@okta/okta-auth-js 6.6.2 → 6.7.0

package/CHANGELOG.md

@@ -1,5 +1,15 @@
 # Changelog
 
+## 6.7.0
+
+## Features
+
+- [#1197](https://github.com/okta/okta-auth-js/pull/1197)
+  - Changes implementation of `SyncStorageService` using `broadcast-channel` instead of using `StorageEvent`. Supports `localStorage` and `cookie` storage.
+  - Adds `LeaderElectionService` as separate service
+  - Fixes error `Channel is closed` while stopping leader election
+- [#1158](https://github.com/okta/okta-auth-js/pull/1158) Adds MyAccount API. See [MyAccount API DOC](/docs/myaccount/README.md) for detailed information.
+
 ## 6.6.2
 
 ### Fixes

package/README.md

@@ -234,12 +234,12 @@ var authClient = new OktaAuth(config);
 
 ### Running as a service
 
-By default, creating a new instance of `OktaAuth` will not create any asynchronous side-effects. However, certain features such as [token auto renew](#autorenew), [token auto remove](#autoremove) and [cross-tab synchronization](#syncstorage) require `OktaAuth` to be running as a service. This means timeouts are set in the background which will continue working until the service is stopped.  To start the `OktaAuth` service, simply call the `start` method. To terminate all background processes, call `stop`. See [Service Configuration](#services) for more info.
+By default, creating a new instance of `OktaAuth` will not create any asynchronous side-effects. However, certain features such as [token auto renew](#autorenew), [token auto remove](#autoremove) and [cross-tab synchronization](#syncstorage) require `OktaAuth` to be running as a service. This means timeouts are set in the background which will continue working until the service is stopped.  To start the `OktaAuth` service, simply call the `start` method right after creation and before calling other methods like [handleLoginRedirect](#handleloginredirecttokens). To terminate all background processes, call `stop`. See [Service Configuration](#services) for more info.
 
 ```javascript
   var authClient = new OktaAuth(config);
-  authClient.start(); // start the service
-  authClient.stop(); // stop the service
+  await authClient.start(); // start the service
+  await authClient.stop(); // stop the service
 ```
 
 Starting the service will also call [authStateManager.updateAuthState](#authstatemanagerupdateauthstate).
@@ -539,6 +539,11 @@ Enables interaction code flow for direct auth clients.
 
 Used in authorization and interaction code flows by server-side web applications to obtain OAuth tokens. In a production application, this value should **never** be visible on the client side.
 
+#### `setLocation`
+
+Used in authorization and interaction code flows by server-side web applications to customize the redirect process.
+
+
 #### `httpRequestClient`
 
 The http request implementation. By default, this is implemented using [cross-fetch](https://github.com/lquixada/cross-fetch). To provide your own request library, implement the following interface:
@@ -829,7 +834,7 @@ When `tokenManager.autoRenew` is `true` both renew strategies are enabled. To di
 By default, the library will attempt to remove expired tokens when `autoRemove` is `true`. If you wish to disable auto removal of tokens, set `autoRemove` to `false`.
 
 #### `syncStorage`
-Automatically syncs tokens across browser tabs when token storage is `localStorage`. To disable this behavior, set `syncStorage` to false.
+Automatically syncs tokens across browser tabs when token storage is `localStorage` or `cookie`. To disable this behavior, set `syncStorage` to false.
 
 This is accomplished by selecting a single tab to handle the network requests to refresh the tokens and broadcasting to the other tabs. This is done to avoid all tabs sending refresh requests simultaneously, which can cause rate limiting/throttling issues.
 
@@ -869,6 +874,7 @@ This is accomplished by selecting a single tab to handle the network requests to
   * [session.get](#sessionget)
   * [session.refresh](#sessionrefresh)
 * [idx](#idx)
+* [myaccount](#myaccount)
 * [token](#token)
   * [token.getWithoutPrompt](#tokengetwithoutpromptoptions)
   * [token.getWithPopup](#tokengetwithpopupoptions)
@@ -903,11 +909,15 @@ This is accomplished by selecting a single tab to handle the network requests to
 
 ### `start()`
 
+> :hourglass: async
+
 Starts the `OktaAuth` service. See [running as a service](#running-as-a-service) for more details.
 
 ### `stop()`
 
-Starts the `OktaAuth` service. See [running as a service](#running-as-a-service) for more details.
+> :hourglass: async
+
+Stops the `OktaAuth` service. See [running as a service](#running-as-a-service) for more details.
 
 ### `signIn(options)`
 
@@ -1256,6 +1266,11 @@ authClient.session.refresh()
 
 See detail in [IDX README](docs/idx.md)
 
+### `myaccount`
+
+See detail in [MyAccount API README](docs/myaccount/README.md)
+
+
 ### `token`
 
 #### Authorize options

package/cjs/AuthStateManager.js

@@ -12,9 +12,9 @@ var _pCancelable = _interopRequireDefault(require("p-cancelable"));
 
 var _errors = require("./errors");
 
-var _util = require("./util");
+var _types = require("./types");
 
-var _TokenManager = require("./TokenManager");
+var _util = require("./util");
 
 var _PromiseQueue = _interopRequireDefault(require("./PromiseQueue"));
 
@@ -68,18 +68,18 @@ class AuthStateManager {
     // "added" event is emitted in both add and renew process
     // Only listen on "added" event to update auth state
 
-    sdk.tokenManager.on(_TokenManager.EVENT_ADDED, (key, token) => {
+    sdk.tokenManager.on(_types.EVENT_ADDED, (key, token) => {
       this._setLogOptions({
-        event: _TokenManager.EVENT_ADDED,
+        event: _types.EVENT_ADDED,
         key,
         token
       });
 
       this.updateAuthState();
     });
-    sdk.tokenManager.on(_TokenManager.EVENT_REMOVED, (key, token) => {
+    sdk.tokenManager.on(_types.EVENT_REMOVED, (key, token) => {
       this._setLogOptions({
-        event: _TokenManager.EVENT_REMOVED,
+        event: _types.EVENT_REMOVED,
         key,
         token
       });

package/cjs/AuthStateManager.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../lib/AuthStateManager.ts"],"names":["INITIAL_AUTH_STATE","DEFAULT_PENDING","updateAuthStatePromise","canceledTimes","EVENT_AUTH_STATE_CHANGE","MAX_PROMISE_CANCEL_TIMES","isSameAuthState","prevState","state","isAuthenticated","idToken","accessToken","error","AuthStateManager","constructor","sdk","emitter","AuthSdkError","_sdk","_pending","_authState","_logOptions","_prevAuthState","_transformQueue","PromiseQueue","quiet","tokenManager","on","EVENT_ADDED","key","token","_setLogOptions","event","updateAuthState","EVENT_REMOVED","options","getAuthState","getPreviousAuthState","transformAuthState","devMode","log","status","group","groupEnd","emitAuthStateChange","authState","emit","finalPromise","origPromise","then","curPromise","cancel","cancelablePromise","PCancelable","resolve","_","onCancel","shouldReject","emitAndResolve","isCanceled","refreshToken","getTokensSync","promise","push","catch","subscribe","handler","unsubscribe","off"],"mappings":";;;;;;;;;;AAeA;;AACA;;AAGA;;AACA;;AACA;;AArBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AASO,MAAMA,kBAAkB,GAAG,IAA3B;;AACP,MAAMC,eAAe,GAAG;AACtBC,EAAAA,sBAAsB,EAAE,IADF;AAEtBC,EAAAA,aAAa,EAAE;AAFO,CAAxB;AAIA,MAAMC,uBAAuB,GAAG,iBAAhC;AACA,MAAMC,wBAAwB,GAAG,EAAjC,C,CAEA;;AACA,MAAMC,eAAe,GAAG,CAACC,SAAD,EAA8BC,KAA9B,KAAmD;AACzE;AACA,MAAI,CAACD,SAAL,EAAgB;AACd,WAAO,KAAP;AACD;;AAED,SAAOA,SAAS,CAACE,eAAV,KAA8BD,KAAK,CAACC,eAApC,IACF,wBAAeF,SAAS,CAACG,OAAzB,MAAsC,wBAAeF,KAAK,CAACE,OAArB,CADpC,IAEF,wBAAeH,SAAS,CAACI,WAAzB,MAA0C,wBAAeH,KAAK,CAACG,WAArB,CAFxC,IAGFJ,SAAS,CAACK,KAAV,KAAoBJ,KAAK,CAACI,KAH/B;AAID,CAVD;;AAaO,MAAMC,gBAAN,CAAuB;AAW5BC,EAAAA,WAAW,CAACC,GAAD,EAAgB;AACzB,QAAI,CAACA,GAAG,CAACC,OAAT,EAAkB;AAChB,YAAM,IAAIC,oBAAJ,CAAiB,uDAAjB,CAAN;AACD;;AAED,SAAKC,IAAL,GAAYH,GAAZ;AACA,SAAKI,QAAL,GAAgB,EAAE,GAAGlB;AAAL,KAAhB;AACA,SAAKmB,UAAL,GAAkBpB,kBAAlB;AACA,SAAKqB,WAAL,GAAmB,EAAnB;AACA,SAAKC,cAAL,GAAsB,IAAtB;AACA,SAAKC,eAAL,GAAuB,IAAIC,qBAAJ,CAAiB;AACtCC,MAAAA,KAAK,EAAE;AAD+B,KAAjB,CAAvB,CAVyB,CAczB;AACA;AACA;;AACAV,IAAAA,GAAG,CAACW,YAAJ,CAAiBC,EAAjB,CAAoBC,yBAApB,EAAiC,CAACC,GAAD,EAAMC,KAAN,KAAgB;AAC/C,WAAKC,cAAL,CAAoB;AAAEC,QAAAA,KAAK,EAAEJ,yBAAT;AAAsBC,QAAAA,GAAtB;AAA2BC,QAAAA;AAA3B,OAApB;;AACA,WAAKG,eAAL;AACD,KAHD;AAIAlB,IAAAA,GAAG,CAACW,YAAJ,CAAiBC,EAAjB,CAAoBO,2BAApB,EAAmC,CAACL,GAAD,EAAMC,KAAN,KAAgB;AACjD,WAAKC,cAAL,CAAoB;AAAEC,QAAAA,KAAK,EAAEE,2BAAT;AAAwBL,QAAAA,GAAxB;AAA6BC,QAAAA;AAA7B,OAApB;;AACA,WAAKG,eAAL;AACD,KAHD;AAID;;AAEDF,EAAAA,cAAc,CAACI,OAAD,EAAU;AACtB,SAAKd,WAAL,GAAmBc,OAAnB;AACD;;AAEDC,EAAAA,YAAY,GAAqB;AAC/B,WAAO,KAAKhB,UAAZ;AACD;;AAEDiB,EAAAA,oBAAoB,GAAqB;AACvC,WAAO,KAAKf,cAAZ;AACD;;AAEoB,QAAfW,eAAe,GAAuB;AAC1C,UAAM;AAAEK,MAAAA,kBAAF;AAAsBC,MAAAA;AAAtB,QAAkC,KAAKrB,IAAL,CAAUiB,OAAlD;;AAEA,UAAMK,GAAG,GAAIC,MAAD,IAAY;AACtB,YAAM;AAAET,QAAAA,KAAF;AAASH,QAAAA,GAAT;AAAcC,QAAAA;AAAd,UAAwB,KAAKT,WAAnC;AACA,8BAAaqB,KAAb,CAAoB,uCAAsCV,KAAM,WAAUS,MAAO,EAAjF;AACA,8BAAaD,GAAb,CAAiBX,GAAjB,EAAsBC,KAAtB;AACA,8BAAaU,GAAb,CAAiB,mBAAjB,EAAsC,KAAKpB,UAA3C;AACA,8BAAauB,QAAb,GALsB,CAOtB;;AACA,WAAKtB,WAAL,GAAmB,EAAnB;AACD,KATD;;AAWA,UAAMuB,mBAAmB,GAAIC,SAAD,IAAe;AACzC,UAAIvC,eAAe,CAAC,KAAKc,UAAN,EAAkByB,SAAlB,CAAnB,EAAiD;AAC/CN,QAAAA,OAAO,IAAIC,GAAG,CAAC,WAAD,CAAd;AACA;AACD;;AACD,WAAKlB,cAAL,GAAsB,KAAKF,UAA3B;AACA,WAAKA,UAAL,GAAkByB,SAAlB,CANyC,CAOzC;;AACA,WAAK3B,IAAL,CAAUF,OAAV,CAAkB8B,IAAlB,CAAuB1C,uBAAvB,EAAgD,EAAE,GAAGyC;AAAL,OAAhD;;AACAN,MAAAA,OAAO,IAAIC,GAAG,CAAC,SAAD,CAAd;AACD,KAVD;;AAYA,UAAMO,YAAY,GAAIC,WAAD,IAAiB;AACpC,aAAO,KAAK7B,QAAL,CAAcjB,sBAAd,CAAqC+C,IAArC,CAA0C,MAAM;AACrD,cAAMC,UAAU,GAAG,KAAK/B,QAAL,CAAcjB,sBAAjC;;AACA,YAAIgD,UAAU,IAAIA,UAAU,KAAKF,WAAjC,EAA8C;AAC5C,iBAAOD,YAAY,CAACG,UAAD,CAAnB;AACD;;AACD,eAAO,KAAKd,YAAL,EAAP;AACD,OANM,CAAP;AAOD,KARD;;AAUA,QAAI,KAAKjB,QAAL,CAAcjB,sBAAlB,EAA0C;AACxC,UAAI,KAAKiB,QAAL,CAAchB,aAAd,IAA+BE,wBAAnC,EAA6D;AAC3D;AACA;AACAkC,QAAAA,OAAO,IAAIC,GAAG,CAAC,YAAD,CAAd;AACA,eAAOO,YAAY,CAAC,KAAK5B,QAAL,CAAcjB,sBAAf,CAAnB;AACD,OALD,MAKO;AACL,aAAKiB,QAAL,CAAcjB,sBAAd,CAAqCiD,MAArC;AACD;AACF;AAED;;;AACA,UAAMC,iBAAiB,GAAG,IAAIC,oBAAJ,CAAgB,CAACC,OAAD,EAAUC,CAAV,EAAaC,QAAb,KAA0B;AAClEA,MAAAA,QAAQ,CAACC,YAAT,GAAwB,KAAxB;AACAD,MAAAA,QAAQ,CAAC,MAAM;AACb,aAAKrC,QAAL,CAAcjB,sBAAd,GAAuC,IAAvC;AACA,aAAKiB,QAAL,CAAchB,aAAd,GAA8B,KAAKgB,QAAL,CAAchB,aAAd,GAA8B,CAA5D;AACAoC,QAAAA,OAAO,IAAIC,GAAG,CAAC,UAAD,CAAd;AACD,OAJO,CAAR;;AAMA,YAAMkB,cAAc,GAAIb,SAAD,IAAe;AACpC,YAAIO,iBAAiB,CAACO,UAAtB,EAAkC;AAChCL,UAAAA,OAAO;AACP;AACD,SAJmC,CAKpC;;;AACAV,QAAAA,mBAAmB,CAACC,SAAD,CAAnB;AACAS,QAAAA,OAAO,GAP6B,CASpC;;AACA,aAAKnC,QAAL,GAAgB,EAAE,GAAGlB;AAAL,SAAhB;AACD,OAXD;;AAaA,WAAKiB,IAAL,CAAUT,eAAV,GACGwC,IADH,CACQ,MAAM;AACV,YAAIG,iBAAiB,CAACO,UAAtB,EAAkC;AAChCL,UAAAA,OAAO;AACP;AACD;;AAED,cAAM;AAAE3C,UAAAA,WAAF;AAAeD,UAAAA,OAAf;AAAwBkD,UAAAA;AAAxB,YAAyC,KAAK1C,IAAL,CAAUQ,YAAV,CAAuBmC,aAAvB,EAA/C;;AACA,cAAMhB,SAAS,GAAG;AAChBlC,UAAAA,WADgB;AAEhBD,UAAAA,OAFgB;AAGhBkD,UAAAA,YAHgB;AAIhBnD,UAAAA,eAAe,EAAE,CAAC,EAAEE,WAAW,IAAID,OAAjB;AAJF,SAAlB,CAPU,CAcV;;AACA,cAAMoD,OAA2B,GAAGxB,kBAAkB,GAClD,KAAKf,eAAL,CAAqBwC,IAArB,CAA0BzB,kBAA1B,EAA8C,IAA9C,EAAoD,KAAKpB,IAAzD,EAA+D2B,SAA/D,CADkD,GAElD,iBAAQS,OAAR,CAAgBT,SAAhB,CAFJ;AAIAiB,QAAAA,OAAO,CACJb,IADH,CACQJ,SAAS,IAAIa,cAAc,CAACb,SAAD,CADnC,EAEGmB,KAFH,CAESpD,KAAK,IAAI8C,cAAc,CAAC;AAC7B/C,UAAAA,WAD6B;AAE7BD,UAAAA,OAF6B;AAG7BkD,UAAAA,YAH6B;AAI7BnD,UAAAA,eAAe,EAAE,KAJY;AAK7BG,UAAAA;AAL6B,SAAD,CAFhC;AASD,OA7BH;AA8BD,KAnDyB,CAA1B;AAoDA;;AACA,SAAKO,QAAL,CAAcjB,sBAAd,GAAuCkD,iBAAvC;AAEA,WAAOL,YAAY,CAACK,iBAAD,CAAnB;AACD;;AAEDa,EAAAA,SAAS,CAACC,OAAD,EAAgB;AACvB,SAAKhD,IAAL,CAAUF,OAAV,CAAkBW,EAAlB,CAAqBvB,uBAArB,EAA8C8D,OAA9C;AACD;;AAEDC,EAAAA,WAAW,CAACD,OAAD,EAAiB;AAC1B,SAAKhD,IAAL,CAAUF,OAAV,CAAkBoD,GAAlB,CAAsBhE,uBAAtB,EAA+C8D,OAA/C;AACD;;AAlK2B","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n \n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport PCancelable from 'p-cancelable';\nimport { AuthSdkError } from './errors';\nimport { AuthState, AuthStateLogOptions } from './types';\nimport { OktaAuth } from '.';\nimport { getConsole } from './util';\nimport { EVENT_ADDED, EVENT_REMOVED } from './TokenManager';\nimport PromiseQueue from './PromiseQueue';\n\nexport const INITIAL_AUTH_STATE = null;\nconst DEFAULT_PENDING = {\n  updateAuthStatePromise: null,\n  canceledTimes: 0\n};\nconst EVENT_AUTH_STATE_CHANGE = 'authStateChange';\nconst MAX_PROMISE_CANCEL_TIMES = 10;\n\n// only compare first level of authState\nconst isSameAuthState = (prevState: AuthState | null, state: AuthState) => {\n  // initial state is null\n  if (!prevState) {\n    return false;\n  }\n\n  return prevState.isAuthenticated === state.isAuthenticated \n    && JSON.stringify(prevState.idToken) === JSON.stringify(state.idToken)\n    && JSON.stringify(prevState.accessToken) === JSON.stringify(state.accessToken)\n    && prevState.error === state.error;\n};\n\n\nexport class AuthStateManager {\n  _sdk: OktaAuth;\n  _pending: { \n    updateAuthStatePromise: any;\n    canceledTimes: number; \n  };\n  _authState: AuthState | null;\n  _prevAuthState: AuthState | null;\n  _logOptions: AuthStateLogOptions;\n  _transformQueue: PromiseQueue;\n\n  constructor(sdk: OktaAuth) {\n    if (!sdk.emitter) {\n      throw new AuthSdkError('Emitter should be initialized before AuthStateManager');\n    }\n\n    this._sdk = sdk;\n    this._pending = { ...DEFAULT_PENDING };\n    this._authState = INITIAL_AUTH_STATE;\n    this._logOptions = {};\n    this._prevAuthState = null;\n    this._transformQueue = new PromiseQueue({\n      quiet: true\n    });\n\n    // Listen on tokenManager events to start updateState process\n    // \"added\" event is emitted in both add and renew process\n    // Only listen on \"added\" event to update auth state\n    sdk.tokenManager.on(EVENT_ADDED, (key, token) => {\n      this._setLogOptions({ event: EVENT_ADDED, key, token });\n      this.updateAuthState();\n    });\n    sdk.tokenManager.on(EVENT_REMOVED, (key, token) => {\n      this._setLogOptions({ event: EVENT_REMOVED, key, token });\n      this.updateAuthState();\n    });\n  }\n\n  _setLogOptions(options) {\n    this._logOptions = options;\n  }\n\n  getAuthState(): AuthState | null {\n    return this._authState;\n  }\n\n  getPreviousAuthState(): AuthState | null {\n    return this._prevAuthState;\n  }\n\n  async updateAuthState(): Promise<AuthState> {\n    const { transformAuthState, devMode } = this._sdk.options;\n\n    const log = (status) => {\n      const { event, key, token } = this._logOptions;\n      getConsole().group(`OKTA-AUTH-JS:updateAuthState: Event:${event} Status:${status}`);\n      getConsole().log(key, token);\n      getConsole().log('Current authState', this._authState);\n      getConsole().groupEnd();\n      \n      // clear log options after logging\n      this._logOptions = {};\n    };\n\n    const emitAuthStateChange = (authState) => {\n      if (isSameAuthState(this._authState, authState)) {\n        devMode && log('unchanged'); \n        return;\n      }\n      this._prevAuthState = this._authState;\n      this._authState = authState;\n      // emit new authState object\n      this._sdk.emitter.emit(EVENT_AUTH_STATE_CHANGE, { ...authState });\n      devMode && log('emitted');\n    };\n\n    const finalPromise = (origPromise) => {       \n      return this._pending.updateAuthStatePromise.then(() => {\n        const curPromise = this._pending.updateAuthStatePromise;\n        if (curPromise && curPromise !== origPromise) {\n          return finalPromise(curPromise);\n        }\n        return this.getAuthState();\n      });\n    };\n\n    if (this._pending.updateAuthStatePromise) {\n      if (this._pending.canceledTimes >= MAX_PROMISE_CANCEL_TIMES) {\n        // stop canceling then starting a new promise\n        // let existing promise finish to prevent running into loops\n        devMode && log('terminated');\n        return finalPromise(this._pending.updateAuthStatePromise);\n      } else {\n        this._pending.updateAuthStatePromise.cancel();\n      }\n    }\n\n    /* eslint-disable complexity */\n    const cancelablePromise = new PCancelable((resolve, _, onCancel) => {\n      onCancel.shouldReject = false;\n      onCancel(() => {\n        this._pending.updateAuthStatePromise = null;\n        this._pending.canceledTimes = this._pending.canceledTimes + 1;\n        devMode && log('canceled');\n      });\n\n      const emitAndResolve = (authState) => {\n        if (cancelablePromise.isCanceled) {\n          resolve();\n          return;\n        }\n        // emit event and resolve promise \n        emitAuthStateChange(authState);\n        resolve();\n\n        // clear pending states after resolve\n        this._pending = { ...DEFAULT_PENDING };\n      };\n\n      this._sdk.isAuthenticated()\n        .then(() => {\n          if (cancelablePromise.isCanceled) {\n            resolve();\n            return;\n          }\n\n          const { accessToken, idToken, refreshToken } = this._sdk.tokenManager.getTokensSync();\n          const authState = {\n            accessToken,\n            idToken,\n            refreshToken,\n            isAuthenticated: !!(accessToken && idToken)\n          };\n\n          // Enqueue transformAuthState so that it does not run concurrently\n          const promise: Promise<AuthState> = transformAuthState\n            ? this._transformQueue.push(transformAuthState, null, this._sdk, authState) as Promise<AuthState>\n            : Promise.resolve(authState);\n\n          promise\n            .then(authState => emitAndResolve(authState))\n            .catch(error => emitAndResolve({\n              accessToken, \n              idToken, \n              refreshToken,\n              isAuthenticated: false, \n              error\n            }));\n        });\n    });\n    /* eslint-enable complexity */\n    this._pending.updateAuthStatePromise = cancelablePromise;\n\n    return finalPromise(cancelablePromise);\n  }\n\n  subscribe(handler): void {\n    this._sdk.emitter.on(EVENT_AUTH_STATE_CHANGE, handler);\n  }\n\n  unsubscribe(handler?): void {\n    this._sdk.emitter.off(EVENT_AUTH_STATE_CHANGE, handler);\n  }\n}\n"],"file":"AuthStateManager.js"}
+{"version":3,"file":"AuthStateManager.js","names":["INITIAL_AUTH_STATE","DEFAULT_PENDING","updateAuthStatePromise","canceledTimes","EVENT_AUTH_STATE_CHANGE","MAX_PROMISE_CANCEL_TIMES","isSameAuthState","prevState","state","isAuthenticated","idToken","accessToken","error","AuthStateManager","constructor","sdk","emitter","AuthSdkError","_sdk","_pending","_authState","_logOptions","_prevAuthState","_transformQueue","PromiseQueue","quiet","tokenManager","on","EVENT_ADDED","key","token","_setLogOptions","event","updateAuthState","EVENT_REMOVED","options","getAuthState","getPreviousAuthState","transformAuthState","devMode","log","status","group","groupEnd","emitAuthStateChange","authState","emit","finalPromise","origPromise","then","curPromise","cancel","cancelablePromise","PCancelable","resolve","_","onCancel","shouldReject","emitAndResolve","isCanceled","refreshToken","getTokensSync","promise","push","catch","subscribe","handler","unsubscribe","off"],"sources":["../../lib/AuthStateManager.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n \n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport PCancelable from 'p-cancelable';\nimport { AuthSdkError } from './errors';\nimport { AuthState, AuthStateLogOptions, EVENT_ADDED, EVENT_REMOVED } from './types';\nimport { OktaAuth } from '.';\nimport { getConsole } from './util';\nimport PromiseQueue from './PromiseQueue';\n\nexport const INITIAL_AUTH_STATE = null;\nconst DEFAULT_PENDING = {\n  updateAuthStatePromise: null,\n  canceledTimes: 0\n};\nconst EVENT_AUTH_STATE_CHANGE = 'authStateChange';\nconst MAX_PROMISE_CANCEL_TIMES = 10;\n\n// only compare first level of authState\nconst isSameAuthState = (prevState: AuthState | null, state: AuthState) => {\n  // initial state is null\n  if (!prevState) {\n    return false;\n  }\n\n  return prevState.isAuthenticated === state.isAuthenticated \n    && JSON.stringify(prevState.idToken) === JSON.stringify(state.idToken)\n    && JSON.stringify(prevState.accessToken) === JSON.stringify(state.accessToken)\n    && prevState.error === state.error;\n};\n\n\nexport class AuthStateManager {\n  _sdk: OktaAuth;\n  _pending: { \n    updateAuthStatePromise: any;\n    canceledTimes: number; \n  };\n  _authState: AuthState | null;\n  _prevAuthState: AuthState | null;\n  _logOptions: AuthStateLogOptions;\n  _transformQueue: PromiseQueue;\n\n  constructor(sdk: OktaAuth) {\n    if (!sdk.emitter) {\n      throw new AuthSdkError('Emitter should be initialized before AuthStateManager');\n    }\n\n    this._sdk = sdk;\n    this._pending = { ...DEFAULT_PENDING };\n    this._authState = INITIAL_AUTH_STATE;\n    this._logOptions = {};\n    this._prevAuthState = null;\n    this._transformQueue = new PromiseQueue({\n      quiet: true\n    });\n\n    // Listen on tokenManager events to start updateState process\n    // \"added\" event is emitted in both add and renew process\n    // Only listen on \"added\" event to update auth state\n    sdk.tokenManager.on(EVENT_ADDED, (key, token) => {\n      this._setLogOptions({ event: EVENT_ADDED, key, token });\n      this.updateAuthState();\n    });\n    sdk.tokenManager.on(EVENT_REMOVED, (key, token) => {\n      this._setLogOptions({ event: EVENT_REMOVED, key, token });\n      this.updateAuthState();\n    });\n  }\n\n  _setLogOptions(options) {\n    this._logOptions = options;\n  }\n\n  getAuthState(): AuthState | null {\n    return this._authState;\n  }\n\n  getPreviousAuthState(): AuthState | null {\n    return this._prevAuthState;\n  }\n\n  async updateAuthState(): Promise<AuthState> {\n    const { transformAuthState, devMode } = this._sdk.options;\n\n    const log = (status) => {\n      const { event, key, token } = this._logOptions;\n      getConsole().group(`OKTA-AUTH-JS:updateAuthState: Event:${event} Status:${status}`);\n      getConsole().log(key, token);\n      getConsole().log('Current authState', this._authState);\n      getConsole().groupEnd();\n      \n      // clear log options after logging\n      this._logOptions = {};\n    };\n\n    const emitAuthStateChange = (authState) => {\n      if (isSameAuthState(this._authState, authState)) {\n        devMode && log('unchanged'); \n        return;\n      }\n      this._prevAuthState = this._authState;\n      this._authState = authState;\n      // emit new authState object\n      this._sdk.emitter.emit(EVENT_AUTH_STATE_CHANGE, { ...authState });\n      devMode && log('emitted');\n    };\n\n    const finalPromise = (origPromise) => {       \n      return this._pending.updateAuthStatePromise.then(() => {\n        const curPromise = this._pending.updateAuthStatePromise;\n        if (curPromise && curPromise !== origPromise) {\n          return finalPromise(curPromise);\n        }\n        return this.getAuthState();\n      });\n    };\n\n    if (this._pending.updateAuthStatePromise) {\n      if (this._pending.canceledTimes >= MAX_PROMISE_CANCEL_TIMES) {\n        // stop canceling then starting a new promise\n        // let existing promise finish to prevent running into loops\n        devMode && log('terminated');\n        return finalPromise(this._pending.updateAuthStatePromise);\n      } else {\n        this._pending.updateAuthStatePromise.cancel();\n      }\n    }\n\n    /* eslint-disable complexity */\n    const cancelablePromise = new PCancelable((resolve, _, onCancel) => {\n      onCancel.shouldReject = false;\n      onCancel(() => {\n        this._pending.updateAuthStatePromise = null;\n        this._pending.canceledTimes = this._pending.canceledTimes + 1;\n        devMode && log('canceled');\n      });\n\n      const emitAndResolve = (authState) => {\n        if (cancelablePromise.isCanceled) {\n          resolve();\n          return;\n        }\n        // emit event and resolve promise \n        emitAuthStateChange(authState);\n        resolve();\n\n        // clear pending states after resolve\n        this._pending = { ...DEFAULT_PENDING };\n      };\n\n      this._sdk.isAuthenticated()\n        .then(() => {\n          if (cancelablePromise.isCanceled) {\n            resolve();\n            return;\n          }\n\n          const { accessToken, idToken, refreshToken } = this._sdk.tokenManager.getTokensSync();\n          const authState = {\n            accessToken,\n            idToken,\n            refreshToken,\n            isAuthenticated: !!(accessToken && idToken)\n          };\n\n          // Enqueue transformAuthState so that it does not run concurrently\n          const promise: Promise<AuthState> = transformAuthState\n            ? this._transformQueue.push(transformAuthState, null, this._sdk, authState) as Promise<AuthState>\n            : Promise.resolve(authState);\n\n          promise\n            .then(authState => emitAndResolve(authState))\n            .catch(error => emitAndResolve({\n              accessToken, \n              idToken, \n              refreshToken,\n              isAuthenticated: false, \n              error\n            }));\n        });\n    });\n    /* eslint-enable complexity */\n    this._pending.updateAuthStatePromise = cancelablePromise;\n\n    return finalPromise(cancelablePromise);\n  }\n\n  subscribe(handler): void {\n    this._sdk.emitter.on(EVENT_AUTH_STATE_CHANGE, handler);\n  }\n\n  unsubscribe(handler?): void {\n    this._sdk.emitter.off(EVENT_AUTH_STATE_CHANGE, handler);\n  }\n}\n"],"mappings":";;;;;;;;;;AAeA;;AACA;;AACA;;AAEA;;AACA;;AApBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AAQO,MAAMA,kBAAkB,GAAG,IAA3B;;AACP,MAAMC,eAAe,GAAG;EACtBC,sBAAsB,EAAE,IADF;EAEtBC,aAAa,EAAE;AAFO,CAAxB;AAIA,MAAMC,uBAAuB,GAAG,iBAAhC;AACA,MAAMC,wBAAwB,GAAG,EAAjC,C,CAEA;;AACA,MAAMC,eAAe,GAAG,CAACC,SAAD,EAA8BC,KAA9B,KAAmD;EACzE;EACA,IAAI,CAACD,SAAL,EAAgB;IACd,OAAO,KAAP;EACD;;EAED,OAAOA,SAAS,CAACE,eAAV,KAA8BD,KAAK,CAACC,eAApC,IACF,wBAAeF,SAAS,CAACG,OAAzB,MAAsC,wBAAeF,KAAK,CAACE,OAArB,CADpC,IAEF,wBAAeH,SAAS,CAACI,WAAzB,MAA0C,wBAAeH,KAAK,CAACG,WAArB,CAFxC,IAGFJ,SAAS,CAACK,KAAV,KAAoBJ,KAAK,CAACI,KAH/B;AAID,CAVD;;AAaO,MAAMC,gBAAN,CAAuB;EAW5BC,WAAW,CAACC,GAAD,EAAgB;IACzB,IAAI,CAACA,GAAG,CAACC,OAAT,EAAkB;MAChB,MAAM,IAAIC,oBAAJ,CAAiB,uDAAjB,CAAN;IACD;;IAED,KAAKC,IAAL,GAAYH,GAAZ;IACA,KAAKI,QAAL,GAAgB,EAAE,GAAGlB;IAAL,CAAhB;IACA,KAAKmB,UAAL,GAAkBpB,kBAAlB;IACA,KAAKqB,WAAL,GAAmB,EAAnB;IACA,KAAKC,cAAL,GAAsB,IAAtB;IACA,KAAKC,eAAL,GAAuB,IAAIC,qBAAJ,CAAiB;MACtCC,KAAK,EAAE;IAD+B,CAAjB,CAAvB,CAVyB,CAczB;IACA;IACA;;IACAV,GAAG,CAACW,YAAJ,CAAiBC,EAAjB,CAAoBC,kBAApB,EAAiC,CAACC,GAAD,EAAMC,KAAN,KAAgB;MAC/C,KAAKC,cAAL,CAAoB;QAAEC,KAAK,EAAEJ,kBAAT;QAAsBC,GAAtB;QAA2BC;MAA3B,CAApB;;MACA,KAAKG,eAAL;IACD,CAHD;IAIAlB,GAAG,CAACW,YAAJ,CAAiBC,EAAjB,CAAoBO,oBAApB,EAAmC,CAACL,GAAD,EAAMC,KAAN,KAAgB;MACjD,KAAKC,cAAL,CAAoB;QAAEC,KAAK,EAAEE,oBAAT;QAAwBL,GAAxB;QAA6BC;MAA7B,CAApB;;MACA,KAAKG,eAAL;IACD,CAHD;EAID;;EAEDF,cAAc,CAACI,OAAD,EAAU;IACtB,KAAKd,WAAL,GAAmBc,OAAnB;EACD;;EAEDC,YAAY,GAAqB;IAC/B,OAAO,KAAKhB,UAAZ;EACD;;EAEDiB,oBAAoB,GAAqB;IACvC,OAAO,KAAKf,cAAZ;EACD;;EAEoB,MAAfW,eAAe,GAAuB;IAC1C,MAAM;MAAEK,kBAAF;MAAsBC;IAAtB,IAAkC,KAAKrB,IAAL,CAAUiB,OAAlD;;IAEA,MAAMK,GAAG,GAAIC,MAAD,IAAY;MACtB,MAAM;QAAET,KAAF;QAASH,GAAT;QAAcC;MAAd,IAAwB,KAAKT,WAAnC;MACA,wBAAaqB,KAAb,CAAoB,uCAAsCV,KAAM,WAAUS,MAAO,EAAjF;MACA,wBAAaD,GAAb,CAAiBX,GAAjB,EAAsBC,KAAtB;MACA,wBAAaU,GAAb,CAAiB,mBAAjB,EAAsC,KAAKpB,UAA3C;MACA,wBAAauB,QAAb,GALsB,CAOtB;;MACA,KAAKtB,WAAL,GAAmB,EAAnB;IACD,CATD;;IAWA,MAAMuB,mBAAmB,GAAIC,SAAD,IAAe;MACzC,IAAIvC,eAAe,CAAC,KAAKc,UAAN,EAAkByB,SAAlB,CAAnB,EAAiD;QAC/CN,OAAO,IAAIC,GAAG,CAAC,WAAD,CAAd;QACA;MACD;;MACD,KAAKlB,cAAL,GAAsB,KAAKF,UAA3B;MACA,KAAKA,UAAL,GAAkByB,SAAlB,CANyC,CAOzC;;MACA,KAAK3B,IAAL,CAAUF,OAAV,CAAkB8B,IAAlB,CAAuB1C,uBAAvB,EAAgD,EAAE,GAAGyC;MAAL,CAAhD;;MACAN,OAAO,IAAIC,GAAG,CAAC,SAAD,CAAd;IACD,CAVD;;IAYA,MAAMO,YAAY,GAAIC,WAAD,IAAiB;MACpC,OAAO,KAAK7B,QAAL,CAAcjB,sBAAd,CAAqC+C,IAArC,CAA0C,MAAM;QACrD,MAAMC,UAAU,GAAG,KAAK/B,QAAL,CAAcjB,sBAAjC;;QACA,IAAIgD,UAAU,IAAIA,UAAU,KAAKF,WAAjC,EAA8C;UAC5C,OAAOD,YAAY,CAACG,UAAD,CAAnB;QACD;;QACD,OAAO,KAAKd,YAAL,EAAP;MACD,CANM,CAAP;IAOD,CARD;;IAUA,IAAI,KAAKjB,QAAL,CAAcjB,sBAAlB,EAA0C;MACxC,IAAI,KAAKiB,QAAL,CAAchB,aAAd,IAA+BE,wBAAnC,EAA6D;QAC3D;QACA;QACAkC,OAAO,IAAIC,GAAG,CAAC,YAAD,CAAd;QACA,OAAOO,YAAY,CAAC,KAAK5B,QAAL,CAAcjB,sBAAf,CAAnB;MACD,CALD,MAKO;QACL,KAAKiB,QAAL,CAAcjB,sBAAd,CAAqCiD,MAArC;MACD;IACF;IAED;;;IACA,MAAMC,iBAAiB,GAAG,IAAIC,oBAAJ,CAAgB,CAACC,OAAD,EAAUC,CAAV,EAAaC,QAAb,KAA0B;MAClEA,QAAQ,CAACC,YAAT,GAAwB,KAAxB;MACAD,QAAQ,CAAC,MAAM;QACb,KAAKrC,QAAL,CAAcjB,sBAAd,GAAuC,IAAvC;QACA,KAAKiB,QAAL,CAAchB,aAAd,GAA8B,KAAKgB,QAAL,CAAchB,aAAd,GAA8B,CAA5D;QACAoC,OAAO,IAAIC,GAAG,CAAC,UAAD,CAAd;MACD,CAJO,CAAR;;MAMA,MAAMkB,cAAc,GAAIb,SAAD,IAAe;QACpC,IAAIO,iBAAiB,CAACO,UAAtB,EAAkC;UAChCL,OAAO;UACP;QACD,CAJmC,CAKpC;;;QACAV,mBAAmB,CAACC,SAAD,CAAnB;QACAS,OAAO,GAP6B,CASpC;;QACA,KAAKnC,QAAL,GAAgB,EAAE,GAAGlB;QAAL,CAAhB;MACD,CAXD;;MAaA,KAAKiB,IAAL,CAAUT,eAAV,GACGwC,IADH,CACQ,MAAM;QACV,IAAIG,iBAAiB,CAACO,UAAtB,EAAkC;UAChCL,OAAO;UACP;QACD;;QAED,MAAM;UAAE3C,WAAF;UAAeD,OAAf;UAAwBkD;QAAxB,IAAyC,KAAK1C,IAAL,CAAUQ,YAAV,CAAuBmC,aAAvB,EAA/C;;QACA,MAAMhB,SAAS,GAAG;UAChBlC,WADgB;UAEhBD,OAFgB;UAGhBkD,YAHgB;UAIhBnD,eAAe,EAAE,CAAC,EAAEE,WAAW,IAAID,OAAjB;QAJF,CAAlB,CAPU,CAcV;;QACA,MAAMoD,OAA2B,GAAGxB,kBAAkB,GAClD,KAAKf,eAAL,CAAqBwC,IAArB,CAA0BzB,kBAA1B,EAA8C,IAA9C,EAAoD,KAAKpB,IAAzD,EAA+D2B,SAA/D,CADkD,GAElD,iBAAQS,OAAR,CAAgBT,SAAhB,CAFJ;QAIAiB,OAAO,CACJb,IADH,CACQJ,SAAS,IAAIa,cAAc,CAACb,SAAD,CADnC,EAEGmB,KAFH,CAESpD,KAAK,IAAI8C,cAAc,CAAC;UAC7B/C,WAD6B;UAE7BD,OAF6B;UAG7BkD,YAH6B;UAI7BnD,eAAe,EAAE,KAJY;UAK7BG;QAL6B,CAAD,CAFhC;MASD,CA7BH;IA8BD,CAnDyB,CAA1B;IAoDA;;IACA,KAAKO,QAAL,CAAcjB,sBAAd,GAAuCkD,iBAAvC;IAEA,OAAOL,YAAY,CAACK,iBAAD,CAAnB;EACD;;EAEDa,SAAS,CAACC,OAAD,EAAgB;IACvB,KAAKhD,IAAL,CAAUF,OAAV,CAAkBW,EAAlB,CAAqBvB,uBAArB,EAA8C8D,OAA9C;EACD;;EAEDC,WAAW,CAACD,OAAD,EAAiB;IAC1B,KAAKhD,IAAL,CAAUF,OAAV,CAAkBoD,GAAlB,CAAsBhE,uBAAtB,EAA+C8D,OAA/C;EACD;;AAlK2B"}

