@okta/okta-auth-js 6.9.0 → 7.0.1

package/cjs/oidc/index.js

@@ -1,7 +1,5 @@
 "use strict";
 
-var _Object$keys = require("@babel/runtime-corejs3/core-js-stable/object/keys");
-
 var _exportNames = {
   decodeToken: true,
   revokeToken: true,
@@ -103,9 +101,51 @@ Object.defineProperty(exports, "verifyToken", {
   }
 });
 
+var _factory = require("./factory");
+
+Object.keys(_factory).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _factory[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _factory[key];
+    }
+  });
+});
+
+var _mixin = require("./mixin");
+
+Object.keys(_mixin).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _mixin[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _mixin[key];
+    }
+  });
+});
+
+var _storage = require("./storage");
+
+Object.keys(_storage).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _storage[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _storage[key];
+    }
+  });
+});
+
 var _endpoints = require("./endpoints");
 
-_Object$keys(_endpoints).forEach(function (key) {
+Object.keys(_endpoints).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
   if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
   if (key in exports && exports[key] === _endpoints[key]) return;
@@ -117,9 +157,65 @@ _Object$keys(_endpoints).forEach(function (key) {
   });
 });
 
+var _options = require("./options");
+
+Object.keys(_options).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _options[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _options[key];
+    }
+  });
+});
+
+var _types = require("./types");
+
+Object.keys(_types).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _types[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _types[key];
+    }
+  });
+});
+
+var _TokenManager = require("./TokenManager");
+
+Object.keys(_TokenManager).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _TokenManager[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _TokenManager[key];
+    }
+  });
+});
+
+var _TransactionManager = require("./TransactionManager");
+
+Object.keys(_TransactionManager).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _TransactionManager[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _TransactionManager[key];
+    }
+  });
+});
+
 var _util = require("./util");
 
-_Object$keys(_util).forEach(function (key) {
+Object.keys(_util).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
   if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
   if (key in exports && exports[key] === _util[key]) return;

package/cjs/oidc/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","names":[],"sources":["../../../lib/oidc/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nexport * from './endpoints';\nexport * from './util';\n\nexport { decodeToken } from './decodeToken';\nexport { revokeToken } from './revokeToken';\nexport { renewToken } from './renewToken';\nexport { renewTokensWithRefresh } from './renewTokensWithRefresh';\nexport { renewTokens } from './renewTokens';\nexport { verifyToken } from './verifyToken';\nexport { getUserInfo } from './getUserInfo';\nexport { handleOAuthResponse } from './handleOAuthResponse';\nexport { exchangeCodeForTokens } from './exchangeCodeForTokens';\nexport { getToken } from './getToken';\nexport { getWithoutPrompt } from './getWithoutPrompt';\nexport { getWithPopup } from './getWithPopup';\nexport { getWithRedirect } from './getWithRedirect';\nexport { parseFromUrl } from './parseFromUrl';\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAYA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AAEA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA"}
+{"version":3,"file":"index.js","names":[],"sources":["../../../lib/oidc/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nexport * from './factory';\nexport * from './mixin';\nexport * from './storage';\nexport * from './endpoints';\nexport * from './options';\nexport * from './types';\nexport * from './TokenManager';\nexport * from './TransactionManager';\nexport * from './util';\n\nexport { decodeToken } from './decodeToken';\nexport { revokeToken } from './revokeToken';\nexport { renewToken } from './renewToken';\nexport { renewTokensWithRefresh } from './renewTokensWithRefresh';\nexport { renewTokens } from './renewTokens';\nexport { verifyToken } from './verifyToken';\nexport { getUserInfo } from './getUserInfo';\nexport { handleOAuthResponse } from './handleOAuthResponse';\nexport { exchangeCodeForTokens } from './exchangeCodeForTokens';\nexport { getToken } from './getToken';\nexport { getWithoutPrompt } from './getWithoutPrompt';\nexport { getWithPopup } from './getWithPopup';\nexport { getWithRedirect } from './getWithRedirect';\nexport { parseFromUrl } from './parseFromUrl';\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAYA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AAEA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA"}

package/cjs/oidc/mixin/browser.js

@@ -0,0 +1,62 @@
+"use strict";
+
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
+
+exports.provideOriginalUri = provideOriginalUri;
+
+var _constants = require("../../constants");
+
+var _browserStorage = _interopRequireDefault(require("../../browser/browserStorage"));
+
+function provideOriginalUri(BaseClass) {
+  return class WithOriginalUri extends BaseClass {
+    setOriginalUri(originalUri, state) {
+      // always store in session storage
+      const sessionStorage = _browserStorage.default.getSessionStorage();
+
+      sessionStorage.setItem(_constants.REFERRER_PATH_STORAGE_KEY, originalUri); // to support multi-tab flows, set a state in constructor or pass as param
+
+      state = state || this.options.state;
+
+      if (state) {
+        const sharedStorage = this.storageManager.getOriginalUriStorage();
+        sharedStorage.setItem(state, originalUri);
+      }
+    }
+
+    getOriginalUri(state) {
+      // Prefer shared storage (if state is available)
+      state = state || this.options.state;
+
+      if (state) {
+        const sharedStorage = this.storageManager.getOriginalUriStorage();
+        const originalUri = sharedStorage.getItem(state);
+
+        if (originalUri) {
+          return originalUri;
+        }
+      } // Try to load from session storage
+
+
+      const storage = _browserStorage.default.getSessionStorage();
+
+      return storage ? storage.getItem(_constants.REFERRER_PATH_STORAGE_KEY) || undefined : undefined;
+    }
+
+    removeOriginalUri(state) {
+      // Remove from sessionStorage
+      const storage = _browserStorage.default.getSessionStorage();
+
+      storage.removeItem(_constants.REFERRER_PATH_STORAGE_KEY); // Also remove from shared storage
+
+      state = state || this.options.state;
+
+      if (state) {
+        const sharedStorage = this.storageManager.getOriginalUriStorage();
+        sharedStorage.removeItem && sharedStorage.removeItem(state);
+      }
+    }
+
+  };
+}
+//# sourceMappingURL=browser.js.map

