@okta/okta-auth-js 6.6.0 → 6.7.0

package/cjs/oidc/util/refreshToken.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/oidc/util/refreshToken.ts"],"names":["isSameRefreshToken","a","b","refreshToken","isRefreshTokenError","err","xhr","responseJSON","error"],"mappings":";;;;;AACA;;AAEO,SAASA,kBAAT,CAA4BC,CAA5B,EAA6CC,CAA7C,EAA8D;AACnE,SAAQD,CAAC,CAACE,YAAF,KAAmBD,CAAC,CAACC,YAA7B;AACD;;AAEM,SAASC,mBAAT,CAA6BC,GAA7B,EAAyC;AAC9C,MAAI,CAAC,4BAAeA,GAAf,CAAL,EAA0B;AACxB,WAAO,KAAP;AACD;;AAED,MAAI,CAACA,GAAG,CAACC,GAAL,IAAY,CAACD,GAAG,CAACC,GAAJ,CAAQC,YAAzB,EAAuC;AACrC,WAAO,KAAP;AACD;;AAED,QAAM;AAAEA,IAAAA;AAAF,MAAmBF,GAAG,CAACC,GAA7B;;AACA,MAAIC,YAAY,CAACC,KAAb,KAAuB,eAA3B,EAA4C;AAC1C,WAAO,IAAP;AACD;;AAED,SAAO,KAAP;AACD","sourcesContent":["import { RefreshToken } from '../../types';\nimport { isAuthApiError } from '../../errors';\n\nexport function isSameRefreshToken(a: RefreshToken, b: RefreshToken) {\n  return (a.refreshToken === b.refreshToken);\n}\n\nexport function isRefreshTokenError(err: Error) {\n  if (!isAuthApiError(err)) {\n    return false;\n  }\n\n  if (!err.xhr || !err.xhr.responseJSON) {\n    return false;\n  }\n\n  const { responseJSON } = err.xhr;\n  if (responseJSON.error === 'invalid_grant') {\n    return true;\n  }\n\n  return false;\n}"],"file":"refreshToken.js"}
+{"version":3,"file":"refreshToken.js","names":["isSameRefreshToken","a","b","refreshToken","isRefreshTokenError","err","xhr","responseJSON","error"],"sources":["../../../../lib/oidc/util/refreshToken.ts"],"sourcesContent":["import { RefreshToken } from '../../types';\nimport { isAuthApiError } from '../../errors';\n\nexport function isSameRefreshToken(a: RefreshToken, b: RefreshToken) {\n  return (a.refreshToken === b.refreshToken);\n}\n\nexport function isRefreshTokenError(err: Error) {\n  if (!isAuthApiError(err)) {\n    return false;\n  }\n\n  if (!err.xhr || !err.xhr.responseJSON) {\n    return false;\n  }\n\n  const { responseJSON } = err.xhr;\n  if (responseJSON.error === 'invalid_grant') {\n    return true;\n  }\n\n  return false;\n}"],"mappings":";;;;;AACA;;AAEO,SAASA,kBAAT,CAA4BC,CAA5B,EAA6CC,CAA7C,EAA8D;EACnE,OAAQD,CAAC,CAACE,YAAF,KAAmBD,CAAC,CAACC,YAA7B;AACD;;AAEM,SAASC,mBAAT,CAA6BC,GAA7B,EAAyC;EAC9C,IAAI,CAAC,4BAAeA,GAAf,CAAL,EAA0B;IACxB,OAAO,KAAP;EACD;;EAED,IAAI,CAACA,GAAG,CAACC,GAAL,IAAY,CAACD,GAAG,CAACC,GAAJ,CAAQC,YAAzB,EAAuC;IACrC,OAAO,KAAP;EACD;;EAED,MAAM;IAAEA;EAAF,IAAmBF,GAAG,CAACC,GAA7B;;EACA,IAAIC,YAAY,CAACC,KAAb,KAAuB,eAA3B,EAA4C;IAC1C,OAAO,IAAP;EACD;;EAED,OAAO,KAAP;AACD"}

package/cjs/oidc/util/urlParams.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/oidc/util/urlParams.ts"],"names":["urlParamsToObject","hashOrSearch","plus2space","paramSplit","fragment","charAt","substring","obj","param","exec","key","value","decodeURIComponent","replace"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AAEO,SAASA,iBAAT,CAA2BC,YAA3B,EAAiD;AACtD;AACA,MAAIC,UAAU,GAAG,KAAjB;AACA,MAAIC,UAAU,GAAG,oBAAjB;AACA,MAAIC,QAAQ,GAAGH,YAAY,IAAI,EAA/B,CAJsD,CAMtD;;AACA,MAAIG,QAAQ,CAACC,MAAT,CAAgB,CAAhB,MAAuB,GAAvB,IAA8BD,QAAQ,CAACC,MAAT,CAAgB,CAAhB,MAAuB,GAAzD,EAA8D;AAC5DD,IAAAA,QAAQ,GAAGA,QAAQ,CAACE,SAAT,CAAmB,CAAnB,CAAX;AACD,GATqD,CAWtD;;;AACA,MAAIF,QAAQ,CAACC,MAAT,CAAgB,CAAhB,MAAuB,GAAvB,IAA8BD,QAAQ,CAACC,MAAT,CAAgB,CAAhB,MAAuB,GAAzD,EAA8D;AAC5DD,IAAAA,QAAQ,GAAGA,QAAQ,CAACE,SAAT,CAAmB,CAAnB,CAAX;AACD;;AAGD,MAAIC,GAAG,GAAG,EAAV,CAjBsD,CAmBtD;;AACA,MAAIC,KAAJ;;AACA,SAAO,IAAP,EAAa;AAAE;AACbA,IAAAA,KAAK,GAAGL,UAAU,CAACM,IAAX,CAAgBL,QAAhB,CAAR;;AACA,QAAI,CAACI,KAAL,EAAY;AAAE;AAAQ;;AAEtB,QAAIE,GAAG,GAAGF,KAAK,CAAC,CAAD,CAAf;AACA,QAAIG,KAAK,GAAGH,KAAK,CAAC,CAAD,CAAjB,CALW,CAOX;;AACA,QAAIE,GAAG,KAAK,UAAR,IAAsBA,GAAG,KAAK,cAA9B,IAAgDA,GAAG,KAAK,MAA5D,EAAoE;AAClEH,MAAAA,GAAG,CAACG,GAAD,CAAH,GAAWC,KAAX;AACD,KAFD,MAEO;AACLJ,MAAAA,GAAG,CAACG,GAAD,CAAH,GAAWE,kBAAkB,CAACD,KAAK,CAACE,OAAN,CAAcX,UAAd,EAA0B,GAA1B,CAAD,CAA7B;AACD;AACF;;AACD,SAAOK,GAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* eslint-disable complexity, max-statements */\n\nexport function urlParamsToObject(hashOrSearch: string) {\n  // Predefine regexs for parsing hash\n  var plus2space = /\\+/g;\n  var paramSplit = /([^&=]+)=?([^&]*)/g;\n  var fragment = hashOrSearch || '';\n\n  // Some hash based routers will automatically add a / character after the hash\n  if (fragment.charAt(0) === '#' && fragment.charAt(1) === '/') {\n    fragment = fragment.substring(2);\n  }\n\n  // Remove the leading # or ?\n  if (fragment.charAt(0) === '#' || fragment.charAt(0) === '?') {\n    fragment = fragment.substring(1);\n  }\n\n\n  var obj = {};\n\n  // Loop until we have no more params\n  var param;\n  while (true) { // eslint-disable-line no-constant-condition\n    param = paramSplit.exec(fragment);\n    if (!param) { break; }\n\n    var key = param[1];\n    var value = param[2];\n\n    // id_token should remain base64url encoded\n    if (key === 'id_token' || key === 'access_token' || key === 'code') {\n      obj[key] = value;\n    } else {\n      obj[key] = decodeURIComponent(value.replace(plus2space, ' '));\n    }\n  }\n  return obj;\n}\n"],"file":"urlParams.js"}
+{"version":3,"file":"urlParams.js","names":["urlParamsToObject","hashOrSearch","plus2space","paramSplit","fragment","charAt","substring","obj","param","exec","key","value","decodeURIComponent","replace"],"sources":["../../../../lib/oidc/util/urlParams.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* eslint-disable complexity, max-statements */\n\nexport function urlParamsToObject(hashOrSearch: string) {\n  // Predefine regexs for parsing hash\n  var plus2space = /\\+/g;\n  var paramSplit = /([^&=]+)=?([^&]*)/g;\n  var fragment = hashOrSearch || '';\n\n  // Some hash based routers will automatically add a / character after the hash\n  if (fragment.charAt(0) === '#' && fragment.charAt(1) === '/') {\n    fragment = fragment.substring(2);\n  }\n\n  // Remove the leading # or ?\n  if (fragment.charAt(0) === '#' || fragment.charAt(0) === '?') {\n    fragment = fragment.substring(1);\n  }\n\n\n  var obj = {};\n\n  // Loop until we have no more params\n  var param;\n  while (true) { // eslint-disable-line no-constant-condition\n    param = paramSplit.exec(fragment);\n    if (!param) { break; }\n\n    var key = param[1];\n    var value = param[2];\n\n    // id_token should remain base64url encoded\n    if (key === 'id_token' || key === 'access_token' || key === 'code') {\n      obj[key] = value;\n    } else {\n      obj[key] = decodeURIComponent(value.replace(plus2space, ' '));\n    }\n  }\n  return obj;\n}\n"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AAEO,SAASA,iBAAT,CAA2BC,YAA3B,EAAiD;EACtD;EACA,IAAIC,UAAU,GAAG,KAAjB;EACA,IAAIC,UAAU,GAAG,oBAAjB;EACA,IAAIC,QAAQ,GAAGH,YAAY,IAAI,EAA/B,CAJsD,CAMtD;;EACA,IAAIG,QAAQ,CAACC,MAAT,CAAgB,CAAhB,MAAuB,GAAvB,IAA8BD,QAAQ,CAACC,MAAT,CAAgB,CAAhB,MAAuB,GAAzD,EAA8D;IAC5DD,QAAQ,GAAGA,QAAQ,CAACE,SAAT,CAAmB,CAAnB,CAAX;EACD,CATqD,CAWtD;;;EACA,IAAIF,QAAQ,CAACC,MAAT,CAAgB,CAAhB,MAAuB,GAAvB,IAA8BD,QAAQ,CAACC,MAAT,CAAgB,CAAhB,MAAuB,GAAzD,EAA8D;IAC5DD,QAAQ,GAAGA,QAAQ,CAACE,SAAT,CAAmB,CAAnB,CAAX;EACD;;EAGD,IAAIC,GAAG,GAAG,EAAV,CAjBsD,CAmBtD;;EACA,IAAIC,KAAJ;;EACA,OAAO,IAAP,EAAa;IAAE;IACbA,KAAK,GAAGL,UAAU,CAACM,IAAX,CAAgBL,QAAhB,CAAR;;IACA,IAAI,CAACI,KAAL,EAAY;MAAE;IAAQ;;IAEtB,IAAIE,GAAG,GAAGF,KAAK,CAAC,CAAD,CAAf;IACA,IAAIG,KAAK,GAAGH,KAAK,CAAC,CAAD,CAAjB,CALW,CAOX;;IACA,IAAIE,GAAG,KAAK,UAAR,IAAsBA,GAAG,KAAK,cAA9B,IAAgDA,GAAG,KAAK,MAA5D,EAAoE;MAClEH,GAAG,CAACG,GAAD,CAAH,GAAWC,KAAX;IACD,CAFD,MAEO;MACLJ,GAAG,CAACG,GAAD,CAAH,GAAWE,kBAAkB,CAACD,KAAK,CAACE,OAAN,CAAcX,UAAd,EAA0B,GAA1B,CAAD,CAA7B;IACD;EACF;;EACD,OAAOK,GAAP;AACD"}

