@okta/okta-auth-js 6.9.0 → 7.0.0

package/cjs/oidc/types/Transaction.js

@@ -0,0 +1,68 @@
+"use strict";
+
+exports.isCustomAuthTransactionMeta = isCustomAuthTransactionMeta;
+exports.isIdxTransactionMeta = isIdxTransactionMeta;
+exports.isOAuthTransactionMeta = isOAuthTransactionMeta;
+exports.isPKCETransactionMeta = isPKCETransactionMeta;
+exports.isTransactionMeta = isTransactionMeta;
+
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * 
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+function isObjectWithProperties(obj) {
+  if (!obj || typeof obj !== 'object' || Object.values(obj).length === 0) {
+    return false;
+  }
+
+  return true;
+}
+
+function isOAuthTransactionMeta(obj) {
+  if (!isObjectWithProperties(obj)) {
+    return false;
+  }
+
+  return !!obj.redirectUri || !!obj.responseType;
+}
+
+function isPKCETransactionMeta(obj) {
+  if (!isOAuthTransactionMeta(obj)) {
+    return false;
+  }
+
+  return !!obj.codeVerifier;
+}
+
+function isIdxTransactionMeta(obj) {
+  if (!isPKCETransactionMeta(obj)) {
+    return false;
+  }
+
+  return !!obj.interactionHandle;
+}
+
+function isCustomAuthTransactionMeta(obj) {
+  if (!isObjectWithProperties(obj)) {
+    return false;
+  }
+
+  const isAllStringValues = Object.values(obj).find(value => typeof value !== 'string') === undefined;
+  return isAllStringValues;
+}
+
+function isTransactionMeta(obj) {
+  if (isOAuthTransactionMeta(obj) || isCustomAuthTransactionMeta(obj)) {
+    return true;
+  }
+
+  return false;
+}
+//# sourceMappingURL=Transaction.js.map

package/cjs/oidc/types/Transaction.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"Transaction.js","names":["isObjectWithProperties","obj","Object","values","length","isOAuthTransactionMeta","redirectUri","responseType","isPKCETransactionMeta","codeVerifier","isIdxTransactionMeta","interactionHandle","isCustomAuthTransactionMeta","isAllStringValues","find","value","undefined","isTransactionMeta"],"sources":["../../../../lib/oidc/types/Transaction.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { IdxTransactionMeta } from '../../idx/types/meta';\nimport { OAuthTransactionMeta, PKCETransactionMeta } from './meta';\nimport { OAuthStorageManagerInterface } from './storage';\n\nexport interface TransactionManagerOptions\n{\n  storageManager?: OAuthStorageManagerInterface;\n  enableSharedStorage?: boolean; // default true\n  saveNonceCookie?: boolean; // default true\n  saveStateCookie?: boolean; // default true\n  saveParamsCookie?: boolean; // default true\n  saveLastResponse?: boolean; // default true\n}\n\n\nexport type CustomAuthTransactionMeta = Record<string, string | undefined>;\n\nexport type TransactionMeta =\n  IdxTransactionMeta |\n  PKCETransactionMeta |\n  OAuthTransactionMeta |\n  CustomAuthTransactionMeta;\n\n\nfunction isObjectWithProperties(obj) {\n  if (!obj || typeof obj !== 'object' || Object.values(obj).length === 0) {\n    return false;\n  }\n  return true;\n}\n\nexport function isOAuthTransactionMeta(obj: any): obj is OAuthTransactionMeta {\n  if (!isObjectWithProperties(obj)) {\n    return false;\n  }\n  return !!obj.redirectUri || !!obj.responseType;\n}\n\nexport function isPKCETransactionMeta(obj: any): obj is PKCETransactionMeta {\n  if (!isOAuthTransactionMeta(obj)) {\n    return false;\n  }\n  return !!(obj as any).codeVerifier;\n}\n\nexport function isIdxTransactionMeta(obj: any): obj is IdxTransactionMeta {\n  if (!isPKCETransactionMeta(obj)) {\n    return false;\n  }\n  return !!(obj as any).interactionHandle;\n}\n\nexport function isCustomAuthTransactionMeta(obj: any): obj is CustomAuthTransactionMeta {\n  if (!isObjectWithProperties(obj)) {\n    return false;\n  }\n  const isAllStringValues = Object.values(obj).find((value) => (typeof value !== 'string')) === undefined;\n  return isAllStringValues;\n}\n\nexport function isTransactionMeta(obj: any): obj is TransactionMeta {\n  if (isOAuthTransactionMeta(obj) || isCustomAuthTransactionMeta(obj)) {\n    return true;\n  }\n  return false;\n}\n"],"mappings":";;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AA2BA,SAASA,sBAAT,CAAgCC,GAAhC,EAAqC;EACnC,IAAI,CAACA,GAAD,IAAQ,OAAOA,GAAP,KAAe,QAAvB,IAAmCC,MAAM,CAACC,MAAP,CAAcF,GAAd,EAAmBG,MAAnB,KAA8B,CAArE,EAAwE;IACtE,OAAO,KAAP;EACD;;EACD,OAAO,IAAP;AACD;;AAEM,SAASC,sBAAT,CAAgCJ,GAAhC,EAAuE;EAC5E,IAAI,CAACD,sBAAsB,CAACC,GAAD,CAA3B,EAAkC;IAChC,OAAO,KAAP;EACD;;EACD,OAAO,CAAC,CAACA,GAAG,CAACK,WAAN,IAAqB,CAAC,CAACL,GAAG,CAACM,YAAlC;AACD;;AAEM,SAASC,qBAAT,CAA+BP,GAA/B,EAAqE;EAC1E,IAAI,CAACI,sBAAsB,CAACJ,GAAD,CAA3B,EAAkC;IAChC,OAAO,KAAP;EACD;;EACD,OAAO,CAAC,CAAEA,GAAD,CAAaQ,YAAtB;AACD;;AAEM,SAASC,oBAAT,CAA8BT,GAA9B,EAAmE;EACxE,IAAI,CAACO,qBAAqB,CAACP,GAAD,CAA1B,EAAiC;IAC/B,OAAO,KAAP;EACD;;EACD,OAAO,CAAC,CAAEA,GAAD,CAAaU,iBAAtB;AACD;;AAEM,SAASC,2BAAT,CAAqCX,GAArC,EAAiF;EACtF,IAAI,CAACD,sBAAsB,CAACC,GAAD,CAA3B,EAAkC;IAChC,OAAO,KAAP;EACD;;EACD,MAAMY,iBAAiB,GAAGX,MAAM,CAACC,MAAP,CAAcF,GAAd,EAAmBa,IAAnB,CAAyBC,KAAD,IAAY,OAAOA,KAAP,KAAiB,QAArD,MAAoEC,SAA9F;EACA,OAAOH,iBAAP;AACD;;AAEM,SAASI,iBAAT,CAA2BhB,GAA3B,EAA6D;EAClE,IAAII,sBAAsB,CAACJ,GAAD,CAAtB,IAA+BW,2BAA2B,CAACX,GAAD,CAA9D,EAAqE;IACnE,OAAO,IAAP;EACD;;EACD,OAAO,KAAP;AACD"}

package/cjs/oidc/types/TransactionManager.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=TransactionManager.js.map

package/cjs/oidc/types/TransactionManager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"TransactionManager.js","names":[],"sources":["../../../../lib/oidc/types/TransactionManager.ts"],"sourcesContent":["import { OAuthTransactionMeta, TransactionMetaOptions } from './meta';\nimport { TransactionManagerOptions, TransactionMeta } from './Transaction';\n\nexport interface ClearTransactionMetaOptions extends TransactionMetaOptions {\n  clearSharedStorage?: boolean; // true by default\n  clearIdxResponse?: boolean; // true by default\n}\n\nexport interface TransactionManagerInterface {\n  clear(options?: ClearTransactionMetaOptions);\n  save(meta: OAuthTransactionMeta, options?: TransactionMetaOptions);\n  exists(options?: TransactionMetaOptions);\n  load(options?: TransactionMetaOptions): TransactionMeta | null\n}\n\n\nexport interface TransactionManagerConstructor\n<\n  TM extends TransactionManagerInterface = TransactionManagerInterface\n>\n{\n  new (options: TransactionManagerOptions): TM;\n}\n"],"mappings":""}

package/cjs/oidc/types/UserClaims.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"UserClaims.js","names":[],"sources":["../../../../lib/oidc/types/UserClaims.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/**\n *\n * This interface represents the union of possible known claims that are in an\n * ID Token or returned from the /userinfo response and depend on the\n * response_type and scope parameters in the authorize request\n */\n\n /* eslint-disable camelcase */\nexport type CustomUserClaimValue = string | boolean | number;\nexport type CustomUserClaim = CustomUserClaimValue | Record<string, CustomUserClaimValue>;\nexport type CustomUserClaims = Record<string, CustomUserClaim | CustomUserClaim[]>;\n\nexport type UserClaims<T extends CustomUserClaims = CustomUserClaims> = T & {\n  auth_time?: number;\n  aud?: string;\n  email?: string;\n  email_verified?: boolean;\n  exp?: number;\n  family_name?: string;\n  given_name?: string;\n  iat?: number;\n  iss?: string;\n  jti?: string;\n  locale?: string;\n  name?: string;\n  nonce?: string;\n  preferred_username?: string;\n  sub: string;\n  updated_at?: number;\n  ver?: number;\n  zoneinfo?: string;\n  at_hash?: string;\n}"],"mappings":""}

