n Object.assign(tokenParams, sessionTokenOverrides);\n } else if (options.idp) {\n Object.assign(tokenParams, idpOverrides);\n }\n\n // Use the query params to build the authorize url\n var requestUrl,\n endpoint,\n urls;\n\n // Get authorizeUrl and issuer\n urls = getOAuthUrls(sdk, tokenParams);\n endpoint = options.codeVerifier ? urls.tokenUrl : urls.authorizeUrl;\n requestUrl = endpoint + buildAuthorizeParams(tokenParams);\n\n // Determine the flow type\n var flowType;\n if (tokenParams.sessionToken || tokenParams.display === null) {\n flowType = 'IFRAME';\n } else if (tokenParams.display === 'popup') {\n flowType = 'POPUP';\n } else {\n flowType = 'IMPLICIT';\n }\n\n // Execute the flow type\n switch (flowType) {\n case 'IFRAME':\n var iframePromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n var iframeEl = loadFrame(requestUrl);\n return iframePromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n })\n .finally(function () {\n if (document.body.contains(iframeEl)) {\n iframeEl.parentElement?.removeChild(iframeEl);\n }\n });\n\n case 'POPUP':\n var oauthPromise; // resolves with OAuth response\n\n // Add listener on postMessage before window creation, so\n // postMessage isn't triggered before we're listening\n if (tokenParams.responseMode === 'okta_post_message') {\n if (!sdk.features.isPopupPostMessageSupported()) {\n throw new AuthSdkError('This browser doesn\\'t have full postMessage support');\n }\n oauthPromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n }\n\n // Redirect for authorization\n // popupWindown can be null when popup is blocked\n if (popupWindow) { \n popupWindow.location.assign(requestUrl);\n }\n\n // The popup may be closed without receiving an OAuth response. Setup a poller to monitor the window.\n var popupPromise = new Promise(function (resolve, reject) {\n var closePoller = setInterval(function () {\n if (!popupWindow || popupWindow.closed) {\n clearInterval(closePoller);\n reject(new AuthSdkError('Unable to parse OAuth flow response'));\n }\n }, 100);\n\n // Proxy the OAuth promise results\n oauthPromise\n .then(function (res) {\n clearInterval(closePoller);\n resolve(res);\n })\n .catch(function (err) {\n clearInterval(closePoller);\n reject(err);\n });\n });\n\n return popupPromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n })\n .finally(function () {\n if (popupWindow && !popupWindow.closed) {\n popupWindow.close();\n }\n });\n\n default:\n throw new AuthSdkError('The full page redirect flow is not supported');\n }\n });\n}"],"file":"getToken.js"}
|