package/cjs/OktaAuth.js

@@ -124,7 +124,7 @@ class OktaAuth {
       computeChallenge: _pkce.default.computeChallenge
     }; // Add shims for compatibility, these will be removed in next major version. OKTA-362589
 
-    (0, _assign.default)(this.options.storageUtil, {
+    (0, _assign.default)(this.options.storageUtil || {}, {
       getPKCEStorage: this.storageManager.getLegacyPKCEStorage.bind(this.storageManager),
       getHttpCache: this.storageManager.getHttpCache.bind(this.storageManager)
     });
@@ -174,7 +174,11 @@ class OktaAuth {
     const getWithRedirectApi = (0, _assign.default)(getWithRedirectFn, {
       // This is exposed so we can set window.location in our tests
       _setLocation: function (url) {
-        window.location = url;
+        if (options.setLocation) {
+          options.setLocation(url);
+        } else {
+          window.location = url;
+        }
       }
     }); // eslint-disable-next-line max-len
 
@@ -268,20 +272,26 @@ class OktaAuth {
 
     this.tokenManager = new _TokenManager.TokenManager(this, args.tokenManager); // AuthStateManager
 
-    this.authStateManager = new _AuthStateManager.AuthStateManager(this); // ServiceManager
+    this.authStateManager = new _AuthStateManager.AuthStateManager(this); // Enable `syncStorage` only if token storage is shared across tabs (type is `localStorage` or `cookie`)
+
+    if (!this.tokenManager.hasSharedStorage()) {
+      args.services = { ...args.services,
+        syncStorage: false
+      };
+    } // ServiceManager
+
 
     this.serviceManager = new _ServiceManager.ServiceManager(this, args.services);
   }
 
   async start() {
-    // TODO: review tokenManager.start
+    await this.serviceManager.start(); // TODO: review tokenManager.start
+
     this.tokenManager.start();
 
     if (!this.token.isLoginRedirect()) {
-      this.authStateManager.updateAuthState();
+      await this.authStateManager.updateAuthState();
     }
-
-    await this.serviceManager.start();
   }
 