package/cjs/oidc/util/validateClaims.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/oidc/util/validateClaims.ts"],"names":["validateClaims","sdk","claims","validationParams","aud","clientId","iss","issuer","nonce","AuthSdkError","now","Math","floor","Date","iat","exp","options","ignoreLifetime","maxClockSkew"],"mappings":";;;;;;AAeA;;AAfA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AAKO,SAASA,cAAT,CAAwBC,GAAxB,EAAuDC,MAAvD,EAA2EC,gBAA3E,EAAgH;AACrH,MAAIC,GAAG,GAAGD,gBAAgB,CAACE,QAA3B;AACA,MAAIC,GAAG,GAAGH,gBAAgB,CAACI,MAA3B;AACA,MAAIC,KAAK,GAAGL,gBAAgB,CAACK,KAA7B;;AAEA,MAAI,CAACN,MAAD,IAAW,CAACI,GAAZ,IAAmB,CAACF,GAAxB,EAA6B;AAC3B,UAAM,IAAIK,qBAAJ,CAAiB,kDAAjB,CAAN;AACD;;AAED,MAAID,KAAK,IAAIN,MAAM,CAACM,KAAP,KAAiBA,KAA9B,EAAqC;AACnC,UAAM,IAAIC,qBAAJ,CAAiB,wDAAjB,CAAN;AACD;;AAED,MAAIC,GAAG,GAAGC,IAAI,CAACC,KAAL,CAAWC,IAAI,CAACH,GAAL,KAAW,IAAtB,CAAV;;AAEA,MAAIR,MAAM,CAACI,GAAP,KAAeA,GAAnB,EAAwB;AACtB,UAAM,IAAIG,qBAAJ,CAAiB,iBAAiBP,MAAM,CAACI,GAAxB,GAA8B,IAA9B,GACrB,kBADqB,GACAA,GADA,GACM,GADvB,CAAN;AAED;;AAED,MAAIJ,MAAM,CAACE,GAAP,KAAeA,GAAnB,EAAwB;AACtB,UAAM,IAAIK,qBAAJ,CAAiB,mBAAmBP,MAAM,CAACE,GAA1B,GAAgC,IAAhC,GACrB,kBADqB,GACAA,GADA,GACM,GADvB,CAAN;AAED;;AAED,MAAIF,MAAM,CAACY,GAAP,GAAcZ,MAAM,CAACa,GAAzB,EAA+B;AAC7B,UAAM,IAAIN,qBAAJ,CAAiB,sCAAjB,CAAN;AACD;;AAED,MAAI,CAACR,GAAG,CAACe,OAAJ,CAAYC,cAAjB,EAAiC;AAC/B,QAAKP,GAAG,GAAGT,GAAG,CAACe,OAAJ,CAAYE,YAAnB,GAAoChB,MAAM,CAACa,GAA/C,EAAqD;AACnD,YAAM,IAAIN,qBAAJ,CAAiB,wCAAjB,CAAN;AACD;;AAED,QAAIP,MAAM,CAACY,GAAP,GAAeJ,GAAG,GAAGT,GAAG,CAACe,OAAJ,CAAYE,YAArC,EAAqD;AACnD,YAAM,IAAIT,qBAAJ,CAAiB,kCAAjB,CAAN;AACD;AACF;AACF","sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* eslint-disable complexity, max-statements */\n\nimport AuthSdkError from '../../errors/AuthSdkError';\nimport { OktaAuthOptionsInterface, TokenVerifyParams, UserClaims } from '../../types';\n\nexport function validateClaims(sdk: OktaAuthOptionsInterface, claims: UserClaims, validationParams: TokenVerifyParams) {\n  var aud = validationParams.clientId;\n  var iss = validationParams.issuer;\n  var nonce = validationParams.nonce;\n\n  if (!claims || !iss || !aud) {\n    throw new AuthSdkError('The jwt, iss, and aud arguments are all required');\n  }\n\n  if (nonce && claims.nonce !== nonce) {\n    throw new AuthSdkError('OAuth flow response nonce doesn\\'t match request nonce');\n  }\n\n  var now = Math.floor(Date.now()/1000);\n\n  if (claims.iss !== iss) {\n    throw new AuthSdkError('The issuer [' + claims.iss + '] ' +\n      'does not match [' + iss + ']');\n  }\n\n  if (claims.aud !== aud) {\n    throw new AuthSdkError('The audience [' + claims.aud + '] ' +\n      'does not match [' + aud + ']');\n  }\n\n  if (claims.iat! > claims.exp!) {\n    throw new AuthSdkError('The JWT expired before it was issued');\n  }\n\n  if (!sdk.options.ignoreLifetime) {\n    if ((now - sdk.options.maxClockSkew!) > claims.exp!) {\n      throw new AuthSdkError('The JWT expired and is no longer valid');\n    }\n\n    if (claims.iat! > (now + sdk.options.maxClockSkew!)) {\n      throw new AuthSdkError('The JWT was issued in the future');\n    }\n  }\n}\n"],"file":"validateClaims.js"}
+{"version":3,"file":"validateClaims.js","names":["validateClaims","sdk","claims","validationParams","aud","clientId","iss","issuer","nonce","AuthSdkError","now","Math","floor","Date","iat","exp","options","ignoreLifetime","maxClockSkew"],"sources":["../../../../lib/oidc/util/validateClaims.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* eslint-disable complexity, max-statements */\n\nimport AuthSdkError from '../../errors/AuthSdkError';\nimport { OktaAuthOptionsInterface, TokenVerifyParams, UserClaims } from '../../types';\n\nexport function validateClaims(sdk: OktaAuthOptionsInterface, claims: UserClaims, validationParams: TokenVerifyParams) {\n  var aud = validationParams.clientId;\n  var iss = validationParams.issuer;\n  var nonce = validationParams.nonce;\n\n  if (!claims || !iss || !aud) {\n    throw new AuthSdkError('The jwt, iss, and aud arguments are all required');\n  }\n\n  if (nonce && claims.nonce !== nonce) {\n    throw new AuthSdkError('OAuth flow response nonce doesn\\'t match request nonce');\n  }\n\n  var now = Math.floor(Date.now()/1000);\n\n  if (claims.iss !== iss) {\n    throw new AuthSdkError('The issuer [' + claims.iss + '] ' +\n      'does not match [' + iss + ']');\n  }\n\n  if (claims.aud !== aud) {\n    throw new AuthSdkError('The audience [' + claims.aud + '] ' +\n      'does not match [' + aud + ']');\n  }\n\n  if (claims.iat! > claims.exp!) {\n    throw new AuthSdkError('The JWT expired before it was issued');\n  }\n\n  if (!sdk.options.ignoreLifetime) {\n    if ((now - sdk.options.maxClockSkew!) > claims.exp!) {\n      throw new AuthSdkError('The JWT expired and is no longer valid');\n    }\n\n    if (claims.iat! > (now + sdk.options.maxClockSkew!)) {\n      throw new AuthSdkError('The JWT was issued in the future');\n    }\n  }\n}\n"],"mappings":";;;;;;AAeA;;AAfA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AAKO,SAASA,cAAT,CAAwBC,GAAxB,EAAuDC,MAAvD,EAA2EC,gBAA3E,EAAgH;EACrH,IAAIC,GAAG,GAAGD,gBAAgB,CAACE,QAA3B;EACA,IAAIC,GAAG,GAAGH,gBAAgB,CAACI,MAA3B;EACA,IAAIC,KAAK,GAAGL,gBAAgB,CAACK,KAA7B;;EAEA,IAAI,CAACN,MAAD,IAAW,CAACI,GAAZ,IAAmB,CAACF,GAAxB,EAA6B;IAC3B,MAAM,IAAIK,qBAAJ,CAAiB,kDAAjB,CAAN;EACD;;EAED,IAAID,KAAK,IAAIN,MAAM,CAACM,KAAP,KAAiBA,KAA9B,EAAqC;IACnC,MAAM,IAAIC,qBAAJ,CAAiB,wDAAjB,CAAN;EACD;;EAED,IAAIC,GAAG,GAAGC,IAAI,CAACC,KAAL,CAAWC,IAAI,CAACH,GAAL,KAAW,IAAtB,CAAV;;EAEA,IAAIR,MAAM,CAACI,GAAP,KAAeA,GAAnB,EAAwB;IACtB,MAAM,IAAIG,qBAAJ,CAAiB,iBAAiBP,MAAM,CAACI,GAAxB,GAA8B,IAA9B,GACrB,kBADqB,GACAA,GADA,GACM,GADvB,CAAN;EAED;;EAED,IAAIJ,MAAM,CAACE,GAAP,KAAeA,GAAnB,EAAwB;IACtB,MAAM,IAAIK,qBAAJ,CAAiB,mBAAmBP,MAAM,CAACE,GAA1B,GAAgC,IAAhC,GACrB,kBADqB,GACAA,GADA,GACM,GADvB,CAAN;EAED;;EAED,IAAIF,MAAM,CAACY,GAAP,GAAcZ,MAAM,CAACa,GAAzB,EAA+B;IAC7B,MAAM,IAAIN,qBAAJ,CAAiB,sCAAjB,CAAN;EACD;;EAED,IAAI,CAACR,GAAG,CAACe,OAAJ,CAAYC,cAAjB,EAAiC;IAC/B,IAAKP,GAAG,GAAGT,GAAG,CAACe,OAAJ,CAAYE,YAAnB,GAAoChB,MAAM,CAACa,GAA/C,EAAqD;MACnD,MAAM,IAAIN,qBAAJ,CAAiB,wCAAjB,CAAN;IACD;;IAED,IAAIP,MAAM,CAACY,GAAP,GAAeJ,GAAG,GAAGT,GAAG,CAACe,OAAJ,CAAYE,YAArC,EAAqD;MACnD,MAAM,IAAIT,qBAAJ,CAAiB,kCAAjB,CAAN;IACD;EACF;AACF"}

package/cjs/oidc/util/validateToken.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../lib/oidc/util/validateToken.ts"],"names":["validateToken","token","type","AuthSdkError"],"mappings":";;;;AAEA;;AACA;;AAHA;AAKO,SAASA,aAAT,CAAuBC,KAAvB,EAAqCC,IAArC,EAAuD;AAC5D,MAAI,CAAC,sBAAUD,KAAV,CAAD,IAAqB,CAAC,0BAAcA,KAAd,CAAtB,IAA8C,CAAC,2BAAeA,KAAf,CAAnD,EAA0E;AACxE,UAAM,IAAIE,oBAAJ,CACJ,+GADI,CAAN;AAGD;;AAED,MAAID,IAAI,KAAK,aAAT,IAA0B,CAAC,0BAAcD,KAAd,CAA/B,EAAqD;AACnD,UAAM,IAAIE,oBAAJ,CAAiB,qBAAjB,CAAN;AACD;;AACD,MAAID,IAAI,KAAK,SAAT,IAAsB,CAAC,sBAAUD,KAAV,CAA3B,EAA6C;AAC3C,UAAM,IAAIE,oBAAJ,CAAiB,iBAAjB,CAAN;AACD;;AAED,MAAID,IAAI,KAAK,cAAT,IAA2B,CAAC,2BAAeD,KAAf,CAAhC,EAAuD;AACrD,UAAM,IAAIE,oBAAJ,CAAiB,sBAAjB,CAAN;AACD;AACF","sourcesContent":["/* eslint-disable complexity */\n\nimport { AuthSdkError } from '../../errors';\nimport { isAccessToken, isIDToken, isRefreshToken, Token, TokenType } from '../../types';\n\nexport function validateToken(token: Token, type?: TokenType) {\n  if (!isIDToken(token) && !isAccessToken(token) && !isRefreshToken(token)) {\n    throw new AuthSdkError(\n      'Token must be an Object with scopes, expiresAt, and one of: an idToken, accessToken, or refreshToken property'\n    );\n  }\n  \n  if (type === 'accessToken' && !isAccessToken(token)) {\n    throw new AuthSdkError('invalid accessToken');\n  } \n  if (type === 'idToken' && !isIDToken(token)) {\n    throw new AuthSdkError('invalid idToken');\n  }\n\n  if (type === 'refreshToken' && !isRefreshToken(token)) {\n    throw new AuthSdkError('invalid refreshToken');\n  }\n}"],"file":"validateToken.js"}
+{"version":3,"file":"validateToken.js","names":["validateToken","token","type","AuthSdkError"],"sources":["../../../../lib/oidc/util/validateToken.ts"],"sourcesContent":["/* eslint-disable complexity */\n\nimport { AuthSdkError } from '../../errors';\nimport { isAccessToken, isIDToken, isRefreshToken, Token, TokenType } from '../../types';\n\nexport function validateToken(token: Token, type?: TokenType) {\n  if (!isIDToken(token) && !isAccessToken(token) && !isRefreshToken(token)) {\n    throw new AuthSdkError(\n      'Token must be an Object with scopes, expiresAt, and one of: an idToken, accessToken, or refreshToken property'\n    );\n  }\n  \n  if (type === 'accessToken' && !isAccessToken(token)) {\n    throw new AuthSdkError('invalid accessToken');\n  } \n  if (type === 'idToken' && !isIDToken(token)) {\n    throw new AuthSdkError('invalid idToken');\n  }\n\n  if (type === 'refreshToken' && !isRefreshToken(token)) {\n    throw new AuthSdkError('invalid refreshToken');\n  }\n}"],"mappings":";;;;AAEA;;AACA;;AAHA;AAKO,SAASA,aAAT,CAAuBC,KAAvB,EAAqCC,IAArC,EAAuD;EAC5D,IAAI,CAAC,sBAAUD,KAAV,CAAD,IAAqB,CAAC,0BAAcA,KAAd,CAAtB,IAA8C,CAAC,2BAAeA,KAAf,CAAnD,EAA0E;IACxE,MAAM,IAAIE,oBAAJ,CACJ,+GADI,CAAN;EAGD;;EAED,IAAID,IAAI,KAAK,aAAT,IAA0B,CAAC,0BAAcD,KAAd,CAA/B,EAAqD;IACnD,MAAM,IAAIE,oBAAJ,CAAiB,qBAAjB,CAAN;EACD;;EACD,IAAID,IAAI,KAAK,SAAT,IAAsB,CAAC,sBAAUD,KAAV,CAA3B,EAA6C;IAC3C,MAAM,IAAIE,oBAAJ,CAAiB,iBAAjB,CAAN;EACD;;EAED,IAAID,IAAI,KAAK,cAAT,IAA2B,CAAC,2BAAeD,KAAf,CAAhC,EAAuD;IACrD,MAAM,IAAIE,oBAAJ,CAAiB,sBAAjB,CAAN;EACD;AACF"}

