@okta/okta-auth-js 6.7.7 → 6.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (177) hide show
  1. package/CHANGELOG.md +7 -1
  2. package/README.md +3 -2
  3. package/cjs/AuthStateManager.js +1 -1
  4. package/cjs/AuthStateManager.js.map +1 -1
  5. package/cjs/OktaAuth.js.map +1 -1
  6. package/cjs/OktaUserAgent.js +2 -2
  7. package/cjs/OktaUserAgent.js.map +1 -1
  8. package/cjs/PromiseQueue.js.map +1 -1
  9. package/cjs/SavedObject.js.map +1 -1
  10. package/cjs/ServiceManager.js.map +1 -1
  11. package/cjs/StorageManager.js.map +1 -1
  12. package/cjs/TokenManager.js.map +1 -1
  13. package/cjs/TransactionManager.js.map +1 -1
  14. package/cjs/browser/browserStorage.js.map +1 -1
  15. package/cjs/browser/fingerprint.js.map +1 -1
  16. package/cjs/constants.js +1 -1
  17. package/cjs/crypto/base64.js +4 -4
  18. package/cjs/crypto/base64.js.map +1 -1
  19. package/cjs/crypto/oidcHash.js.map +1 -1
  20. package/cjs/crypto/verifyToken.js.map +1 -1
  21. package/cjs/crypto/webauthn.js +1 -1
  22. package/cjs/crypto/webauthn.js.map +1 -1
  23. package/cjs/errors/index.js +2 -2
  24. package/cjs/features.js +6 -6
  25. package/cjs/features.js.map +1 -1
  26. package/cjs/http/request.js +1 -1
  27. package/cjs/http/request.js.map +1 -1
  28. package/cjs/idx/authenticate.js.map +1 -1
  29. package/cjs/idx/authenticator/OktaPassword.js +5 -4
  30. package/cjs/idx/authenticator/OktaPassword.js.map +1 -1
  31. package/cjs/idx/authenticator/getAuthenticator.js.map +1 -1
  32. package/cjs/idx/authenticator/util.js +1 -1
  33. package/cjs/idx/authenticator/util.js.map +1 -1
  34. package/cjs/idx/cancel.js.map +1 -1
  35. package/cjs/idx/emailVerify.js +3 -3
  36. package/cjs/idx/emailVerify.js.map +1 -1
  37. package/cjs/idx/idxState/index.js +1 -1
  38. package/cjs/idx/idxState/v1/generateIdxAction.js.map +1 -1
  39. package/cjs/idx/idxState/v1/idxResponseParser.js +1 -1
  40. package/cjs/idx/idxState/v1/idxResponseParser.js.map +1 -1
  41. package/cjs/idx/idxState/v1/makeIdxState.js.map +1 -1
  42. package/cjs/idx/idxState/v1/remediationParser.js.map +1 -1
  43. package/cjs/idx/index.js +24 -24
  44. package/cjs/idx/interact.js.map +1 -1
  45. package/cjs/idx/introspect.js.map +1 -1
  46. package/cjs/idx/poll.js.map +1 -1
  47. package/cjs/idx/proceed.js.map +1 -1
  48. package/cjs/idx/recoverPassword.js.map +1 -1
  49. package/cjs/idx/register.js.map +1 -1
  50. package/cjs/idx/remediate.js.map +1 -1
  51. package/cjs/idx/remediators/AuthenticatorEnrollmentData.js.map +1 -1
  52. package/cjs/idx/remediators/Base/AuthenticatorData.js.map +1 -1
  53. package/cjs/idx/remediators/Base/Remediator.js.map +1 -1
  54. package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  55. package/cjs/idx/remediators/Base/VerifyAuthenticator.js.map +1 -1
  56. package/cjs/idx/remediators/EnrollProfile.js +46 -4
  57. package/cjs/idx/remediators/EnrollProfile.js.map +1 -1
  58. package/cjs/idx/remediators/GenericRemediator/util.js +1 -1
  59. package/cjs/idx/remediators/SelectAuthenticatorAuthenticate.js.map +1 -1
  60. package/cjs/idx/remediators/SelectEnrollmentChannel.js.map +1 -1
  61. package/cjs/idx/remediators/util.js +1 -1
  62. package/cjs/idx/run.js.map +1 -1
  63. package/cjs/idx/startTransaction.js.map +1 -1
  64. package/cjs/idx/transactionMeta.js +3 -3
  65. package/cjs/idx/transactionMeta.js.map +1 -1
  66. package/cjs/idx/types/api.js +1 -1
  67. package/cjs/idx/types/idx-js.js +1 -1
  68. package/cjs/idx/types/idx-js.js.map +1 -1
  69. package/cjs/idx/unlockAccount.js.map +1 -1
  70. package/cjs/idx/util.js +6 -6
  71. package/cjs/idx/util.js.map +1 -1
  72. package/cjs/myaccount/emailApi.js +1 -1
  73. package/cjs/myaccount/emailApi.js.map +1 -1
  74. package/cjs/myaccount/phoneApi.js +1 -1
  75. package/cjs/myaccount/phoneApi.js.map +1 -1
  76. package/cjs/myaccount/profileApi.js +1 -1
  77. package/cjs/myaccount/profileApi.js.map +1 -1
  78. package/cjs/myaccount/request.js +1 -1
  79. package/cjs/myaccount/request.js.map +1 -1
  80. package/cjs/myaccount/transactions/EmailChallengeTransaction.js.map +1 -1
  81. package/cjs/myaccount/transactions/EmailTransaction.js.map +1 -1
  82. package/cjs/myaccount/transactions/PhoneTransaction.js.map +1 -1
  83. package/cjs/myaccount/transactions/index.js +14 -14
  84. package/cjs/myaccount/types.js +14 -13
  85. package/cjs/myaccount/types.js.map +1 -1
  86. package/cjs/oidc/decodeToken.js.map +1 -1
  87. package/cjs/oidc/endpoints/authorize.js +1 -1
  88. package/cjs/oidc/endpoints/authorize.js.map +1 -1
  89. package/cjs/oidc/endpoints/token.js +1 -1
  90. package/cjs/oidc/endpoints/token.js.map +1 -1
  91. package/cjs/oidc/endpoints/well-known.js +1 -1
  92. package/cjs/oidc/endpoints/well-known.js.map +1 -1
  93. package/cjs/oidc/exchangeCodeForTokens.js.map +1 -1
  94. package/cjs/oidc/getToken.js.map +1 -1
  95. package/cjs/oidc/getUserInfo.js.map +1 -1
  96. package/cjs/oidc/getWithPopup.js.map +1 -1
  97. package/cjs/oidc/getWithRedirect.js.map +1 -1
  98. package/cjs/oidc/getWithoutPrompt.js.map +1 -1
  99. package/cjs/oidc/handleOAuthResponse.js.map +1 -1
  100. package/cjs/oidc/index.js +24 -24
  101. package/cjs/oidc/parseFromUrl.js +2 -2
  102. package/cjs/oidc/parseFromUrl.js.map +1 -1
  103. package/cjs/oidc/renewToken.js.map +1 -1
  104. package/cjs/oidc/renewTokens.js.map +1 -1
  105. package/cjs/oidc/renewTokensWithRefresh.js.map +1 -1
  106. package/cjs/oidc/revokeToken.js.map +1 -1
  107. package/cjs/oidc/util/browser.js +2 -2
  108. package/cjs/oidc/util/defaultTokenParams.js.map +1 -1
  109. package/cjs/oidc/util/errors.js +1 -1
  110. package/cjs/oidc/util/errors.js.map +1 -1
  111. package/cjs/oidc/util/loginRedirect.js +5 -5
  112. package/cjs/oidc/util/oauth.js +1 -1
  113. package/cjs/oidc/util/oauth.js.map +1 -1
  114. package/cjs/oidc/util/oauthMeta.js.map +1 -1
  115. package/cjs/oidc/util/pkce.js.map +1 -1
  116. package/cjs/oidc/util/prepareTokenParams.js +1 -1
  117. package/cjs/oidc/util/prepareTokenParams.js.map +1 -1
  118. package/cjs/oidc/util/refreshToken.js +1 -1
  119. package/cjs/oidc/util/refreshToken.js.map +1 -1
  120. package/cjs/oidc/util/validateToken.js.map +1 -1
  121. package/cjs/oidc/verifyToken.js.map +1 -1
  122. package/cjs/options/browser.js +2 -2
  123. package/cjs/options/browser.js.map +1 -1
  124. package/cjs/options/index.js +1 -1
  125. package/cjs/options/index.js.map +1 -1
  126. package/cjs/options/node.js +2 -2
  127. package/cjs/services/AutoRenewService.js.map +1 -1
  128. package/cjs/services/LeaderElectionService.js.map +1 -1
  129. package/cjs/services/SyncStorageService.js.map +1 -1
  130. package/cjs/session.js +2 -2
  131. package/cjs/session.js.map +1 -1
  132. package/cjs/tx/AuthTransaction.js.map +1 -1
  133. package/cjs/tx/api.js +4 -4
  134. package/cjs/tx/api.js.map +1 -1
  135. package/cjs/tx/poll.js.map +1 -1
  136. package/cjs/types/Token.js +1 -1
  137. package/cjs/types/TokenManager.js +1 -1
  138. package/cjs/types/Transaction.js +2 -2
  139. package/cjs/util/console.js +3 -3
  140. package/cjs/util/misc.js +2 -2
  141. package/cjs/util/object.js +3 -3
  142. package/cjs/util/sharedStorage.js +2 -2
  143. package/cjs/util/sharedStorage.js.map +1 -1
  144. package/cjs/util/types.js +3 -3
  145. package/cjs/util/url.js +3 -3
  146. package/cjs/util/url.js.map +1 -1
  147. package/dist/myaccount.umd.js +1 -1
  148. package/dist/myaccount.umd.js.map +1 -1
  149. package/dist/okta-auth-js.min.js +1 -1
  150. package/dist/okta-auth-js.min.js.map +1 -1
  151. package/dist/okta-auth-js.polyfill.js +1 -1
  152. package/dist/okta-auth-js.polyfill.js.map +1 -1
  153. package/dist/okta-auth-js.umd.js +1 -1
  154. package/dist/okta-auth-js.umd.js.map +1 -1
  155. package/esm/browser/OktaUserAgent.js +2 -2
  156. package/esm/browser/idx/authenticator/OktaPassword.js +4 -4
  157. package/esm/browser/idx/authenticator/OktaPassword.js.map +1 -1
  158. package/esm/browser/idx/remediators/Base/Remediator.js.map +1 -1
  159. package/esm/browser/idx/remediators/EnrollProfile.js +26 -0
  160. package/esm/browser/idx/remediators/EnrollProfile.js.map +1 -1
  161. package/esm/browser/idx/types/idx-js.js.map +1 -1
  162. package/esm/browser/util/url.js +1 -1
  163. package/esm/browser/util/url.js.map +1 -1
  164. package/esm/node/OktaUserAgent.js +2 -2
  165. package/esm/node/idx/authenticator/OktaPassword.js +4 -4
  166. package/esm/node/idx/authenticator/OktaPassword.js.map +1 -1
  167. package/esm/node/idx/remediators/Base/Remediator.js.map +1 -1
  168. package/esm/node/idx/remediators/EnrollProfile.js +26 -0
  169. package/esm/node/idx/remediators/EnrollProfile.js.map +1 -1
  170. package/esm/node/idx/types/idx-js.js.map +1 -1
  171. package/esm/node/util/url.js +1 -1
  172. package/esm/node/util/url.js.map +1 -1
  173. package/esm/package.json +1 -1
  174. package/lib/idx/authenticator/OktaPassword.d.ts +1 -0
  175. package/lib/idx/remediators/EnrollProfile.d.ts +11 -0
  176. package/lib/idx/types/idx-js.d.ts +4 -0
  177. package/package.json +14 -25
package/cjs/TokenManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"TokenManager.js","names":["DEFAULT_OPTIONS","autoRenew","autoRemove","syncStorage","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","defaultState","expireTimeouts","renewPromise","TokenManager","on","event","handler","context","emitter","off","constructor","sdk","options","AuthSdkError","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","useSeparateCookies","clock","SdkClock","create","state","hasSharedStorage","isSharedStorage","start","setExpireEventTimeoutAll","stop","clearExpireEventTimeoutAll","getOptions","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","EVENT_EXPIRED","emitRenewed","freshToken","oldToken","EVENT_RENEWED","emitAdded","EVENT_ADDED","emitRemoved","EVENT_REMOVED","emitError","error","EVENT_ERROR","clearExpireEventTimeout","clearTimeout","Object","prototype","hasOwnProperty","call","setExpireEventTimeout","expireEventWait","Math","max","expireEventTimeout","setTimeout","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","setStorage","emitSetStorageEvent","getSync","get","getTokensSync","tokens","forEach","accessToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","getTokenType","EVENT_SET_STORAGE","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","newToken","existingToken","remove","removedToken","renewToken","renew","validateToken","e","reject","renewTokens","then","tokenType","catch","err","tokenKey","finally","clear","clearStorage","removedTokens","pendingRemove","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","removeRefreshToken","addPendingRemoveFlags"],"sources":["../../lib/TokenManager.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from './util';\nimport { AuthSdkError } from './errors';\nimport { validateToken } from './oidc/util';\nimport { isLocalhost, isIE11OrLess } from './features';\nimport SdkClock from './clock';\nimport {\n EventEmitter,\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n StorageOptions,\n StorageType,\n OktaAuthInterface,\n StorageProvider,\n TokenManagerErrorEventHandler,\n TokenManagerSetStorageEventHandler,\n TokenManagerRenewEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken,\n AccessTokenCallback,\n IDTokenCallback,\n RefreshTokenCallback,\n EVENT_RENEWED,\n EVENT_ADDED,\n EVENT_ERROR,\n EVENT_EXPIRED,\n EVENT_REMOVED,\n EVENT_SET_STORAGE,\n TokenManagerAnyEventHandler,\n TokenManagerAnyEvent\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY, TOKEN_STORAGE_NAME } from './constants';\n\nconst DEFAULT_OPTIONS = {\n // TODO: remove in next major version - OKTA-473815\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n // --- //\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME\n};\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token | undefined> | null;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuthInterface;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n\n on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler: TokenManagerEventHandler, context?: object): void;\n on(event: TokenManagerAnyEvent, handler: TokenManagerAnyEventHandler, context?: object): void {\n if (context) {\n this.emitter.on(event, handler, context);\n } else {\n this.emitter.on(event, handler);\n }\n }\n\n off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler?: TokenManagerEventHandler): void;\n off(event: TokenManagerAnyEvent, handler?: TokenManagerAnyEventHandler): void {\n if (handler) {\n this.emitter.off(event, handler);\n } else {\n this.emitter.off(event);\n }\n }\n\n // eslint-disable-next-line complexity\n constructor(sdk: OktaAuthInterface, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n \n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n }\n\n // TODO: remove - https://oktainc.atlassian.net/browse/OKTA-529631\n hasSharedStorage() {\n return this.storage.isSharedStorage();\n }\n\n start() {\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.setExpireEventTimeoutAll();\n }\n \n stop() {\n this.clearExpireEventTimeoutAll();\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n var expireTime = token.expiresAt - expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key) {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key) {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n // for synchronization of LocalStorage cross tabs for IE11\n private emitSetStorageEvent() {\n if (isIE11OrLess()) {\n const storage = this.storage.getStorage();\n this.emitter.emit(EVENT_SET_STORAGE, storage);\n }\n }\n\n // used in `SyncStorageService` for synchronization of LocalStorage cross tabs for IE11\n public getStorage() {\n return this.storage;\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: AccessTokenCallback, \n idTokenCb?: IDTokenCallback,\n refreshTokenCb?: RefreshTokenCallback\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n this.emitSetStorageEvent();\n\n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token?.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token | undefined> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n \n try {\n var token = this.getSync(key);\n if (!token) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n } catch (e) {\n return Promise.reject(e);\n }\n \n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token from storage and emit error\n this.remove(key);\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return this.state.renewPromise;\n }\n \n clear() {\n const tokens = this.getTokensSync();\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n this.emitSetStorageEvent();\n\n Object.keys(tokens).forEach(key => {\n this.emitRemoved(key, tokens[key]);\n });\n }\n\n clearPendingRemoveTokens() {\n const tokenStorage = this.storage.getStorage();\n const removedTokens = {};\n Object.keys(tokenStorage).forEach(key => {\n if (tokenStorage[key].pendingRemove) {\n removedTokens[key] = tokenStorage[key];\n delete tokenStorage[key];\n }\n });\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n Object.keys(removedTokens).forEach(key => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, removedTokens[key]);\n });\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n }\n\n removeRefreshToken () {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n this.remove(key);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n"],"mappings":";;;;;;;;;;;;;;;;AAYA;;AACA;;AACA;;AACA;;AACA;;AACA;;AA+BA;;AAhDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAuCA,MAAMA,eAAe,GAAG;EACtB;EACAC,SAAS,EAAE,IAFW;EAGtBC,UAAU,EAAE,IAHU;EAItBC,WAAW,EAAE,IAJS;EAKtB;EACAC,wBAAwB,EAAE,IANJ;EAOtBC,OAAO,EAAEC,SAPa;EAOF;EACpBC,kBAAkB,EAAE,EARE;EAStBC,UAAU,EAAEC;AATU,CAAxB;;AAgBA,SAASC,YAAT,GAA2C;EACzC,OAAO;IACLC,cAAc,EAAE,EADX;IAELC,YAAY,EAAE;EAFT,CAAP;AAID;;AACM,MAAMC,YAAN,CAAoD;EAazDC,EAAE,CAACC,KAAD,EAA8BC,OAA9B,EAAoEC,OAApE,EAA4F;IAC5F,IAAIA,OAAJ,EAAa;MACX,KAAKC,OAAL,CAAaJ,EAAb,CAAgBC,KAAhB,EAAuBC,OAAvB,EAAgCC,OAAhC;IACD,CAFD,MAEO;MACL,KAAKC,OAAL,CAAaJ,EAAb,CAAgBC,KAAhB,EAAuBC,OAAvB;IACD;EACF;;EAODG,GAAG,CAACJ,KAAD,EAA8BC,OAA9B,EAA2E;IAC5E,IAAIA,OAAJ,EAAa;MACX,KAAKE,OAAL,CAAaC,GAAb,CAAiBJ,KAAjB,EAAwBC,OAAxB;IACD,CAFD,MAEO;MACL,KAAKE,OAAL,CAAaC,GAAb,CAAiBJ,KAAjB;IACD;EACF,CAhCwD,CAkCzD;;;EACAK,WAAW,CAACC,GAAD,EAAyBC,OAA4B,GAAG,EAAxD,EAA4D;IACrE,KAAKD,GAAL,GAAWA,GAAX;IACA,KAAKH,OAAL,GAAgBG,GAAD,CAAaH,OAA5B;;IACA,IAAI,CAAC,KAAKA,OAAV,EAAmB;MACjB,MAAM,IAAIK,oBAAJ,CAAiB,mDAAjB,CAAN;IACD;;IAEDD,OAAO,GAAG,qBAAc,EAAd,EAAkBtB,eAAlB,EAAmC,sBAAWsB,OAAX,CAAnC,CAAV;;IACA,IAAI,CAAC,4BAAL,EAAoB;MAClBA,OAAO,CAACf,kBAAR,GAA6BP,eAAe,CAACO,kBAA7C;IACD;;IAED,KAAKe,OAAL,GAAeA,OAAf;IAEA,MAAME,cAA8B,GAAG,sBAAW;MAChDhB,UAAU,EAAEc,OAAO,CAACd,UAD4B;MAEhDiB,MAAM,EAAEH,OAAO,CAACG;IAFgC,CAAX,CAAvC;;IAIA,IAAI,OAAOH,OAAO,CAACjB,OAAf,KAA2B,QAA/B,EAAyC;MACvC;MACAmB,cAAc,CAACE,eAAf,GAAiCJ,OAAO,CAACjB,OAAzC;IACD,CAHD,MAGO,IAAIiB,OAAO,CAACjB,OAAZ,EAAqB;MAC1BmB,cAAc,CAACG,WAAf,GAA6BL,OAAO,CAACjB,OAArC;IACD;;IAED,KAAKA,OAAL,GAAegB,GAAG,CAACO,cAAJ,CAAmBC,eAAnB,CAAmC,EAAC,GAAGL,cAAJ;MAAoBM,kBAAkB,EAAE;IAAxC,CAAnC,CAAf;IACA,KAAKC,KAAL,GAAaC,eAASC,MAAT,EAAb;IACA,KAAKC,KAAL,GAAaxB,YAAY,EAAzB;EACD,CA/DwD,CAiEzD;;;EACAyB,gBAAgB,GAAG;IACjB,OAAO,KAAK9B,OAAL,CAAa+B,eAAb,EAAP;EACD;;EAEDC,KAAK,GAAG;IACN,IAAI,KAAKf,OAAL,CAAalB,wBAAjB,EAA2C;MACzC,KAAKA,wBAAL;IACD;;IACD,KAAKkC,wBAAL;EACD;;EAEDC,IAAI,GAAG;IACL,KAAKC,0BAAL;EACD;;EAEDC,UAAU,GAAwB;IAChC,OAAO,iBAAM,KAAKnB,OAAX,CAAP;EACD;;EAEDoB,aAAa,CAACC,KAAD,EAAQ;IACnB,MAAMpC,kBAAkB,GAAG,KAAKe,OAAL,CAAaf,kBAAb,IAAmC,CAA9D;IACA,IAAIqC,UAAU,GAAGD,KAAK,CAACE,SAAN,GAAkBtC,kBAAnC;IACA,OAAOqC,UAAP;EACD;;EAEDE,UAAU,CAACH,KAAD,EAAQ;IAChB,IAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;IACA,OAAOC,UAAU,IAAI,KAAKb,KAAL,CAAWgB,GAAX,EAArB;EACD;;EAEDC,WAAW,CAACC,GAAD,EAAMN,KAAN,EAAa;IACtB,KAAKzB,OAAL,CAAagC,IAAb,CAAkBC,oBAAlB,EAAiCF,GAAjC,EAAsCN,KAAtC;EACD;;EAEDS,WAAW,CAACH,GAAD,EAAMI,UAAN,EAAkBC,QAAlB,EAA4B;IACrC,KAAKpC,OAAL,CAAagC,IAAb,CAAkBK,oBAAlB,EAAiCN,GAAjC,EAAsCI,UAAtC,EAAkDC,QAAlD;EACD;;EAEDE,SAAS,CAACP,GAAD,EAAMN,KAAN,EAAa;IACpB,KAAKzB,OAAL,CAAagC,IAAb,CAAkBO,kBAAlB,EAA+BR,GAA/B,EAAoCN,KAApC;EACD;;EAEDe,WAAW,CAACT,GAAD,EAAMN,KAAN,EAAc;IACvB,KAAKzB,OAAL,CAAagC,IAAb,CAAkBS,oBAAlB,EAAiCV,GAAjC,EAAsCN,KAAtC;EACD;;EAEDiB,SAAS,CAACC,KAAD,EAAQ;IACf,KAAK3C,OAAL,CAAagC,IAAb,CAAkBY,kBAAlB,EAA+BD,KAA/B;EACD;;EAEDE,uBAAuB,CAACd,GAAD,EAAM;IAC3Be,YAAY,CAAC,KAAK9B,KAAL,CAAWvB,cAAX,CAA0BsC,GAA1B,CAAD,CAAZ;IACA,OAAO,KAAKf,KAAL,CAAWvB,cAAX,CAA0BsC,GAA1B,CAAP,CAF2B,CAI3B;;IACA,KAAKf,KAAL,CAAWtB,YAAX,GAA0B,IAA1B;EACD;;EAED4B,0BAA0B,GAAG;IAC3B,IAAI7B,cAAc,GAAG,KAAKuB,KAAL,CAAWvB,cAAhC;;IACA,KAAK,IAAIsC,GAAT,IAAgBtC,cAAhB,EAAgC;MAC9B,IAAI,CAACsD,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCzD,cAArC,EAAqDsC,GAArD,CAAL,EAAgE;QAC9D;MACD;;MACD,KAAKc,uBAAL,CAA6Bd,GAA7B;IACD;EACF;;EAEDoB,qBAAqB,CAACpB,GAAD,EAAMN,KAAN,EAAa;IAChC,IAAI,2BAAeA,KAAf,CAAJ,EAA2B;MACzB;IACD;;IAED,IAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;IACA,IAAI2B,eAAe,GAAGC,IAAI,CAACC,GAAL,CAAS5B,UAAU,GAAG,KAAKb,KAAL,CAAWgB,GAAX,EAAtB,EAAwC,CAAxC,IAA6C,IAAnE,CANgC,CAQhC;;IACA,KAAKgB,uBAAL,CAA6Bd,GAA7B;IAEA,IAAIwB,kBAAkB,GAAGC,UAAU,CAAC,MAAM;MACxC,KAAK1B,WAAL,CAAiBC,GAAjB,EAAsBN,KAAtB;IACD,CAFkC,EAEhC2B,eAFgC,CAAnC,CAXgC,CAehC;;IACA,KAAKpC,KAAL,CAAWvB,cAAX,CAA0BsC,GAA1B,IAAiCwB,kBAAjC;EACD;;EAEDnC,wBAAwB,GAAG;IACzB,IAAIqC,YAAY,GAAG,KAAKtE,OAAL,CAAauE,UAAb,EAAnB;;IACA,KAAI,IAAI3B,GAAR,IAAe0B,YAAf,EAA6B;MAC3B,IAAI,CAACV,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCO,YAArC,EAAmD1B,GAAnD,CAAL,EAA8D;QAC5D;MACD;;MACD,IAAIN,KAAK,GAAGgC,YAAY,CAAC1B,GAAD,CAAxB;MACA,KAAKoB,qBAAL,CAA2BpB,GAA3B,EAAgCN,KAAhC;IACD;EACF,CAlKwD,CAoKzD;;;EACAkC,0BAA0B,GAAG;IAC3B,KAAKrC,0BAAL;IACA,KAAKF,wBAAL;EACD;;EAEDwC,GAAG,CAAC7B,GAAD,EAAMN,KAAN,EAAoB;IACrB,IAAIgC,YAAY,GAAG,KAAKtE,OAAL,CAAauE,UAAb,EAAnB;IACA,0BAAcjC,KAAd;IACAgC,YAAY,CAAC1B,GAAD,CAAZ,GAAoBN,KAApB;IACA,KAAKtC,OAAL,CAAa0E,UAAb,CAAwBJ,YAAxB;IACA,KAAKK,mBAAL;IACA,KAAKxB,SAAL,CAAeP,GAAf,EAAoBN,KAApB;IACA,KAAK0B,qBAAL,CAA2BpB,GAA3B,EAAgCN,KAAhC;EACD;;EAEDsC,OAAO,CAAChC,GAAD,EAAM;IACX,IAAI0B,YAAY,GAAG,KAAKtE,OAAL,CAAauE,UAAb,EAAnB;IACA,OAAOD,YAAY,CAAC1B,GAAD,CAAnB;EACD;;EAEQ,MAAHiC,GAAG,CAACjC,GAAD,EAAM;IACb,OAAO,KAAKgC,OAAL,CAAahC,GAAb,CAAP;EACD;;EAEDkC,aAAa,GAAW;IACtB,MAAMC,MAAM,GAAG,EAAf;IACA,MAAMT,YAAY,GAAG,KAAKtE,OAAL,CAAauE,UAAb,EAArB;IACA,mBAAYD,YAAZ,EAA0BU,OAA1B,CAAkCpC,GAAG,IAAI;MACvC,MAAMN,KAAK,GAAGgC,YAAY,CAAC1B,GAAD,CAA1B;;MACA,IAAI,0BAAcN,KAAd,CAAJ,EAA0B;QACxByC,MAAM,CAACE,WAAP,GAAqB3C,KAArB;MACD,CAFD,MAEO,IAAI,sBAAUA,KAAV,CAAJ,EAAsB;QAC3ByC,MAAM,CAACG,OAAP,GAAiB5C,KAAjB;MACD,CAFM,MAEA,IAAI,2BAAeA,KAAf,CAAJ,EAA2B;QAChCyC,MAAM,CAACI,YAAP,GAAsB7C,KAAtB;MACD;IACF,CATD;IAUA,OAAOyC,MAAP;EACD;;EAEc,MAATK,SAAS,GAAoB;IACjC,OAAO,KAAKN,aAAL,EAAP;EACD;;EAEDO,mBAAmB,CAACC,IAAD,EAA0B;IAAA;;IAC3C,MAAMhB,YAAY,GAAG,KAAKtE,OAAL,CAAauE,UAAb,EAArB;IACA,MAAM3B,GAAG,GAAG,mDAAY0B,YAAZ,kBAAiC1B,GAAG,IAAI;MAClD,MAAMN,KAAK,GAAGgC,YAAY,CAAC1B,GAAD,CAA1B;MACA,OAAQ,0BAAcN,KAAd,KAAwBgD,IAAI,KAAK,aAAlC,IACD,sBAAUhD,KAAV,KAAoBgD,IAAI,KAAK,SAD5B,IAED,2BAAehD,KAAf,KAAyBgD,IAAI,KAAK,cAFxC;IAGD,CALW,EAKT,CALS,CAAZ;IAMA,OAAO1C,GAAP;EACD;;EAEO2C,YAAY,CAACjD,KAAD,EAA0B;IAC5C,IAAI,0BAAcA,KAAd,CAAJ,EAA0B;MACxB,OAAO,aAAP;IACD;;IACD,IAAI,sBAAUA