   async stop() {

package/cjs/OktaAuth.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../lib/OktaAuth.ts"],"names":["OktaAuth","constructor","args","features","options","storageManager","StorageManager","cookies","storageUtil","transactionManager","TransactionManager","_oktaUserAgent","OktaUserAgent","tx","status","transactionStatus","bind","resume","resumeTransaction","exists","transactionExists","_get","name","storage","get","introspect","introspectAuthn","createTransaction","res","AuthTransaction","postToTransaction","url","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","getPKCEStorage","getLegacyPKCEStorage","getHttpCache","_pending","handleLogin","redirectUri","window","location","origin","maxClockSkew","DEFAULT_MAX_CLOCK_SKEW","ignoreLifetime","session","close","closeSession","sessionExists","getSession","refresh","refreshSession","setCookieAndRedirect","_tokenQueue","PromiseQueue","useQueue","method","prototype","push","getWithRedirectFn","getWithRedirect","getWithRedirectApi","_setLocation","parseFromUrlFn","parseFromUrl","parseFromUrlApi","_getHistory","history","_getLocation","_getDocument","document","token","prepareTokenParams","exchangeCodeForTokens","getWithoutPrompt","getWithPopup","decode","decodeToken","revoke","revokeToken","renew","renewToken","renewTokensWithRefresh","renewTokens","getUserInfo","accessTokenObject","idTokenObject","verify","verifyToken","isLoginRedirect","toWrap","forEach","key","boundStartTransaction","startTransaction","idx","interact","makeIdxResponse","makeIdxState","authenticate","register","start","poll","proceed","cancel","recoverPassword","handleInteractionCodeRedirect","isInteractionRequired","isInteractionRequiredError","handleEmailVerifyCallback","isEmailVerifyCallback","parseEmailVerifyCallback","isEmailVerifyCallbackError","getSavedTransactionMeta","createTransactionMeta","getTransactionMeta","saveTransactionMeta","clearTransactionMeta","isTransactionMetaValid","setFlow","flow","getFlow","canProceed","unlockAccount","http","setRequestHeader","fingerprint","emitter","Emitter","tokenManager","TokenManager","authStateManager","AuthStateManager","serviceManager","ServiceManager","services","updateAuthState","stop","setHeaders","headers","signIn","opts","signInWithCredentials","_postToTransaction","sendFingerprint","then","signInWithRedirect","originalUri","additionalParams","setOriginalUri","params","scopes","clear","catch","e","errorCode","revokeAccessToken","accessToken","getTokens","accessTokenKey","getStorageKeyByType","remove","resolve","revokeRefreshToken","refreshToken","refreshTokenKey","getSignOutRedirectUrl","idToken","postLogoutRedirectUri","state","getTokensSync","logoutUrl","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","currentUri","href","reload","assign","clearTokensBeforeRedirect","addPendingRemoveFlags","webfinger","isAuthenticated","autoRenew","autoRemove","getOptions","shouldRenew","onExpiredToken","shouldRemove","hasExpired","undefined","getUser","getIdToken","getAccessToken","getRefreshToken","storeTokensFromRedirect","tokens","setTokens","sessionStorage","browserStorage","getSessionStorage","setItem","REFERRER_PATH_STORAGE_KEY","sharedStorage","getOriginalUriStorage","getOriginalUri","getItem","removeOriginalUri","removeItem","handleLoginRedirect","oAuthResponse","restoreOriginalUri","replace","isPKCE","hasResponseType","responseType","Array","isArray","length","isAuthorizationCodeFlow","getIssuerOrigin","issuer","split","forgotPassword","verifyRecoveryToken","invokeApiMethod","crypto","webauthn","constants"],"mappings":";;;;;;;;;;;;;;;;;;AAeA;;AA0CA;;AASA;;AACA;;AAOA;;AAmBA;;AAEA;;AACA;;AACA;;AACA;;AAKA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAkBA;;AACA;;AACA;;AAWA;;AACA;;;;;;AAhJA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AA+HA;AACA;AACA;AAIA,MAAMA,QAAN,CAAmE;AAsBjEC,EAAAA,WAAW,CAACC,IAAD,EAAwB;AAAA,oDAXXC,QAWW;AACjC,UAAMC,OAAO,GAAG,KAAKA,OAAL,GAAe,2BAAaF,IAAb,CAA/B,CADiC,CAEjC;;AACA,SAAKG,cAAL,GAAsB,IAAIC,8BAAJ,CAAmBF,OAAO,CAACC,cAA3B,EAA4CD,OAAO,CAACG,OAApD,EAA8DH,OAAO,CAACI,WAAtE,CAAtB;AACA,SAAKC,kBAAL,GAA0B,IAAIC,2BAAJ,CAAuB,qBAAc;AAC7DL,MAAAA,cAAc,EAAE,KAAKA;AADwC,KAAd,EAE9CD,OAAO,CAACK,kBAFsC,CAAvB,CAA1B;AAGA,SAAKE,cAAL,GAAsB,IAAIC,4BAAJ,EAAtB;AAEA,SAAKC,EAAL,GAAU;AACRC,MAAAA,MAAM,EAAEC,sBAAkBC,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CADA;AAERC,MAAAA,MAAM,EAAEC,sBAAkBF,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAFA;AAGRG,MAAAA,MAAM,EAAE,qBAAcC,sBAAkBJ,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAAd,EAAkD;AACxDK,QAAAA,IAAI,EAAGC,IAAD,IAAU;AACd;AACA,gBAAMC,OAAO,GAAGnB,OAAO,CAACI,WAAR,CAAqBe,OAArC;AACA,iBAAOA,OAAO,CAACC,GAAR,CAAYF,IAAZ,CAAP;AACD;AALuD,OAAlD,CAHA;AAURG,MAAAA,UAAU,EAAEC,oBAAgBV,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAVJ;AAWRW,MAAAA,iBAAiB,EAAGC,GAAD,IAA4B;AAC7C,eAAO,IAAIC,mBAAJ,CAAoB,IAApB,EAA0BD,GAA1B,CAAP;AACD,OAbO;AAcRE,MAAAA,iBAAiB,EAAE,CAACC,GAAD,EAAc7B,IAAd,EAAkCE,OAAlC,KAA+D;AAChF,eAAO,2BAAkB,IAAlB,EAAwB2B,GAAxB,EAA6B7B,IAA7B,EAAmCE,OAAnC,CAAP;AACD;AAhBO,KAAV;AAmBA,SAAK4B,IAAL,GAAY;AACVC,MAAAA,6BAA6B,EAAEC,cAAKD,6BAD1B;AAEVE,MAAAA,gBAAgB,EAAED,cAAKC,gBAFb;AAGVC,MAAAA,gBAAgB,EAAEF,cAAKE;AAHb,KAAZ,CA5BiC,CAkCjC;;AACA,yBAAc,KAAKhC,OAAL,CAAaI,WAA3B,EAAwC;AACtC6B,MAAAA,cAAc,EAAE,KAAKhC,cAAL,CAAoBiC,oBAApB,CAAyCtB,IAAzC,CAA8C,KAAKX,cAAnD,CADsB;AAEtCkC,MAAAA,YAAY,EAAE,KAAKlC,cAAL,CAAoBkC,YAApB,CAAiCvB,IAAjC,CAAsC,KAAKX,cAA3C;AAFwB,KAAxC;AAKA,SAAKmC,QAAL,GAAgB;AAAEC,MAAAA,WAAW,EAAE;AAAf,KAAhB;;AAEA,QAAI,yBAAJ,EAAiB;AACf,WAAKrC,OAAL,GAAe,qBAAc,KAAKA,OAAnB,EAA4B;AACzCsC,QAAAA,WAAW,EAAE,yBAAcxC,IAAI,CAACwC,WAAnB,EAAgCC,MAAM,CAACC,QAAP,CAAgBC,MAAhD,CAD4B,CAC6B;;AAD7B,OAA5B,CAAf;AAGD,KA9CgC,CAgDjC;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,QAAI,CAAC3C,IAAI,CAAC4C,YAAN,IAAsB5C,IAAI,CAAC4C,YAAL,KAAsB,CAAhD,EAAmD;AACjD,WAAK1C,OAAL,CAAa0C,YAAb,GAA4BC,gCAA5B;AACD,KAFD,MAEO;AACL,WAAK3C,OAAL,CAAa0C,YAAb,GAA4B5C,IAAI,CAAC4C,YAAjC;AACD,KA3DgC,CA6DjC;AACA;AACA;;;AACA,SAAK1C,OAAL,CAAa4C,cAAb,GAA8B,CAAC,CAAC9C,IAAI,CAAC8C,cAArC;AAEA,SAAKC,OAAL,GAAe;AACbC,MAAAA,KAAK,EAAEC,sBAAanC,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CADM;AAEbG,MAAAA,MAAM,EAAEiC,uBAAcpC,IAAd,CAAmB,IAAnB,EAAyB,IAAzB,CAFK;AAGbQ,MAAAA,GAAG,EAAE6B,oBAAWrC,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAHQ;AAIbsC,MAAAA,OAAO,EAAEC,wBAAevC,IAAf,CAAoB,IAApB,EAA0B,IAA1B,CAJI;AAKbwC,MAAAA,oBAAoB,EAAEA,8BAAqBxC,IAArB,CAA0B,IAA1B,EAAgC,IAAhC;AALT,KAAf;AAQA,SAAKyC,WAAL,GAAmB,IAAIC,qBAAJ,EAAnB;;AACA,UAAMC,QAAQ,GAAIC,MAAD,IAAY;AAC3B,aAAOF,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4B9C,IAA5B,CAAiC,KAAKyC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAP;AACD,KAFD,CA3EiC,CA+EjC;;;AACA,UAAMG,iBAAiB,GAAGJ,QAAQ,CAACK,sBAAgBhD,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAAD,CAAlC;AACA,UAAMiD,kBAAsC,GAAG,qBAAcF,iBAAd,EAAiC;AAC9E;AACAG,MAAAA,YAAY,EAAE,UAASnC,GAAT,EAAc;AAC1BY,QAAAA,MAAM,CAACC,QAAP,GAAkBb,GAAlB;AACD;AAJ6E,KAAjC,CAA/C,CAjFiC,CAuFjC;;AACA,UAAMoC,cAAc,GAAGR,QAAQ,CAACS,mBAAapD,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAAD,CAA/B;AACA,UAAMqD,eAAsC,GAAG,qBAAcF,cAAd,EAA8B;AAC3E;AACAG,MAAAA,WAAW,EAAE,YAAW;AACtB,eAAO3B,MAAM,CAAC4B,OAAd;AACD,OAJ0E;AAM3E;AACAC,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO7B,MAAM,CAACC,QAAd;AACD,OAT0E;AAW3E;AACA6B,MAAAA,YAAY,EAAE,YAAW;AACvB,eAAO9B,MAAM,CAAC+B,QAAd;AACD;AAd0E,KAA9B,CAA/C;AAgBA,SAAKC,KAAL,GAAa;AACXC,MAAAA,kBAAkB,EAAEA,yBAAmB5D,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CADT;AAEX6D,MAAAA,qBAAqB,EAAEA,4BAAsB7D,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAFZ;AAGX8D,MAAAA,gBAAgB,EAAEA,uBAAiB9D,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAHP;AAIX+D,MAAAA,YAAY,EAAEA,mBAAa/D,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAJH;AAKXgD,MAAAA,eAAe,EAAEC,kBALN;AAMXG,MAAAA,YAAY,EAAEC,eANH;AAOXW,MAAAA,MAAM,EAAEC,iBAPG;AAQXC,MAAAA,MAAM,EAAEC,kBAAYnE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CARG;AASXoE,MAAAA,KAAK,EAAEC,iBAAWrE,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CATI;AAUXsE,MAAAA,sBAAsB,EAAEA,6BAAuBtE,IAAvB,CAA4B,IAA5B,EAAkC,IAAlC,CAVb;AAWXuE,MAAAA,WAAW,EAAEA,kBAAYvE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAXF;AAYXwE,MAAAA,WAAW,EAAE,CACXC,iBADW,EAEXC,aAFW,KAGgB;AAC3B,eAAO,uBAAY,IAAZ,EAAkBD,iBAAlB,EAAqCC,aAArC,CAAP;AACD,OAjBU;AAkBXC,MAAAA,MAAM,EAAEC,kBAAY5E,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAlBG;AAmBX6E,MAAAA,eAAe,EAAEA,sBAAgB7E,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;AAnBN,KAAb,CAzGiC,CA8HjC;AACA;;AACA,UAAM8E,MAAM,GAAG,CACb,kBADa,EAEb,cAFa,EAGb,QAHa,EAIb,OAJa,EAKb,wBALa,EAMb,aANa,CAAf;AAQAA,IAAAA,MAAM,CAACC,OAAP,CAAeC,GAAG,IAAI;AACpB,WAAKrB,KAAL,CAAWqB,GAAX,IAAkBrC,QAAQ,CAAC,KAAKgB,KAAL,CAAWqB,GAAX,CAAD,CAA1B;AACD,KAFD,EAxIiC,CA4IjC;;AACA,UAAMC,qBAAqB,GAAGC,sBAAiBlF,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAA9B;;AACA,SAAKmF,GAAL,GAAW;AACTC,MAAAA,QAAQ,EAAEA,cAASpF,IAAT,CAAc,IAAd,EAAoB,IAApB,CADD;AAETS,MAAAA,UAAU,EAAEA,gBAAWT,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAFH;AAGTqF,MAAAA,eAAe,EAAEC,uBAAatF,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAHR;AAKTuF,MAAAA,YAAY,EAAEA,kBAAavF,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CALL;AAMTwF,MAAAA,QAAQ,EAAEA,cAASxF,IAAT,CAAc,IAAd,EAAoB,IAApB,CAND;AAOTyF,MAAAA,KAAK,EAAER,qBAPE;AAQTC,MAAAA,gBAAgB,EAAED,qBART;AAQgC;AACzCS,MAAAA,IAAI,EAAEA,UAAK1F,IAAL,CAAU,IAAV,EAAgB,IAAhB,CATG;AAUT2F,MAAAA,OAAO,EAAEA,aAAQ3F,IAAR,CAAa,IAAb,EAAmB,IAAnB,CAVA;AAWT4F,MAAAA,MAAM,EAAEA,YAAO5F,IAAP,CAAY,IAAZ,EAAkB,IAAlB,CAXC;AAYT6F,MAAAA,eAAe,EAAEA,qBAAgB7F,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAZR;AAcT;AACA8F,MAAAA,6BAA6B,EAAEA,mCAA8B9F,IAA9B,CAAmC,IAAnC,EAAyC,IAAzC,CAftB;AAiBT;AACA+F,MAAAA,qBAAqB,EAAEA,4BAAsB/F,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAlBd;AAmBTgG,MAAAA,0BAA0B,EAA1BA,gCAnBS;AAqBT;AACAC,MAAAA,yBAAyB,EAAEA,+BAA0BjG,IAA1B,CAA+B,IAA/B,EAAqC,IAArC,CAtBlB;AAuBTkG,MAAAA,qBAAqB,EAArBA,0BAvBS;AAwBTC,MAAAA,wBAAwB,EAAxBA,6BAxBS;AAyBTC,MAAAA,0BAA0B,EAA1BA,+BAzBS;AA2BTC,MAAAA,uBAAuB,EAAEA,yCAAwBrG,IAAxB,CAA6B,IAA7B,EAAmC,IAAnC,CA3BhB;AA4BTsG,MAAAA,qBAAqB,EAAEA,uCAAsBtG,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CA5Bd;AA6BTuG,MAAAA,kBAAkB,EAAEA,oCAAmBvG,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CA7BX;AA8BTwG,MAAAA,mBAAmB,EAAEA,qCAAoBxG,IAApB,CAAyB,IAAzB,EAA+B,IAA/B,CA9BZ;AA+BTyG,MAAAA,oBAAoB,EAAEA,sCAAqBzG,IAArB,CAA0B,IAA1B,EAAgC,IAAhC,CA/Bb;AAgCT0G,MAAAA,sBAAsB,EAAtBA,uCAhCS;AAiCTC,MAAAA,OAAO,EAAGC,IAAD,IAA0B;AACjC,aAAKxH,OAAL,CAAawH,IAAb,GAAoBA,IAApB;AACD,OAnCQ;AAoCTC,MAAAA,OAAO,EAAE,MAAkC;AACzC,eAAO,KAAKzH,OAAL,CAAawH,IAApB;AACD,OAtCQ;AAuCTE,MAAAA,UAAU,EAAEA,gBAAW9G,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAvCH;AAwCT+G,MAAAA,aAAa,EAAEA,mBAAc/G,IAAd,CAAmB,IAAnB,EAAyB,IAAzB;AAxCN,KAAX,CA9IiC,CAyLjC;;AACA,SAAKgH,IAAL,GAAY;AACVC,MAAAA,gBAAgB,EAAEA,uBAAiBjH,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;AADR,KAAZ,CA1LiC,CA8LjC;;AACA,SAAKkH,WAAL,GAAmBA,qBAAYlH,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAAnB;AAEA,SAAKmH,OAAL,GAAe,IAAIC,oBAAJ,EAAf,CAjMiC,CAmMjC;;AACA,SAAKC,YAAL,GAAoB,IAAIC,0BAAJ,CAAiB,IAAjB,EAAuBpI,IAAI,CAACmI,YAA5B,CAApB,CApMiC,CAsMjC;;AACA,SAAKE,gBAAL,GAAwB,IAAIC,kCAAJ,CAAqB,IAArB,CAAxB,CAvMiC,CAyMjC;;AACA,SAAKC,cAAL,GAAsB,IAAIC,8BAAJ,CAAmB,IAAnB,EAAyBxI,IAAI,CAACyI,QAA9B,CAAtB;AACD;;AAEU,QAALlC,KAAK,GAAG;AACZ;AACA,SAAK4B,YAAL,CAAkB5B,KAAlB;;AACA,QAAI,CAAC,KAAK9B,KAAL,CAAWkB,eAAX,EAAL,EAAmC;AACjC,WAAK0C,gBAAL,CAAsBK,eAAtB;AACD;;AACD,UAAM,KAAKH,cAAL,CAAoBhC,KAApB,EAAN;AACD;;AAES,QAAJoC,IAAI,GAAG;AACX;AACA,SAAKR,YAAL,CAAkBQ,IAAlB;AACA,UAAM,KAAKJ,cAAL,CAAoBI,IAApB,EAAN;AACD;;AAEDC,EAAAA,UAAU,CAACC,OAAD,EAAU;AAClB,SAAK3I,OAAL,CAAa2I,OAAb,GAAuB,qBAAc,EAAd,EAAkB,KAAK3I,OAAL,CAAa2I,OAA/B,EAAwCA,OAAxC,CAAvB;AACD,GApPgE,CAuPjE;;;AACY,QAANC,MAAM,CAACC,IAAD,EAAgD;AAC1D,WAAO,KAAKC,qBAAL,CAA2BD,IAA3B,CAAP;AACD,GA1PgE,CA4PjE;;;AAC2B,QAArBC,qBAAqB,CAACD,IAAD,EAA+D;AACxFA,IAAAA,IAAI,GAAG,iBAAMA,IAAI,IAAI,EAAd,CAAP;;AACA,UAAME,kBAAkB,GAAI/I,OAAD,IAAc;AACvC,aAAO6I,IAAI,CAACG,eAAZ;AACA,aAAO,2BAAkB,IAAlB,EAAwB,eAAxB,EAAyCH,IAAzC,EAA+C7I,OAA/C,CAAP;AACD,KAHD;;AAIA,QAAI,CAAC6I,IAAI,CAACG,eAAV,EAA2B;AACzB,aAAOD,kBAAkB,EAAzB;AACD;;AACD,WAAO,KAAKjB,WAAL,GACNmB,IADM,CACD,UAASnB,WAAT,EAAsB;AAC1B,aAAOiB,kBAAkB,CAAC;AACxBJ,QAAAA,OAAO,EAAE;AACP,kCAAwBb;AADjB;AADe,OAAD,CAAzB;AAKD,KAPM,CAAP;AAQD;;AAEuB,QAAlBoB,kBAAkB,CAACL,IAA+B,GAAG,EAAnC,EAAuC;AAC7D,UAAM;AAAEM,MAAAA,WAAF;AAAe,SAAGC;AAAlB,QAAuCP,IAA7C;;AACA,QAAG,KAAKzG,QAAL,CAAcC,WAAjB,EAA8B;AAC5B;AACA;AACD;;AAED,SAAKD,QAAL,CAAcC,WAAd,GAA4B,IAA5B;;AACA,QAAI;AACF;AACA,UAAI8G,WAAJ,EAAiB;AACf,aAAKE,cAAL,CAAoBF,WAApB;AACD;;AACD,YAAMG,MAAM,GAAG,qBAAc;AAC3B;AACAC,QAAAA,MAAM,EAAE,KAAKvJ,OAAL,CAAauJ,MAAb,IAAuB,CAAC,QAAD,EAAW,OAAX,EAAoB,SAApB;AAFJ,OAAd,EAGZH,gBAHY,CAAf;AAIA,YAAM,KAAK7E,KAAL,CAAWX,eAAX,CAA2B0F,MAA3B,CAAN;AACD,KAVD,SAUU;AACR,WAAKlH,QAAL,CAAcC,WAAd,GAA4B,KAA5B;AACD;AACF,GArSgE,CAuSjE;;;AACAU,EAAAA,YAAY,GAAqB;AAC/B,WAAO,KAAKF,OAAL,CAAaC,KAAb,GAAqB;AAArB,KACNmG,IADM,CACD,YAAY;AAChB;AACA,WAAKhB,YAAL,CAAkBuB,KAAlB;AACD,KAJM,EAKNC,KALM,CAKA,UAASC,CAAT,EAAY;AACjB,UAAIA,CAAC,CAACxI,IAAF,KAAW,cAAX,IAA6BwI,CAAC,CAACC,SAAF,KAAgB,UAAjD,EAA6D;AAC3D;AACA,eAAO,IAAP;AACD;;AACD,YAAMD,CAAN;AACD,KAXM,CAAP;AAYD,GArTgE,CAuTjE;;;AACuB,QAAjBE,iBAAiB,CAACC,WAAD,EAA8C;AACnE,QAAI,CAACA,WAAL,EAAkB;AAChBA,MAAAA,WAAW,GAAG,CAAC,MAAM,KAAK5B,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCD,WAApD;AACA,YAAME,cAAc,GAAG,KAAK9B,YAAL,CAAkB+B,mBAAlB,CAAsC,aAAtC,CAAvB;AACA,WAAK/B,YAAL,CAAkBgC,MAAlB,CAAyBF,cAAzB;AACD,KALkE,CAMnE;;;AACA,QAAI,CAACF,WAAL,EAAkB;AAChB,aAAO,iBAAQK,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAK3F,KAAL,CAAWO,MAAX,CAAkB+E,WAAlB,CAAP;AACD,GAnUgE,CAqUjE;;;AACwB,QAAlBM,kBAAkB,CAACC,YAAD,EAAgD;AACtE,QAAI,CAACA,YAAL,EAAmB;AACjBA,MAAAA,YAAY,GAAG,CAAC,MAAM,KAAKnC,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCM,YAArD;AACA,YAAMC,eAAe,GAAG,KAAKpC,YAAL,CAAkB+B,mBAAlB,CAAsC,cAAtC,CAAxB;AACA,WAAK/B,YAAL,CAAkBgC,MAAlB,CAAyBI,eAAzB;AACD,KALqE,CAMtE;;;AACA,QAAI,CAACD,YAAL,EAAmB;AACjB,aAAO,iBAAQF,OAAR,CAAgB,IAAhB,CAAP;AACD;;AACD,WAAO,KAAK3F,KAAL,CAAWO,MAAX,CAAkBsF,YAAlB,CAAP;AACD;;AAEDE,EAAAA,qBAAqB,CAACtK,OAAkC,GAAG,EAAtC,EAA0C;AAC7D,QAAI;AACFuK,MAAAA,OADE;AAEFC,MAAAA,qBAFE;AAGFC,MAAAA;AAHE,QAIAzK,OAJJ;;AAKA,QAAI,CAACuK,OAAL,EAAc;AACZA,MAAAA,OAAO,GAAG,KAAKtC,YAAL,CAAkByC,aAAlB,GAAkCH,OAA5C;AACD;;AACD,QAAI,CAACA,OAAL,EAAc;AACZ,aAAO,EAAP;AACD;;AACD,QAAI,CAACC,qBAAL,EAA4B;AAC1BA,MAAAA,qBAAqB,GAAG,KAAKxK,OAAL,CAAawK,qBAArC;AACD;;AAED,UAAMG,SAAS,GAAG,wBAAa,IAAb,EAAmBA,SAArC;AACA,UAAMC,WAAW,GAAGL,OAAO,CAACA,OAA5B,CAjB6D,CAiBxB;;AACrC,QAAIM,SAAS,GAAGF,SAAS,GAAG,iBAAZ,GAAgCG,kBAAkB,CAACF,WAAD,CAAlE;;AACA,QAAIJ,qBAAJ,EAA2B;AACzBK,MAAAA,SAAS,IAAI,+BAA+BC,kBAAkB,CAACN,qBAAD,CAA9D;AACD,KArB4D,CAsB7D;;;AACA,QAAIC,KAAJ,EAAW;AACTI,MAAAA,SAAS,IAAI,YAAYC,kBAAkB,CAACL,KAAD,CAA3C;AACD;;AAED,WAAOI,SAAP;AACD,GA/WgE,CAiXjE;;;AACa,QAAPE,OAAO,CAAC/K,OAAD,EAA2B;AACtCA,IAAAA,OAAO,GAAG,qBAAc,EAAd,EAAkBA,OAAlB,CAAV,CADsC,CAGtC;;AACA,QAAIgL,UAAU,GAAGzI,MAAM,CAACC,QAAP,CAAgBC,MAAjC;AACA,QAAIwI,UAAU,GAAG1I,MAAM,CAACC,QAAP,CAAgB0I,IAAjC;AACA,QAAIV,qBAAqB,GAAGxK,OAAO,CAACwK,qBAAR,IACvB,KAAKxK,OAAL,CAAawK,qBADU,IAEvBQ,UAFL;AAIA,QAAInB,WAAW,GAAG7J,OAAO,CAAC6J,WAA1B;AACA,QAAIO,YAAY,GAAGpK,OAAO,CAACoK,YAA3B;AACA,QAAIR,iBAAiB,GAAG5J,OAAO,CAAC4J,iBAAR,KAA8B,KAAtD;AACA,QAAIO,kBAAkB,GAAGnK,OAAO,CAACmK,kBAAR,KAA+B,KAAxD;;AAEA,QAAIA,kBAAkB,IAAI,OAAOC,YAAP,KAAwB,WAAlD,EAA+D;AAC7DA,MAAAA,YAAY,GAAG,KAAKnC,YAAL,CAAkByC,aAAlB,GAAkCN,YAAjD;AACD;;AAED,QAAIR,iBAAiB,IAAI,OAAOC,WAAP,KAAuB,WAAhD,EAA6D;AAC3DA,MAAAA,WAAW,GAAG,KAAK5B,YAAL,CAAkByC,aAAlB,GAAkCb,WAAhD;AACD;;AAED,QAAI,CAAC7J,OAAO,CAACuK,OAAb,EAAsB;AACpBvK,MAAAA,OAAO,CAACuK,OAAR,GAAkB,KAAKtC,YAAL,CAAkByC,aAAlB,GAAkCH,OAApD;AACD;;AAED,QAAIJ,kBAAkB,IAAIC,YAA1B,EAAwC;AACtC,YAAM,KAAKD,kBAAL,CAAwBC,YAAxB,CAAN;AACD;;AAED,QAAIR,iBAAiB,IAAIC,WAAzB,EAAsC;AACpC,YAAM,KAAKD,iBAAL,CAAuBC,WAAvB,CAAN;AACD;;AAED,UAAMgB,SAAS,GAAG,KAAKP,qBAAL,CAA2B,EAAE,GAAGtK,OAAL;AAAcwK,MAAAA;AAAd,KAA3B,CAAlB,CAnCsC,CAoCtC;AACA;;AACA,QAAI,CAACK,SAAL,EAAgB;AACd;AACA,aAAO,KAAK9H,YAAL,GAAoB;AAApB,OACNkG,IADM,CACD,YAAW;AACf,YAAIuB,qBAAqB,KAAKS,UAA9B,EAA0C;AACxC1I,UAAAA,MAAM,CAACC,QAAP,CAAgB2I,MAAhB,GADwC,CACd;AAC3B,SAFD,MAEO;AACL5I,UAAAA,MAAM,CAACC,QAAP,CAAgB4I,MAAhB,CAAuBZ,qBAAvB;AACD;AACF,OAPM,CAAP;AAQD,KAVD,MAUO;AACL,UAAIxK,OAAO,CAACqL,yBAAZ,EAAuC;AACrC;AACA,aAAKpD,YAAL,CAAkBuB,KAAlB;AACD,OAHD,MAGO;AACL,aAAKvB,YAAL,CAAkBqD,qBAAlB;AACD,OANI,CAOL;;;AACA/I,MAAAA,MAAM,CAACC,QAAP,CAAgB4I,MAAhB,CAAuBP,SAAvB;AACD;AACF;;AAEDU,EAAAA,SAAS,CAAC1C,IAAD,EAAwB;AAC/B,QAAIlH,GAAG,GAAG,2BAA2B,yBAAckH,IAAd,CAArC;AACA,QAAI7I,OAAO,GAAG;AACZ2I,MAAAA,OAAO,EAAE;AACP,kBAAU;AADH;AADG,KAAd;AAKA,WAAO,eAAI,IAAJ,EAAUhH,GAAV,EAAe3B,OAAf,CAAP;AACD,GAtbgE,CAwbjE;AACA;AACA;AAEA;AACA;;;AACqB,QAAfwL,eAAe,CAACxL,OAA+B,GAAG,EAAnC,EAAyD;AAC5E;AACA,UAAM;AAAEyL,MAAAA,SAAF;AAAaC,MAAAA;AAAb,QAA4B,KAAKzD,YAAL,CAAkB0D,UAAlB,EAAlC;AAEA,UAAMC,WAAW,GAAG5L,OAAO,CAAC6L,cAAR,GAAyB7L,OAAO,CAAC6L,cAAR,KAA2B,OAApD,GAA8DJ,SAAlF;AACA,UAAMK,YAAY,GAAG9L,OAAO,CAAC6L,cAAR,GAAyB7L,OAAO,CAAC6L,cAAR,KAA2B,QAApD,GAA+DH,UAApF;AAEA,QAAI;AAAE7B,MAAAA;AAAF,QAAkB,KAAK5B,YAAL,CAAkByC,aAAlB,EAAtB;;AACA,QAAIb,WAAW,IAAI,KAAK5B,YAAL,CAAkB8D,UAAlB,CAA6BlC,WAA7B,CAAnB,EAA8D;AAC5DA,MAAAA,WAAW,GAAGmC,SAAd;;AACA,UAAIJ,WAAJ,EAAiB;AACf,YAAI;AACF/B,UAAAA,WAAW,GAAG,MAAM,KAAK5B,YAAL,CAAkBjD,KAAlB,CAAwB,aAAxB,CAApB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAI8G,YAAJ,EAAkB;AACvB,aAAK7D,YAAL,CAAkBgC,MAAlB,CAAyB,aAAzB;AACD;AACF;;AAED,QAAI;AAAEM,MAAAA;AAAF,QAAc,KAAKtC,YAAL,CAAkByC,aAAlB,EAAlB;;AACA,QAAIH,OAAO,IAAI,KAAKtC,YAAL,CAAkB8D,UAAlB,CAA6BxB,OAA7B,CAAf,EAAsD;AACpDA,MAAAA,OAAO,GAAGyB,SAAV;;AACA,UAAIJ,WAAJ,EAAiB;AACf,YAAI;AACFrB,UAAAA,OAAO,GAAG,MAAM,KAAKtC,YAAL,CAAkBjD,KAAlB,CAAwB,SAAxB,CAAhB;AACD,SAFD,CAEE,MAAM,CACN;AACD;AACF,OAND,MAMO,IAAI8G,YAAJ,EAAkB;AACvB,aAAK7D,YAAL,CAAkBgC,MAAlB,CAAyB,SAAzB;AACD;AACF;;AAED,WAAO,CAAC,EAAEJ,WAAW,IAAIU,OAAjB,CAAR;AACD;;AAEY,QAAP0B,OAAO,GAA0E;AACrF,UAAM;AAAE1B,MAAAA,OAAF;AAAWV,MAAAA;AAAX,QAA2B,KAAK5B,YAAL,CAAkByC,aAAlB,EAAjC;AACA,WAAO,KAAKnG,KAAL,CAAWa,WAAX,CAAuByE,WAAvB,EAAoCU,OAApC,CAAP;AACD;;AAED2B,EAAAA,UAAU,GAAuB;AAC/B,UAAM;AAAE3B,MAAAA;AAAF,QAAc,KAAKtC,YAAL,CAAkByC,aAAlB,EAApB;AACA,WAAOH,OAAO,GAAGA,OAAO,CAACA,OAAX,GAAqByB,SAAnC;AACD;;AAEDG,EAAAA,cAAc,GAAuB;AACnC,UAAM;AAAEtC,MAAAA;AAAF,QAAkB,KAAK5B,YAAL,CAAkByC,aAAlB,EAAxB;AACA,WAAOb,WAAW,GAAGA,WAAW,CAACA,WAAf,GAA6BmC,SAA/C;AACD;;AAEDI,EAAAA,eAAe,GAAuB;AACpC,UAAM;AAAEhC,MAAAA;AAAF,QAAmB,KAAKnC,YAAL,CAAkByC,aAAlB,EAAzB;AACA,WAAON,YAAY,GAAGA,YAAY,CAACA,YAAhB,GAA+B4B,SAAlD;AACD;AAED;AACF;AACA;;;AAC+B,QAAvBK,uBAAuB,GAAkB;AAC7C,UAAM;AAAEC,MAAAA;AAAF,QAAa,MAAM,KAAK/H,KAAL,CAAWP,YAAX,EAAzB;AACA,SAAKiE,YAAL,CAAkBsE,SAAlB,CAA4BD,MAA5B;AACD;;AAEDjD,EAAAA,cAAc,CAACF,WAAD,EAAsBsB,KAAtB,EAA4C;AACxD;AACA,UAAM+B,cAAc,GAAGC,wBAAeC,iBAAf,EAAvB;;AACAF,IAAAA,cAAc,CAACG,OAAf,CAAuBC,mCAAvB,EAAkDzD,WAAlD,EAHwD,CAKxD;;AACAsB,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKzK,OAAL,CAAayK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAK5M,cAAL,CAAoB6M,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACF,OAAd,CAAsBlC,KAAtB,EAA6BtB,WAA7B;AACD;AACF;;AAED4D,EAAAA,cAAc,CAACtC,KAAD,EAAqC;AACjD;AACAA,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKzK,OAAL,CAAayK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAK5M,cAAL,CAAoB6M,qBAApB,EAAtB;AACA,YAAM3D,WAAW,GAAG0D,aAAa,CAACG,OAAd,CAAsBvC,KAAtB,CAApB;;AACA,UAAItB,WAAJ,EAAiB;AACf,eAAOA,WAAP;AACD;AACF,KATgD,CAWjD;;;AACA,UAAMhI,OAAO,GAAGsL,wBAAeC,iBAAf,EAAhB;;AACA,WAAOvL,OAAO,GAAGA,OAAO,CAAC6L,OAAR,CAAgBJ,mCAAhB,KAA8CZ,SAAjD,GAA6DA,SAA3E;AACD;;AAEDiB,EAAAA,iBAAiB,CAACxC,KAAD,EAAuB;AACtC;AACA,UAAMtJ,OAAO,GAAGsL,wBAAeC,iBAAf,EAAhB;;AACAvL,IAAAA,OAAO,CAAC+L,UAAR,CAAmBN,mCAAnB,EAHsC,CAKtC;;AACAnC,IAAAA,KAAK,GAAGA,KAAK,IAAI,KAAKzK,OAAL,CAAayK,KAA9B;;AACA,QAAIA,KAAJ,EAAW;AACT,YAAMoC,aAAa,GAAG,KAAK5M,cAAL,CAAoB6M,qBAApB,EAAtB;AACAD,MAAAA,aAAa,CAACK,UAAd,IAA4BL,aAAa,CAACK,UAAd,CAAyBzC,KAAzB,CAA5B;AACD;AACF;;AAEDhF,EAAAA,eAAe,GAAY;AACzB,WAAO,2BAAgB,IAAhB,CAAP;AACD;;AAEwB,QAAnB0H,mBAAmB,CAACb,MAAD,EAAkBnD,WAAlB,EAAuD;AAC9E,QAAIsB,KAAK,GAAG,KAAKzK,OAAL,CAAayK,KAAzB,CAD8E,CAG9E;;AACA,QAAI6B,MAAJ,EAAY;AACV,WAAKrE,YAAL,CAAkBsE,SAAlB,CAA4BD,MAA5B;AACAnD,MAAAA,WAAW,GAAGA,WAAW,IAAI,KAAK4D,cAAL,CAAoB,KAAK/M,OAAL,CAAayK,KAAjC,CAA7B;AACD,KAHD,MAGO,IAAI,KAAKhF,eAAL,EAAJ,EAA4B;AACjC,UAAI;AACF;AACA,cAAM2H,aAAa,GAAG,MAAM,6CAA0B,IAA1B,EAAgC,EAAhC,CAA5B;AACA3C,QAAAA,KAAK,GAAG2C,aAAa,CAAC3C,KAAtB;AACAtB,QAAAA,WAAW,GAAGA,WAAW,IAAI,KAAK4D,cAAL,CAAoBtC,KAApB,CAA7B;AACA,cAAM,KAAK4B,uBAAL,EAAN;AACD,OAND,CAME,OAAM3C,CAAN,EAAS;AACT;AACA,cAAM,KAAKvB,gBAAL,CAAsBK,eAAtB,EAAN;AACA,cAAMkB,CAAN;AACD;AACF,KAZM,MAYA;AACL,aADK,CACG;AACT,KArB6E,CAuB9E;;;AACA,UAAM,KAAKvB,gBAAL,CAAsBK,eAAtB,EAAN,CAxB8E,CA0B9E;;AACA,SAAKyE,iBAAL,CAAuBxC,KAAvB,EA3B8E,CA6B9E;;AACA,UAAM;AAAE4C,MAAAA;AAAF,QAAyB,KAAKrN,OAApC;;AACA,QAAIqN,kBAAJ,EAAwB;AACtB,YAAMA,kBAAkB,CAAC,IAAD,EAAOlE,WAAP,CAAxB;AACD,KAFD,MAEO,IAAIA,WAAJ,EAAiB;AACtB5G,MAAAA,MAAM,CAACC,QAAP,CAAgB8K,OAAhB,CAAwBnE,WAAxB;AACD;AACF;;AAEDoE,EAAAA,MAAM,GAAY;AAChB,WAAO,CAAC,CAAC,KAAKvN,OAAL,CAAa4B,IAAtB;AACD;;AAED4L,EAAAA,eAAe,CAACC,YAAD,EAA2C;AACxD,QAAID,eAAe,GAAG,KAAtB;;AACA,QAAIE,KAAK,CAACC,OAAN,CAAc,KAAK3N,OAAL,CAAayN,YAA3B,KAA4C,KAAKzN,OAAL,CAAayN,YAAb,CAA0BG,MAA1E,EAAkF;AAAA;;AAChFJ,MAAAA,eAAe,GAAG,sCAAKxN,OAAL,CAAayN,YAAb,iBAAkCA,YAAlC,KAAmD,CAArE;AACD,KAFD,MAEO;AACLD,MAAAA,eAAe,GAAG,KAAKxN,OAAL,CAAayN,YAAb,KAA8BA,YAAhD;AACD;;AACD,WAAOD,eAAP;AACD;;AAEDK,EAAAA,uBAAuB,GAAY;AACjC,WAAO,KAAKL,eAAL,CAAqB,MAArB,CAAP;AACD,GApmBgE,CAsmBjE;AACA;AACA;AACA;;;AAEAM,EAAAA,eAAe,GAAW;AACxB;AACA;AACA,WAAO,KAAK9N,OAAL,CAAa+N,MAAb,CAAqBC,KAArB,CAA2B,UAA3B,EAAuC,CAAvC,CAAP;AACD,GA/mBgE,CAinBjE;;;AACAC,EAAAA,cAAc,CAACpF,IAAD,EAAiC;AAC7C,WAAO,2BAAkB,IAAlB,EAAwB,iCAAxB,EAA2DA,IAA3D,CAAP;AACD,GApnBgE,CAsnBjE;;;AACAlB,EAAAA,aAAa,CAACkB,IAAD,EAAwD;AACnE,WAAO,2BAAkB,IAAlB,EAAwB,+BAAxB,EAAyDA,IAAzD,CAAP;AACD,GAznBgE,CA2nBjE;;;AACAqF,EAAAA,mBAAmB,CAACrF,IAAD,EAA6D;AAC9E,WAAO,2BAAkB,IAAlB,EAAwB,8BAAxB,EAAwDA,IAAxD,CAAP;AACD,GA9nBgE,CAgoBjE;;;AACqB,QAAfsF,eAAe,CAACnO,OAAD,EAA4C;AAC/D,QAAI,CAACA,OAAO,CAAC6J,WAAb,EAA0B;AACxB,YAAMA,WAAW,GAAG,CAAC,MAAM,KAAK5B,YAAL,CAAkB6B,SAAlB,EAAP,EAAsCD,WAA1D;AACA7J,MAAAA,OAAO,CAAC6J,WAAR,GAAsBA,WAAtB,aAAsBA,WAAtB,uBAAsBA,WAAW,CAAEA,WAAnC;AACD;;AACD,WAAO,uBAAY,IAAZ,EAAkB7J,OAAlB,CAAP;AACD;;AAvoBgE,C,CA0oBnE;;;8BA1oBMJ,Q,cAQ2BG,Q;8BAR3BH,Q,YASuBwO,M;8BATvBxO,Q,cAU2ByO,Q;AAioBjCzO,QAAQ,CAACG,QAAT,GAAoBH,QAAQ,CAAC6D,SAAT,CAAmB1D,QAAnB,GAA8BA,QAAlD,C,CAEA;;AACA,qBAAcH,QAAd,EAAwB;AACtB0O,EAAAA;AADsB,CAAxB;eAIe1O,Q","sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* global window */\n\nimport { \n  DEFAULT_MAX_CLOCK_SKEW, \n  REFERRER_PATH_STORAGE_KEY\n} from './constants';\nimport * as constants from './constants';\nimport {\n  OktaAuthInterface,\n  OktaAuthOptions, \n  AccessToken, \n  IDToken,\n  RefreshToken,\n  TokenAPI, \n  FeaturesAPI, \n  CryptoAPI,\n  WebauthnAPI,\n  SignoutAPI, \n  FingerprintAPI,\n  UserClaims, \n  SigninWithRedirectOptions,\n  SigninWithCredentialsOptions,\n  SignoutOptions,\n  Tokens,\n  ForgotPasswordOptions,\n  VerifyRecoveryTokenOptions,\n  TransactionAPI,\n  SessionAPI,\n  SigninAPI,\n  PkceAPI,\n  SigninOptions,\n  IdxAPI,\n  SignoutRedirectUrlOptions,\n  HttpAPI,\n  FlowIdentifier,\n  GetWithRedirectAPI,\n  ParseFromUrlInterface,\n  GetWithRedirectFunction,\n  RequestOptions,\n  IsAuthenticatedOptions,\n  OAuthResponseType,\n  CustomUserClaims,\n  RequestData,\n} from './types';\nimport {\n  transactionStatus,\n  resumeTransaction,\n  transactionExists,\n  introspectAuthn,\n  postToTransaction,\n  AuthTransaction,\n  TransactionState\n} from './tx';\nimport PKCE from './oidc/util/pkce';\nimport {\n  closeSession,\n  sessionExists,\n  getSession,\n  refreshSession,\n  setCookieAndRedirect\n} from './session';\nimport {\n  getOAuthUrls,\n  getWithoutPrompt,\n  getWithPopup,\n  getWithRedirect,\n  isLoginRedirect,\n  parseFromUrl,\n  decodeToken,\n  revokeToken,\n  renewToken,\n  renewTokens,\n  renewTokensWithRefresh,\n  getUserInfo,\n  verifyToken,\n  prepareTokenParams,\n  exchangeCodeForTokens,\n  isInteractionRequiredError,\n  isInteractionRequired,\n} from './oidc';\nimport { isBrowser } from './features';\nimport * as