package/cjs/oidc/verifyToken.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/oidc/verifyToken.ts"],"names":["verifyToken","sdk","token","validationParams","idToken","AuthSdkError","jwt","configuredIssuer","issuer","options","validationOptions","clientId","ignoreSignature","payload","features","isTokenVerifySupported","key","header","kid","valid","sdkCrypto","accessToken","claims","at_hash","hash","getOidcHash"],"mappings":";;;;;;;;;;;;AAcA;;AACA;;AACA;;AAEA;;AACA;;;;;;AAnBA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAQA;AACO,eAAeA,WAAf,CAA2BC,GAA3B,EAAuDC,KAAvD,EAAuEC,gBAAvE,EAA8H;AACnI,MAAI,CAACD,KAAD,IAAU,CAACA,KAAK,CAACE,OAArB,EAA8B;AAC5B,UAAM,IAAIC,oBAAJ,CAAiB,+BAAjB,CAAN;AACD,GAHkI,CAKnI;;;AACA,MAAIC,GAAG,GAAG,8BAAYJ,KAAK,CAACE,OAAlB,CAAV,CANmI,CAQnI;AACA;;AACA,QAAMG,gBAAgB,GAAG,CAAAJ,gBAAgB,SAAhB,IAAAA,gBAAgB,WAAhB,YAAAA,gBAAgB,CAAEK,MAAlB,KAA4BP,GAAG,CAACQ,OAAJ,CAAYD,MAAjE;AACA,QAAM;AAAEA,IAAAA;AAAF,MAAa,MAAM,6BAAaP,GAAb,EAAkBM,gBAAlB,CAAzB;AAEA,MAAIG,iBAAoC,GAAG,qBAAc;AACvD;AACAC,IAAAA,QAAQ,EAAEV,GAAG,CAACQ,OAAJ,CAAYE,QAFiC;AAGvDC,IAAAA,eAAe,EAAEX,GAAG,CAACQ,OAAJ,CAAYG;AAH0B,GAAd,EAIxCT,gBAJwC,EAItB;AACnB;AACAK,IAAAA;AAFmB,GAJsB,CAA3C,CAbmI,CAsBnI;;AACA,4BAAeP,GAAf,EAAoBK,GAAG,CAACO,OAAxB,EAAiCH,iBAAjC,EAvBmI,CAyBnI;AACA;;AACA,MAAIA,iBAAiB,CAACE,eAAlB,IAAqC,IAArC,IAA6C,CAACX,GAAG,CAACa,QAAJ,CAAaC,sBAAb,EAAlD,EAAyF;AACvF,WAAOb,KAAP;AACD,GA7BkI,CA+BnI;;;AACA,QAAMc,GAAG,GAAG,MAAM,uBAAOf,GAAP,EAAYC,KAAK,CAACM,MAAlB,EAA0BF,GAAG,CAACW,MAAJ,CAAWC,GAArC,CAAlB;AACA,QAAMC,KAAK,GAAG,MAAMC,SAAS,CAACpB,WAAV,CAAsBE,KAAK,CAACE,OAA5B,EAAqCY,GAArC,CAApB;;AACA,MAAI,CAACG,KAAL,EAAY;AACV,UAAM,IAAId,oBAAJ,CAAiB,kCAAjB,CAAN;AACD;;AACD,MAAIF,gBAAgB,IAAIA,gBAAgB,CAACkB,WAArC,IAAoDnB,KAAK,CAACoB,MAAN,CAAaC,OAArE,EAA8E;AAC5E,UAAMC,IAAI,GAAG,MAAMJ,SAAS,CAACK,WAAV,CAAsBtB,gBAAgB,CAACkB,WAAvC,CAAnB;;AACA,QAAIG,IAAI,KAAKtB,KAAK,CAACoB,MAAN,CAAaC,OAA1B,EAAmC;AACjC,YAAM,IAAIlB,oBAAJ,CAAiB,gCAAjB,CAAN;AACD;AACF;;AACD,SAAOH,KAAP;AACD","sourcesContent":["/* eslint-disable max-len */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown, getKey } from './endpoints/well-known';\nimport { validateClaims } from './util';\nimport { AuthSdkError } from '../errors';\nimport { IDToken, OktaAuthOIDCInterface, TokenVerifyParams } from '../types';\nimport { decodeToken } from './decodeToken';\nimport * as sdkCrypto from '../crypto';\n\n// Verify the id token\nexport async function verifyToken(sdk: OktaAuthOIDCInterface, token: IDToken, validationParams: TokenVerifyParams): Promise<IDToken> {\n  if (!token || !token.idToken) {\n    throw new AuthSdkError('Only idTokens may be verified');\n  }\n\n  // Decode the Jwt object (may throw)\n  var jwt = decodeToken(token.idToken);\n\n  // The configured issuer may point to a frontend proxy.\n  // Get the \"real\" issuer from .well-known/openid-configuration\n  const configuredIssuer = validationParams?.issuer || sdk.options.issuer;\n  const { issuer } = await getWellKnown(sdk, configuredIssuer);\n\n  var validationOptions: TokenVerifyParams = Object.assign({\n    // base options, can be overridden by params\n    clientId: sdk.options.clientId,\n    ignoreSignature: sdk.options.ignoreSignature\n  }, validationParams, {\n    // final options, cannot be overridden\n    issuer\n  });\n\n  // Standard claim validation (may throw)\n  validateClaims(sdk, jwt.payload, validationOptions);\n\n  // If the browser doesn't support native crypto or we choose not\n  // to verify the signature, bail early\n  if (validationOptions.ignoreSignature == true || !sdk.features.isTokenVerifySupported()) {\n    return token;\n  }\n\n  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n  const key = await getKey(sdk, token.issuer, jwt.header.kid!);\n  const valid = await sdkCrypto.verifyToken(token.idToken, key);\n  if (!valid) {\n    throw new AuthSdkError('The token signature is not valid');\n  }\n  if (validationParams && validationParams.accessToken && token.claims.at_hash) {\n    const hash = await sdkCrypto.getOidcHash(validationParams.accessToken);\n    if (hash !== token.claims.at_hash) {\n      throw new AuthSdkError('Token hash verification failed');\n    }\n  }\n  return token;\n}\n"],"file":"verifyToken.js"}
+{"version":3,"file":"verifyToken.js","names":["verifyToken","sdk","token","validationParams","idToken","AuthSdkError","jwt","configuredIssuer","issuer","options","validationOptions","clientId","ignoreSignature","payload","features","isTokenVerifySupported","key","header","kid","valid","sdkCrypto","accessToken","claims","at_hash","hash","getOidcHash"],"sources":["../../../lib/oidc/verifyToken.ts"],"sourcesContent":["/* eslint-disable max-len */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown, getKey } from './endpoints/well-known';\nimport { validateClaims } from './util';\nimport { AuthSdkError } from '../errors';\nimport { IDToken, OktaAuthOIDCInterface, TokenVerifyParams } from '../types';\nimport { decodeToken } from './decodeToken';\nimport * as sdkCrypto from '../crypto';\n\n// Verify the id token\nexport async function verifyToken(sdk: OktaAuthOIDCInterface, token: IDToken, validationParams: TokenVerifyParams): Promise<IDToken> {\n  if (!token || !token.idToken) {\n    throw new AuthSdkError('Only idTokens may be verified');\n  }\n\n  // Decode the Jwt object (may throw)\n  var jwt = decodeToken(token.idToken);\n\n  // The configured issuer may point to a frontend proxy.\n  // Get the \"real\" issuer from .well-known/openid-configuration\n  const configuredIssuer = validationParams?.issuer || sdk.options.issuer;\n  const { issuer } = await getWellKnown(sdk, configuredIssuer);\n\n  var validationOptions: TokenVerifyParams = Object.assign({\n    // base options, can be overridden by params\n    clientId: sdk.options.clientId,\n    ignoreSignature: sdk.options.ignoreSignature\n  }, validationParams, {\n    // final options, cannot be overridden\n    issuer\n  });\n\n  // Standard claim validation (may throw)\n  validateClaims(sdk, jwt.payload, validationOptions);\n\n  // If the browser doesn't support native crypto or we choose not\n  // to verify the signature, bail early\n  if (validationOptions.ignoreSignature == true || !sdk.features.isTokenVerifySupported()) {\n    return token;\n  }\n\n  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n  const key = await getKey(sdk, token.issuer, jwt.header.kid!);\n  const valid = await sdkCrypto.verifyToken(token.idToken, key);\n  if (!valid) {\n    throw new AuthSdkError('The token signature is not valid');\n  }\n  if (validationParams && validationParams.accessToken && token.claims.at_hash) {\n    const hash = await sdkCrypto.getOidcHash(validationParams.accessToken);\n    if (hash !== token.claims.at_hash) {\n      throw new AuthSdkError('Token hash verification failed');\n    }\n  }\n  return token;\n}\n"],"mappings":";;;;;;;;;;;;AAcA;;AACA;;AACA;;AAEA;;AACA;;;;;;AAnBA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAQA;AACO,eAAeA,WAAf,CAA2BC,GAA3B,EAAuDC,KAAvD,EAAuEC,gBAAvE,EAA8H;EACnI,IAAI,CAACD,KAAD,IAAU,CAACA,KAAK,CAACE,OAArB,EAA8B;IAC5B,MAAM,IAAIC,oBAAJ,CAAiB,+BAAjB,CAAN;EACD,CAHkI,CAKnI;;;EACA,IAAIC,GAAG,GAAG,8BAAYJ,KAAK,CAACE,OAAlB,CAAV,CANmI,CAQnI;EACA;;EACA,MAAMG,gBAAgB,GAAG,CAAAJ,gBAAgB,SAAhB,IAAAA,gBAAgB,WAAhB,YAAAA,gBAAgB,CAAEK,MAAlB,KAA4BP,GAAG,CAACQ,OAAJ,CAAYD,MAAjE;EACA,MAAM;IAAEA;EAAF,IAAa,MAAM,6BAAaP,GAAb,EAAkBM,gBAAlB,CAAzB;EAEA,IAAIG,iBAAoC,GAAG,qBAAc;IACvD;IACAC,QAAQ,EAAEV,GAAG,CAACQ,OAAJ,CAAYE,QAFiC;IAGvDC,eAAe,EAAEX,GAAG,CAACQ,OAAJ,CAAYG;EAH0B,CAAd,EAIxCT,gBAJwC,EAItB;IACnB;IACAK;EAFmB,CAJsB,CAA3C,CAbmI,CAsBnI;;EACA,0BAAeP,GAAf,EAAoBK,GAAG,CAACO,OAAxB,EAAiCH,iBAAjC,EAvBmI,CAyBnI;EACA;;EACA,IAAIA,iBAAiB,CAACE,eAAlB,IAAqC,IAArC,IAA6C,CAACX,GAAG,CAACa,QAAJ,CAAaC,sBAAb,EAAlD,EAAyF;IACvF,OAAOb,KAAP;EACD,CA7BkI,CA+BnI;;;EACA,MAAMc,GAAG,GAAG,MAAM,uBAAOf,GAAP,EAAYC,KAAK,CAACM,MAAlB,EAA0BF,GAAG,CAACW,MAAJ,CAAWC,GAArC,CAAlB;EACA,MAAMC,KAAK,GAAG,MAAMC,SAAS,CAACpB,WAAV,CAAsBE,KAAK,CAACE,OAA5B,EAAqCY,GAArC,CAApB;;EACA,IAAI,CAACG,KAAL,EAAY;IACV,MAAM,IAAId,oBAAJ,CAAiB,kCAAjB,CAAN;EACD;;EACD,IAAIF,gBAAgB,IAAIA,gBAAgB,CAACkB,WAArC,IAAoDnB,KAAK,CAACoB,MAAN,CAAaC,OAArE,EAA8E;IAC5E,MAAMC,IAAI,GAAG,MAAMJ,SAAS,CAACK,WAAV,CAAsBtB,gBAAgB,CAACkB,WAAvC,CAAnB;;IACA,IAAIG,IAAI,KAAKtB,KAAK,CAACoB,MAAN,CAAaC,OAA1B,EAAmC;MACjC,MAAM,IAAIlB,oBAAJ,CAAiB,gCAAjB,CAAN;IACD;EACF;;EACD,OAAOH,KAAP;AACD"}

package/cjs/options/browser.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/options/browser.ts"],"names":["getStorage","storageUtil","browserStorage","inMemoryStore","STORAGE_MANAGER_OPTIONS","token","storageTypes","cache","transaction","enableSharedStorage","getCookieSettings","args","isHTTPS","cookieSettings","cookies","secure","sameSite"],"mappings":";;;;;;;;;;AAcA;;AAEA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAMO,SAASA,UAAT,GAAmC;AACxC,QAAMC,WAAW,GAAG,qBAAc,EAAd,EAAkBC,uBAAlB,EAAkC;AACpDC,IAAAA,aAAa,EAAE,EADqC,CAClC;;AADkC,GAAlC,CAApB;AAGA,SAAOF,WAAP;AACD;;AAEM,MAAMG,uBAA8C,GAAG;AAC5DC,EAAAA,KAAK,EAAE;AACLC,IAAAA,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY;AADT,GADqD;AAQ5DC,EAAAA,KAAK,EAAE;AACLD,IAAAA,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY;AADT,GARqD;AAe5DE,EAAAA,WAAW,EAAE;AACXF,IAAAA,YAAY,EAAE,CACZ,gBADY,EAEZ,cAFY,EAGZ,QAHY;AADH,GAf+C;AAsB5D,wBAAsB;AACpBA,IAAAA,YAAY,EAAE,CACZ,cADY;AADM,GAtBsC;AA2B5D,kBAAgB;AACdA,IAAAA,YAAY,EAAE,CACZ,cADY;AADA;AA3B4C,CAAvD;;AAkCA,MAAMG,mBAAmB,GAAG,IAA5B;;;AAEA,SAASC,iBAAT,CAA2BC,IAAqB,GAAG,EAAnD,EAAuDC,OAAvD,EAAyE;AAC9E;AACA;AACA;AACA,MAAIC,cAAc,GAAGF,IAAI,CAACG,OAAL,IAAgB,EAArC;;AACA,MAAI,OAAOD,cAAc,CAACE,MAAtB,KAAiC,WAArC,EAAkD;AAChDF,IAAAA,cAAc,CAACE,MAAf,GAAwBH,OAAxB;AACD;;AACD,MAAI,OAAOC,cAAc,CAACG,QAAtB,KAAmC,WAAvC,EAAoD;AAClDH,IAAAA,cAAc,CAACG,QAAf,GAA0BH,cAAc,CAACE,MAAf,GAAwB,MAAxB,GAAiC,KAA3D;AACD,GAV6E,CAY9E;;;AACA,MAAIF,cAAc,CAACE,MAAf,IAAyB,CAACH,OAA9B,EAAuC;AACrC;AACA,oBACE,oEACA,4DADA,GAEA,gEAHF;AAKAC,IAAAA,cAAc,CAACE,MAAf,GAAwB,KAAxB;AACD,GArB6E,CAuB9E;AACA;;;AACA,MAAIF,cAAc,CAACG,QAAf,KAA4B,MAA5B,IAAsC,CAACH,cAAc,CAACE,MAA1D,EAAkE;AAChEF,IAAAA,cAAc,CAACG,QAAf,GAA0B,KAA1B;AACD;;AAED,SAAOH,cAAP;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable complexity */\nimport { StorageManagerOptions, OktaAuthOptions, StorageUtil } from '../types';\nimport { warn } from '../util';\n\nimport { default as browserStorage } from '../browser/browserStorage';\n\nexport function getStorage(): StorageUtil {\n  const storageUtil = Object.assign({}, browserStorage, {\n    inMemoryStore: {} // create unique storage for this instance\n  });\n  return storageUtil;\n}\n\nexport const STORAGE_MANAGER_OPTIONS: StorageManagerOptions = {\n  token: {\n    storageTypes: [\n      'localStorage',\n      'sessionStorage',\n      'cookie'\n    ]\n  },\n  cache: {\n    storageTypes: [\n      'localStorage',\n      'sessionStorage',\n      'cookie'\n    ]\n  },\n  transaction: {\n    storageTypes: [\n      'sessionStorage',\n      'localStorage',\n      'cookie'\n    ]\n  },\n  'shared-transaction': {\n    storageTypes: [\n      'localStorage'\n    ]\n  },\n  'original-uri': {\n    storageTypes: [\n      'localStorage'\n    ]\n  }\n};\n\nexport const enableSharedStorage = true;\n\nexport function getCookieSettings(args: OktaAuthOptions = {}, isHTTPS: boolean) {\n  // Secure cookies will be automatically used on a HTTPS connection\n  // Non-secure cookies will be automatically used on a HTTP connection\n  // secure option can override the automatic behavior\n  var cookieSettings = args.cookies || {};\n  if (typeof cookieSettings.secure === 'undefined') {\n    cookieSettings.secure = isHTTPS;\n  }\n  if (typeof cookieSettings.sameSite === 'undefined') {\n    cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';\n  }\n\n  // If secure=true, but the connection is not HTTPS, set secure=false.\n  if (cookieSettings.secure && !isHTTPS) {\n    // eslint-disable-next-line no-console\n    warn(\n      'The current page is not being served with the HTTPS protocol.\\n' +\n      'For security reasons, we strongly recommend using HTTPS.\\n' +\n      'If you cannot use HTTPS, set \"cookies.secure\" option to false.'\n    );\n    cookieSettings.secure = false;\n  }\n\n  // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure\n  // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.\n  if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {\n    cookieSettings.sameSite = 'lax';\n  }\n\n  return cookieSettings;\n}\n"],"file":"browser.js"}
+{"version":3,"file":"browser.js","names":["getStorage","storageUtil","browserStorage","inMemoryStore","STORAGE_MANAGER_OPTIONS","token","storageTypes","cache","transaction","enableSharedStorage","getCookieSettings","args","isHTTPS","cookieSettings","cookies","secure","sameSite"],"sources":["../../../lib/options/browser.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable complexity */\nimport { StorageManagerOptions, OktaAuthOptions, StorageUtil } from '../types';\nimport { warn } from '../util';\n\nimport { default as browserStorage } from '../browser/browserStorage';\n\nexport function getStorage(): StorageUtil {\n  const storageUtil = Object.assign({}, browserStorage, {\n    inMemoryStore: {} // create unique storage for this instance\n  });\n  return storageUtil;\n}\n\nexport const STORAGE_MANAGER_OPTIONS: StorageManagerOptions = {\n  token: {\n    storageTypes: [\n      'localStorage',\n      'sessionStorage',\n      'cookie'\n    ]\n  },\n  cache: {\n    storageTypes: [\n      'localStorage',\n      'sessionStorage',\n      'cookie'\n    ]\n  },\n  transaction: {\n    storageTypes: [\n      'sessionStorage',\n      'localStorage',\n      'cookie'\n    ]\n  },\n  'shared-transaction': {\n    storageTypes: [\n      'localStorage'\n    ]\n  },\n  'original-uri': {\n    storageTypes: [\n      'localStorage'\n    ]\n  }\n};\n\nexport const enableSharedStorage = true;\n\nexport function getCookieSettings(args: OktaAuthOptions = {}, isHTTPS: boolean) {\n  // Secure cookies will be automatically used on a HTTPS connection\n  // Non-secure cookies will be automatically used on a HTTP connection\n  // secure option can override the automatic behavior\n  var cookieSettings = args.cookies || {};\n  if (typeof cookieSettings.secure === 'undefined') {\n    cookieSettings.secure = isHTTPS;\n  }\n  if (typeof cookieSettings.sameSite === 'undefined') {\n    cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';\n  }\n\n  // If secure=true, but the connection is not HTTPS, set secure=false.\n  if (cookieSettings.secure && !isHTTPS) {\n    // eslint-disable-next-line no-console\n    warn(\n      'The current page is not being served with the HTTPS protocol.\\n' +\n      'For security reasons, we strongly recommend using HTTPS.\\n' +\n      'If you cannot use HTTPS, set \"cookies.secure\" option to false.'\n    );\n    cookieSettings.secure = false;\n  }\n\n  // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure\n  // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.\n  if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {\n    cookieSettings.sameSite = 'lax';\n  }\n\n  return cookieSettings;\n}\n"],"mappings":";;;;;;;;;;AAcA;;AAEA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAMO,SAASA,UAAT,GAAmC;EACxC,MAAMC,WAAW,GAAG,qBAAc,EAAd,EAAkBC,uBAAlB,EAAkC;IACpDC,aAAa,EAAE,EADqC,CAClC;;EADkC,CAAlC,CAApB;EAGA,OAAOF,WAAP;AACD;;AAEM,MAAMG,uBAA8C,GAAG;EAC5DC,KAAK,EAAE;IACLC,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY;EADT,CADqD;EAQ5DC,KAAK,EAAE;IACLD,YAAY,EAAE,CACZ,cADY,EAEZ,gBAFY,EAGZ,QAHY;EADT,CARqD;EAe5DE,WAAW,EAAE;IACXF,YAAY,EAAE,CACZ,gBADY,EAEZ,cAFY,EAGZ,QAHY;EADH,CAf+C;EAsB5D,sBAAsB;IACpBA,YAAY,EAAE,CACZ,cADY;EADM,CAtBsC;EA2B5D,gBAAgB;IACdA,YAAY,EAAE,CACZ,cADY;EADA;AA3B4C,CAAvD;;AAkCA,MAAMG,mBAAmB,GAAG,IAA5B;;;AAEA,SAASC,iBAAT,CAA2BC,IAAqB,GAAG,EAAnD,EAAuDC,OAAvD,EAAyE;EAC9E;EACA;EACA;EACA,IAAIC,cAAc,GAAGF,IAAI,CAACG,OAAL,IAAgB,EAArC;;EACA,IAAI,OAAOD,cAAc,CAACE,MAAtB,KAAiC,WAArC,EAAkD;IAChDF,cAAc,CAACE,MAAf,GAAwBH,OAAxB;EACD;;EACD,IAAI,OAAOC,cAAc,CAACG,QAAtB,KAAmC,WAAvC,EAAoD;IAClDH,cAAc,CAACG,QAAf,GAA0BH,cAAc,CAACE,MAAf,GAAwB,MAAxB,GAAiC,KAA3D;EACD,CAV6E,CAY9E;;;EACA,IAAIF,cAAc,CAACE,MAAf,IAAyB,CAACH,OAA9B,EAAuC;IACrC;IACA,gBACE,oEACA,4DADA,GAEA,gEAHF;IAKAC,cAAc,CAACE,MAAf,GAAwB,KAAxB;EACD,CArB6E,CAuB9E;EACA;;;EACA,IAAIF,cAAc,CAACG,QAAf,KAA4B,MAA5B,IAAsC,CAACH,cAAc,CAACE,MAA1D,EAAkE;IAChEF,cAAc,CAACG,QAAf,GAA0B,KAA1B;EACD;;EAED,OAAOH,cAAP;AACD"}