,KAAV,CAAJ,EAAsB;MACpB,OAAO,SAAP;IACD;;IACD,IAAG,2BAAeA,KAAf,CAAH,EAA0B;MACxB,OAAO,cAAP;IACD;;IACD,MAAM,IAAIpB,oBAAJ,CAAiB,oBAAjB,CAAN;EACD,CAvOwD,CAyOzD;;;EACQyD,mBAAmB,GAAG;IAC5B,IAAI,6BAAJ,EAAoB;MAClB,MAAM3E,OAAO,GAAG,KAAKA,OAAL,CAAauE,UAAb,EAAhB;MACA,KAAK1D,OAAL,CAAagC,IAAb,CAAkB2C,wBAAlB,EAAqCxF,OAArC;IACD;EACF,CA/OwD,CAiPzD;;;EACOuE,UAAU,GAAG;IAClB,OAAO,KAAKvE,OAAZ;EACD;;EAEDyF,SAAS,CACPV,MADO,EAEP;EACAW,aAHO,EAIPC,SAJO,EAKPC,cALO,EAMD;IACN,MAAMC,mBAAmB,GAAG,CAACjD,GAAD,EAAMN,KAAN,KAAgB;MAC1C,MAAMgD,IAAI,GAAG,KAAKC,YAAL,CAAkBjD,KAAlB,CAAb;;MACA,IAAIgD,IAAI,KAAK,aAAb,EAA4B;QAC1BI,aAAa,IAAIA,aAAa,CAAC9C,GAAD,EAAMN,KAAN,CAA9B;MACD,CAFD,MAEO,IAAIgD,IAAI,KAAK,SAAb,EAAwB;QAC7BK,SAAS,IAAIA,SAAS,CAAC/C,GAAD,EAAMN,KAAN,CAAtB;MACD,CAFM,MAEA,IAAIgD,IAAI,KAAK,cAAb,EAA6B;QAClCM,cAAc,IAAIA,cAAc,CAAChD,GAAD,EAAMN,KAAN,CAAhC;MACD;IACF,CATD;;IAUA,MAAMwD,WAAW,GAAG,CAAClD,GAAD,EAAMN,KAAN,KAAgB;MAClC,KAAKa,SAAL,CAAeP,GAAf,EAAoBN,KAApB;MACA,KAAK0B,qBAAL,CAA2BpB,GAA3B,EAAgCN,KAAhC;MACAuD,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;IACD,CAJD;;IAKA,MAAMyD,aAAa,GAAG,CAACnD,GAAD,EAAMN,KAAN,EAAaW,QAAb,KAA0B;MAC9C,KAAKF,WAAL,CAAiBH,GAAjB,EAAsBN,KAAtB,EAA6BW,QAA7B;MACA,KAAKS,uBAAL,CAA6Bd,GAA7B;MACA,KAAKoB,qBAAL,CAA2BpB,GAA3B,EAAgCN,KAAhC;MACAuD,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;IACD,CALD;;IAMA,MAAM0D,aAAa,GAAG,CAACpD,GAAD,EAAMN,KAAN,KAAgB;MACpC,KAAKoB,uBAAL,CAA6Bd,GAA7B;MACA,KAAKS,WAAL,CAAiBT,GAAjB,EAAsBN,KAAtB;MACAuD,mBAAmB,CAACjD,GAAD,EAAMN,KAAN,CAAnB;IACD,CAJD;;IAMA,MAAM2D,KAAkB,GAAG,CAAC,SAAD,EAAY,aAAZ,EAA2B,cAA3B,CAA3B;IACA,MAAMC,cAAc,GAAG,KAAKpB,aAAL,EAAvB,CA7BM,CA+BN;;IACAmB,KAAK,CAACjB,OAAN,CAAeM,IAAD,IAAU;MACtB,MAAMhD,KAAK,GAAGyC,MAAM,CAACO,IAAD,CAApB;;MACA,IAAIhD,KAAJ,EAAW;QACT,0BAAcA,KAAd,EAAqBgD,IAArB;MACD;IACF,CALD,EAhCM,CAuCN;;IACA,MAAMtF,OAAO,GAAG,qBAAAiG,KAAK,MAAL,CAAAA,KAAK,EAAQ,CAACjG,OAAD,EAAUsF,IAAV,KAAmB;MAC9C,MAAMhD,KAAK,GAAGyC,MAAM,CAACO,IAAD,CAApB;;MACA,IAAIhD,KAAJ,EAAW;QACT,MAAMnC,UAAU,GAAG,KAAKkF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;QACAtF,OAAO,CAACG,UAAD,CAAP,GAAsBmC,KAAtB;MACD;;MACD,OAAOtC,OAAP;IACD,CAPoB,EAOlB,EAPkB,CAArB;IAQA,KAAKA,OAAL,CAAa0E,UAAb,CAAwB1E,OAAxB;IACA,KAAK2E,mBAAL,GAjDM,CAmDN;;IACAsB,KAAK,CAACjB,OAAN,CAAcM,IAAI,IAAI;MACpB,MAAMa,QAAQ,GAAGpB,MAAM,CAACO,IAAD,CAAvB;MACA,MAAMc,aAAa,GAAGF,cAAc,CAACZ,IAAD,CAApC;MACA,MAAMnF,UAAU,GAAG,KAAKkF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;;MACA,IAAIa,QAAQ,IAAIC,aAAhB,EAA+B;QAAE;QAC/B;QACAJ,aAAa,CAAC7F,UAAD,EAAaiG,aAAb,CAAb;QACAN,WAAW,CAAC3F,UAAD,EAAagG,QAAb,CAAX;QACAJ,aAAa,CAAC5F,UAAD,EAAagG,QAAb,EAAuBC,aAAvB,CAAb;MACD,CALD,MAKO,IAAID,QAAJ,EAAc;QAAE;QACrBL,WAAW,CAAC3F,UAAD,EAAagG,QAAb,CAAX;MACD,CAFM,MAEA,IAAIC,aAAJ,EAAmB;QAAE;QAC1BJ,aAAa,CAAC7F,UAAD,EAAaiG,aAAb,CAAb;MACD;IACF,CAdD;EAeD;;EAEDC,MAAM,CAACzD,GAAD,EAAM;IACV;IACA,KAAKc,uBAAL,CAA6Bd,GAA7B;IAEA,IAAI0B,YAAY,GAAG,KAAKtE,OAAL,CAAauE,UAAb,EAAnB;IACA,IAAI+B,YAAY,GAAGhC,YAAY,CAAC1B,GAAD,CAA/B;IACA,OAAO0B,YAAY,CAAC1B,GAAD,CAAnB;IACA,KAAK5C,OAAL,CAAa0E,UAAb,CAAwBJ,YAAxB;IACA,KAAKK,mBAAL;IAEA,KAAKtB,WAAL,CAAiBT,GAAjB,EAAsB0D,YAAtB;EACD,CA5UwD,CA8UzD;;;EACgB,MAAVC,UAAU,CAACjE,KAAD,EAAQ;IAAA;;IACtB,0BAAO,KAAKtB,GAAL,CAASsB,KAAhB,oDAAO,gBAAgBkE,KAAhB,CAAsBlE,KAAtB,CAAP;EACD,CAjVwD,CAkVzD;;;EACAmE,aAAa,CAACnE,KAAD,EAAe;IAC1B,OAAO,0BAAcA,KAAd,CAAP;EACD,CArVwD,CAuVzD;;;EACAkE,KAAK,CAAC5D,GAAD,EAAkC;IACrC;IACA,IAAI,KAAKf,KAAL,CAAWtB,YAAf,EAA6B;MAC3B,OAAO,KAAKsB,KAAL,CAAWtB,YAAlB;IACD;;IAED,IAAI;MACF,IAAI+B,KAAK,GAAG,KAAKsC,OAAL,CAAahC,GAAb,CAAZ;;MACA,IAAI,CAACN,KAAL,EAAY;QACV,MAAM,IAAIpB,oBAAJ,CAAiB,gDAAgD0B,GAAjE,CAAN;MACD;IACF,CALD,CAKE,OAAO8D,CAAP,EAAU;MACV,OAAO,iBAAQC,MAAR,CAAeD,CAAf,CAAP;IACD,CAboC,CAerC;;;IACA,KAAKhD,uBAAL,CAA6Bd,GAA7B,EAhBqC,CAkBrC;IACA;;IACA,KAAKf,KAAL,CAAWtB,YAAX,GAA0B,KAAKS,GAAL,CAASsB,KAAT,CAAesE,WAAf,GACvBC,IADuB,CAClB9B,MAAM,IAAI;MACd,KAAKU,SAAL,CAAeV,MAAf,EADc,CAGd;;MACA,MAAM+B,SAAS,GAAG,KAAKvB,YAAL,CAAkBjD,KAAlB,CAAlB;MACA,OAAOyC,MAAM,CAAC+B,SAAD,CAAb;IACD,CAPuB,EAQvBC,KARuB,CAQjBC,GAAG,IAAI;MACZ;MACA,KAAKX,MAAL,CAAYzD,GAAZ;MACAoE,GAAG,CAACC,QAAJ,GAAerE,GAAf;MACA,KAAKW,SAAL,CAAeyD,GAAf;MACA,MAAMA,GAAN;IACD,CAduB,EAevBE,OAfuB,CAef,MAAM;MACb;MACA,KAAKrF,KAAL,CAAWtB,YAAX,GAA0B,IAA1B;IACD,CAlBuB,CAA1B;IAoBA,OAAO,KAAKsB,KAAL,CAAWtB,YAAlB;EACD;;EAED4G,KAAK,GAAG;IACN,MAAMpC,MAAM,GAAG,KAAKD,aAAL,EAAf;IACA,KAAK3C,0BAAL;IACA,KAAKnC,OAAL,CAAaoH,YAAb;IACA,KAAKzC,mBAAL;IAEA,mBAAYI,MAAZ,EAAoBC,OAApB,CAA4BpC,GAAG,IAAI;MACjC,KAAKS,WAAL,CAAiBT,GAAjB,EAAsBmC,MAAM,CAACnC,GAAD,CAA5B;IACD,CAFD;EAGD;;EAED7C,wBAAwB,GAAG;IACzB,MAAMuE,YAAY,GAAG,KAAKtE,OAAL,CAAauE,UAAb,EAArB;IACA,MAAM8C,aAAa,GAAG,EAAtB;IACA,mBAAY/C,YAAZ,EAA0BU,OAA1B,CAAkCpC,GAAG,IAAI;MACvC,IAAI0B,YAAY,CAAC1B,GAAD,CAAZ,CAAkB0E,aAAtB,EAAqC;QACnCD,aAAa,CAACzE,GAAD,CAAb,GAAqB0B,YAAY,CAAC1B,GAAD,CAAjC;QACA,OAAO0B,YAAY,CAAC1B,GAAD,CAAnB;MACD;IACF,CALD;IAMA,KAAK5C,OAAL,CAAa0E,UAAb,CAAwBJ,YAAxB;IACA,KAAKK,mBAAL;IACA,mBAAY0C,aAAZ,EAA2BrC,OAA3B,CAAmCpC,GAAG,IAAI;MACxC,KAAKc,uBAAL,CAA6Bd,GAA7B;MACA,KAAKS,WAAL,CAAiBT,GAAjB,EAAsByE,aAAa,CAACzE,GAAD,CAAnC;IACD,CAHD;EAID;;EAED2E,kBAAkB,CAACjF,KAAD,EAAsB;IACtC,MAAMM,GAAG,GAAG,KAAKyC,mBAAL,CAAyB,cAAzB,KAA4CmC,oCAAxD,CADsC,CAGtC;;;IACA,IAAIlD,YAAY,GAAG,KAAKtE,OAAL,CAAauE,UAAb,EAAnB;IACA,0BAAcjC,KAAd;IACAgC,YAAY,CAAC1B,GAAD,CAAZ,GAAoBN,KAApB;IACA,KAAKtC,OAAL,CAAa0E,UAAb,CAAwBJ,YAAxB;IACA,KAAKK,mBAAL;EACD;;EAED8C,kBAAkB,GAAI;IACpB,MAAM7E,GAAG,GAAG,KAAKyC,mBAAL,CAAyB,cAAzB,KAA4CmC,oCAAxD;;IACA,KAAKnB,MAAL,CAAYzD,GAAZ;EACD;;EAED8E,qBAAqB,GAAG;IACtB,MAAM3C,MAAM,GAAG,KAAKD,aAAL,EAAf;IACA,mBAAYC,MAAZ,EAAoBC,OAApB,CAA4BpC,GAAG,IAAI;MACjCmC,MAAM,CAACnC,GAAD,CAAN,CAAY0E,aAAZ,GAA4B,IAA5B;IACD,CAFD;IAGA,KAAK7B,SAAL,CAAeV,MAAf;EACD;;AArbwD"}
1
+ {"version":3,"file":"TokenManager.js","names":["DEFAULT_OPTIONS","autoRenew","autoRemove","syncStorage","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","defaultState","expireTimeouts","renewPromise","TokenManager","on","event","handler","context","emitter","off","constructor","sdk","options","AuthSdkError","removeNils","isLocalhost","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","useSeparateCookies","clock","SdkClock","create","state","hasSharedStorage","isSharedStorage","start","setExpireEventTimeoutAll","stop","clearExpireEventTimeoutAll","getOptions","clone","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","EVENT_EXPIRED","emitRenewed","freshToken","oldToken","EVENT_RENEWED","emitAdded","EVENT_ADDED","emitRemoved","EVENT_REMOVED","emitError","error","EVENT_ERROR","clearExpireEventTimeout","clearTimeout","Object","prototype","hasOwnProperty","call","setExpireEventTimeout","isRefreshToken","expireEventWait","Math","max","expireEventTimeout","setTimeout","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","validateToken","setStorage","emitSetStorageEvent","getSync","get","getTokensSync","tokens","forEach","isAccessToken","accessToken","isIDToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","getTokenType","isIE11OrLess","EVENT_SET_STORAGE","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","newToken","existingToken","remove","removedToken","renewToken","renew","e","reject","renewTokens","then","tokenType","catch","err","tokenKey","finally","clear","clearStorage","removedTokens","pendingRemove","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","removeRefreshToken","addPendingRemoveFlags"],"sources":["../../lib/TokenManager.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from './util';\nimport { AuthSdkError } from './errors';\nimport { validateToken } from './oidc/util';\nimport { isLocalhost, isIE11OrLess } from './features';\nimport SdkClock from './clock';\nimport {\n EventEmitter,\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n StorageOptions,\n StorageType,\n OktaAuthInterface,\n StorageProvider,\n TokenManagerErrorEventHandler,\n TokenManagerSetStorageEventHandler,\n TokenManagerRenewEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken,\n AccessTokenCallback,\n IDTokenCallback,\n RefreshTokenCallback,\n EVENT_RENEWED,\n EVENT_ADDED,\n EVENT_ERROR,\n EVENT_EXPIRED,\n EVENT_REMOVED,\n EVENT_SET_STORAGE,\n TokenManagerAnyEventHandler,\n TokenManagerAnyEvent\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY, TOKEN_STORAGE_NAME } from './constants';\n\nconst DEFAULT_OPTIONS = {\n // TODO: remove in next major version - OKTA-473815\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n // --- //\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME\n};\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token | undefined> | null;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuthInterface;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n\n on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler: TokenManagerEventHandler, context?: object): void;\n on(event: TokenManagerAnyEvent, handler: TokenManagerAnyEventHandler, context?: object): void {\n if (context) {\n this.emitter.on(event, handler, context);\n } else {\n this.emitter.on(event, handler);\n }\n }\n\n off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler?: TokenManagerEventHandler): void;\n off(event: TokenManagerAnyEvent, handler?: TokenManagerAnyEventHandler): void {\n if (handler) {\n this.emitter.off(event, handler);\n } else {\n this.emitter.off(event);\n }\n }\n\n // eslint-disable-next-line complexity\n constructor(sdk: OktaAuthInterface, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n \n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n }\n\n // TODO: remove - https://oktainc.atlassian.net/browse/OKTA-529631\n hasSharedStorage() {\n return this.storage.isSharedStorage();\n }\n\n start() {\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.setExpireEventTimeoutAll();\n }\n \n stop() {\n this.clearExpireEventTimeoutAll();\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n var expireTime = token.expiresAt - expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key) {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key) {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n // for synchronization of LocalStorage cross tabs for IE11\n private emitSetStorageEvent() {\n if (isIE11OrLess()) {\n const storage = this.storage.getStorage();\n this.emitter.emit(EVENT_SET_STORAGE, storage);\n }\n }\n\n // used in `SyncStorageService` for synchronization of LocalStorage cross tabs for IE11\n public getStorage() {\n return this.storage;\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: AccessTokenCallback, \n idTokenCb?: IDTokenCallback,\n refreshTokenCb?: RefreshTokenCallback\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n this.emitSetStorageEvent();\n\n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token?.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token | undefined> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n \n try {\n var token = this.getSync(key);\n if (!token) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n } catch (e) {\n return Promise.reject(e);\n }\n \n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token from storage and emit error\n this.remove(key);\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return this.state.renewPromise;\n }\n \n clear() {\n const tokens = this.getTokensSync();\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n this.emitSetStorageEvent();\n\n Object.keys(tokens).forEach(key => {\n this.emitRemoved(key, tokens[key]);\n });\n }\n\n clearPendingRemoveTokens() {\n const tokenStorage = this.storage.getStorage();\n const removedTokens = {};\n Object.keys(tokenStorage).forEach(key => {\n if (tokenStorage[key].pendingRemove) {\n removedTokens[key] = tokenStorage[key];\n delete tokenStorage[key];\n }\n });\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n Object.keys(removedTokens).forEach(key => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, removedTokens[key]);\n });\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n }\n\n removeRefreshToken () {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n this.remove(key);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n"],"mappings":";;;;;;;;;;;;;;;;AAYA;;AACA;;AACA;;AACA;;AACA;;AACA;;AA+BA;;AAhDA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAuCA,MAAMA,eAAe,GAAG;EACtB;EACAC,SAAS,EAAE,IAFW;EAGtBC,UAAU,EAAE,IAHU;EAItBC,WAAW,EAAE,IAJS;EAKtB;EACAC,wBAAwB,EAAE,IANJ;EAOtBC,OAAO,EAAEC,SAPa;EAOF;EACpBC,kBAAkB,EAAE,EARE;EAStBC,UAAU,EAAEC;AATU,CAAxB;;AAgBA,SAASC,YAAT,GAA2C;EACzC,OAAO;IACLC,cAAc,EAAE,EADX;IAELC,YAAY,EAAE;EAFT,CAAP;AAID;;AACM,MAAMC,YAAN,CAAoD;EAazDC,EAAE,CAACC,KAAD,EAA8BC,OAA9B,EAAoEC,OAApE,EAA4F;IAC5F,IAAIA,OAAJ,EAAa;MACX,KAAKC,OAAL,CAAaJ,EAAb,CAAgBC,KAAhB,EAAuBC,OAAvB,EAAgCC,OAAhC;IACD,CAFD,MAEO;MACL,KAAKC,OAAL,CAAaJ,EAAb,CAAgBC,KAAhB,EAAuBC,OAAvB;IACD;EACF;;EAODG,GAAG,CAACJ,KAAD,EAA8BC,OAA9B,EAA2E;IAC5E,IAAIA,OAAJ,EAAa;MACX,KAAKE,OAAL,CAAaC,GAAb,CAAiBJ,KAAjB,EAAwBC,OAAxB;IACD,CAFD,MAEO;MACL,KAAKE,OAAL,CAAaC,GAAb,CAAiBJ,KAAjB;IACD;EACF,CAhCwD,CAkCzD;;;EACAK,WAAW,CAACC,GAAD,EAAyBC,OAA4B,GAAG,EAAxD,EAA4D;IACrE,KAAKD,GAAL,GAAWA,GAAX;IACA,KAAKH,OAAL,GAAgBG,GAAD,CAAaH,OAA5B;;IACA,IAAI,CAAC,KAAKA,OAAV,EAAmB;MACjB,MAAM,IAAIK,oBAAJ,CAAiB,mDAAjB,CAAN;IACD;;IAEDD,OAAO,GAAG,qBAAc,EAAd,EAAkBtB,eAAlB,EAAmC,IAAAwB,gBAAA,EAAWF,OAAX,CAAnC,CAAV;;IACA,IAAI,CAAC,IAAAG,qBAAA,GAAL,EAAoB;MAClBH,OAAO,CAACf,kBAAR,GAA6BP,eAAe,CAACO,kBAA7C;IACD;;IAED,KAAKe,OAAL,GAAeA,OAAf;IAEA,MAAMI,cAA8B,GAAG,IAAAF,gBAAA,EAAW;MAChDhB,UAAU,EAAEc,OAAO,CAACd,UAD4B;MAEhDmB,MAAM,EAAEL,OAAO,CAACK;IAFgC,CAAX,CAAvC;;IAIA,IAAI,OAAOL,OAAO,CAACjB,OAAf,KAA2B,QAA/B,EAAyC;MACvC;MACAqB,cAAc,CAACE,eAAf,GAAiCN,OAAO,CAACjB,OAAzC;IACD,CAHD,MAGO,IAAIiB,OAAO,CAACjB,OAAZ,EAAqB;MAC1BqB,cAAc,CAACG,WAAf,GAA6BP,OAAO,CAACjB,OAArC;IACD;;IAED,KAAKA,OAAL,GAAegB,GAAG,CAACS,cAAJ,CAAmBC,eAAnB,CAAmC,EAAC,GAAGL,cAAJ;MAAoBM,kBAAkB,EAAE;IAAxC,CAAnC,CAAf;IACA,KAAKC,KAAL,GAAaC,cAAA,CAASC,MAAT,EAAb;IACA,KAAKC,KAAL,GAAa1B,YAAY,EAAzB;EACD,CA/DwD,CAiEzD;;;EACA2B,gBAAgB,GAAG;IACjB,OAAO,KAAKhC,OAAL,CAAaiC,eAAb,EAAP;EACD;;EAEDC,KAAK,GAAG;IACN,IAAI,KAAKjB,OAAL,CAAalB,wBAAjB,EAA2C;MACzC,KAAKA,wBAAL;IACD;;IACD,KAAKoC,wBAAL;EACD;;EAEDC,IAAI,GAAG;IACL,KAAKC,0BAAL;EACD;;EAEDC,UAAU,GAAwB;IAChC,OAAO,IAAAC,WAAA,EAAM,KAAKtB,OAAX,CAAP;EACD;;EAEDuB,aAAa,CAACC,KAAD,EAAQ;IACnB,MAAMvC,kBAAkB,GAAG,KAAKe,OAAL,CAAaf,kBAAb,IAAmC,CAA9D;IACA,IAAIwC,UAAU,GAAGD,KAAK,CAACE,SAAN,GAAkBzC,kBAAnC;IACA,OAAOwC,UAAP;EACD;;EAEDE,UAAU,CAACH,KAAD,EAAQ;IAChB,IAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;IACA,OAAOC,UAAU,IAAI,KAAKd,KAAL,CAAWiB,GAAX,EAArB;EACD;;EAEDC,WAAW,CAACC,GAAD,EAAMN,KAAN,EAAa;IACtB,KAAK5B,OAAL,CAAamC,IAAb,CAAkBC,oBAAlB,EAAiCF,GAAjC,EAAsCN,KAAtC;EACD;;EAEDS,WAAW,CAACH,GAAD,EAAMI,UAAN,EAAkBC,QAAlB,EAA4B;IACrC,KAAKvC,OAAL,CAAamC,IAAb,CAAkBK,oBAAlB,EAAiCN,GAAjC,EAAsCI,UAAtC,EAAkDC,QAAlD;EACD;;EAEDE,SAAS,CAACP,GAAD,EAAMN,KAAN,EAAa;IACpB,KAAK5B,OAAL,CAAamC,IAAb,CAAkBO,kBAAlB,EAA+BR,GAA/B,EAAoCN,KAApC;EACD;;EAEDe,WAAW,CAACT,GAAD,EAAMN,KAAN,EAAc;IACvB,KAAK5B,OAAL,CAAamC,IAAb,CAAkBS,oBAAlB,EAAiCV,GAAjC,EAAsCN,KAAtC;EACD;;EAEDiB,SAAS,CAACC,KAAD,EAAQ;IACf,KAAK9C,OAAL,CAAamC,IAAb,CAAkBY,kBAAlB,EAA+BD,KAA/B;EACD;;EAEDE,uBAAuB,CAACd,GAAD,EAAM;IAC3Be,YAAY,CAAC,KAAK/B,KAAL,CAAWzB,cAAX,CAA0ByC,GAA1B,CAAD,CAAZ;IACA,OAAO,KAAKhB,KAAL,CAAWzB,cAAX,CAA0ByC,GAA1B,CAAP,CAF2B,CAI3B;;IACA,KAAKhB,KAAL,CAAWxB,YAAX,GAA0B,IAA1B;EACD;;EAED8B,0BAA0B,GAAG;IAC3B,IAAI/B,cAAc,GAAG,KAAKyB,KAAL,CAAWzB,cAAhC;;IACA,KAAK,IAAIyC,GAAT,IAAgBzC,cAAhB,EAAgC;MAC9B,IAAI,CAACyD,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqC5D,cAArC,EAAqDyC,GAArD,CAAL,EAAgE;QAC9D;MACD;;MACD,KAAKc,uBAAL,CAA6Bd,GAA7B;IACD;EACF;;EAEDoB,qBAAqB,CAACpB,GAAD,EAAMN,KAAN,EAAa;IAChC,IAAI,IAAA2B,qBAAA,EAAe3B,KAAf,CAAJ,EAA2B;MACzB;IACD;;IAED,IAAIC,UAAU,GAAG,KAAKF,aAAL,CAAmBC,KAAnB,CAAjB;IACA,IAAI4B,eAAe,GAAGC,IAAI,CAACC,GAAL,CAAS7B,UAAU,GAAG,KAAKd,KAAL,CAAWiB,GAAX,EAAtB,EAAwC,CAAxC,IAA6C,IAAnE,CANgC,CAQhC;;IACA,KAAKgB,uBAAL,CAA6Bd,GAA7B;IAEA,IAAIyB,kBAAkB,GAAGC,UAAU,CAAC,MAAM;MACxC,KAAK3B,WAAL,CAAiBC,GAAjB,EAAsBN,KAAtB;IACD,CAFkC,EAEhC4B,eAFgC,CAAnC,CAXgC,CAehC;;IACA,KAAKtC,KAAL,CAAWzB,cAAX,CAA0ByC,GAA1B,IAAiCyB,kBAAjC;EACD;;EAEDrC,wBAAwB,GAAG;IACzB,IAAIuC,YAAY,GAAG,KAAK1E,OAAL,CAAa2E,UAAb,EAAnB;;IACA,KAAI,IAAI5B,GAAR,IAAe2B,YAAf,EAA6B;MAC3B,IAAI,CAACX,MAAM,CAACC,SAAP,CAAiBC,cAAjB,CAAgCC,IAAhC,CAAqCQ,YAArC,EAAmD3B,GAAnD,CAAL,EAA8D;QAC5D;MACD;;MACD,IAAIN,KAAK,GAAGiC,YAAY,CAAC3B,GAAD,CAAxB;MACA,KAAKoB,qBAAL,CAA2BpB,GAA3B,EAAgCN,KAAhC;IACD;EACF,CAlKwD,CAoKzD;;;EACAmC,0BAA0B,GAAG;IAC3B,KAAKvC,0BAAL;IACA,KAAKF,wBAAL;EACD;;EAED0C,GAAG,CAAC9B,GAAD,EAAMN,KAAN,EAAoB;IACrB,IAAIiC,YAAY,GAAG,KAAK1E,OAAL,CAAa2E,UAAb,EAAnB;IACA,IAAAG,oBAAA,EAAcrC,KAAd;IACAiC,YAAY,CAAC3B,GAAD,CAAZ,GAAoBN,KAApB;IACA,KAAKzC,OAAL,CAAa+E,UAAb,CAAwBL,YAAxB;IACA,KAAKM,mBAAL;IACA,KAAK1B,SAAL,CAAeP,GAAf,EAAoBN,KAApB;IACA,KAAK0B,qBAAL,CAA2BpB,GAA3B,EAAgCN,KAAhC;EACD;;EAEDwC,OAAO,CAAClC,GAAD,EAAM;IACX,IAAI2B,YAAY,GAAG,KAAK1E,OAAL,CAAa2E,UAAb,EAAnB;IACA,OAAOD,YAAY,CAAC3B,GAAD,CAAnB;EACD;;EAEQ,MAAHmC,GAAG,CAACnC,GAAD,EAAM;IACb,OAAO,KAAKkC,OAAL,CAAalC,GAAb,CAAP;EACD;;EAEDoC,aAAa,GAAW;IACtB,MAAMC,MAAM,GAAG,EAAf;IACA,MAAMV,YAAY,GAAG,KAAK1E,OAAL,CAAa2E,UAAb,EAArB;IACA,mBAAYD,YAAZ,EAA0BW,OAA1B,CAAkCtC,GAAG,IAAI;MACvC,MAAMN,KAAK,GAAGiC,YAAY,CAAC3B,GAAD,CAA1B;;MACA,IAAI,IAAAuC,oBAAA,EAAc7C,KAAd,CAAJ,EAA0B;QACxB2C,MAAM,CAACG,WAAP,GAAqB9C,KAArB;MACD,CAFD,MAEO,IAAI,IAAA+C,gBAAA,EAAU/C,KAAV,CAAJ,EAAsB;QAC3B2C,MAAM,CAACK,OAAP,GAAiBhD,KAAjB;MACD,CAFM,MAEA,IAAI,IAAA2B,qBAAA,EAAe3B,KAAf,CAAJ,EAA2B;QAChC2C,MAAM,CAACM,YAAP,GAAsBjD,KAAtB;MACD;IACF,CATD;IAUA,OAAO2C,MAAP;EACD;;EAEc,MAATO,SAAS,GAAoB;IACjC,OAAO,KAAKR,aAAL,EAAP;EACD;;EAEDS,mBAAmB,CAACC,IAAD,EAA0B;IAAA;;IAC3C,MAAMnB,YAAY,GAAG,KAAK1E,OAAL,CAAa2E,UAAb,EAArB;IACA,MAAM5B,GAAG,GAAG,mDAAY2B,YAAZ,kBAAiC3B,GAAG,IAAI;MAClD,MAAMN,KAAK,GAAGiC,YAAY,CAAC3B,GAAD,CAA1B;MACA,OAAQ,IAAAuC,oBAAA,EAAc7C,KAAd,KAAwBoD,IAAI,KAAK,aAAlC,IACD,IAAAL,gBAAA,EAAU/C,KAAV,KAAoBoD,IAAI,KAAK,SAD5B,IAED,IAAAzB,qBAAA,EAAe3B,KAAf,KAAyBoD,IAAI,KAAK,cAFxC;IAGD,CALW,EAKT,CALS,CAAZ;IAMA,OAAO9C,GAAP;EACD;;EAEO+C,YAAY,CAACrD,KAAD,EAA0B;IAC5C,IAAI,IAAA6C,oBAAA,EAAc7C,KAAd,CAAJ,EAA0B;MACxB,OAAO,aAAP;IACD;;IACD,IAAI,IAAA+C,gBAAA,EAAU/C,KAAV,CAAJ,EAAsB;MACpB,OAAO,SAAP;IACD;;IACD,IAAG,IAAA2B,qBAAA,EAAe3B,KAAf,CAAH,EAA0B;MACxB,OAAO,cAAP;IACD;;IACD,MAAM,IAAIvB,oBAAJ,CAAiB,oBAAjB,CAAN;EACD,CAvOwD,CAyOzD;;;EACQ8D,mBAAmB,GAAG;IAC5B,IAAI,IAAAe,sBAAA,GAAJ,EAAoB;MAClB,MAAM/F,OAAO,GAAG,KAAKA,OAAL,CAAa2E,UAAb,EAAhB;MACA,KAAK9D,OAAL,CAAamC,IAAb,CAAkBgD,wBAAlB,EAAqChG,OAArC;IACD;EACF,CA/OwD,CAiPzD;;;EACO2E,UAAU,GAAG;IAClB,OAAO,KAAK3E,OAAZ;EACD;;EAEDiG,SAAS,CACPb,MADO,EAEP;EACAc,aAHO,EAIPC,SAJO,EAKPC,cALO,EAMD;IACN,MAAMC,mBAAmB,GAAG,CAACtD,GAAD,EAAMN,KAAN,KAAgB;MAC1C,MAAMoD,IAAI,GAAG,KAAKC,YAAL,CAAkBrD,KAAlB,CAAb;;MACA,IAAIoD,IAAI,KAAK,aAAb,EAA4B;QAC1BK,aAAa,IAAIA,aAAa,CAACnD,GAAD,EAAMN,KAAN,CAA9B;MACD,CAFD,MAEO,IAAIoD,IAAI,KAAK,SAAb,EAAwB;QAC7BM,SAAS,IAAIA,SAAS,CAACpD,GAAD,EAAMN,KAAN,CAAtB;MACD,CAFM,MAEA,IAAIoD,IAAI,KAAK,cAAb,EAA6B;QAClCO,cAAc,IAAIA,cAAc,CAACrD,GAAD,EAAMN,KAAN,CAAhC;MACD;IACF,CATD;;IAUA,MAAM6D,WAAW,GAAG,CAACvD,GAAD,EAAMN,KAAN,KAAgB;MAClC,KAAKa,SAAL,CAAeP,GAAf,EAAoBN,KAApB;MACA,KAAK0B,qBAAL,CAA2BpB,GAA3B,EAAgCN,KAAhC;MACA4D,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;IACD,CAJD;;IAKA,MAAM8D,aAAa,GAAG,CAACxD,GAAD,EAAMN,KAAN,EAAaW,QAAb,KAA0B;MAC9C,KAAKF,WAAL,CAAiBH,GAAjB,EAAsBN,KAAtB,EAA6BW,QAA7B;MACA,KAAKS,uBAAL,CAA6Bd,GAA7B;MACA,KAAKoB,qBAAL,CAA2BpB,GAA3B,EAAgCN,KAAhC;MACA4D,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;IACD,CALD;;IAMA,MAAM+D,aAAa,GAAG,CAACzD,GAAD,EAAMN,KAAN,KAAgB;MACpC,KAAKoB,uBAAL,CAA6Bd,GAA7B;MACA,KAAKS,WAAL,CAAiBT,GAAjB,EAAsBN,KAAtB;MACA4D,mBAAmB,CAACtD,GAAD,EAAMN,KAAN,CAAnB;IACD,CAJD;;IAMA,MAAMgE,KAAkB,GAAG,CAAC,SAAD,EAAY,aAAZ,EAA2B,cAA3B,CAA3B;IACA,MAAMC,cAAc,GAAG,KAAKvB,aAAL,EAAvB,CA7BM,CA+BN;;IACAsB,KAAK,CAACpB,OAAN,CAAeQ,IAAD,IAAU;MACtB,MAAMpD,KAAK,GAAG2C,MAAM,CAACS,IAAD,CAApB;;MACA,IAAIpD,KAAJ,EAAW;QACT,IAAAqC,oBAAA,EAAcrC,KAAd,EAAqBoD,IAArB;MACD;IACF,CALD,EAhCM,CAuCN;;IACA,MAAM7F,OAAO,GAAG,qBAAAyG,KAAK,MAAL,CAAAA,KAAK,EAAQ,CAACzG,OAAD,EAAU6F,IAAV,KAAmB;MAC9C,MAAMpD,KAAK,GAAG2C,MAAM,CAACS,IAAD,CAApB;;MACA,IAAIpD,KAAJ,EAAW;QACT,MAAMtC,UAAU,GAAG,KAAKyF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;QACA7F,OAAO,CAACG,UAAD,CAAP,GAAsBsC,KAAtB;MACD;;MACD,OAAOzC,OAAP;IACD,CAPoB,EAOlB,EAPkB,CAArB;IAQA,KAAKA,OAAL,CAAa+E,UAAb,CAAwB/E,OAAxB;IACA,KAAKgF,mBAAL,GAjDM,CAmDN;;IACAyB,KAAK,CAACpB,OAAN,CAAcQ,IAAI,IAAI;MACpB,MAAMc,QAAQ,GAAGvB,MAAM,CAACS,IAAD,CAAvB;MACA,MAAMe,aAAa,GAAGF,cAAc,CAACb,IAAD,CAApC;MACA,MAAM1F,UAAU,GAAG,KAAKyF,mBAAL,CAAyBC,IAAzB,KAAkCA,IAArD;;MACA,IAAIc,QAAQ,IAAIC,aAAhB,EAA+B;QAAE;QAC/B;QACAJ,aAAa,CAACrG,UAAD,EAAayG,aAAb,CAAb;QACAN,WAAW,CAACnG,UAAD,EAAawG,QAAb,CAAX;QACAJ,aAAa,CAACpG,UAAD,EAAawG,QAAb,EAAuBC,aAAvB,CAAb;MACD,CALD,MAKO,IAAID,QAAJ,EAAc;QAAE;QACrBL,WAAW,CAACnG,UAAD,EAAawG,QAAb,CAAX;MACD,CAFM,MAEA,IAAIC,aAAJ,EAAmB;QAAE;QAC1BJ,aAAa,CAACrG,UAAD,EAAayG,aAAb,CAAb;MACD;IACF,CAdD;EAeD;;EAEDC,MAAM,CAAC9D,GAAD,EAAM;IACV;IACA,KAAKc,uBAAL,CAA6Bd,GAA7B;IAEA,IAAI2B,YAAY,GAAG,KAAK1E,OAAL,CAAa2E,UAAb,EAAnB;IACA,IAAImC,YAAY,GAAGpC,YAAY,CAAC3B,GAAD,CAA/B;IACA,OAAO2B,YAAY,CAAC3B,GAAD,CAAnB;IACA,KAAK/C,OAAL,CAAa+E,UAAb,CAAwBL,YAAxB;IACA,KAAKM,mBAAL;IAEA,KAAKxB,WAAL,CAAiBT,GAAjB,EAAsB+D,YAAtB;EACD,CA5UwD,CA8UzD;;;EACgB,MAAVC,UAAU,CAACtE,KAAD,EAAQ;IAAA;;IACtB,0BAAO,KAAKzB,GAAL,CAASyB,KAAhB,oDAAO,gBAAgBuE,KAAhB,CAAsBvE,KAAtB,CAAP;EACD,CAjVwD,CAkVzD;;;EACAqC,aAAa,CAACrC,KAAD,EAAe;IAC1B,OAAO,IAAAqC,oBAAA,EAAcrC,KAAd,CAAP;EACD,CArVwD,CAuVzD;;;EACAuE,KAAK,CAACjE,GAAD,EAAkC;IACrC;IACA,IAAI,KAAKhB,KAAL,CAAWxB,YAAf,EAA6B;MAC3B,OAAO,KAAKwB,KAAL,CAAWxB,YAAlB;IACD;;IAED,IAAI;MACF,IAAIkC,KAAK,GAAG,KAAKwC,OAAL,CAAalC,GAAb,CAAZ;;MACA,IAAI,CAACN,KAAL,EAAY;QACV,MAAM,IAAIvB,oBAAJ,CAAiB,gDAAgD6B,GAAjE,CAAN;MACD;IACF,CALD,CAKE,OAAOkE,CAAP,EAAU;MACV,OAAO,iBAAQC,MAAR,CAAeD,CAAf,CAAP;IACD,CAboC,CAerC;;;IACA,KAAKpD,uBAAL,CAA6Bd,GAA7B,EAhBqC,CAkBrC;IACA;;IACA,KAAKhB,KAAL,CAAWxB,YAAX,GAA0B,KAAKS,GAAL,CAASyB,KAAT,CAAe0E,WAAf,GACvBC,IADuB,CAClBhC,MAAM,IAAI;MACd,KAAKa,SAAL,CAAeb,MAAf,EADc,CAGd;;MACA,MAAMiC,SAAS,GAAG,KAAKvB,YAAL,CAAkBrD,KAAlB,CAAlB;MACA,OAAO2C,MAAM,CAACiC,SAAD,CAAb;IACD,CAPuB,EAQvBC,KARuB,CAQjBC,GAAG,IAAI;MACZ;MACA,KAAKV,MAAL,CAAY9D,GAAZ;MACAwE,GAAG,CAACC,QAAJ,GAAezE,GAAf;MACA,KAAKW,SAAL,CAAe6D,GAAf;MACA,MAAMA,GAAN;IACD,CAduB,EAevBE,OAfuB,CAef,MAAM;MACb;MACA,KAAK1F,KAAL,CAAWxB,YAAX,GAA0B,IAA1B;IACD,CAlBuB,CAA1B;IAoBA,OAAO,KAAKwB,KAAL,CAAWxB,YAAlB;EACD;;EAEDmH,KAAK,GAAG;IACN,MAAMtC,MAAM,GAAG,KAAKD,aAAL,EAAf;IACA,KAAK9C,0BAAL;IACA,KAAKrC,OAAL,CAAa2H,YAAb;IACA,KAAK3C,mBAAL;IAEA,mBAAYI,MAAZ,EAAoBC,OAApB,CAA4BtC,GAAG,IAAI;MACjC,KAAKS,WAAL,CAAiBT,GAAjB,EAAsBqC,MAAM,CAACrC,GAAD,CAA5B;IACD,CAFD;EAGD;;EAEDhD,wBAAwB,GAAG;IACzB,MAAM2E,YAAY,GAAG,KAAK1E,OAAL,CAAa2E,UAAb,EAArB;IACA,MAAMiD,aAAa,GAAG,EAAtB;IACA,mBAAYlD,YAAZ,EAA0BW,OAA1B,CAAkCtC,GAAG,IAAI;MACvC,IAAI2B,YAAY,CAAC3B,GAAD,CAAZ,CAAkB8E,aAAtB,EAAqC;QACnCD,aAAa,CAAC7E,GAAD,CAAb,GAAqB2B,YAAY,CAAC3B,GAAD,CAAjC;QACA,OAAO2B,YAAY,CAAC3B,GAAD,CAAnB;MACD;IACF,CALD;IAMA,KAAK/C,OAAL,CAAa+E,UAAb,CAAwBL,YAAxB;IACA,KAAKM,mBAAL;IACA,mBAAY4C,aAAZ,EAA2BvC,OAA3B,CAAmCtC,GAAG,IAAI;MACxC,KAAKc,uBAAL,CAA6Bd,GAA7B;MACA,KAAKS,WAAL,CAAiBT,GAAjB,EAAsB6E,aAAa,CAAC7E,GAAD,CAAnC;IACD,CAHD;EAID;;EAED+E,kBAAkB,CAACrF,KAAD,EAAsB;IACtC,MAAMM,GAAG,GAAG,KAAK6C,mBAAL,CAAyB,cAAzB,KAA4CmC,oCAAxD,CADsC,CAGtC;;;IACA,IAAIrD,YAAY,GAAG,KAAK1E,OAAL,CAAa2E,UAAb,EAAnB;IACA,IAAAG,oBAAA,EAAcrC,KAAd;IACAiC,YAAY,CAAC3B,GAAD,CAAZ,GAAoBN,KAApB;IACA,KAAKzC,OAAL,CAAa+E,UAAb,CAAwBL,YAAxB;IACA,KAAKM,mBAAL;EACD;;EAEDgD,kBAAkB,GAAI;IACpB,MAAMjF,GAAG,GAAG,KAAK6C,mBAAL,CAAyB,cAAzB,KAA4CmC,oCAAxD;;IACA,KAAKlB,MAAL,CAAY9D,GAAZ;EACD;;EAEDkF,qBAAqB,GAAG;IACtB,MAAM7C,MAAM,GAAG,KAAKD,aAAL,EAAf;IACA,mBAAYC,MAAZ,EAAoBC,OAApB,CAA4BtC,GAAG,IAAI;MACjCqC,MAAM,CAACrC,GAAD,CAAN,CAAY8E,aAAZ,GAA4B,IAA5B;IACD,CAFD;IAGA,KAAK5B,SAAL,CAAeb,MAAf;EACD;;AArbwD"}