features from './features';\nimport * as crypto from './crypto';\nimport * as webauthn from './crypto/webauthn';\nimport browserStorage from './browser/browserStorage';\nimport { \n  toQueryString, \n  toAbsoluteUrl,\n  clone,\n} from './util';\nimport { TokenManager } from './TokenManager';\nimport { ServiceManager } from './ServiceManager';\nimport { get, httpRequest, setRequestHeader } from './http';\nimport PromiseQueue from './PromiseQueue';\nimport fingerprint from './browser/fingerprint';\nimport { AuthStateManager } from './AuthStateManager';\nimport { StorageManager } from './StorageManager';\nimport TransactionManager from './TransactionManager';\nimport { buildOptions } from './options';\nimport {\n  interact,\n  introspect,\n  authenticate,\n  cancel,\n  poll,\n  proceed,\n  register,\n  recoverPassword,\n  unlockAccount,\n  startTransaction,\n  handleInteractionCodeRedirect,\n  canProceed,\n  handleEmailVerifyCallback,\n  isEmailVerifyCallback,\n  parseEmailVerifyCallback,\n  isEmailVerifyCallbackError\n} from './idx';\nimport { OktaUserAgent } from './OktaUserAgent';\nimport { parseOAuthResponseFromUrl } from './oidc/parseFromUrl';\nimport {\n  getSavedTransactionMeta,\n  createTransactionMeta,\n  getTransactionMeta,\n  saveTransactionMeta,\n  clearTransactionMeta,\n  isTransactionMetaValid\n} from './idx/transactionMeta';\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport Emitter from 'tiny-emitter';\nimport { makeIdxState } from './idx/idxState';\n\nclass OktaAuth implements OktaAuthInterface, SigninAPI, SignoutAPI {\n  options: OktaAuthOptions;\n  storageManager: StorageManager;\n  transactionManager: TransactionManager;\n  tx: TransactionAPI;\n  idx: IdxAPI;\n  session: SessionAPI;\n  pkce: PkceAPI;\n  static features: FeaturesAPI = features;\n  static crypto: CryptoAPI = crypto;\n  static webauthn: WebauthnAPI = webauthn;\n  features: FeaturesAPI = features;\n  token: TokenAPI;\n  _tokenQueue: PromiseQueue;\n  emitter: any;\n  tokenManager: TokenManager;\n  authStateManager: AuthStateManager;\n  serviceManager: ServiceManager;\n  http: HttpAPI;\n  fingerprint: FingerprintAPI;\n  _oktaUserAgent: OktaUserAgent;\n  _pending: { handleLogin: boolean };\n  constructor(args: OktaAuthOptions) {\n    const options = this.options = buildOptions(args);\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    this.storageManager = new StorageManager(options.storageManager!, options.cookies!, options.storageUtil!);\n    this.transactionManager = new TransactionManager(Object.assign({\n      storageManager: this.storageManager,\n    }, options.transactionManager));\n    this._oktaUserAgent = new OktaUserAgent();\n\n    this.tx = {\n      status: transactionStatus.bind(null, this),\n      resume: resumeTransaction.bind(null, this),\n      exists: Object.assign(transactionExists.bind(null, this), {\n        _get: (name) => {\n          // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n          const storage = options.storageUtil!.storage;\n          return storage.get(name);\n        }\n      }),\n      introspect: introspectAuthn.bind(null, this),\n      createTransaction: (res?: TransactionState) => {\n        return new AuthTransaction(this, res);\n      },\n      postToTransaction: (url: string, args?: RequestData, options?: RequestOptions) => {\n        return postToTransaction(this, url, args, options);\n      }\n    };\n\n    this.pkce = {\n      DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n      generateVerifier: PKCE.generateVerifier,\n      computeChallenge: PKCE.computeChallenge\n    };\n\n    // Add shims for compatibility, these will be removed in next major version. OKTA-362589\n    Object.assign(this.options.storageUtil, {\n      getPKCEStorage: this.storageManager.getLegacyPKCEStorage.bind(this.storageManager),\n      getHttpCache: this.storageManager.getHttpCache.bind(this.storageManager),\n    });\n\n    this._pending = { handleLogin: false };\n\n    if (isBrowser()) {\n      this.options = Object.assign(this.options, {\n        redirectUri: toAbsoluteUrl(args.redirectUri, window.location.origin), // allow relative URIs\n      });\n    }\n\n    // Digital clocks will drift over time, so the server\n    // can misalign with the time reported by the browser.\n    // The maxClockSkew allows relaxing the time-based\n    // validation of tokens (in seconds, not milliseconds).\n    // It currently defaults to 300, because 5 min is the\n    // default maximum tolerance allowed by Kerberos.\n    // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n    if (!args.maxClockSkew && args.maxClockSkew !== 0) {\n      this.options.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n    } else {\n      this.options.maxClockSkew = args.maxClockSkew;\n    }\n\n    // As some end user's devices can have their date \n    // and time incorrectly set, allow for the disabling\n    // of the jwt liftetime validation\n    this.options.ignoreLifetime = !!args.ignoreLifetime;\n\n    this.session = {\n      close: closeSession.bind(null, this),\n      exists: sessionExists.bind(null, this),\n      get: getSession.bind(null, this),\n      refresh: refreshSession.bind(null, this),\n      setCookieAndRedirect: setCookieAndRedirect.bind(null, this)\n    };\n\n    this._tokenQueue = new PromiseQueue();\n    const useQueue = (method) => {\n      return PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n    };\n\n    // eslint-disable-next-line max-len\n    const getWithRedirectFn = useQueue(getWithRedirect.bind(null, this)) as GetWithRedirectFunction;\n    const getWithRedirectApi: GetWithRedirectAPI = Object.assign(getWithRedirectFn, {\n      // This is exposed so we can set window.location in our tests\n      _setLocation: function(url) {\n        window.location = url;\n      }\n    });\n    // eslint-disable-next-line max-len\n    const parseFromUrlFn = useQueue(parseFromUrl.bind(null, this)) as ParseFromUrlInterface;\n    const parseFromUrlApi: ParseFromUrlInterface = Object.assign(parseFromUrlFn, {\n      // This is exposed so we can mock getting window.history in our tests\n      _getHistory: function() {\n        return window.history;\n      },\n\n      // This is exposed so we can mock getting window.location in our tests\n      _getLocation: function() {\n        return window.location;\n      },\n\n      // This is exposed so we can mock getting window.document in our tests\n      _getDocument: function() {\n        return window.document;\n      }\n    });\n    this.token = {\n      prepareTokenParams: prepareTokenParams.bind(null, this),\n      exchangeCodeForTokens: exchangeCodeForTokens.bind(null, this),\n      getWithoutPrompt: getWithoutPrompt.bind(null, this),\n      getWithPopup: getWithPopup.bind(null, this),\n      getWithRedirect: getWithRedirectApi,\n      parseFromUrl: parseFromUrlApi,\n      decode: decodeToken,\n      revoke: revokeToken.bind(null, this),\n      renew: renewToken.bind(null, this),\n      renewTokensWithRefresh: renewTokensWithRefresh.bind(null, this),\n      renewTokens: renewTokens.bind(null, this),\n      getUserInfo: <C extends CustomUserClaims = CustomUserClaims>(\n        accessTokenObject: AccessToken,\n        idTokenObject: IDToken\n      ): Promise<UserClaims<C>> => {\n        return getUserInfo(this, accessTokenObject, idTokenObject);\n      },\n      verify: verifyToken.bind(null, this),\n      isLoginRedirect: isLoginRedirect.bind(null, this)\n    };\n    // Wrap certain async token API methods using PromiseQueue to avoid issues with concurrency\n    // 'getWithRedirect' and 'parseFromUrl' are already wrapped\n    const toWrap = [\n      'getWithoutPrompt',\n      'getWithPopup',\n      'revoke',\n      'renew',\n      'renewTokensWithRefresh',\n      'renewTokens'\n    ];\n    toWrap.forEach(key => {\n      this.token[key] = useQueue(this.token[key]);\n    });\n\n    // IDX\n    const boundStartTransaction = startTransaction.bind(null, this);\n    this.idx = {\n      interact: interact.bind(null, this),\n      introspect: introspect.bind(null, this),\n      makeIdxResponse: makeIdxState.bind(null, this),\n      \n      authenticate: authenticate.bind(null, this),\n      register: register.bind(null, this),\n      start: boundStartTransaction,\n      startTransaction: boundStartTransaction, // Use `start` instead. `startTransaction` will be removed in 7.0\n      poll: poll.bind(null, this),\n      proceed: proceed.bind(null, this),\n      cancel: cancel.bind(null, this),\n      recoverPassword: recoverPassword.bind(null, this),\n\n      // oauth redirect callback\n      handleInteractionCodeRedirect: handleInteractionCodeRedirect.bind(null, this),\n\n      // interaction required callback\n      isInteractionRequired: isInteractionRequired.bind(null, this),\n      isInteractionRequiredError,\n\n      // email verify callback\n      handleEmailVerifyCallback: handleEmailVerifyCallback.bind(null, this),\n      isEmailVerifyCallback,\n      parseEmailVerifyCallback,\n      isEmailVerifyCallbackError,\n      \n      getSavedTransactionMeta: getSavedTransactionMeta.bind(null, this),\n      createTransactionMeta: createTransactionMeta.bind(null, this),\n      getTransactionMeta: getTransactionMeta.bind(null, this),\n      saveTransactionMeta: saveTransactionMeta.bind(null, this),\n      clearTransactionMeta: clearTransactionMeta.bind(null, this),\n      isTransactionMetaValid,\n      setFlow: (flow: FlowIdentifier) => {\n        this.options.flow = flow;\n      },\n      getFlow: (): FlowIdentifier | undefined => {\n        return this.options.flow;\n      },\n      canProceed: canProceed.bind(null, this),\n      unlockAccount: unlockAccount.bind(null, this),\n    };\n\n    // HTTP\n    this.http = {\n      setRequestHeader: setRequestHeader.bind(null, this)\n    };\n\n    // Fingerprint API\n    this.fingerprint = fingerprint.bind(null, this);\n\n    this.emitter = new Emitter();\n\n    // TokenManager\n    this.tokenManager = new TokenManager(this, args.tokenManager);\n\n    // AuthStateManager\n    this.authStateManager = new AuthStateManager(this);\n\n    // ServiceManager\n    this.serviceManager = new ServiceManager(this, args.services);\n  }\n\n  async start() {\n    // TODO: review tokenManager.start\n    this.tokenManager.start();\n    if (!this.token.isLoginRedirect()) {\n      this.authStateManager.updateAuthState();\n    }\n    await this.serviceManager.start();\n  }\n\n  async stop() {\n    // TODO: review tokenManager.stop\n    this.tokenManager.stop();\n    await this.serviceManager.stop();\n  }\n\n  setHeaders(headers) {\n    this.options.headers = Object.assign({}, this.options.headers, headers);\n  }\n\n\n  // Authn  V1\n  async signIn(opts: SigninOptions): Promise<AuthTransaction> {\n    return this.signInWithCredentials(opts as SigninWithCredentialsOptions);\n  }\n\n  // Authn  V1\n  async signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthTransaction> {\n    opts = clone(opts || {});\n    const _postToTransaction = (options?) => {\n      delete opts.sendFingerprint;\n      return postToTransaction(this, '/api/v1/authn', opts, options);\n    };\n    if (!opts.sendFingerprint) {\n      return _postToTransaction();\n    }\n    return this.fingerprint()\n    .then(function(fingerprint) {\n      return _postToTransaction({\n        headers: {\n          'X-Device-Fingerprint': fingerprint\n        }\n      });\n    });\n  }\n\n  async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n    const { originalUri, ...additionalParams } = opts;\n    if(this._pending.handleLogin) { \n      // Don't trigger second round\n      return;\n    }\n\n    this._pending.handleLogin = true;\n    try {\n      // Trigger default signIn redirect flow\n      if (originalUri) {\n        this.setOriginalUri(originalUri);\n      }\n      const params = Object.assign({\n        // TODO: remove this line when default scopes are changed OKTA-343294\n        scopes: this.options.scopes || ['openid', 'email', 'profile']\n      }, additionalParams);\n      await this.token.getWithRedirect(params);\n    } finally {\n      this._pending.handleLogin = false;\n    }\n  }\n\n  // Ends the current Okta SSO session without redirecting to Okta.\n  closeSession(): Promise<unknown> {\n    return this.session.close() // DELETE /api/v1/sessions/me\n    .then(async () => {\n      // Clear all local tokens\n      this.tokenManager.clear();\n    })\n    .catch(function(e) {\n      if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n        // Session does not exist or has already been closed\n        return null;\n      }\n      throw e;\n    });\n  }\n  \n  // Revokes the access token for the application session\n  async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n    if (!accessToken) {\n      accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n      const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n      this.tokenManager.remove(accessTokenKey);\n    }\n    // Access token may have been removed. In this case, we will silently succeed.\n    if (!accessToken) {\n      return Promise.resolve(null);\n    }\n    return this.token.revoke(accessToken);\n  }\n\n  // Revokes the refresh token for the application session\n  async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n    if (!refreshToken) {\n      refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n      const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n      this.tokenManager.remove(refreshTokenKey);\n    }\n    // Refresh token may have been removed. In this case, we will silently succeed.\n    if (!refreshToken) {\n      return Promise.resolve(null);\n    }\n    return this.token.revoke(refreshToken);\n  }\n\n  getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n    let {\n      idToken,\n      postLogoutRedirectUri,\n      state,\n    } = options;\n    if (!idToken) {\n      idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n    }\n    if (!idToken) {\n      return '';\n    }\n    if (!postLogoutRedirectUri) {\n      postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n    }\n\n    const logoutUrl = getOAuthUrls(this).logoutUrl;\n    const idTokenHint = idToken.idToken; // a string\n    let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n    if (postLogoutRedirectUri) {\n      logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n    } \n    // State allows option parameters to be passed to logout redirect uri\n    if (state) {\n      logoutUri += '&state=' + encodeURIComponent(state);\n    }\n\n    return logoutUri;\n  }\n\n  // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n  async signOut(options?: SignoutOptions) {\n    options = Object.assign({}, options);\n  \n    // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n    var defaultUri = window.location.origin;\n    var currentUri = window.location.href;\n    var postLogoutRedirectUri = options.postLogoutRedirectUri\n      || this.options.postLogoutRedirectUri\n      || defaultUri;\n  \n    var accessToken = options.accessToken;\n    var refreshToken = options.refreshToken;\n    var revokeAccessToken = options.revokeAccessToken !== false;\n    var revokeRefreshToken = options.revokeRefreshToken !== false;\n  \n    if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n      refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n    }\n\n    if (revokeAccessToken && typeof accessToken === 'undefined') {\n      accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n    }\n  \n    if (!options.idToken) {\n      options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n    }\n\n    if (revokeRefreshToken && refreshToken) {\n      await this.revokeRefreshToken(refreshToken);\n    }\n\n    if (revokeAccessToken && accessToken) {\n      await this.revokeAccessToken(accessToken);\n    }\n\n    const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n    // No logoutUri? This can happen if the storage was cleared.\n    // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n    if (!logoutUri) {\n      // local tokens are cleared once session is closed\n      return this.closeSession() // can throw if the user cannot be signed out\n      .then(function() {\n        if (postLogoutRedirectUri === currentUri) {\n          window.location.reload(); // force a hard reload if URI is not changing\n        } else {\n          window.location.assign(postLogoutRedirectUri);\n        }\n      });\n    } else {\n      if (options.clearTokensBeforeRedirect) {\n        // Clear all local tokens\n        this.tokenManager.clear();\n      } else {\n        this.tokenManager.addPendingRemoveFlags();\n      }\n      // Flow ends with logout redirect\n      window.location.assign(logoutUri);\n    }\n  }\n\n  webfinger(opts): Promise<object> {\n    var url = '/.well-known/webfinger' + toQueryString(opts);\n    var options = {\n      headers: {\n        'Accept': 'application/jrd+json'\n      }\n    };\n    return get(this, url, options);\n  }\n\n  //\n  // Common Methods from downstream SDKs\n  //\n\n  // Returns true if both accessToken and idToken are not expired\n  // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n  async isAuthenticated(options: IsAuthenticatedOptions = {}): Promise<boolean> {\n    // TODO: remove dependency on tokenManager options in next major version - OKTA-473815\n    const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n    const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;\n    const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;\n\n    let { accessToken } = this.tokenManager.getTokensSync();\n    if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n      accessToken = undefined;\n      if (shouldRenew) {\n        try {\n          accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n        } catch {\n          // Renew errors will emit an \"error\" event \n        }\n      } else if (shouldRemove) {\n        this.tokenManager.remove('accessToken');\n      }\n    }\n\n    let { idToken } = this.tokenManager.getTokensSync();\n    if (idToken && this.tokenManager.hasExpired(idToken)) {\n      idToken = undefined;\n      if (shouldRenew) {\n        try {\n          idToken = await this.tokenManager.renew('idToken') as IDToken;\n        } catch {\n          // Renew errors will emit an \"error\" event \n        }\n      } else if (shouldRemove) {\n        this.tokenManager.remove('idToken');\n      }\n    }\n\n    return !!(accessToken && idToken);\n  }\n\n  async getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>> {\n    const { idToken, accessToken } = this.tokenManager.getTokensSync();\n    return this.token.getUserInfo(accessToken, idToken);\n  }\n\n  getIdToken(): string | undefined {\n    const { idToken } = this.tokenManager.getTokensSync();\n    return idToken ? idToken.idToken : undefined;\n  }\n\n  getAccessToken(): string | undefined {\n    const { accessToken } = this.tokenManager.getTokensSync();\n    return accessToken ? accessToken.accessToken : undefined;\n  }\n\n  getRefreshToken(): string | undefined {\n    const { refreshToken } = this.tokenManager.getTokensSync();\n    return refreshToken ? refreshToken.refreshToken : undefined;\n  }\n\n  /**\n   * Store parsed tokens from redirect url\n   */\n  async storeTokensFromRedirect(): Promise<void> {\n    const { tokens } = await this.token.parseFromUrl();\n    this.tokenManager.setTokens(tokens);\n  }\n\n  setOriginalUri(originalUri: string, state?: string): void {\n    // always store in session storage\n    const sessionStorage = browserStorage.getSessionStorage();\n    sessionStorage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n\n    // to support multi-tab flows, set a state in constructor or pass as param\n    state = state || this.options.state;\n    if (state) {\n      const sharedStorage = this.storageManager.getOriginalUriStorage();\n      sharedStorage.setItem(state, originalUri);\n    }\n  }\n\n  getOriginalUri(state?: string): string | undefined {\n    // Prefer shared storage (if state is available)\n    state = state || this.options.state;\n    if (state) {\n      const sharedStorage = this.storageManager.getOriginalUriStorage();\n      const originalUri = sharedStorage.getItem(state);\n      if (originalUri) {\n        return originalUri;\n      }\n    }\n\n    // Try to load from session storage\n    const storage = browserStorage.getSessionStorage();\n    return storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) || undefined : undefined;\n  }\n\n  removeOriginalUri(state?: string): void {\n    // Remove from sessionStorage\n    const storage = browserStorage.getSessionStorage();\n    storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n\n    // Also remove from shared storage\n    state = state || this.options.state;\n    if (state) {\n      const sharedStorage = this.storageManager.getOriginalUriStorage();\n      sharedStorage.removeItem && sharedStorage.removeItem(state);\n    }\n  }\n\n  isLoginRedirect(): boolean {\n    return isLoginRedirect(this);\n  }\n\n  async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n    let state = this.options.state;\n\n    // Store tokens and update AuthState by the emitted events\n    if (tokens) {\n      this.tokenManager.setTokens(tokens);\n      originalUri = originalUri || this.getOriginalUri(this.options.state);\n    } else if (this.isLoginRedirect()) {\n      try {\n        // For redirect flow, get state from the URL and use it to retrieve the originalUri\n        const oAuthResponse = await parseOAuthResponseFromUrl(this, {});\n        state = oAuthResponse.state;\n        originalUri = originalUri || this.getOriginalUri(state);\n        await this.storeTokensFromRedirect();\n      } catch(e) {\n        // auth state should be updated\n        await this.authStateManager.updateAuthState();\n        throw e;\n      }\n    } else {\n      return; // nothing to do\n    }\n    \n    // ensure auth state has been updated\n    await this.authStateManager.updateAuthState();\n\n    // clear originalUri from storage\n    this.removeOriginalUri(state);\n\n    // Redirect to originalUri\n    const { restoreOriginalUri } = this.options;\n    if (restoreOriginalUri) {\n      await restoreOriginalUri(this, originalUri);\n    } else if (originalUri) {\n      window.location.replace(originalUri);\n    }\n  }\n\n  isPKCE(): boolean {\n    return !!this.options.pkce;\n  }\n\n  hasResponseType(responseType: OAuthResponseType): boolean {\n    let hasResponseType = false;\n    if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n      hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n    } else {\n      hasResponseType = this.options.responseType === responseType;\n    }\n    return hasResponseType;\n  }\n\n  isAuthorizationCodeFlow(): boolean {\n    return this.hasResponseType('code');\n  }\n\n  // { username, password, (relayState), (context) }\n  // signIn(opts: SignInWithCredentialsOptions): Promise<AuthTransaction> {\n  //   return postToTransaction(this, '/api/v1/authn', opts);\n  // }\n\n  getIssuerOrigin(): string {\n    // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    return this.options.issuer!.split('/oauth2/')[0];\n  }\n\n  // { username, (relayState) }\n  forgotPassword(opts): Promise<AuthTransaction> {\n    return postToTransaction(this, '/api/v1/authn/recovery/password', opts);\n  }\n\n  // { username, (relayState) }\n  unlockAccount(opts: ForgotPasswordOptions): Promise<AuthTransaction> {\n    return postToTransaction(this, '/api/v1/authn/recovery/unlock', opts);\n  }\n\n  // { recoveryToken }\n  verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthTransaction> {\n    return postToTransaction(this, '/api/v1/authn/recovery/token', opts);\n  }\n\n  // Escape hatch method to make arbitrary OKTA API call\n  async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n    if (!options.accessToken) {\n      const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n      options.accessToken = accessToken?.accessToken;\n    }\n    return httpRequest(this, options);\n  }\n}\n\n// Hoist feature detection functions to prototype & static type\nOktaAuth.features = OktaAuth.prototype.features = features;\n\n// Also hoist constants for CommonJS users\nObject.assign(OktaAuth, {\n  constants\n});\n\nexport default OktaAuth;"],"file":"OktaAuth.js"}