package/cjs/oidc/types/api.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=api.js.map

package/cjs/oidc/types/api.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.js","names":[],"sources":["../../../../lib/oidc/types/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { JWTObject } from './JWT';\nimport { OAuthTransactionMeta, PKCETransactionMeta } from './meta';\nimport { CustomUrls, OktaAuthOAuthOptions, SigninWithRedirectOptions, TokenParams } from './options';\nimport { OAuthStorageManagerInterface } from './storage';\nimport { AccessToken, IDToken, RefreshToken, RevocableToken, Token, Tokens } from './Token';\nimport { TokenManagerInterface } from './TokenManager';\nimport { CustomUserClaims, UserClaims } from './UserClaims';\nimport { TransactionManagerInterface } from './TransactionManager';\nimport { OktaAuthSessionInterface } from '../../session/types';\n\nexport interface PopupParams {\n  popupTitle?: string;\n  popupWindow?: Window;\n}\n\nexport interface TokenResponse {\n  tokens: Tokens;\n  state: string;\n  code?: string;\n}\n\nexport interface ParseFromUrlOptions {\n  url?: string;\n  responseMode?: string;\n}\n\nexport type ParseFromUrlFunction = (options?: string | ParseFromUrlOptions) => Promise<TokenResponse>;\n\nexport interface ParseFromUrlInterface extends ParseFromUrlFunction {\n  _getDocument: () => Document;\n  _getLocation: () => Location;\n  _getHistory: () => History;\n}\n\nexport type GetWithRedirectFunction = (params?: TokenParams) => Promise<void>;\n\nexport type SetLocationFunction = (loc: string) => void;\n\nexport interface GetWithRedirectAPI extends GetWithRedirectFunction {\n  _setLocation: SetLocationFunction;\n}\n\nexport interface BaseTokenAPI {\n  decode(token: string): JWTObject;\n  prepareTokenParams(params?: TokenParams): Promise<TokenParams>;\n  exchangeCodeForTokens(params: TokenParams, urls?: CustomUrls): Promise<TokenResponse>;\n}\n\nexport interface TokenAPI extends BaseTokenAPI {\n  getUserInfo<S extends CustomUserClaims = CustomUserClaims>(\n    accessToken?: AccessToken,\n    idToken?: IDToken\n  ): Promise<UserClaims<S>>;\n  getWithRedirect: GetWithRedirectAPI;\n  parseFromUrl: ParseFromUrlInterface;\n  getWithoutPrompt(params?: TokenParams): Promise<TokenResponse>;\n  getWithPopup(params?: TokenParams): Promise<TokenResponse>;\n  revoke(token: RevocableToken): Promise<object>;\n  renew(token: Token): Promise<Token | undefined>;\n  renewTokens(options?: TokenParams): Promise<Tokens>;\n  renewTokensWithRefresh(tokenParams: TokenParams, refreshTokenObject: RefreshToken): Promise<Tokens>;\n  verify(token: IDToken, params?: object): Promise<IDToken>;\n  isLoginRedirect(): boolean;\n}\n\nexport interface TokenVerifyParams {\n  clientId: string;\n  issuer: string;\n  ignoreSignature?: boolean;\n  nonce?: string;\n  accessToken?: string; // raw access token string\n}\n\nexport interface IDTokenAPI {\n  authorize: {\n    _getLocationHref: () => string;\n  };\n}\n\nexport interface PkceAPI {\n  DEFAULT_CODE_CHALLENGE_METHOD: string;\n  generateVerifier(prefix: string): string;\n  computeChallenge(str: string): PromiseLike<any>;\n}\n\nexport interface IsAuthenticatedOptions {\n  onExpiredToken?: 'renew' | 'remove' | 'none';\n}\n\nexport interface SignoutRedirectUrlOptions {\n  postLogoutRedirectUri?: string;\n  idToken?: IDToken;\n  state?: string;\n}\n\nexport interface SignoutOptions extends SignoutRedirectUrlOptions {\n  revokeAccessToken?: boolean;\n  revokeRefreshToken?: boolean;\n  accessToken?: AccessToken;\n  refreshToken?: RefreshToken;\n  clearTokensBeforeRedirect?: boolean;\n}\n\nexport interface OriginalUriApi {\n  getOriginalUri(state?: string): string | undefined;\n  setOriginalUri(originalUri: string, state?: string): void;\n  removeOriginalUri(state?: string): void;\n}\n\nexport interface OktaAuthOAuthInterface\n<\n  M extends OAuthTransactionMeta = PKCETransactionMeta,\n  S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n  O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n  TM extends TransactionManagerInterface = TransactionManagerInterface\n> \n  extends OktaAuthSessionInterface<S, O>,\n  OriginalUriApi\n{\n  token: TokenAPI;\n  tokenManager: TokenManagerInterface;\n  pkce: PkceAPI;\n  transactionManager: TM;\n  \n  isPKCE(): boolean;\n  getIdToken(): string | undefined;\n  getAccessToken(): string | undefined;\n  getRefreshToken(): string | undefined;\n\n  isAuthenticated(options?: IsAuthenticatedOptions): Promise<boolean>;\n  signOut(opts?: SignoutOptions): Promise<void>;\n  isLoginRedirect(): boolean;\n  storeTokensFromRedirect(): Promise<void>;\n  getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>>;\n  signInWithRedirect(opts?: SigninWithRedirectOptions): Promise<void>;\n  \n  revokeAccessToken(accessToken?: AccessToken): Promise<unknown>;\n  revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown>;\n}\n"],"mappings":""}

package/cjs/oidc/types/index.js

@@ -0,0 +1,145 @@
+"use strict";
+
+var _api = require("./api");
+
+Object.keys(_api).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _api[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _api[key];
+    }
+  });
+});
+
+var _JWT = require("./JWT");
+
+Object.keys(_JWT).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _JWT[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _JWT[key];
+    }
+  });
+});
+
+var _meta = require("./meta");
+
+Object.keys(_meta).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _meta[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _meta[key];
+    }
+  });
+});
+
+var _options = require("./options");
+
+Object.keys(_options).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _options[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _options[key];
+    }
+  });
+});
+
+var _proto = require("./proto");
+
+Object.keys(_proto).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _proto[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _proto[key];
+    }
+  });
+});
+
+var _storage = require("./storage");
+
+Object.keys(_storage).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _storage[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _storage[key];
+    }
+  });
+});
+
+var _Token = require("./Token");
+
+Object.keys(_Token).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _Token[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _Token[key];
+    }
+  });
+});
+
+var _TokenManager = require("./TokenManager");
+
+Object.keys(_TokenManager).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _TokenManager[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _TokenManager[key];
+    }
+  });
+});
+
+var _Transaction = require("./Transaction");
+
+Object.keys(_Transaction).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _Transaction[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _Transaction[key];
+    }
+  });
+});
+
+var _TransactionManager = require("./TransactionManager");
+
+Object.keys(_TransactionManager).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _TransactionManager[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _TransactionManager[key];
+    }
+  });
+});
+
+var _UserClaims = require("./UserClaims");
+
+Object.keys(_UserClaims).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _UserClaims[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _UserClaims[key];
+    }
+  });
+});
+//# sourceMappingURL=index.js.map

package/cjs/oidc/types/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","names":[],"sources":["../../../../lib/oidc/types/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport * from './api';\nexport * from './JWT';\nexport * from './meta';\nexport * from './options';\nexport * from './proto';\nexport * from './storage';\nexport * from './Token';\nexport * from './TokenManager';\nexport * from './Transaction';\nexport * from './TransactionManager';\nexport * from './UserClaims';\n"],"mappings":";;AAYA;;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}

package/cjs/oidc/types/meta.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=meta.js.map

package/cjs/oidc/types/meta.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"meta.js","names":[],"sources":["../../../../lib/oidc/types/meta.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { CustomUrls, TokenParams } from './options';\n\n// formerly known as \"Redirect OAuth Params\"\nexport interface OAuthTransactionMeta extends\n  Pick<TokenParams,\n    'issuer' |\n    'clientId' |\n    'redirectUri' |\n    'responseType' |\n    'responseMode' |\n    'scopes' |\n    'state' |\n    'pkce' |\n    'ignoreSignature' |\n    'nonce'\n  >\n{\n  urls: CustomUrls;\n  originalUri?: string;\n}\n\nexport interface PKCETransactionMeta extends\n  OAuthTransactionMeta,\n  Pick<TokenParams,\n    'codeChallenge' |\n    'codeChallengeMethod' |\n    'codeVerifier'\n  >\n{}\n\nexport interface TransactionMetaOptions extends\n  Pick<PKCETransactionMeta,\n    'state' |\n    'codeChallenge' |\n    'codeChallengeMethod' |\n    'codeVerifier'\n  >\n{\n  muteWarning?: boolean;\n}\n"],"mappings":""}

package/cjs/oidc/types/options.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=options.js.map