package/cjs/TransactionManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"TransactionManager.js","names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","saveLastResponse","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearSharedStorage","state","clearIdxResponse","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","muteWarning","setStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","loadLegacyOAuthParams","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","undefined","getLegacyOAuthParamsStorage","saveIdxResponse","data","getIdxResponseStorage","loadIdxResponse","storedValue","rawIdxResponse","stateHandle","interactionHandle"],"sources":["../../lib/TransactionManager.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport { StorageManager } from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage,\n SavedIdxResponse,\n IntrospectOptions\n} from './types';\nimport { isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n clearSharedStorage?: boolean; // true by default\n clearIdxResponse?: boolean; // true by default\n}\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n enableSharedStorage: boolean;\n saveLastResponse: boolean;\n\n constructor(options: TransactionManagerOptions) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.storageManager = options.storageManager!;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.saveLastResponse = options.saveLastResponse === false ? false : true;\n this.options = options;\n }\n\n // eslint-disable-next-line complexity\n clear(options: ClearTransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n const meta = transactionStorage.getStorage();\n\n // Clear primary storage (by default, sessionStorage on browser)\n transactionStorage.clearStorage();\n\n // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow\n if (this.enableSharedStorage && options.clearSharedStorage !== false) {\n const state = options.state || meta?.state;\n if (state) {\n clearTransactionFromSharedStorage(this.storageManager, state);\n }\n }\n\n if (options.clearIdxResponse !== false) {\n this.clearIdxResponse();\n }\n \n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n\n if (!options.oauth) {\n return;\n }\n \n // Legacy cookie storage\n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta | null {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n \n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse(data: SavedIdxResponse): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(data);\n }\n\n // eslint-disable-next-line complexity\n loadIdxResponse(options?: IntrospectOptions): SavedIdxResponse | null {\n if (!this.saveLastResponse) {\n return null;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const storedValue = storage.getStorage();\n if (!storedValue || !isRawIdxResponse(storedValue.rawIdxResponse)) {\n return null;\n }\n\n if (options) {\n const { stateHandle, interactionHandle } = options;\n if (stateHandle && storedValue.stateHandle !== stateHandle) {\n return null;\n }\n if (interactionHandle && storedValue.interactionHandle !== interactionHandle) {\n return null;\n }\n }\n\n return storedValue;\n }\n\n clearIdxResponse(): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n storage?.clearStorage();\n }\n}"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAEA;;AAaA;;AACA;;AACA;;AA/BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAgCe,MAAMA,kBAAN,CAAyB;EAUtCC,WAAW,CAACC,OAAD,EAAqC;IAC9C;IACA,KAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;IACA,KAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;IACA,KAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;IACA,KAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;IACA,KAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;IACA,KAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;IACA,KAAKC,gBAAL,GAAwBP,OAAO,CAACO,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;IACA,KAAKP,OAAL,GAAeA,OAAf;EACD,CApBqC,CAsBtC;;;EACAQ,KAAK,CAACR,OAAoC,GAAG,EAAxC,EAA4C;IAC/C,MAAMS,kBAAmC,GAAG,KAAKR,cAAL,CAAoBS,qBAApB,EAA5C;IACA,MAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;IACAH,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;IACA,IAAI,KAAKP,mBAAL,IAA4BN,OAAO,CAACc,kBAAR,KAA+B,KAA/D,EAAsE;MACpE,MAAMC,KAAK,GAAGf,OAAO,CAACe,KAAR,KAAiBJ,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEI,KAAvB,CAAd;;MACA,IAAIA,KAAJ,EAAW;QACT,sDAAkC,KAAKd,cAAvC,EAAuDc,KAAvD;MACD;IACF;;IAED,IAAIf,OAAO,CAACgB,gBAAR,KAA6B,KAAjC,EAAwC;MACtC,KAAKA,gBAAL;IACD;;IAED,IAAI,CAAC,KAAKd,mBAAV,EAA+B;MAC7B;IACD,CArB8C,CAuB/C;;;IACA,IAAIF,OAAO,CAACiB,KAAZ,EAAmB;MACjB,KAAKC,sBAAL;IACD;;IAED,IAAIlB,OAAO,CAACmB,IAAZ,EAAkB;MAChB,KAAKC,eAAL;IACD;EACF,CAtDqC,CAwDtC;;;EACAC,IAAI,CAACV,IAAD,EAAwBX,OAA+B,GAAG,EAA1D,EAA8D;IAChE;IACA;IACA;IAEA,IAAIsB,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;IACA,MAAMa,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAZ,CANgE,CAOhE;IACA;IACA;;IACA,IAAI,8BAAkBW,GAAlB,KAA0B,CAACvB,OAAO,CAACwB,WAAvC,EAAoD;MAClD;MACA,gBAAK,yGAAL;IACD;;IAEDF,OAAO,CAACG,UAAR,CAAmBd,IAAnB,EAfgE,CAiBhE;;IACA,IAAI,KAAKL,mBAAL,IAA4BK,IAAI,CAACI,KAArC,EAA4C;MAC1C,mDAA+B,KAAKd,cAApC,EAAoDU,IAAI,CAACI,KAAzD,EAAgEJ,IAAhE;IACD;;IAED,IAAI,CAACX,OAAO,CAACiB,KAAb,EAAoB;MAClB;IACD,CAxB+D,CA0BhE;;;IACA,IAAI,KAAKd,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;MACzE,MAAMqB,aAA4B,GAAG,KAAKzB,cAAL,CAAoBW,UAApB,CAA+B;QAAEe,WAAW,EAAE;MAAf,CAA/B,CAArC;;MAEA,IAAI,KAAKtB,gBAAT,EAA2B;QACzB,MAAM;UACJuB,YADI;UAEJb,KAFI;UAGJc,KAHI;UAIJC,MAJI;UAKJC,QALI;UAMJC,IANI;UAOJC;QAPI,IAQFtB,IARJ;QASA,MAAMuB,WAAW,GAAG;UAClBN,YADkB;UAElBb,KAFkB;UAGlBc,KAHkB;UAIlBC,MAJkB;UAKlBC,QALkB;UAMlBC,IANkB;UAOlBC;QAPkB,CAApB;QASAP,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkD,wBAAeF,WAAf,CAAlD,EAA+E,IAA/E;MACD;;MAED,IAAI,KAAK/B,eAAL,IAAwBQ,IAAI,CAACkB,KAAjC,EAAwC;QACtC;QACAH,aAAa,CAACS,OAAd,CAAsBE,qCAAtB,EAAkD1B,IAAI,CAACkB,KAAvD,EAA8D,IAA9D;MACD;;MAED,IAAI,KAAKzB,eAAL,IAAwBO,IAAI,CAACI,KAAjC,EAAwC;QACtC;QACAW,aAAa,CAACS,OAAd,CAAsBG,qCAAtB,EAAkD3B,IAAI,CAACI,KAAvD,EAA8D,IAA9D;MACD;IACF;EACF;;EAEDwB,MAAM,CAACvC,OAA+B,GAAG,EAAnC,EAAgD;IACpD,IAAI;MACF,MAAMW,IAAI,GAAG,KAAK6B,IAAL,CAAUxC,OAAV,CAAb;MACA,OAAO,CAAC,CAACW,IAAT;IACD,CAHD,CAGE,MAAM;MACN,OAAO,KAAP;IACD;EACF,CAhIqC,CAkItC;EACA;;;EACA6B,IAAI,CAACxC,OAA+B,GAAG,EAAnC,EAA+D;IAEjE,IAAIW,IAAJ,CAFiE,CAIjE;;IACA,IAAI,KAAKL,mBAAL,IAA4BN,OAAO,CAACe,KAAxC,EAA+C;MAC7C,uCAAmB,KAAKd,cAAxB,EAD6C,CACJ;;MACzCU,IAAI,GAAG,qDAAiC,KAAKV,cAAtC,EAAsDD,OAAO,CAACe,KAA9D,CAAP;;MACA,IAAI,8BAAkBJ,IAAlB,CAAJ,EAA6B;QAC3B,OAAOA,IAAP;MACD;IACF;;IAED,IAAIW,OAAwB,GAAG,KAAKrB,cAAL,CAAoBS,qBAApB,EAA/B;IACAC,IAAI,GAAGW,OAAO,CAACV,UAAR,EAAP;;IACA,IAAI,8BAAkBD,IAAlB,CAAJ,EAA6B;MAC3B;MACA,OAAOA,IAAP;IACD;;IAED,IAAI,CAAC,KAAKT,mBAAV,EAA+B;MAC7B,OAAO,IAAP;IACD,CAtBgE,CAwBjE;;;IACA,IAAIF,OAAO,CAACiB,KAAZ,EAAmB;MACjB,IAAI;QACF,MAAMiB,WAAW,GAAG,KAAKO,qBAAL,EAApB;QACA,qBAAc9B,IAAd,EAAoBuB,WAApB;MACD,CAHD,SAGU;QACR,KAAKhB,sBAAL;MACD;IACF;;IAED,IAAIlB,OAAO,CAACmB,IAAZ,EAAkB;MAChB,IAAI;QACF,MAAMuB,QAA6B,GAAG,KAAKC,cAAL,EAAtC;QACA,qBAAchC,IAAd,EAAoB+B,QAApB;MACD,CAHD,SAGU;QACR,KAAKtB,eAAL;MACD;IACF;;IAED,IAAI,8BAAkBT,IAAlB,CAAJ,EAA6B;MAC3B,OAAOA,IAAP;IACD;;IACD,OAAO,IAAP;EACD,CAnLqC,CAqLtC;;;EACAS,eAAe,GAAS;IACtB;IACA,IAAIE,OAAJ;;IAEA,IAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;MACnEvB,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;QAAEnB,WAAW,EAAE;MAAf,CAAzC,CAAV;MACAL,OAAO,CAACT,YAAR;IACD;;IAED,IAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;MACrEvB,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;QAAEnB,WAAW,EAAE;MAAf,CAAzC,CAAV;MACAL,OAAO,CAACT,YAAR;IACD;EACF;;EAED8B,cAAc,GAAwB;IACpC,IAAIrB,OAAJ;IACA,IAAIC,GAAJ,CAFoC,CAIpC;;IACA,IAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;MACnEvB,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;QAAEnB,WAAW,EAAE;MAAf,CAAzC,CAAV;MACAJ,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;MACA,IAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;QAC3B,OAAOxB,GAAP;MACD;IACF,CAXmC,CAapC;;;IACA,IAAI,KAAKtB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;MACrEvB,OAAO,GAAG,KAAKrB,cAAL,CAAoB6C,oBAApB,CAAyC;QAAEnB,WAAW,EAAE;MAAf,CAAzC,CAAV;MACAJ,GAAG,GAAGD,OAAO,CAACV,UAAR,EAAN;;MACA,IAAIW,GAAG,IAAIA,GAAG,CAACwB,YAAf,EAA6B;QAC3B,OAAOxB,GAAP;MACD;IACF,CApBmC,CAsBpC;IACA;IACA;;;IACA,MAAM,IAAIyB,oBAAJ,CAAiB,yJAAjB,EAA4KC,SAA5K,CAAN;EACD;;EAED/B,sBAAsB,GAAS;IAC7B;IACA,IAAII,OAAJ;;IAEA,IAAI,KAAKrB,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;MACrEvB,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;QAAEvB,WAAW,EAAE;MAAf,CAAhD,CAAV;MACAL,OAAO,CAACT,YAAR;IACD;;IAED,IAAI,KAAKZ,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;MAC7DvB,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;QAAEvB,WAAW,EAAE;MAAf,CAAhD,CAAV;MACAL,OAAO,CAACT,YAAR;IACD;EACF;;EAED4B,qBAAqB,GAAyB;IAC5C,IAAInB,OAAJ;IACA,IAAIY,WAAJ,CAF4C,CAI5C;;IACA,IAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;MACrEvB,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;QAAEvB,WAAW,EAAE;MAAf,CAAhD,CAAV;MACAO,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;IACD;;IACD,IAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;MACvC,OAAOA,WAAP;IACD,CAX2C,CAa5C;;;IACA,IAAI,KAAKjC,cAAL,CAAoB2C,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;MAC7DvB,OAAO,GAAG,KAAKrB,cAAL,CAAoBiD,2BAApB,CAAgD;QAAEvB,WAAW,EAAE;MAAf,CAAhD,CAAV;MACAO,WAAW,GAAGZ,OAAO,CAACV,UAAR,EAAd;IACD;;IAED,IAAI,mCAAuBsB,WAAvB,CAAJ,EAAyC;MACvC,OAAOA,WAAP;IACD;;IAGD,MAAM,IAAIc,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;IACA;EACD;;EAEDG,eAAe,CAACC,IAAD,EAA+B;IAC5C,IAAI,CAAC,KAAK7C,gBAAV,EAA4B;MAC1B;IACD;;IACD,MAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBoD,qBAApB,EAAhB;;IACA,IAAI,CAAC/B,OAAL,EAAc;MACZ;IACD;;IACDA,OAAO,CAACG,UAAR,CAAmB2B,IAAnB;EACD,CAvRqC,CAyRtC;;;EACAE,eAAe,CAACtD,OAAD,EAAuD;IACpE,IAAI,CAAC,KAAKO,gBAAV,EAA4B;MAC1B,OAAO,IAAP;IACD;;IACD,MAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBoD,qBAApB,EAAhB;;IACA,IAAI,CAAC/B,OAAL,EAAc;MACZ,OAAO,IAAP;IACD;;IACD,MAAMiC,WAAW,GAAGjC,OAAO,CAACV,UAAR,EAApB;;IACA,IAAI,CAAC2C,WAAD,IAAgB,CAAC,6BAAiBA,WAAW,CAACC,cAA7B,CAArB,EAAmE;MACjE,OAAO,IAAP;IACD;;IAED,IAAIxD,OAAJ,EAAa;MACX,MAAM;QAAEyD,WAAF;QAAeC;MAAf,IAAqC1D,OAA3C;;MACA,IAAIyD,WAAW,IAAIF,WAAW,CAACE,WAAZ,KAA4BA,WAA/C,EAA4D;QAC1D,OAAO,IAAP;MACD;;MACD,IAAIC,iBAAiB,IAAIH,WAAW,CAACG,iBAAZ,KAAkCA,iBAA3D,EAA8E;QAC5E,OAAO,IAAP;MACD;IACF;;IAED,OAAOH,WAAP;EACD;;EAEDvC,gBAAgB,GAAS;IACvB,IAAI,CAAC,KAAKT,gBAAV,EAA4B;MAC1B;IACD;;IACD,MAAMe,OAAO,GAAG,KAAKrB,cAAL,CAAoBoD,qBAApB,EAAhB;IACA/B,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAET,YAAT;EACD;;AA1TqC"}
1
+ {"version":3,"file":"TransactionManager.js","names":["TransactionManager","constructor","options","storageManager","legacyWidgetSupport","saveNonceCookie","saveStateCookie","saveParamsCookie","enableSharedStorage","saveLastResponse","clear","transactionStorage","getTransactionStorage","meta","getStorage","clearStorage","clearSharedStorage","state","clearTransactionFromSharedStorage","clearIdxResponse","oauth","clearLegacyOAuthParams","pkce","clearLegacyPKCE","save","storage","obj","isTransactionMeta","muteWarning","warn","setStorage","saveTransactionToSharedStorage","cookieStorage","storageType","responseType","nonce","scopes","clientId","urls","ignoreSignature","oauthParams","setItem","REDIRECT_OAUTH_PARAMS_NAME","REDIRECT_NONCE_COOKIE_NAME","REDIRECT_STATE_COOKIE_NAME","exists","load","pruneSharedStorage","loadTransactionFromSharedStorage","loadLegacyOAuthParams","pkceMeta","loadLegacyPKCE","storageUtil","testStorageType","getLegacyPKCEStorage","codeVerifier","AuthSdkError","undefined","getLegacyOAuthParamsStorage","isOAuthTransactionMeta","saveIdxResponse","data","getIdxResponseStorage","loadIdxResponse","storedValue","isRawIdxResponse","rawIdxResponse","stateHandle","interactionHandle"],"sources":["../../lib/TransactionManager.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from './errors';\nimport { REDIRECT_NONCE_COOKIE_NAME, REDIRECT_OAUTH_PARAMS_NAME, REDIRECT_STATE_COOKIE_NAME } from './constants';\nimport { StorageManager } from './StorageManager';\nimport {\n StorageProvider,\n TransactionMeta,\n isTransactionMeta,\n isOAuthTransactionMeta,\n PKCETransactionMeta,\n OAuthTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n CookieStorage,\n SavedIdxResponse,\n IntrospectOptions\n} from './types';\nimport { isRawIdxResponse } from './idx/types/idx-js';\nimport { warn } from './util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n clearSharedStorage?: boolean; // true by default\n clearIdxResponse?: boolean; // true by default\n}\nexport default class TransactionManager {\n options: TransactionManagerOptions;\n storageManager: StorageManager;\n legacyWidgetSupport: boolean;\n saveNonceCookie: boolean;\n saveStateCookie: boolean;\n saveParamsCookie: boolean;\n enableSharedStorage: boolean;\n saveLastResponse: boolean;\n\n constructor(options: TransactionManagerOptions) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.storageManager = options.storageManager!;\n this.legacyWidgetSupport = options.legacyWidgetSupport === false ? false : true;\n this.saveNonceCookie = options.saveNonceCookie === false ? false : true;\n this.saveStateCookie = options.saveStateCookie === false ? false : true;\n this.saveParamsCookie = options.saveParamsCookie === false ? false : true;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.saveLastResponse = options.saveLastResponse === false ? false : true;\n this.options = options;\n }\n\n // eslint-disable-next-line complexity\n clear(options: ClearTransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n const meta = transactionStorage.getStorage();\n\n // Clear primary storage (by default, sessionStorage on browser)\n transactionStorage.clearStorage();\n\n // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow\n if (this.enableSharedStorage && options.clearSharedStorage !== false) {\n const state = options.state || meta?.state;\n if (state) {\n clearTransactionFromSharedStorage(this.storageManager, state);\n }\n }\n\n if (options.clearIdxResponse !== false) {\n this.clearIdxResponse();\n }\n \n if (!this.legacyWidgetSupport) {\n return;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n this.clearLegacyOAuthParams();\n }\n\n if (options.pkce) {\n this.clearLegacyPKCE();\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: TransactionMeta, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n\n if (!options.oauth) {\n return;\n }\n \n // Legacy cookie storage\n if (this.saveNonceCookie || this.saveStateCookie || this.saveParamsCookie) {\n const cookieStorage: CookieStorage = this.storageManager.getStorage({ storageType: 'cookie' }) as CookieStorage;\n\n if (this.saveParamsCookie) {\n const { \n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n } = meta;\n const oauthParams = {\n responseType,\n state,\n nonce,\n scopes,\n clientId,\n urls,\n ignoreSignature\n };\n cookieStorage.setItem(REDIRECT_OAUTH_PARAMS_NAME, JSON.stringify(oauthParams), null);\n }\n\n if (this.saveNonceCookie && meta.nonce) {\n // Set nonce cookie for servers to validate nonce in id_token\n cookieStorage.setItem(REDIRECT_NONCE_COOKIE_NAME, meta.nonce, null);\n }\n\n if (this.saveStateCookie && meta.state) {\n // Set state cookie for servers to validate state\n cookieStorage.setItem(REDIRECT_STATE_COOKIE_NAME, meta.state, null);\n }\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta | null {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n if (!this.legacyWidgetSupport) {\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n if (options.oauth) {\n try {\n const oauthParams = this.loadLegacyOAuthParams();\n Object.assign(meta, oauthParams);\n } finally {\n this.clearLegacyOAuthParams();\n }\n }\n\n if (options.pkce) {\n try {\n const pkceMeta: PKCETransactionMeta = this.loadLegacyPKCE();\n Object.assign(meta, pkceMeta);\n } finally {\n this.clearLegacyPKCE();\n }\n }\n\n if (isTransactionMeta(meta)) {\n return meta;\n }\n return null;\n }\n\n // This is for compatibility with older versions of the signin widget. OKTA-304806\n clearLegacyPKCE(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n }\n\n loadLegacyPKCE(): PKCETransactionMeta {\n let storage: StorageProvider;\n let obj;\n \n // Try reading from localStorage first.\n if (this.storageManager.storageUtil.testStorageType('localStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'localStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n\n // If meta is not valid, read from sessionStorage. This is expected for more recent versions of the widget.\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyPKCEStorage({ storageType: 'sessionStorage' });\n obj = storage.getStorage();\n if (obj && obj.codeVerifier) {\n return obj;\n }\n }\n \n // If meta is not valid, throw an exception to avoid misleading server-side error\n // The most likely cause of this error is trying to handle a callback twice\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);\n }\n\n clearLegacyOAuthParams(): void {\n // clear storages\n let storage: StorageProvider;\n\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n storage.clearStorage();\n }\n\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n storage.clearStorage();\n }\n }\n\n loadLegacyOAuthParams(): OAuthTransactionMeta {\n let storage: StorageProvider;\n let oauthParams;\n \n // load first from session storage\n if (this.storageManager.storageUtil.testStorageType('sessionStorage')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'sessionStorage' });\n oauthParams = storage.getStorage();\n }\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n // try to load from cookie\n if (this.storageManager.storageUtil.testStorageType('cookie')) {\n storage = this.storageManager.getLegacyOAuthParamsStorage({ storageType: 'cookie' });\n oauthParams = storage.getStorage();\n }\n\n if (isOAuthTransactionMeta(oauthParams)) {\n return oauthParams;\n }\n\n\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n\n // Something is there but we don't recognize it\n // throw new AuthSdkError('Unable to parse the ' + REDIRECT_OAUTH_PARAMS_NAME + ' value from storage');\n }\n\n saveIdxResponse(data: SavedIdxResponse): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(data);\n }\n\n // eslint-disable-next-line complexity\n loadIdxResponse(options?: IntrospectOptions): SavedIdxResponse | null {\n if (!this.saveLastResponse) {\n return null;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const storedValue = storage.getStorage();\n if (!storedValue || !isRawIdxResponse(storedValue.rawIdxResponse)) {\n return null;\n }\n\n if (options) {\n const { stateHandle, interactionHandle } = options;\n if (stateHandle && storedValue.stateHandle !== stateHandle) {\n return null;\n }\n if (interactionHandle && storedValue.interactionHandle !