package/cjs/oidc/mixin/browser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"browser.js","names":["provideOriginalUri","BaseClass","WithOriginalUri","setOriginalUri","originalUri","state","sessionStorage","browserStorage","getSessionStorage","setItem","REFERRER_PATH_STORAGE_KEY","options","sharedStorage","storageManager","getOriginalUriStorage","getOriginalUri","getItem","storage","undefined","removeOriginalUri","removeItem"],"sources":["../../../../lib/oidc/mixin/browser.ts"],"sourcesContent":["import { REFERRER_PATH_STORAGE_KEY } from '../../constants';\nimport browserStorage from '../../browser/browserStorage';\nimport { OktaAuthStorageInterface } from '../../storage';\nimport { OktaAuthConstructor } from '../../base';\nimport {\n  OAuthStorageManagerInterface,\n  OAuthTransactionMeta,\n  OktaAuthOAuthOptions,\n  OriginalUriApi,\n  PKCETransactionMeta,\n} from '../types';\n\nexport function provideOriginalUri\n<\n  M extends OAuthTransactionMeta = PKCETransactionMeta,\n  S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n  O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n  TBase extends OktaAuthConstructor<OktaAuthStorageInterface<S, O>>\n    = OktaAuthConstructor<OktaAuthStorageInterface<S, O>> \n>\n(BaseClass: TBase) {\n  return class WithOriginalUri extends BaseClass implements OriginalUriApi {\n    setOriginalUri(originalUri: string, state?: string): void {\n      // always store in session storage\n      const sessionStorage = browserStorage.getSessionStorage();\n      sessionStorage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n  \n      // to support multi-tab flows, set a state in constructor or pass as param\n      state = state || this.options.state;\n      if (state) {\n        const sharedStorage = this.storageManager.getOriginalUriStorage();\n        sharedStorage.setItem(state, originalUri);\n      }\n    }\n  \n    getOriginalUri(state?: string): string | undefined {\n      // Prefer shared storage (if state is available)\n      state = state || this.options.state;\n      if (state) {\n        const sharedStorage = this.storageManager.getOriginalUriStorage();\n        const originalUri = sharedStorage.getItem(state);\n        if (originalUri) {\n          return originalUri;\n        }\n      }\n  \n      // Try to load from session storage\n      const storage = browserStorage.getSessionStorage();\n      return storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) || undefined : undefined;\n    }\n  \n    removeOriginalUri(state?: string): void {\n      // Remove from sessionStorage\n      const storage = browserStorage.getSessionStorage();\n      storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n  \n      // Also remove from shared storage\n      state = state || this.options.state;\n      if (state) {\n        const sharedStorage = this.storageManager.getOriginalUriStorage();\n        sharedStorage.removeItem && sharedStorage.removeItem(state);\n      }\n    }\n  };\n}\n"],"mappings":";;;;;;AAAA;;AACA;;AAWO,SAASA,kBAAT,CAQNC,SARM,EAQY;EACjB,OAAO,MAAMC,eAAN,SAA8BD,SAA9B,CAAkE;IACvEE,cAAc,CAACC,WAAD,EAAsBC,KAAtB,EAA4C;MACxD;MACA,MAAMC,cAAc,GAAGC,uBAAA,CAAeC,iBAAf,EAAvB;;MACAF,cAAc,CAACG,OAAf,CAAuBC,oCAAvB,EAAkDN,WAAlD,EAHwD,CAKxD;;MACAC,KAAK,GAAGA,KAAK,IAAI,KAAKM,OAAL,CAAaN,KAA9B;;MACA,IAAIA,KAAJ,EAAW;QACT,MAAMO,aAAa,GAAG,KAAKC,cAAL,CAAoBC,qBAApB,EAAtB;QACAF,aAAa,CAACH,OAAd,CAAsBJ,KAAtB,EAA6BD,WAA7B;MACD;IACF;;IAEDW,cAAc,CAACV,KAAD,EAAqC;MACjD;MACAA,KAAK,GAAGA,KAAK,IAAI,KAAKM,OAAL,CAAaN,KAA9B;;MACA,IAAIA,KAAJ,EAAW;QACT,MAAMO,aAAa,GAAG,KAAKC,cAAL,CAAoBC,qBAApB,EAAtB;QACA,MAAMV,WAAW,GAAGQ,aAAa,CAACI,OAAd,CAAsBX,KAAtB,CAApB;;QACA,IAAID,WAAJ,EAAiB;UACf,OAAOA,WAAP;QACD;MACF,CATgD,CAWjD;;;MACA,MAAMa,OAAO,GAAGV,uBAAA,CAAeC,iBAAf,EAAhB;;MACA,OAAOS,OAAO,GAAGA,OAAO,CAACD,OAAR,CAAgBN,oCAAhB,KAA8CQ,SAAjD,GAA6DA,SAA3E;IACD;;IAEDC,iBAAiB,CAACd,KAAD,EAAuB;MACtC;MACA,MAAMY,OAAO,GAAGV,uBAAA,CAAeC,iBAAf,EAAhB;;MACAS,OAAO,CAACG,UAAR,CAAmBV,oCAAnB,EAHsC,CAKtC;;MACAL,KAAK,GAAGA,KAAK,IAAI,KAAKM,OAAL,CAAaN,KAA9B;;MACA,IAAIA,KAAJ,EAAW;QACT,MAAMO,aAAa,GAAG,KAAKC,cAAL,CAAoBC,qBAApB,EAAtB;QACAF,aAAa,CAACQ,UAAd,IAA4BR,aAAa,CAACQ,UAAd,CAAyBf,KAAzB,CAA5B;MACD;IACF;;EAzCsE,CAAzE;AA2CD"}