+{"version":3,"file":"OktaAuth.js","names":["OktaAuth","constructor","args","features","options","storageManager","StorageManager","cookies","storageUtil","transactionManager","TransactionManager","_oktaUserAgent","OktaUserAgent","tx","status","transactionStatus","bind","resume","resumeTransaction","exists","transactionExists","_get","name","storage","get","introspect","introspectAuthn","createTransaction","res","AuthTransaction","postToTransaction","url","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","getPKCEStorage","getLegacyPKCEStorage","getHttpCache","_pending","handleLogin","redirectUri","window","location","origin","maxClockSkew","DEFAULT_MAX_CLOCK_SKEW","ignoreLifetime","session","close","closeSession","sessionExists","getSession","refresh","refreshSession","setCookieAndRedirect","_tokenQueue","PromiseQueue","useQueue","method","prototype","push","getWithRedirectFn","getWithRedirect","getWithRedirectApi","_setLocation","setLocation","parseFromUrlFn","parseFromUrl","parseFromUrlApi","_getHistory","history","_getLocation","_getDocument","document","token","prepareTokenParams","exchangeCodeForTokens","getWithoutPrompt","getWithPopup","decode","decodeToken","revoke","revokeToken","renew","renewToken","renewTokensWithRefresh","renewTokens","getUserInfo","accessTokenObject","idTokenObject","verify","verifyToken","isLoginRedirect","toWrap","forEach","key","boundStartTransaction","startTransaction","idx","interact","makeIdxResponse","makeIdxState","authenticate","register","start","poll","proceed","cancel","recoverPassword","handleInteractionCodeRedirect","isInteractionRequired","isInteractionRequiredError","handleEmailVerifyCallback","isEmailVerifyCallback","parseEmailVerifyCallback","isEmailVerifyCallbackError","getSavedTransactionMeta","createTransactionMeta","getTransactionMeta","saveTransactionMeta","clearTransactionMeta","isTransactionMetaValid","setFlow","flow","getFlow","canProceed","unlockAccount","http","setRequestHeader","fingerprint","emitter","Emitter","tokenManager","TokenManager","authStateManager","AuthStateManager","hasSharedStorage","services","syncStorage","serviceManager","ServiceManager","updateAuthState","stop","setHeaders","headers","signIn","opts","signInWithCredentials","_postToTransaction","sendFingerprint","then","signInWithRedirect","originalUri","additionalParams","setOriginalUri","params","scopes","clear","catch","e","errorCode","revokeAccessToken","accessToken","getTokens","accessTokenKey","getStorageKeyByType","remove","resolve","revokeRefreshToken","refreshToken","refreshTokenKey","getSignOutRedirectUrl","idToken","postLogoutRedirectUri","state","getTokensSync","logoutUrl","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","currentUri","href","reload","assign","clearTokensBeforeRedirect","addPendingRemoveFlags","webfinger","isAuthenticated","autoRenew","autoRemove","getOptions","shouldRenew","onExpiredToken","shouldRemove","hasExpired","undefined","getUser","getIdToken","getAccessToken","getRefreshToken","storeTokensFromRedirect","tokens","setTokens","sessionStorage","browserStorage","getSessionStorage","setItem","REFERRER_PATH_STORAGE_KEY","sharedStorage","getOriginalUriStorage","getOriginalUri","getItem","removeOriginalUri","removeItem","handleLoginRedirect","oAuthResponse","restoreOriginalUri","replace","isPKCE","hasResponseType","responseType","Array","isArray","length","isAuthorizationCodeFlow","getIssuerOrigin","issuer","split","forgotPassword","verifyRecoveryToken","invokeApiMethod","crypto","webauthn","constants"],"sources":["../../lib/OktaAuth.ts"],"sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* global window */\n\nimport { \n  DEFAULT_MAX_CLOCK_SKEW, \n  REFERRER_PATH_STORAGE_KEY\n} from './constants';\nimport * as constants from './constants';\nimport {\n  OktaAuthInterface,\n  OktaAuthOptions, \n  AccessToken, \n  IDToken,\n  RefreshToken,\n  TokenAPI, \n  FeaturesAPI, \n  CryptoAPI,\n  WebauthnAPI,\n  SignoutAPI, \n  FingerprintAPI,\n  UserClaims, \n  SigninWithRedirectOptions,\n  SigninWithCredentialsOptions,\n  SignoutOptions,\n  Tokens,\n  ForgotPasswordOptions,\n  VerifyRecoveryTokenOptions,\n  TransactionAPI,\n  SessionAPI,\n  SigninAPI,\n  PkceAPI,\n  SigninOptions,\n  IdxAPI,\n  SignoutRedirectUrlOptions,\n  HttpAPI,\n  FlowIdentifier,\n  GetWithRedirectAPI,\n  ParseFromUrlInterface,\n  GetWithRedirectFunction,\n  RequestOptions,\n  IsAuthenticatedOptions,\n  OAuthResponseType,\n  CustomUserClaims,\n  RequestData,\n} from './types';\nimport {\n  transactionStatus,\n  resumeTransaction,\n  transactionExists,\n  introspectAuthn,\n  postToTransaction,\n  AuthTransaction,\n  TransactionState\n} from './tx';\nimport PKCE from './oidc/util/pkce';\nimport {\n  closeSession,\n  sessionExists,\n  getSession,\n  refreshSession,\n  setCookieAndRedirect\n} from './session';\nimport {\n  getOAuthUrls,\n  getWithoutPrompt,\n  getWithPopup,\n  getWithRedirect,\n  isLoginRedirect,\n  parseFromUrl,\n  decodeToken,\n  revokeToken,\n  renewToken,\n  renewTokens,\n  renewTokensWithRefresh,\n  getUserInfo,\n  verifyToken,\n  prepareTokenParams,\n  exchangeCodeForTokens,\n  isInteractionRequiredError,\n  isInteractionRequired,\n} from './oidc';\nimport { isBrowser } from './features';\nimport * as features from './features';\nimport * as crypto from './crypto';\nimport * as webauthn from './crypto/webauthn';\nimport browserStorage from './browser/browserStorage';\nimport { \n  toQueryString, \n  toAbsoluteUrl,\n  clone,\n} from './util';\nimport { TokenManager } from './TokenManager';\nimport { ServiceManager } from './ServiceManager';\nimport { get, httpRequest, setRequestHeader } from './http';\nimport PromiseQueue from './PromiseQueue';\nimport fingerprint from './browser/fingerprint';\nimport { AuthStateManager } from './AuthStateManager';\nimport { StorageManager } from './StorageManager';\nimport TransactionManager from './TransactionManager';\nimport { buildOptions } from './options';\nimport {\n  interact,\n  introspect,\n  authenticate,\n  cancel,\n  poll,\n  proceed,\n  register,\n  recoverPassword,\n  unlockAccount,\n  startTransaction,\n  handleInteractionCodeRedirect,\n  canProceed,\n  handleEmailVerifyCallback,\n  isEmailVerifyCallback,\n  parseEmailVerifyCallback,\n  isEmailVerifyCallbackError\n} from './idx';\nimport { OktaUserAgent } from './OktaUserAgent';\nimport { parseOAuthResponseFromUrl } from './oidc/parseFromUrl';\nimport {\n  getSavedTransactionMeta,\n  createTransactionMeta,\n  getTransactionMeta,\n  saveTransactionMeta,\n  clearTransactionMeta,\n  isTransactionMetaValid\n} from './idx/transactionMeta';\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport Emitter from 'tiny-emitter';\nimport { makeIdxState } from './idx/idxState';\n\nclass OktaAuth implements OktaAuthInterface, SigninAPI, SignoutAPI {\n  options: OktaAuthOptions;\n  storageManager: StorageManager;\n  transactionManager: TransactionManager;\n  tx: TransactionAPI;\n  idx: IdxAPI;\n  session: SessionAPI;\n  pkce: PkceAPI;\n  static features: FeaturesAPI = features;\n  static crypto: CryptoAPI = crypto;\n  static webauthn: WebauthnAPI = webauthn;\n  features: FeaturesAPI = features;\n  token: TokenAPI;\n  _tokenQueue: PromiseQueue;\n  emitter: any;\n  tokenManager: TokenManager;\n  authStateManager: AuthStateManager;\n  serviceManager: ServiceManager;\n  http: HttpAPI;\n  fingerprint: FingerprintAPI;\n  _oktaUserAgent: OktaUserAgent;\n  _pending: { handleLogin: boolean };\n  constructor(args: OktaAuthOptions) {\n    const options = this.options = buildOptions(args);\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    this.storageManager = new StorageManager(options.storageManager!, options.cookies!, options.storageUtil!);\n    this.transactionManager = new TransactionManager(Object.assign({\n      storageManager: this.storageManager,\n    }, options.transactionManager));\n    this._oktaUserAgent = new OktaUserAgent();\n\n    this.tx = {\n      status: transactionStatus.bind(null, this),\n      resume: resumeTransaction.bind(null, this),\n      exists: Object.assign(transactionExists.bind(null, this), {\n        _get: (name) => {\n          // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n          const storage = options.storageUtil!.storage;\n          return storage.get(name);\n        }\n      }),\n      introspect: introspectAuthn.bind(null, this),\n      createTransaction: (res?: TransactionState) => {\n        return new AuthTransaction(this, res);\n      },\n      postToTransaction: (url: string, args?: RequestData, options?: RequestOptions) => {\n        return postToTransaction(this, url, args, options);\n      }\n    };\n\n    this.pkce = {\n      DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n      generateVerifier: PKCE.generateVerifier,\n      computeChallenge: PKCE.computeChallenge\n    };\n\n    // Add shims for compatibility, these will be removed in next major version. OKTA-362589\n    Object.assign(this.options.storageUtil || {}, {\n      getPKCEStorage: this.storageManager.getLegacyPKCEStorage.bind(this.storageManager),\n      getHttpCache: this.storageManager.getHttpCache.bind(this.storageManager),\n    });\n\n    this._pending = { handleLogin: false };\n\n    if (isBrowser()) {\n      this.options = Object.assign(this.options, {\n        redirectUri: toAbsoluteUrl(args.redirectUri, window.location.origin), // allow relative URIs\n      });\n    }\n\n    // Digital clocks will drift over time, so the server\n    // can misalign with the time reported by the browser.\n    // The maxClockSkew allows relaxing the time-based\n    // validation of tokens (in seconds, not milliseconds).\n    // It currently defaults to 300, because 5 min is the\n    // default maximum tolerance allowed by Kerberos.\n    // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n    if (!args.maxClockSkew && args.maxClockSkew !== 0) {\n      this.options.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n    } else {\n      this.options.maxClockSkew = args.maxClockSkew;\n    }\n\n    // As some end user's devices can have their date \n    // and time incorrectly set, allow for the disabling\n    // of the jwt liftetime validation\n    this.options.ignoreLifetime = !!args.ignoreLifetime;\n\n    this.session = {\n      close: closeSession.bind(null, this),\n      exists: sessionExists.bind(null, this),\n      get: getSession.bind(null, this),\n      refresh: refreshSession.bind(null, this),\n      setCookieAndRedirect: setCookieAndRedirect.bind(null, this)\n    };\n\n    this._tokenQueue = new PromiseQueue();\n    const useQueue = (method) => {\n      return PromiseQueue.prototype.push.bind(this._tokenQueue, method, null);\n    };\n\n    // eslint-disable-next-line max-len\n    const getWithRedirectFn = useQueue(getWithRedirect.bind(null, this)) as GetWithRedirectFunction;\n    const getWithRedirectApi: GetWithRedirectAPI = Object.assign(getWithRedirectFn, {\n      // This is exposed so we can set window.location in our tests\n      _setLocation: function(url) {\n        if (options.setLocation) {\n          options.setLocation(url);\n        } else {\n          window.location = url;\n        }\n      }\n    });\n    // eslint-disable-next-line max-len\n    const parseFromUrlFn = useQueue(parseFromUrl.bind(null, this)) as ParseFromUrlInterface;\n    const parseFromUrlApi: ParseFromUrlInterface = Object.assign(parseFromUrlFn, {\n      // This is exposed so we can mock getting window.history in our tests\n      _getHistory: function() {\n        return window.history;\n      },\n\n      // This is exposed so we can mock getting window.location in our tests\n      _getLocation: function() {\n        return window.location;\n      },\n\n      // This is exposed so we can mock getting window.document in our tests\n      _getDocument: function() {\n        return window.document;\n      }\n    });\n    this.token = {\n      prepareTokenParams: prepareTokenParams.bind(null, this),\n      exchangeCodeForTokens: exchangeCodeForTokens.bind(null, this),\n      getWithoutPrompt: getWithoutPrompt.bind(null, this),\n      getWithPopup: getWithPopup.bind(null, this),\n      getWithRedirect: getWithRedirectApi,\n      parseFromUrl: parseFromUrlApi,\n      decode: decodeToken,\n      revoke: revokeToken.bind(null, this),\n      renew: renewToken.bind(null, this),\n      renewTokensWithRefresh: renewTokensWithRefresh.bind(null, this),\n      renewTokens: renewTokens.bind(null, this),\n      getUserInfo: <C extends CustomUserClaims = CustomUserClaims>(\n        accessTokenObject: AccessToken,\n        idTokenObject: IDToken\n      ): Promise<UserClaims<C>> => {\n        return getUserInfo(this, accessTokenObject, idTokenObject);\n      },\n      verify: verifyToken.bind(null, this),\n      isLoginRedirect: isLoginRedirect.bind(null, this)\n    };\n    // Wrap certain async token API methods using PromiseQueue to avoid issues with concurrency\n    // 'getWithRedirect' and 'parseFromUrl' are already wrapped\n    const toWrap = [\n      'getWithoutPrompt',\n      'getWithPopup',\n      'revoke',\n      'renew',\n      'renewTokensWithRefresh',\n      'renewTokens'\n    ];\n    toWrap.forEach(key => {\n      this.token[key] = useQueue(this.token[key]);\n    });\n\n    // IDX\n    const boundStartTransaction = startTransaction.bind(null, this);\n    this.idx = {\n      interact: interact.bind(null, this),\n      introspect: introspect.bind(null, this),\n      makeIdxResponse: makeIdxState.bind(null, this),\n      \n      authenticate: authenticate.bind(null, this),\n      register: register.bind(null, this),\n      start: boundStartTransaction,\n      startTransaction: boundStartTransaction, // Use `start` instead. `startTransaction` will be removed in 7.0\n      poll: poll.bind(null, this),\n      proceed: proceed.bind(null, this),\n      cancel: cancel.bind(null, this),\n      recoverPassword: recoverPassword.bind(null, this),\n\n      // oauth redirect callback\n      handleInteractionCodeRedirect: handleInteractionCodeRedirect.bind(null, this),\n\n      // interaction required callback\n      isInteractionRequired: isInteractionRequired.bind(null, this),\n      isInteractionRequiredError,\n\n      // email verify callback\n      handleEmailVerifyCallback: handleEmailVerifyCallback.bind(null, this),\n      isEmailVerifyCallback,\n      parseEmailVerifyCallback,\n      isEmailVerifyCallbackError,\n      \n      getSavedTransactionMeta: getSavedTransactionMeta.bind(null, this),\n      createTransactionMeta: createTransactionMeta.bind(null, this),\n      getTransactionMeta: getTransactionMeta.bind(null, this),\n      saveTransactionMeta: saveTransactionMeta.bind(null, this),\n      clearTransactionMeta: clearTransactionMeta.bind(null, this),\n      isTransactionMetaValid,\n      setFlow: (flow: FlowIdentifier) => {\n        this.options.flow = flow;\n      },\n      getFlow: (): FlowIdentifier | undefined => {\n        return this.options.flow;\n      },\n      canProceed: canProceed.bind(null, this),\n      unlockAccount: unlockAccount.bind(null, this),\n    };\n\n    // HTTP\n    this.http = {\n      setRequestHeader: setRequestHeader.bind(null, this)\n    };\n\n    // Fingerprint API\n    this.fingerprint = fingerprint.bind(null, this);\n\n    this.emitter = new Emitter();\n\n    // TokenManager\n    this.tokenManager = new TokenManager(this, args.tokenManager);\n\n    // AuthStateManager\n    this.authStateManager = new AuthStateManager(this);\n\n    // Enable `syncStorage` only if token storage is shared across tabs (type is `localStorage` or `cookie`)\n    if (!this.tokenManager.hasSharedStorage()) {\n      args.services = { ...args.services, syncStorage: false };\n    }\n\n    // ServiceManager\n    this.serviceManager = new ServiceManager(this, args.services);\n  }\n\n  async start() {\n    await this.serviceManager.start();\n    // TODO: review tokenManager.start\n    this.tokenManager.start();\n    if (!this.token.isLoginRedirect()) {\n      await this.authStateManager.updateAuthState();\n    }\n  }\n\n  async stop() {\n    // TODO: review tokenManager.stop\n    this.tokenManager.stop();\n    await this.serviceManager.stop();\n  }\n\n  setHeaders(headers) {\n    this.options.headers = Object.assign({}, this.options.headers, headers);\n  }\n\n\n  // Authn  V1\n  async signIn(opts: SigninOptions): Promise<AuthTransaction> {\n    return this.signInWithCredentials(opts as SigninWithCredentialsOptions);\n  }\n\n  // Authn  V1\n  async signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthTransaction> {\n    opts = clone(opts || {});\n    const _postToTransaction = (options?) => {\n      delete opts.sendFingerprint;\n      return postToTransaction(this, '/api/v1/authn', opts, options);\n    };\n    if (!opts.sendFingerprint) {\n      return _postToTransaction();\n    }\n    return this.fingerprint()\n    .then(function(fingerprint) {\n      return _postToTransaction({\n        headers: {\n          'X-Device-Fingerprint': fingerprint\n        }\n      });\n    });\n  }\n\n  async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n    const { originalUri, ...additionalParams } = opts;\n    if(this._pending.handleLogin) { \n      // Don't trigger second round\n      return;\n    }\n\n    this._pending.handleLogin = true;\n    try {\n      // Trigger default signIn redirect flow\n      if (originalUri) {\n        this.setOriginalUri(originalUri);\n      }\n      const params = Object.assign({\n        // TODO: remove this line when default scopes are changed OKTA-343294\n        scopes: this.options.scopes || ['openid', 'email', 'profile']\n      }, additionalParams);\n      await this.token.getWithRedirect(params);\n    } finally {\n      this._pending.handleLogin = false;\n    }\n  }\n\n  // Ends the current Okta SSO session without redirecting to Okta.\n  closeSession(): Promise<unknown> {\n    return this.session.close() // DELETE /api/v1/sessions/me\n    .then(async () => {\n      // Clear all local tokens\n      this.tokenManager.clear();\n    })\n    .catch(function(e) {\n      if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n        // Session does not exist or has already been closed\n        return null;\n      }\n      throw e;\n    });\n  }\n  \n  // Revokes the access token for the application session\n  async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n    if (!accessToken) {\n      accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n      const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n      this.tokenManager.remove(accessTokenKey);\n    }\n    // Access token may have been removed. In this case, we will silently succeed.\n    if (!accessToken) {\n      return Promise.resolve(null);\n    }\n    return this.token.revoke(accessToken);\n  }\n\n  // Revokes the refresh token for the application session\n  async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n    if (!refreshToken) {\n      refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n      const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n      this.tokenManager.remove(refreshTokenKey);\n    }\n    // Refresh token may have been removed. In this case, we will silently succeed.\n    if (!refreshToken) {\n      return Promise.resolve(null);\n    }\n    return this.token.revoke(refreshToken);\n  }\n\n  getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n    let {\n      idToken,\n      postLogoutRedirectUri,\n      state,\n    } = options;\n    if (!idToken) {\n      idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n    }\n    if (!idToken) {\n      return '';\n    }\n    if (!postLogoutRedirectUri) {\n      postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n    }\n\n    const logoutUrl = getOAuthUrls(this).logoutUrl;\n    const idTokenHint = idToken.idToken; // a string\n    let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n    if (postLogoutRedirectUri) {\n      logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n    } \n    // State allows option parameters to be passed to logout redirect uri\n    if (state) {\n      logoutUri += '&state=' + encodeURIComponent(state);\n    }\n\n    return logoutUri;\n  }\n\n  // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n  async signOut(options?: SignoutOptions) {\n    options = Object.assign({}, options);\n  \n    // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n    var defaultUri = window.location.origin;\n    var currentUri = window.location.href;\n    var postLogoutRedirectUri = options.postLogoutRedirectUri\n      || this.options.postLogoutRedirectUri\n      || defaultUri;\n  \n    var accessToken = options.accessToken;\n    var refreshToken = options.refreshToken;\n    var revokeAccessToken = options.revokeAccessToken !== false;\n    var revokeRefreshToken = options.revokeRefreshToken !== false;\n  \n    if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n      refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n    }\n\n    if (revokeAccessToken && typeof accessToken === 'undefined') {\n      accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n    }\n  \n    if (!options.idToken) {\n      options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n    }\n\n    if (revokeRefreshToken && refreshToken) {\n      await this.revokeRefreshToken(refreshToken);\n    }\n\n    if (revokeAccessToken && accessToken) {\n      await this.revokeAccessToken(accessToken);\n    }\n\n    const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n    // No logoutUri? This can happen if the storage was cleared.\n    // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n    if (!logoutUri) {\n      // local tokens are cleared once session is closed\n      return this.closeSession() // can throw if the user cannot be signed out\n      .then(function() {\n        if (postLogoutRedirectUri === currentUri) {\n          window.location.reload(); // force a hard reload if URI is not changing\n        } else {\n          window.location.assign(postLogoutRedirectUri);\n        }\n      });\n    } else {\n      if (options.clearTokensBeforeRedirect) {\n        // Clear all local tokens\n        this.tokenManager.clear();\n      } else {\n        this.tokenManager.addPendingRemoveFlags();\n      }\n      // Flow ends with logout redirect\n      window.location.assign(logoutUri);\n    }\n  }\n\n  webfinger(opts): Promise<object> {\n    var url = '/.well-known/webfinger' + toQueryString(opts);\n    var options = {\n      headers: {\n        'Accept': 'application/jrd+json'\n      }\n    };\n    return get(this, url, options);\n  }\n\n  //\n  // Common Methods from downstream SDKs\n  //\n\n  // Returns true if both accessToken and idToken are not expired\n  // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n  async isAuthenticated(options: IsAuthenticatedOptions = {}): Promise<boolean> {\n    // TODO: remove dependency on tokenManager options in next major version - OKTA-473815\n    const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n    const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;\n    const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;\n\n    let { accessToken } = this.tokenManager.getTokensSync();\n    if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n      accessToken = undefined;\n      if (shouldRenew) {\n        try {\n          accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n        } catch {\n          // Renew errors will emit an \"error\" event \n        }\n      } else if (shouldRemove) {\n        this.tokenManager.remove('accessToken');\n      }\n    }\n\n    let { idToken } = this.tokenManager.getTokensSync();\n    if (idToken && this.tokenManager.hasExpired(idToken)) {\n      idToken = undefined;\n      if (shouldRenew) {\n        try {\n          idToken = await this.tokenManager.renew('idToken') as IDToken;\n        } catch {\n          // Renew errors will emit an \"error\" event \n        }\n      } else if (shouldRemove) {\n        this.tokenManager.remove('idToken');\n      }\n    }\n\n    return !!