package/cjs/oidc/types/options.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"options.js","names":[],"sources":["../../../../lib/oidc/types/options.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuthOptionsConstructor } from '../../base/types';\nimport { OktaAuthHttpOptions } from '../../http/types';\nimport { SimpleStorage } from '../../storage/types';\nimport { OktaAuthOAuthInterface, SetLocationFunction } from './api';\nimport { OAuthResponseMode, OAuthResponseType } from './proto';\nimport { TransactionManagerOptions } from './Transaction';\n\nexport interface CustomUrls {\n  issuer?: string;\n  authorizeUrl?: string;\n  userinfoUrl?: string;\n  tokenUrl?: string;\n  revokeUrl?: string;\n  logoutUrl?: string;\n}\n\nexport interface TokenParams extends CustomUrls {\n  pkce?: boolean;\n  clientId?: string;\n  redirectUri?: string;\n  responseType?: OAuthResponseType | OAuthResponseType[];\n  responseMode?: OAuthResponseMode;\n  state?: string;\n  nonce?: string;\n  scopes?: string[];\n  display?: string;\n  ignoreSignature?: boolean;\n  codeVerifier?: string;\n  authorizationCode?: string;\n  codeChallenge?: string;\n  codeChallengeMethod?: string;\n  interactionCode?: string;\n  idp?: string;\n  idpScope?: string | string[];\n  loginHint?: string;\n  maxAge?: string | number;\n  prompt?: string;\n  sessionToken?: string;\n  timeout?: number;\n  extraParams?: { [propName: string]: string }; // custom authorize query params\n  // TODO: remove in the next major version\n  popupTitle?: string;\n}\n\nexport interface TokenManagerOptions {\n  autoRenew?: boolean;\n  autoRemove?: boolean;\n  clearPendingRemoveTokens?: boolean;\n  secure?: boolean;\n  storage?: string | SimpleStorage;\n  storageKey?: string;\n  expireEarlySeconds?: number;\n  syncStorage?: boolean;\n}\n\nexport interface SigninWithRedirectOptions extends TokenParams {\n  originalUri?: string;\n}\n\nexport interface OktaAuthOAuthOptions extends\n  OktaAuthHttpOptions,\n  CustomUrls,\n  Pick<TokenParams,\n    'issuer' |\n    'clientId' |\n    'redirectUri' |\n    'responseType' |\n    'responseMode' |\n    'scopes' |\n    'state' |\n    'pkce' |\n    'ignoreSignature' |\n    'codeChallenge' |\n    'codeChallengeMethod'\n  >\n{\n  ignoreLifetime?: boolean;\n  tokenManager?: TokenManagerOptions;\n  postLogoutRedirectUri?: string;\n  maxClockSkew?: number;\n  restoreOriginalUri?: (oktaAuth: OktaAuthOAuthInterface, originalUri?: string) => Promise<void>;\n\n  transactionManager?: TransactionManagerOptions;\n\n  // For server-side web applications ONLY!\n  clientSecret?: string;\n  setLocation?: SetLocationFunction;\n}\n\nexport type OktaAuthOauthOptionsConstructor = OktaAuthOptionsConstructor<OktaAuthOAuthOptions>;\n"],"mappings":""}

package/cjs/oidc/types/proto.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=proto.js.map

package/cjs/oidc/types/proto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"proto.js","names":[],"sources":["../../../../lib/oidc/types/proto.ts"],"sourcesContent":["/* eslint-disable camelcase */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport interface OAuthParams {\n  client_id?: string;\n  code_challenge?: string;\n  code_challenge_method?: string;\n  display?: string;\n  idp?: string;\n  idp_scope?: string | string[];\n  login_hint?: string;\n  max_age?: string | number;\n  nonce?: string;\n  prompt?: string;\n  redirect_uri?: string;\n  response_mode?: string;\n  response_type?: string | string[];\n  scope?: string;\n  sessionToken?: string;\n  state?: string;\n  grant_type?: string;\n  code?: string;\n  interaction_code?: string;\n}\n\nexport interface OAuthResponse {\n  state?: string;\n  code?: string;\n  interaction_code?: string;\n  expires_in?: string;\n  token_type?: string;\n  access_token?: string;\n  id_token?: string;\n  refresh_token?: string;\n  scope?: string;\n  error?: string;\n  error_description?: string;\n}\n\nexport interface WellKnownResponse {\n  issuer: string;\n  authorization_endpoint: string;\n  userinfo_endpoint: string;\n  jwks_uri: string;\n  response_types_supported: string[];\n  response_modes_supported: string[];\n  grant_types_supported: string[];\n  subject_types_supported: string[];\n  id_token_signing_alg_values_supported: string[];\n  scopes_supported: string[];\n  claims_supported: string[];\n}\n\n\nexport type OAuthResponseMode = 'okta_post_message' |'fragment' |'query' |'form_post';\n\nexport type OAuthResponseType = 'code' |'token' |'id_token' | 'refresh_token';\n"],"mappings":""}

package/cjs/oidc/types/storage.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=storage.js.map

package/cjs/oidc/types/storage.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"storage.js","names":[],"sources":["../../../../lib/oidc/types/storage.ts"],"sourcesContent":["import {\n  StorageManagerConstructor,\n  StorageManagerInterface,\n  StorageOptions,\n  StorageProvider\n} from '../../storage/types';\nimport { OAuthTransactionMeta, PKCETransactionMeta } from './meta';\n\nexport interface TransactionStorage<M extends OAuthTransactionMeta = OAuthTransactionMeta> extends StorageProvider {\n  setStorage(obj: M): void;\n  getStorage(): M;\n}\n\nexport interface OAuthStorageManagerInterface\n<\n  M extends OAuthTransactionMeta = PKCETransactionMeta\n>\nextends StorageManagerInterface\n{\n  getTransactionStorage(options?: StorageOptions): TransactionStorage<M>;\n  getSharedTansactionStorage(options?: StorageOptions): TransactionStorage<M>;\n  getOriginalUriStorage(options?: StorageOptions): TransactionStorage<M>;\n  getTokenStorage(options?: StorageOptions): StorageProvider\n}\n\nexport type OAuthStorageManagerConstructor<M extends OAuthTransactionMeta = PKCETransactionMeta>\n  = StorageManagerConstructor<OAuthStorageManagerInterface<M>>;\n"],"mappings":""}

package/cjs/oidc/util/browser.js

@@ -1,15 +1,11 @@
 "use strict";
 
-var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
-
 exports.addListener = addListener;
 exports.addPostMessageListener = addPostMessageListener;
 exports.loadFrame = loadFrame;
 exports.loadPopup = loadPopup;
 exports.removeListener = removeListener;
 
-var _promise = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/promise"));
-
 var _errors = require("../../errors");
 
 /*!
@@ -60,7 +56,7 @@ function loadPopup(src, options) {
 function addPostMessageListener(sdk, timeout, state) {
   var responseHandler;
   var timeoutId;
-  var msgReceivedOrTimeout = new _promise.default(function (resolve, reject) {
+  var msgReceivedOrTimeout = new Promise(function (resolve, reject) {
     responseHandler = function responseHandler(e) {
       if (!e.data || e.data.state !== state) {
         // A message not meant for us