package/cjs/oidc/mixin/index.js

@@ -0,0 +1,342 @@
+"use strict";
+
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
+
+exports.mixinOAuth = mixinOAuth;
+
+var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/defineProperty"));
+
+var _http = require("../../http");
+
+var _util = require("../../util");
+
+var crypto = _interopRequireWildcard(require("../../crypto"));
+
+var _pkce = _interopRequireDefault(require("../util/pkce"));
+
+var _factory = require("../factory");
+
+var _TokenManager = require("../TokenManager");
+
+var _util2 = require("../util");
+
+var _node = require("./node");
+
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+
+function mixinOAuth(Base, TransactionManagerConstructor) {
+  var _class;
+
+  const WithOriginalUri = (0, _node.provideOriginalUri)(Base);
+  return _class = class OktaAuthOAuth extends WithOriginalUri {
+    constructor(...args) {
+      super(...args);
+      this.transactionManager = new TransactionManagerConstructor(Object.assign({
+        storageManager: this.storageManager
+      }, this.options.transactionManager));
+      this.pkce = {
+        DEFAULT_CODE_CHALLENGE_METHOD: _pkce.default.DEFAULT_CODE_CHALLENGE_METHOD,
+        generateVerifier: _pkce.default.generateVerifier,
+        computeChallenge: _pkce.default.computeChallenge
+      };
+      this._pending = {
+        handleLogin: false
+      };
+      this._tokenQueue = new _util.PromiseQueue();
+      this.token = (0, _factory.createTokenAPI)(this, this._tokenQueue); // TokenManager
+
+      this.tokenManager = new _TokenManager.TokenManager(this, this.options.tokenManager);
+    } // inherited from subclass
+
+
+    clearStorage() {
+      super.clearStorage(); // Clear all local tokens
+
+      this.tokenManager.clear();
+    } // Returns true if both accessToken and idToken are not expired
+    // If `autoRenew` option is set, will attempt to renew expired tokens before returning.
+    // eslint-disable-next-line complexity
+
+
+    async isAuthenticated(options = {}) {
+      // TODO: remove dependency on tokenManager options in next major version - OKTA-473815
+      const {
+        autoRenew,
+        autoRemove
+      } = this.tokenManager.getOptions();
+      const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;
+      const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;
+      let {
+        accessToken
+      } = this.tokenManager.getTokensSync();
+
+      if (accessToken && this.tokenManager.hasExpired(accessToken)) {
+        accessToken = undefined;
+
+        if (shouldRenew) {
+          try {
+            accessToken = await this.tokenManager.renew('accessToken');
+          } catch {// Renew errors will emit an "error" event 
+          }
+        } else if (shouldRemove) {
+          this.tokenManager.remove('accessToken');
+        }
+      }
+
+      let {
+        idToken
+      } = this.tokenManager.getTokensSync();
+
+      if (idToken && this.tokenManager.hasExpired(idToken)) {
+        idToken = undefined;
+
+        if (shouldRenew) {
+          try {
+            idToken = await this.tokenManager.renew('idToken');
+          } catch {// Renew errors will emit an "error" event 
+          }
+        } else if (shouldRemove) {
+          this.tokenManager.remove('idToken');
+        }
+      }
+
+      return !!(accessToken && idToken);
+    }
+
+    async signInWithRedirect(opts = {}) {
+      const {
+        originalUri,
+        ...additionalParams
+      } = opts;
+
+      if (this._pending.handleLogin) {
+        // Don't trigger second round
+        return;
+      }
+
+      this._pending.handleLogin = true;
+
+      try {
+        // Trigger default signIn redirect flow
+        if (originalUri) {
+          this.setOriginalUri(originalUri);
+        }
+
+        const params = Object.assign({
+          // TODO: remove this line when default scopes are changed OKTA-343294
+          scopes: this.options.scopes || ['openid', 'email', 'profile']
+        }, additionalParams);
+        await this.token.getWithRedirect(params);
+      } finally {
+        this._pending.handleLogin = false;
+      }
+    }
+
+    async getUser() {
+      const {
+        idToken,
+        accessToken
+      } = this.tokenManager.getTokensSync();
+      return this.token.getUserInfo(accessToken, idToken);
+    }
+
+    getIdToken() {
+      const {
+        idToken
+      } = this.tokenManager.getTokensSync();
+      return idToken ? idToken.idToken : undefined;
+    }
+
+    getAccessToken() {
+      const {
+        accessToken
+      } = this.tokenManager.getTokensSync();
+      return accessToken ? accessToken.accessToken : undefined;
+    }
+
+    getRefreshToken() {
+      const {
+        refreshToken
+      } = this.tokenManager.getTokensSync();
+      return refreshToken ? refreshToken.refreshToken : undefined;
+    }
+    /**
+     * Store parsed tokens from redirect url
+     */
+
+
+    async storeTokensFromRedirect() {
+      const {
+        tokens
+      } = await this.token.parseFromUrl();
+      this.tokenManager.setTokens(tokens);
+    }
+
+    isLoginRedirect() {
+      return (0, _util2.isLoginRedirect)(this);
+    }
+
+    isPKCE() {
+      return !!this.options.pkce;
+    }
+
+    hasResponseType(responseType) {
+      let hasResponseType = false;
+
+      if (Array.isArray(this.options.responseType) && this.options.responseType.length) {
+        hasResponseType = this.options.responseType.indexOf(responseType) >= 0;
+      } else {
+        hasResponseType = this.options.responseType === responseType;
+      }
+
+      return hasResponseType;
+    }
+
+    isAuthorizationCodeFlow() {
+      return this.hasResponseType('code');
+    } // Escape hatch method to make arbitrary OKTA API call
+
+
+    async invokeApiMethod(options) {
+      if (!options.accessToken) {
+        const accessToken = (await this.tokenManager.getTokens()).accessToken;
+        options.accessToken = accessToken === null || accessToken === void 0 ? void 0 : accessToken.accessToken;
+      }
+
+      return (0, _http.httpRequest)(this, options);
+    } // Revokes the access token for the application session
+
+
+    async revokeAccessToken(accessToken) {
+      if (!accessToken) {
+        accessToken = (await this.tokenManager.getTokens()).accessToken;
+        const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');
+        this.tokenManager.remove(accessTokenKey);
+      } // Access token may have been removed. In this case, we will silently succeed.
+
+
+      if (!accessToken) {
+        return Promise.resolve(null);
+      }
+
+      return this.token.revoke(accessToken);
+    } // Revokes the refresh token for the application session
+
+
+    async revokeRefreshToken(refreshToken) {
+      if (!refreshToken) {
+        refreshToken = (await this.tokenManager.getTokens()).refreshToken;
+        const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');
+        this.tokenManager.remove(refreshTokenKey);
+      } // Refresh token may have been removed. In this case, we will silently succeed.
+
+
+      if (!refreshToken) {
+        return Promise.resolve(null);
+      }
+
+      return this.token.revoke(refreshToken);
+    }
+
+    getSignOutRedirectUrl(options = {}) {
+      let {
+        idToken,
+        postLogoutRedirectUri,
+        state
+      } = options;
+
+      if (!idToken) {
+        idToken = this.tokenManager.getTokensSync().idToken;
+      }
+
+      if (!idToken) {
+        return '';
+      }
+
+      if (!postLogoutRedirectUri) {
+        postLogoutRedirectUri = this.options.postLogoutRedirectUri;
+      }
+
+      const logoutUrl = (0, _util2.getOAuthUrls)(this).logoutUrl;
+      const idTokenHint = idToken.idToken; // a string
+
+      let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);
+
+      if (postLogoutRedirectUri) {
+        logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);
+      } // State allows option parameters to be passed to logout redirect uri
+
+
+      if (state) {
+        logoutUri += '&state=' + encodeURIComponent(state);
+      }
+
+      return logoutUri;
+    } // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.
+    // eslint-disable-next-line complexity
+
+
+    async signOut(options) {
+      options = Object.assign({}, options); // postLogoutRedirectUri must be whitelisted in Okta Admin UI
+
+      var defaultUri = window.location.origin;
+      var currentUri = window.location.href;
+      var postLogoutRedirectUri = options.postLogoutRedirectUri || this.options.postLogoutRedirectUri || defaultUri;
+      var accessToken = options.accessToken;
+      var refreshToken = options.refreshToken;
+      var revokeAccessToken = options.revokeAccessToken !== false;
+      var revokeRefreshToken = options.revokeRefreshToken !== false;
+
+      if (revokeRefreshToken && typeof refreshToken === 'undefined') {
+        refreshToken = this.tokenManager.getTokensSync().refreshToken;
+      }
+
+      if (revokeAccessToken && typeof accessToken === 'undefined') {
+        accessToken = this.tokenManager.getTokensSync().accessToken;
+      }
+
+      if (!options.idToken) {
+        options.idToken = this.tokenManager.getTokensSync().idToken;
+      }
+
+      if (revokeRefreshToken && refreshToken) {
+        await this.revokeRefreshToken(refreshToken);
+      }
+
+      if (revokeAccessToken && accessToken) {
+        await this.revokeAccessToken(accessToken);
+      }
+
+      const logoutUri = this.getSignOutRedirectUrl({ ...options,
+        postLogoutRedirectUri
+      }); // No logoutUri? This can happen if the storage was cleared.
+      // Fallback to XHR signOut, then simulate a redirect to the post logout uri
+
+      if (!logoutUri) {
+        // local tokens are cleared once session is closed
+        return this.closeSession() // can throw if the user cannot be signed out
+        .then(function () {
+          if (postLogoutRedirectUri === currentUri) {
+            window.location.reload(); // force a hard reload if URI is not changing
+          } else {
+            window.location.assign(postLogoutRedirectUri);
+          }
+        });
+      } else {
+        if (options.clearTokensBeforeRedirect) {
+          // Clear all local tokens
+          this.tokenManager.clear();
+        } else {
+          this.tokenManager.addPendingRemoveFlags();
+        } // Flow ends with logout redirect
+
+
+        window.location.assign(logoutUri);
+      }
+    }
+
+  }, (0, _defineProperty2.default)(_class, "crypto", crypto), _class;
+}
+//# sourceMappingURL=index.js.map