== interactionHandle) {\n return null;\n }\n }\n\n return storedValue;\n }\n\n clearIdxResponse(): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n storage?.clearStorage();\n }\n}"],"mappings":";;;;;;;;;;AAaA;;AACA;;AAEA;;AAaA;;AACA;;AACA;;AA/BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAgCe,MAAMA,kBAAN,CAAyB;EAUtCC,WAAW,CAACC,OAAD,EAAqC;IAC9C;IACA,KAAKC,cAAL,GAAsBD,OAAO,CAACC,cAA9B;IACA,KAAKC,mBAAL,GAA2BF,OAAO,CAACE,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;IACA,KAAKC,eAAL,GAAuBH,OAAO,CAACG,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;IACA,KAAKC,eAAL,GAAuBJ,OAAO,CAACI,eAAR,KAA4B,KAA5B,GAAoC,KAApC,GAA4C,IAAnE;IACA,KAAKC,gBAAL,GAAwBL,OAAO,CAACK,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;IACA,KAAKC,mBAAL,GAA2BN,OAAO,CAACM,mBAAR,KAAgC,KAAhC,GAAwC,KAAxC,GAAgD,IAA3E;IACA,KAAKC,gBAAL,GAAwBP,OAAO,CAACO,gBAAR,KAA6B,KAA7B,GAAqC,KAArC,GAA6C,IAArE;IACA,KAAKP,OAAL,GAAeA,OAAf;EACD,CApBqC,CAsBtC;;;EACAQ,KAAK,CAACR,OAAoC,GAAG,EAAxC,EAA4C;IAC/C,MAAMS,kBAAmC,GAAG,KAAKR,cAAL,CAAoBS,qBAApB,EAA5C;IACA,MAAMC,IAAI,GAAGF,kBAAkB,CAACG,UAAnB,EAAb,CAF+C,CAI/C;;IACAH,kBAAkB,CAACI,YAAnB,GAL+C,CAO/C;;IACA,IAAI,KAAKP,mBAAL,IAA4BN,OAAO,CAACc,kBAAR,KAA+B,KAA/D,EAAsE;MACpE,MAAMC,KAAK,GAAGf,OAAO,CAACe,KAAR,KAAiBJ,IAAjB,aAAiBA,IAAjB,uBAAiBA,IAAI,CAAEI,KAAvB,CAAd;;MACA,IAAIA,KAAJ,EAAW;QACT,IAAAC,gDAAA,EAAkC,KAAKf,cAAvC,EAAuDc,KAAvD;MACD;IACF;;IAED,IAAIf,OAAO,CAACiB,gBAAR,KAA6B,KAAjC,EAAwC;MACtC,KAAKA,gBAAL;IACD;;IAED,IAAI,CAAC,KAAKf,mBAAV,EAA+B;MAC7B;IACD,CArB8C,CAuB/C;;;IACA,IAAIF,OAAO,CAACkB,KAAZ,EAAmB;MACjB,KAAKC,sBAAL;IACD;;IAED,IAAInB,OAAO,CAACoB,IAAZ,EAAkB;MAChB,KAAKC,eAAL;IACD;EACF,CAtDqC,CAwDtC;;;EACAC,IAAI,CAACX,IAAD,EAAwBX,OAA+B,GAAG,EAA1D,EAA8D;IAChE;IACA;IACA;IAEA,IAAIuB,OAAwB,GAAG,KAAKtB,cAAL,CAAoBS,qBAApB,EAA/B;IACA,MAAMc,GAAG,GAAGD,OAAO,CAACX,UAAR,EAAZ,CANgE,CAOhE;IACA;IACA;;IACA,IAAI,IAAAa,wBAAA,EAAkBD,GAAlB,KAA0B,CAACxB,OAAO,CAAC0B,WAAvC,EAAoD;MAClD;MACA,IAAAC,UAAA,EAAK,yGAAL;IACD;;IAEDJ,OAAO,CAACK,UAAR,CAAmBjB,IAAnB,EAfgE,CAiBhE;;IACA,IAAI,KAAKL,mBAAL,IAA4BK,IAAI,CAACI,KAArC,EAA4C;MAC1C,IAAAc,6CAAA,EAA+B,KAAK5B,cAApC,EAAoDU,IAAI,CAACI,KAAzD,EAAgEJ,IAAhE;IACD;;IAED,IAAI,CAACX,OAAO,CAACkB,KAAb,EAAoB;MAClB;IACD,CAxB+D,CA0BhE;;;IACA,IAAI,KAAKf,eAAL,IAAwB,KAAKC,eAA7B,IAAgD,KAAKC,gBAAzD,EAA2E;MACzE,MAAMyB,aAA4B,GAAG,KAAK7B,cAAL,CAAoBW,UAApB,CAA+B;QAAEmB,WAAW,EAAE;MAAf,CAA/B,CAArC;;MAEA,IAAI,KAAK1B,gBAAT,EAA2B;QACzB,MAAM;UACJ2B,YADI;UAEJjB,KAFI;UAGJkB,KAHI;UAIJC,MAJI;UAKJC,QALI;UAMJC,IANI;UAOJC;QAPI,IAQF1B,IARJ;QASA,MAAM2B,WAAW,GAAG;UAClBN,YADkB;UAElBjB,KAFkB;UAGlBkB,KAHkB;UAIlBC,MAJkB;UAKlBC,QALkB;UAMlBC,IANkB;UAOlBC;QAPkB,CAApB;QASAP,aAAa,CAACS,OAAd,CAAsBC,qCAAtB,EAAkD,wBAAeF,WAAf,CAAlD,EAA+E,IAA/E;MACD;;MAED,IAAI,KAAKnC,eAAL,IAAwBQ,IAAI,CAACsB,KAAjC,EAAwC;QACtC;QACAH,aAAa,CAACS,OAAd,CAAsBE,qCAAtB,EAAkD9B,IAAI,CAACsB,KAAvD,EAA8D,IAA9D;MACD;;MAED,IAAI,KAAK7B,eAAL,IAAwBO,IAAI,CAACI,KAAjC,EAAwC;QACtC;QACAe,aAAa,CAACS,OAAd,CAAsBG,qCAAtB,EAAkD/B,IAAI,CAACI,KAAvD,EAA8D,IAA9D;MACD;IACF;EACF;;EAED4B,MAAM,CAAC3C,OAA+B,GAAG,EAAnC,EAAgD;IACpD,IAAI;MACF,MAAMW,IAAI,GAAG,KAAKiC,IAAL,CAAU5C,OAAV,CAAb;MACA,OAAO,CAAC,CAACW,IAAT;IACD,CAHD,CAGE,MAAM;MACN,OAAO,KAAP;IACD;EACF,CAhIqC,CAkItC;EACA;;;EACAiC,IAAI,CAAC5C,OAA+B,GAAG,EAAnC,EAA+D;IAEjE,IAAIW,IAAJ,CAFiE,CAIjE;;IACA,IAAI,KAAKL,mBAAL,IAA4BN,OAAO,CAACe,KAAxC,EAA+C;MAC7C,IAAA8B,iCAAA,EAAmB,KAAK5C,cAAxB,EAD6C,CACJ;;MACzCU,IAAI,GAAG,IAAAmC,+CAAA,EAAiC,KAAK7C,cAAtC,EAAsDD,OAAO,CAACe,KAA9D,CAAP;;MACA,IAAI,IAAAU,wBAAA,EAAkBd,IAAlB,CAAJ,EAA6B;QAC3B,OAAOA,IAAP;MACD;IACF;;IAED,IAAIY,OAAwB,GAAG,KAAKtB,cAAL,CAAoBS,qBAApB,EAA/B;IACAC,IAAI,GAAGY,OAAO,CAACX,UAAR,EAAP;;IACA,IAAI,IAAAa,wBAAA,EAAkBd,IAAlB,CAAJ,EAA6B;MAC3B;MACA,OAAOA,IAAP;IACD;;IAED,IAAI,CAAC,KAAKT,mBAAV,EAA+B;MAC7B,OAAO,IAAP;IACD,CAtBgE,CAwBjE;;;IACA,IAAIF,OAAO,CAACkB,KAAZ,EAAmB;MACjB,IAAI;QACF,MAAMoB,WAAW,GAAG,KAAKS,qBAAL,EAApB;QACA,qBAAcpC,IAAd,EAAoB2B,WAApB;MACD,CAHD,SAGU;QACR,KAAKnB,sBAAL;MACD;IACF;;IAED,IAAInB,OAAO,CAACoB,IAAZ,EAAkB;MAChB,IAAI;QACF,MAAM4B,QAA6B,GAAG,KAAKC,cAAL,EAAtC;QACA,qBAActC,IAAd,EAAoBqC,QAApB;MACD,CAHD,SAGU;QACR,KAAK3B,eAAL;MACD;IACF;;IAED,IAAI,IAAAI,wBAAA,EAAkBd,IAAlB,CAAJ,EAA6B;MAC3B,OAAOA,IAAP;IACD;;IACD,OAAO,IAAP;EACD,CAnLqC,CAqLtC;;;EACAU,eAAe,GAAS;IACtB;IACA,IAAIE,OAAJ;;IAEA,IAAI,KAAKtB,cAAL,CAAoBiD,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;MACnE5B,OAAO,GAAG,KAAKtB,cAAL,CAAoBmD,oBAApB,CAAyC;QAAErB,WAAW,EAAE;MAAf,CAAzC,CAAV;MACAR,OAAO,CAACV,YAAR;IACD;;IAED,IAAI,KAAKZ,cAAL,CAAoBiD,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;MACrE5B,OAAO,GAAG,KAAKtB,cAAL,CAAoBmD,oBAApB,CAAyC;QAAErB,WAAW,EAAE;MAAf,CAAzC,CAAV;MACAR,OAAO,CAACV,YAAR;IACD;EACF;;EAEDoC,cAAc,GAAwB;IACpC,IAAI1B,OAAJ;IACA,IAAIC,GAAJ,CAFoC,CAIpC;;IACA,IAAI,KAAKvB,cAAL,CAAoBiD,WAApB,CAAgCC,eAAhC,CAAgD,cAAhD,CAAJ,EAAqE;MACnE5B,OAAO,GAAG,KAAKtB,cAAL,CAAoBmD,oBAApB,CAAyC;QAAErB,WAAW,EAAE;MAAf,CAAzC,CAAV;MACAP,GAAG,GAAGD,OAAO,CAACX,UAAR,EAAN;;MACA,IAAIY,GAAG,IAAIA,GAAG,CAAC6B,YAAf,EAA6B;QAC3B,OAAO7B,GAAP;MACD;IACF,CAXmC,CAapC;;;IACA,IAAI,KAAKvB,cAAL,CAAoBiD,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;MACrE5B,OAAO,GAAG,KAAKtB,cAAL,CAAoBmD,oBAApB,CAAyC;QAAErB,WAAW,EAAE;MAAf,CAAzC,CAAV;MACAP,GAAG,GAAGD,OAAO,CAACX,UAAR,EAAN;;MACA,IAAIY,GAAG,IAAIA,GAAG,CAAC6B,YAAf,EAA6B;QAC3B,OAAO7B,GAAP;MACD;IACF,CApBmC,CAsBpC;IACA;IACA;;;IACA,MAAM,IAAI8B,oBAAJ,CAAiB,yJAAjB,EAA4KC,SAA5K,CAAN;EACD;;EAEDpC,sBAAsB,GAAS;IAC7B;IACA,IAAII,OAAJ;;IAEA,IAAI,KAAKtB,cAAL,CAAoBiD,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;MACrE5B,OAAO,GAAG,KAAKtB,cAAL,CAAoBuD,2BAApB,CAAgD;QAAEzB,WAAW,EAAE;MAAf,CAAhD,CAAV;MACAR,OAAO,CAACV,YAAR;IACD;;IAED,IAAI,KAAKZ,cAAL,CAAoBiD,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;MAC7D5B,OAAO,GAAG,KAAKtB,cAAL,CAAoBuD,2BAApB,CAAgD;QAAEzB,WAAW,EAAE;MAAf,CAAhD,CAAV;MACAR,OAAO,CAACV,YAAR;IACD;EACF;;EAEDkC,qBAAqB,GAAyB;IAC5C,IAAIxB,OAAJ;IACA,IAAIe,WAAJ,CAF4C,CAI5C;;IACA,IAAI,KAAKrC,cAAL,CAAoBiD,WAApB,CAAgCC,eAAhC,CAAgD,gBAAhD,CAAJ,EAAuE;MACrE5B,OAAO,GAAG,KAAKtB,cAAL,CAAoBuD,2BAApB,CAAgD;QAAEzB,WAAW,EAAE;MAAf,CAAhD,CAAV;MACAO,WAAW,GAAGf,OAAO,CAACX,UAAR,EAAd;IACD;;IACD,IAAI,IAAA6C,6BAAA,EAAuBnB,WAAvB,CAAJ,EAAyC;MACvC,OAAOA,WAAP;IACD,CAX2C,CAa5C;;;IACA,IAAI,KAAKrC,cAAL,CAAoBiD,WAApB,CAAgCC,eAAhC,CAAgD,QAAhD,CAAJ,EAA+D;MAC7D5B,OAAO,GAAG,KAAKtB,cAAL,CAAoBuD,2BAApB,CAAgD;QAAEzB,WAAW,EAAE;MAAf,CAAhD,CAAV;MACAO,WAAW,GAAGf,OAAO,CAACX,UAAR,EAAd;IACD;;IAED,IAAI,IAAA6C,6BAAA,EAAuBnB,WAAvB,CAAJ,EAAyC;MACvC,OAAOA,WAAP;IACD;;IAGD,MAAM,IAAIgB,oBAAJ,CAAiB,uDAAjB,CAAN,CAxB4C,CA0B5C;IACA;EACD;;EAEDI,eAAe,CAACC,IAAD,EAA+B;IAC5C,IAAI,CAAC,KAAKpD,gBAAV,EAA4B;MAC1B;IACD;;IACD,MAAMgB,OAAO,GAAG,KAAKtB,cAAL,CAAoB2D,qBAApB,EAAhB;;IACA,IAAI,CAACrC,OAAL,EAAc;MACZ;IACD;;IACDA,OAAO,CAACK,UAAR,CAAmB+B,IAAnB;EACD,CAvRqC,CAyRtC;;;EACAE,eAAe,CAAC7D,OAAD,EAAuD;IACpE,IAAI,CAAC,KAAKO,gBAAV,EAA4B;MAC1B,OAAO,IAAP;IACD;;IACD,MAAMgB,OAAO,GAAG,KAAKtB,cAAL,CAAoB2D,qBAApB,EAAhB;;IACA,IAAI,CAACrC,OAAL,EAAc;MACZ,OAAO,IAAP;IACD;;IACD,MAAMuC,WAAW,GAAGvC,OAAO,CAACX,UAAR,EAApB;;IACA,IAAI,CAACkD,WAAD,IAAgB,CAAC,IAAAC,uBAAA,EAAiBD,WAAW,CAACE,cAA7B,CAArB,EAAmE;MACjE,OAAO,IAAP;IACD;;IAED,IAAIhE,OAAJ,EAAa;MACX,MAAM;QAAEiE,WAAF;QAAeC;MAAf,IAAqClE,OAA3C;;MACA,IAAIiE,WAAW,IAAIH,WAAW,CAACG,WAAZ,KAA4BA,WAA/C,EAA4D;QAC1D,OAAO,IAAP;MACD;;MACD,IAAIC,iBAAiB,IAAIJ,WAAW,CAACI,iBAAZ,KAAkCA,iBAA3D,EAA8E;QAC5E,OAAO,IAAP;MACD;IACF;;IAED,OAAOJ,WAAP;EACD;;EAED7C,gBAAgB,GAAS;IACvB,IAAI,CAAC,KAAKV,gBAAV,EAA4B;MAC1B;IACD;;IACD,MAAMgB,OAAO,GAAG,KAAKtB,cAAL,CAAoB2D,qBAApB,EAAhB;IACArC,OAAO,SAAP,IAAAA,OAAO,WAAP,YAAAA,OAAO,CAAEV,YAAT;EACD;;AA1TqC"}
package/cjs/browser/browserStorage.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"browserStorage.js","names":["storageUtil","getHttpCache","getPKCEStorage","browserHasLocalStorage","storage","getLocalStorage","testStorage","e","browserHasSessionStorage","getSessionStorage","testStorageType","storageType","supported","getStorageByType","options","storageProvider","getCookieStorage","getInMemoryStorage","AuthSdkError","findStorageType","types","curType","nextType","shift","length","window","onstorage","localStorage","sessionStorage","secure","sameSite","sessionCookie","getItem","get","setItem","key","value","expiresAt","set","removeItem","delete","isSharedStorage","useSeparateCookies","data","forEach","k","replace","JSON","parse","existingValues","storageKey","valueToStore","inMemoryStore","name","cookieOptions","path","Date","expires","Cookies","arguments","remove"],"sources":["../../../lib/browser/browserStorage.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport Cookies from 'js-cookie';\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n SimpleStorage,\n StorageType,\n BrowserStorageUtil,\n CookieStorage\n} from '../types';\nimport { warn } from '../util';\nimport { isIE11OrLess } from '../features';\n\n// Building this as an object allows us to mock the functions in our tests\nvar storageUtil: BrowserStorageUtil = {\n\n // These are shimmed in `OktaAuthBase.ts`\n getHttpCache(): StorageProvider {\n return null as never as StorageProvider;\n },\n\n getPKCEStorage(): PKCEStorage {\n return null as never as PKCEStorage;\n },\n\n // IE11 bug that Microsoft doesn't plan to fix\n // https://connect.microsoft.com/IE/Feedback/Details/1496040\n browserHasLocalStorage: function() {\n try {\n var storage = this.getLocalStorage();\n return this.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n browserHasSessionStorage: function() {\n try {\n var storage = this.getSessionStorage();\n return this.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n testStorageType: function(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'sessionStorage':\n supported = this.browserHasSessionStorage();\n break;\n case 'localStorage':\n supported = this.browserHasLocalStorage();\n break;\n case 'cookie':\n case 'memory':\n supported = true;\n break;\n default:\n supported = false;\n break;\n }\n return supported;\n },\n\n getStorageByType: function(storageType: StorageType, options?: StorageOptions): SimpleStorage {\n let storageProvider;\n switch (storageType) {\n case 'sessionStorage':\n storageProvider = this.getSessionStorage();\n break;\n case 'localStorage':\n storageProvider = this.getLocalStorage();\n break;\n case 'cookie':\n storageProvider = this.getCookieStorage(options);\n break;\n case 'memory':\n storageProvider = this.getInMemoryStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n },\n\n findStorageType: function(types: StorageType[]) {\n let curType;\n let nextType;\n \n types = types.slice(); // copy array\n curType = types.shift();\n nextType = types.length ? types[0] : null;\n if (!nextType) {\n return curType;\n }\n\n if (this.testStorageType(curType)) {\n return curType;\n }\n\n // preferred type was unsupported.\n warn(`This browser doesn't support ${curType}. Switching to ${nextType}.`);\n\n // fallback to the next type. this is a recursive call\n return this.findStorageType(types);\n },\n\n getLocalStorage: function() {\n // Workaound for synchronization issue of LocalStorage cross tabs in IE11\n if (isIE11OrLess() && !window.onstorage) {\n window.onstorage = function() {};\n }\n \n return localStorage;\n },\n\n getSessionStorage: function() {\n return sessionStorage;\n },\n\n // Provides webStorage-like interface for cookies\n getCookieStorage: function(options): CookieStorage {\n const secure = options!.secure;\n const sameSite = options!.sameSite;\n const sessionCookie = options!.sessionCookie;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('getCookieStorage: \"secure\" and \"sameSite\" options must be provided');\n }\n const storage: CookieStorage = {\n getItem: this.storage.get,\n setItem: (key, value, expiresAt = '2200-01-01T00:00:00.000Z') => {\n // By defauilt, cookie shouldn't expire\n expiresAt = (sessionCookie ? null : expiresAt) as string;\n this.storage.set(key, value, expiresAt, {\n secure: secure, \n sameSite: sameSite,\n });\n },\n removeItem: (key) => {\n this.storage.delete(key);\n },\n // TODO: remove - https://oktainc.atlassian.net/browse/OKTA-529631\n isSharedStorage: () => true\n };\n\n if (!options!.useSeparateCookies) {\n return storage;\n }\n\n // Tokens are stored separately because cookies have size limits.\n // Can only be used when storing an object value. Object properties will be saved to separate cookies.\n // Each property of the object must also be an object.\n return {\n getItem: function(key) {\n var data = storage.getItem(); // read all cookies\n var value = {};\n Object.keys(data).forEach(k => {\n if (k.indexOf(key!) === 0) { // filter out unrelated cookies\n value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie data\n }\n });\n return JSON.stringify(value);\n },\n setItem: function(key, value) {\n var existingValues = JSON.parse(this.getItem(key));\n value = JSON.parse(value);\n // Set key-value pairs from input to cookies\n Object.keys(value).forEach(k => {\n var storageKey = key + '_' + k;\n var valueToStore = JSON.stringify(value[k]);\n storage.setItem(storageKey, valueToStore);\n delete existingValues[k];\n });\n // Delete unmatched keys from existing cookies\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n removeItem: function(key) {\n var existingValues = JSON.parse(this.getItem(key));\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n // TODO: remove - https://oktainc.atlassian.net/browse/OKTA-529631\n isSharedStorage: () => true\n };\n },\n\n // Provides an in-memory solution\n inMemoryStore: {}, // override this for a unique memory store per instance\n getInMemoryStorage: function() {\n return {\n getItem: (key) => {\n return this.inMemoryStore[key];\n },\n setItem: (key, value) => {\n this.inMemoryStore[key] = value;\n },\n // TODO: remove - https://oktainc.atlassian.net/browse/OKTA-529631\n isSharedStorage: () => false\n };\n },\n\n testStorage: function(storage) {\n var key = 'okta-test-storage';\n try {\n storage.setItem(key, key);\n storage.removeItem(key);\n return true;\n } catch (e) {\n return false;\n }\n },\n\n storage: {\n set: function(name: string, value: string, expiresAt: string, options: CookieOptions): string {\n const { sameSite, secure } = options;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('storage.set: \"secure\" and \"sameSite\" options must be provided');\n }\n var cookieOptions: CookieOptions = {\n path: options.path || '/',\n secure,\n sameSite\n };\n\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Expires value can be converted to a Date object.\n //\n // If the 'expiresAt' value is not provided, or the value cannot be\n // parsed as a Date object, the cookie will set as a session cookie.\n cookieOptions.expires = new Date(expiresAt);\n }\n\n Cookies.set(name, value, cookieOptions);\n return this.get(name);\n },\n\n get: function(name?: string): string {\n // return all cookies when no args is provided\n if (!arguments.length) {\n return Cookies.get();\n }\n return Cookies.get(name);\n },\n\n delete: function(name: string): string {\n return Cookies.remove(name, { path: '/' });\n }\n }\n};\n\nexport default storageUtil;\n"],"mappings":";;;;;;;;;;;;;;AAcA;;AACA;;AAWA;;AACA;;AA3BA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAiBA;AACA,IAAIA,WAA+B,GAAG;EAEpC;EACAC,YAAY,GAAoB;IAC9B,OAAO,IAAP;EACD,CALmC;;EAOpCC,cAAc,GAAgB;IAC5B,OAAO,IAAP;EACD,CATmC;;EAWpC;EACA;EACAC,sBAAsB,EAAE,YAAW;IACjC,IAAI;MACF,IAAIC,OAAO,GAAG,KAAKC,eAAL,EAAd;MACA,OAAO,KAAKC,WAAL,CAAiBF,OAAjB,CAAP;IACD,CAHD,CAGE,OAAOG,CAAP,EAAU;MACV,OAAO,KAAP;IACD;EACF,CApBmC;EAsBpCC,wBAAwB,EAAE,YAAW;IACnC,IAAI;MACF,IAAIJ,OAAO,GAAG,KAAKK,iBAAL,EAAd;MACA,OAAO,KAAKH,WAAL,CAAiBF,OAAjB,CAAP;IACD,CAHD,CAGE,OAAOG,CAAP,EAAU;MACV,OAAO,KAAP;IACD;EACF,CA7BmC;EA+BpCG,eAAe,EAAE,UAASC,WAAT,EAA4C;IAC3D,IAAIC,SAAS,GAAG,KAAhB;;IACA,QAAQD,WAAR;MACE,KAAK,gBAAL;QACEC,SAAS,GAAG,KAAKJ,wBAAL,EAAZ;QACA;;MACF,KAAK,cAAL;QACEI,SAAS,GAAG,KAAKT,sBAAL,EAAZ;QACA;;MACF,KAAK,QAAL;MACA,KAAK,QAAL;QACES,SAAS,GAAG,IAAZ;QACA;;MACF;QACEA,SAAS,GAAG,KAAZ;QACA;IAbJ;;IAeA,OAAOA,SAAP;EACD,CAjDmC;EAmDpCC,gBAAgB,EAAE,UAASF,WAAT,EAAmCG,OAAnC,EAA4E;IAC5F,IAAIC,eAAJ;;IACA,QAAQJ,WAAR;MACE,KAAK,gBAAL;QACEI,eAAe,GAAG,KAAKN,iBAAL,EAAlB;QACA;;MACF,KAAK,cAAL;QACEM,eAAe,GAAG,KAAKV,eAAL,EAAlB;QACA;;MACF,KAAK,QAAL;QACEU,eAAe,GAAG,KAAKC,gBAAL,CAAsBF,OAAtB,CAAlB;QACA;;MACF,KAAK,QAAL;QACEC,eAAe,GAAG,KAAKE,kBAAL,EAAlB;QACA;;MACF;QACE,MAAM,IAAIC,qBAAJ,CAAkB,gCAA+BP,WAAY,EAA7D,CAAN;QACA;IAfJ;;IAiBA,OAAOI,eAAP;EACD,CAvEmC;EAyEpCI,eAAe,EAAE,UAASC,KAAT,EAA+B;IAC9C,IAAIC,OAAJ;IACA,IAAIC,QAAJ;IAEAF,KAAK,GAAG,oBAAAA,KAAK,MAAL,CAAAA,KAAK,CAAb,CAJ8C,CAIvB;;IACvBC,OAAO,GAAGD,KAAK,CAACG,KAAN,EAAV;IACAD,QAAQ,GAAGF,KAAK,CAACI,MAAN,GAAeJ,KAAK,CAAC,CAAD,CAApB,GAA0B,IAArC;;IACA,IAAI,CAACE,QAAL,EAAe;MACb,OAAOD,OAAP;IACD;;IAED,IAAI,KAAKX,eAAL,CAAqBW,OAArB,CAAJ,EAAmC;MACjC,OAAOA,OAAP;IACD,CAb6C,CAe9C;;;IACA,gBAAM,gCAA+BA,OAAQ,kBAAiBC,QAAS,GAAvE,EAhB8C,CAkB9C;;IACA,OAAO,KAAKH,eAAL,CAAqBC,KAArB,CAAP;EACD,CA7FmC;EA+FpCf,eAAe,EAAE,YAAW;IAC1B;IACA,IAAI,iCAAkB,CAACoB,MAAM,CAACC,SAA9B,EAAyC;MACvCD,MAAM,CAACC,SAAP,GAAmB,YAAW,CAAE,CAAhC;IACD;;IAED,OAAOC,YAAP;EACD,CAtGmC;EAwGpClB,iBAAiB,EAAE,YAAW;IAC5B,OAAOmB,cAAP;EACD,CA1GmC;EA4GpC;EACAZ,gBAAgB,EAAE,UAASF,OAAT,EAAiC;IACjD,MAAMe,MAAM,GAAGf,OAAO,CAAEe,MAAxB;IACA,MAAMC,QAAQ,GAAGhB,OAAO,CAAEgB,QAA1B;IACA,MAAMC,aAAa,GAAGjB,OAAO,CAAEiB,aAA/B;;IACA,IAAI,OAAOF,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;MACpE,MAAM,IAAIZ,qBAAJ,CAAiB,oEAAjB,CAAN;IACD;;IACD,MAAMd,OAAsB,GAAG;MAC7B4B,OAAO,EAAE,KAAK5B,OAAL,CAAa6B,GADO;MAE7BC,OAAO,EAAE,CAACC,GAAD,EAAMC,KAAN,EAAaC,SAAS,GAAG,0BAAzB,KAAwD;QAC/D;QACAA,SAAS,GAAIN,aAAa,GAAG,IAAH,GAAUM,SAApC;QACA,KAAKjC,OAAL,CAAakC,GAAb,CAAiBH,GAAjB,EAAsBC,KAAtB,EAA6BC,SAA7B,EAAwC;UACtCR,MAAM,EAAEA,MAD8B;UAEtCC,QAAQ,EAAEA;QAF4B,CAAxC;MAID,CAT4B;MAU7BS,UAAU,EAAGJ,GAAD,IAAS;QACnB,KAAK/B,OAAL,CAAaoC,MAAb,CAAoBL,GAApB;MACD,CAZ4B;MAa7B;MACAM,eAAe,EAAE,MAAM;IAdM,CAA/B;;IAiBA,IAAI,CAAC3B,OAAO,CAAE4B,kBAAd,EAAkC;MAChC,OAAOtC,OAAP;IACD,CA1BgD,CA4BjD;IACA;IACA;;;IACA,OAAO;MACL4B,OAAO,EAAE,UAASG,GAAT,EAAc;QACrB,IAAIQ,IAAI,GAAGvC,OAAO,CAAC4B,OAAR,EAAX,CADqB,CACS;;QAC9B,IAAII,KAAK,GAAG,EAAZ;QACA,mBAAYO,IAAZ,EAAkBC,OAAlB,CAA0BC,CAAC,IAAI;UAC7B,IAAI,sBAAAA,CAAC,MAAD,CAAAA,CAAC,EAASV,GAAT,CAAD,KAAoB,CAAxB,EAA2B;YAAE;YAC3BC,KAAK,CAACS,CAAC,CAACC,OAAF,CAAW,GAAEX,GAAI,GAAjB,EAAqB,EAArB,CAAD,CAAL,GAAkCY,IAAI,CAACC,KAAL,CAAWL,IAAI,CAACE,CAAD,CAAf,CAAlC,CADyB,CAC8B;UACxD;QACF,CAJD;QAKA,OAAO,wBAAeT,KAAf,CAAP;MACD,CAVI;MAWLF,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqB;QAC5B,IAAIa,cAAc,GAAGF,IAAI,CAACC,KAAL,CAAW,KAAKhB,OAAL,CAAaG,GAAb,CAAX,CAArB;QACAC,KAAK,GAAGW,IAAI,CAACC,KAAL,CAAWZ,KAAX,CAAR,CAF4B,CAG5B;;QACA,mBAAYA,KAAZ,EAAmBQ,OAAnB,CAA2BC,CAAC,IAAI;UAC9B,IAAIK,UAAU,GAAGf,GAAG,GAAG,GAAN,GAAYU,CAA7B;UACA,IAAIM,YAAY,GAAG,wBAAef,KAAK,CAACS,CAAD,CAApB,CAAnB;UACAzC,OAAO,CAAC8B,OAAR,CAAgBgB,UAAhB,EAA4BC,YAA5B;UACA,OAAOF,cAAc,CAACJ,CAAD,CAArB;QACD,CALD,EAJ4B,CAU5B;;QACA,mBAAYI,cAAZ,EAA4BL,OAA5B,CAAoCC,CAAC,IAAI;UACvCzC,OAAO,CAACmC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYU,CAA/B;QACD,CAFD;MAGD,CAzBI;MA0BLN,UAAU,EAAE,UAASJ,GAAT,EAAc;QACxB,IAAIc,cAAc,GAAGF,IAAI,CAACC,KAAL,CAAW,KAAKhB,OAAL,CAAaG,GAAb,CAAX,CAArB;QACA,mBAAYc,cAAZ,EAA4BL,OAA5B,CAAoCC,CAAC,IAAI;UACvCzC,OAAO,CAACmC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYU,CAA/B;QACD,CAFD;MAGD,CA/BI;MAgCL;MACAJ,eAAe,EAAE,MAAM;IAjClB,CAAP;EAmCD,CA/KmC;EAiLpC;EACAW,aAAa,EAAE,EAlLqB;EAkLjB;EACnBnC,kBAAkB,EAAE,YAAW;IAC7B,OAAO;MACLe,OAAO,EAAGG,GAAD,IAAS;QAChB,OAAO,KAAKiB,aAAL,CAAmBjB,GAAnB,CAAP;MACD,CAHI;MAILD,OAAO,EAAE,CAACC,GAAD,EAAMC,KAAN,KAAgB;QACvB,KAAKgB,aAAL,CAAmBjB,GAAnB,IAA0BC,KAA1B;MACD,CANI;MAOL;MACAK,eAAe,EAAE,MAAM;IARlB,CAAP;EAUD,CA9LmC;EAgMpCnC,WAAW,EAAE,UAASF,OAAT,EAAkB;IAC7B,IAAI+B,GAAG,GAAG,mBAAV;;IACA,IAAI;MACF/B,OAAO,CAAC8B,OAAR,CAAgBC,GAAhB,EAAqBA,GAArB;MACA/B,OAAO,CAACmC,UAAR,CAAmBJ,GAAnB;MACA,OAAO,IAAP;IACD,CAJD,CAIE,OAAO5B,CAAP,EAAU;MACV,OAAO,KAAP;IACD;EACF,CAzMmC;EA2MpCH,OAAO,EAAE;IACPkC,GAAG,EAAE,UAASe,IAAT,EAAuBjB,KAAvB,EAAsCC,SAAtC,EAAyDvB,OAAzD,EAAyF;MAC5F,MAAM;QAAEgB,QAAF;QAAYD;MAAZ,IAAuBf,OAA7B;;MACA,IAAI,OAAOe,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;QACpE,MAAM,IAAIZ,qBAAJ,CAAiB,+DAAjB,CAAN;MACD;;MACD,IAAIoC,aAA4B,GAAG;QACjCC,IAAI,EAAEzC,OAAO,CAACyC,IAAR,IAAgB,GADW;QAEjC1B,MAFiC;QAGjCC;MAHiC,CAAnC,CAL4F,CAW5F;;MACA,IAAI,CAAC,CAAE0B,IAAI,CAACR,KAAL,CAAWX,SAAX,CAAP,EAA+B;QAC7B;QACA;QACA;QACA;QACAiB,aAAa,CAACG,OAAd,GAAwB,IAAID,IAAJ,CAASnB,SAAT,CAAxB;MACD;;MAEDqB,kBAAQpB,GAAR,CAAYe,IAAZ,EAAkBjB,KAAlB,EAAyBkB,aAAzB;;MACA,OAAO,KAAKrB,GAAL,CAASoB,IAAT,CAAP;IACD,CAvBM;IAyBPpB,GAAG,EAAE,UAASoB,IAAT,EAAgC;MACnC;MACA,IAAI,CAACM,SAAS,CAACnC,MAAf,EAAuB;QACrB,OAAOkC,kBAAQzB,GAAR,EAAP;MACD;;MACD,OAAOyB,kBAAQzB,GAAR,CAAYoB,IAAZ,CAAP;IACD,CA/BM;IAiCPb,MAAM,EAAE,UAASa,IAAT,EAA+B;MACrC,OAAOK,kBAAQE,MAAR,CAAeP,IAAf,EAAqB;QAAEE,IAAI,EAAE;MAAR,CAArB,CAAP;IACD;EAnCM;AA3M2B,CAAtC;eAkPevD,W"}
1
