@okta/okta-auth-js 7.1.0 → 7.2.0

package/types/lib/idx/types/idx-js.d.ts

@@ -82,6 +82,7 @@ export interface IdxAuthenticator {
     resend?: Record<string, unknown>;
     poll?: Record<string, unknown>;
     recover?: Record<string, unknown>;
+    deviceKnown?: boolean;
 }
 export interface IdxForm {
     value: IdxRemediationValue[];
@@ -146,6 +147,10 @@ export interface IdxContext {
         type: string;
         value: IdxAuthenticator;
     };
+    currentAuthenticatorEnrollment: {
+        type: string;
+        value: IdxAuthenticator;
+    };
     authenticators: {
         type: string;
         value: IdxAuthenticator[];
@@ -162,6 +167,7 @@ export interface IdxContext {
         type: string;
         value: Record<string, unknown>;
     };
+    uiDisplay?: IdxContextUIDisplay;
     app: {
         type: string;
         value: Record<string, unknown>;
@@ -170,6 +176,13 @@ export interface IdxContext {
     success?: IdxRemediation;
     failure?: IdxRemediation;
 }
+export interface IdxContextUIDisplay {
+    type: string;
+    value: {
+        label?: string;
+        buttonLabel?: string;
+    };
+}
 export interface IdxMessage {
     message: string;
     class: string;

package/types/lib/idx/types/index.d.ts

@@ -11,7 +11,7 @@
  */
 export * from './api';
 export * from './options';
-export type { IdxMessage, IdxMessages, ChallengeData, ActivationData, IdxResponse, IdxContext, RawIdxResponse, IdxRemediation, IdxAuthenticator, IdxActionParams, } from './idx-js';
+export type { IdxMessage, IdxMessages, ChallengeData, ActivationData, IdxResponse, IdxContext, RawIdxResponse, IdxRemediation, IdxAuthenticator, IdxActionParams, IdxContextUIDisplay, } from './idx-js';
 export * from './meta';
 export type { FlowIdentifier } from './FlowIdentifier';
 export type { WebauthnEnrollValues } from '../authenticator/WebauthnEnrollment';

package/types/lib/idx/webauthn.d.ts

@@ -9,13 +9,7 @@
  *
  * See the License for the specific language governing permissions and limitations under the License.
  */
-import { ActivationData, ChallengeData, IdxAuthenticator, WebauthnEnrollValues, WebauthnVerificationValues } from './types';
-export interface WebauthnAPI {
-    getAssertion(credential: PublicKeyCredential): WebauthnVerificationValues;
-    getAttestation(credential: PublicKeyCredential): WebauthnEnrollValues;
-    buildCredentialRequestOptions(challengeData: ChallengeData, authenticatorEnrollments: IdxAuthenticator[]): CredentialRequestOptions;
-    buildCredentialCreationOptions(activationData: ActivationData, authenticatorEnrollments: IdxAuthenticator[]): CredentialCreationOptions;
-}
+import { ActivationData, ChallengeData, IdxAuthenticator } from './types';
 export declare const buildCredentialCreationOptions: (activationData: ActivationData, authenticatorEnrollments: IdxAuthenticator[]) => CredentialCreationOptions;
 export declare const buildCredentialRequestOptions: (challengeData: ChallengeData, authenticatorEnrollments: IdxAuthenticator[]) => CredentialRequestOptions;
 export declare const getAttestation: (credential: PublicKeyCredential) => {

package/types/lib/myaccount/api.d.ts

@@ -12,3 +12,4 @@
 export * from './profileApi';
 export * from './emailApi';
 export * from './phoneApi';
+export * from './passwordApi';

package/types/lib/myaccount/emailApi.d.ts

@@ -1,29 +1,29 @@
 import { IAPIFunction, BaseTransaction, EmailTransaction, EmailChallengeTransaction } from './types';
 /**
- * @scope: okta.myaccount.email.read
+ * @scope: okta.myAccount.email.read
  */
 export declare const getEmails: IAPIFunction<EmailTransaction[]>;
 /**
- * @scope: okta.myaccount.email.read
+ * @scope: okta.myAccount.email.read
  */
 export declare const getEmail: IAPIFunction<EmailTransaction>;
 /**
- * @scope: okta.myaccount.email.manage
+ * @scope: okta.myAccount.email.manage
  */
 export declare const addEmail: IAPIFunction<EmailTransaction>;
 /**
- * @scope: okta.myaccount.email.manage
+ * @scope: okta.myAccount.email.manage
  */
 export declare const deleteEmail: IAPIFunction<BaseTransaction>;
 /**
- * @scope: okta.myaccount.email.read
+ * @scope: okta.myAccount.email.read
  */
 export declare const sendEmailChallenge: IAPIFunction<EmailChallengeTransaction>;
 /**
- * @scope: okta.myaccount.email.read
+ * @scope: okta.myAccount.email.read
  */
 export declare const getEmailChallenge: IAPIFunction<EmailChallengeTransaction>;
 /**
- * @scope: okta.myaccount.email.manage
+ * @scope: okta.myAccount.email.manage
  */
 export declare const verifyEmailChallenge: IAPIFunction<BaseTransaction>;