package/cjs/oidc/mixin/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","names":["mixinOAuth","Base","TransactionManagerConstructor","WithOriginalUri","provideOriginalUri","OktaAuthOAuth","constructor","args","transactionManager","Object","assign","storageManager","options","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","_pending","handleLogin","_tokenQueue","PromiseQueue","token","createTokenAPI","tokenManager","TokenManager","clearStorage","clear","isAuthenticated","autoRenew","autoRemove","getOptions","shouldRenew","onExpiredToken","shouldRemove","accessToken","getTokensSync","hasExpired","undefined","renew","remove","idToken","signInWithRedirect","opts","originalUri","additionalParams","setOriginalUri","params","scopes","getWithRedirect","getUser","getUserInfo","getIdToken","getAccessToken","getRefreshToken","refreshToken","storeTokensFromRedirect","tokens","parseFromUrl","setTokens","isLoginRedirect","isPKCE","hasResponseType","responseType","Array","isArray","length","indexOf","isAuthorizationCodeFlow","invokeApiMethod","getTokens","httpRequest","revokeAccessToken","accessTokenKey","getStorageKeyByType","Promise","resolve","revoke","revokeRefreshToken","refreshTokenKey","getSignOutRedirectUrl","postLogoutRedirectUri","state","logoutUrl","getOAuthUrls","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","window","location","origin","currentUri","href","closeSession","then","reload","clearTokensBeforeRedirect","addPendingRemoveFlags","crypto"],"sources":["../../../../lib/oidc/mixin/index.ts"],"sourcesContent":["import { httpRequest, RequestOptions } from '../../http';\nimport { OktaAuthConstructor } from '../../base/types';\nimport { \n  PromiseQueue,\n} from '../../util';\nimport { CryptoAPI } from '../../crypto/types';\nimport * as crypto from '../../crypto';\nimport {\n  AccessToken,\n  CustomUserClaims,\n  IDToken,\n  IsAuthenticatedOptions,\n  OAuthResponseType,\n  OAuthStorageManagerInterface,\n  OAuthTransactionMeta,\n  OktaAuthOAuthInterface,\n  OktaAuthOAuthOptions,\n  PkceAPI,\n  PKCETransactionMeta,\n  RefreshToken,\n  SigninWithRedirectOptions,\n  SignoutOptions,\n  SignoutRedirectUrlOptions,\n  TokenAPI,\n  TransactionManagerInterface,\n  TransactionManagerConstructor,\n  UserClaims,\n} from '../types';\nimport PKCE from '../util/pkce';\nimport { createTokenAPI } from '../factory';\nimport { TokenManager } from '../TokenManager';\nimport { getOAuthUrls, isLoginRedirect } from '../util';\n\nimport { OktaAuthSessionInterface } from '../../session/types';\nimport { provideOriginalUri } from './node';\nexport function mixinOAuth\n<\n  M extends OAuthTransactionMeta = PKCETransactionMeta,\n  S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n  O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n  TM extends TransactionManagerInterface = TransactionManagerInterface,\n  TBase extends OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n    = OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n>\n(\n  Base: TBase,\n  TransactionManagerConstructor: TransactionManagerConstructor<TM>,\n): TBase & OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n{\n  const WithOriginalUri = provideOriginalUri(Base);\n  return class OktaAuthOAuth extends WithOriginalUri\n  implements OktaAuthOAuthInterface<M, S, O, TM>\n  {\n    static crypto: CryptoAPI = crypto;\n    token: TokenAPI;\n    tokenManager: TokenManager;\n    transactionManager: TM;\n    pkce: PkceAPI;\n\n    _pending: { handleLogin: boolean };\n    _tokenQueue: PromiseQueue;\n    \n    constructor(...args: any[]) {\n      super(...args);\n\n      this.transactionManager = new TransactionManagerConstructor(Object.assign({\n        storageManager: this.storageManager,\n      }, this.options.transactionManager));\n  \n      this.pkce = {\n        DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n        generateVerifier: PKCE.generateVerifier,\n        computeChallenge: PKCE.computeChallenge\n      };\n  \n      this._pending = { handleLogin: false };\n\n      this._tokenQueue = new PromiseQueue();\n\n      this.token = createTokenAPI(this, this._tokenQueue);\n\n      // TokenManager\n      this.tokenManager = new TokenManager(this, this.options.tokenManager);\n    }\n\n    // inherited from subclass\n    clearStorage(): void {\n      super.clearStorage();\n      \n      // Clear all local tokens\n      this.tokenManager.clear();\n    }\n\n    // Returns true if both accessToken and idToken are not expired\n    // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n    // eslint-disable-next-line complexity\n    async isAuthenticated(options: IsAuthenticatedOptions = {}): Promise<boolean> {\n      // TODO: remove dependency on tokenManager options in next major version - OKTA-473815\n      const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n      const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;\n      const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;\n\n      let { accessToken } = this.tokenManager.getTokensSync();\n      if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n        