+ {"version":3,"file":"browserStorage.js","names":["storageUtil","getHttpCache","getPKCEStorage","browserHasLocalStorage","storage","getLocalStorage","testStorage","e","browserHasSessionStorage","getSessionStorage","testStorageType","storageType","supported","getStorageByType","options","storageProvider","getCookieStorage","getInMemoryStorage","AuthSdkError","findStorageType","types","curType","nextType","shift","length","warn","isIE11OrLess","window","onstorage","localStorage","sessionStorage","secure","sameSite","sessionCookie","getItem","get","setItem","key","value","expiresAt","set","removeItem","delete","isSharedStorage","useSeparateCookies","data","forEach","k","replace","JSON","parse","existingValues","storageKey","valueToStore","inMemoryStore","name","cookieOptions","path","Date","expires","Cookies","arguments","remove"],"sources":["../../../lib/browser/browserStorage.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport Cookies from 'js-cookie';\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n StorageProvider,\n StorageOptions,\n PKCEStorage,\n CookieOptions,\n SimpleStorage,\n StorageType,\n BrowserStorageUtil,\n CookieStorage\n} from '../types';\nimport { warn } from '../util';\nimport { isIE11OrLess } from '../features';\n\n// Building this as an object allows us to mock the functions in our tests\nvar storageUtil: BrowserStorageUtil = {\n\n // These are shimmed in `OktaAuthBase.ts`\n getHttpCache(): StorageProvider {\n return null as never as StorageProvider;\n },\n\n getPKCEStorage(): PKCEStorage {\n return null as never as PKCEStorage;\n },\n\n // IE11 bug that Microsoft doesn't plan to fix\n // https://connect.microsoft.com/IE/Feedback/Details/1496040\n browserHasLocalStorage: function() {\n try {\n var storage = this.getLocalStorage();\n return this.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n browserHasSessionStorage: function() {\n try {\n var storage = this.getSessionStorage();\n return this.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n testStorageType: function(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'sessionStorage':\n supported = this.browserHasSessionStorage();\n break;\n case 'localStorage':\n supported = this.browserHasLocalStorage();\n break;\n case 'cookie':\n case 'memory':\n supported = true;\n break;\n default:\n supported = false;\n break;\n }\n return supported;\n },\n\n getStorageByType: function(storageType: StorageType, options?: StorageOptions): SimpleStorage {\n let storageProvider;\n switch (storageType) {\n case 'sessionStorage':\n storageProvider = this.getSessionStorage();\n break;\n case 'localStorage':\n storageProvider = this.getLocalStorage();\n break;\n case 'cookie':\n storageProvider = this.getCookieStorage(options);\n break;\n case 'memory':\n storageProvider = this.getInMemoryStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n },\n\n findStorageType: function(types: StorageType[]) {\n let curType;\n let nextType;\n \n types = types.slice(); // copy array\n curType = types.shift();\n nextType = types.length ? types[0] : null;\n if (!nextType) {\n return curType;\n }\n\n if (this.testStorageType(curType)) {\n return curType;\n }\n\n // preferred type was unsupported.\n warn(`This browser doesn't support ${curType}. Switching to ${nextType}.`);\n\n // fallback to the next type. this is a recursive call\n return this.findStorageType(types);\n },\n\n getLocalStorage: function() {\n // Workaound for synchronization issue of LocalStorage cross tabs in IE11\n if (isIE11OrLess() && !window.onstorage) {\n window.onstorage = function() {};\n }\n \n return localStorage;\n },\n\n getSessionStorage: function() {\n return sessionStorage;\n },\n\n // Provides webStorage-like interface for cookies\n getCookieStorage: function(options): CookieStorage {\n const secure = options!.secure;\n const sameSite = options!.sameSite;\n const sessionCookie = options!.sessionCookie;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('getCookieStorage: \"secure\" and \"sameSite\" options must be provided');\n }\n const storage: CookieStorage = {\n getItem: this.storage.get,\n setItem: (key, value, expiresAt = '2200-01-01T00:00:00.000Z') => {\n // By defauilt, cookie shouldn't expire\n expiresAt = (sessionCookie ? null : expiresAt) as string;\n this.storage.set(key, value, expiresAt, {\n secure: secure, \n sameSite: sameSite,\n });\n },\n removeItem: (key) => {\n this.storage.delete(key);\n },\n // TODO: remove - https://oktainc.atlassian.net/browse/OKTA-529631\n isSharedStorage: () => true\n };\n\n if (!options!.useSeparateCookies) {\n return storage;\n }\n\n // Tokens are stored separately because cookies have size limits.\n // Can only be used when storing an object value. Object properties will be saved to separate cookies.\n // Each property of the object must also be an object.\n return {\n getItem: function(key) {\n var data = storage.getItem(); // read all cookies\n var value = {};\n Object.keys(data).forEach(k => {\n if (k.indexOf(key!) === 0) { // filter out unrelated cookies\n value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie data\n }\n });\n return JSON.stringify(value);\n },\n setItem: function(key, value) {\n var existingValues = JSON.parse(this.getItem(key));\n value = JSON.parse(value);\n // Set key-value pairs from input to cookies\n Object.keys(value).forEach(k => {\n var storageKey = key + '_' + k;\n var valueToStore = JSON.stringify(value[k]);\n storage.setItem(storageKey, valueToStore);\n delete existingValues[k];\n });\n // Delete unmatched keys from existing cookies\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n removeItem: function(key) {\n var existingValues = JSON.parse(this.getItem(key));\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n // TODO: remove - https://oktainc.atlassian.net/browse/OKTA-529631\n isSharedStorage: () => true\n };\n },\n\n // Provides an in-memory solution\n inMemoryStore: {}, // override this for a unique memory store per instance\n getInMemoryStorage: function() {\n return {\n getItem: (key) => {\n return this.inMemoryStore[key];\n },\n setItem: (key, value) => {\n this.inMemoryStore[key] = value;\n },\n // TODO: remove - https://oktainc.atlassian.net/browse/OKTA-529631\n isSharedStorage: () => false\n };\n },\n\n testStorage: function(storage) {\n var key = 'okta-test-storage';\n try {\n storage.setItem(key, key);\n storage.removeItem(key);\n return true;\n } catch (e) {\n return false;\n }\n },\n\n storage: {\n set: function(name: string, value: string, expiresAt: string, options: CookieOptions): string {\n const { sameSite, secure } = options;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('storage.set: \"secure\" and \"sameSite\" options must be provided');\n }\n var cookieOptions: CookieOptions = {\n path: options.path || '/',\n secure,\n sameSite\n };\n\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Expires value can be converted to a Date object.\n //\n // If the 'expiresAt' value is not provided, or the value cannot be\n // parsed as a Date object, the cookie will set as a session cookie.\n cookieOptions.expires = new Date(expiresAt);\n }\n\n Cookies.set(name, value, cookieOptions);\n return this.get(name);\n },\n\n get: function(name?: string): string {\n // return all cookies when no args is provided\n if (!arguments.length) {\n return Cookies.get();\n }\n return Cookies.get(name);\n },\n\n delete: function(name: string): string {\n return Cookies.remove(name, { path: '/' });\n }\n }\n};\n\nexport default storageUtil;\n"],"mappings":";;;;;;;;;;;;;;AAcA;;AACA;;AAWA;;AACA;;AA3BA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAiBA;AACA,IAAIA,WAA+B,GAAG;EAEpC;EACAC,YAAY,GAAoB;IAC9B,OAAO,IAAP;EACD,CALmC;;EAOpCC,cAAc,GAAgB;IAC5B,OAAO,IAAP;EACD,CATmC;;EAWpC;EACA;EACAC,sBAAsB,EAAE,YAAW;IACjC,IAAI;MACF,IAAIC,OAAO,GAAG,KAAKC,eAAL,EAAd;MACA,OAAO,KAAKC,WAAL,CAAiBF,OAAjB,CAAP;IACD,CAHD,CAGE,OAAOG,CAAP,EAAU;MACV,OAAO,KAAP;IACD;EACF,CApBmC;EAsBpCC,wBAAwB,EAAE,YAAW;IACnC,IAAI;MACF,IAAIJ,OAAO,GAAG,KAAKK,iBAAL,EAAd;MACA,OAAO,KAAKH,WAAL,CAAiBF,OAAjB,CAAP;IACD,CAHD,CAGE,OAAOG,CAAP,EAAU;MACV,OAAO,KAAP;IACD;EACF,CA7BmC;EA+BpCG,eAAe,EAAE,UAASC,WAAT,EAA4C;IAC3D,IAAIC,SAAS,GAAG,KAAhB;;IACA,QAAQD,WAAR;MACE,KAAK,gBAAL;QACEC,SAAS,GAAG,KAAKJ,wBAAL,EAAZ;QACA;;MACF,KAAK,cAAL;QACEI,SAAS,GAAG,KAAKT,sBAAL,EAAZ;QACA;;MACF,KAAK,QAAL;MACA,KAAK,QAAL;QACES,SAAS,GAAG,IAAZ;QACA;;MACF;QACEA,SAAS,GAAG,KAAZ;QACA;IAbJ;;IAeA,OAAOA,SAAP;EACD,CAjDmC;EAmDpCC,gBAAgB,EAAE,UAASF,WAAT,EAAmCG,OAAnC,EAA4E;IAC5F,IAAIC,eAAJ;;IACA,QAAQJ,WAAR;MACE,KAAK,gBAAL;QACEI,eAAe,GAAG,KAAKN,iBAAL,EAAlB;QACA;;MACF,KAAK,cAAL;QACEM,eAAe,GAAG,KAAKV,eAAL,EAAlB;QACA;;MACF,KAAK,QAAL;QACEU,eAAe,GAAG,KAAKC,gBAAL,CAAsBF,OAAtB,CAAlB;QACA;;MACF,KAAK,QAAL;QACEC,eAAe,GAAG,KAAKE,kBAAL,EAAlB;QACA;;MACF;QACE,MAAM,IAAIC,qBAAJ,CAAkB,gCAA+BP,WAAY,EAA7D,CAAN;QACA;IAfJ;;IAiBA,OAAOI,eAAP;EACD,CAvEmC;EAyEpCI,eAAe,EAAE,UAASC,KAAT,EAA+B;IAC9C,IAAIC,OAAJ;IACA,IAAIC,QAAJ;IAEAF,KAAK,GAAG,oBAAAA,KAAK,MAAL,CAAAA,KAAK,CAAb,CAJ8C,CAIvB;;IACvBC,OAAO,GAAGD,KAAK,CAACG,KAAN,EAAV;IACAD,QAAQ,GAAGF,KAAK,CAACI,MAAN,GAAeJ,KAAK,CAAC,CAAD,CAApB,GAA0B,IAArC;;IACA,IAAI,CAACE,QAAL,EAAe;MACb,OAAOD,OAAP;IACD;;IAED,IAAI,KAAKX,eAAL,CAAqBW,OAArB,CAAJ,EAAmC;MACjC,OAAOA,OAAP;IACD,CAb6C,CAe9C;;;IACA,IAAAI,UAAA,EAAM,gCAA+BJ,OAAQ,kBAAiBC,QAAS,GAAvE,EAhB8C,CAkB9C;;IACA,OAAO,KAAKH,eAAL,CAAqBC,KAArB,CAAP;EACD,CA7FmC;EA+FpCf,eAAe,EAAE,YAAW;IAC1B;IACA,IAAI,IAAAqB,sBAAA,OAAkB,CAACC,MAAM,CAACC,SAA9B,EAAyC;MACvCD,MAAM,CAACC,SAAP,GAAmB,YAAW,CAAE,CAAhC;IACD;;IAED,OAAOC,YAAP;EACD,CAtGmC;EAwGpCpB,iBAAiB,EAAE,YAAW;IAC5B,OAAOqB,cAAP;EACD,CA1GmC;EA4GpC;EACAd,gBAAgB,EAAE,UAASF,OAAT,EAAiC;IACjD,MAAMiB,MAAM,GAAGjB,OAAO,CAAEiB,MAAxB;IACA,MAAMC,QAAQ,GAAGlB,OAAO,CAAEkB,QAA1B;IACA,MAAMC,aAAa,GAAGnB,OAAO,CAAEmB,aAA/B;;IACA,IAAI,OAAOF,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;MACpE,MAAM,IAAId,qBAAJ,CAAiB,oEAAjB,CAAN;IACD;;IACD,MAAMd,OAAsB,GAAG;MAC7B8B,OAAO,EAAE,KAAK9B,OAAL,CAAa+B,GADO;MAE7BC,OAAO,EAAE,CAACC,GAAD,EAAMC,KAAN,EAAaC,SAAS,GAAG,0BAAzB,KAAwD;QAC/D;QACAA,SAAS,GAAIN,aAAa,GAAG,IAAH,GAAUM,SAApC;QACA,KAAKnC,OAAL,CAAaoC,GAAb,CAAiBH,GAAjB,EAAsBC,KAAtB,EAA6BC,SAA7B,EAAwC;UACtCR,MAAM,EAAEA,MAD8B;UAEtCC,QAAQ,EAAEA;QAF4B,CAAxC;MAID,CAT4B;MAU7BS,UAAU,EAAGJ,GAAD,IAAS;QACnB,KAAKjC,OAAL,CAAasC,MAAb,CAAoBL,GAApB;MACD,CAZ4B;MAa7B;MACAM,eAAe,EAAE,MAAM;IAdM,CAA/B;;IAiBA,IAAI,CAAC7B,OAAO,CAAE8B,kBAAd,EAAkC;MAChC,OAAOxC,OAAP;IACD,CA1BgD,CA4BjD;IACA;IACA;;;IACA,OAAO;MACL8B,OAAO,EAAE,UAASG,GAAT,EAAc;QACrB,IAAIQ,IAAI,GAAGzC,OAAO,CAAC8B,OAAR,EAAX,CADqB,CACS;;QAC9B,IAAII,KAAK,GAAG,EAAZ;QACA,mBAAYO,IAAZ,EAAkBC,OAAlB,CAA0BC,CAAC,IAAI;UAC7B,IAAI,sBAAAA,CAAC,MAAD,CAAAA,CAAC,EAASV,GAAT,CAAD,KAAoB,CAAxB,EAA2B;YAAE;YAC3BC,KAAK,CAACS,CAAC,CAACC,OAAF,CAAW,GAAEX,GAAI,GAAjB,EAAqB,EAArB,CAAD,CAAL,GAAkCY,IAAI,CAACC,KAAL,CAAWL,IAAI,CAACE,CAAD,CAAf,CAAlC,CADyB,CAC8B;UACxD;QACF,CAJD;QAKA,OAAO,wBAAeT,KAAf,CAAP;MACD,CAVI;MAWLF,OAAO,EAAE,UAASC,GAAT,EAAcC,KAAd,EAAqB;QAC5B,IAAIa,cAAc,GAAGF,IAAI,CAACC,KAAL,CAAW,KAAKhB,OAAL,CAAaG,GAAb,CAAX,CAArB;QACAC,KAAK,GAAGW,IAAI,CAACC,KAAL,CAAWZ,KAAX,CAAR,CAF4B,CAG5B;;QACA,mBAAYA,KAAZ,EAAmBQ,OAAnB,CAA2BC,CAAC,IAAI;UAC9B,IAAIK,UAAU,GAAGf,GAAG,GAAG,GAAN,GAAYU,CAA7B;UACA,IAAIM,YAAY,GAAG,wBAAef,KAAK,CAACS,CAAD,CAApB,CAAnB;UACA3C,OAAO,CAACgC,OAAR,CAAgBgB,UAAhB,EAA4BC,YAA5B;UACA,OAAOF,cAAc,CAACJ,CAAD,CAArB;QACD,CALD,EAJ4B,CAU5B;;QACA,mBAAYI,cAAZ,EAA4BL,OAA5B,CAAoCC,CAAC,IAAI;UACvC3C,OAAO,CAACqC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYU,CAA/B;QACD,CAFD;MAGD,CAzBI;MA0BLN,UAAU,EAAE,UAASJ,GAAT,EAAc;QACxB,IAAIc,cAAc,GAAGF,IAAI,CAACC,KAAL,CAAW,KAAKhB,OAAL,CAAaG,GAAb,CAAX,CAArB;QACA,mBAAYc,cAAZ,EAA4BL,OAA5B,CAAoCC,CAAC,IAAI;UACvC3C,OAAO,CAACqC,UAAR,CAAmBJ,GAAG,GAAG,GAAN,GAAYU,CAA/B;QACD,CAFD;MAGD,CA/BI;MAgCL;MACAJ,eAAe,EAAE,MAAM;IAjClB,CAAP;EAmCD,CA/KmC;EAiLpC;EACAW,aAAa,EAAE,EAlLqB;EAkLjB;EACnBrC,kBAAkB,EAAE,YAAW;IAC7B,OAAO;MACLiB,OAAO,EAAGG,GAAD,IAAS;QAChB,OAAO,KAAKiB,aAAL,CAAmBjB,GAAnB,CAAP;MACD,CAHI;MAILD,OAAO,EAAE,CAACC,GAAD,EAAMC,KAAN,KAAgB;QACvB,KAAKgB,aAAL,CAAmBjB,GAAnB,IAA0BC,KAA1B;MACD,CANI;MAOL;MACAK,eAAe,EAAE,MAAM;IARlB,CAAP;EAUD,CA9LmC;EAgMpCrC,WAAW,EAAE,UAASF,OAAT,EAAkB;IAC7B,IAAIiC,GAAG,GAAG,mBAAV;;IACA,IAAI;MACFjC,OAAO,CAACgC,OAAR,CAAgBC,GAAhB,EAAqBA,GAArB;MACAjC,OAAO,CAACqC,UAAR,CAAmBJ,GAAnB;MACA,OAAO,IAAP;IACD,CAJD,CAIE,OAAO9B,CAAP,EAAU;MACV,OAAO,KAAP;IACD;EACF,CAzMmC;EA2MpCH,OAAO,EAAE;IACPoC,GAAG,EAAE,UAASe,IAAT,EAAuBjB,KAAvB,EAAsCC,SAAtC,EAAyDzB,OAAzD,EAAyF;MAC5F,MAAM;QAAEkB,QAAF;QAAYD;MAAZ,IAAuBjB,OAA7B;;MACA,IAAI,OAAOiB,MAAP,KAAkB,WAAlB,IAAiC,OAAOC,QAAP,KAAoB,WAAzD,EAAsE;QACpE,MAAM,IAAId,qBAAJ,CAAiB,+DAAjB,CAAN;MACD;;MACD,IAAIsC,aAA4B,GAAG;QACjCC,IAAI,EAAE3C,OAAO,CAAC2C,IAAR,IAAgB,GADW;QAEjC1B,MAFiC;QAGjCC;MAHiC,CAAnC,CAL4F,CAW5F;;MACA,IAAI,CAAC,CAAE0B,IAAI,CAACR,KAAL,CAAWX,SAAX,CAAP,EAA+B;QAC7B;QACA;QACA;QACA;QACAiB,aAAa,CAACG,OAAd,GAAwB,IAAID,IAAJ,CAASnB,SAAT,CAAxB;MACD;;MAEDqB,iBAAA,CAAQpB,GAAR,CAAYe,IAAZ,EAAkBjB,KAAlB,EAAyBkB,aAAzB;;MACA,OAAO,KAAKrB,GAAL,CAASoB,IAAT,CAAP;IACD,CAvBM;IAyBPpB,GAAG,EAAE,UAASoB,IAAT,EAAgC;MACnC;MACA,IAAI,CAACM,SAAS,CAACrC,MAAf,EAAuB;QACrB,OAAOoC,iBAAA,CAAQzB,GAAR,EAAP;MACD;;MACD,OAAOyB,iBAAA,CAAQzB,GAAR,CAAYoB,IAAZ,CAAP;IACD,CA/BM;IAiCPb,MAAM,EAAE,UAASa,IAAT,EAA+B;MACrC,OAAOK,iBAAA,CAAQE,MAAR,CAAeP,IAAf,EAAqB;QAAEE,IAAI,EAAE;MAAR,CAArB,CAAP;IACD;EAnCM;AA3M2B,CAAtC;eAkPezD,W"}
package/cjs/browser/fingerprint.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"fingerprint.js","names":["fingerprint","sdk","options","reject","AuthSdkError","timeout","iframe","listener","promise","resolve","document","createElement","style","display","e","data","origin","getIssuerOrigin","msg","JSON","parse","err","type","source","postMessage","window","src","body","appendChild","setTimeout","finally","clearTimeout","contains","parentElement","removeChild"],"sources":["../../../lib/browser/fingerprint.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../errors';\nimport { isFingerprintSupported } from '../features';\nimport {\n addListener,\n removeListener\n} from '../oidc';\nimport { FingerprintOptions, OktaAuthInterface } from '../types';\n\nexport default function fingerprint(sdk: OktaAuthInterface, options?: FingerprintOptions): Promise<string> {\n options = options || {};\n\n if (!isFingerprintSupported()) {\n return Promise.reject(new AuthSdkError('Fingerprinting is not supported on this device'));\n }\n\n var timeout;\n var iframe;\n var listener;\n var promise = new Promise(function (resolve, reject) {\n iframe = document.createElement('iframe');\n iframe.style.display = 'none';\n\n // eslint-disable-next-line complexity\n listener = function listener(e) {\n if (!e || !e.data || e.origin !== sdk.getIssuerOrigin()) {\n return;\n }\n\n try {\n var msg = JSON.parse(e.data);\n } catch (err) {\n // iframe messages should all be parsable\n // skip not parsable messages come from other sources in same origin (browser extensions)\n // TODO: add namespace flag in okta-core to distinguish messages that come from other sources\n return;\n }\n\n if (!msg) { return; }\n if (msg.type === 'FingerprintAvailable') {\n return resolve(msg.fingerprint as string);\n }\n if (msg.type === 'FingerprintServiceReady') {\n e.source.postMessage(JSON.stringify({\n type: 'GetFingerprint'\n }), e.origin);\n }\n };\n addListener(window, 'message', listener);\n\n iframe.src = sdk.getIssuerOrigin() + '/auth/services/devicefingerprint';\n document.body.appendChild(iframe);\n\n timeout = setTimeout(function() {\n reject(new AuthSdkError('Fingerprinting timed out'));\n }, options?.timeout || 15000);\n });\n\n return promise.finally(function() {\n clearTimeout(timeout);\n removeListener(window, 'message', listener);\n if (document.body.contains(iframe)) {\n iframe.parentElement.removeChild(iframe);\n }\n }) as Promise<string>;\n}\n"],"mappings":";;;;;;;;;;AAaA;;AACA;;AACA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAWe,SAASA,WAAT,CAAqBC,GAArB,EAA6CC,OAA7C,EAA4F;EACzGA,OAAO,GAAGA,OAAO,IAAI,EAArB;;EAEA,IAAI,CAAC,uCAAL,EAA+B;IAC7B,OAAO,iBAAQC,MAAR,CAAe,IAAIC,oBAAJ,CAAiB,gDAAjB,CAAf,CAAP;EACD;;EAED,IAAIC,OAAJ;EACA,IAAIC,MAAJ;EACA,IAAIC,QAAJ;EACA,IAAIC,OAAO,GAAG,qBAAY,UAAUC,OAAV,EAAmBN,MAAnB,EAA2B;IAAA;;IACnDG,MAAM,GAAGI,QAAQ,CAACC,aAAT,CAAuB,QAAvB,CAAT;IACAL,MAAM,CAACM,KAAP,CAAaC,OAAb,GAAuB,MAAvB,CAFmD,CAInD;;IACAN,QAAQ,GAAG,SAASA,QAAT,CAAkBO,CAAlB,EAAqB;MAC9B,IAAI,CAACA,CAAD,IAAM,CAACA,CAAC,CAACC,IAAT,IAAiBD,CAAC,CAACE,MAAF,KAAaf,GAAG,CAACgB,eAAJ,EAAlC,EAAyD;QACvD;MACD;;MAED,IAAI;QACF,IAAIC,GAAG,GAAGC,IAAI,CAACC,KAAL,CAAWN,CAAC,CAACC,IAAb,CAAV;MACD,CAFD,CAEE,OAAOM,GAAP,EAAY;QACZ;QACA;QACA;QACA;MACD;;MAED,IAAI,CAACH,GAAL,EAAU;QAAE;MAAS;;MACrB,IAAIA,GAAG,CAACI,IAAJ,KAAa,sBAAjB,EAAyC;QACvC,OAAOb,OAAO,CAACS,GAAG,CAAClB,WAAL,CAAd;MACD;;MACD,IAAIkB,GAAG,CAACI,IAAJ,KAAa,yBAAjB,EAA4C;QAC1CR,CAAC,CAACS,MAAF,CAASC,WAAT,CAAqB,wBAAe;UAClCF,IAAI,EAAE;QAD4B,CAAf,CAArB,EAEIR,CAAC,CAACE,MAFN;MAGD;IACF,CAvBD;;IAwBA,uBAAYS,MAAZ,EAAoB,SAApB,EAA+BlB,QAA/B;IAEAD,MAAM,CAACoB,GAAP,GAAazB,GAAG,CAACgB,eAAJ,KAAwB,kCAArC;IACAP,QAAQ,CAACiB,IAAT,CAAcC,WAAd,CAA0BtB,MAA1B;IAEAD,OAAO,GAAGwB,UAAU,CAAC,YAAW;MAC9B1B,MAAM,CAAC,IAAIC,oBAAJ,CAAiB,0BAAjB,CAAD,CAAN;IACD,CAFmB,EAEjB,aAAAF,OAAO,UAAP,4CAASG,OAAT,KAAoB,KAFH,CAApB;EAGD,CArCa,CAAd;EAuCA,OAAOG,OAAO,CAACsB,OAAR,CAAgB,YAAW;IAChCC,YAAY,CAAC1B,OAAD,CAAZ;IACA,0BAAeoB,MAAf,EAAuB,SAAvB,EAAkClB,QAAlC;;IACA,IAAIG,QAAQ,CAACiB,IAAT,CAAcK,QAAd,CAAuB1B,MAAvB,CAAJ,EAAoC;MAClCA,MAAM,CAAC2B,aAAP,CAAqBC,WAArB,CAAiC5B,MAAjC;IACD;EACF,CANM,CAAP;AAOD"}
1
+ {"version":3,"file":"fingerprint.js","names":["fingerprint","sdk","options","isFingerprintSupported","reject","AuthSdkError","timeout","iframe","listener","promise","resolve","document","createElement","style","display","e","data","origin","getIssuerOrigin","msg","JSON","parse","err","type","source","postMessage","addListener","window","src","body","appendChild","setTimeout","finally","clearTimeout","removeListener","contains","parentElement","removeChild"],"sources":["../../../lib/browser/fingerprint.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../errors';\nimport { isFingerprintSupported } from '../features';\nimport {\n addListener,\n removeListener\n} from '../oidc';\nimport { FingerprintOptions, OktaAuthInterface } from '../types';\n\nexport default function fingerprint(sdk: OktaAuthInterface, options?: FingerprintOptions): Promise<string> {\n options = options || {};\n\n if (!isFingerprintSupported()) {\n return Promise.reject(new AuthSdkError('Fingerprinting is not supported on this device'));\n }\n\n var timeout;\n var iframe;\n var listener;\n var promise = new Promise(function (resolve, reject) {\n iframe = document.createElement('iframe');\n iframe.style.display = 'none';\n\n // eslint-disable-next-line complexity\n listener = function listener(e) {\n if (!e || !e.data || e.origin !== sdk.getIssuerOrigin()) {\n return;\n }\n\n try {\n var msg = JSON.parse(e.data);\n } catch (err) {\n // iframe messages should all be parsable\n // skip not parsable messages come from other sources in same origin (browser extensions)\n // TODO: add namespace flag in okta-core to distinguish messages that come from other sources\n return;\n }\n\n if (!msg) { return; }\n if (msg.type === 'FingerprintAvailable') {\n return resolve(msg.fingerprint as string);\n }\n if (msg.type === 'FingerprintServiceReady') {\n e.source.postMessage(JSON.stringify({\n type: 'GetFingerprint'\n }), e.origin);\n }\n };\n addListener(window, 'message', listener);\n\n iframe.src = sdk.getIssuerOrigin() + '/auth/services/devicefingerprint';\n document.body.appendChild(iframe);\n\n timeout = setTimeout(function() {\n reject(new AuthSdkError('Fingerprinting timed out'));\n }, options?.timeout || 15000);\n });\n\n return promise.finally(function() {\n clearTimeout(timeout);\n removeListener(window, 'message', listener);\n if (document.body.contains(iframe)) {\n iframe.parentElement.removeChild(iframe);\n }\n }) as Promise<string>;\n}\n"],"mappings":";;;;;;;;;;AAaA;;AACA;;AACA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAWe,SAASA,WAAT,CAAqBC,GAArB,EAA6CC,OAA7C,EAA4F;EACzGA,OAAO,GAAGA,OAAO,IAAI,EAArB;;EAEA,IAAI,CAAC,IAAAC,gCAAA,GAAL,EAA+B;IAC7B,OAAO,iBAAQC,MAAR,CAAe,IAAIC,oBAAJ,CAAiB,gDAAjB,CAAf,CAAP;EACD;;EAED,IAAIC,OAAJ;EACA,IAAIC,MAAJ;EACA,IAAIC,QAAJ;EACA,IAAIC,OAAO,GAAG,qBAAY,UAAUC,OAAV,EAAmBN,MAAnB,EAA2B;IAAA;;IACnDG,MAAM,GAAGI,QAAQ,CAACC,aAAT,CAAuB,QAAvB,CAAT;IACAL,MAAM,CAACM,KAAP,CAAaC,OAAb,GAAuB,MAAvB,CAFmD,CAInD;;IACAN,QAAQ,GAAG,SAASA,QAAT,CAAkBO,CAAlB,EAAqB;MAC9B,IAAI,CAACA,CAAD,IAAM,CAACA,CAAC,CAACC,IAAT,IAAiBD,CAAC,CAACE,MAAF,KAAahB,GAAG,CAACiB,eAAJ,EAAlC,EAAyD;QACvD;MACD;;MAED,IAAI;QACF,IAAIC,GAAG,GAAGC,IAAI,CAACC,KAAL,CAAWN,CAAC,CAACC,IAAb,CAAV;MACD,CAFD,CAEE,OAAOM,GAAP,EAAY;QACZ;QACA;QACA;QACA;MACD;;MAED,IAAI,CAACH,GAAL,EAAU;QAAE;MAAS;;MACrB,IAAIA,GAAG,CAACI,IAAJ,KAAa,sBAAjB,EAAyC;QACvC,OAAOb,OAAO,CAACS,GAAG,CAACnB,WAAL,CAAd;MACD;;MACD,IAAImB,GAAG,CAACI,IAAJ,KAAa,yBAAjB,EAA4C;QAC1CR,CAAC,CAACS,MAAF,CAASC,WAAT,CAAqB,wBAAe;UAClCF,IAAI,EAAE;QAD4B,CAAf,CAArB,EAEIR,CAAC,CAACE,MAFN;MAGD;IACF,CAvBD;;IAwBA,IAAAS,iBAAA,EAAYC,MAAZ,EAAoB,SAApB,EAA+BnB,QAA/B;IAEAD,MAAM,CAACqB,GAAP,GAAa3B,GAAG,CAACiB,eAAJ,KAAwB,kCAArC;IACAP,QAAQ,CAACkB,IAAT,CAAcC,WAAd,CAA0BvB,MAA1B;IAEAD,OAAO,GAAGyB,UAAU,CAAC,YAAW;MAC9B3B,MAAM,CAAC,IAAIC,oBAAJ,CAAiB,0BAAjB,CAAD,CAAN;IACD,CAFmB,EAEjB,aAAAH,OAAO,UAAP,4CAASI,OAAT,KAAoB,KAFH,CAApB;EAGD,CArCa,CAAd;EAuCA,OAAOG,OAAO,CAACuB,OAAR,CAAgB,YAAW;IAChCC,YAAY,CAAC3B,OAAD,CAAZ;IACA,IAAA4B,oBAAA,EAAeP,MAAf,EAAuB,SAAvB,EAAkCnB,QAAlC;;IACA,IAAIG,QAAQ,CAACkB,IAAT,CAAcM,QAAd,CAAuB5B,MAAvB,CAAJ,EAAoC;MAClCA,MAAM,CAAC6B,aAAP,CAAqBC,WAArB,CAAiC9B,MAAjC;IACD;EACF,CANM,CAAP;AAOD"}
package/cjs/constants.js CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
2
 