(accessToken && idToken);\n  }\n\n  async getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>> {\n    const { idToken, accessToken } = this.tokenManager.getTokensSync();\n    return this.token.getUserInfo(accessToken, idToken);\n  }\n\n  getIdToken(): string | undefined {\n    const { idToken } = this.tokenManager.getTokensSync();\n    return idToken ? idToken.idToken : undefined;\n  }\n\n  getAccessToken(): string | undefined {\n    const { accessToken } = this.tokenManager.getTokensSync();\n    return accessToken ? accessToken.accessToken : undefined;\n  }\n\n  getRefreshToken(): string | undefined {\n    const { refreshToken } = this.tokenManager.getTokensSync();\n    return refreshToken ? refreshToken.refreshToken : undefined;\n  }\n\n  /**\n   * Store parsed tokens from redirect url\n   */\n  async storeTokensFromRedirect(): Promise<void> {\n    const { tokens } = await this.token.parseFromUrl();\n    this.tokenManager.setTokens(tokens);\n  }\n\n  setOriginalUri(originalUri: string, state?: string): void {\n    // always store in session storage\n    const sessionStorage = browserStorage.getSessionStorage();\n    sessionStorage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n\n    // to support multi-tab flows, set a state in constructor or pass as param\n    state = state || this.options.state;\n    if (state) {\n      const sharedStorage = this.storageManager.getOriginalUriStorage();\n      sharedStorage.setItem(state, originalUri);\n    }\n  }\n\n  getOriginalUri(state?: string): string | undefined {\n    // Prefer shared storage (if state is available)\n    state = state || this.options.state;\n    if (state) {\n      const sharedStorage = this.storageManager.getOriginalUriStorage();\n      const originalUri = sharedStorage.getItem(state);\n      if (originalUri) {\n        return originalUri;\n      }\n    }\n\n    // Try to load from session storage\n    const storage = browserStorage.getSessionStorage();\n    return storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) || undefined : undefined;\n  }\n\n  removeOriginalUri(state?: string): void {\n    // Remove from sessionStorage\n    const storage = browserStorage.getSessionStorage();\n    storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n\n    // Also remove from shared storage\n    state = state || this.options.state;\n    if (state) {\n      const sharedStorage = this.storageManager.getOriginalUriStorage();\n      sharedStorage.removeItem && sharedStorage.removeItem(state);\n    }\n  }\n\n  isLoginRedirect(): boolean {\n    return isLoginRedirect(this);\n  }\n\n  async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n    let state = this.options.state;\n\n    // Store tokens and update AuthState by the emitted events\n    if (tokens) {\n      this.tokenManager.setTokens(tokens);\n      originalUri = originalUri || this.getOriginalUri(this.options.state);\n    } else if (this.isLoginRedirect()) {\n      try {\n        // For redirect flow, get state from the URL and use it to retrieve the originalUri\n        const oAuthResponse = await parseOAuthResponseFromUrl(this, {});\n        state = oAuthResponse.state;\n        originalUri = originalUri || this.getOriginalUri(state);\n        await this.storeTokensFromRedirect();\n      } catch(e) {\n        // auth state should be updated\n        await this.authStateManager.updateAuthState();\n        throw e;\n      }\n    } else {\n      return; // nothing to do\n    }\n    \n    // ensure auth state has been updated\n    await this.authStateManager.updateAuthState();\n\n    // clear originalUri from storage\n    this.removeOriginalUri(state);\n\n    // Redirect to originalUri\n    const { restoreOriginalUri } = this.options;\n    if (restoreOriginalUri) {\n      await restoreOriginalUri(this, originalUri);\n    } else if (originalUri) {\n      window.location.replace(originalUri);\n    }\n  }\n\n  isPKCE(): boolean {\n    return !!this.options.pkce;\n  }\n\n  hasResponseType(responseType: OAuthResponseType): boolean {\n    let hasResponseType = false;\n    if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n      hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n    } else {\n      hasResponseType = this.options.responseType === responseType;\n    }\n    return hasResponseType;\n  }\n\n  isAuthorizationCodeFlow(): boolean {\n    return this.hasResponseType('code');\n  }\n\n  // { username, password, (relayState), (context) }\n  // signIn(opts: SignInWithCredentialsOptions): Promise<AuthTransaction> {\n  //   return postToTransaction(this, '/api/v1/authn', opts);\n  // }\n\n  getIssuerOrigin(): string {\n    // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    return this.options.issuer!.split('/oauth2/')[0];\n  }\n\n  // { username, (relayState) }\n  forgotPassword(opts): Promise<AuthTransaction> {\n    return postToTransaction(this, '/api/v1/authn/recovery/password', opts);\n  }\n\n  // { username, (relayState) }\n  unlockAccount(opts: ForgotPasswordOptions): Promise<AuthTransaction> {\n    return postToTransaction(this, '/api/v1/authn/recovery/unlock', opts);\n  }\n\n  // { recoveryToken }\n  verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthTransaction> {\n    return postToTransaction(this, '/api/v1/authn/recovery/token', opts);\n  }\n\n  // Escape hatch method to make arbitrary OKTA API call\n  async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n    if (!options.accessToken) {\n      const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n      options.accessToken = accessToken?.accessToken;\n    }\n    return httpRequest(this, options);\n  }\n}\n\n// Hoist feature detection functions to prototype & static type\nOktaAuth.features = OktaAuth.prototype.features = features;\n\n// Also hoist constants for CommonJS users\nObject.assign(OktaAuth, {\n  constants\n});\n\nexport default OktaAuth;"],"mappings":";;;;;;;;;;;;;;;;;;AAeA;;AA0CA;;AASA;;AACA;;AAOA;;AAmBA;;AAEA;;AACA;;AACA;;AACA;;AAKA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AAkBA;;AACA;;AACA;;AAWA;;AACA;;;;;;AAhJA;;AACA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;AA+HA;AACA;AACA;AAIA,MAAMA,QAAN,CAAmE;EAsBjEC,WAAW,CAACC,IAAD,EAAwB;IAAA,gDAXXC,QAWW;IACjC,MAAMC,OAAO,GAAG,KAAKA,OAAL,GAAe,2BAAaF,IAAb,CAA/B,CADiC,CAEjC;;IACA,KAAKG,cAAL,GAAsB,IAAIC,8BAAJ,CAAmBF,OAAO,CAACC,cAA3B,EAA4CD,OAAO,CAACG,OAApD,EAA8DH,OAAO,CAACI,WAAtE,CAAtB;IACA,KAAKC,kBAAL,GAA0B,IAAIC,2BAAJ,CAAuB,qBAAc;MAC7DL,cAAc,EAAE,KAAKA;IADwC,CAAd,EAE9CD,OAAO,CAACK,kBAFsC,CAAvB,CAA1B;IAGA,KAAKE,cAAL,GAAsB,IAAIC,4BAAJ,EAAtB;IAEA,KAAKC,EAAL,GAAU;MACRC,MAAM,EAAEC,sBAAkBC,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CADA;MAERC,MAAM,EAAEC,sBAAkBF,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAFA;MAGRG,MAAM,EAAE,qBAAcC,sBAAkBJ,IAAlB,CAAuB,IAAvB,EAA6B,IAA7B,CAAd,EAAkD;QACxDK,IAAI,EAAGC,IAAD,IAAU;UACd;UACA,MAAMC,OAAO,GAAGnB,OAAO,CAACI,WAAR,CAAqBe,OAArC;UACA,OAAOA,OAAO,CAACC,GAAR,CAAYF,IAAZ,CAAP;QACD;MALuD,CAAlD,CAHA;MAURG,UAAU,EAAEC,oBAAgBV,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAVJ;MAWRW,iBAAiB,EAAGC,GAAD,IAA4B;QAC7C,OAAO,IAAIC,mBAAJ,CAAoB,IAApB,EAA0BD,GAA1B,CAAP;MACD,CAbO;MAcRE,iBAAiB,EAAE,CAACC,GAAD,EAAc7B,IAAd,EAAkCE,OAAlC,KAA+D;QAChF,OAAO,2BAAkB,IAAlB,EAAwB2B,GAAxB,EAA6B7B,IAA7B,EAAmCE,OAAnC,CAAP;MACD;IAhBO,CAAV;IAmBA,KAAK4B,IAAL,GAAY;MACVC,6BAA6B,EAAEC,cAAKD,6BAD1B;MAEVE,gBAAgB,EAAED,cAAKC,gBAFb;MAGVC,gBAAgB,EAAEF,cAAKE;IAHb,CAAZ,CA5BiC,CAkCjC;;IACA,qBAAc,KAAKhC,OAAL,CAAaI,WAAb,IAA4B,EAA1C,EAA8C;MAC5C6B,cAAc,EAAE,KAAKhC,cAAL,CAAoBiC,oBAApB,CAAyCtB,IAAzC,CAA8C,KAAKX,cAAnD,CAD4B;MAE5CkC,YAAY,EAAE,KAAKlC,cAAL,CAAoBkC,YAApB,CAAiCvB,IAAjC,CAAsC,KAAKX,cAA3C;IAF8B,CAA9C;IAKA,KAAKmC,QAAL,GAAgB;MAAEC,WAAW,EAAE;IAAf,CAAhB;;IAEA,IAAI,yBAAJ,EAAiB;MACf,KAAKrC,OAAL,GAAe,qBAAc,KAAKA,OAAnB,EAA4B;QACzCsC,WAAW,EAAE,yBAAcxC,IAAI,CAACwC,WAAnB,EAAgCC,MAAM,CAACC,QAAP,CAAgBC,MAAhD,CAD4B,CAC6B;;MAD7B,CAA5B,CAAf;IAGD,CA9CgC,CAgDjC;IACA;IACA;IACA;IACA;IACA;IACA;;;IACA,IAAI,CAAC3C,IAAI,CAAC4C,YAAN,IAAsB5C,IAAI,CAAC4C,YAAL,KAAsB,CAAhD,EAAmD;MACjD,KAAK1C,OAAL,CAAa0C,YAAb,GAA4BC,gCAA5B;IACD,CAFD,MAEO;MACL,KAAK3C,OAAL,CAAa0C,YAAb,GAA4B5C,IAAI,CAAC4C,YAAjC;IACD,CA3DgC,CA6DjC;IACA;IACA;;;IACA,KAAK1C,OAAL,CAAa4C,cAAb,GAA8B,CAAC,CAAC9C,IAAI,CAAC8C,cAArC;IAEA,KAAKC,OAAL,GAAe;MACbC,KAAK,EAAEC,sBAAanC,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CADM;MAEbG,MAAM,EAAEiC,uBAAcpC,IAAd,CAAmB,IAAnB,EAAyB,IAAzB,CAFK;MAGbQ,GAAG,EAAE6B,oBAAWrC,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAHQ;MAIbsC,OAAO,EAAEC,wBAAevC,IAAf,CAAoB,IAApB,EAA0B,IAA1B,CAJI;MAKbwC,oBAAoB,EAAEA,8BAAqBxC,IAArB,CAA0B,IAA1B,EAAgC,IAAhC;IALT,CAAf;IAQA,KAAKyC,WAAL,GAAmB,IAAIC,qBAAJ,EAAnB;;IACA,MAAMC,QAAQ,GAAIC,MAAD,IAAY;MAC3B,OAAOF,sBAAaG,SAAb,CAAuBC,IAAvB,CAA4B9C,IAA5B,CAAiC,KAAKyC,WAAtC,EAAmDG,MAAnD,EAA2D,IAA3D,CAAP;IACD,CAFD,CA3EiC,CA+EjC;;;IACA,MAAMG,iBAAiB,GAAGJ,QAAQ,CAACK,sBAAgBhD,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAAD,CAAlC;IACA,MAAMiD,kBAAsC,GAAG,qBAAcF,iBAAd,EAAiC;MAC9E;MACAG,YAAY,EAAE,UAASnC,GAAT,EAAc;QAC1B,IAAI3B,OAAO,CAAC+D,WAAZ,EAAyB;UACvB/D,OAAO,CAAC+D,WAAR,CAAoBpC,GAApB;QACD,CAFD,MAEO;UACLY,MAAM,CAACC,QAAP,GAAkBb,GAAlB;QACD;MACF;IAR6E,CAAjC,CAA/C,CAjFiC,CA2FjC;;IACA,MAAMqC,cAAc,GAAGT,QAAQ,CAACU,mBAAarD,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAAD,CAA/B;IACA,MAAMsD,eAAsC,GAAG,qBAAcF,cAAd,EAA8B;MAC3E;MACAG,WAAW,EAAE,YAAW;QACtB,OAAO5B,MAAM,CAAC6B,OAAd;MACD,CAJ0E;MAM3E;MACAC,YAAY,EAAE,YAAW;QACvB,OAAO9B,MAAM,CAACC,QAAd;MACD,CAT0E;MAW3E;MACA8B,YAAY,EAAE,YAAW;QACvB,OAAO/B,MAAM,CAACgC,QAAd;MACD;IAd0E,CAA9B,CAA/C;IAgBA,KAAKC,KAAL,GAAa;MACXC,kBAAkB,EAAEA,yBAAmB7D,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CADT;MAEX8D,qBAAqB,EAAEA,4BAAsB9D,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAFZ;MAGX+D,gBAAgB,EAAEA,uBAAiB/D,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAHP;MAIXgE,YAAY,EAAEA,mBAAahE,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAJH;MAKXgD,eAAe,EAAEC,kBALN;MAMXI,YAAY,EAAEC,eANH;MAOXW,MAAM,EAAEC,iBAPG;MAQXC,MAAM,EAAEC,kBAAYpE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CARG;MASXqE,KAAK,EAAEC,iBAAWtE,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CATI;MAUXuE,sBAAsB,EAAEA,6BAAuBvE,IAAvB,CAA4B,IAA5B,EAAkC,IAAlC,CAVb;MAWXwE,WAAW,EAAEA,kBAAYxE,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAXF;MAYXyE,WAAW,EAAE,CACXC,iBADW,EAEXC,aAFW,KAGgB;QAC3B,OAAO,uBAAY,IAAZ,EAAkBD,iBAAlB,EAAqCC,aAArC,CAAP;MACD,CAjBU;MAkBXC,MAAM,EAAEC,kBAAY7E,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAlBG;MAmBX8E,eAAe,EAAEA,sBAAgB9E,IAAhB,CAAqB,IAArB,EAA2B,IAA3B;IAnBN,CAAb,CA7GiC,CAkIjC;IACA;;IACA,MAAM+E,MAAM,GAAG,CACb,kBADa,EAEb,cAFa,EAGb,QAHa,EAIb,OAJa,EAKb,wBALa,EAMb,aANa,CAAf;IAQAA,MAAM,CAACC,OAAP,CAAeC,GAAG,IAAI;MACpB,KAAKrB,KAAL,CAAWqB,GAAX,IAAkBtC,QAAQ,CAAC,KAAKiB,KAAL,CAAWqB,GAAX,CAAD,CAA1B;IACD,CAFD,EA5IiC,CAgJjC;;IACA,MAAMC,qBAAqB,GAAGC,sBAAiBnF,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B,CAA9B;;IACA,KAAKoF,GAAL,GAAW;MACTC,QAAQ,EAAEA,cAASrF,IAAT,CAAc,IAAd,EAAoB,IAApB,CADD;MAETS,UAAU,EAAEA,gBAAWT,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAFH;MAGTsF,eAAe,EAAEC,uBAAavF,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CAHR;MAKTwF,YAAY,EAAEA,kBAAaxF,IAAb,CAAkB,IAAlB,EAAwB,IAAxB,CALL;MAMTyF,QAAQ,EAAEA,cAASzF,IAAT,CAAc,IAAd,EAAoB,IAApB,CAND;MAOT0F,KAAK,EAAER,qBAPE;MAQTC,gBAAgB,EAAED,qBART;MAQgC;MACzCS,IAAI,EAAEA,UAAK3F,IAAL,CAAU,IAAV,EAAgB,IAAhB,CATG;MAUT4F,OAAO,EAAEA,aAAQ5F,IAAR,CAAa,IAAb,EAAmB,IAAnB,CAVA;MAWT6F,MAAM,EAAEA,YAAO7F,IAAP,CAAY,IAAZ,EAAkB,IAAlB,CAXC;MAYT8F,eAAe,EAAEA,qBAAgB9F,IAAhB,CAAqB,IAArB,EAA2B,IAA3B,CAZR;MAcT;MACA+F,6BAA6B,EAAEA,mCAA8B/F,IAA9B,CAAmC,IAAnC,EAAyC,IAAzC,CAftB;MAiBT;MACAgG,qBAAqB,EAAEA,4BAAsBhG,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CAlBd;MAmBTiG,0BAA0B,EAA1BA,gCAnBS;MAqBT;MACAC,yBAAyB,EAAEA,+BAA0BlG,IAA1B,CAA+B,IAA/B,EAAqC,IAArC,CAtBlB;MAuBTmG,qBAAqB,EAArBA,0BAvBS;MAwBTC,wBAAwB,EAAxBA,6BAxBS;MAyBTC,0BAA0B,EAA1BA,+BAzBS;MA2BTC,uBAAuB,EAAEA,yCAAwBtG,IAAxB,CAA6B,IAA7B,EAAmC,IAAnC,CA3BhB;MA4BTuG,qBAAqB,EAAEA,uCAAsBvG,IAAtB,CAA2B,IAA3B,EAAiC,IAAjC,CA5Bd;MA6BTwG,kBAAkB,EAAEA,oCAAmBxG,IAAnB,CAAwB,IAAxB,EAA8B,IAA9B,CA7BX;MA8BTyG,mBAAmB,EAAEA,qCAAoBzG,IAApB,CAAyB,IAAzB,EAA+B,IAA/B,CA9BZ;MA+BT0G,oBAAoB,EAAEA,sCAAqB1G,IAArB,CAA0B,IAA1B,EAAgC,IAAhC,CA/Bb;MAgCT2G,sBAAsB,EAAtBA,uCAhCS;MAiCTC,OAAO,EAAGC,IAAD,IAA0B;QACjC,KAAKzH,OAAL,CAAayH,IAAb,GAAoBA,IAApB;MACD,CAnCQ;MAoCTC,OAAO,EAAE,MAAkC;QACzC,OAAO,KAAK1H,OAAL,CAAayH,IAApB;MACD,CAtCQ;MAuCTE,UAAU,EAAEA,gBAAW/G,IAAX,CAAgB,IAAhB,EAAsB,IAAtB,CAvCH;MAwCTgH,aAAa,EAAEA,mBAAchH,IAAd,CAAmB,IAAnB,EAAyB,IAAzB;IAxCN,CAAX,CAlJiC,CA6LjC;;IACA,KAAKiH,IAAL,GAAY;MACVC,gBAAgB,EAAEA,uBAAiBlH,IAAjB,CAAsB,IAAtB,EAA4B,IAA5B;IADR,CAAZ,CA9LiC,CAkMjC;;IACA,KAAKmH,WAAL,GAAmBA,qBAAYnH,IAAZ,CAAiB,IAAjB,EAAuB,IAAvB,CAAnB;IAEA,KAAKoH,OAAL,GAAe,IAAIC,oBAAJ,EAAf,CArMiC,CAuMjC;;IACA,KAAKC,YAAL,GAAoB,IAAIC,0BAAJ,CAAiB,IAAjB,EAAuBrI,IAAI,CAACoI,YAA5B,CAApB,CAxMiC,CA0MjC;;IACA,KAAKE,gBAAL,GAAwB,IAAIC,kCAAJ,CAAqB,IAArB,CAAxB,CA3MiC,CA6MjC;;IACA,IAAI,CAAC,KAAKH,YAAL,CAAkBI,gBAAlB,EAAL,EAA2C;MACzCxI,IAAI,CAACyI,QAAL,GAAgB,EAAE,GAAGzI,IAAI,CAACyI,QAAV;QAAoBC,WAAW,EAAE;MAAjC,CAAhB;IACD,CAhNgC,CAkNjC;;;IACA,KAAKC,cAAL,GAAsB,IAAIC,8BAAJ,CAAmB,IAAnB,EAAyB5I,IAAI,CAACyI,QAA9B,CAAtB;EACD;;EAEU,MAALjC,KAAK,GAAG;IACZ,MAAM,KAAKmC,cAAL,CAAoBnC,KAApB,EAAN,CADY,CAEZ;;IACA,KAAK4B,YAAL,CAAkB5B,KAAlB;;IACA,IAAI,CAAC,KAAK9B,KAAL,CAAWkB,eAAX,EAAL,EAAmC;MACjC,MAAM,KAAK0C,gBAAL,CAAsBO,eAAtB,EAAN;IACD;EACF;;EAES,MAAJC,IAAI,GAAG;IACX;IACA,KAAKV,YAAL,CAAkBU,IAAlB;IACA,MAAM,KAAKH,cAAL,CAAoBG,IAApB,EAAN;EACD;;EAEDC,UAAU,CAACC,OAAD,EAAU;IAClB,KAAK9I,OAAL,CAAa8I,OAAb,GAAuB,qBAAc,EAAd,EAAkB,KAAK9I,OAAL,CAAa8I,OAA/B,EAAwCA,OAAxC,CAAvB;EACD,CA7PgE,CAgQjE;;;EACY,MAANC,MAAM,CAACC,IAAD,EAAgD;IAC1D,OAAO,KAAKC,qBAAL,CAA2BD,IAA3B,CAAP;EACD,CAnQgE,CAqQjE;;;EAC2B,MAArBC,qBAAqB,CAACD,IAAD,EAA+D;IACxFA,IAAI,GAAG,iBAAMA,IAAI,IAAI,EAAd,CAAP;;IACA,MAAME,kBAAkB,GAAIlJ,OAAD,IAAc;MACvC,OAAOgJ,IAAI,CAACG,eAAZ;MACA,OAAO,2BAAkB,IAAlB,EAAwB,eAAxB,EAAyCH,IAAzC,EAA+ChJ,OAA/C,CAAP;IACD,CAHD;;IAIA,IAAI,CAACgJ,IAAI,CAACG,eAAV,EAA2B;MACzB,OAAOD,kBAAkB,EAAzB;IACD;;IACD,OAAO,KAAKnB,WAAL,GACNqB,IADM,CACD,UAASrB,WAAT,EAAsB;MAC1B,OAAOmB,kBAAkB,CAAC;QACxBJ,OAAO,EAAE;UACP,wBAAwBf;QADjB;MADe,CAAD,CAAzB;IAKD,CAPM,CAAP;EAQD;;EAEuB,MAAlBsB,kBAAkB,CAACL,IAA+B,GAAG,EAAnC,EAAuC;IAC7D,MAAM;MAAEM,WAAF;MAAe,GAAGC;IAAlB,IAAuCP,IAA7C;;IACA,IAAG,KAAK5G,QAAL,CAAcC,WAAjB,EAA8B;MAC5B;MACA;IACD;;IAED,KAAKD,QAAL,CAAcC,WAAd,GAA4B,IAA5B;;IACA,IAAI;MACF;MACA,IAAIiH,WAAJ,EAAiB;QACf,KAAKE,cAAL,CAAoBF,WAApB;MACD;;MACD,MAAMG,MAAM,GAAG,qBAAc;QAC3B;QACAC,MAAM,EAAE,KAAK1J,OAAL,CAAa0J,MAAb,IAAuB,CAAC,QAAD,EAAW,OAAX,EAAoB,SAApB;MAFJ,CAAd,EAGZH,gBAHY,CAAf;MAIA,MAAM,KAAK/E,KAAL,CAAWZ,eAAX,CAA2B6F,MAA3B,CAAN;IACD,CAVD,SAUU;MACR,KAAKrH,QAAL,CAAcC,WAAd,GAA4B,KAA5B;IACD;EACF,CA9SgE,CAgTjE;;;EACAU,YAAY,GAAqB;IAC/B,OAAO,KAAKF,OAAL,CAAaC,KAAb,GAAqB;IAArB,CACNsG,IADM,CACD,YAAY;MAChB;MACA,KAAKlB,YAAL,CAAkByB,KAAlB;IACD,CAJM,EAKNC,KALM,CAKA,UAASC,CAAT,EAAY;MACjB,IAAIA,CAAC,CAAC3I,IAAF,KAAW,cAAX,IAA6B2I,CAAC,CAACC,SAAF,KAAgB,UAAjD,EAA6D;QAC3D;QACA,OAAO,IAAP;MACD;;MACD,MAAMD,CAAN;IACD,CAXM,CAAP;EAYD,CA9TgE,CAgUjE;;;EACuB,MAAjBE,iBAAiB,CAACC,WAAD,EAA8C;IACnE,IAAI,CAACA,WAAL,EAAkB;MAChBA,WAAW,GAAG,CAAC,MAAM,KAAK9B,YAAL,CAAkB+B,SAAlB,EAAP,EAAsCD,WAApD;MACA,MAAME,cAAc,GAAG,KAAKhC,YAAL,CAAkBiC,mBAAlB,CAAsC,aAAtC,CAAvB;MACA,KAAKjC,YAAL,CAAkBkC,MAAlB,CAAyBF,cAAzB;IACD,CALkE,CAMnE;;;IACA,IAAI,CAACF,WAAL,EAAkB;MAChB,OAAO,iBAAQK,OAAR,CAAgB,IAAhB,CAAP;IACD;;IACD,OAAO,KAAK7F,KAAL,CAAWO,MAAX,CAAkBiF,WAAlB,CAAP;EACD,CA5UgE,CA8UjE;;;EACwB,MAAlBM,kBAAkB,CAACC,YAAD,EAAgD;IACtE,IAAI,CAACA,YAAL,EAAmB;MACjBA,YAAY,GAAG,CAAC,MAAM,KAAKrC,YAAL,CAAkB+B,SAAlB,EAAP,EAAsCM,YAArD;MACA,MAAMC,eAAe,GAAG,KAAKtC,YAAL,CAAkBiC,mBAAlB,CAAsC,cAAtC,CAAxB;MACA,KAAKjC,YAAL,CAAkBkC,MAAlB,CAAyBI,eAAzB;IACD,CALqE,CAMtE;;;IACA,IAAI,CAACD,YAAL,EAAmB;MACjB,OAAO,iBAAQF,OAAR,CAAgB,IAAhB,CAAP;IACD;;IACD,OAAO,KAAK7F,KAAL,CAAWO,MAAX,CAAkBwF,YAAlB,CAAP;EACD;;EAEDE,qBAAqB,CAACzK,OAAkC,GAAG,EAAtC,EAA0C;IAC7D,IAAI;MACF0K,OADE;MAEFC,qBAFE;MAGFC;IAHE,IAIA5K,OAJJ;;IAKA,IAAI,CAAC0K,OAAL,EAAc;MACZA,OAAO,GAAG,KAAKxC,YAAL,CAAkB2C,aAAlB,GAAkCH,OAA5C;IACD;;IACD,IAAI,CAACA,OAAL,EAAc;MACZ,OAAO,EAAP;IACD;;IACD,IAAI,CAACC,qBAAL,EAA4B;MAC1BA,qBAAqB,GAAG,KAAK3K,OAAL,CAAa2K,qBAArC;IACD;;IAED,MAAMG,SAAS,GAAG,wBAAa,IAAb,EAAmBA,SAArC;IACA,MAAMC,WAAW,GAAGL,OAAO,CAACA,OAA5B,CAjB6D,CAiBxB;;IACrC,IAAIM,SAAS,GAAGF,SAAS,GAAG,iBAAZ,GAAgCG,kBAAkB,CAACF,WAAD,CAAlE;;IACA,IAAIJ,qBAAJ,EAA2B;MACzBK,SAAS,IAAI,+BAA+BC,kBAAkB,CAACN,qBAAD,CAA9D;IACD,CArB4D,CAsB7D;;;IACA,IAAIC,KAAJ,EAAW;MACTI,SAAS,IAAI,YAAYC,kBAAkB,CAACL,KAAD,CAA3C;IACD;;IAED,OAAOI,SAAP;EACD,CAxXgE,CA0XjE;;;EACa,MAAPE,OAAO,CAAClL,OAAD,EAA2B;IACtCA,OAAO,GAAG,qBAAc,EAAd,EAAkBA,OAAlB,CAAV,CADsC,CAGtC;;IACA,IAAImL,UAAU,GAAG5I,MAAM,CAACC,QAAP,CAAgBC,MAAjC;IACA,IAAI2I,UAAU,GAAG7I,MAAM,CAACC,QAAP,CAAgB6I,IAAjC;IACA,IAAIV,qBAAqB,GAAG3K,OAAO,CAAC2K,qBAAR,IACvB,KAAK3K,OAAL,CAAa2K,qBADU,IAEvBQ,UAFL;IAIA,IAAInB,WAAW,GAAGhK,OAAO,CAACgK,WAA1B;IACA,IAAIO,YAAY,GAAGvK,OAAO,CAACuK,YAA3B;IACA,IAAIR,iBAAiB,GAAG/J,OAAO,CAAC+J,iBAAR,KAA8B,KAAtD;IACA,IAAIO,kBAAkB,GAAGtK,OAAO,CAACsK,kBAAR,KAA+B,KAAxD;;IAEA,IAAIA,kBAAkB,IAAI,OAAOC,YAAP,KAAwB,WAAlD,EAA+D;MAC7DA,YAAY,GAAG,KAAKrC,YAAL,CAAkB2C,aAAlB,GAAkCN,YAAjD;IACD;;IAED,IAAIR,iBAAiB,IAAI,OAAOC,WAAP,KAAuB,WAAhD,EAA6D;MAC3DA,WAAW,GAAG,KAAK9B,YAAL,CAAkB2C,aAAlB,GAAkCb,WAAhD;IACD;;IAED,IAAI,CAAChK,OAAO,CAAC0K,OAAb,EAAsB;MACpB1K,OAAO,CAAC0K,OAAR,GAAkB,KAAKxC,YAAL,CAAkB2C,aAAlB,GAAkCH,OAApD;IACD;;IAED,IAAIJ,kBAAkB,IAAIC,YAA1B,EAAwC;MACtC,MAAM,KAAKD,kBAAL,CAAwBC,YAAxB,CAAN;IACD;;IAED,IAAIR,iBAAiB,IAAIC,WAAzB,EAAsC;MACpC,MAAM,KAAKD,iBAAL,CAAuBC,WAAvB,CAAN;IACD;;IAED,MAAMgB,SAAS,GAAG,KAAKP,qBAAL,CAA2B,EAAE,GAAGzK,OAAL;MAAc2K;IAAd,CAA3B,CAAlB,CAnCsC,CAoCtC;IACA;;IACA,IAAI,CAACK,SAAL,EAAgB;MACd;MACA,OAAO,KAAKjI,YAAL,GAAoB;MAApB,CACNqG,IADM,CACD,YAAW;QACf,IAAIuB,qBAAqB,KAAKS,UAA9B,EAA0C;UACxC7I,MAAM,CAACC,QAAP,CAAgB8I,MAAhB,GADwC,CACd;QAC3B,CAFD,MAEO;UACL/I,MAAM,CAACC,QAAP,CAAgB+I,MAAhB,CAAuBZ,qBAAvB;QACD;MACF,CAPM,CAAP;IAQD,CAVD,MAUO;MACL,IAAI3K,OAAO,CAACwL,yBAAZ,EAAuC;QACrC;QACA,KAAKtD,YAAL,CAAkByB,KAAlB;MACD,CAHD,MAGO;QACL,KAAKzB,YAAL,CAAkBuD,qBAAlB;MACD,CANI,CAOL;;;MACAlJ,MAAM,CAACC,QAAP,CAAgB+I,MAAhB,CAAuBP,SAAvB;IACD;EACF;;EAEDU,SAAS,CAAC1C,IAAD,EAAwB;IAC/B,IAAIrH,GAAG,GAAG,2BAA2B,yBAAcqH,IAAd,CAArC;IACA,IAAIhJ,OAAO,GAAG;MACZ8I,OAAO,EAAE;QACP,UAAU;MADH;IADG,CAAd;IAKA,OAAO,eAAI,IAAJ,EAAUnH,GAAV,EAAe3B,OAAf,CAAP;EACD,CA/bgE,CAicjE;EACA;EACA;EAEA;EACA;;;EACqB,MAAf2L,eAAe,CAAC3L,OAA+B,GAAG,EAAnC,EAAyD;IAC5E;IACA,MAAM;MAAE4L,SAAF;MAAaC;IAAb,IAA4B,KAAK3D,YAAL,CAAkB4D,UAAlB,EAAlC;IAEA,MAAMC,WAAW,GAAG/L,OAAO,CAACgM,cAAR,GAAyBhM,OAAO,CAACgM,cAAR,KAA2B,OAApD,GAA8DJ,SAAlF;IACA,MAAMK,YAAY,GAAGjM,OAAO,CAACgM,cAAR,GAAyBhM,OAAO,CAACgM,cAAR,KAA2B,QAApD,GAA+DH,UAApF;IAEA,IAAI;MAAE7B;IAAF,IAAkB,KAAK9B,YAAL,CAAkB2C,aAAlB,EAAtB;;IACA,IAAIb,WAAW,IAAI,KAAK9B,YAAL,CAAkBgE,UAAlB,CAA6BlC,WAA7B,CAAnB,EAA8D;MAC5DA,WAAW,GAAGmC,SAAd;;MACA,IAAIJ,WAAJ,EAAiB;QACf,IAAI;UACF/B,WAAW,GAAG,MAAM,KAAK9B,YAAL,CAAkBjD,KAAlB,CAAwB,aAAxB,CAApB;QACD,CAFD,CAEE,MAAM,CACN;QACD;MACF,CAND,MAMO,IAAIgH,YAAJ,EAAkB;QACvB,KAAK/D,YAAL,CAAkBkC,MAAlB,CAAyB,aAAzB;MACD;IACF;;IAED,IAAI;MAAEM;IAAF,IAAc,KAAKxC,YAAL,CAAkB2C,aAAlB,EAAlB;;IACA,IAAIH,OAAO,IAAI,KAAKxC,YAAL,CAAkBgE,UAAlB,CAA6BxB,OAA7B,CAAf,EAAsD;MACpDA,OAAO,GAAGyB,SAAV;;MACA,IAAIJ,WAAJ,EAAiB;QACf,IAAI;UACFrB,OAAO,GAAG,MAAM,KAAKxC,YAAL,CAAkBjD,KAAlB,CAAwB,SAAxB,CAAhB;QACD,CAFD,CAEE,MAAM,CACN;QACD;MACF,CAND,MAMO,IAAIgH,YAAJ,EAAkB;QACvB,KAAK/D,YAAL,CAAkBkC,MAAlB,CAAyB,SAAzB;MACD;IACF;;IAED,OAAO,CAAC,EAAEJ,WAAW,IAAIU,OAAjB,CAAR;EACD;;EAEY,MAAP0B,OAAO,GAA0E;IACrF,MAAM;MAAE1B,OAAF;MAAWV;IAAX,IAA2B,KAAK9B,YAAL,CAAkB2C,aAAlB,EAAjC;IACA,OAAO,KAAKrG,KAAL,CAAWa,WAAX,CAAuB2E,WAAvB,EAAoCU,OAApC,CAAP;EACD;;EAED2B,UAAU,GAAuB;IAC/B,MAAM;MAAE3B;IAAF,IAAc,KAAKxC,YAAL,CAAkB2C,aAAlB,EAApB;IACA,OAAOH,OAAO,GAAGA,OAAO,CAACA,OAAX,GAAqByB,SAAnC;EACD;;EAEDG,cAAc,GAAuB;IACnC,MAAM;MAAEtC;IAAF,IAAkB,KAAK9B,YAAL,CAAkB2C,aAAlB,EAAxB;IACA,OAAOb,WAAW,GAAGA,WAAW,CAACA,WAAf,GAA6BmC,SAA/C;EACD;;EAEDI,eAAe,GAAuB;IACpC,MAAM;MAAEhC;IAAF,IAAmB,KAAKrC,YAAL,CAAkB2C,aAAlB,EAAzB;IACA,OAAON,YAAY,GAAGA,YAAY,CAACA,YAAhB,GAA+B4B,SAAlD;EACD;EAED;AACF;AACA;;;EAC+B,MAAvBK,uBAAuB,GAAkB;IAC7C,MAAM;MAAEC;IAAF,IAAa,MAAM,KAAKjI,KAAL,CAAWP,YAAX,EAAzB;IACA,KAAKiE,YAAL,CAAkBwE,SAAlB,CAA4BD,MAA5B;EACD;;EAEDjD,cAAc,CAACF,WAAD,EAAsBsB,KAAtB,EAA4C;IACxD;IACA,MAAM+B,cAAc,GAAGC,wBAAeC,iBAAf,EAAvB;;IACAF,cAAc,CAACG,OAAf,CAAuBC,mCAAvB,EAAkDzD,WAAlD,EAHwD,CAKxD;;IACAsB,KAAK,GAAGA,KAAK,IAAI,KAAK5K,OAAL,CAAa4K,KAA9B;;IACA,IAAIA,KAAJ,EAAW;MACT,MAAMoC,aAAa,GAAG,KAAK/M,cAAL,CAAoBgN,qBAApB,EAAtB;MACAD,aAAa,CAACF,OAAd,CAAsBlC,KAAtB,EAA6BtB,WAA7B;IACD;EACF;;EAED4D,cAAc,CAACtC,KAAD,EAAqC;IACjD;IACAA,KAAK,GAAGA,KAAK,IAAI,KAAK5K,OAAL,CAAa4K,KAA9B;;IACA,IAAIA,KAAJ,EAAW;MACT,MAAMoC,aAAa,GAAG,KAAK/M,cAAL,CAAoBgN,qBAApB,EAAtB;MACA,MAAM3D,WAAW,GAAG0D,aAAa,CAACG,OAAd,CAAsBvC,KAAtB,CAApB;;MACA,IAAItB,WAAJ,EAAiB;QACf,OAAOA,WAAP;MACD;IACF,CATgD,CAWjD;;;IACA,MAAMnI,OAAO,GAAGyL,wBAAeC,iBAAf,EAAhB;;IACA,OAAO1L,OAAO,GAAGA,OAAO,CAACgM,OAAR,CAAgBJ,mCAAhB,KAA8CZ,SAAjD,GAA6DA,SAA3E;EACD;;EAEDiB,iBAAiB,CAACxC,KAAD,EAAuB;IACtC;IACA,MAAMzJ,OAAO,GAAGyL,wBAAeC,iBAAf,EAAhB;;IACA1L,OAAO,CAACkM,UAAR,CAAmBN,mCAAnB,EAHsC,CAKtC;;IACAnC,KAAK,GAAGA,KAAK,IAAI,KAAK5K,OAAL,CAAa4K,KAA9B;;IACA,IAAIA,KAAJ,EAAW;MACT,MAAMoC,aAAa,GAAG,KAAK/M,cAAL,CAAoBgN,qBAApB,EAAtB;MACAD,aAAa,CAACK,UAAd,IAA4BL,aAAa,CAACK,UAAd,CAAyBzC,KAAzB,CAA5B;IACD;EACF;;EAEDlF,eAAe,GAAY;IACzB,OAAO,2BAAgB,IAAhB,CAAP;EACD;;EAEwB,MAAnB4H,mBAAmB,CAACb,MAAD,EAAkBnD,WAAlB,EAAuD;IAC9E,IAAIsB,KAAK,GAAG,KAAK5K,OAAL,CAAa4K,KAAzB,CAD8E,CAG9E;;IACA,IAAI6B,MAAJ,EAAY;MACV,KAAKvE,YAAL,CAAkBwE,SAAlB,CAA4BD,MAA5B;MACAnD,WAAW,GAAGA,WAAW,IAAI,KAAK4D,cAAL,CAAoB,KAAKlN,OAAL,CAAa4K,KAAjC,CAA7B;IACD,CAHD,MAGO,IAAI,KAAKlF,eAAL,EAAJ,EAA4B;MACjC,IAAI;QACF;QACA,MAAM6H,aAAa,GAAG,MAAM,6CAA0B,IAA1B,EAAgC,EAAhC,CAA5B;QACA3C,KAAK,GAAG2C,aAAa,CAAC3C,KAAtB;QACAtB,WAAW,GAAGA,WAAW,IAAI,KAAK4D,cAAL,CAAoBtC,KAApB,CAA7B;QACA,MAAM,KAAK4B,uBAAL,EAAN;MACD,CAND,CAME,OAAM3C,CAAN,EAAS;QACT;QACA,MAAM,KAAKzB,gBAAL,CAAsBO,eAAtB,EAAN;QACA,MAAMkB,CAAN;MACD;IACF,CAZM,MAYA;MACL,OADK,CACG;IACT,CArB6E,CAuB9E;;;IACA,MAAM,KAAKzB,gBAAL,CAAsBO,eAAtB,EAAN,CAxB8E,CA0B9E;;IACA,KAAKyE,iBAAL,CAAuBxC,KAAvB,EA3B8E,CA6B9E;;IACA,MAAM;MAAE4C;IAAF,IAAyB,KAAKxN,OAApC;;IACA,IAAIwN,kBAAJ,EAAwB;MACtB,MAAMA,kBAAkB,CAAC,IAAD,EAAOlE,WAAP,CAAxB;IACD,CAFD,MAEO,IAAIA,WAAJ,EAAiB;MACtB/G,MAAM,CAACC,QAAP,CAAgBiL,OAAhB,CAAwBnE,WAAxB;IACD;EACF;;EAEDoE,MAAM,GAAY;IAChB,OAAO,CAAC,CAAC,KAAK1N,OAAL,CAAa4B,IAAtB;EACD;;EAED+L,eAAe,CAACC,YAAD,EAA2C;IACxD,IAAID,eAAe,GAAG,KAAtB;;IACA,IAAIE,KAAK,CAACC,OAAN,CAAc,KAAK9N,OAAL,CAAa4N,YAA3B,KAA4C,KAAK5N,OAAL,CAAa4N,YAAb,CAA0BG,MAA1E,EAAkF;MAAA;;MAChFJ,eAAe,GAAG,sCAAK3N,OAAL,CAAa4N,YAAb,iBAAkCA,YAAlC,KAAmD,CAArE;IACD,CAFD,MAEO;MACLD,eAAe,GAAG,KAAK3N,OAAL,CAAa4N,YAAb,KAA8BA,YAAhD;IACD;;IACD,OAAOD,eAAP;EACD;;EAEDK,uBAAuB,GAAY;IACjC,OAAO,KAAKL,eAAL,CAAqB,MAArB,CAAP;EACD,CA7mBgE,CA+mBjE;EACA;EACA;EACA;;;EAEAM,eAAe,GAAW;IACxB;IACA;IACA,OAAO,KAAKjO,OAAL,CAAakO,MAAb,CAAqBC,KAArB,CAA2B,UAA3B,EAAuC,CAAvC,CAAP;EACD,CAxnBgE,CA0nBjE;;;EACAC,cAAc,CAACpF,IAAD,EAAiC;IAC7C,OAAO,2BAAkB,IAAlB,EAAwB,iCAAxB,EAA2DA,IAA3D,CAAP;EACD,CA7nBgE,CA+nBjE;;;EACApB,aAAa,CAACoB,IAAD,EAAwD;IACnE,OAAO,2BAAkB,IAAlB,EAAwB,+BAAxB,EAAyDA,IAAzD,CAAP;EACD,CAloBgE,CAooBjE;;;EACAqF,mBAAmB,CAACrF,IAAD,EAA6D;IAC9E,OAAO,2BAAkB,IAAlB,EAAwB,8BAAxB,EAAwDA,IAAxD,CAAP;EACD,CAvoBgE,CAyoBjE;;;EACqB,MAAfsF,eAAe,CAACtO,OAAD,EAA4C;IAC/D,IAAI,CAACA,OAAO,CAACgK,WAAb,EAA0B;MACxB,MAAMA,WAAW,GAAG,CAAC,MAAM,KAAK9B,YAAL,CAAkB+B,SAAlB,EAAP,EAAsCD,WAA1D;MACAhK,OAAO,CAACgK,WAAR,GAAsBA,WAAtB,aAAsBA,WAAtB,uBAAsBA,WAAW,CAAEA,WAAnC;IACD;;IACD,OAAO,uBAAY,IAAZ,EAAkBhK,OAAlB,CAAP;EACD;;AAhpBgE,C,CAmpBnE;;;8BAnpBMJ,Q,cAQ2BG,Q;8BAR3BH,Q,YASuB2O,M;8BATvB3O,Q,cAU2B4O,Q;AA0oBjC5O,QAAQ,CAACG,QAAT,GAAoBH,QAAQ,CAAC6D,SAAT,CAAmB1D,QAAnB,GAA8BA,QAAlD,C,CAEA;;AACA,qBAAcH,QAAd,EAAwB;EACtB6O;AADsB,CAAxB;eAIe7O,Q"}