accessToken = undefined;\n        if (shouldRenew) {\n          try {\n            accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n          } catch {\n            // Renew errors will emit an \"error\" event \n          }\n        } else if (shouldRemove) {\n          this.tokenManager.remove('accessToken');\n        }\n      }\n\n      let { idToken } = this.tokenManager.getTokensSync();\n      if (idToken && this.tokenManager.hasExpired(idToken)) {\n        idToken = undefined;\n        if (shouldRenew) {\n          try {\n            idToken = await this.tokenManager.renew('idToken') as IDToken;\n          } catch {\n            // Renew errors will emit an \"error\" event \n          }\n        } else if (shouldRemove) {\n          this.tokenManager.remove('idToken');\n        }\n      }\n\n      return !!(accessToken && idToken);\n    }\n\n\n    async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n      const { originalUri, ...additionalParams } = opts;\n      if(this._pending.handleLogin) { \n        // Don't trigger second round\n        return;\n      }\n\n      this._pending.handleLogin = true;\n      try {\n        // Trigger default signIn redirect flow\n        if (originalUri) {\n          this.setOriginalUri(originalUri);\n        }\n        const params = Object.assign({\n          // TODO: remove this line when default scopes are changed OKTA-343294\n          scopes: this.options.scopes || ['openid', 'email', 'profile']\n        }, additionalParams);\n        await this.token.getWithRedirect(params);\n      } finally {\n        this._pending.handleLogin = false;\n      }\n    }\n\n    async getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>> {\n      const { idToken, accessToken } = this.tokenManager.getTokensSync();\n      return this.token.getUserInfo(accessToken, idToken);\n    }\n  \n    getIdToken(): string | undefined {\n      const { idToken } = this.tokenManager.getTokensSync();\n      return idToken ? idToken.idToken : undefined;\n    }\n  \n    getAccessToken(): string | undefined {\n      const { accessToken } = this.tokenManager.getTokensSync();\n      return accessToken ? accessToken.accessToken : undefined;\n    }\n  \n    getRefreshToken(): string | undefined {\n      const { refreshToken } = this.tokenManager.getTokensSync();\n      return refreshToken ? refreshToken.refreshToken : undefined;\n    }\n  \n    /**\n     * Store parsed tokens from redirect url\n     */\n    async storeTokensFromRedirect(): Promise<void> {\n      const { tokens } = await this.token.parseFromUrl();\n      this.tokenManager.setTokens(tokens);\n    }\n  \n    isLoginRedirect(): boolean {\n      return isLoginRedirect(this);\n    }\n\n  \n    isPKCE(): boolean {\n      return !!this.options.pkce;\n    }\n  \n    hasResponseType(responseType: OAuthResponseType): boolean {\n      let hasResponseType = false;\n      if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n        hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n      } else {\n        hasResponseType = this.options.responseType === responseType;\n      }\n      return hasResponseType;\n    }\n  \n    isAuthorizationCodeFlow(): boolean {\n      return this.hasResponseType('code');\n    }\n\n    // Escape hatch method to make arbitrary OKTA API call\n    async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n      if (!options.accessToken) {\n        const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n        options.accessToken = accessToken?.accessToken;\n      }\n      return httpRequest(this, options);\n    }\n    \n    // Revokes the access token for the application session\n    async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n      if (!accessToken) {\n        accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n        const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n        this.tokenManager.remove(accessTokenKey);\n      }\n      // Access token may have been removed. In this case, we will silently succeed.\n      if (!accessToken) {\n        return Promise.resolve(null);\n      }\n      return this.token.revoke(accessToken);\n    }\n\n    // Revokes the refresh token for the application session\n    async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n      if (!refreshToken) {\n        refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n        const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n        this.tokenManager.remove(refreshTokenKey);\n      }\n      // Refresh token may have been removed. In this case, we will silently succeed.