3
- exports.IDX_API_VERSION = exports.DEFAULT_CODE_CHALLENGE_METHOD = exports.MAX_VERIFIER_LENGTH = exports.MIN_VERIFIER_LENGTH = exports.REFERRER_PATH_STORAGE_KEY = exports.REFRESH_TOKEN_STORAGE_KEY = exports.ID_TOKEN_STORAGE_KEY = exports.ACCESS_TOKEN_STORAGE_KEY = exports.IDX_RESPONSE_STORAGE_NAME = exports.ORIGINAL_URI_STORAGE_NAME = exports.SHARED_TRANSACTION_STORAGE_NAME = exports.TRANSACTION_STORAGE_NAME = exports.PKCE_STORAGE_NAME = exports.CACHE_STORAGE_NAME = exports.TOKEN_STORAGE_NAME = exports.REDIRECT_NONCE_COOKIE_NAME = exports.REDIRECT_STATE_COOKIE_NAME = exports.REDIRECT_OAUTH_PARAMS_NAME = exports.DEFAULT_CACHE_DURATION = exports.DEFAULT_MAX_CLOCK_SKEW = exports.DEFAULT_POLLING_DELAY = exports.STATE_TOKEN_KEY_NAME = void 0;
3
+ exports.TRANSACTION_STORAGE_NAME = exports.TOKEN_STORAGE_NAME = exports.STATE_TOKEN_KEY_NAME = exports.SHARED_TRANSACTION_STORAGE_NAME = exports.REFRESH_TOKEN_STORAGE_KEY = exports.REFERRER_PATH_STORAGE_KEY = exports.REDIRECT_STATE_COOKIE_NAME = exports.REDIRECT_OAUTH_PARAMS_NAME = exports.REDIRECT_NONCE_COOKIE_NAME = exports.PKCE_STORAGE_NAME = exports.ORIGINAL_URI_STORAGE_NAME = exports.MIN_VERIFIER_LENGTH = exports.MAX_VERIFIER_LENGTH = exports.ID_TOKEN_STORAGE_KEY = exports.IDX_RESPONSE_STORAGE_NAME = exports.IDX_API_VERSION = exports.DEFAULT_POLLING_DELAY = exports.DEFAULT_MAX_CLOCK_SKEW = exports.DEFAULT_CODE_CHALLENGE_METHOD = exports.DEFAULT_CACHE_DURATION = exports.CACHE_STORAGE_NAME = exports.ACCESS_TOKEN_STORAGE_KEY = void 0;
4
4
 