package/cjs/oidc/util/browser.js.map

@@ -1 +1 @@
-{"version":3,"file":"browser.js","names":["addListener","eventTarget","name","fn","addEventListener","attachEvent","removeListener","removeEventListener","detachEvent","loadFrame","src","iframe","document","createElement","style","display","body","appendChild","loadPopup","options","title","popupTitle","appearance","window","open","addPostMessageListener","sdk","timeout","state","responseHandler","timeoutId","msgReceivedOrTimeout","resolve","reject","e","data","origin","getIssuerOrigin","AuthSdkError","setTimeout","finally","clearTimeout"],"sources":["../../../../lib/oidc/util/browser.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window, document */\n/* eslint-disable complexity, max-statements */\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOptionsInterface } from '../../types';\n\nexport function addListener(eventTarget, name, fn) {\n  if (eventTarget.addEventListener) {\n    eventTarget.addEventListener(name, fn);\n  } else {\n    eventTarget.attachEvent('on' + name, fn);\n  }\n}\n\nexport function removeListener(eventTarget, name, fn) {\n  if (eventTarget.removeEventListener) {\n    eventTarget.removeEventListener(name, fn);\n  } else {\n    eventTarget.detachEvent('on' + name, fn);\n  }\n}\n\nexport function loadFrame(src) {\n  var iframe = document.createElement('iframe');\n  iframe.style.display = 'none';\n  iframe.src = src;\n\n  return document.body.appendChild(iframe);\n}\n\nexport function loadPopup(src, options) {\n  var title = options.popupTitle || 'External Identity Provider User Authentication';\n  var appearance = 'toolbar=no, scrollbars=yes, resizable=yes, ' +\n    'top=100, left=500, width=600, height=600';\n  return window.open(src, title, appearance);\n}\n\nexport function addPostMessageListener(sdk: OktaAuthOptionsInterface, timeout, state) {\n  var responseHandler;\n  var timeoutId;\n  var msgReceivedOrTimeout = new Promise(function (resolve, reject) {\n\n    responseHandler = function responseHandler(e) {\n      if (!e.data || e.data.state !== state) {\n        // A message not meant for us\n        return;\n      }\n\n      // Configuration mismatch between saved token and current app instance\n      // This may happen if apps with different issuers are running on the same host url\n      // If they share the same storage key, they may read and write tokens in the same location.\n      // Common when developing against http://localhost\n      if (e.origin !== sdk.getIssuerOrigin()) {\n        return reject(new AuthSdkError('The request does not match client configuration'));\n      }\n      resolve(e.data);\n    };\n\n    addListener(window, 'message', responseHandler);\n\n    timeoutId = setTimeout(function () {\n      reject(new AuthSdkError('OAuth flow timed out'));\n    }, timeout || 120000);\n  });\n\n  return msgReceivedOrTimeout\n    .finally(function () {\n      clearTimeout(timeoutId);\n      removeListener(window, 'message', responseHandler);\n    });\n}\n"],"mappings":";;;;;;;;;;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AACA;AAIO,SAASA,WAAT,CAAqBC,WAArB,EAAkCC,IAAlC,EAAwCC,EAAxC,EAA4C;EACjD,IAAIF,WAAW,CAACG,gBAAhB,EAAkC;IAChCH,WAAW,CAACG,gBAAZ,CAA6BF,IAA7B,EAAmCC,EAAnC;EACD,CAFD,MAEO;IACLF,WAAW,CAACI,WAAZ,CAAwB,OAAOH,IAA/B,EAAqCC,EAArC;EACD;AACF;;AAEM,SAASG,cAAT,CAAwBL,WAAxB,EAAqCC,IAArC,EAA2CC,EAA3C,EAA+C;EACpD,IAAIF,WAAW,CAACM,mBAAhB,EAAqC;IACnCN,WAAW,CAACM,mBAAZ,CAAgCL,IAAhC,EAAsCC,EAAtC;EACD,CAFD,MAEO;IACLF,WAAW,CAACO,WAAZ,CAAwB,OAAON,IAA/B,EAAqCC,EAArC;EACD;AACF;;AAEM,SAASM,SAAT,CAAmBC,GAAnB,EAAwB;EAC7B,IAAIC,MAAM,GAAGC,QAAQ,CAACC,aAAT,CAAuB,QAAvB,CAAb;EACAF,MAAM,CAACG,KAAP,CAAaC,OAAb,GAAuB,MAAvB;EACAJ,MAAM,CAACD,GAAP,GAAaA,GAAb;EAEA,OAAOE,QAAQ,CAACI,IAAT,CAAcC,WAAd,CAA0BN,MAA1B,CAAP;AACD;;AAEM,SAASO,SAAT,CAAmBR,GAAnB,EAAwBS,OAAxB,EAAiC;EACtC,IAAIC,KAAK,GAAGD,OAAO,CAACE,UAAR,IAAsB,gDAAlC;EACA,IAAIC,UAAU,GAAG,gDACf,0CADF;EAEA,OAAOC,MAAM,CAACC,IAAP,CAAYd,GAAZ,EAAiBU,KAAjB,EAAwBE,UAAxB,CAAP;AACD;;AAEM,SAASG,sBAAT,CAAgCC,GAAhC,EAA+DC,OAA/D,EAAwEC,KAAxE,EAA+E;EACpF,IAAIC,eAAJ;EACA,IAAIC,SAAJ;EACA,IAAIC,oBAAoB,GAAG,qBAAY,UAAUC,OAAV,EAAmBC,MAAnB,EAA2B;IAEhEJ,eAAe,GAAG,SAASA,eAAT,CAAyBK,CAAzB,EAA4B;MAC5C,IAAI,CAACA,CAAC,CAACC,IAAH,IAAWD,CAAC,CAACC,IAAF,CAAOP,KAAP,KAAiBA,KAAhC,EAAuC;QACrC;QACA;MACD,CAJ2C,CAM5C;MACA;MACA;MACA;;;MACA,IAAIM,CAAC,CAACE,MAAF,KAAaV,GAAG,CAACW,eAAJ,EAAjB,EAAwC;QACtC,OAAOJ,MAAM,CAAC,IAAIK,oBAAJ,CAAiB,iDAAjB,CAAD,CAAb;MACD;;MACDN,OAAO,CAACE,CAAC,CAACC,IAAH,CAAP;IACD,CAdD;;IAgBAnC,WAAW,CAACuB,MAAD,EAAS,SAAT,EAAoBM,eAApB,CAAX;IAEAC,SAAS,GAAGS,UAAU,CAAC,YAAY;MACjCN,MAAM,CAAC,IAAIK,oBAAJ,CAAiB,sBAAjB,CAAD,CAAN;IACD,CAFqB,EAEnBX,OAAO,IAAI,MAFQ,CAAtB;EAGD,CAvB0B,CAA3B;EAyBA,OAAOI,oBAAoB,CACxBS,OADI,CACI,YAAY;IACnBC,YAAY,CAACX,SAAD,CAAZ;IACAxB,cAAc,CAACiB,MAAD,EAAS,SAAT,EAAoBM,eAApB,CAAd;EACD,CAJI,CAAP;AAKD"}
+{"version":3,"file":"browser.js","names":["addListener","eventTarget","name","fn","addEventListener","attachEvent","removeListener","removeEventListener","detachEvent","loadFrame","src","iframe","document","createElement","style","display","body","appendChild","loadPopup","options","title","popupTitle","appearance","window","open","addPostMessageListener","sdk","timeout","state","responseHandler","timeoutId","msgReceivedOrTimeout","Promise","resolve","reject","e","data","origin","getIssuerOrigin","AuthSdkError","setTimeout","finally","clearTimeout"],"sources":["../../../../lib/oidc/util/browser.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window, document */\n/* eslint-disable complexity, max-statements */\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface } from '../types';\n\nexport function addListener(eventTarget, name, fn) {\n  if (eventTarget.addEventListener) {\n    eventTarget.addEventListener(name, fn);\n  } else {\n    eventTarget.attachEvent('on' + name, fn);\n  }\n}\n\nexport function removeListener(eventTarget, name, fn) {\n  if (eventTarget.removeEventListener) {\n    eventTarget.removeEventListener(name, fn);\n  } else {\n    eventTarget.detachEvent('on' + name, fn);\n  }\n}\n\nexport function loadFrame(src) {\n  var iframe = document.createElement('iframe');\n  iframe.style.display = 'none';\n  iframe.src = src;\n\n  return document.body.appendChild(iframe);\n}\n\nexport function loadPopup(src, options) {\n  var title = options.popupTitle || 'External Identity Provider User Authentication';\n  var appearance = 'toolbar=no, scrollbars=yes, resizable=yes, ' +\n    'top=100, left=500, width=600, height=600';\n  return window.open(src, title, appearance);\n}\n\nexport function addPostMessageListener(sdk: OktaAuthOAuthInterface, timeout, state) {\n  var responseHandler;\n  var timeoutId;\n  var msgReceivedOrTimeout = new Promise(function (resolve, reject) {\n\n    responseHandler = function responseHandler(e) {\n      if (!e.data || e.data.state !== state) {\n        // A message not meant for us\n        return;\n      }\n\n      // Configuration mismatch between saved token and current app instance\n      // This may happen if apps with different issuers are running on the same host url\n      // If they share the same storage key, they may read and write tokens in the same location.\n      // Common when developing against http://localhost\n      if (e.origin !== sdk.getIssuerOrigin()) {\n        return reject(new AuthSdkError('The request does not match client configuration'));\n      }\n      resolve(e.data);\n    };\n\n    addListener(window, 'message', responseHandler);\n\n    timeoutId = setTimeout(function () {\n      reject(new AuthSdkError('OAuth flow timed out'));\n    }, timeout || 120000);\n  });\n\n  return msgReceivedOrTimeout\n    .finally(function () {\n      clearTimeout(timeoutId);\n      removeListener(window, 'message', responseHandler);\n    });\n}\n"],"mappings":";;;;;;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AACA;AAIO,SAASA,WAAT,CAAqBC,WAArB,EAAkCC,IAAlC,EAAwCC,EAAxC,EAA4C;EACjD,IAAIF,WAAW,CAACG,gBAAhB,EAAkC;IAChCH,WAAW,CAACG,gBAAZ,CAA6BF,IAA7B,EAAmCC,EAAnC;EACD,CAFD,MAEO;IACLF,WAAW,CAACI,WAAZ,CAAwB,OAAOH,IAA/B,EAAqCC,EAArC;EACD;AACF;;AAEM,SAASG,cAAT,CAAwBL,WAAxB,EAAqCC,IAArC,EAA2CC,EAA3C,EAA+C;EACpD,IAAIF,WAAW,CAACM,mBAAhB,EAAqC;IACnCN,WAAW,CAACM,mBAAZ,CAAgCL,IAAhC,EAAsCC,EAAtC;EACD,CAFD,MAEO;IACLF,WAAW,CAACO,WAAZ,CAAwB,OAAON,IAA/B,EAAqCC,EAArC;EACD;AACF;;AAEM,SAASM,SAAT,CAAmBC,GAAnB,EAAwB;EAC7B,IAAIC,MAAM,GAAGC,QAAQ,CAACC,aAAT,CAAuB,QAAvB,CAAb;EACAF,MAAM,CAACG,KAAP,CAAaC,OAAb,GAAuB,MAAvB;EACAJ,MAAM,CAACD,GAAP,GAAaA,GAAb;EAEA,OAAOE,QAAQ,CAACI,IAAT,CAAcC,WAAd,CAA0BN,MAA1B,CAAP;AACD;;AAEM,SAASO,SAAT,CAAmBR,GAAnB,EAAwBS,OAAxB,EAAiC;EACtC,IAAIC,KAAK,GAAGD,OAAO,CAACE,UAAR,IAAsB,gDAAlC;EACA,IAAIC,UAAU,GAAG,gDACf,0CADF;EAEA,OAAOC,MAAM,CAACC,IAAP,CAAYd,GAAZ,EAAiBU,KAAjB,EAAwBE,UAAxB,CAAP;AACD;;AAEM,SAASG,sBAAT,CAAgCC,GAAhC,EAA6DC,OAA7D,EAAsEC,KAAtE,EAA6E;EAClF,IAAIC,eAAJ;EACA,IAAIC,SAAJ;EACA,IAAIC,oBAAoB,GAAG,IAAIC,OAAJ,CAAY,UAAUC,OAAV,EAAmBC,MAAnB,EAA2B;IAEhEL,eAAe,GAAG,SAASA,eAAT,CAAyBM,CAAzB,EAA4B;MAC5C,IAAI,CAACA,CAAC,CAACC,IAAH,IAAWD,CAAC,CAACC,IAAF,CAAOR,KAAP,KAAiBA,KAAhC,EAAuC;QACrC;QACA;MACD,CAJ2C,CAM5C;MACA;MACA;MACA;;;MACA,IAAIO,CAAC,CAACE,MAAF,KAAaX,GAAG,CAACY,eAAJ,EAAjB,EAAwC;QACtC,OAAOJ,MAAM,CAAC,IAAIK,oBAAJ,CAAiB,iDAAjB,CAAD,CAAb;MACD;;MACDN,OAAO,CAACE,CAAC,CAACC,IAAH,CAAP;IACD,CAdD;;IAgBApC,WAAW,CAACuB,MAAD,EAAS,SAAT,EAAoBM,eAApB,CAAX;IAEAC,SAAS,GAAGU,UAAU,CAAC,YAAY;MACjCN,MAAM,CAAC,IAAIK,oBAAJ,CAAiB,sBAAjB,CAAD,CAAN;IACD,CAFqB,EAEnBZ,OAAO,IAAI,MAFQ,CAAtB;EAGD,CAvB0B,CAA3B;EAyBA,OAAOI,oBAAoB,CACxBU,OADI,CACI,YAAY;IACnBC,YAAY,CAACZ,SAAD,CAAZ;IACAxB,cAAc,CAACiB,MAAD,EAAS,SAAT,EAAoBM,eAApB,CAAd;EACD,CAJI,CAAP;AAKD"}