package/cjs/options/index.js

@@ -73,6 +73,7 @@ function buildOptions(args = {}) {
     useInteractionCodeFlow: args.useInteractionCodeFlow,
     // Internal options
     httpRequestClient: args.httpRequestClient,
+    httpRequestInterceptors: args.httpRequestInterceptors,
     transformErrorXHR: args.transformErrorXHR,
     transformAuthState: args.transformAuthState,
     restoreOriginalUri: args.restoreOriginalUri,
@@ -97,7 +98,8 @@ function buildOptions(args = {}) {
     // Give the developer the ability to disable token signature validation.
     ignoreSignature: !!args.ignoreSignature,
     // Server-side web applications
-    clientSecret: args.clientSecret
+    clientSecret: args.clientSecret,
+    setLocation: args.setLocation
   });
 }
 //# sourceMappingURL=index.js.map

package/cjs/options/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/options/index.ts"],"names":["getDefaultOptions","options","devMode","httpRequestClient","fetchRequest","storageUtil","storageManager","STORAGE_MANAGER_OPTIONS","transactionManager","enableSharedStorage","mergeOptions","args","buildOptions","issuer","tokenUrl","authorizeUrl","userinfoUrl","revokeUrl","logoutUrl","clientId","redirectUri","state","scopes","postLogoutRedirectUri","responseMode","responseType","pkce","useInteractionCodeFlow","transformErrorXHR","transformAuthState","restoreOriginalUri","headers","cookies","flow","codeChallenge","codeChallengeMethod","recoveryToken","activationToken","idx","useGenericRemediator","exchangeCodeForTokens","ignoreSignature","clientSecret"],"mappings":";;;;;;;;;AAYA;;AACA;;AAGA;;AACA;;AACA;;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAUO,SAASA,iBAAT,GAA8C;AAGnD,QAAMC,OAAO,GAAG;AACdC,IAAAA,OAAO,EAAE,KADK;AAEdC,IAAAA,iBAAiB,EAAEC,qBAFL;AAGdC,IAAAA,WAAW,EAAE,uBAHC;AAIdC,IAAAA,cAAc,EAAEC,6BAJF;AAKdC,IAAAA,kBAAkB,EAAE;AAClBC,MAAAA,mBAAmB,EAAnBA;AADkB;AALN,GAAhB;AASA,SAAOR,OAAP;AACD;;AAED,SAASS,YAAT,CAAsBT,OAAtB,EAA+BU,IAA/B,EAAsD;AACpD,SAAO,qBAAc,EAAd,EAAkBV,OAAlB,EAA2B,sBAAWU,IAAX,CAA3B,EAA6C;AAClDL,IAAAA,cAAc,EAAE,qBAAc,EAAd,EAAkBL,OAAO,CAACK,cAA1B,EAA0CK,IAAI,CAACL,cAA/C,CADkC;AAElDE,IAAAA,kBAAkB,EAAE,qBAAc,EAAd,EAAkBP,OAAO,CAACO,kBAA1B,EAA8CG,IAAI,CAACH,kBAAnD;AAF8B,GAA7C,CAAP;AAID;;AAEM,SAASI,YAAT,CAAsBD,IAAqB,GAAG,EAA9C,EAAmE;AAAA;;AACxE,sCAAkBA,IAAlB;AACAA,EAAAA,IAAI,GAAGD,YAAY,CAACV,iBAAiB,EAAlB,EAAsBW,IAAtB,CAAnB;AACA,SAAO,sBAAW;AAChB;AACAE,IAAAA,MAAM,EAAE,+BAAoBF,IAAI,CAACE,MAAzB,CAFQ;AAGhBC,IAAAA,QAAQ,EAAE,+BAAoBH,IAAI,CAACG,QAAzB,CAHM;AAIhBC,IAAAA,YAAY,EAAE,+BAAoBJ,IAAI,CAACI,YAAzB,CAJE;AAKhBC,IAAAA,WAAW,EAAE,+BAAoBL,IAAI,CAACK,WAAzB,CALG;AAMhBC,IAAAA,SAAS,EAAE,+BAAoBN,IAAI,CAACM,SAAzB,CANK;AAOhBC,IAAAA,SAAS,EAAE,+BAAoBP,IAAI,CAACO,SAAzB,CAPK;AAQhBC,IAAAA,QAAQ,EAAER,IAAI,CAACQ,QARC;AAShBC,IAAAA,WAAW,EAAET,IAAI,CAACS,WATF;AAUhBC,IAAAA,KAAK,EAAEV,IAAI,CAACU,KAVI;AAWhBC,IAAAA,MAAM,EAAEX,IAAI,CAACW,MAXG;AAYhBC,IAAAA,qBAAqB,EAAEZ,IAAI,CAACY,qBAZZ;AAahBC,IAAAA,YAAY,EAAEb,IAAI,CAACa,YAbH;AAchBC,IAAAA,YAAY,EAAEd,IAAI,CAACc,YAdH;AAehBC,IAAAA,IAAI,EAAEf,IAAI,CAACe,IAAL,KAAc,KAAd,GAAsB,KAAtB,GAA8B,IAfpB;AAe0B;AAC1CC,IAAAA,sBAAsB,EAAEhB,IAAI,CAACgB,sBAhBb;AAkBhB;AACAxB,IAAAA,iBAAiB,EAAEQ,IAAI,CAACR,iBAnBR;AAoBhByB,IAAAA,iBAAiB,EAAEjB,IAAI,CAACiB,iBApBR;AAqBhBC,IAAAA,kBAAkB,EAAElB,IAAI,CAACkB,kBArBT;AAsBhBC,IAAAA,kBAAkB,EAAEnB,IAAI,CAACmB,kBAtBT;AAuBhBzB,IAAAA,WAAW,EAAEM,IAAI,CAACN,WAvBF;AAwBhB0B,IAAAA,OAAO,EAAEpB,IAAI,CAACoB,OAxBE;AAyBhB7B,IAAAA,OAAO,EAAE,CAAC,CAACS,IAAI,CAACT,OAzBA;AA0BhBI,IAAAA,cAAc,EAAEK,IAAI,CAACL,cA1BL;AA2BhBE,IAAAA,kBAAkB,EAAEG,IAAI,CAACH,kBA3BT;AA4BhBwB,IAAAA,OAAO,EAAE,6BAAkBrB,IAAlB,EAAwB,wBAAxB,CA5BO;AA6BhBsB,IAAAA,IAAI,EAAEtB,IAAI,CAACsB,IA7BK;AA8BhBC,IAAAA,aAAa,EAAEvB,IAAI,CAACuB,aA9BJ;AA+BhBC,IAAAA,mBAAmB,EAAExB,IAAI,CAACwB,mBA/BV;AAgChBC,IAAAA,aAAa,EAAEzB,IAAI,CAACyB,aAhCJ;AAiChBC,IAAAA,eAAe,EAAE1B,IAAI,CAAC0B,eAjCN;AAkChB;AACAC,IAAAA,GAAG,EAAE;AACHC,MAAAA,oBAAoB,EAAE,CAAC,eAAC5B,IAAI,CAAC2B,GAAN,sCAAC,UAAUC,oBAAX,CADpB;AACqD;AACxDC,MAAAA,qBAAqB,EAAE,eAAA7B,IAAI,CAAC2B,GAAL,0DAAUE,qBAAV,MAAoC,KAFxD,CAE8D;;AAF9D,KAnCW;AAwChB;AACAC,IAAAA,eAAe,EAAE,CAAC,CAAC9B,IAAI,CAAC8B,eAzCR;AA2ChB;AACAC,IAAAA,YAAY,EAAE/B,IAAI,CAAC+B;AA5CH,GAAX,CAAP;AA8CD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { removeTrailingSlash, removeNils } from '../util';\nimport { assertValidConfig } from '../builderUtil';\nimport { OktaAuthOptions } from '../types';\n\nimport fetchRequest from '../fetch/fetchRequest';\nimport { getStorage, STORAGE_MANAGER_OPTIONS, enableSharedStorage, getCookieSettings } from './node';\nimport { isHTTPS } from '../features';\n\nexport function getDefaultOptions(): OktaAuthOptions {\n\n  \n  const options = {\n    devMode: false,\n    httpRequestClient: fetchRequest,\n    storageUtil: getStorage(),\n    storageManager: STORAGE_MANAGER_OPTIONS,\n    transactionManager: {\n      enableSharedStorage\n    }\n  };\n  return options;\n}\n\nfunction mergeOptions(options, args): OktaAuthOptions {\n  return Object.assign({}, options, removeNils(args), {\n    storageManager: Object.assign({}, options.storageManager, args.storageManager),\n    transactionManager: Object.assign({}, options.transactionManager, args.transactionManager),\n  });\n}\n\nexport function buildOptions(args: OktaAuthOptions = {}): OktaAuthOptions {\n  assertValidConfig(args);\n  args = mergeOptions(getDefaultOptions(), args);\n  return removeNils({\n    // OIDC configuration\n    issuer: removeTrailingSlash(args.issuer),\n    tokenUrl: removeTrailingSlash(args.tokenUrl),\n    authorizeUrl: removeTrailingSlash(args.authorizeUrl),\n    userinfoUrl: removeTrailingSlash(args.userinfoUrl),\n    revokeUrl: removeTrailingSlash(args.revokeUrl),\n    logoutUrl: removeTrailingSlash(args.logoutUrl),\n    clientId: args.clientId,\n    redirectUri: args.redirectUri,\n    state: args.state,\n    scopes: args.scopes,\n    postLogoutRedirectUri: args.postLogoutRedirectUri,\n    responseMode: args.responseMode,\n    responseType: args.responseType,\n    pkce: args.pkce === false ? false : true, // PKCE defaults to true\n    useInteractionCodeFlow: args.useInteractionCodeFlow,\n\n    // Internal options\n    httpRequestClient: args.httpRequestClient,\n    transformErrorXHR: args.transformErrorXHR,\n    transformAuthState: args.transformAuthState,\n    restoreOriginalUri: args.restoreOriginalUri,\n    storageUtil: args.storageUtil,\n    headers: args.headers,\n    devMode: !!args.devMode,\n    storageManager: args.storageManager,\n    transactionManager: args.transactionManager,\n    cookies: getCookieSettings(args, isHTTPS()),\n    flow: args.flow,\n    codeChallenge: args.codeChallenge,\n    codeChallengeMethod: args.codeChallengeMethod,\n    recoveryToken: args.recoveryToken,\n    activationToken: args.activationToken,\n    // BETA WARNING: configs in this section are subject to change without a breaking change notice\n    idx: {\n      useGenericRemediator: !!args.idx?.useGenericRemediator, // false by default\n      exchangeCodeForTokens: args.idx?.exchangeCodeForTokens !== false // true by default\n    },\n\n    // Give the developer the ability to disable token signature validation.\n    ignoreSignature: !!args.ignoreSignature,\n\n    // Server-side web applications\n    clientSecret: args.clientSecret\n  });\n}\n"],"file":"index.js"}