package/types/lib/myaccount/passwordApi.d.ts

@@ -0,0 +1,17 @@
+import { IAPIFunction, BaseTransaction, PasswordTransaction } from './types';
+/**
+ * @scope: okta.myAccount.password.read
+ */
+export declare const getPassword: IAPIFunction<PasswordTransaction>;
+/**
+ * @scope: okta.myAccount.password.manage
+ */
+export declare const enrollPassword: IAPIFunction<PasswordTransaction>;
+/**
+ * @scope: okta.myAccount.password.manage
+ */
+export declare const updatePassword: IAPIFunction<PasswordTransaction>;
+/**
+ * @scope: okta.myAccount.password.manage
+ */
+export declare const deletePassword: IAPIFunction<BaseTransaction>;

package/types/lib/myaccount/phoneApi.d.ts

@@ -1,25 +1,25 @@
 import { IAPIFunction, BaseTransaction, PhoneTransaction } from './types';
 /**
- * @scope: okta.myaccount.phone.read
+ * @scope: okta.myAccount.phone.read
  */
 export declare const getPhones: IAPIFunction<PhoneTransaction[]>;
 /**
- * @scope: okta.myaccount.phone.read
+ * @scope: okta.myAccount.phone.read
  */
 export declare const getPhone: IAPIFunction<PhoneTransaction>;
 /**
- * @scope: okta.myaccount.phone.manage
+ * @scope: okta.myAccount.phone.manage
  */
 export declare const addPhone: IAPIFunction<PhoneTransaction>;
 /**
- * @scope: okta.myaccount.phone.manage
+ * @scope: okta.myAccount.phone.manage
  */
 export declare const deletePhone: IAPIFunction<BaseTransaction>;
 /**
- * @scope: okta.myaccount.phone.manage
+ * @scope: okta.myAccount.phone.manage
  */
 export declare const sendPhoneChallenge: IAPIFunction<BaseTransaction>;
 /**
- * @scope: okta.myaccount.phone.manage
+ * @scope: okta.myAccount.phone.manage
  */
 export declare const verifyPhoneChallenge: IAPIFunction<BaseTransaction>;

package/types/lib/myaccount/profileApi.d.ts

@@ -1,13 +1,13 @@
 import { IAPIFunction, ProfileTransaction, ProfileSchemaTransaction } from './types';
 /**
- * @scope: okta.myaccount.profile.read
+ * @scope: okta.myAccount.profile.read
  */
 export declare const getProfile: IAPIFunction<ProfileTransaction>;
 /**
- * @scope: okta.myaccount.profile.manage
+ * @scope: okta.myAccount.profile.manage
  */
 export declare const updateProfile: IAPIFunction<ProfileTransaction>;
 /**
- * @scope: okta.myaccount.profile.read
+ * @scope: okta.myAccount.profile.read
  */
 export declare const getProfileSchema: IAPIFunction<ProfileSchemaTransaction>;

package/types/lib/myaccount/transactions/PasswordTransaction.d.ts

@@ -0,0 +1,13 @@
+import { EnrollPasswordPayload, UpdatePasswordPayload, PasswordStatus } from '../types';
+import BaseTransaction from './Base';
+export default class PasswordTransaction extends BaseTransaction {
+    id: string;
+    created: string;
+    lastUpdated: string;
+    status: PasswordStatus;
+    get?: () => Promise<PasswordTransaction>;
+    enroll?: (payload: EnrollPasswordPayload) => Promise<PasswordTransaction>;
+    update?: (payload: UpdatePasswordPayload) => Promise<PasswordTransaction>;
+    delete?: () => Promise<BaseTransaction>;
+    constructor(oktaAuth: any, options: any);
+}

package/types/lib/myaccount/transactions/index.d.ts

@@ -4,4 +4,5 @@ export { default as EmailTransaction } from './EmailTransaction';
 export { default as EmailStatusTransaction } from './EmailStatusTransaction';
 export { default as EmailChallengeTransaction } from './EmailChallengeTransaction';
 export { default as PhoneTransaction } from './PhoneTransaction';
+export { default as PasswordTransaction } from './PasswordTransaction';
 export { default as BaseTransaction } from './Base';