package/cjs/oidc/util/defaultTokenParams.js.map

@@ -1 +1 @@
-{"version":3,"file":"defaultTokenParams.js","names":["getDefaultTokenParams","sdk","pkce","clientId","redirectUri","responseType","responseMode","scopes","state","ignoreSignature","options","defaultRedirectUri","isBrowser","window","location","href","undefined","removeNils","generateState","nonce","generateNonce"],"sources":["../../../../lib/oidc/util/defaultTokenParams.ts"],"sourcesContent":["\n/* global window */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { generateNonce, generateState } from './oauth';\nimport { OktaAuthOptionsInterface, TokenParams } from '../../types';\nimport { isBrowser } from '../../features';\nimport { removeNils } from '../../util';\n\nexport function getDefaultTokenParams(sdk: OktaAuthOptionsInterface): TokenParams {\n  const {\n    pkce,\n    clientId,\n    redirectUri,\n    responseType,\n    responseMode,\n    scopes,\n    state,\n    ignoreSignature\n  } = sdk.options;\n  const defaultRedirectUri = isBrowser() ? window.location.href : undefined;\n  return removeNils({\n    pkce,\n    clientId,\n    redirectUri: redirectUri || defaultRedirectUri,\n    responseType: responseType || ['token', 'id_token'],\n    responseMode,\n    state: state || generateState(),\n    nonce: generateNonce(),\n    scopes: scopes || ['openid', 'email'],\n    ignoreSignature\n  });\n}"],"mappings":";;;;AAcA;;AAEA;;AACA;;AAhBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,qBAAT,CAA+BC,GAA/B,EAA2E;EAChF,MAAM;IACJC,IADI;IAEJC,QAFI;IAGJC,WAHI;IAIJC,YAJI;IAKJC,YALI;IAMJC,MANI;IAOJC,KAPI;IAQJC;EARI,IASFR,GAAG,CAACS,OATR;EAUA,MAAMC,kBAAkB,GAAG,IAAAC,mBAAA,MAAcC,MAAM,CAACC,QAAP,CAAgBC,IAA9B,GAAqCC,SAAhE;EACA,OAAO,IAAAC,gBAAA,EAAW;IAChBf,IADgB;IAEhBC,QAFgB;IAGhBC,WAAW,EAAEA,WAAW,IAAIO,kBAHZ;IAIhBN,YAAY,EAAEA,YAAY,IAAI,CAAC,OAAD,EAAU,UAAV,CAJd;IAKhBC,YALgB;IAMhBE,KAAK,EAAEA,KAAK,IAAI,IAAAU,oBAAA,GANA;IAOhBC,KAAK,EAAE,IAAAC,oBAAA,GAPS;IAQhBb,MAAM,EAAEA,MAAM,IAAI,CAAC,QAAD,EAAW,OAAX,CARF;IAShBE;EATgB,CAAX,CAAP;AAWD"}
+{"version":3,"file":"defaultTokenParams.js","names":["getDefaultTokenParams","sdk","pkce","clientId","redirectUri","responseType","responseMode","scopes","state","ignoreSignature","options","defaultRedirectUri","isBrowser","window","location","href","undefined","removeNils","generateState","nonce","generateNonce"],"sources":["../../../../lib/oidc/util/defaultTokenParams.ts"],"sourcesContent":["\n/* global window */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { generateNonce, generateState } from './oauth';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { isBrowser } from '../../features';\nimport { removeNils } from '../../util';\n\nexport function getDefaultTokenParams(sdk: OktaAuthOAuthInterface): TokenParams {\n  const {\n    pkce,\n    clientId,\n    redirectUri,\n    responseType,\n    responseMode,\n    scopes,\n    state,\n    ignoreSignature\n  } = sdk.options;\n  const defaultRedirectUri = isBrowser() ? window.location.href : undefined;\n  return removeNils({\n    pkce,\n    clientId,\n    redirectUri: redirectUri || defaultRedirectUri,\n    responseType: responseType || ['token', 'id_token'],\n    responseMode,\n    state: state || generateState(),\n    nonce: generateNonce(),\n    scopes: scopes || ['openid', 'email'],\n    ignoreSignature\n  });\n}"],"mappings":";;;;AAcA;;AAEA;;AACA;;AAhBA;;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,qBAAT,CAA+BC,GAA/B,EAAyE;EAC9E,MAAM;IACJC,IADI;IAEJC,QAFI;IAGJC,WAHI;IAIJC,YAJI;IAKJC,YALI;IAMJC,MANI;IAOJC,KAPI;IAQJC;EARI,IASFR,GAAG,CAACS,OATR;EAUA,MAAMC,kBAAkB,GAAG,IAAAC,mBAAA,MAAcC,MAAM,CAACC,QAAP,CAAgBC,IAA9B,GAAqCC,SAAhE;EACA,OAAO,IAAAC,gBAAA,EAAW;IAChBf,IADgB;IAEhBC,QAFgB;IAGhBC,WAAW,EAAEA,WAAW,IAAIO,kBAHZ;IAIhBN,YAAY,EAAEA,YAAY,IAAI,CAAC,OAAD,EAAU,UAAV,CAJd;IAKhBC,YALgB;IAMhBE,KAAK,EAAEA,KAAK,IAAI,IAAAU,oBAAA,GANA;IAOhBC,KAAK,EAAE,IAAAC,oBAAA,GAPS;IAQhBb,MAAM,EAAEA,MAAM,IAAI,CAAC,QAAD,EAAW,OAAX,CARF;IAShBE;EATgB,CAAX,CAAP;AAWD"}