\n      if (!refreshToken) {\n        return Promise.resolve(null);\n      }\n      return this.token.revoke(refreshToken);\n    }\n\n    getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n      let {\n        idToken,\n        postLogoutRedirectUri,\n        state,\n      } = options;\n      if (!idToken) {\n        idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n      }\n      if (!idToken) {\n        return '';\n      }\n      if (!postLogoutRedirectUri) {\n        postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n      }\n\n      const logoutUrl = getOAuthUrls(this).logoutUrl;\n      const idTokenHint = idToken.idToken; // a string\n      let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n      if (postLogoutRedirectUri) {\n        logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n      } \n      // State allows option parameters to be passed to logout redirect uri\n      if (state) {\n        logoutUri += '&state=' + encodeURIComponent(state);\n      }\n\n      return logoutUri;\n    }\n\n    // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n    // eslint-disable-next-line complexity\n    async signOut(options?: SignoutOptions): Promise<void> {\n      options = Object.assign({}, options);\n    \n      // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n      var defaultUri = window.location.origin;\n      var currentUri = window.location.href;\n      var postLogoutRedirectUri = options.postLogoutRedirectUri\n        || this.options.postLogoutRedirectUri\n        || defaultUri;\n    \n      var accessToken = options.accessToken;\n      var refreshToken = options.refreshToken;\n      var revokeAccessToken = options.revokeAccessToken !== false;\n      var revokeRefreshToken = options.revokeRefreshToken !== false;\n    \n      if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n        refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n      }\n\n      if (revokeAccessToken && typeof accessToken === 'undefined') {\n        accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n      }\n    \n      if (!options.idToken) {\n        options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n      }\n\n      if (revokeRefreshToken && refreshToken) {\n        await this.revokeRefreshToken(refreshToken);\n      }\n\n      if (revokeAccessToken && accessToken) {\n        await this.revokeAccessToken(accessToken);\n      }\n\n      const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n      // No logoutUri? This can happen if the storage was cleared.\n      // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n      if (!logoutUri) {\n        // local tokens are cleared once session is closed\n        return this.closeSession() // can throw if the user cannot be signed out\n        .then(function() {\n          if (postLogoutRedirectUri === currentUri) {\n            window.location.reload(); // force a hard reload if URI is not changing\n          } else {\n            window.location.assign(postLogoutRedirectUri);\n          }\n        });\n      } else {\n        if (options.clearTokensBeforeRedirect) {\n          // Clear all local tokens\n          this.tokenManager.clear();\n        } else {\n          this.tokenManager.addPendingRemoveFlags();\n        }\n        // Flow ends with logout redirect\n        window.location.assign(logoutUri);\n      }\n    }\n\n  };\n\n}\n"],"mappings":";;;;;;;;AAAA;;AAEA;;AAIA;;AAsBA;;AACA;;AACA;;AACA;;AAGA;;;;;;AACO,SAASA,UAAT,CAULC,IAVK,EAWLC,6BAXK,EAaP;EAAA;;EACE,MAAMC,eAAe,GAAG,IAAAC,wBAAA,EAAmBH,IAAnB,CAAxB;EACA,gBAAO,MAAMI,aAAN,SAA4BF,eAA5B,CAEP;IAUEG,WAAW,CAAC,GAAGC,IAAJ,EAAiB;MAC1B,MAAM,GAAGA,IAAT;MAEA,KAAKC,kBAAL,GAA0B,IAAIN,6BAAJ,CAAkCO,MAAM,CAACC,MAAP,CAAc;QACxEC,cAAc,EAAE,KAAKA;MADmD,CAAd,EAEzD,KAAKC,OAAL,CAAaJ,kBAF4C,CAAlC,CAA1B;MAIA,KAAKK,IAAL,GAAY;QACVC,6BAA6B,EAAEC,aAAA,CAAKD,6BAD1B;QAEVE,gBAAgB,EAAED,aAAA,CAAKC,gBAFb;QAGVC,gBAAgB,EAAEF,aAAA,CAAKE;MAHb,CAAZ;MAMA,KAAKC,QAAL,GAAgB;QAAEC,WAAW,EAAE;MAAf,CAAhB;MAEA,KAAKC,WAAL,GAAmB,IAAIC,kBAAJ,EAAnB;MAEA,KAAKC,KAAL,GAAa,IAAAC,uBAAA,EAAe,IAAf,EAAqB,KAAKH,WAA1B,CAAb,CAjB0B,CAmB1B;;MACA,KAAKI,YAAL,GAAoB,IAAIC,0BAAJ,CAAiB,IAAjB,EAAuB,KAAKb,OAAL,CAAaY,YAApC,CAApB;IACD,CA/BH,CAiCE;;;IACAE,YAAY,GAAS;MACnB,MAAMA,YAAN,GADmB,CAGnB;;MACA,KAAKF,YAAL,CAAkBG,KAAlB;IACD,CAvCH,CAyCE;IACA;IACA;;;IACqB,MAAfC,eAAe,CAAChB,OAA+B,GAAG,EAAnC,EAAyD;MAC5E;MACA,MAAM;QAAEiB,SAAF;QAAaC;MAAb,IAA4B,KAAKN,YAAL,CAAkBO,UAAlB,EAAlC;MAEA,MAAMC,WAAW,GAAGpB,OAAO,CAACqB,cAAR,GAAyBrB,OAAO,CAACqB,cAAR,KAA2B,OAApD,GAA8DJ,SAAlF;MACA,MAAMK,YAAY,GAAGtB,OAAO,CAACqB,cAAR,GAAyBrB,OAAO,CAACqB,cAAR,KAA2B,QAApD,GAA+DH,UAApF;MAEA,IAAI;QAAEK;MAAF,IAAkB,KAAKX,YAAL,CAAkBY,aAAlB,EAAtB;;MACA,IAAID,WAAW,IAAI,KAAKX,YAAL,CAAkBa,UAAlB,CAA6BF,WAA7B,CAAnB,EAA8D;QAC5DA,WAAW,GAAGG,SAAd;;QACA,IAAIN,WAAJ,EAAiB;UACf,IAAI;YACFG,WAAW,GAAG,MAAM,KAAKX,YAAL,CAAkBe,KAAlB,CAAwB,aAAxB,CAApB;UACD,CAFD,CAEE,MAAM,CACN;UACD;QACF,CAND,MAMO,IAAIL,YAAJ,EAAkB;UACvB,KAAKV,YAAL,CAAkBgB,MAAlB,CAAyB,aAAzB;QACD;MACF;;MAED,IAAI;QAAEC;MAAF,IAAc,KAAKjB,YAAL,CAAkBY,aAAlB,EAAlB;;MACA,IAAIK,OAAO,IAAI,KAAKjB,YAAL,CAAkBa,UAAlB,CAA6BI,OAA7B,CAAf,EAAsD;QACpDA,OAAO,GAAGH,SAAV;;QACA,IAAIN,WAAJ,EAAiB;UACf,IAAI;YACFS,OAAO,GAAG,MAAM,KAAKjB,YAAL,CAAkBe,KAAlB,CAAwB,SAAxB,CAAhB;UACD,CAFD,CAEE,MAAM,CACN;UACD;QACF,CAND,MAMO,IAAIL,YAAJ,EAAkB;UACvB,KAAKV,YAAL,CAAkBgB,MAAlB,CAAyB,SAAzB;QACD;MACF;;MAED,OAAO,CAAC,EAAEL,WAAW,IAAIM,OAAjB,CAAR;IACD;;IAGuB,MAAlBC,kBAAkB,CAACC,IAA+B,GAAG,EAAnC,EAAuC;MAC7D,MAAM;QAAEC,WAAF;QAAe,GAAGC;MAAlB,IAAuCF,IAA7C;;MACA,IAAG,KAAKzB,QAAL,CAAcC,WAAjB,EAA8B;QAC5B;QACA;MACD;;MAED,KAAKD,QAAL,CAAcC,WAAd,GAA4B,IAA5B;;MACA,IAAI;QACF;QACA,IAAIyB,WAAJ,EAAiB;UACf,KAAKE,cAAL,CAAoBF,WAApB;QACD;;QACD,MAAMG,MAAM,GAAGtC,MAAM,CAACC,MAAP,CAAc;UAC3B;UACAsC,MAAM,EAAE,KAAKpC,OAAL,CAAaoC,MAAb,IAAuB,CAAC,QAAD,EAAW,OAAX,EAAoB,SAApB;QAFJ,CAAd,EAGZH,gBAHY,CAAf;QAIA,MAAM,KAAKvB,KAAL,CAAW2B,eAAX,CAA2BF,MAA3B,CAAN;MACD,CAVD,SAUU;QACR,KAAK7B,QAAL,CAAcC,WAAd,GAA4B,KAA5B;MACD;IACF;;IAEY,MAAP+B,OAAO,GAA0E;MACrF,MAAM;QAAET,OAAF;QAAWN;MAAX,IAA2B,KAAKX,YAAL,CAAkBY,aAAlB,EAAjC;MACA,OAAO,KAAKd,KAAL,CAAW6B,WAAX,CAAuBhB,WAAvB,EAAoCM,OAApC,CAAP;IACD;;IAEDW,UAAU,GAAuB;MAC/B,MAAM;QAAEX;MAAF,IAAc,KAAKjB,YAAL,CAAkBY,aAAlB,EAApB;MACA,OAAOK,OAAO,GAAGA,OAAO,CAACA,OAAX,GAAqBH,SAAnC;IACD;;IAEDe,cAAc,GAAuB;MACnC,MAAM;QAAElB;MAAF,IAAkB,KAAKX,YAAL,CAAkBY,aAAlB,EAAxB;MACA,OAAOD,WAAW,GAAGA,WAAW,CAACA,WAAf,GAA6BG,SAA/C;IACD;;IAEDgB,eAAe,GAAuB;MACpC,MAAM;QAAEC;MAAF,IAAmB,KAAK/B,YAAL,CAAkBY,aAAlB,EAAzB;MACA,OAAOmB,YAAY,GAAGA,YAAY,CAACA,YAAhB,GAA+BjB,SAAlD;IACD;IAED;AACJ;AACA;;;IACiC,MAAvBkB,uBAAuB,GAAkB;MAC7C,MAAM;QAAEC;MAAF,IAAa,MAAM,KAAKnC,KAAL,CAAWoC,YAAX,EAAzB;MACA,KAAKlC,YAAL,CAAkBmC,SAAlB,CAA4BF,MAA5B;IACD;;IAEDG,eAAe,GAAY;MACzB,OAAO,IAAAA,sBAAA,EAAgB,IAAhB,CAAP;IACD;;IAGDC,MAAM,GAAY;MAChB,OAAO,CAAC,CAAC,KAAKjD,OAAL,CAAaC,IAAtB;IACD;;IAEDiD,eAAe,CAACC,YAAD,EAA2C;MACxD,IAAID,eAAe,GAAG,KAAtB;;MACA,IAAIE,KAAK,CAACC,OAAN,CAAc,KAAKrD,OAAL,CAAamD,YAA3B,KAA4C,KAAKnD,OAAL,CAAamD,YAAb,CAA0BG,MAA1E,EAAkF;QAChFJ,eAAe,GAAG,KAAKlD,OAAL,CAAamD,YAAb,CAA0BI,OAA1B,CAAkCJ,YAAlC,KAAmD,CAArE;MACD,CAFD,MAEO;QACLD,eAAe,GAAG,KAAKlD,OAAL,CAAamD,YAAb,KAA8BA,YAAhD;MACD;;MACD,OAAOD,eAAP;IACD;;IAEDM,uBAAuB,GAAY;MACjC,OAAO,KAAKN,eAAL,CAAqB,MAArB,CAAP;IACD,CA3JH,CA6JE;;;IACqB,MAAfO,eAAe,CAACzD,OAAD,EAA4C;MAC/D,IAAI,CAACA,OAAO,CAACuB,WAAb,EAA0B;QACxB,MAAMA,WAAW,GAAG,CAAC,MAAM,KAAKX,YAAL,CAAkB8C,SAAlB,EAAP,EAAsCnC,WAA1D;QACAvB,OAAO,CAACuB,WAAR,GAAsBA,WAAtB,aAAsBA,WAAtB,uBAAsBA,WAAW,CAAEA,WAAnC;MACD;;MACD,OAAO,IAAAoC,iBAAA,EAAY,IAAZ,EAAkB3D,OAAlB,CAAP;IACD,CApKH,CAsKE;;;IACuB,MAAjB4D,iBAAiB,CAACrC,WAAD,EAA8C;MACnE,IAAI,CAACA,WAAL,EAAkB;QAChBA,WAAW,GAAG,CAAC,MAAM,KAAKX,YAAL,CAAkB8C,SAAlB,EAAP,EAAsCnC,WAApD;QACA,MAAMsC,cAAc,GAAG,KAAKjD,YAAL,CAAkBkD,mBAAlB,CAAsC,aAAtC,CAAvB;QACA,KAAKlD,YAAL,CAAkBgB,MAAlB,CAAyBiC,cAAzB;MACD,CALkE,CAMnE;;;MACA,IAAI,CAACtC,WAAL,EAAkB;QAChB,OAAOwC,OAAO,CAACC,OAAR,CAAgB,IAAhB,CAAP;MACD;;MACD,OAAO,KAAKtD,KAAL,CAAWuD,MAAX,CAAkB1C,WAAlB,CAAP;IACD,CAlLH,CAoLE;;;IACwB,MAAlB2C,kBAAkB,CAACvB,YAAD,EAAgD;MACtE,IAAI,CAACA,YAAL,EAAmB;QACjBA,YAAY,GAAG,CAAC,MAAM,KAAK/B,YAAL,CAAkB8C,SAAlB,EAAP,EAAsCf,YAArD;QACA,MAAMwB,eAAe,GAAG,KAAKvD,YAAL,CAAkBkD,mBAAlB,CAAsC,cAAtC,CAAxB;QACA,KAAKlD,YAAL,CAAkBgB,MAAlB,CAAyBuC,eAAzB;MACD,CALqE,CAMtE;;;MACA,IAAI,CAACxB,YAAL,EAAmB;QACjB,OAAOoB,OAAO,CAACC,OAAR,CAAgB,IAAhB,CAAP;MACD;;MACD,OAAO,KAAKtD,KAAL,CAAWuD,MAAX,CAAkBtB,YAAlB,CAAP;IACD;;IAEDyB,qBAAqB,CAACpE,OAAkC,GAAG,EAAtC,EAA0C;MAC7D,IAAI;QACF6B,OADE;QAEFwC,qBAFE;QAGFC;MAHE,IAIAtE,OAJJ;;MAKA,IAAI,CAAC6B,OAAL,EAAc;QACZA,OAAO,GAAG,KAAKjB,YAAL,CAAkBY,aAAlB,GAAkCK,OAA5C;MACD;;MACD,IAAI,CAACA,OAAL,EAAc;QACZ,OAAO,EAAP;MACD;;MACD,IAAI,CAACwC,qBAAL,EAA4B;QAC1BA,qBAAqB,GAAG,KAAKrE,OAAL,CAAaqE,qBAArC;MACD;;MAED,MAAME,SAAS,GAAG,IAAAC,mBAAA,EAAa,IAAb,EAAmBD,SAArC;MACA,MAAME,WAAW,GAAG5C,OAAO,CAACA,OAA5B,CAjB6D,CAiBxB;;MACrC,IAAI6C,SAAS,GAAGH,SAAS,GAAG,iBAAZ,GAAgCI,kBAAkB,CAACF,WAAD,CAAlE;;MACA,IAAIJ,qBAAJ,EAA2B;QACzBK,SAAS,IAAI,+BAA+BC,kBAAkB,CAACN,qBAAD,CAA9D;MACD,CArB4D,CAsB7D;;;MACA,IAAIC,KAAJ,EAAW;QACTI,SAAS,IAAI,YAAYC,kBAAkB,CAACL,KAAD,CAA3C;MACD;;MAED,OAAOI,SAAP;IACD,CA9NH,CAgOE;IACA;;;IACa,MAAPE,OAAO,CAAC5E,OAAD,EAA0C;MACrDA,OAAO,GAAGH,MAAM,CAACC,MAAP,CAAc,EAAd,EAAkBE,OAAlB,CAAV,CADqD,CAGrD;;MACA,IAAI6E,UAAU,GAAGC,MAAM,CAACC,QAAP,CAAgBC,MAAjC;MACA,IAAIC,UAAU,GAAGH,MAAM,CAACC,QAAP,CAAgBG,IAAjC;MACA,IAAIb,qBAAqB,GAAGrE,OAAO,CAACqE,qBAAR,IACvB,KAAKrE,OAAL,CAAaqE,qBADU,IAEvBQ,UAFL;MAIA,IAAItD,WAAW,GAAGvB,OAAO,CAACuB,WAA1B;MACA,IAAIoB,YAAY,GAAG3C,OAAO,CAAC2C,YAA3B;MACA,IAAIiB,iBAAiB,GAAG5D,OAAO,CAAC4D,iBAAR,KAA8B,KAAtD;MACA,IAAIM,kBAAkB,GAAGlE,OAAO,CAACkE,kBAAR,KAA+B,KAAxD;;MAEA,IAAIA,kBAAkB,IAAI,OAAOvB,YAAP,KAAwB,WAAlD,EAA+D;QAC7DA,YAAY,GAAG,KAAK/B,YAAL,CAAkBY,aAAlB,GAAkCmB,YAAjD;MACD;;MAED,IAAIiB,iBAAiB,IAAI,OAAOrC,WAAP,KAAuB,WAAhD,EAA6D;QAC3DA,WAAW,GAAG,KAAKX,YAAL,CAAkBY,aAAlB,GAAkCD,WAAhD;MACD;;MAED,IAAI,CAACvB,OAAO,CAAC6B,OAAb,EAAsB;QACpB7B,OAAO,CAAC6B,OAAR,GAAkB,KAAKjB,YAAL,CAAkBY,aAAlB,GAAkCK,OAApD;MACD;;MAED,IAAIqC,kBAAkB,IAAIvB,YAA1B,EAAwC;QACtC,MAAM,KAAKuB,kBAAL,CAAwBvB,YAAxB,CAAN;MACD;;MAED,IAAIiB,iBAAiB,IAAIrC,WAAzB,EAAsC;QACpC,MAAM,KAAKqC,iBAAL,CAAuBrC,WAAvB,CAAN;MACD;;MAED,MAAMmD,SAAS,GAAG,KAAKN,qBAAL,CAA2B,EAAE,GAAGpE,OAAL;QAAcqE;MAAd,CAA3B,CAAlB,CAnCqD,CAoCrD;MACA;;MACA,IAAI,CAACK,SAAL,EAAgB;QACd;QACA,OAAO,KAAKS,YAAL,GAAoB;QAApB,CACNC,IADM,CACD,YAAW;UACf,IAAIf,qBAAqB,KAAKY,UAA9B,EAA0C;YACxCH,MAAM,CAACC,QAAP,CAAgBM,MAAhB,GADwC,CACd;UAC3B,CAFD,MAEO;YACLP,MAAM,CAACC,QAAP,CAAgBjF,MAAhB,CAAuBuE,qBAAvB;UACD;QACF,CAPM,CAAP;MAQD,CAVD,MAUO;QACL,IAAIrE,OAAO,CAACsF,yBAAZ,EAAuC;UACrC;UACA,KAAK1E,YAAL,CAAkBG,KAAlB;QACD,CAHD,MAGO;UACL,KAAKH,YAAL,CAAkB2E,qBAAlB;QACD,CANI,CAOL;;;QACAT,MAAM,CAACC,QAAP,CAAgBjF,MAAhB,CAAuB4E,SAAvB;MACD;IACF;;EA5RH,CAFA,kDAG6Bc,MAH7B;AAkSD"}