+{"version":3,"file":"index.js","names":["getDefaultOptions","options","devMode","httpRequestClient","fetchRequest","storageUtil","storageManager","STORAGE_MANAGER_OPTIONS","transactionManager","enableSharedStorage","mergeOptions","args","buildOptions","issuer","tokenUrl","authorizeUrl","userinfoUrl","revokeUrl","logoutUrl","clientId","redirectUri","state","scopes","postLogoutRedirectUri","responseMode","responseType","pkce","useInteractionCodeFlow","httpRequestInterceptors","transformErrorXHR","transformAuthState","restoreOriginalUri","headers","cookies","flow","codeChallenge","codeChallengeMethod","recoveryToken","activationToken","idx","useGenericRemediator","exchangeCodeForTokens","ignoreSignature","clientSecret","setLocation"],"sources":["../../../lib/options/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { removeTrailingSlash, removeNils } from '../util';\nimport { assertValidConfig } from '../builderUtil';\nimport { OktaAuthOptions } from '../types';\n\nimport fetchRequest from '../fetch/fetchRequest';\nimport { getStorage, STORAGE_MANAGER_OPTIONS, enableSharedStorage, getCookieSettings } from './node';\nimport { isHTTPS } from '../features';\n\nexport function getDefaultOptions(): OktaAuthOptions {\n\n  \n  const options = {\n    devMode: false,\n    httpRequestClient: fetchRequest,\n    storageUtil: getStorage(),\n    storageManager: STORAGE_MANAGER_OPTIONS,\n    transactionManager: {\n      enableSharedStorage\n    }\n  };\n  return options;\n}\n\nfunction mergeOptions(options, args): OktaAuthOptions {\n  return Object.assign({}, options, removeNils(args), {\n    storageManager: Object.assign({}, options.storageManager, args.storageManager),\n    transactionManager: Object.assign({}, options.transactionManager, args.transactionManager),\n  });\n}\n\nexport function buildOptions(args: OktaAuthOptions = {}): OktaAuthOptions {\n  assertValidConfig(args);\n  args = mergeOptions(getDefaultOptions(), args);\n  return removeNils({\n    // OIDC configuration\n    issuer: removeTrailingSlash(args.issuer),\n    tokenUrl: removeTrailingSlash(args.tokenUrl),\n    authorizeUrl: removeTrailingSlash(args.authorizeUrl),\n    userinfoUrl: removeTrailingSlash(args.userinfoUrl),\n    revokeUrl: removeTrailingSlash(args.revokeUrl),\n    logoutUrl: removeTrailingSlash(args.logoutUrl),\n    clientId: args.clientId,\n    redirectUri: args.redirectUri,\n    state: args.state,\n    scopes: args.scopes,\n    postLogoutRedirectUri: args.postLogoutRedirectUri,\n    responseMode: args.responseMode,\n    responseType: args.responseType,\n    pkce: args.pkce === false ? false : true, // PKCE defaults to true\n    useInteractionCodeFlow: args.useInteractionCodeFlow,\n\n    // Internal options\n    httpRequestClient: args.httpRequestClient,\n    httpRequestInterceptors: args.httpRequestInterceptors,\n    transformErrorXHR: args.transformErrorXHR,\n    transformAuthState: args.transformAuthState,\n    restoreOriginalUri: args.restoreOriginalUri,\n    storageUtil: args.storageUtil,\n    headers: args.headers,\n    devMode: !!args.devMode,\n    storageManager: args.storageManager,\n    transactionManager: args.transactionManager,\n    cookies: getCookieSettings(args, isHTTPS()),\n    flow: args.flow,\n    codeChallenge: args.codeChallenge,\n    codeChallengeMethod: args.codeChallengeMethod,\n    recoveryToken: args.recoveryToken,\n    activationToken: args.activationToken,\n    // BETA WARNING: configs in this section are subject to change without a breaking change notice\n    idx: {\n      useGenericRemediator: !!args.idx?.useGenericRemediator, // false by default\n      exchangeCodeForTokens: args.idx?.exchangeCodeForTokens !== false // true by default\n    },\n\n    // Give the developer the ability to disable token signature validation.\n    ignoreSignature: !!args.ignoreSignature,\n\n    // Server-side web applications\n    clientSecret: args.clientSecret,\n    setLocation: args.setLocation\n  });\n}\n"],"mappings":";;;;;;;;;AAYA;;AACA;;AAGA;;AACA;;AACA;;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAUO,SAASA,iBAAT,GAA8C;EAGnD,MAAMC,OAAO,GAAG;IACdC,OAAO,EAAE,KADK;IAEdC,iBAAiB,EAAEC,qBAFL;IAGdC,WAAW,EAAE,uBAHC;IAIdC,cAAc,EAAEC,6BAJF;IAKdC,kBAAkB,EAAE;MAClBC,mBAAmB,EAAnBA;IADkB;EALN,CAAhB;EASA,OAAOR,OAAP;AACD;;AAED,SAASS,YAAT,CAAsBT,OAAtB,EAA+BU,IAA/B,EAAsD;EACpD,OAAO,qBAAc,EAAd,EAAkBV,OAAlB,EAA2B,sBAAWU,IAAX,CAA3B,EAA6C;IAClDL,cAAc,EAAE,qBAAc,EAAd,EAAkBL,OAAO,CAACK,cAA1B,EAA0CK,IAAI,CAACL,cAA/C,CADkC;IAElDE,kBAAkB,EAAE,qBAAc,EAAd,EAAkBP,OAAO,CAACO,kBAA1B,EAA8CG,IAAI,CAACH,kBAAnD;EAF8B,CAA7C,CAAP;AAID;;AAEM,SAASI,YAAT,CAAsBD,IAAqB,GAAG,EAA9C,EAAmE;EAAA;;EACxE,oCAAkBA,IAAlB;EACAA,IAAI,GAAGD,YAAY,CAACV,iBAAiB,EAAlB,EAAsBW,IAAtB,CAAnB;EACA,OAAO,sBAAW;IAChB;IACAE,MAAM,EAAE,+BAAoBF,IAAI,CAACE,MAAzB,CAFQ;IAGhBC,QAAQ,EAAE,+BAAoBH,IAAI,CAACG,QAAzB,CAHM;IAIhBC,YAAY,EAAE,+BAAoBJ,IAAI,CAACI,YAAzB,CAJE;IAKhBC,WAAW,EAAE,+BAAoBL,IAAI,CAACK,WAAzB,CALG;IAMhBC,SAAS,EAAE,+BAAoBN,IAAI,CAACM,SAAzB,CANK;IAOhBC,SAAS,EAAE,+BAAoBP,IAAI,CAACO,SAAzB,CAPK;IAQhBC,QAAQ,EAAER,IAAI,CAACQ,QARC;IAShBC,WAAW,EAAET,IAAI,CAACS,WATF;IAUhBC,KAAK,EAAEV,IAAI,CAACU,KAVI;IAWhBC,MAAM,EAAEX,IAAI,CAACW,MAXG;IAYhBC,qBAAqB,EAAEZ,IAAI,CAACY,qBAZZ;IAahBC,YAAY,EAAEb,IAAI,CAACa,YAbH;IAchBC,YAAY,EAAEd,IAAI,CAACc,YAdH;IAehBC,IAAI,EAAEf,IAAI,CAACe,IAAL,KAAc,KAAd,GAAsB,KAAtB,GAA8B,IAfpB;IAe0B;IAC1CC,sBAAsB,EAAEhB,IAAI,CAACgB,sBAhBb;IAkBhB;IACAxB,iBAAiB,EAAEQ,IAAI,CAACR,iBAnBR;IAoBhByB,uBAAuB,EAAEjB,IAAI,CAACiB,uBApBd;IAqBhBC,iBAAiB,EAAElB,IAAI,CAACkB,iBArBR;IAsBhBC,kBAAkB,EAAEnB,IAAI,CAACmB,kBAtBT;IAuBhBC,kBAAkB,EAAEpB,IAAI,CAACoB,kBAvBT;IAwBhB1B,WAAW,EAAEM,IAAI,CAACN,WAxBF;IAyBhB2B,OAAO,EAAErB,IAAI,CAACqB,OAzBE;IA0BhB9B,OAAO,EAAE,CAAC,CAACS,IAAI,CAACT,OA1BA;IA2BhBI,cAAc,EAAEK,IAAI,CAACL,cA3BL;IA4BhBE,kBAAkB,EAAEG,IAAI,CAACH,kBA5BT;IA6BhByB,OAAO,EAAE,6BAAkBtB,IAAlB,EAAwB,wBAAxB,CA7BO;IA8BhBuB,IAAI,EAAEvB,IAAI,CAACuB,IA9BK;IA+BhBC,aAAa,EAAExB,IAAI,CAACwB,aA/BJ;IAgChBC,mBAAmB,EAAEzB,IAAI,CAACyB,mBAhCV;IAiChBC,aAAa,EAAE1B,IAAI,CAAC0B,aAjCJ;IAkChBC,eAAe,EAAE3B,IAAI,CAAC2B,eAlCN;IAmChB;IACAC,GAAG,EAAE;MACHC,oBAAoB,EAAE,CAAC,eAAC7B,IAAI,CAAC4B,GAAN,sCAAC,UAAUC,oBAAX,CADpB;MACqD;MACxDC,qBAAqB,EAAE,eAAA9B,IAAI,CAAC4B,GAAL,0DAAUE,qBAAV,MAAoC,KAFxD,CAE8D;;IAF9D,CApCW;IAyChB;IACAC,eAAe,EAAE,CAAC,CAAC/B,IAAI,CAAC+B,eA1CR;IA4ChB;IACAC,YAAY,EAAEhC,IAAI,CAACgC,YA7CH;IA8ChBC,WAAW,EAAEjC,IAAI,CAACiC;EA9CF,CAAX,CAAP;AAgDD"}

package/cjs/options/node.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/options/node.ts"],"names":["getStorage","storage","STORAGE_MANAGER_OPTIONS","token","storageTypes","cache","transaction","enableSharedStorage","getCookieSettings","args","isHTTPS","cookies"],"mappings":";;;;;;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,UAAT,GAAmC;AACxC,SAAOC,sBAAP;AACD;;AAEM,MAAMC,uBAA8C,GAAG;AAC5DC,EAAAA,KAAK,EAAE;AACLC,IAAAA,YAAY,EAAE,CACZ,QADY;AADT,GADqD;AAM5DC,EAAAA,KAAK,EAAE;AACLD,IAAAA,YAAY,EAAE,CACZ,QADY;AADT,GANqD;AAW5DE,EAAAA,WAAW,EAAE;AACXF,IAAAA,YAAY,EAAE,CACZ,QADY;AADH;AAX+C,CAAvD;;AAkBA,MAAMG,mBAAmB,GAAG,KAA5B,C,CAEP;;;;AACO,SAASC,iBAAT,CAA2BC,IAAqB,GAAG,EAAnD,EAAuDC,OAAvD,EAA0E;AAC/E,SAAOD,IAAI,CAACE,OAAZ;AACD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { StorageManagerOptions, OktaAuthOptions, StorageUtil } from '../types';\n\nimport { default as storage } from '../server/serverStorage';\n\nexport function getStorage(): StorageUtil {\n  return storage;\n}\n\nexport const STORAGE_MANAGER_OPTIONS: StorageManagerOptions = {\n  token: {\n    storageTypes: [\n      'memory'\n    ]\n  },\n  cache: {\n    storageTypes: [\n      'memory'\n    ]\n  },\n  transaction: {\n    storageTypes: [\n      'memory'\n    ]\n  }\n};\n\nexport const enableSharedStorage = false;\n\n// eslint-disable-next-line @typescript-eslint/no-unused-vars, no-unused-vars\nexport function getCookieSettings(args: OktaAuthOptions = {}, isHTTPS?: boolean) {\n  return args.cookies;\n}\n"],"file":"node.js"}
+{"version":3,"file":"node.js","names":["getStorage","storage","STORAGE_MANAGER_OPTIONS","token","storageTypes","cache","transaction","enableSharedStorage","getCookieSettings","args","isHTTPS","cookies"],"sources":["../../../lib/options/node.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { StorageManagerOptions, OktaAuthOptions, StorageUtil } from '../types';\n\nimport { default as storage } from '../server/serverStorage';\n\nexport function getStorage(): StorageUtil {\n  return storage;\n}\n\nexport const STORAGE_MANAGER_OPTIONS: StorageManagerOptions = {\n  token: {\n    storageTypes: [\n      'memory'\n    ]\n  },\n  cache: {\n    storageTypes: [\n      'memory'\n    ]\n  },\n  transaction: {\n    storageTypes: [\n      'memory'\n    ]\n  }\n};\n\nexport const enableSharedStorage = false;\n\n// eslint-disable-next-line @typescript-eslint/no-unused-vars, no-unused-vars\nexport function getCookieSettings(args: OktaAuthOptions = {}, isHTTPS?: boolean) {\n  return args.cookies;\n}\n"],"mappings":";;;;;;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,UAAT,GAAmC;EACxC,OAAOC,sBAAP;AACD;;AAEM,MAAMC,uBAA8C,GAAG;EAC5DC,KAAK,EAAE;IACLC,YAAY,EAAE,CACZ,QADY;EADT,CADqD;EAM5DC,KAAK,EAAE;IACLD,YAAY,EAAE,CACZ,QADY;EADT,CANqD;EAW5DE,WAAW,EAAE;IACXF,YAAY,EAAE,CACZ,QADY;EADH;AAX+C,CAAvD;;AAkBA,MAAMG,mBAAmB,GAAG,KAA5B,C,CAEP;;;;AACO,SAASC,iBAAT,CAA2BC,IAAqB,GAAG,EAAnD,EAAuDC,OAAvD,EAA0E;EAC/E,OAAOD,IAAI,CAACE,OAAZ;AACD"}

package/cjs/server/serverStorage.js

@@ -110,7 +110,8 @@ class ServerStorage {
       getItem: this.nodeCache.get,
       setItem: (key, value) => {
         this.nodeCache.set(key, value, '2200-01-01T00:00:00.000Z');
-      }
+      },
+      isSharedStorage: () => true
     };
   }
 