package/cjs/OktaUserAgent.js

@@ -21,7 +21,7 @@ var _features = require("./features");
 class OktaUserAgent {
   constructor() {
     // add base sdk env
-    this.environments = [`okta-auth-js/${"6.6.2"}`];
+    this.environments = [`okta-auth-js/${"6.7.0"}`];
   }
 
   addEnvironment(env) {
@@ -36,7 +36,7 @@ class OktaUserAgent {
   }
 
   getVersion() {
-    return "6.6.2";
+    return "6.7.0";
   }
 
   maybeAddNodeEnvironment() {

package/cjs/OktaUserAgent.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../lib/OktaUserAgent.ts"],"names":["OktaUserAgent","constructor","environments","addEnvironment","env","push","getHttpHeader","maybeAddNodeEnvironment","join","getVersion","process","versions","node","version"],"mappings":";;;;AAeA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAGO,MAAMA,aAAN,CAAoB;AAGzBC,EAAAA,WAAW,GAAG;AACZ;AACA,SAAKC,YAAL,GAAoB,CAAE,gBAAD,OAA4B,EAA7B,CAApB;AACD;;AAEDC,EAAAA,cAAc,CAACC,GAAD,EAAc;AAC1B,SAAKF,YAAL,CAAkBG,IAAlB,CAAuBD,GAAvB;AACD;;AAEDE,EAAAA,aAAa,GAAG;AACd,SAAKC,uBAAL;AACA,WAAO;AAAE,oCAA8B,KAAKL,YAAL,CAAkBM,IAAlB,CAAuB,GAAvB;AAAhC,KAAP;AACD;;AAEDC,EAAAA,UAAU,GAAG;AACX;AACD;;AAEOF,EAAAA,uBAAuB,GAAG;AAChC,QAAI,8BAAe,CAACG,OAAhB,IAA2B,CAACA,OAAO,CAACC,QAAxC,EAAkD;AAChD;AACD;;AACD,UAAM;AAAEC,MAAAA,IAAI,EAAEC;AAAR,QAAoBH,OAAO,CAACC,QAAlC;AACA,SAAKT,YAAL,CAAkBG,IAAlB,CAAwB,UAASQ,OAAQ,EAAzC;AACD;;AA3BwB","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* global SDK_VERSION */\n\nimport { isBrowser } from './features';\nexport class OktaUserAgent {\n  private environments: string[];\n\n  constructor() {\n    // add base sdk env\n    this.environments = [`okta-auth-js/${SDK_VERSION}`];\n  }\n\n  addEnvironment(env: string) {\n    this.environments.push(env);\n  }\n\n  getHttpHeader() {\n    this.maybeAddNodeEnvironment();\n    return { 'X-Okta-User-Agent-Extended': this.environments.join(' ') };\n  }\n\n  getVersion() {\n    return SDK_VERSION;\n  }\n\n  private maybeAddNodeEnvironment() {\n    if (isBrowser() || !process || !process.versions) {\n      return;\n    }\n    const { node: version } = process.versions;\n    this.environments.push(`nodejs/${version}`);\n  }\n}\n"],"file":"OktaUserAgent.js"}
+{"version":3,"file":"OktaUserAgent.js","names":["OktaUserAgent","constructor","environments","addEnvironment","env","push","getHttpHeader","maybeAddNodeEnvironment","join","getVersion","process","versions","node","version"],"sources":["../../lib/OktaUserAgent.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* global SDK_VERSION */\n\nimport { isBrowser } from './features';\nexport class OktaUserAgent {\n  private environments: string[];\n\n  constructor() {\n    // add base sdk env\n    this.environments = [`okta-auth-js/${SDK_VERSION}`];\n  }\n\n  addEnvironment(env: string) {\n    this.environments.push(env);\n  }\n\n  getHttpHeader() {\n    this.maybeAddNodeEnvironment();\n    return { 'X-Okta-User-Agent-Extended': this.environments.join(' ') };\n  }\n\n  getVersion() {\n    return SDK_VERSION;\n  }\n\n  private maybeAddNodeEnvironment() {\n    if (isBrowser() || !process || !process.versions) {\n      return;\n    }\n    const { node: version } = process.versions;\n    this.environments.push(`nodejs/${version}`);\n  }\n}\n"],"mappings":";;;;AAeA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAGO,MAAMA,aAAN,CAAoB;EAGzBC,WAAW,GAAG;IACZ;IACA,KAAKC,YAAL,GAAoB,CAAE,gBAAD,OAA4B,EAA7B,CAApB;EACD;;EAEDC,cAAc,CAACC,GAAD,EAAc;IAC1B,KAAKF,YAAL,CAAkBG,IAAlB,CAAuBD,GAAvB;EACD;;EAEDE,aAAa,GAAG;IACd,KAAKC,uBAAL;IACA,OAAO;MAAE,8BAA8B,KAAKL,YAAL,CAAkBM,IAAlB,CAAuB,GAAvB;IAAhC,CAAP;EACD;;EAEDC,UAAU,GAAG;IACX;EACD;;EAEOF,uBAAuB,GAAG;IAChC,IAAI,8BAAe,CAACG,OAAhB,IAA2B,CAACA,OAAO,CAACC,QAAxC,EAAkD;MAChD;IACD;;IACD,MAAM;MAAEC,IAAI,EAAEC;IAAR,IAAoBH,OAAO,CAACC,QAAlC;IACA,KAAKT,YAAL,CAAkBG,IAAlB,CAAwB,UAASQ,OAAQ,EAAzC;EACD;;AA3BwB"}