package/types/lib/myaccount/types.d.ts

@@ -1,5 +1,5 @@
 import { OAuthStorageManagerInterface, OAuthTransactionMeta, OktaAuthOAuthInterface, OktaAuthOAuthOptions, PKCETransactionMeta } from '../oidc/types';
-export { EmailTransaction, EmailStatusTransaction, EmailChallengeTransaction, PhoneTransaction, ProfileTransaction, ProfileSchemaTransaction, BaseTransaction } from './transactions';
+export { EmailTransaction, EmailStatusTransaction, EmailChallengeTransaction, PhoneTransaction, ProfileTransaction, ProfileSchemaTransaction, PasswordTransaction, BaseTransaction } from './transactions';
 export declare enum EmailRole {
     PRIMARY = "PRIMARY",
     SECONDARY = "SECONDARY"
@@ -8,6 +8,10 @@ export declare enum Status {
     VERIFIED = "VERIFIED",
     UNVERIFIED = "UNVERIFIED"
 }
+export declare enum PasswordStatus {
+    NOT_ENROLLED = "NOT_ENROLLED",
+    ACTIVE = "ACTIVE"
+}
 export declare type EmailProfile = {
     email: string;
 };
@@ -36,6 +40,17 @@ export declare type ChallengePhonePayload = {
 export declare type VerificationPayload = {
     verificationCode: string;
 };
+export declare type EnrollPasswordPayload = {
+    profile: {
+        password: string;
+    };
+};
+export declare type UpdatePasswordPayload = {
+    profile: {
+        password: string;
+        currentPassword?: string;
+    };
+};
 export declare type UpdateProfilePayload = {
     profile: {
         firstName?: string;
@@ -49,7 +64,7 @@ export declare type MyAccountRequestOptions = {
     id?: string;
     emailId?: string;
     challengeId?: string;
-    payload?: AddEmailPayload | AddPhonePayload | ChallengePhonePayload | VerificationPayload | UpdateProfilePayload;
+    payload?: AddEmailPayload | AddPhonePayload | ChallengePhonePayload | VerificationPayload | UpdateProfilePayload | EnrollPasswordPayload | UpdatePasswordPayload;
     accessToken?: string;
 };
 export declare type IAPIFunction<T> = (oktaAuth: OktaAuthOAuthInterface, options?: MyAccountRequestOptions) => Promise<T>;

package/types/lib/oidc/TokenManager.d.ts

@@ -18,6 +18,7 @@ export declare class TokenManager implements TokenManagerInterface {
     constructor(sdk: OktaAuthOAuthInterface, options?: TokenManagerOptions);
     start(): void;
     stop(): void;
+    isStarted(): boolean;
     getOptions(): TokenManagerOptions;
     getExpireTime(token: any): number;
     hasExpired(token: any): boolean;

package/types/lib/oidc/enrollAuthenticator.d.ts

@@ -0,0 +1,14 @@
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ * See the License for the specific language governing permissions and limitations under the License.
+ *
+ */
+import { OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from './types';
+export declare function enrollAuthenticator(sdk: OktaAuthOAuthInterface, options: EnrollAuthenticatorOptions): void;

package/types/lib/oidc/factory/api.d.ts

@@ -11,5 +11,6 @@
  *
  */
 import { PromiseQueue } from '../../util';
-import { OktaAuthOAuthInterface, TokenAPI } from '../types';
+import { OktaAuthOAuthInterface, TokenAPI, Endpoints } from '../types';
 export declare function createTokenAPI(sdk: OktaAuthOAuthInterface, queue: PromiseQueue): TokenAPI;
+export declare function createEndpoints(sdk: OktaAuthOAuthInterface): Endpoints;

package/types/lib/oidc/types/TokenManager.d.ts

@@ -58,4 +58,5 @@ export interface TokenManagerInterface {
     getStorage(): StorageProvider;
     start(): any;
     stop(): any;
+    isStarted(): boolean;
 }