package/cjs/server/serverStorage.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/server/serverStorage.ts"],"names":["sharedStorage","NodeCache","ServerCookies","constructor","nodeCache","set","name","value","expiresAt","Date","parse","ttl","now","get","delete","del","ServerStorage","storage","testStorageType","storageType","supported","getStorageByType","storageProvider","getStorage","AuthSdkError","findStorageType","getHttpCache","getItem","setItem","key"],"mappings":";;;;;;AAgBA;;AAEA;;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AAIA;AAEA;AACA,MAAMA,aAAa,GAAG,OAAOC,kBAAP,KAAqB,UAArB,GAAkC,IAAIA,kBAAJ,EAAlC,GAAoD,IAA1E;;AAEA,MAAMC,aAAN,CAAuC;AACrB;AAEhBC,EAAAA,WAAW,CAACC,SAAD,EAAY;AACrB,SAAKA,SAAL,GAAiBA,SAAjB;AACD;;AAEDC,EAAAA,GAAG,CAACC,IAAD,EAAeC,KAAf,EAA8BC,SAA9B,EAAyD;AAC1D;AACA,QAAI,CAAC,CAAEC,IAAI,CAACC,KAAL,CAAWF,SAAX,CAAP,EAA+B;AAC7B;AACA,UAAIG,GAAG,GAAG,CAACF,IAAI,CAACC,KAAL,CAAWF,SAAX,IAAwBC,IAAI,CAACG,GAAL,EAAzB,IAAuC,IAAjD;AACA,WAAKR,SAAL,CAAeC,GAAf,CAAmBC,IAAnB,EAAyBC,KAAzB,EAAgCI,GAAhC;AACD,KAJD,MAIO;AACL,WAAKP,SAAL,CAAeC,GAAf,CAAmBC,IAAnB,EAAyBC,KAAzB;AACD;;AAED,WAAO,KAAKM,GAAL,CAASP,IAAT,CAAP;AACD;;AAEDO,EAAAA,GAAG,CAACP,IAAD,EAAe;AAChB,WAAO,KAAKF,SAAL,CAAeS,GAAf,CAAmBP,IAAnB,CAAP;AACD;;AAEDQ,EAAAA,MAAM,CAACR,IAAD,EAAO;AACX,WAAO,KAAKF,SAAL,CAAeW,GAAf,CAAmBT,IAAnB,CAAP;AACD;;AA1BoC,C,CA4BvC;;;AACA,MAAMU,aAAN,CAA2C;AACzB;AAEhBb,EAAAA,WAAW,CAACC,SAAD,EAAY;AACrB,SAAKA,SAAL,GAAiBA,SAAjB;AACA,SAAKa,OAAL,GAAe,IAAIf,aAAJ,CAAkBE,SAAlB,CAAf;AACD;;AAEDc,EAAAA,eAAe,CAACC,WAAD,EAAoC;AACjD,QAAIC,SAAS,GAAG,KAAhB;;AACA,YAAQD,WAAR;AACE,WAAK,QAAL;AACEC,QAAAA,SAAS,GAAG,IAAZ;AACA;;AACF;AACE;AALJ;;AAOA,WAAOA,SAAP;AACD;;AAEDC,EAAAA,gBAAgB,CAACF,WAAD,EAA0C;AACxD,QAAIG,eAAJ;;AACA,YAAQH,WAAR;AACE,WAAK,QAAL;AACEG,QAAAA,eAAe,GAAG,KAAKC,UAAL,EAAlB;AACA;;AACF;AACE,cAAM,IAAIC,oBAAJ,CAAkB,gCAA+BL,WAAY,EAA7D,CAAN;AACA;AANJ;;AAQA,WAAOG,eAAP;AACD;;AAEDG,EAAAA,eAAe,GAAgB;AAC7B,WAAO,QAAP;AACD,GAnCwC,CAqCzC;;;AACAC,EAAAA,YAAY,GAAG;AACb,WAAO,IAAP,CADa,CACA;AACd,GAxCwC,CA0CzC;;;AACAH,EAAAA,UAAU,GAAkB;AAC1B,WAAO;AACLI,MAAAA,OAAO,EAAE,KAAKvB,SAAL,CAAeS,GADnB;AAELe,MAAAA,OAAO,EAAE,CAACC,GAAD,EAAMtB,KAAN,KAAgB;AACvB,aAAKH,SAAL,CAAeC,GAAf,CAAmBwB,GAAnB,EAAwBtB,KAAxB,EAA+B,0BAA/B;AACD;AAJI,KAAP;AAMD;;AAlDwC;;eAqD5B,IAAIS,aAAJ,CAAkBhB,aAAlB,C","sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport NodeCache from 'node-cache';\nimport { SimpleStorage, StorageType, StorageUtil, Cookies } from '../types';\nimport { AuthSdkError } from '../errors';\n// eslint-disable-next-line import/no-commonjs\n\n// this is a SHARED memory storage to support a stateless http server\nconst sharedStorage = typeof NodeCache === 'function' ? new NodeCache() : null;\n\nclass ServerCookies implements Cookies {\n  nodeCache: any; // NodeCache\n  \n  constructor(nodeCache) {\n    this.nodeCache = nodeCache;\n  }\n\n  set(name: string, value: string, expiresAt: string): string {\n    // eslint-disable-next-line no-extra-boolean-cast\n    if (!!(Date.parse(expiresAt))) {\n      // Time to expiration in seconds\n      var ttl = (Date.parse(expiresAt) - Date.now()) / 1000;\n      this.nodeCache.set(name, value, ttl);\n    } else {\n      this.nodeCache.set(name, value);\n    }\n\n    return this.get(name);\n  }\n\n  get(name): string {\n    return this.nodeCache.get(name);\n  }\n\n  delete(name) {\n    return this.nodeCache.del(name);\n  }\n}\n// Building this as an object allows us to mock the functions in our tests\nclass ServerStorage implements StorageUtil {\n  nodeCache: any; // NodeCache\n  storage: Cookies;\n  constructor(nodeCache) {\n    this.nodeCache = nodeCache;\n    this.storage = new ServerCookies(nodeCache);\n  }\n\n  testStorageType(storageType: StorageType): boolean {\n    var supported = false;\n    switch (storageType) {\n      case 'memory':\n        supported = true;\n        break;\n      default:\n        break;\n    }\n    return supported;\n  }\n\n  getStorageByType(storageType: StorageType): SimpleStorage {\n    let storageProvider;\n    switch (storageType) {\n      case 'memory':\n        storageProvider = this.getStorage();\n        break;\n      default:\n        throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n        break;\n    }\n    return storageProvider;\n  }\n\n  findStorageType(): StorageType {\n    return 'memory';\n  }\n\n  // will be removed in next version. OKTA-362589\n  getHttpCache() {\n    return null; // stubbed in server.js\n  }\n\n  // shared in-memory using node cache\n  getStorage(): SimpleStorage {\n    return {\n      getItem: this.nodeCache.get,\n      setItem: (key, value) => {\n        this.nodeCache.set(key, value, '2200-01-01T00:00:00.000Z');\n      }\n    };\n  }\n}\n\nexport default new ServerStorage(sharedStorage);\n"],"file":"serverStorage.js"}
+{"version":3,"file":"serverStorage.js","names":["sharedStorage","NodeCache","ServerCookies","constructor","nodeCache","set","name","value","expiresAt","Date","parse","ttl","now","get","delete","del","ServerStorage","storage","testStorageType","storageType","supported","getStorageByType","storageProvider","getStorage","AuthSdkError","findStorageType","getHttpCache","getItem","setItem","key","isSharedStorage"],"sources":["../../../lib/server/serverStorage.ts"],"sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport NodeCache from 'node-cache';\nimport { SimpleStorage, StorageType, StorageUtil, Cookies } from '../types';\nimport { AuthSdkError } from '../errors';\n// eslint-disable-next-line import/no-commonjs\n\n// this is a SHARED memory storage to support a stateless http server\nconst sharedStorage = typeof NodeCache === 'function' ? new NodeCache() : null;\n\nclass ServerCookies implements Cookies {\n  nodeCache: any; // NodeCache\n  \n  constructor(nodeCache) {\n    this.nodeCache = nodeCache;\n  }\n\n  set(name: string, value: string, expiresAt: string): string {\n    // eslint-disable-next-line no-extra-boolean-cast\n    if (!!(Date.parse(expiresAt))) {\n      // Time to expiration in seconds\n      var ttl = (Date.parse(expiresAt) - Date.now()) / 1000;\n      this.nodeCache.set(name, value, ttl);\n    } else {\n      this.nodeCache.set(name, value);\n    }\n\n    return this.get(name);\n  }\n\n  get(name): string {\n    return this.nodeCache.get(name);\n  }\n\n  delete(name) {\n    return this.nodeCache.del(name);\n  }\n}\n// Building this as an object allows us to mock the functions in our tests\nclass ServerStorage implements StorageUtil {\n  nodeCache: any; // NodeCache\n  storage: Cookies;\n  constructor(nodeCache) {\n    this.nodeCache = nodeCache;\n    this.storage = new ServerCookies(nodeCache);\n  }\n\n  testStorageType(storageType: StorageType): boolean {\n    var supported = false;\n    switch (storageType) {\n      case 'memory':\n        supported = true;\n        break;\n      default:\n        break;\n    }\n    return supported;\n  }\n\n  getStorageByType(storageType: StorageType): SimpleStorage {\n    let storageProvider;\n    switch (storageType) {\n      case 'memory':\n        storageProvider = this.getStorage();\n        break;\n      default:\n        throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n        break;\n    }\n    return storageProvider;\n  }\n\n  findStorageType(): StorageType {\n    return 'memory';\n  }\n\n  // will be removed in next version. OKTA-362589\n  getHttpCache() {\n    return null; // stubbed in server.js\n  }\n\n  // shared in-memory using node cache\n  getStorage(): SimpleStorage {\n    return {\n      getItem: this.nodeCache.get,\n      setItem: (key, value) => {\n        this.nodeCache.set(key, value, '2200-01-01T00:00:00.000Z');\n      },\n      isSharedStorage: () => true\n    };\n  }\n}\n\nexport default new ServerStorage(sharedStorage);\n"],"mappings":";;;;;;AAgBA;;AAEA;;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AAIA;AAEA;AACA,MAAMA,aAAa,GAAG,OAAOC,kBAAP,KAAqB,UAArB,GAAkC,IAAIA,kBAAJ,EAAlC,GAAoD,IAA1E;;AAEA,MAAMC,aAAN,CAAuC;EACrB;EAEhBC,WAAW,CAACC,SAAD,EAAY;IACrB,KAAKA,SAAL,GAAiBA,SAAjB;EACD;;EAEDC,GAAG,CAACC,IAAD,EAAeC,KAAf,EAA8BC,SAA9B,EAAyD;IAC1D;IACA,IAAI,CAAC,CAAEC,IAAI,CAACC,KAAL,CAAWF,SAAX,CAAP,EAA+B;MAC7B;MACA,IAAIG,GAAG,GAAG,CAACF,IAAI,CAACC,KAAL,CAAWF,SAAX,IAAwBC,IAAI,CAACG,GAAL,EAAzB,IAAuC,IAAjD;MACA,KAAKR,SAAL,CAAeC,GAAf,CAAmBC,IAAnB,EAAyBC,KAAzB,EAAgCI,GAAhC;IACD,CAJD,MAIO;MACL,KAAKP,SAAL,CAAeC,GAAf,CAAmBC,IAAnB,EAAyBC,KAAzB;IACD;;IAED,OAAO,KAAKM,GAAL,CAASP,IAAT,CAAP;EACD;;EAEDO,GAAG,CAACP,IAAD,EAAe;IAChB,OAAO,KAAKF,SAAL,CAAeS,GAAf,CAAmBP,IAAnB,CAAP;EACD;;EAEDQ,MAAM,CAACR,IAAD,EAAO;IACX,OAAO,KAAKF,SAAL,CAAeW,GAAf,CAAmBT,IAAnB,CAAP;EACD;;AA1BoC,C,CA4BvC;;;AACA,MAAMU,aAAN,CAA2C;EACzB;EAEhBb,WAAW,CAACC,SAAD,EAAY;IACrB,KAAKA,SAAL,GAAiBA,SAAjB;IACA,KAAKa,OAAL,GAAe,IAAIf,aAAJ,CAAkBE,SAAlB,CAAf;EACD;;EAEDc,eAAe,CAACC,WAAD,EAAoC;IACjD,IAAIC,SAAS,GAAG,KAAhB;;IACA,QAAQD,WAAR;MACE,KAAK,QAAL;QACEC,SAAS,GAAG,IAAZ;QACA;;MACF;QACE;IALJ;;IAOA,OAAOA,SAAP;EACD;;EAEDC,gBAAgB,CAACF,WAAD,EAA0C;IACxD,IAAIG,eAAJ;;IACA,QAAQH,WAAR;MACE,KAAK,QAAL;QACEG,eAAe,GAAG,KAAKC,UAAL,EAAlB;QACA;;MACF;QACE,MAAM,IAAIC,oBAAJ,CAAkB,gCAA+BL,WAAY,EAA7D,CAAN;QACA;IANJ;;IAQA,OAAOG,eAAP;EACD;;EAEDG,eAAe,GAAgB;IAC7B,OAAO,QAAP;EACD,CAnCwC,CAqCzC;;;EACAC,YAAY,GAAG;IACb,OAAO,IAAP,CADa,CACA;EACd,CAxCwC,CA0CzC;;;EACAH,UAAU,GAAkB;IAC1B,OAAO;MACLI,OAAO,EAAE,KAAKvB,SAAL,CAAeS,GADnB;MAELe,OAAO,EAAE,CAACC,GAAD,EAAMtB,KAAN,KAAgB;QACvB,KAAKH,SAAL,CAAeC,GAAf,CAAmBwB,GAAnB,EAAwBtB,KAAxB,EAA+B,0BAA/B;MACD,CAJI;MAKLuB,eAAe,EAAE,MAAM;IALlB,CAAP;EAOD;;AAnDwC;;eAsD5B,IAAId,aAAJ,CAAkBhB,aAAlB,C"}

package/cjs/services/AutoRenewService.js

@@ -6,10 +6,10 @@ exports.AutoRenewService = void 0;
 
 var _defineProperty2 = _interopRequireDefault(require("@babel/runtime-corejs3/helpers/defineProperty"));
 
-var _TokenManager = require("../TokenManager");
-
 var _errors = require("../errors");
 
+var _types = require("../types");
+
 var _features = require("../features");
 
 /*!
@@ -68,17 +68,17 @@ class AutoRenewService {
     return !!this.options.autoRenew || !!this.options.autoRemove;
   }
 
-  start() {
+  async start() {
     if (this.canStart()) {
-      this.stop();
-      this.tokenManager.on(_TokenManager.EVENT_EXPIRED, this.onTokenExpiredHandler);
+      await this.stop();
+      this.tokenManager.on(_types.EVENT_EXPIRED, this.onTokenExpiredHandler);
       this.started = true;
     }
   }
 