package/cjs/oidc/util/errors.js.map

@@ -1 +1 @@
-{"version":3,"file":"errors.js","names":["isInteractionRequiredError","error","name","oauthError","errorCode","isAuthorizationCodeError","sdk","authApiError","errorResponse","xhr","responseJSON","options","pkce","isRefreshTokenInvalidError","isOAuthError","errorSummary"],"sources":["../../../../lib/oidc/util/errors.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { OktaAuthOptionsInterface } from '../../types';\nimport { OAuthError, AuthApiError, isOAuthError } from '../../errors';\n\nexport function isInteractionRequiredError(error: Error) {\n  if (error.name !== 'OAuthError') {\n    return false;\n  }\n  const oauthError = error as OAuthError;\n  return (oauthError.errorCode === 'interaction_required');\n}\n\nexport function isAuthorizationCodeError(sdk: OktaAuthOptionsInterface, error: Error) {\n  if (error.name !== 'AuthApiError') {\n    return false;\n  }\n  const authApiError = error as AuthApiError;\n  // xhr property doesn't seem to match XMLHttpRequest type\n  const errorResponse = authApiError.xhr as unknown as Record<string, unknown>;\n  const responseJSON = errorResponse?.responseJSON as Record<string, unknown>;\n  return sdk.options.pkce && (responseJSON?.error as string === 'invalid_grant');\n}\n\nexport function isRefreshTokenInvalidError(error: unknown): boolean {\n  // error: {\"error\":\"invalid_grant\",\"error_description\":\"The refresh token is invalid or expired.\"}\n  return isOAuthError(error) &&\n    error.errorCode === 'invalid_grant' &&\n    error.errorSummary === 'The refresh token is invalid or expired.';\n}\n"],"mappings":";;;;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,0BAAT,CAAoCC,KAApC,EAAkD;EACvD,IAAIA,KAAK,CAACC,IAAN,KAAe,YAAnB,EAAiC;IAC/B,OAAO,KAAP;EACD;;EACD,MAAMC,UAAU,GAAGF,KAAnB;EACA,OAAQE,UAAU,CAACC,SAAX,KAAyB,sBAAjC;AACD;;AAEM,SAASC,wBAAT,CAAkCC,GAAlC,EAAiEL,KAAjE,EAA+E;EACpF,IAAIA,KAAK,CAACC,IAAN,KAAe,cAAnB,EAAmC;IACjC,OAAO,KAAP;EACD;;EACD,MAAMK,YAAY,GAAGN,KAArB,CAJoF,CAKpF;;EACA,MAAMO,aAAa,GAAGD,YAAY,CAACE,GAAnC;EACA,MAAMC,YAAY,GAAGF,aAAH,aAAGA,aAAH,uBAAGA,aAAa,CAAEE,YAApC;EACA,OAAOJ,GAAG,CAACK,OAAJ,CAAYC,IAAZ,IAAqB,CAAAF,YAAY,SAAZ,IAAAA,YAAY,WAAZ,YAAAA,YAAY,CAAET,KAAd,MAAkC,eAA9D;AACD;;AAEM,SAASY,0BAAT,CAAoCZ,KAApC,EAA6D;EAClE;EACA,OAAO,IAAAa,oBAAA,EAAab,KAAb,KACLA,KAAK,CAACG,SAAN,KAAoB,eADf,IAELH,KAAK,CAACc,YAAN,KAAuB,0CAFzB;AAGD"}
+{"version":3,"file":"errors.js","names":["isInteractionRequiredError","error","name","oauthError","errorCode","isAuthorizationCodeError","sdk","authApiError","errorResponse","xhr","responseJSON","options","pkce","isRefreshTokenInvalidError","isOAuthError","errorSummary"],"sources":["../../../../lib/oidc/util/errors.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { OktaAuthOAuthInterface } from '../types';\nimport { OAuthError, AuthApiError, isOAuthError } from '../../errors';\n\nexport function isInteractionRequiredError(error: Error) {\n  if (error.name !== 'OAuthError') {\n    return false;\n  }\n  const oauthError = error as OAuthError;\n  return (oauthError.errorCode === 'interaction_required');\n}\n\nexport function isAuthorizationCodeError(sdk: OktaAuthOAuthInterface, error: Error) {\n  if (error.name !== 'AuthApiError') {\n    return false;\n  }\n  const authApiError = error as AuthApiError;\n  // xhr property doesn't seem to match XMLHttpRequest type\n  const errorResponse = authApiError.xhr as unknown as Record<string, unknown>;\n  const responseJSON = errorResponse?.responseJSON as Record<string, unknown>;\n  return sdk.options.pkce && (responseJSON?.error as string === 'invalid_grant');\n}\n\nexport function isRefreshTokenInvalidError(error: unknown): boolean {\n  // error: {\"error\":\"invalid_grant\",\"error_description\":\"The refresh token is invalid or expired.\"}\n  return isOAuthError(error) &&\n    error.errorCode === 'invalid_grant' &&\n    error.errorSummary === 'The refresh token is invalid or expired.';\n}\n"],"mappings":";;;;;;AAcA;;AAdA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAMO,SAASA,0BAAT,CAAoCC,KAApC,EAAkD;EACvD,IAAIA,KAAK,CAACC,IAAN,KAAe,YAAnB,EAAiC;IAC/B,OAAO,KAAP;EACD;;EACD,MAAMC,UAAU,GAAGF,KAAnB;EACA,OAAQE,UAAU,CAACC,SAAX,KAAyB,sBAAjC;AACD;;AAEM,SAASC,wBAAT,CAAkCC,GAAlC,EAA+DL,KAA/D,EAA6E;EAClF,IAAIA,KAAK,CAACC,IAAN,KAAe,cAAnB,EAAmC;IACjC,OAAO,KAAP;EACD;;EACD,MAAMK,YAAY,GAAGN,KAArB,CAJkF,CAKlF;;EACA,MAAMO,aAAa,GAAGD,YAAY,CAACE,GAAnC;EACA,MAAMC,YAAY,GAAGF,aAAH,aAAGA,aAAH,uBAAGA,aAAa,CAAEE,YAApC;EACA,OAAOJ,GAAG,CAACK,OAAJ,CAAYC,IAAZ,IAAqB,CAAAF,YAAY,SAAZ,IAAAA,YAAY,WAAZ,YAAAA,YAAY,CAAET,KAAd,MAAkC,eAA9D;AACD;;AAEM,SAASY,0BAAT,CAAoCZ,KAApC,EAA6D;EAClE;EACA,OAAO,IAAAa,oBAAA,EAAab,KAAb,KACLA,KAAK,CAACG,SAAN,KAAoB,eADf,IAELH,KAAK,CAACc,YAAN,KAAuB,0CAFzB;AAGD"}

package/cjs/oidc/util/index.js

@@ -1,8 +1,6 @@
 "use strict";
 
-var _Object$keys = require("@babel/runtime-corejs3/core-js-stable/object/keys");
-
-var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
 
 var _exportNames = {
   pkce: true
@@ -16,7 +14,7 @@ Object.defineProperty(exports, "pkce", {
 
 var _browser = require("./browser");
 
-_Object$keys(_browser).forEach(function (key) {
+Object.keys(_browser).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
   if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
   if (key in exports && exports[key] === _browser[key]) return;
@@ -30,7 +28,7 @@ _Object$keys(_browser).forEach(function (key) {
 
 var _defaultTokenParams = require("./defaultTokenParams");
 
-_Object$keys(_defaultTokenParams).forEach(function (key) {
+Object.keys(_defaultTokenParams).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
   if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
   if (key in exports && exports[key] === _defaultTokenParams[key]) return;
@@ -44,7 +42,7 @@ _Object$keys(_defaultTokenParams).forEach(function (key) {
 
 var _errors = require("./errors");
 
-_Object$keys(_errors).forEach(function (key) {
+Object.keys(_errors).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
   if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
   if (key in exports && exports[key] === _errors[key]) return;
@@ -58,7 +56,7 @@ _Object$keys(_errors).forEach(function (key) {
 
 var _loginRedirect = require("./loginRedirect");
 
-_Object$keys(_loginRedirect).forEach(function (key) {
+Object.keys(_loginRedirect).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
   if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
   if (key in exports && exports[key] === _loginRedirect[key]) return;
@@ -72,7 +70,7 @@ _Object$keys(_loginRedirect).forEach(function (key) {
 
 var _oauth = require("./oauth");
 
-_Object$keys(_oauth).forEach(function (key) {
+Object.keys(_oauth).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
   if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
   if (key in exports && exports[key] === _oauth[key]) return;
@@ -86,7 +84,7 @@ _Object$keys(_oauth).forEach(function (key) {
 
 var _oauthMeta = require("./oauthMeta");
 
-_Object$keys(_oauthMeta).forEach(function (key) {
+Object.keys(_oauthMeta).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
   if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
   if (key in exports && exports[key] === _oauthMeta[key]) return;
@@ -102,7 +100,7 @@ var _pkce = _interopRequireDefault(require("./pkce"));
 
 var _prepareTokenParams = require("./prepareTokenParams");
 
-_Object$keys(_prepareTokenParams).forEach(function (key) {
+Object.keys(_prepareTokenParams).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
   if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
   if (key in exports && exports[key] === _prepareTokenParams[key]) return;
@@ -116,7 +114,7 @@ _Object$keys(_prepareTokenParams).forEach(function (key) {
 
 var _refreshToken = require("./refreshToken");
 
-_Object$keys(_refreshToken).forEach(function (key) {
+Object.keys(_refreshToken).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
   if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
   if (key in exports && exports[key] === _refreshToken[key]) return;
@@ -130,7 +128,7 @@ _Object$keys(_refreshToken).forEach(function (key) {
 
 var _urlParams = require("./urlParams");
 
-_Object$keys(_urlParams).forEach(function (key) {
+Object.keys(_urlParams).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
   if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
   if (key in exports && exports[key] === _urlParams[key]) return;
@@ -144,7 +142,7 @@ _Object$keys(_urlParams).forEach(function (key) {
 
 var _validateClaims = require("./validateClaims");
 
-_Object$keys(_validateClaims).forEach(function (key) {
+Object.keys(_validateClaims).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
   if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
   if (key in exports && exports[key] === _validateClaims[key]) return;
@@ -158,7 +156,7 @@ _Object$keys(_validateClaims).forEach(function (key) {
 
 var _validateToken = require("./validateToken");
 