5
5
  /*!
6
6
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
package/cjs/crypto/base64.js CHANGED
@@ -2,14 +2,14 @@
2
2
 
3
3
  var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
4
 
5
- exports.stringToBase64Url = stringToBase64Url;
6
5
  exports.base64ToBase64Url = base64ToBase64Url;
7
- exports.base64UrlToBase64 = base64UrlToBase64;
8
- exports.base64UrlToString = base64UrlToString;
9
- exports.stringToBuffer = stringToBuffer;
10
6
  exports.base64UrlDecode = base64UrlDecode;
7
+ exports.base64UrlToBase64 = base64UrlToBase64;
11
8
  exports.base64UrlToBuffer = base64UrlToBuffer;
9
+ exports.base64UrlToString = base64UrlToString;
12
10
  exports.bufferToBase64Url = bufferToBase64Url;
11
+ exports.stringToBase64Url = stringToBase64Url;
12
+ exports.stringToBuffer = stringToBuffer;
13
13
 
14
14
  var _reduce = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/reduce"));
15
15
 
package/cjs/crypto/base64.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"base64.js","names":["stringToBase64Url","str","b64","base64ToBase64Url","replace","base64UrlToBase64","b64u","base64UrlToString","length","AuthSdkError","utf8","decodeURIComponent","escape","e","stringToBuffer","buffer","Uint8Array","i","charCodeAt","base64UrlDecode","base64UrlToBuffer","from","c","bufferToBase64Url","bin","s","byte","String","fromCharCode"],"sources":["../../../lib/crypto/base64.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { AuthSdkError } from '../errors';\nimport { atob, btoa } from './webcrypto';\n\n// converts a string to base64 (url/filename safe variant)\nexport function stringToBase64Url(str) {\n var b64 = btoa(str);\n return base64ToBase64Url(b64);\n}\n\n// converts a standard base64-encoded string to a \"url/filename safe\" variant\nexport function base64ToBase64Url(b64) {\n return b64.replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '');\n}\n\n// converts a \"url/filename safe\" base64 string to a \"standard\" base64 string\nexport function base64UrlToBase64(b64u) {\n return b64u.replace(/-/g, '+').replace(/_/g, '/');\n}\n\nexport function base64UrlToString(b64u) {\n var b64 = base64UrlToBase64(b64u);\n switch (b64.length % 4) {\n case 0:\n break;\n case 2:\n b64 += '==';\n break;\n case 3:\n b64 += '=';\n break;\n default:\n throw new AuthSdkError('Not a valid Base64Url');\n }\n var utf8 = atob(b64);\n try {\n return decodeURIComponent(escape(utf8));\n } catch (e) {\n return utf8;\n }\n}\n\nexport function stringToBuffer(str) {\n var buffer = new Uint8Array(str.length);\n for (var i = 0; i < str.length; i++) {\n buffer[i] = str.charCodeAt(i);\n }\n return buffer;\n}\n\nexport function base64UrlDecode(str) {\n return atob(base64UrlToBase64(str));\n}\n\n// Converts base64 string to binary data view\nexport function base64UrlToBuffer(b64u) {\n return Uint8Array.from(base64UrlDecode(b64u), (c: string) => c.charCodeAt(0));\n}\n\n// Converts an ArrayBuffer object that contains binary data to base64 encoded string\nexport function bufferToBase64Url(bin) {\n return btoa(new Uint8Array(bin).reduce((s, byte) => s + String.fromCharCode(byte), ''));\n}\n\n\n"],"mappings":";;;;;;;;;;;;;;;AAYA;;AACA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACO,SAASA,iBAAT,CAA2BC,GAA3B,EAAgC;EACrC,IAAIC,GAAG,GAAG,qBAAKD,GAAL,CAAV;EACA,OAAOE,iBAAiB,CAACD,GAAD,CAAxB;AACD,C,CAED;;;AACO,SAASC,iBAAT,CAA2BD,GAA3B,EAAgC;EACrC,OAAOA,GAAG,CAACE,OAAJ,CAAY,KAAZ,EAAmB,GAAnB,EAAwBA,OAAxB,CAAgC,KAAhC,EAAuC,GAAvC,EAA4CA,OAA5C,CAAoD,KAApD,EAA2D,EAA3D,CAAP;AACD,C,CAED;;;AACO,SAASC,iBAAT,CAA2BC,IAA3B,EAAiC;EACtC,OAAOA,IAAI,CAACF,OAAL,CAAa,IAAb,EAAmB,GAAnB,EAAwBA,OAAxB,CAAgC,IAAhC,EAAsC,GAAtC,CAAP;AACD;;AAEM,SAASG,iBAAT,CAA2BD,IAA3B,EAAiC;EACtC,IAAIJ,GAAG,GAAGG,iBAAiB,CAACC,IAAD,CAA3B;;EACA,QAAQJ,GAAG,CAACM,MAAJ,GAAa,CAArB;IACE,KAAK,CAAL;MACE;;IACF,KAAK,CAAL;MACEN,GAAG,IAAI,IAAP;MACA;;IACF,KAAK,CAAL;MACEA,GAAG,IAAI,GAAP;MACA;;IACF;MACE,MAAM,IAAIO,oBAAJ,CAAiB,uBAAjB,CAAN;EAVJ;;EAYA,IAAIC,IAAI,GAAG,qBAAKR,GAAL,CAAX;;EACA,IAAI;IACF,OAAOS,kBAAkB,CAACC,MAAM,CAACF,IAAD,CAAP,CAAzB;EACD,CAFD,CAEE,OAAOG,CAAP,EAAU;IACV,OAAOH,IAAP;EACD;AACF;;AAEM,SAASI,cAAT,CAAwBb,GAAxB,EAA6B;EAClC,IAAIc,MAAM,GAAG,IAAIC,UAAJ,CAAef,GAAG,CAACO,MAAnB,CAAb;;EACA,KAAK,IAAIS,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGhB,GAAG,CAACO,MAAxB,EAAgCS,CAAC,EAAjC,EAAqC;IACnCF,MAAM,CAACE,CAAD,CAAN,GAAYhB,GAAG,CAACiB,UAAJ,CAAeD,CAAf,CAAZ;EACD;;EACD,OAAOF,MAAP;AACD;;AAEM,SAASI,eAAT,CAAyBlB,GAAzB,EAA8B;EACnC,OAAO,qBAAKI,iBAAiB,CAACJ,GAAD,CAAtB,CAAP;AACD,C,CAED;;;AACO,SAASmB,iBAAT,CAA2Bd,IAA3B,EAAiC;EACtC,OAAOU,UAAU,CAACK,IAAX,CAAgBF,eAAe,CAACb,IAAD,CAA/B,EAAwCgB,CAAD,IAAeA,CAAC,CAACJ,UAAF,CAAa,CAAb,CAAtD,CAAP;AACD,C,CAED;;;AACO,SAASK,iBAAT,CAA2BC,GAA3B,EAAgC;EAAA;;EACrC,OAAO,qBAAK,oCAAIR,UAAJ,CAAeQ,GAAf,kBAA2B,CAACC,CAAD,EAAIC,IAAJ,KAAaD,CAAC,GAAGE,MAAM,CAACC,YAAP,CAAoBF,IAApB,CAA5C,EAAuE,EAAvE,CAAL,CAAP;AACD"}
1
+ {"version":3,"file":"base64.js","names":["stringToBase64Url","str","b64","btoa","base64ToBase64Url","replace","base64UrlToBase64","b64u","base64UrlToString","length","AuthSdkError","utf8","atob","decodeURIComponent","escape","e","stringToBuffer","buffer","Uint8Array","i","charCodeAt","base64UrlDecode","base64UrlToBuffer","from","c","bufferToBase64Url","bin","s","byte","String","fromCharCode"],"sources":["../../../lib/crypto/base64.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { AuthSdkError } from '../errors';\nimport { atob, btoa } from './webcrypto';\n\n// converts a string to base64 (url/filename safe variant)\nexport function stringToBase64Url(str) {\n var b64 = btoa(str);\n return base64ToBase64Url(b64);\n}\n\n// converts a standard base64-encoded string to a \"url/filename safe\" variant\nexport function base64ToBase64Url(b64) {\n return b64.replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '');\n}\n\n// converts a \"url/filename safe\" base64 string to a \"standard\" base64 string\nexport function base64UrlToBase64(b64u) {\n return b64u.replace(/-/g, '+').replace(/_/g, '/');\n}\n\nexport function base64UrlToString(b64u) {\n var b64 = base64UrlToBase64(b64u);\n switch (b64.length % 4) {\n case 0:\n break;\n case 2:\n b64 += '==';\n break;\n case 3:\n b64 += '=';\n break;\n default:\n throw new AuthSdkError('Not a valid Base64Url');\n }\n var utf8 = atob(b64);\n try {\n return decodeURIComponent(escape(utf8));\n } catch (e) {\n return utf8;\n }\n}\n\nexport function stringToBuffer(str) {\n var buffer = new Uint8Array(str.length);\n for (var i = 0; i < str.length; i++) {\n buffer[i] = str.charCodeAt(i);\n }\n return buffer;\n}\n\nexport function base64UrlDecode(str) {\n return atob(base64UrlToBase64(str));\n}\n\n// Converts base64 string to binary data view\nexport function base64UrlToBuffer(b64u) {\n return Uint8Array.from(base64UrlDecode(b64u), (c: string) => c.charCodeAt(0));\n}\n\n// Converts an ArrayBuffer object that contains binary data to base64 encoded string\nexport function bufferToBase64Url(bin) {\n return btoa(new Uint8Array(bin).reduce((s, byte) => s + String.fromCharCode(byte), ''));\n}\n\n\n"],"mappings":";;;;;;;;;;;;;;;AAYA;;AACA;;AAbA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACO,SAASA,iBAAT,CAA2BC,GAA3B,EAAgC;EACrC,IAAIC,GAAG,GAAG,IAAAC,eAAA,EAAKF,GAAL,CAAV;EACA,OAAOG,iBAAiB,CAACF,GAAD,CAAxB;AACD,C,CAED;;;AACO,SAASE,iBAAT,CAA2BF,GAA3B,EAAgC;EACrC,OAAOA,GAAG,CAACG,OAAJ,CAAY,KAAZ,EAAmB,GAAnB,EAAwBA,OAAxB,CAAgC,KAAhC,EAAuC,GAAvC,EAA4CA,OAA5C,CAAoD,KAApD,EAA2D,EAA3D,CAAP;AACD,C,CAED;;;AACO,SAASC,iBAAT,CAA2BC,IAA3B,EAAiC;EACtC,OAAOA,IAAI,CAACF,OAAL,CAAa,IAAb,EAAmB,GAAnB,EAAwBA,OAAxB,CAAgC,IAAhC,EAAsC,GAAtC,CAAP;AACD;;AAEM,SAASG,iBAAT,CAA2BD,IAA3B,EAAiC;EACtC,IAAIL,GAAG,GAAGI,iBAAiB,CAACC,IAAD,CAA3B;;EACA,QAAQL,GAAG,CAACO,MAAJ,GAAa,CAArB;IACE,KAAK,CAAL;MACE;;IACF,KAAK,CAAL;MACEP,GAAG,IAAI,IAAP;MACA;;IACF,KAAK,CAAL;MACEA,GAAG,IAAI,GAAP;MACA;;IACF;MACE,MAAM,IAAIQ,oBAAJ,CAAiB,uBAAjB,CAAN;EAVJ;;EAYA,IAAIC,IAAI,GAAG,IAAAC,eAAA,EAAKV,GAAL,CAAX;;EACA,IAAI;IACF,OAAOW,kBAAkB,CAACC,MAAM,CAACH,IAAD,CAAP,CAAzB;EACD,CAFD,CAEE,OAAOI,CAAP,EAAU;IACV,OAAOJ,IAAP;EACD;AACF;;AAEM,SAASK,cAAT,CAAwBf,GAAxB,EAA6B;EAClC,IAAIgB,MAAM,GAAG,IAAIC,UAAJ,CAAejB,GAAG,CAACQ,MAAnB,CAAb;;EACA,KAAK,IAAIU,CAAC,GAAG,CAAb,EAAgBA,CAAC,GAAGlB,GAAG,CAACQ,MAAxB,EAAgCU,CAAC,EAAjC,EAAqC;IACnCF,MAAM,CAACE,CAAD,CAAN,GAAYlB,GAAG,CAACmB,UAAJ,CAAeD,CAAf,CAAZ;EACD;;EACD,OAAOF,MAAP;AACD;;AAEM,SAASI,eAAT,CAAyBpB,GAAzB,EAA8B;EACnC,OAAO,IAAAW,eAAA,EAAKN,iBAAiB,CAACL,GAAD,CAAtB,CAAP;AACD,C,CAED;;;AACO,SAASqB,iBAAT,CAA2Bf,IAA3B,EAAiC;EACtC,OAAOW,UAAU,CAACK,IAAX,CAAgBF,eAAe,CAACd,IAAD,CAA/B,EAAwCiB,CAAD,IAAeA,CAAC,CAACJ,UAAF,CAAa,CAAb,CAAtD,CAAP;AACD,C,CAED;;;AACO,SAASK,iBAAT,CAA2BC,GAA3B,EAAgC;EAAA;;EACrC,OAAO,IAAAvB,eAAA,EAAK,oCAAIe,UAAJ,CAAeQ,GAAf,kBAA2B,CAACC,CAAD,EAAIC,IAAJ,KAAaD,CAAC,GAAGE,MAAM,CAACC,YAAP,CAAoBF,IAApB,CAA5C,EAAuE,EAAvE,CAAL,CAAP;AACD"}
package/cjs/crypto/oidcHash.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"oidcHash.js","names":["getOidcHash","str","buffer","TextEncoder","encode","webcrypto","subtle","digest","then","arrayBuffer","intBuffer","Uint8Array","firstHalf","hash","String","fromCharCode","apply","b64u"],"sources":["../../../lib/crypto/oidcHash.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* global TextEncoder */\nimport { stringToBase64Url } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function getOidcHash(str) { \n var buffer = new TextEncoder().encode(str);\n return webcrypto.subtle.digest('SHA-256', buffer).then(function(arrayBuffer) {\n var intBuffer = new Uint8Array(arrayBuffer);\n var firstHalf = intBuffer.slice(0, 16);\n var hash = String.fromCharCode.apply(null, firstHalf as unknown as number[]);\n var b64u = stringToBase64Url(hash); // url-safe base64 variant\n return b64u;\n });\n}\n"],"mappings":";;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAIO,SAASA,WAAT,CAAqBC,GAArB,EAA0B;EAC/B,IAAIC,MAAM,GAAG,IAAIC,WAAJ,GAAkBC,MAAlB,CAAyBH,GAAzB,CAAb;EACA,OAAOI,qBAAUC,MAAV,CAAiBC,MAAjB,CAAwB,SAAxB,EAAmCL,MAAnC,EAA2CM,IAA3C,CAAgD,UAASC,WAAT,EAAsB;IAC3E,IAAIC,SAAS,GAAG,IAAIC,UAAJ,CAAeF,WAAf,CAAhB;IACA,IAAIG,SAAS,GAAG,oBAAAF,SAAS,MAAT,CAAAA,SAAS,EAAO,CAAP,EAAU,EAAV,CAAzB;IACA,IAAIG,IAAI,GAAGC,MAAM,CAACC,YAAP,CAAoBC,KAApB,CAA0B,IAA1B,EAAgCJ,SAAhC,CAAX;IACA,IAAIK,IAAI,GAAG,6BAAkBJ,IAAlB,CAAX,CAJ2E,CAIvC;;IACpC,OAAOI,IAAP;EACD,CANM,CAAP;AAOD"}
1
+ {"version":3,"file":"oidcHash.js","names":["getOidcHash","str","buffer","TextEncoder","encode","webcrypto","subtle","digest","then","arrayBuffer","intBuffer","Uint8Array","firstHalf","hash","String","fromCharCode","apply","b64u","stringToBase64Url"],"sources":["../../../lib/crypto/oidcHash.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* global TextEncoder */\nimport { stringToBase64Url } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function getOidcHash(str) { \n var buffer = new TextEncoder().encode(str);\n return webcrypto.subtle.digest('SHA-256', buffer).then(function(arrayBuffer) {\n var intBuffer = new Uint8Array(arrayBuffer);\n var firstHalf = intBuffer.slice(0, 16);\n var hash = String.fromCharCode.apply(null, firstHalf as unknown as number[]);\n var b64u = stringToBase64Url(hash); // url-safe base64 variant\n return b64u;\n });\n}\n"],"mappings":";;;;;;;;AAaA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AAIO,SAASA,WAAT,CAAqBC,GAArB,EAA0B;EAC/B,IAAIC,MAAM,GAAG,IAAIC,WAAJ,GAAkBC,MAAlB,CAAyBH,GAAzB,CAAb;EACA,OAAOI,oBAAA,CAAUC,MAAV,CAAiBC,MAAjB,CAAwB,SAAxB,EAAmCL,MAAnC,EAA2CM,IAA3C,CAAgD,UAASC,WAAT,EAAsB;IAC3E,IAAIC,SAAS,GAAG,IAAIC,UAAJ,CAAeF,WAAf,CAAhB;IACA,IAAIG,SAAS,GAAG,oBAAAF,SAAS,MAAT,CAAAA,SAAS,EAAO,CAAP,EAAU,EAAV,CAAzB;IACA,IAAIG,IAAI,GAAGC,MAAM,CAACC,YAAP,CAAoBC,KAApB,CAA0B,IAA1B,EAAgCJ,SAAhC,CAAX;IACA,IAAIK,IAAI,GAAG,IAAAC,uBAAA,EAAkBL,IAAlB,CAAX,CAJ2E,CAIvC;;IACpC,OAAOI,IAAP;EACD,CANM,CAAP;AAOD"}
package/cjs/crypto/verifyToken.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"verifyToken.js","names":["verifyToken","idToken","key","format","algo","name","hash","extractable","usages","use","webcrypto","subtle","importKey","then","cryptoKey","jwt","split","payload","b64Signature","signature","verify"],"sources":["../../../lib/crypto/verifyToken.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { clone } from '../util';\nimport { stringToBuffer, base64UrlDecode } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function verifyToken(idToken, key) {\n key = clone(key);\n\n var format = 'jwk';\n var algo = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: { name: 'SHA-256' }\n };\n var extractable = true;\n var usages = ['verify'];\n\n // https://connect.microsoft.com/IE/feedback/details/2242108/webcryptoapi-importing-jwk-with-use-field-fails\n // This is a metadata tag that specifies the intent of how the key should be used.\n // It's not necessary to properly verify the jwt's signature.\n delete key.use;\n\n // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n // @ts-ignore\n return webcrypto.subtle.importKey(\n format,\n key,\n algo,\n extractable,\n usages\n )\n .then(function(cryptoKey) {\n var jwt = idToken.split('.');\n var payload = stringToBuffer(jwt[0] + '.' + jwt[1]);\n var b64Signature = base64UrlDecode(jwt[2]);\n var signature = stringToBuffer(b64Signature);\n\n return webcrypto.subtle.verify(\n algo,\n cryptoKey,\n signature,\n payload\n );\n });\n}\n\n"],"mappings":";;;;AAYA;;AACA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,WAAT,CAAqBC,OAArB,EAA8BC,GAA9B,EAAmC;EACxCA,GAAG,GAAG,iBAAMA,GAAN,CAAN;EAEA,IAAIC,MAAM,GAAG,KAAb;EACA,IAAIC,IAAI,GAAG;IACTC,IAAI,EAAE,mBADG;IAETC,IAAI,EAAE;MAAED,IAAI,EAAE;IAAR;EAFG,CAAX;EAIA,IAAIE,WAAW,GAAG,IAAlB;EACA,IAAIC,MAAM,GAAG,CAAC,QAAD,CAAb,CATwC,CAWxC;EACA;EACA;;EACA,OAAON,GAAG,CAACO,GAAX,CAdwC,CAgBxC;EACA;;EACA,OAAOC,qBAAUC,MAAV,CAAiBC,SAAjB,CACLT,MADK,EAELD,GAFK,EAGLE,IAHK,EAILG,WAJK,EAKLC,MALK,EAONK,IAPM,CAOD,UAASC,SAAT,EAAoB;IACxB,IAAIC,GAAG,GAAGd,OAAO,CAACe,KAAR,CAAc,GAAd,CAAV;IACA,IAAIC,OAAO,GAAG,0BAAeF,GAAG,CAAC,CAAD,CAAH,GAAS,GAAT,GAAeA,GAAG,CAAC,CAAD,CAAjC,CAAd;IACA,IAAIG,YAAY,GAAG,2BAAgBH,GAAG,CAAC,CAAD,CAAnB,CAAnB;IACA,IAAII,SAAS,GAAG,0BAAeD,YAAf,CAAhB;IAEA,OAAOR,qBAAUC,MAAV,CAAiBS,MAAjB,CACLhB,IADK,EAELU,SAFK,EAGLK,SAHK,EAILF,OAJK,CAAP;EAMD,CAnBM,CAAP;AAoBD"}
1
+ {"version":3,"file":"verifyToken.js","names":["verifyToken","idToken","key","clone","format","algo","name","hash","extractable","usages","use","webcrypto","subtle","importKey","then","cryptoKey","jwt","split","payload","stringToBuffer","b64Signature","base64UrlDecode","signature","verify"],"sources":["../../../lib/crypto/verifyToken.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { clone } from '../util';\nimport { stringToBuffer, base64UrlDecode } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function verifyToken(idToken, key) {\n key = clone(key);\n\n var format = 'jwk';\n var algo = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: { name: 'SHA-256' }\n };\n var extractable = true;\n var usages = ['verify'];\n\n // https://connect.microsoft.com/IE/feedback/details/2242108/webcryptoapi-importing-jwk-with-use-field-fails\n // This is a metadata tag that specifies the intent of how the key should be used.\n // It's not necessary to properly verify the jwt's signature.\n delete key.use;\n\n // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n // @ts-ignore\n return webcrypto.subtle.importKey(\n format,\n key,\n algo,\n extractable,\n usages\n )\n .then(function(cryptoKey) {\n var jwt = idToken.split('.');\n var payload = stringToBuffer(jwt[0] + '.' + jwt[1]);\n var b64Signature = base64UrlDecode(jwt[2]);\n var signature = stringToBuffer(b64Signature);\n\n return webcrypto.subtle.verify(\n algo,\n cryptoKey,\n signature,\n payload\n );\n });\n}\n\n"],"mappings":";;;;AAYA;;AACA;;AACA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,WAAT,CAAqBC,OAArB,EAA8BC,GAA9B,EAAmC;EACxCA,GAAG,GAAG,IAAAC,WAAA,EAAMD,GAAN,CAAN;EAEA,IAAIE,MAAM,GAAG,KAAb;EACA,IAAIC,IAAI,GAAG;IACTC,IAAI,EAAE,mBADG;IAETC,IAAI,EAAE;MAAED,IAAI,EAAE;IAAR;EAFG,CAAX;EAIA,IAAIE,WAAW,GAAG,IAAlB;EACA,IAAIC,MAAM,GAAG,CAAC,QAAD,CAAb,CATwC,CAWxC;EACA;EACA;;EACA,OAAOP,GAAG,CAACQ,GAAX,CAdwC,CAgBxC;EACA;;EACA,OAAOC,oBAAA,CAAUC,MAAV,CAAiBC,SAAjB,CACLT,MADK,EAELF,GAFK,EAGLG,IAHK,EAILG,WAJK,EAKLC,MALK,EAONK,IAPM,CAOD,UAASC,SAAT,EAAoB;IACxB,IAAIC,GAAG,GAAGf,OAAO,CAACgB,KAAR,CAAc,GAAd,CAAV;IACA,IAAIC,OAAO,GAAG,IAAAC,oBAAA,EAAeH,GAAG,CAAC,CAAD,CAAH,GAAS,GAAT,GAAeA,GAAG,CAAC,CAAD,CAAjC,CAAd;IACA,IAAII,YAAY,GAAG,IAAAC,qBAAA,EAAgBL,GAAG,CAAC,CAAD,CAAnB,CAAnB;IACA,IAAIM,SAAS,GAAG,IAAAH,oBAAA,EAAeC,YAAf,CAAhB;IAEA,OAAOT,oBAAA,CAAUC,MAAV,CAAiBW,MAAjB,CACLlB,IADK,EAELU,SAFK,EAGLO,SAHK,EAILJ,OAJK,CAAP;EAMD,CAnBM,CAAP;AAoBD"}
package/cjs/crypto/webauthn.js CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
2
 
3
- exports.getAssertion = exports.getAttestation = exports.buildCredentialRequestOptions = exports.buildCredentialCreationOptions = void 0;
3
+ exports.getAttestation = exports.getAssertion = exports.buildCredentialRequestOptions = exports.buildCredentialCreationOptions = void 0;
4
4
 