-  stop() {
+  async stop() {
     if (this.started) {
-      this.tokenManager.off(_TokenManager.EVENT_EXPIRED, this.onTokenExpiredHandler);
+      this.tokenManager.off(_types.EVENT_EXPIRED, this.onTokenExpiredHandler);
       this.renewTimeQueue = [];
       this.started = false;
     }

package/cjs/services/AutoRenewService.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../lib/services/AutoRenewService.ts"],"names":["AutoRenewService","constructor","tokenManager","options","renewTimeQueue","onTokenExpiredHandler","bind","shouldThrottleRenew","res","push","Date","now","length","firstTime","shift","lastTime","requiresLeadership","syncStorage","key","autoRenew","error","AuthSdkError","emitError","renew","catch","autoRemove","remove","canStart","start","stop","on","EVENT_EXPIRED","started","off","isStarted"],"mappings":";;;;;;;;AAaA;;AACA;;AAEA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAQO,MAAMA,gBAAN,CAAmD;AAMxDC,EAAAA,WAAW,CAACC,YAAD,EAA6BC,OAA8B,GAAG,EAA9D,EAAkE;AAAA,mDAF3D,KAE2D;AAC3E,SAAKD,YAAL,GAAoBA,YAApB;AACA,SAAKC,OAAL,GAAeA,OAAf;AACA,SAAKC,cAAL,GAAsB,EAAtB;AACA,SAAKC,qBAAL,GAA6B,KAAKA,qBAAL,CAA2BC,IAA3B,CAAgC,IAAhC,CAA7B;AACD;;AAEOC,EAAAA,mBAAmB,GAAY;AACrC,QAAIC,GAAG,GAAG,KAAV;AACA,SAAKJ,cAAL,CAAoBK,IAApB,CAAyBC,IAAI,CAACC,GAAL,EAAzB;;AACA,QAAI,KAAKP,cAAL,CAAoBQ,MAApB,IAA8B,EAAlC,EAAsC;AACpC;AACA,YAAMC,SAAS,GAAG,KAAKT,cAAL,CAAoBU,KAApB,EAAlB;AACA,YAAMC,QAAQ,GAAG,KAAKX,cAAL,CAAoB,KAAKA,cAAL,CAAoBQ,MAApB,GAA6B,CAAjD,CAAjB;AACAJ,MAAAA,GAAG,GAAIO,QAAQ,GAAGF,SAAZ,GAAyB,KAAK,IAApC;AACD;;AACD,WAAOL,GAAP;AACD;;AAEDQ,EAAAA,kBAAkB,GAAG;AACnB;AACA,WAAO,CAAC,CAAC,KAAKb,OAAL,CAAac,WAAf,IAA8B,0BAArC;AACD;;AAEOZ,EAAAA,qBAAqB,CAACa,GAAD,EAAc;AACzC,QAAI,KAAKf,OAAL,CAAagB,SAAjB,EAA4B;AAC1B,UAAI,KAAKZ,mBAAL,EAAJ,EAAgC;AAC9B,cAAMa,KAAK,GAAG,IAAIC,oBAAJ,CAAiB,+BAAjB,CAAd;AACA,aAAKnB,YAAL,CAAkBoB,SAAlB,CAA4BF,KAA5B;AACD,OAHD,MAGO;AACL,aAAKlB,YAAL,CAAkBqB,KAAlB,CAAwBL,GAAxB,EAA6BM,KAA7B,CAAmC,MAAM,CAAE,CAA3C,EADK,CACyC;AAC/C;AACF,KAPD,MAOO,IAAI,KAAKrB,OAAL,CAAasB,UAAjB,EAA6B;AAClC,WAAKvB,YAAL,CAAkBwB,MAAlB,CAAyBR,GAAzB;AACD;AACF;;AAEDS,EAAAA,QAAQ,GAAG;AACT,WAAQ,CAAC,CAAC,KAAKxB,OAAL,CAAagB,SAAf,IAA4B,CAAC,CAAC,KAAKhB,OAAL,CAAasB,UAAnD;AACD;;AAEDG,EAAAA,KAAK,GAAG;AACN,QAAI,KAAKD,QAAL,EAAJ,EAAqB;AACnB,WAAKE,IAAL;AACA,WAAK3B,YAAL,CAAkB4B,EAAlB,CAAqBC,2BAArB,EAAoC,KAAK1B,qBAAzC;AACA,WAAK2B,OAAL,GAAe,IAAf;AACD;AACF;;AAEDH,EAAAA,IAAI,GAAG;AACL,QAAI,KAAKG,OAAT,EAAkB;AAChB,WAAK9B,YAAL,CAAkB+B,GAAlB,CAAsBF,2BAAtB,EAAqC,KAAK1B,qBAA1C;AACA,WAAKD,cAAL,GAAsB,EAAtB;AACA,WAAK4B,OAAL,GAAe,KAAf;AACD;AACF;;AAEDE,EAAAA,SAAS,GAAG;AACV,WAAO,KAAKF,OAAZ;AACD;;AAjEuD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { TokenManager, EVENT_EXPIRED } from '../TokenManager';\nimport { AuthSdkError } from '../errors';\nimport { ServiceInterface, ServiceManagerOptions } from '../types';\nimport { isBrowser } from '../features';\n\nexport class AutoRenewService implements ServiceInterface {\n  private tokenManager: TokenManager;\n  private options: ServiceManagerOptions;\n  private renewTimeQueue: Array<number>;\n  private started = false;\n\n  constructor(tokenManager: TokenManager, options: ServiceManagerOptions = {}) {\n    this.tokenManager = tokenManager;\n    this.options = options;\n    this.renewTimeQueue = [];\n    this.onTokenExpiredHandler = this.onTokenExpiredHandler.bind(this);\n  }\n  \n  private shouldThrottleRenew(): boolean {\n    let res = false;\n    this.renewTimeQueue.push(Date.now());\n    if (this.renewTimeQueue.length >= 10) {\n      // get and remove first item from queue\n      const firstTime = this.renewTimeQueue.shift() as number;\n      const lastTime = this.renewTimeQueue[this.renewTimeQueue.length - 1];\n      res = (lastTime - firstTime) < 30 * 1000;\n    }\n    return res;\n  }\n\n  requiresLeadership() {\n    // If tokens sync storage is enabled, handle tokens expiration only in 1 leader tab\n    return !!this.options.syncStorage && isBrowser();\n  }\n\n  private onTokenExpiredHandler(key: string) {\n    if (this.options.autoRenew) {\n      if (this.shouldThrottleRenew()) {\n        const error = new AuthSdkError('Too many token renew requests');\n        this.tokenManager.emitError(error);\n      } else {\n        this.tokenManager.renew(key).catch(() => {}); // Renew errors will emit an \"error\" event \n      }\n    } else if (this.options.autoRemove) {\n      this.tokenManager.remove(key);\n    }\n  }\n\n  canStart() {\n    return (!!this.options.autoRenew || !!this.options.autoRemove);\n  }\n\n  start() {\n    if (this.canStart()) {\n      this.stop();\n      this.tokenManager.on(EVENT_EXPIRED, this.onTokenExpiredHandler);\n      this.started = true;\n    }\n  }\n\n  stop() {\n    if (this.started) {\n      this.tokenManager.off(EVENT_EXPIRED, this.onTokenExpiredHandler);\n      this.renewTimeQueue = [];\n      this.started = false;\n    }\n  }\n\n  isStarted() {\n    return this.started;\n  }\n}\n"],"file":"AutoRenewService.js"}
+{"version":3,"file":"AutoRenewService.js","names":["AutoRenewService","constructor","tokenManager","options","renewTimeQueue","onTokenExpiredHandler","bind","shouldThrottleRenew","res","push","Date","now","length","firstTime","shift","lastTime","requiresLeadership","syncStorage","key","autoRenew","error","AuthSdkError","emitError","renew","catch","autoRemove","remove","canStart","start","stop","on","EVENT_EXPIRED","started","off","isStarted"],"sources":["../../../lib/services/AutoRenewService.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { TokenManager } from '../TokenManager';\nimport { AuthSdkError } from '../errors';\nimport { ServiceInterface, ServiceManagerOptions, EVENT_EXPIRED } from '../types';\nimport { isBrowser } from '../features';\n\nexport class AutoRenewService implements ServiceInterface {\n  private tokenManager: TokenManager;\n  private options: ServiceManagerOptions;\n  private renewTimeQueue: Array<number>;\n  private started = false;\n\n  constructor(tokenManager: TokenManager, options: ServiceManagerOptions = {}) {\n    this.tokenManager = tokenManager;\n    this.options = options;\n    this.renewTimeQueue = [];\n    this.onTokenExpiredHandler = this.onTokenExpiredHandler.bind(this);\n  }\n  \n  private shouldThrottleRenew(): boolean {\n    let res = false;\n    this.renewTimeQueue.push(Date.now());\n    if (this.renewTimeQueue.length >= 10) {\n      // get and remove first item from queue\n      const firstTime = this.renewTimeQueue.shift() as number;\n      const lastTime = this.renewTimeQueue[this.renewTimeQueue.length - 1];\n      res = (lastTime - firstTime) < 30 * 1000;\n    }\n    return res;\n  }\n\n  requiresLeadership() {\n    // If tokens sync storage is enabled, handle tokens expiration only in 1 leader tab\n    return !!this.options.syncStorage && isBrowser();\n  }\n\n  private onTokenExpiredHandler(key: string) {\n    if (this.options.autoRenew) {\n      if (this.shouldThrottleRenew()) {\n        const error = new AuthSdkError('Too many token renew requests');\n        this.tokenManager.emitError(error);\n      } else {\n        this.tokenManager.renew(key).catch(() => {}); // Renew errors will emit an \"error\" event \n      }\n    } else if (this.options.autoRemove) {\n      this.tokenManager.remove(key);\n    }\n  }\n\n  canStart() {\n    return (!!this.options.autoRenew || !!this.options.autoRemove);\n  }\n\n  async start() {\n    if (this.canStart()) {\n      await this.stop();\n      this.tokenManager.on(EVENT_EXPIRED, this.onTokenExpiredHandler);\n      this.started = true;\n    }\n  }\n\n  async stop() {\n    if (this.started) {\n      this.tokenManager.off(EVENT_EXPIRED, this.onTokenExpiredHandler);\n      this.renewTimeQueue = [];\n      this.started = false;\n    }\n  }\n\n  isStarted() {\n    return this.started;\n  }\n}\n"],"mappings":";;;;;;;;AAcA;;AACA;;AACA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAQO,MAAMA,gBAAN,CAAmD;EAMxDC,WAAW,CAACC,YAAD,EAA6BC,OAA8B,GAAG,EAA9D,EAAkE;IAAA,+CAF3D,KAE2D;IAC3E,KAAKD,YAAL,GAAoBA,YAApB;IACA,KAAKC,OAAL,GAAeA,OAAf;IACA,KAAKC,cAAL,GAAsB,EAAtB;IACA,KAAKC,qBAAL,GAA6B,KAAKA,qBAAL,CAA2BC,IAA3B,CAAgC,IAAhC,CAA7B;EACD;;EAEOC,mBAAmB,GAAY;IACrC,IAAIC,GAAG,GAAG,KAAV;IACA,KAAKJ,cAAL,CAAoBK,IAApB,CAAyBC,IAAI,CAACC,GAAL,EAAzB;;IACA,IAAI,KAAKP,cAAL,CAAoBQ,MAApB,IAA8B,EAAlC,EAAsC;MACpC;MACA,MAAMC,SAAS,GAAG,KAAKT,cAAL,CAAoBU,KAApB,EAAlB;MACA,MAAMC,QAAQ,GAAG,KAAKX,cAAL,CAAoB,KAAKA,cAAL,CAAoBQ,MAApB,GAA6B,CAAjD,CAAjB;MACAJ,GAAG,GAAIO,QAAQ,GAAGF,SAAZ,GAAyB,KAAK,IAApC;IACD;;IACD,OAAOL,GAAP;EACD;;EAEDQ,kBAAkB,GAAG;IACnB;IACA,OAAO,CAAC,CAAC,KAAKb,OAAL,CAAac,WAAf,IAA8B,0BAArC;EACD;;EAEOZ,qBAAqB,CAACa,GAAD,EAAc;IACzC,IAAI,KAAKf,OAAL,CAAagB,SAAjB,EAA4B;MAC1B,IAAI,KAAKZ,mBAAL,EAAJ,EAAgC;QAC9B,MAAMa,KAAK,GAAG,IAAIC,oBAAJ,CAAiB,+BAAjB,CAAd;QACA,KAAKnB,YAAL,CAAkBoB,SAAlB,CAA4BF,KAA5B;MACD,CAHD,MAGO;QACL,KAAKlB,YAAL,CAAkBqB,KAAlB,CAAwBL,GAAxB,EAA6BM,KAA7B,CAAmC,MAAM,CAAE,CAA3C,EADK,CACyC;MAC/C;IACF,CAPD,MAOO,IAAI,KAAKrB,OAAL,CAAasB,UAAjB,EAA6B;MAClC,KAAKvB,YAAL,CAAkBwB,MAAlB,CAAyBR,GAAzB;IACD;EACF;;EAEDS,QAAQ,GAAG;IACT,OAAQ,CAAC,CAAC,KAAKxB,OAAL,CAAagB,SAAf,IAA4B,CAAC,CAAC,KAAKhB,OAAL,CAAasB,UAAnD;EACD;;EAEU,MAALG,KAAK,GAAG;IACZ,IAAI,KAAKD,QAAL,EAAJ,EAAqB;MACnB,MAAM,KAAKE,IAAL,EAAN;MACA,KAAK3B,YAAL,CAAkB4B,EAAlB,CAAqBC,oBAArB,EAAoC,KAAK1B,qBAAzC;MACA,KAAK2B,OAAL,GAAe,IAAf;IACD;EACF;;EAES,MAAJH,IAAI,GAAG;IACX,IAAI,KAAKG,OAAT,EAAkB;MAChB,KAAK9B,YAAL,CAAkB+B,GAAlB,CAAsBF,oBAAtB,EAAqC,KAAK1B,qBAA1C;MACA,KAAKD,cAAL,GAAsB,EAAtB;MACA,KAAK4B,OAAL,GAAe,KAAf;IACD;EACF;;EAEDE,SAAS,GAAG;IACV,OAAO,KAAKF,OAAZ;EACD;;AAjEuD"}