-_Object$keys(_validateToken).forEach(function (key) {
+Object.keys(_validateToken).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
   if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
   if (key in exports && exports[key] === _validateToken[key]) return;

package/cjs/oidc/util/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","names":[],"sources":["../../../../lib/oidc/util/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n\nexport * from './browser';\nexport * from './defaultTokenParams';\nexport * from './errors';\nexport * from './loginRedirect';\nexport * from './oauth';\nexport * from './oauthMeta';\nimport pkce from './pkce';\nexport { pkce };\nexport * from './prepareTokenParams';\nexport * from './refreshToken';\nexport * from './urlParams';\nexport * from './validateClaims';\nexport * from './validateToken';\n"],"mappings":";;;;;;;;;;;;;;;;AAcA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAEA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}
+{"version":3,"file":"index.js","names":[],"sources":["../../../../lib/oidc/util/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n\nexport * from './browser';\nexport * from './defaultTokenParams';\nexport * from './errors';\nexport * from './loginRedirect';\nexport * from './oauth';\nexport * from './oauthMeta';\nimport pkce from './pkce';\nexport { pkce };\nexport * from './prepareTokenParams';\nexport * from './refreshToken';\nexport * from './urlParams';\nexport * from './validateClaims';\nexport * from './validateToken';\n"],"mappings":";;;;;;;;;;;;;;AAcA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAEA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}

package/cjs/oidc/util/loginRedirect.js

@@ -1,7 +1,5 @@
 "use strict";
 
-var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
-
 exports.getHashOrSearch = getHashOrSearch;
 exports.hasAuthorizationCode = hasAuthorizationCode;
 exports.hasErrorInUrl = hasErrorInUrl;
@@ -12,8 +10,6 @@ exports.isInteractionRequired = isInteractionRequired;
 exports.isLoginRedirect = isLoginRedirect;
 exports.isRedirectUri = isRedirectUri;
 
-var _indexOf = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/index-of"));
-
 /*!
  * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -55,7 +51,7 @@ function isRedirectUri(uri, sdk) {
     return false;
   }
 
-  return (0, _indexOf.default)(uri).call(uri, authParams.redirectUri) === 0;
+  return uri.indexOf(authParams.redirectUri) === 0;
 }
 