5
5
  var _base = require("./base64");
6
6
 
package/cjs/crypto/webauthn.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"webauthn.js","names":["getEnrolledCredentials","authenticatorEnrollments","credentials","forEach","enrollement","key","push","type","id","credentialId","buildCredentialCreationOptions","activationData","publicKey","rp","user","name","displayName","challenge","pubKeyCredParams","attestation","authenticatorSelection","excludeCredentials","buildCredentialRequestOptions","challengeData","userVerification","allowCredentials","getAttestation","credential","response","clientData","clientDataJSON","attestationObject","getAssertion","authenticatorData","signatureData","signature"],"sources":["../../../lib/crypto/webauthn.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { base64UrlToBuffer, bufferToBase64Url } from './base64';\nimport { ActivationData, ChallengeData, IdxAuthenticator } from '../idx/types';\n\n// Get known credentials from list of enrolled authenticators\nconst getEnrolledCredentials = (authenticatorEnrollments: IdxAuthenticator[] = []) => {\n const credentials: PublicKeyCredentialDescriptor[] = [];\n authenticatorEnrollments.forEach((enrollement) => {\n if (enrollement.key === 'webauthn') {\n credentials.push({\n type: 'public-key',\n id: base64UrlToBuffer(enrollement.credentialId),\n });\n }\n });\n return credentials;\n};\n\n// Build options for navigator.credentials.create\n// https://developer.mozilla.org/en-US/docs/Web/API/CredentialsContainer/create\nexport const buildCredentialCreationOptions = (\n activationData: ActivationData, authenticatorEnrollments: IdxAuthenticator[]\n) => {\n return {\n publicKey: {\n rp: activationData.rp,\n user: {\n id: base64UrlToBuffer(activationData.user.id),\n name: activationData.user.name,\n displayName: activationData.user.displayName\n },\n challenge: base64UrlToBuffer(activationData.challenge),\n pubKeyCredParams: activationData.pubKeyCredParams,\n attestation: activationData.attestation,\n authenticatorSelection: activationData.authenticatorSelection,\n excludeCredentials: getEnrolledCredentials(authenticatorEnrollments),\n }\n } as CredentialCreationOptions;\n};\n\n\n// Build options for navigator.credentials.get\n// https://developer.mozilla.org/en-US/docs/Web/API/CredentialsContainer/get\nexport const buildCredentialRequestOptions = (\n challengeData: ChallengeData, authenticatorEnrollments: IdxAuthenticator[]\n) => {\n return {\n publicKey: {\n challenge: base64UrlToBuffer(challengeData.challenge),\n userVerification: challengeData.userVerification,\n allowCredentials: getEnrolledCredentials(authenticatorEnrollments),\n }\n } as CredentialRequestOptions;\n};\n\n// Build attestation for webauthn enroll\n// https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAttestationResponse\nexport const getAttestation = (credential: PublicKeyCredential) => {\n const response = credential.response as AuthenticatorAttestationResponse;\n const id = credential.id;\n const clientData = bufferToBase64Url(response.clientDataJSON);\n const attestation = bufferToBase64Url(response.attestationObject);\n return {\n id,\n clientData,\n attestation\n };\n};\n\n// Build assertion for webauthn verification\n// https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAssertionResponse\nexport const getAssertion = (credential: PublicKeyCredential) => {\n const response = credential.response as AuthenticatorAssertionResponse;\n const id = credential.id;\n const clientData = bufferToBase64Url(response.clientDataJSON);\n const authenticatorData = bufferToBase64Url(response.authenticatorData);\n const signatureData = bufferToBase64Url(response.signature);\n return {\n id,\n clientData,\n authenticatorData,\n signatureData\n };\n};\n"],"mappings":";;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA,MAAMA,sBAAsB,GAAG,CAACC,wBAA4C,GAAG,EAAhD,KAAuD;EACpF,MAAMC,WAA4C,GAAG,EAArD;EACAD,wBAAwB,CAACE,OAAzB,CAAkCC,WAAD,IAAiB;IAChD,IAAIA,WAAW,CAACC,GAAZ,KAAoB,UAAxB,EAAoC;MAClCH,WAAW,CAACI,IAAZ,CAAiB;QACfC,IAAI,EAAE,YADS;QAEfC,EAAE,EAAE,6BAAkBJ,WAAW,CAACK,YAA9B;MAFW,CAAjB;IAID;EACF,CAPD;EAQA,OAAOP,WAAP;AACD,CAXD,C,CAaA;AACA;;;AACO,MAAMQ,8BAA8B,GAAG,CAC5CC,cAD4C,EACZV,wBADY,KAEzC;EACH,OAAO;IACLW,SAAS,EAAE;MACTC,EAAE,EAAEF,cAAc,CAACE,EADV;MAETC,IAAI,EAAE;QACJN,EAAE,EAAE,6BAAkBG,cAAc,CAACG,IAAf,CAAoBN,EAAtC,CADA;QAEJO,IAAI,EAAEJ,cAAc,CAACG,IAAf,CAAoBC,IAFtB;QAGJC,WAAW,EAAEL,cAAc,CAACG,IAAf,CAAoBE;MAH7B,CAFG;MAOTC,SAAS,EAAE,6BAAkBN,cAAc,CAACM,SAAjC,CAPF;MAQTC,gBAAgB,EAAEP,cAAc,CAACO,gBARxB;MASTC,WAAW,EAAER,cAAc,CAACQ,WATnB;MAUTC,sBAAsB,EAAET,cAAc,CAACS,sBAV9B;MAWTC,kBAAkB,EAAErB,sBAAsB,CAACC,wBAAD;IAXjC;EADN,CAAP;AAeD,CAlBM,C,CAqBP;AACA;;;;;AACO,MAAMqB,6BAA6B,GAAG,CAC3CC,aAD2C,EACbtB,wBADa,KAExC;EACH,OAAO;IACLW,SAAS,EAAE;MACTK,SAAS,EAAE,6BAAkBM,aAAa,CAACN,SAAhC,CADF;MAETO,gBAAgB,EAAED,aAAa,CAACC,gBAFvB;MAGTC,gBAAgB,EAAEzB,sBAAsB,CAACC,wBAAD;IAH/B;EADN,CAAP;AAOD,CAVM,C,CAYP;AACA;;;;;AACO,MAAMyB,cAAc,GAAIC,UAAD,IAAqC;EACjE,MAAMC,QAAQ,GAAGD,UAAU,CAACC,QAA5B;EACA,MAAMpB,EAAE,GAAGmB,UAAU,CAACnB,EAAtB;EACA,MAAMqB,UAAU,GAAG,6BAAkBD,QAAQ,CAACE,cAA3B,CAAnB;EACA,MAAMX,WAAW,GAAG,6BAAkBS,QAAQ,CAACG,iBAA3B,CAApB;EACA,OAAO;IACLvB,EADK;IAELqB,UAFK;IAGLV;EAHK,CAAP;AAKD,CAVM,C,CAYP;AACA;;;;;AACO,MAAMa,YAAY,GAAIL,UAAD,IAAqC;EAC/D,MAAMC,QAAQ,GAAGD,UAAU,CAACC,QAA5B;EACA,MAAMpB,EAAE,GAAGmB,UAAU,CAACnB,EAAtB;EACA,MAAMqB,UAAU,GAAG,6BAAkBD,QAAQ,CAACE,cAA3B,CAAnB;EACA,MAAMG,iBAAiB,GAAG,6BAAkBL,QAAQ,CAACK,iBAA3B,CAA1B;EACA,MAAMC,aAAa,GAAG,6BAAkBN,QAAQ,CAACO,SAA3B,CAAtB;EACA,OAAO;IACL3B,EADK;IAELqB,UAFK;IAGLI,iBAHK;IAILC;EAJK,CAAP;AAMD,CAZM"}
1
+ {"version":3,"file":"webauthn.js","names":["getEnrolledCredentials","authenticatorEnrollments","credentials","forEach","enrollement","key","push","type","id","base64UrlToBuffer","credentialId","buildCredentialCreationOptions","activationData","publicKey","rp","user","name","displayName","challenge","pubKeyCredParams","attestation","authenticatorSelection","excludeCredentials","buildCredentialRequestOptions","challengeData","userVerification","allowCredentials","getAttestation","credential","response","clientData","bufferToBase64Url","clientDataJSON","attestationObject","getAssertion","authenticatorData","signatureData","signature"],"sources":["../../../lib/crypto/webauthn.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { base64UrlToBuffer, bufferToBase64Url } from './base64';\nimport { ActivationData, ChallengeData, IdxAuthenticator } from '../idx/types';\n\n// Get known credentials from list of enrolled authenticators\nconst getEnrolledCredentials = (authenticatorEnrollments: IdxAuthenticator[] = []) => {\n const credentials: PublicKeyCredentialDescriptor[] = [];\n authenticatorEnrollments.forEach((enrollement) => {\n if (enrollement.key === 'webauthn') {\n credentials.push({\n type: 'public-key',\n id: base64UrlToBuffer(enrollement.credentialId),\n });\n }\n });\n return credentials;\n};\n\n// Build options for navigator.credentials.create\n// https://developer.mozilla.org/en-US/docs/Web/API/CredentialsContainer/create\nexport const buildCredentialCreationOptions = (\n activationData: ActivationData, authenticatorEnrollments: IdxAuthenticator[]\n) => {\n return {\n publicKey: {\n rp: activationData.rp,\n user: {\n id: base64UrlToBuffer(activationData.user.id),\n name: activationData.user.name,\n displayName: activationData.user.displayName\n },\n challenge: base64UrlToBuffer(activationData.challenge),\n pubKeyCredParams: activationData.pubKeyCredParams,\n attestation: activationData.attestation,\n authenticatorSelection: activationData.authenticatorSelection,\n excludeCredentials: getEnrolledCredentials(authenticatorEnrollments),\n }\n } as CredentialCreationOptions;\n};\n\n\n// Build options for navigator.credentials.get\n// https://developer.mozilla.org/en-US/docs/Web/API/CredentialsContainer/get\nexport const buildCredentialRequestOptions = (\n challengeData: ChallengeData, authenticatorEnrollments: IdxAuthenticator[]\n) => {\n return {\n publicKey: {\n challenge: base64UrlToBuffer(challengeData.challenge),\n userVerification: challengeData.userVerification,\n allowCredentials: getEnrolledCredentials(authenticatorEnrollments),\n }\n } as CredentialRequestOptions;\n};\n\n// Build attestation for webauthn enroll\n// https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAttestationResponse\nexport const getAttestation = (credential: PublicKeyCredential) => {\n const response = credential.response as AuthenticatorAttestationResponse;\n const id = credential.id;\n const clientData = bufferToBase64Url(response.clientDataJSON);\n const attestation = bufferToBase64Url(response.attestationObject);\n return {\n id,\n clientData,\n attestation\n };\n};\n\n// Build assertion for webauthn verification\n// https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAssertionResponse\nexport const getAssertion = (credential: PublicKeyCredential) => {\n const response = credential.response as AuthenticatorAssertionResponse;\n const id = credential.id;\n const clientData = bufferToBase64Url(response.clientDataJSON);\n const authenticatorData = bufferToBase64Url(response.authenticatorData);\n const signatureData = bufferToBase64Url(response.signature);\n return {\n id,\n clientData,\n authenticatorData,\n signatureData\n };\n};\n"],"mappings":";;;;AAYA;;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA;AACA,MAAMA,sBAAsB,GAAG,CAACC,wBAA4C,GAAG,EAAhD,KAAuD;EACpF,MAAMC,WAA4C,GAAG,EAArD;EACAD,wBAAwB,CAACE,OAAzB,CAAkCC,WAAD,IAAiB;IAChD,IAAIA,WAAW,CAACC,GAAZ,KAAoB,UAAxB,EAAoC;MAClCH,WAAW,CAACI,IAAZ,CAAiB;QACfC,IAAI,EAAE,YADS;QAEfC,EAAE,EAAE,IAAAC,uBAAA,EAAkBL,WAAW,CAACM,YAA9B;MAFW,CAAjB;IAID;EACF,CAPD;EAQA,OAAOR,WAAP;AACD,CAXD,C,CAaA;AACA;;;AACO,MAAMS,8BAA8B,GAAG,CAC5CC,cAD4C,EACZX,wBADY,KAEzC;EACH,OAAO;IACLY,SAAS,EAAE;MACTC,EAAE,EAAEF,cAAc,CAACE,EADV;MAETC,IAAI,EAAE;QACJP,EAAE,EAAE,IAAAC,uBAAA,EAAkBG,cAAc,CAACG,IAAf,CAAoBP,EAAtC,CADA;QAEJQ,IAAI,EAAEJ,cAAc,CAACG,IAAf,CAAoBC,IAFtB;QAGJC,WAAW,EAAEL,cAAc,CAACG,IAAf,CAAoBE;MAH7B,CAFG;MAOTC,SAAS,EAAE,IAAAT,uBAAA,EAAkBG,cAAc,CAACM,SAAjC,CAPF;MAQTC,gBAAgB,EAAEP,cAAc,CAACO,gBARxB;MASTC,WAAW,EAAER,cAAc,CAACQ,WATnB;MAUTC,sBAAsB,EAAET,cAAc,CAACS,sBAV9B;MAWTC,kBAAkB,EAAEtB,sBAAsB,CAACC,wBAAD;IAXjC;EADN,CAAP;AAeD,CAlBM,C,CAqBP;AACA;;;;;AACO,MAAMsB,6BAA6B,GAAG,CAC3CC,aAD2C,EACbvB,wBADa,KAExC;EACH,OAAO;IACLY,SAAS,EAAE;MACTK,SAAS,EAAE,IAAAT,uBAAA,EAAkBe,aAAa,CAACN,SAAhC,CADF;MAETO,gBAAgB,EAAED,aAAa,CAACC,gBAFvB;MAGTC,gBAAgB,EAAE1B,sBAAsB,CAACC,wBAAD;IAH/B;EADN,CAAP;AAOD,CAVM,C,CAYP;AACA;;;;;AACO,MAAM0B,cAAc,GAAIC,UAAD,IAAqC;EACjE,MAAMC,QAAQ,GAAGD,UAAU,CAACC,QAA5B;EACA,MAAMrB,EAAE,GAAGoB,UAAU,CAACpB,EAAtB;EACA,MAAMsB,UAAU,GAAG,IAAAC,uBAAA,EAAkBF,QAAQ,CAACG,cAA3B,CAAnB;EACA,MAAMZ,WAAW,GAAG,IAAAW,uBAAA,EAAkBF,QAAQ,CAACI,iBAA3B,CAApB;EACA,OAAO;IACLzB,EADK;IAELsB,UAFK;IAGLV;EAHK,CAAP;AAKD,CAVM,C,CAYP;AACA;;;;;AACO,MAAMc,YAAY,GAAIN,UAAD,IAAqC;EAC/D,MAAMC,QAAQ,GAAGD,UAAU,CAACC,QAA5B;EACA,MAAMrB,EAAE,GAAGoB,UAAU,CAACpB,EAAtB;EACA,MAAMsB,UAAU,GAAG,IAAAC,uBAAA,EAAkBF,QAAQ,CAACG,cAA3B,CAAnB;EACA,MAAMG,iBAAiB,GAAG,IAAAJ,uBAAA,EAAkBF,QAAQ,CAACM,iBAA3B,CAA1B;EACA,MAAMC,aAAa,GAAG,IAAAL,uBAAA,EAAkBF,QAAQ,CAACQ,SAA3B,CAAtB;EACA,OAAO;IACL7B,EADK;IAELsB,UAFK;IAGLK,iBAHK;IAILC;EAJK,CAAP;AAMD,CAZM"}
package/cjs/errors/index.js CHANGED
@@ -2,8 +2,6 @@
2
2
 
3
3
  var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
4
 
5
- exports.isAuthApiError = isAuthApiError;
6
- exports.isOAuthError = isOAuthError;
7
5
  Object.defineProperty(exports, "AuthApiError", {
8
6
  enumerable: true,
9
7
  get: function () {
@@ -28,6 +26,8 @@ Object.defineProperty(exports, "OAuthError", {
28
26
  return _OAuthError.default;
29
27
  }
30
28
  });
29
+ exports.isAuthApiError = isAuthApiError;
30
+ exports.isOAuthError = isOAuthError;
31
31
 
32
32
  var _AuthApiError = _interopRequireDefault(require("./AuthApiError"));
33
33
 
package/cjs/features.js CHANGED
@@ -1,15 +1,15 @@
1
1
  "use strict";
2
2
 
3
- exports.isBrowser = isBrowser;
4
- exports.isIE11OrLess = isIE11OrLess;
5
3
  exports.getUserAgent = getUserAgent;
6
- exports.isFingerprintSupported = isFingerprintSupported;
7
- exports.isPopupPostMessageSupported = isPopupPostMessageSupported;
8
- exports.isTokenVerifySupported = isTokenVerifySupported;
9
4
  exports.hasTextEncoder = hasTextEncoder;
10
- exports.isPKCESupported = isPKCESupported;
5
+ exports.isBrowser = isBrowser;
6
+ exports.isFingerprintSupported = isFingerprintSupported;
11
7
  exports.isHTTPS = isHTTPS;
8
+ exports.isIE11OrLess = isIE11OrLess;
12
9
  exports.isLocalhost = isLocalhost;
10
+ exports.isPKCESupported = isPKCESupported;
11
+ exports.isPopupPostMessageSupported = isPopupPostMessageSupported;
12
+ exports.isTokenVerifySupported = isTokenVerifySupported;
13
13
 
14
14
  var _crypto = require("./crypto");
15
15
 
package/cjs/features.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"features.js","names":["isWindowsPhone","isBrowser","document","window","isIE11OrLess","documentMode","getUserAgent","navigator","userAgent","isFingerprintSupported","agent","test","isPopupPostMessageSupported","isIE8or9","postMessage","isTokenVerifySupported","webcrypto","subtle","Uint8Array","hasTextEncoder","TextEncoder","isPKCESupported","isHTTPS","location","protocol","isLocalhost","hostname"],"sources":["../../lib/features.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable node/no-unsupported-features/node-builtins */\n/* global document, window, TextEncoder, navigator */\n\nimport { webcrypto } from './crypto';\n\nconst isWindowsPhone = /windows phone|iemobile|wpdesktop/i;\t\n\nexport function isBrowser() {\n return typeof document !== 'undefined' && typeof window !== 'undefined';\n}\n\nexport function isIE11OrLess() {\n if (!isBrowser()) {\n return false;\n }\n const documentMode = (document as any).documentMode;\n return !!documentMode && documentMode <= 11;\n}\n\nexport function getUserAgent() {\n return navigator.userAgent;\n}\n\nexport function isFingerprintSupported() {\n const agent = getUserAgent();\n return agent && !isWindowsPhone.test(agent);\t\n}\n\nexport function isPopupPostMessageSupported() {\n if (!isBrowser()) {\n return false;\n }\n const documentMode = (document as any).documentMode;\n var isIE8or9 = documentMode && documentMode < 10;\n if (typeof window.postMessage !== 'undefined' && !isIE8or9) {\n return true;\n }\n return false;\n}\n\nexport function isTokenVerifySupported() {\n return typeof webcrypto !== 'undefined'\n && webcrypto !== null\n && typeof webcrypto.subtle !== 'undefined'\n && typeof Uint8Array !== 'undefined';\n}\n\nexport function hasTextEncoder() {\n return typeof TextEncoder !== 'undefined';\n}\n\nexport function isPKCESupported() {\n return isTokenVerifySupported() && hasTextEncoder();\n}\n\nexport function isHTTPS() {\n if (!isBrowser()) {\n return false;\n }\n return window.location.protocol === 'https:';\n}\n\nexport function isLocalhost() {\n // eslint-disable-next-line compat/compat\n return isBrowser() && window.location.hostname === 'localhost';\n}\n\n"],"mappings":";;;;;;;;;;;;;AAeA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;;AACA;AAIA,MAAMA,cAAc,GAAG,mCAAvB;;AAEO,SAASC,SAAT,GAAqB;EAC1B,OAAO,OAAOC,QAAP,KAAoB,WAApB,IAAmC,OAAOC,MAAP,KAAkB,WAA5D;AACD;;AAEM,SAASC,YAAT,GAAwB;EAC7B,IAAI,CAACH,SAAS,EAAd,EAAkB;IAChB,OAAO,KAAP;EACD;;EACD,MAAMI,YAAY,GAAIH,QAAD,CAAkBG,YAAvC;EACA,OAAO,CAAC,CAACA,YAAF,IAAkBA,YAAY,IAAI,EAAzC;AACD;;AAEM,SAASC,YAAT,GAAwB;EAC7B,OAAOC,SAAS,CAACC,SAAjB;AACD;;AAEM,SAASC,sBAAT,GAAkC;EACvC,MAAMC,KAAK,GAAGJ,YAAY,EAA1B;EACA,OAAOI,KAAK,IAAI,CAACV,cAAc,CAACW,IAAf,CAAoBD,KAApB,CAAjB;AACD;;AAEM,SAASE,2BAAT,GAAuC;EAC5C,IAAI,CAACX,SAAS,EAAd,EAAkB;IAChB,OAAO,KAAP;EACD;;EACD,MAAMI,YAAY,GAAIH,QAAD,CAAkBG,YAAvC;EACA,IAAIQ,QAAQ,GAAGR,YAAY,IAAIA,YAAY,GAAG,EAA9C;;EACA,IAAI,OAAOF,MAAM,CAACW,WAAd,KAA8B,WAA9B,IAA6C,CAACD,QAAlD,EAA4D;IAC1D,OAAO,IAAP;EACD;;EACD,OAAO,KAAP;AACD;;AAEM,SAASE,sBAAT,GAAkC;EACvC,OAAO,OAAOC,iBAAP,KAAqB,WAArB,IACFA,sBAAc,IADZ,IAEF,OAAOA,kBAAUC,MAAjB,KAA4B,WAF1B,IAGF,OAAOC,UAAP,KAAsB,WAH3B;AAID;;AAEM,SAASC,cAAT,GAA0B;EAC/B,OAAO,OAAOC,WAAP,KAAuB,WAA9B;AACD;;AAEM,SAASC,eAAT,GAA2B;EAChC,OAAON,sBAAsB,MAAMI,cAAc,EAAjD;AACD;;AAEM,SAASG,OAAT,GAAmB;EACxB,IAAI,CAACrB,SAAS,EAAd,EAAkB;IAChB,OAAO,KAAP;EACD;;EACD,OAAOE,MAAM,CAACoB,QAAP,CAAgBC,QAAhB,KAA6B,QAApC;AACD;;AAEM,SAASC,WAAT,GAAuB;EAC5B;EACA,OAAOxB,SAAS,MAAME,MAAM,CAACoB,QAAP,CAAgBG,QAAhB,KAA6B,WAAnD;AACD"}
1
+ {"version":3,"file":"features.js","names":["isWindowsPhone","isBrowser","document","window","isIE11OrLess","documentMode","getUserAgent","navigator","userAgent","isFingerprintSupported","agent","test","isPopupPostMessageSupported","isIE8or9","postMessage","isTokenVerifySupported","webcrypto","subtle","Uint8Array","hasTextEncoder","TextEncoder","isPKCESupported","isHTTPS","location","protocol","isLocalhost","hostname"],"sources":["../../lib/features.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable node/no-unsupported-features/node-builtins */\n/* global document, window, TextEncoder, navigator */\n\nimport { webcrypto } from './crypto';\n\nconst isWindowsPhone = /windows phone|iemobile|wpdesktop/i;\t\n\nexport function isBrowser() {\n return typeof document !== 'undefined' && typeof window !== 'undefined';\n}\n\nexport function isIE11OrLess() {\n if (!isBrowser()) {\n return false;\n }\n const documentMode = (document as any).documentMode;\n return !!documentMode && documentMode <= 11;\n}\n\nexport function getUserAgent() {\n return navigator.userAgent;\n}\n\nexport function isFingerprintSupported() {\n const agent = getUserAgent();\n return agent && !isWindowsPhone.test(agent);\t\n}\n\nexport function isPopupPostMessageSupported() {\n if (!isBrowser()) {\n return false;\n }\n const documentMode = (document as any).documentMode;\n var isIE8or9 = documentMode && documentMode < 10;\n if (typeof window.postMessage !== 'undefined' && !isIE8or9) {\n return true;\n }\n return false;\n}\n\nexport function isTokenVerifySupported() {\n return typeof webcrypto !== 'undefined'\n && webcrypto !== null\n && typeof webcrypto.subtle !== 'undefined'\n && typeof Uint8Array !== 'undefined';\n}\n\nexport function hasTextEncoder() {\n return typeof TextEncoder !== 'undefined';\n}\n\nexport function isPKCESupported() {\n return isTokenVerifySupported() && hasTextEncoder();\n}\n\nexport function isHTTPS() {\n if (!isBrowser()) {\n return false;\n }\n return window.location.protocol === 'https:';\n}\n\nexport function isLocalhost() {\n // eslint-disable-next-line compat/compat\n return isBrowser() && window.location.hostname === 'localhost';\n}\n\n"],"mappings":";;;;;;;;;;;;;AAeA;;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;;AACA;AAIA,MAAMA,cAAc,GAAG,mCAAvB;;AAEO,SAASC,SAAT,GAAqB;EAC1B,OAAO,OAAOC,QAAP,KAAoB,WAApB,IAAmC,OAAOC,MAAP,KAAkB,WAA5D;AACD;;AAEM,SAASC,YAAT,GAAwB;EAC7B,IAAI,CAACH,SAAS,EAAd,EAAkB;IAChB,OAAO,KAAP;EACD;;EACD,MAAMI,YAAY,GAAIH,QAAD,CAAkBG,YAAvC;EACA,OAAO,CAAC,CAACA,YAAF,IAAkBA,YAAY,IAAI,EAAzC;AACD;;AAEM,SAASC,YAAT,GAAwB;EAC7B,OAAOC,SAAS,CAACC,SAAjB;AACD;;AAEM,SAASC,sBAAT,GAAkC;EACvC,MAAMC,KAAK,GAAGJ,YAAY,EAA1B;EACA,OAAOI,KAAK,IAAI,CAACV,cAAc,CAACW,IAAf,CAAoBD,KAApB,CAAjB;AACD;;AAEM,SAASE,2BAAT,GAAuC;EAC5C,IAAI,CAACX,SAAS,EAAd,EAAkB;IAChB,OAAO,KAAP;EACD;;EACD,MAAMI,YAAY,GAAIH,QAAD,CAAkBG,YAAvC;EACA,IAAIQ,QAAQ,GAAGR,YAAY,IAAIA,YAAY,GAAG,EAA9C;;EACA,IAAI,OAAOF,MAAM,CAACW,WAAd,KAA8B,WAA9B,IAA6C,CAACD,QAAlD,EAA4D;IAC1D,OAAO,IAAP;EACD;;EACD,OAAO,KAAP;AACD;;AAEM,SAASE,sBAAT,GAAkC;EACvC,OAAO,OAAOC,iBAAP,KAAqB,WAArB,IACFA,iBAAA,KAAc,IADZ,IAEF,OAAOA,iBAAA,CAAUC,MAAjB,KAA4B,WAF1B,IAGF,OAAOC,UAAP,KAAsB,WAH3B;AAID;;AAEM,SAASC,cAAT,GAA0B;EAC/B,OAAO,OAAOC,WAAP,KAAuB,WAA9B;AACD;;AAEM,SAASC,eAAT,GAA2B;EAChC,OAAON,sBAAsB,MAAMI,cAAc,EAAjD;AACD;;AAEM,SAASG,OAAT,GAAmB;EACxB,IAAI,CAACrB,SAAS,EAAd,EAAkB;IAChB,OAAO,KAAP;EACD;;EACD,OAAOE,MAAM,CAACoB,QAAP,CAAgBC,QAAhB,KAA6B,QAApC;AACD;;AAEM,SAASC,WAAT,GAAuB;EAC5B;EACA,OAAOxB,SAAS,MAAME,MAAM,CAACoB,QAAP,CAAgBG,QAAhB,KAA6B,WAAnD;AACD"}
package/cjs/http/request.js CHANGED
@@ -2,8 +2,8 @@
2
2
 
3
3
  var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
4
4
 
5
- exports.httpRequest = httpRequest;
6
5
  exports.get = get;
6
+ exports.httpRequest = httpRequest;
7
7
  exports.post = post;
8
8
 
9
9
  var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));