package/cjs/services/LeaderElectionService.js

@@ -0,0 +1,103 @@
+"use strict";
+
+var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
+
+exports.LeaderElectionService = void 0;
+
+var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));
+
+var _defineProperty2 = _interopRequireDefault(require("@babel/runtime-corejs3/helpers/defineProperty"));
+
+var _broadcastChannel = require("broadcast-channel");
+
+var _features = require("../features");
+
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * 
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+class LeaderElectionService {
+  constructor(options = {}) {
+    (0, _defineProperty2.default)(this, "started", false);
+    this.options = options;
+    this.onLeaderDuplicate = this.onLeaderDuplicate.bind(this);
+    this.onLeader = this.onLeader.bind(this);
+  }
+
+  onLeaderDuplicate() {}
+
+  async onLeader() {
+    var _this$options$onLeade, _this$options;
+
+    await ((_this$options$onLeade = (_this$options = this.options).onLeader) === null || _this$options$onLeade === void 0 ? void 0 : _this$options$onLeade.call(_this$options));
+  }
+
+  isLeader() {
+    var _this$elector;
+
+    return !!((_this$elector = this.elector) !== null && _this$elector !== void 0 && _this$elector.isLeader);
+  }
+
+  hasLeader() {
+    var _this$elector2;
+
+    return !!((_this$elector2 = this.elector) !== null && _this$elector2 !== void 0 && _this$elector2.hasLeader);
+  }
+
+  async start() {
+    await this.stop();
+
+    if (this.canStart()) {
+      const {
+        electionChannelName
+      } = this.options;
+      this.channel = new _broadcastChannel.BroadcastChannel(electionChannelName);
+      this.elector = (0, _broadcastChannel.createLeaderElection)(this.channel);
+      this.elector.onduplicate = this.onLeaderDuplicate;
+      this.elector.awaitLeadership().then(this.onLeader);
+      this.started = true;
+    }
+  }
+
+  async stop() {
+    if (this.started) {
+      if (this.elector) {
+        await this.elector.die();
+        this.elector = undefined;
+      }
+
+      if (this.channel) {
+        // Workaround to fix error `Failed to execute 'postMessage' on 'BroadcastChannel': Channel is closed`
+        this.channel.postInternal = () => _promise.default.resolve();
+
+        await this.channel.close();
+        this.channel = undefined;
+      }
+
+      this.started = false;
+    }
+  }
+
+  requiresLeadership() {
+    return false;
+  }
+
+  isStarted() {
+    return this.started;
+  }
+
+  canStart() {
+    return (0, _features.isBrowser)();
+  }
+
+}
+
+exports.LeaderElectionService = LeaderElectionService;
+//# sourceMappingURL=LeaderElectionService.js.map

package/cjs/services/LeaderElectionService.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"LeaderElectionService.js","names":["LeaderElectionService","constructor","options","onLeaderDuplicate","bind","onLeader","isLeader","elector","hasLeader","start","stop","canStart","electionChannelName","channel","BroadcastChannel","onduplicate","awaitLeadership","then","started","die","undefined","postInternal","resolve","close","requiresLeadership","isStarted"],"sources":["../../../lib/services/LeaderElectionService.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { ServiceInterface, ServiceManagerOptions } from '../types';\nimport {\n  BroadcastChannel,\n  createLeaderElection,\n  LeaderElector\n} from 'broadcast-channel';\nimport { isBrowser } from '../features';\n\ndeclare type OnLeaderHandler = (() => Promise<void>);\ndeclare type ServiceOptions = ServiceManagerOptions & {\n  onLeader?: OnLeaderHandler;\n};\n\nexport class LeaderElectionService implements ServiceInterface {\n  private options: ServiceOptions;\n  private channel?: BroadcastChannel;\n  private elector?: LeaderElector;\n  private started = false;\n\n  constructor(options: ServiceOptions = {}) {\n    this.options = options;\n    this.onLeaderDuplicate = this.onLeaderDuplicate.bind(this);\n    this.onLeader = this.onLeader.bind(this);\n  }\n\n  private onLeaderDuplicate() {\n  }\n\n  private async onLeader() {\n    await this.options.onLeader?.();\n  }\n\n  isLeader() {\n    return !!this.elector?.isLeader;\n  }\n\n  hasLeader() {\n    return !!this.elector?.hasLeader;\n  }\n\n  async start() {\n    await this.stop();\n    if (this.canStart()) {\n      const { electionChannelName } = this.options;\n      this.channel = new BroadcastChannel(electionChannelName as string);\n      this.elector = createLeaderElection(this.channel);\n      this.elector.onduplicate = this.onLeaderDuplicate;\n      this.elector.awaitLeadership().then(this.onLeader);\n      this.started = true;\n    }\n  }\n\n  async stop() {\n    if (this.started) {\n      if (this.elector) {\n        await this.elector.die();\n        this.elector = undefined;\n      }\n      if (this.channel) {\n        // Workaround to fix error `Failed to execute 'postMessage' on 'BroadcastChannel': Channel is closed`\n        (this.channel as any).postInternal = () => Promise.resolve();\n        await this.channel.close();\n        this.channel = undefined;\n      }\n      this.started = false;\n    }\n  }\n\n  requiresLeadership() {\n    return false;\n  }\n\n  isStarted() {\n    return this.started;\n  }\n\n  canStart() {\n    return isBrowser();\n  }\n\n}\n"],"mappings":";;;;;;;;;;AAcA;;AAKA;;AAnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAgBO,MAAMA,qBAAN,CAAwD;EAM7DC,WAAW,CAACC,OAAuB,GAAG,EAA3B,EAA+B;IAAA,+CAFxB,KAEwB;IACxC,KAAKA,OAAL,GAAeA,OAAf;IACA,KAAKC,iBAAL,GAAyB,KAAKA,iBAAL,CAAuBC,IAAvB,CAA4B,IAA5B,CAAzB;IACA,KAAKC,QAAL,GAAgB,KAAKA,QAAL,CAAcD,IAAd,CAAmB,IAAnB,CAAhB;EACD;;EAEOD,iBAAiB,GAAG,CAC3B;;EAEqB,MAARE,QAAQ,GAAG;IAAA;;IACvB,gCAAM,sBAAKH,OAAL,EAAaG,QAAnB,0DAAM,yCAAN;EACD;;EAEDC,QAAQ,GAAG;IAAA;;IACT,OAAO,CAAC,mBAAC,KAAKC,OAAN,0CAAC,cAAcD,QAAf,CAAR;EACD;;EAEDE,SAAS,GAAG;IAAA;;IACV,OAAO,CAAC,oBAAC,KAAKD,OAAN,2CAAC,eAAcC,SAAf,CAAR;EACD;;EAEU,MAALC,KAAK,GAAG;IACZ,MAAM,KAAKC,IAAL,EAAN;;IACA,IAAI,KAAKC,QAAL,EAAJ,EAAqB;MACnB,MAAM;QAAEC;MAAF,IAA0B,KAAKV,OAArC;MACA,KAAKW,OAAL,GAAe,IAAIC,kCAAJ,CAAqBF,mBAArB,CAAf;MACA,KAAKL,OAAL,GAAe,4CAAqB,KAAKM,OAA1B,CAAf;MACA,KAAKN,OAAL,CAAaQ,WAAb,GAA2B,KAAKZ,iBAAhC;MACA,KAAKI,OAAL,CAAaS,eAAb,GAA+BC,IAA/B,CAAoC,KAAKZ,QAAzC;MACA,KAAKa,OAAL,GAAe,IAAf;IACD;EACF;;EAES,MAAJR,IAAI,GAAG;IACX,IAAI,KAAKQ,OAAT,EAAkB;MAChB,IAAI,KAAKX,OAAT,EAAkB;QAChB,MAAM,KAAKA,OAAL,CAAaY,GAAb,EAAN;QACA,KAAKZ,OAAL,GAAea,SAAf;MACD;;MACD,IAAI,KAAKP,OAAT,EAAkB;QAChB;QACC,KAAKA,OAAN,CAAsBQ,YAAtB,GAAqC,MAAM,iBAAQC,OAAR,EAA3C;;QACA,MAAM,KAAKT,OAAL,CAAaU,KAAb,EAAN;QACA,KAAKV,OAAL,GAAeO,SAAf;MACD;;MACD,KAAKF,OAAL,GAAe,KAAf;IACD;EACF;;EAEDM,kBAAkB,GAAG;IACnB,OAAO,KAAP;EACD;;EAEDC,SAAS,GAAG;IACV,OAAO,KAAKP,OAAZ;EACD;;EAEDP,QAAQ,GAAG;IACT,OAAO,0BAAP;EACD;;AAjE4D"}

package/cjs/services/SyncStorageService.js

@@ -6,8 +6,12 @@ exports.SyncStorageService = void 0;
 
 var _defineProperty2 = _interopRequireDefault(require("@babel/runtime-corejs3/helpers/defineProperty"));
 
+var _broadcastChannel = require("broadcast-channel");
+
 var _features = require("../features");
 
+var _types = require("../types");
+
 /*!
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -19,43 +23,17 @@ var _features = require("../features");
  * 
  * See the License for the specific language governing permissions and limitations under the License.
  */
-
-/* global window */
 class SyncStorageService {
   constructor(tokenManager, options = {}) {
     (0, _defineProperty2.default)(this, "started", false);
+    (0, _defineProperty2.default)(this, "enablePostMessage", true);
     this.tokenManager = tokenManager;
     this.options = options;
-    this.storageListener = this.storageListener.bind(this);
-  } // Sync authState cross multiple tabs when localStorage is used as the storageProvider
-  // A StorageEvent is sent to a window when a storage area it has access to is changed 
-  // within the context of another document.
-  // https://developer.mozilla.org/en-US/docs/Web/API/StorageEvent
-
-
-  storageListener({
-    key,
-    newValue,
-    oldValue
-  }) {
-    const opts = this.tokenManager.getOptions();
-
-    const handleCrossTabsStorageChange = () => {
-      this.tokenManager.resetExpireEventTimeoutAll();
-      this.tokenManager.emitEventsForCrossTabsStorageUpdate(newValue, oldValue);
-    }; // Skip if:
-    // not from localStorage.clear (event.key is null)
-    // event.key is not the storageKey
-    // oldValue === newValue
-
-
-    if (key && (key !== opts.storageKey || newValue === oldValue)) {
-      return;
-    } // LocalStorage cross tabs update is not synced in IE, set a 1s timer by default to read latest value
-    // https://stackoverflow.com/questions/24077117/localstorage-in-win8-1-ie11-does-not-synchronize
-
-
-    this.syncTimeout = setTimeout(() => handleCrossTabsStorageChange(), opts._storageEventDelay);
+    this.onTokenAddedHandler = this.onTokenAddedHandler.bind(this);
+    this.onTokenRemovedHandler = this.onTokenRemovedHandler.bind(this);
+    this.onTokenRenewedHandler = this.onTokenRenewedHandler.bind(this);
+    this.onSetStorageHandler = this.onSetStorageHandler.bind(this);
+    this.onSyncMessageHandler = this.onSyncMessageHandler.bind(this);
   }
 
   requiresLeadership() {
@@ -70,23 +48,127 @@ class SyncStorageService {
     return !!this.options.syncStorage && (0, _features.isBrowser)();
   }
 
-  start() {
+  async start() {
     if (this.canStart()) {
-      this.stop();
-      window.addEventListener('storage', this.storageListener);
+      await this.stop();
+      const {
+        syncChannelName
+      } = this.options;
+      this.channel = new _broadcastChannel.BroadcastChannel(syncChannelName);
+      this.tokenManager.on(_types.EVENT_ADDED, this.onTokenAddedHandler);
+      this.tokenManager.on(_types.EVENT_REMOVED, this.onTokenRemovedHandler);
+      this.tokenManager.on(_types.EVENT_RENEWED, this.onTokenRenewedHandler);
+      this.tokenManager.on(_types.EVENT_SET_STORAGE, this.onSetStorageHandler);
+      this.channel.addEventListener('message', this.onSyncMessageHandler);
       this.started = true;
     }
   }
 
-  stop() {
+  async stop() {
     if (this.started) {
-      // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-      window.removeEventListener('storage', this.storageListener);
-      clearTimeout(this.syncTimeout);
+      var _this$channel, _this$channel2;
+
+      this.tokenManager.off(_types.EVENT_ADDED, this.onTokenAddedHandler);
+      this.tokenManager.off(_types.EVENT_REMOVED, this.onTokenRemovedHandler);
+      this.tokenManager.off(_types.EVENT_RENEWED, this.onTokenRenewedHandler);
+      this.tokenManager.off(_types.EVENT_SET_STORAGE, this.onSetStorageHandler);
+      (_this$channel = this.channel) === null || _this$channel === void 0 ? void 0 : _this$channel.removeEventListener('message', this.onSyncMessageHandler);
+      await ((_this$channel2 = this.channel) === null || _this$channel2 === void 0 ? void 0 : _this$channel2.close());
+      this.channel = undefined;
       this.started = false;
     }
   }
 
+  onTokenAddedHandler(key, token) {
+    var _this$channel3;
+
+    if (!this.enablePostMessage) {
+      return;
+    }
+
+    (_this$channel3 = this.channel) === null || _this$channel3 === void 0 ? void 0 : _this$channel3.postMessage({
+      type: _types.EVENT_ADDED,
+      key,
+      token
+    });
+  }
+
+  onTokenRemovedHandler(key, token) {
+    var _this$channel4;
+
+    if (!this.enablePostMessage) {
+      return;
+    }
+
+    (_this$channel4 = this.channel) === null || _this$channel4 === void 0 ? void 0 : _this$channel4.postMessage({
+      type: _types.EVENT_REMOVED,
+      key,
+      token
+    });
+  }
+
+  onTokenRenewedHandler(key, token, oldToken) {
+    var _this$channel5;
+
+    if (!this.enablePostMessage) {
+      return;
+    }
+
+    (_this$channel5 = this.channel) === null || _this$channel5 === void 0 ? void 0 : _this$channel5.postMessage({
+      type: _types.EVENT_RENEWED,
+      key,
+      token,
+      oldToken
+    });
+  }
+
+  onSetStorageHandler(storage) {
+    var _this$channel6;
+
+    (_this$channel6 = this.channel) === null || _this$channel6 === void 0 ? void 0 : _this$channel6.postMessage({
+      type: _types.EVENT_SET_STORAGE,
+      storage
+    });
+  }
+  /* eslint-disable complexity */
+
+
+  onSyncMessageHandler(msg) {
+    // Notes:
+    // 1. Using `enablePostMessage` flag here to prevent sync message loop.
+    //    If this flag is on, tokenManager event handlers do not post sync message.
+    // 2. IE11 has known issue with synchronization of LocalStorage cross tabs.
+    //    One workaround is to set empty event handler for `window.onstorage`.
+    //    But it's not 100% working, sometimes you still get old value from LocalStorage.
+    //    Better approch is to explicitly udpate LocalStorage with `setStorage`.
+    this.enablePostMessage = false;
+
+    switch (msg.type) {
+      case _types.EVENT_SET_STORAGE:
+        this.tokenManager.getStorage().setStorage(msg.storage);
+        break;
+
+      case _types.EVENT_ADDED:
+        this.tokenManager.emitAdded(msg.key, msg.token);
+        this.tokenManager.setExpireEventTimeout(msg.key, msg.token);
+        break;
+
+      case _types.EVENT_REMOVED:
+        this.tokenManager.clearExpireEventTimeout(msg.key);
+        this.tokenManager.emitRemoved(msg.key, msg.token);
+        break;
+
+      case _types.EVENT_RENEWED:
+        this.tokenManager.emitRenewed(msg.key, msg.token, msg.oldToken);
+        break;
+
+      default:
+        break;
+    }
+
+    this.enablePostMessage = true;
+  }
+
 }
 
 exports.SyncStorageService = SyncStorageService;