package/cjs/PromiseQueue.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../lib/PromiseQueue.ts"],"names":["PromiseQueue","constructor","options","quiet","queue","running","push","method","thisObject","args","resolve","reject","length","run","queueItem","shift","res","apply","then","finally"],"mappings":";;;;;;;;AAgBA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AAeA,MAAMA,YAAN,CAAmB;AAKjBC,EAAAA,WAAW,CAACC,OAA4B,GAAG;AAAEC,IAAAA,KAAK,EAAE;AAAT,GAAhC,EAAkD;AAC3D,SAAKC,KAAL,GAAa,EAAb;AACA,SAAKC,OAAL,GAAe,KAAf;AACA,SAAKH,OAAL,GAAeA,OAAf;AACD,GATgB,CAWjB;AACA;AACA;;;AACAI,EAAAA,IAAI,CAACC,MAAD,EAAgCC,UAAhC,EAAiD,GAAGC,IAApD,EAAiE;AACnE,WAAO,qBAAY,CAACC,OAAD,EAAUC,MAAV,KAAqB;AACtC,UAAI,KAAKP,KAAL,CAAWQ,MAAX,GAAoB,CAAxB,EAA2B;AACzB;AACA;AACA,YAAI,KAAKV,OAAL,CAAaC,KAAb,KAAuB,KAA3B,EAAkC;AAChC,0BACE,+EACA,qEAFF;AAID;AACF;;AACD,WAAKC,KAAL,CAAWE,IAAX,CAAgB;AACdC,QAAAA,MADc;AAEdC,QAAAA,UAFc;AAGdC,QAAAA,IAHc;AAIdC,QAAAA,OAJc;AAKdC,QAAAA;AALc,OAAhB;AAOA,WAAKE,GAAL;AACD,KAnBM,CAAP;AAoBD;;AAEDA,EAAAA,GAAG,GAAG;AACJ,QAAI,KAAKR,OAAT,EAAkB;AAChB;AACD;;AACD,QAAI,KAAKD,KAAL,CAAWQ,MAAX,KAAsB,CAA1B,EAA6B;AAC3B;AACD;;AACD,SAAKP,OAAL,GAAe,IAAf,CAPI,CAQJ;;AACA,QAAIS,SAAS,GAAG,KAAKV,KAAL,CAAWW,KAAX,EAAhB;AACA,QAAIC,GAAG,GAAGF,SAAS,CAACP,MAAV,CAAiBU,KAAjB,CAAuBH,SAAS,CAACN,UAAjC,EAA6CM,SAAS,CAACL,IAAvD,CAAV;;AACA,QAAI,qBAAUO,GAAV,CAAJ,EAAoB;AACjBA,MAAAA,GAAD,CAA0BE,IAA1B,CAA+BJ,SAAS,CAACJ,OAAzC,EAAkDI,SAAS,CAACH,MAA5D,EAAoEQ,OAApE,CAA4E,MAAM;AAChF,aAAKd,OAAL,GAAe,KAAf;AACA,aAAKQ,GAAL;AACD,OAHD;AAID,KALD,MAKO;AACLC,MAAAA,SAAS,CAACJ,OAAV,CAAkBM,GAAlB;AACA,WAAKX,OAAL,GAAe,KAAf;AACA,WAAKQ,GAAL;AACD;AACF;;AA1DgB;;eA6DJb,Y","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n// Implements a queue for synchronous or asynchronous methods\n// Methods will be wrapped in a promise and execute sequentially\n// This can be used to prevent concurrent calls to a single method or a set of methods\n\nimport { isPromise, warn } from './util';\n\ninterface QueueItem {\n  method: () => void;\n  thisObject: object;\n  args: any[];\n  resolve: (value?: unknown) => void;\n  reject: (reason?: unknown) => void;\n}\n\ninterface PromiseQueueOptions {\n  quiet?: boolean; // if false, concurrrency warnings will not be logged\n}\nclass PromiseQueue {\n  queue: QueueItem[];\n  running: boolean;\n  options: PromiseQueueOptions;\n\n  constructor(options: PromiseQueueOptions = { quiet: false }) {\n    this.queue = [];\n    this.running = false;\n    this.options = options;\n  }\n\n  // Returns a promise\n  // If the method is synchronous, it will resolve when the method completes\n  // If the method returns a promise, it will resolve (or reject) with the value from the method's promise\n  push(method: (...args: any) => any, thisObject: any, ...args: any[]) {\n    return new Promise((resolve, reject) => {\n      if (this.queue.length > 0) {\n        // There is at least one other pending call.\n        // The PromiseQueue will prevent these methods from running concurrently.\n        if (this.options.quiet !== false) {\n          warn(\n            'Async method is being called but another async method is already running. ' +\n            'The new method will be delayed until the previous method completes.'\n          );\n        }\n      }\n      this.queue.push({\n        method,\n        thisObject,\n        args,\n        resolve,\n        reject\n      });\n      this.run();\n    });\n  }\n\n  run() {\n    if (this.running) {\n      return;\n    }\n    if (this.queue.length === 0) {\n      return;\n    }\n    this.running = true;\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    var queueItem = this.queue.shift()!;\n    var res = queueItem.method.apply(queueItem.thisObject, queueItem.args as never) as unknown;\n    if (isPromise(res)) {\n      (res as Promise<unknown>).then(queueItem.resolve, queueItem.reject).finally(() => {\n        this.running = false;\n        this.run();\n      });\n    } else {\n      queueItem.resolve(res);\n      this.running = false;\n      this.run();\n    }\n  }\n}\n\nexport default PromiseQueue;"],"file":"PromiseQueue.js"}
+{"version":3,"file":"PromiseQueue.js","names":["PromiseQueue","constructor","options","quiet","queue","running","push","method","thisObject","args","resolve","reject","length","run","queueItem","shift","res","apply","then","finally"],"sources":["../../lib/PromiseQueue.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n// Implements a queue for synchronous or asynchronous methods\n// Methods will be wrapped in a promise and execute sequentially\n// This can be used to prevent concurrent calls to a single method or a set of methods\n\nimport { isPromise, warn } from './util';\n\ninterface QueueItem {\n  method: () => void;\n  thisObject: object;\n  args: any[];\n  resolve: (value?: unknown) => void;\n  reject: (reason?: unknown) => void;\n}\n\ninterface PromiseQueueOptions {\n  quiet?: boolean; // if false, concurrrency warnings will not be logged\n}\nclass PromiseQueue {\n  queue: QueueItem[];\n  running: boolean;\n  options: PromiseQueueOptions;\n\n  constructor(options: PromiseQueueOptions = { quiet: false }) {\n    this.queue = [];\n    this.running = false;\n    this.options = options;\n  }\n\n  // Returns a promise\n  // If the method is synchronous, it will resolve when the method completes\n  // If the method returns a promise, it will resolve (or reject) with the value from the method's promise\n  push(method: (...args: any) => any, thisObject: any, ...args: any[]) {\n    return new Promise((resolve, reject) => {\n      if (this.queue.length > 0) {\n        // There is at least one other pending call.\n        // The PromiseQueue will prevent these methods from running concurrently.\n        if (this.options.quiet !== false) {\n          warn(\n            'Async method is being called but another async method is already running. ' +\n            'The new method will be delayed until the previous method completes.'\n          );\n        }\n      }\n      this.queue.push({\n        method,\n        thisObject,\n        args,\n        resolve,\n        reject\n      });\n      this.run();\n    });\n  }\n\n  run() {\n    if (this.running) {\n      return;\n    }\n    if (this.queue.length === 0) {\n      return;\n    }\n    this.running = true;\n    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n    var queueItem = this.queue.shift()!;\n    var res = queueItem.method.apply(queueItem.thisObject, queueItem.args as never) as unknown;\n    if (isPromise(res)) {\n      (res as Promise<unknown>).then(queueItem.resolve, queueItem.reject).finally(() => {\n        this.running = false;\n        this.run();\n      });\n    } else {\n      queueItem.resolve(res);\n      this.running = false;\n      this.run();\n    }\n  }\n}\n\nexport default PromiseQueue;"],"mappings":";;;;;;;;AAgBA;;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AAeA,MAAMA,YAAN,CAAmB;EAKjBC,WAAW,CAACC,OAA4B,GAAG;IAAEC,KAAK,EAAE;EAAT,CAAhC,EAAkD;IAC3D,KAAKC,KAAL,GAAa,EAAb;IACA,KAAKC,OAAL,GAAe,KAAf;IACA,KAAKH,OAAL,GAAeA,OAAf;EACD,CATgB,CAWjB;EACA;EACA;;;EACAI,IAAI,CAACC,MAAD,EAAgCC,UAAhC,EAAiD,GAAGC,IAApD,EAAiE;IACnE,OAAO,qBAAY,CAACC,OAAD,EAAUC,MAAV,KAAqB;MACtC,IAAI,KAAKP,KAAL,CAAWQ,MAAX,GAAoB,CAAxB,EAA2B;QACzB;QACA;QACA,IAAI,KAAKV,OAAL,CAAaC,KAAb,KAAuB,KAA3B,EAAkC;UAChC,gBACE,+EACA,qEAFF;QAID;MACF;;MACD,KAAKC,KAAL,CAAWE,IAAX,CAAgB;QACdC,MADc;QAEdC,UAFc;QAGdC,IAHc;QAIdC,OAJc;QAKdC;MALc,CAAhB;MAOA,KAAKE,GAAL;IACD,CAnBM,CAAP;EAoBD;;EAEDA,GAAG,GAAG;IACJ,IAAI,KAAKR,OAAT,EAAkB;MAChB;IACD;;IACD,IAAI,KAAKD,KAAL,CAAWQ,MAAX,KAAsB,CAA1B,EAA6B;MAC3B;IACD;;IACD,KAAKP,OAAL,GAAe,IAAf,CAPI,CAQJ;;IACA,IAAIS,SAAS,GAAG,KAAKV,KAAL,CAAWW,KAAX,EAAhB;IACA,IAAIC,GAAG,GAAGF,SAAS,CAACP,MAAV,CAAiBU,KAAjB,CAAuBH,SAAS,CAACN,UAAjC,EAA6CM,SAAS,CAACL,IAAvD,CAAV;;IACA,IAAI,qBAAUO,GAAV,CAAJ,EAAoB;MACjBA,GAAD,CAA0BE,IAA1B,CAA+BJ,SAAS,CAACJ,OAAzC,EAAkDI,SAAS,CAACH,MAA5D,EAAoEQ,OAApE,CAA4E,MAAM;QAChF,KAAKd,OAAL,GAAe,KAAf;QACA,KAAKQ,GAAL;MACD,CAHD;IAID,CALD,MAKO;MACLC,SAAS,CAACJ,OAAV,CAAkBM,GAAlB;MACA,KAAKX,OAAL,GAAe,KAAf;MACA,KAAKQ,GAAL;IACD;EACF;;AA1DgB;;eA6DJb,Y"}

package/cjs/SavedObject.js

@@ -53,6 +53,12 @@ class SavedObject {
   //
 
 
+  isSharedStorage() {
+    var _this$storageProvider, _this$storageProvider2;
+
+    return typeof localStorage !== 'undefined' && this.storageProvider === localStorage || !!((_this$storageProvider = (_this$storageProvider2 = this.storageProvider).isSharedStorage) !== null && _this$storageProvider !== void 0 && _this$storageProvider.call(_this$storageProvider2));
+  }
+
   getStorage() {
     var storageString = this.storageProvider.getItem(this.storageName);
     storageString = storageString || '{}';

package/cjs/SavedObject.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../lib/SavedObject.ts"],"names":["SavedObject","constructor","storage","storageName","AuthSdkError","length","storageProvider","getItem","key","getStorage","setItem","value","updateStorage","removeItem","clearStorage","storageString","JSON","parse","e","setStorage","obj"],"mappings":";;;;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACe,MAAMA,WAAN,CAA6C;AAI1DC,EAAAA,WAAW,CAACC,OAAD,EAAyBC,WAAzB,EAA8C;AACvD,QAAI,CAACD,OAAL,EAAc;AACZ,YAAM,IAAIE,qBAAJ,CAAiB,uBAAjB,CAAN;AACD;;AAED,QAAI,OAAOD,WAAP,KAAuB,QAAvB,IAAmC,CAACA,WAAW,CAACE,MAApD,EAA4D;AAC1D,YAAM,IAAID,qBAAJ,CAAiB,2BAAjB,CAAN;AACD;;AAED,SAAKD,WAAL,GAAmBA,WAAnB;AACA,SAAKG,eAAL,GAAuBJ,OAAvB;AACD,GAfyD,CAiB1D;AACA;AACA;;;AAEAK,EAAAA,OAAO,CAACC,GAAD,EAAc;AACnB,WAAO,KAAKC,UAAL,GAAkBD,GAAlB,CAAP;AACD;;AAEDE,EAAAA,OAAO,CAACF,GAAD,EAAcG,KAAd,EAA0B;AAC/B,WAAO,KAAKC,aAAL,CAAmBJ,GAAnB,EAAwBG,KAAxB,CAAP;AACD;;AAEDE,EAAAA,UAAU,CAACL,GAAD,EAAc;AACtB,WAAO,KAAKM,YAAL,CAAkBN,GAAlB,CAAP;AACD,GA/ByD,CAiC1D;AACA;AACA;;;AAEAC,EAAAA,UAAU,GAAG;AACX,QAAIM,aAAa,GAAG,KAAKT,eAAL,CAAqBC,OAArB,CAA6B,KAAKJ,WAAlC,CAApB;AACAY,IAAAA,aAAa,GAAGA,aAAa,IAAI,IAAjC;;AACA,QAAI;AACF,aAAOC,IAAI,CAACC,KAAL,CAAWF,aAAX,CAAP;AACD,KAFD,CAEE,OAAMG,CAAN,EAAS;AACT,YAAM,IAAId,qBAAJ,CAAiB,qCAAqC,KAAKD,WAA3D,CAAN;AACD;AACF;;AAEDgB,EAAAA,UAAU,CAACC,GAAD,EAAY;AACpB,QAAI;AACF,UAAIL,aAAa,GAAGK,GAAG,GAAG,wBAAeA,GAAf,CAAH,GAAyB,IAAhD;AACA,WAAKd,eAAL,CAAqBI,OAArB,CAA6B,KAAKP,WAAlC,EAA+CY,aAA/C;AACD,KAHD,CAGE,OAAMG,CAAN,EAAS;AACT,YAAM,IAAId,qBAAJ,CAAiB,4BAA4B,KAAKD,WAAlD,CAAN;AACD;AACF;;AAEDW,EAAAA,YAAY,CAACN,GAAD,EAAe;AACzB,QAAI,CAACA,GAAL,EAAU;AACR;AACA,UAAI,KAAKF,eAAL,CAAqBO,UAAzB,EAAqC;AACnC,aAAKP,eAAL,CAAqBO,UAArB,CAAgC,KAAKV,WAArC;AACD,OAFD,MAEO;AACL,aAAKgB,UAAL;AACD;;AACD;AACD;;AAED,QAAIC,GAAG,GAAG,KAAKX,UAAL,EAAV;AACA,WAAOW,GAAG,CAACZ,GAAD,CAAV;AACA,SAAKW,UAAL,CAAgBC,GAAhB;AACD;;AAEDR,EAAAA,aAAa,CAACJ,GAAD,EAAMG,KAAN,EAAa;AACxB,QAAIS,GAAG,GAAG,KAAKX,UAAL,EAAV;AACAW,IAAAA,GAAG,CAACZ,GAAD,CAAH,GAAWG,KAAX;AACA,SAAKQ,UAAL,CAAgBC,GAAhB;AACD;;AA5EyD","sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { StorageProvider, SimpleStorage } from './types';\n\n// formerly known as \"storageBuilder\". Represents an object saved under a key/name.\nexport default class SavedObject implements StorageProvider {\n  storageProvider: SimpleStorage;\n  storageName: string;\n\n  constructor(storage: SimpleStorage, storageName: string) {\n    if (!storage) {\n      throw new AuthSdkError('\"storage\" is required');\n    }\n\n    if (typeof storageName !== 'string' || !storageName.length) {\n      throw new AuthSdkError('\"storageName\" is required');\n    }\n\n    this.storageName = storageName;\n    this.storageProvider = storage;\n  }\n\n  //\n  // SimpleStorage interface\n  //\n\n  getItem(key: string) {\n    return this.getStorage()[key];\n  }\n\n  setItem(key: string, value: any) {\n    return this.updateStorage(key, value);\n  }\n\n  removeItem(key: string) {\n    return this.clearStorage(key);\n  }\n\n  //\n  // StorageProvider interface\n  //\n\n  getStorage() {\n    var storageString = this.storageProvider.getItem(this.storageName);\n    storageString = storageString || '{}';\n    try {\n      return JSON.parse(storageString);\n    } catch(e) {\n      throw new AuthSdkError('Unable to parse storage string: ' + this.storageName);\n    }\n  }\n\n  setStorage(obj?: any) {\n    try {\n      var storageString = obj ? JSON.stringify(obj) : '{}';\n      this.storageProvider.setItem(this.storageName, storageString);\n    } catch(e) {\n      throw new AuthSdkError('Unable to set storage: ' + this.storageName);\n    }\n  }\n\n  clearStorage(key?: string) {\n    if (!key) {\n      // clear all\n      if (this.storageProvider.removeItem) {\n        this.storageProvider.removeItem(this.storageName);\n      } else {\n        this.setStorage();\n      }\n      return;\n    }\n\n    var obj = this.getStorage();\n    delete obj[key];\n    this.setStorage(obj);\n  }\n\n  updateStorage(key, value) {\n    var obj = this.getStorage();\n    obj[key] = value;\n    this.setStorage(obj);\n  }\n}\n"],"file":"SavedObject.js"}
+{"version":3,"file":"SavedObject.js","names":["SavedObject","constructor","storage","storageName","AuthSdkError","length","storageProvider","getItem","key","getStorage","setItem","value","updateStorage","removeItem","clearStorage","isSharedStorage","localStorage","storageString","JSON","parse","e","setStorage","obj"],"sources":["../../lib/SavedObject.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from './errors/AuthSdkError';\nimport { StorageProvider, SimpleStorage } from './types';\n\n// formerly known as \"storageBuilder\". Represents an object saved under a key/name.\nexport default class SavedObject implements StorageProvider {\n  storageProvider: SimpleStorage;\n  storageName: string;\n\n  constructor(storage: SimpleStorage, storageName: string) {\n    if (!storage) {\n      throw new AuthSdkError('\"storage\" is required');\n    }\n\n    if (typeof storageName !== 'string' || !storageName.length) {\n      throw new AuthSdkError('\"storageName\" is required');\n    }\n\n    this.storageName = storageName;\n    this.storageProvider = storage;\n  }\n\n  //\n  // SimpleStorage interface\n  //\n\n  getItem(key: string) {\n    return this.getStorage()[key];\n  }\n\n  setItem(key: string, value: any) {\n    return this.updateStorage(key, value);\n  }\n\n  removeItem(key: string) {\n    return this.clearStorage(key);\n  }\n\n  //\n  // StorageProvider interface\n  //\n\n  isSharedStorage() {\n    return typeof localStorage !== 'undefined' && this.storageProvider === localStorage as any \n      || !!this.storageProvider.isSharedStorage?.();\n  }\n\n  getStorage() {\n    var storageString = this.storageProvider.getItem(this.storageName);\n    storageString = storageString || '{}';\n    try {\n      return JSON.parse(storageString);\n    } catch(e) {\n      throw new AuthSdkError('Unable to parse storage string: ' + this.storageName);\n    }\n  }\n\n  setStorage(obj?: any) {\n    try {\n      var storageString = obj ? JSON.stringify(obj) : '{}';\n      this.storageProvider.setItem(this.storageName, storageString);\n    } catch(e) {\n      throw new AuthSdkError('Unable to set storage: ' + this.storageName);\n    }\n  }\n\n  clearStorage(key?: string) {\n    if (!key) {\n      // clear all\n      if (this.storageProvider.removeItem) {\n        this.storageProvider.removeItem(this.storageName);\n      } else {\n        this.setStorage();\n      }\n      return;\n    }\n\n    var obj = this.getStorage();\n    delete obj[key];\n    this.setStorage(obj);\n  }\n\n  updateStorage(key, value) {\n    var obj = this.getStorage();\n    obj[key] = value;\n    this.setStorage(obj);\n  }\n}\n"],"mappings":";;;;;;;;AAaA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACe,MAAMA,WAAN,CAA6C;EAI1DC,WAAW,CAACC,OAAD,EAAyBC,WAAzB,EAA8C;IACvD,IAAI,CAACD,OAAL,EAAc;MACZ,MAAM,IAAIE,qBAAJ,CAAiB,uBAAjB,CAAN;IACD;;IAED,IAAI,OAAOD,WAAP,KAAuB,QAAvB,IAAmC,CAACA,WAAW,CAACE,MAApD,EAA4D;MAC1D,MAAM,IAAID,qBAAJ,CAAiB,2BAAjB,CAAN;IACD;;IAED,KAAKD,WAAL,GAAmBA,WAAnB;IACA,KAAKG,eAAL,GAAuBJ,OAAvB;EACD,CAfyD,CAiB1D;EACA;EACA;;;EAEAK,OAAO,CAACC,GAAD,EAAc;IACnB,OAAO,KAAKC,UAAL,GAAkBD,GAAlB,CAAP;EACD;;EAEDE,OAAO,CAACF,GAAD,EAAcG,KAAd,EAA0B;IAC/B,OAAO,KAAKC,aAAL,CAAmBJ,GAAnB,EAAwBG,KAAxB,CAAP;EACD;;EAEDE,UAAU,CAACL,GAAD,EAAc;IACtB,OAAO,KAAKM,YAAL,CAAkBN,GAAlB,CAAP;EACD,CA/ByD,CAiC1D;EACA;EACA;;;EAEAO,eAAe,GAAG;IAAA;;IAChB,OAAO,OAAOC,YAAP,KAAwB,WAAxB,IAAuC,KAAKV,eAAL,KAAyBU,YAAhE,IACF,CAAC,2BAAC,+BAAKV,eAAL,EAAqBS,eAAtB,kDAAC,kDAAD,CADN;EAED;;EAEDN,UAAU,GAAG;IACX,IAAIQ,aAAa,GAAG,KAAKX,eAAL,CAAqBC,OAArB,CAA6B,KAAKJ,WAAlC,CAApB;IACAc,aAAa,GAAGA,aAAa,IAAI,IAAjC;;IACA,IAAI;MACF,OAAOC,IAAI,CAACC,KAAL,CAAWF,aAAX,CAAP;IACD,CAFD,CAEE,OAAMG,CAAN,EAAS;MACT,MAAM,IAAIhB,qBAAJ,CAAiB,qCAAqC,KAAKD,WAA3D,CAAN;IACD;EACF;;EAEDkB,UAAU,CAACC,GAAD,EAAY;IACpB,IAAI;MACF,IAAIL,aAAa,GAAGK,GAAG,GAAG,wBAAeA,GAAf,CAAH,GAAyB,IAAhD;MACA,KAAKhB,eAAL,CAAqBI,OAArB,CAA6B,KAAKP,WAAlC,EAA+Cc,aAA/C;IACD,CAHD,CAGE,OAAMG,CAAN,EAAS;MACT,MAAM,IAAIhB,qBAAJ,CAAiB,4BAA4B,KAAKD,WAAlD,CAAN;IACD;EACF;;EAEDW,YAAY,CAACN,GAAD,EAAe;IACzB,IAAI,CAACA,GAAL,EAAU;MACR;MACA,IAAI,KAAKF,eAAL,CAAqBO,UAAzB,EAAqC;QACnC,KAAKP,eAAL,CAAqBO,UAArB,CAAgC,KAAKV,WAArC;MACD,CAFD,MAEO;QACL,KAAKkB,UAAL;MACD;;MACD;IACD;;IAED,IAAIC,GAAG,GAAG,KAAKb,UAAL,EAAV;IACA,OAAOa,GAAG,CAACd,GAAD,CAAV;IACA,KAAKa,UAAL,CAAgBC,GAAhB;EACD;;EAEDV,aAAa,CAACJ,GAAD,EAAMG,KAAN,EAAa;IACxB,IAAIW,GAAG,GAAG,KAAKb,UAAL,EAAV;IACAa,GAAG,CAACd,GAAD,CAAH,GAAWG,KAAX;IACA,KAAKU,UAAL,CAAgBC,GAAhB;EACD;;AAjFyD"}