 function isCodeFlow(options) {

package/cjs/oidc/util/loginRedirect.js.map

@@ -1 +1 @@
-{"version":3,"file":"loginRedirect.js","names":["hasTokensInHash","hash","test","hasAuthorizationCode","hashOrSearch","hasInteractionCode","hasErrorInUrl","isRedirectUri","uri","sdk","authParams","options","redirectUri","isCodeFlow","pkce","responseType","responseMode","getHashOrSearch","codeFlow","useQuery","window","location","search","isLoginRedirect","href","hasCode","isInteractionRequired"],"sources":["../../../../lib/oidc/util/loginRedirect.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window */\n/* eslint-disable complexity, max-statements */\nimport { OktaAuthOptionsInterface, OktaAuthOptions } from '../../types';\n\nexport function hasTokensInHash(hash: string): boolean {\n  return /((id|access)_token=)/i.test(hash);\n}\n\n// authorization_code\nexport function hasAuthorizationCode(hashOrSearch: string): boolean {\n  return /(code=)/i.test(hashOrSearch);\n}\n\n// interaction_code\nexport function hasInteractionCode(hashOrSearch: string): boolean {\n  return /(interaction_code=)/i.test(hashOrSearch);\n}\n\nexport function hasErrorInUrl(hashOrSearch: string): boolean {\n  return /(error=)/i.test(hashOrSearch) || /(error_description)/i.test(hashOrSearch);\n}\n\nexport function isRedirectUri(uri: string, sdk: OktaAuthOptionsInterface): boolean {\n  var authParams = sdk.options;\n  if (!uri || !authParams.redirectUri) {\n    return false;\n  }\n  return uri.indexOf(authParams.redirectUri) === 0;\n}\n\nexport function isCodeFlow(options: OktaAuthOptions) {\n  return options.pkce || options.responseType === 'code' || options.responseMode === 'query';\n}\n\nexport function getHashOrSearch(options: OktaAuthOptions) {\n  var codeFlow = isCodeFlow(options);\n  var useQuery = codeFlow && options.responseMode !== 'fragment';\n  return useQuery ? window.location.search : window.location.hash;\n}\n\n/**\n * Check if tokens or a code have been passed back into the url, which happens in\n * the OIDC (including social auth IDP) redirect flow.\n */\nexport function isLoginRedirect (sdk: OktaAuthOptionsInterface) {\n  // First check, is this a redirect URI?\n  if (!isRedirectUri(window.location.href, sdk)){\n    return false;\n  }\n\n  // The location contains either a code, token, or an error + error_description\n  var codeFlow = isCodeFlow(sdk.options);\n  var hashOrSearch = getHashOrSearch(sdk.options);\n\n  if (hasErrorInUrl(hashOrSearch)) {\n    return true;\n  }\n\n  if (codeFlow) {\n    var hasCode =  hasAuthorizationCode(hashOrSearch) || hasInteractionCode(hashOrSearch);\n    return hasCode;\n  }\n\n  // implicit flow, will always be hash fragment\n  return hasTokensInHash(window.location.hash);\n}\n\n/**\n * Check if error=interaction_required has been passed back in the url, which happens in\n * the social auth IDP redirect flow.\n */\nexport function isInteractionRequired (sdk: OktaAuthOptionsInterface, hashOrSearch?: string) {\n  if (!hashOrSearch) { // web only\n    // First check, is this a redirect URI?\n    if (!isLoginRedirect(sdk)){\n      return false;\n    }\n  \n    hashOrSearch = getHashOrSearch(sdk.options);\n  }\n  return /(error=interaction_required)/i.test(hashOrSearch);\n}"],"mappings":";;;;;;;;;;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AACA;AAGO,SAASA,eAAT,CAAyBC,IAAzB,EAAgD;EACrD,OAAO,wBAAwBC,IAAxB,CAA6BD,IAA7B,CAAP;AACD,C,CAED;;;AACO,SAASE,oBAAT,CAA8BC,YAA9B,EAA6D;EAClE,OAAO,WAAWF,IAAX,CAAgBE,YAAhB,CAAP;AACD,C,CAED;;;AACO,SAASC,kBAAT,CAA4BD,YAA5B,EAA2D;EAChE,OAAO,uBAAuBF,IAAvB,CAA4BE,YAA5B,CAAP;AACD;;AAEM,SAASE,aAAT,CAAuBF,YAAvB,EAAsD;EAC3D,OAAO,YAAYF,IAAZ,CAAiBE,YAAjB,KAAkC,uBAAuBF,IAAvB,CAA4BE,YAA5B,CAAzC;AACD;;AAEM,SAASG,aAAT,CAAuBC,GAAvB,EAAoCC,GAApC,EAA4E;EACjF,IAAIC,UAAU,GAAGD,GAAG,CAACE,OAArB;;EACA,IAAI,CAACH,GAAD,IAAQ,CAACE,UAAU,CAACE,WAAxB,EAAqC;IACnC,OAAO,KAAP;EACD;;EACD,OAAO,sBAAAJ,GAAG,MAAH,CAAAA,GAAG,EAASE,UAAU,CAACE,WAApB,CAAH,KAAwC,CAA/C;AACD;;AAEM,SAASC,UAAT,CAAoBF,OAApB,EAA8C;EACnD,OAAOA,OAAO,CAACG,IAAR,IAAgBH,OAAO,CAACI,YAAR,KAAyB,MAAzC,IAAmDJ,OAAO,CAACK,YAAR,KAAyB,OAAnF;AACD;;AAEM,SAASC,eAAT,CAAyBN,OAAzB,EAAmD;EACxD,IAAIO,QAAQ,GAAGL,UAAU,CAACF,OAAD,CAAzB;EACA,IAAIQ,QAAQ,GAAGD,QAAQ,IAAIP,OAAO,CAACK,YAAR,KAAyB,UAApD;EACA,OAAOG,QAAQ,GAAGC,MAAM,CAACC,QAAP,CAAgBC,MAAnB,GAA4BF,MAAM,CAACC,QAAP,CAAgBpB,IAA3D;AACD;AAED;AACA;AACA;AACA;;;AACO,SAASsB,eAAT,CAA0Bd,GAA1B,EAAyD;EAC9D;EACA,IAAI,CAACF,aAAa,CAACa,MAAM,CAACC,QAAP,CAAgBG,IAAjB,EAAuBf,GAAvB,CAAlB,EAA8C;IAC5C,OAAO,KAAP;EACD,CAJ6D,CAM9D;;;EACA,IAAIS,QAAQ,GAAGL,UAAU,CAACJ,GAAG,CAACE,OAAL,CAAzB;EACA,IAAIP,YAAY,GAAGa,eAAe,CAACR,GAAG,CAACE,OAAL,CAAlC;;EAEA,IAAIL,aAAa,CAACF,YAAD,CAAjB,EAAiC;IAC/B,OAAO,IAAP;EACD;;EAED,IAAIc,QAAJ,EAAc;IACZ,IAAIO,OAAO,GAAItB,oBAAoB,CAACC,YAAD,CAApB,IAAsCC,kBAAkB,CAACD,YAAD,CAAvE;IACA,OAAOqB,OAAP;EACD,CAjB6D,CAmB9D;;;EACA,OAAOzB,eAAe,CAACoB,MAAM,CAACC,QAAP,CAAgBpB,IAAjB,CAAtB;AACD;AAED;AACA;AACA;AACA;;;AACO,SAASyB,qBAAT,CAAgCjB,GAAhC,EAA+DL,YAA/D,EAAsF;EAC3F,IAAI,CAACA,YAAL,EAAmB;IAAE;IACnB;IACA,IAAI,CAACmB,eAAe,CAACd,GAAD,CAApB,EAA0B;MACxB,OAAO,KAAP;IACD;;IAEDL,YAAY,GAAGa,eAAe,CAACR,GAAG,CAACE,OAAL,CAA9B;EACD;;EACD,OAAO,gCAAgCT,IAAhC,CAAqCE,YAArC,CAAP;AACD"}
+{"version":3,"file":"loginRedirect.js","names":["hasTokensInHash","hash","test","hasAuthorizationCode","hashOrSearch","hasInteractionCode","hasErrorInUrl","isRedirectUri","uri","sdk","authParams","options","redirectUri","indexOf","isCodeFlow","pkce","responseType","responseMode","getHashOrSearch","codeFlow","useQuery","window","location","search","isLoginRedirect","href","hasCode","isInteractionRequired"],"sources":["../../../../lib/oidc/util/loginRedirect.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window */\n/* eslint-disable complexity, max-statements */\nimport { OktaAuthOAuthOptions, OktaAuthOAuthInterface } from '../types';\n\nexport function hasTokensInHash(hash: string): boolean {\n  return /((id|access)_token=)/i.test(hash);\n}\n\n// authorization_code\nexport function hasAuthorizationCode(hashOrSearch: string): boolean {\n  return /(code=)/i.test(hashOrSearch);\n}\n\n// interaction_code\nexport function hasInteractionCode(hashOrSearch: string): boolean {\n  return /(interaction_code=)/i.test(hashOrSearch);\n}\n\nexport function hasErrorInUrl(hashOrSearch: string): boolean {\n  return /(error=)/i.test(hashOrSearch) || /(error_description)/i.test(hashOrSearch);\n}\n\nexport function isRedirectUri(uri: string, sdk: OktaAuthOAuthInterface): boolean {\n  var authParams = sdk.options;\n  if (!uri || !authParams.redirectUri) {\n    return false;\n  }\n  return uri.indexOf(authParams.redirectUri) === 0;\n}\n\nexport function isCodeFlow(options: OktaAuthOAuthOptions) {\n  return options.pkce || options.responseType === 'code' || options.responseMode === 'query';\n}\n\nexport function getHashOrSearch(options: OktaAuthOAuthOptions) {\n  var codeFlow = isCodeFlow(options);\n  var useQuery = codeFlow && options.responseMode !== 'fragment';\n  return useQuery ? window.location.search : window.location.hash;\n}\n\n/**\n * Check if tokens or a code have been passed back into the url, which happens in\n * the OIDC (including social auth IDP) redirect flow.\n */\nexport function isLoginRedirect (sdk: OktaAuthOAuthInterface) {\n  // First check, is this a redirect URI?\n  if (!isRedirectUri(window.location.href, sdk)){\n    return false;\n  }\n\n  // The location contains either a code, token, or an error + error_description\n  var codeFlow = isCodeFlow(sdk.options);\n  var hashOrSearch = getHashOrSearch(sdk.options);\n\n  if (hasErrorInUrl(hashOrSearch)) {\n    return true;\n  }\n\n  if (codeFlow) {\n    var hasCode =  hasAuthorizationCode(hashOrSearch) || hasInteractionCode(hashOrSearch);\n    return hasCode;\n  }\n\n  // implicit flow, will always be hash fragment\n  return hasTokensInHash(window.location.hash);\n}\n\n/**\n * Check if error=interaction_required has been passed back in the url, which happens in\n * the social auth IDP redirect flow.\n */\nexport function isInteractionRequired (sdk: OktaAuthOAuthInterface, hashOrSearch?: string) {\n  if (!hashOrSearch) { // web only\n    // First check, is this a redirect URI?\n    if (!isLoginRedirect(sdk)){\n      return false;\n    }\n  \n    hashOrSearch = getHashOrSearch(sdk.options);\n  }\n  return /(error=interaction_required)/i.test(hashOrSearch);\n}"],"mappings":";;;;;;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA;;AACA;AAGO,SAASA,eAAT,CAAyBC,IAAzB,EAAgD;EACrD,OAAO,wBAAwBC,IAAxB,CAA6BD,IAA7B,CAAP;AACD,C,CAED;;;AACO,SAASE,oBAAT,CAA8BC,YAA9B,EAA6D;EAClE,OAAO,WAAWF,IAAX,CAAgBE,YAAhB,CAAP;AACD,C,CAED;;;AACO,SAASC,kBAAT,CAA4BD,YAA5B,EAA2D;EAChE,OAAO,uBAAuBF,IAAvB,CAA4BE,YAA5B,CAAP;AACD;;AAEM,SAASE,aAAT,CAAuBF,YAAvB,EAAsD;EAC3D,OAAO,YAAYF,IAAZ,CAAiBE,YAAjB,KAAkC,uBAAuBF,IAAvB,CAA4BE,YAA5B,CAAzC;AACD;;AAEM,SAASG,aAAT,CAAuBC,GAAvB,EAAoCC,GAApC,EAA0E;EAC/E,IAAIC,UAAU,GAAGD,GAAG,CAACE,OAArB;;EACA,IAAI,CAACH,GAAD,IAAQ,CAACE,UAAU,CAACE,WAAxB,EAAqC;IACnC,OAAO,KAAP;EACD;;EACD,OAAOJ,GAAG,CAACK,OAAJ,CAAYH,UAAU,CAACE,WAAvB,MAAwC,CAA/C;AACD;;AAEM,SAASE,UAAT,CAAoBH,OAApB,EAAmD;EACxD,OAAOA,OAAO,CAACI,IAAR,IAAgBJ,OAAO,CAACK,YAAR,KAAyB,MAAzC,IAAmDL,OAAO,CAACM,YAAR,KAAyB,OAAnF;AACD;;AAEM,SAASC,eAAT,CAAyBP,OAAzB,EAAwD;EAC7D,IAAIQ,QAAQ,GAAGL,UAAU,CAACH,OAAD,CAAzB;EACA,IAAIS,QAAQ,GAAGD,QAAQ,IAAIR,OAAO,CAACM,YAAR,KAAyB,UAApD;EACA,OAAOG,QAAQ,GAAGC,MAAM,CAACC,QAAP,CAAgBC,MAAnB,GAA4BF,MAAM,CAACC,QAAP,CAAgBrB,IAA3D;AACD;AAED;AACA;AACA;AACA;;;AACO,SAASuB,eAAT,CAA0Bf,GAA1B,EAAuD;EAC5D;EACA,IAAI,CAACF,aAAa,CAACc,MAAM,CAACC,QAAP,CAAgBG,IAAjB,EAAuBhB,GAAvB,CAAlB,EAA8C;IAC5C,OAAO,KAAP;EACD,CAJ2D,CAM5D;;;EACA,IAAIU,QAAQ,GAAGL,UAAU,CAACL,GAAG,CAACE,OAAL,CAAzB;EACA,IAAIP,YAAY,GAAGc,eAAe,CAACT,GAAG,CAACE,OAAL,CAAlC;;EAEA,IAAIL,aAAa,CAACF,YAAD,CAAjB,EAAiC;IAC/B,OAAO,IAAP;EACD;;EAED,IAAIe,QAAJ,EAAc;IACZ,IAAIO,OAAO,GAAIvB,oBAAoB,CAACC,YAAD,CAApB,IAAsCC,kBAAkB,CAACD,YAAD,CAAvE;IACA,OAAOsB,OAAP;EACD,CAjB2D,CAmB5D;;;EACA,OAAO1B,eAAe,CAACqB,MAAM,CAACC,QAAP,CAAgBrB,IAAjB,CAAtB;AACD;AAED;AACA;AACA;AACA;;;AACO,SAAS0B,qBAAT,CAAgClB,GAAhC,EAA6DL,YAA7D,EAAoF;EACzF,IAAI,CAACA,YAAL,EAAmB;IAAE;IACnB;IACA,IAAI,CAACoB,eAAe,CAACf,GAAD,CAApB,EAA0B;MACxB,OAAO,KAAP;IACD;;IAEDL,YAAY,GAAGc,eAAe,CAACT,GAAG,CAACE,OAAL,CAA9B;EACD;;EACD,OAAO,gCAAgCT,IAAhC,CAAqCE,YAArC,CAAP;AACD"}

package/cjs/oidc/util/oauth.js

@@ -1,6 +1,6 @@
 "use strict";
 
-var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault");
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
 
 exports.generateNonce = generateNonce;
 exports.generateState = generateState;
@@ -8,8 +8,6 @@ exports.getOAuthBaseUrl = getOAuthBaseUrl;
 exports.getOAuthDomain = getOAuthDomain;
 exports.getOAuthUrls = getOAuthUrls;
 
-var _indexOf = _interopRequireDefault(require("@babel/runtime-corejs3/core-js-stable/instance/index-of"));
-
 var _util = require("../../util");
 
 var _AuthSdkError = _interopRequireDefault(require("../../errors/AuthSdkError"));
@@ -43,7 +41,7 @@ function getIssuer(sdk, options = {}) {
 
 function getOAuthBaseUrl(sdk, options = {}) {
   const issuer = getIssuer(sdk, options);
-  const baseUrl = (0, _indexOf.default)(issuer).call(issuer, '/oauth2') > 0 ? issuer : issuer + '/oauth2';
+  const baseUrl = issuer.indexOf('/oauth2') > 0 ? issuer : issuer + '/oauth2';
   return baseUrl;
 }