package/cjs/oidc/mixin/node.js

@@ -0,0 +1,44 @@
+"use strict";
+
+exports.provideOriginalUri = provideOriginalUri;
+
+function provideOriginalUri(BaseClass) //: TBase & OktaAuthConstructor<O, I & OriginalUriApi>
+{
+  return class NodeOriginalUri extends BaseClass {
+    setOriginalUri(originalUri, state) {
+      // to support multi-tab flows, set a state in constructor or pass as param
+      state = state || this.options.state;
+
+      if (state) {
+        const sharedStorage = this.storageManager.getOriginalUriStorage();
+        sharedStorage.setItem(state, originalUri);
+      }
+    }
+
+    getOriginalUri(state) {
+      // Prefer shared storage (if state is available)
+      state = state || this.options.state;
+
+      if (state) {
+        const sharedStorage = this.storageManager.getOriginalUriStorage();
+        const originalUri = sharedStorage.getItem(state);
+
+        if (originalUri) {
+          return originalUri;
+        }
+      }
+    }
+
+    removeOriginalUri(state) {
+      // remove from shared storage
+      state = state || this.options.state;
+
+      if (state) {
+        const sharedStorage = this.storageManager.getOriginalUriStorage();
+        sharedStorage.removeItem && sharedStorage.removeItem(state);
+      }
+    }
+
+  };
+}
+//# sourceMappingURL=node.js.map

package/cjs/oidc/mixin/node.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"node.js","names":["provideOriginalUri","BaseClass","NodeOriginalUri","setOriginalUri","originalUri","state","options","sharedStorage","storageManager","getOriginalUriStorage","setItem","getOriginalUri","getItem","removeOriginalUri","removeItem"],"sources":["../../../../lib/oidc/mixin/node.ts"],"sourcesContent":["\nimport { OktaAuthStorageInterface } from '../../storage';\nimport { OktaAuthConstructor } from '../../base';\nimport {\n  OAuthStorageManagerInterface,\n  OAuthTransactionMeta,\n  OktaAuthOAuthOptions,\n  OriginalUriApi,\n  PKCETransactionMeta,\n} from '../types';\n\nexport function provideOriginalUri\n<\n  M extends OAuthTransactionMeta = PKCETransactionMeta,\n  S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n  O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n  TBase extends OktaAuthConstructor<OktaAuthStorageInterface<S, O>>\n    = OktaAuthConstructor<OktaAuthStorageInterface<S, O>> \n>\n(BaseClass: TBase) //: TBase & OktaAuthConstructor<O, I & OriginalUriApi>\n{\n  return class NodeOriginalUri extends BaseClass implements OriginalUriApi {\n    setOriginalUri(originalUri: string, state?: string): void {\n      // to support multi-tab flows, set a state in constructor or pass as param\n      state = state || this.options.state;\n      if (state) {\n        const sharedStorage = this.storageManager.getOriginalUriStorage();\n        sharedStorage.setItem(state, originalUri);\n      }\n    }\n  \n    getOriginalUri(state?: string): string | undefined {\n      // Prefer shared storage (if state is available)\n      state = state || this.options.state;\n      if (state) {\n        const sharedStorage = this.storageManager.getOriginalUriStorage();\n        const originalUri = sharedStorage.getItem(state);\n        if (originalUri) {\n          return originalUri;\n        }\n      }\n    }\n  \n    removeOriginalUri(state?: string): void {\n      // remove from shared storage\n      state = state || this.options.state;\n      if (state) {\n        const sharedStorage = this.storageManager.getOriginalUriStorage();\n        sharedStorage.removeItem && sharedStorage.removeItem(state);\n      }\n    }\n  };\n}\n"],"mappings":";;;;AAWO,SAASA,kBAAT,CAQNC,SARM,EAQY;AACnB;EACE,OAAO,MAAMC,eAAN,SAA8BD,SAA9B,CAAkE;IACvEE,cAAc,CAACC,WAAD,EAAsBC,KAAtB,EAA4C;MACxD;MACAA,KAAK,GAAGA,KAAK,IAAI,KAAKC,OAAL,CAAaD,KAA9B;;MACA,IAAIA,KAAJ,EAAW;QACT,MAAME,aAAa,GAAG,KAAKC,cAAL,CAAoBC,qBAApB,EAAtB;QACAF,aAAa,CAACG,OAAd,CAAsBL,KAAtB,EAA6BD,WAA7B;MACD;IACF;;IAEDO,cAAc,CAACN,KAAD,EAAqC;MACjD;MACAA,KAAK,GAAGA,KAAK,IAAI,KAAKC,OAAL,CAAaD,KAA9B;;MACA,IAAIA,KAAJ,EAAW;QACT,MAAME,aAAa,GAAG,KAAKC,cAAL,CAAoBC,qBAApB,EAAtB;QACA,MAAML,WAAW,GAAGG,aAAa,CAACK,OAAd,CAAsBP,KAAtB,CAApB;;QACA,IAAID,WAAJ,EAAiB;UACf,OAAOA,WAAP;QACD;MACF;IACF;;IAEDS,iBAAiB,CAACR,KAAD,EAAuB;MACtC;MACAA,KAAK,GAAGA,KAAK,IAAI,KAAKC,OAAL,CAAaD,KAA9B;;MACA,IAAIA,KAAJ,EAAW;QACT,MAAME,aAAa,GAAG,KAAKC,cAAL,CAAoBC,qBAApB,EAAtB;QACAF,aAAa,CAACO,UAAd,IAA4BP,aAAa,CAACO,UAAd,CAAyBT,KAAzB,CAA5B;MACD;IACF;;EA7BsE,CAAzE;AA+BD"}