package/types/lib/oidc/types/api.d.ts

@@ -12,12 +12,14 @@
 import { JWTObject } from './JWT';
 import { OAuthTransactionMeta, PKCETransactionMeta } from './meta';
 import { CustomUrls, OktaAuthOAuthOptions, SigninWithRedirectOptions, TokenParams } from './options';
+import { OAuthResponseType } from './proto';
 import { OAuthStorageManagerInterface } from './storage';
 import { AccessToken, IDToken, RefreshToken, RevocableToken, Token, Tokens } from './Token';
 import { TokenManagerInterface } from './TokenManager';
 import { CustomUserClaims, UserClaims } from './UserClaims';
 import { TransactionManagerInterface } from './TransactionManager';
 import { OktaAuthSessionInterface } from '../../session/types';
+import { Endpoints } from './endpoints';
 export interface PopupParams {
     popupTitle?: string;
     popupWindow?: Window;
@@ -26,6 +28,7 @@ export interface TokenResponse {
     tokens: Tokens;
     state: string;
     code?: string;
+    responseType?: OAuthResponseType | OAuthResponseType[] | 'none';
 }
 export interface ParseFromUrlOptions {
     url?: string;
@@ -39,9 +42,6 @@ export interface ParseFromUrlInterface extends ParseFromUrlFunction {
 }
 export declare type GetWithRedirectFunction = (params?: TokenParams) => Promise<void>;
 export declare type SetLocationFunction = (loc: string) => void;
-export interface GetWithRedirectAPI extends GetWithRedirectFunction {
-    _setLocation: SetLocationFunction;
-}
 export interface BaseTokenAPI {
     decode(token: string): JWTObject;
     prepareTokenParams(params?: TokenParams): Promise<TokenParams>;
@@ -49,7 +49,7 @@ export interface BaseTokenAPI {
 }
 export interface TokenAPI extends BaseTokenAPI {
     getUserInfo<S extends CustomUserClaims = CustomUserClaims>(accessToken?: AccessToken, idToken?: IDToken): Promise<UserClaims<S>>;
-    getWithRedirect: GetWithRedirectAPI;
+    getWithRedirect: GetWithRedirectFunction;
     parseFromUrl: ParseFromUrlInterface;
     getWithoutPrompt(params?: TokenParams): Promise<TokenResponse>;
     getWithPopup(params?: TokenParams): Promise<TokenResponse>;
@@ -103,6 +103,7 @@ export interface OktaAuthOAuthInterface<M extends OAuthTransactionMeta = PKCETra
     tokenManager: TokenManagerInterface;
     pkce: PkceAPI;
     transactionManager: TM;
+    endpoints: Endpoints;
     isPKCE(): boolean;
     getIdToken(): string | undefined;
     getAccessToken(): string | undefined;

package/types/lib/oidc/types/endpoints.d.ts

@@ -0,0 +1,18 @@
+/*!
+ * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+import { EnrollAuthenticatorOptions } from './options';
+export declare type EnrollAuthenticatorFunction = (params: EnrollAuthenticatorOptions) => void;
+export interface Endpoints {
+    authorize: {
+        enrollAuthenticator: EnrollAuthenticatorFunction;
+    };
+}

package/types/lib/oidc/types/index.d.ts

@@ -20,3 +20,4 @@ export * from './TokenManager';
 export * from './Transaction';
 export * from './TransactionManager';
 export * from './UserClaims';
+export * from './endpoints';

package/types/lib/oidc/types/meta.d.ts

@@ -10,7 +10,7 @@
  * See the License for the specific language governing permissions and limitations under the License.
  */
 import { CustomUrls, TokenParams } from './options';
-export interface OAuthTransactionMeta extends Pick<TokenParams, 'issuer' | 'clientId' | 'redirectUri' | 'responseType' | 'responseMode' | 'scopes' | 'state' | 'pkce' | 'ignoreSignature' | 'nonce' | 'acrValues'> {
+export interface OAuthTransactionMeta extends Pick<TokenParams, 'issuer' | 'clientId' | 'redirectUri' | 'responseType' | 'responseMode' | 'scopes' | 'state' | 'pkce' | 'ignoreSignature' | 'nonce' | 'acrValues' | 'enrollAmrValues'> {
     urls: CustomUrls;
     originalUri?: string;
 }

package/types/lib/oidc/types/options.d.ts

@@ -27,11 +27,12 @@ export interface TokenParams extends CustomUrls {
     pkce?: boolean;
     clientId?: string;
     redirectUri?: string;
-    responseType?: OAuthResponseType | OAuthResponseType[];
+    responseType?: OAuthResponseType | OAuthResponseType[] | 'none';
     responseMode?: OAuthResponseMode;
     state?: string;
     nonce?: string;
     scopes?: string[];
+    enrollAmrValues?: string | string[];
     display?: string;
     ignoreSignature?: boolean;
     codeVerifier?: string;
@@ -62,6 +63,10 @@ export interface TokenManagerOptions {
     expireEarlySeconds?: number;
     syncStorage?: boolean;
 }
+export interface EnrollAuthenticatorOptions extends TokenParams {
+    enrollAmrValues: string | string[];
+    acrValues: string;
+}
 export interface SigninWithRedirectOptions extends TokenParams {
     originalUri?: string;
 }

package/types/lib/oidc/types/proto.d.ts

@@ -30,6 +30,7 @@ export interface OAuthParams {
     code?: string;
     interaction_code?: string;
     acr_values?: string;
+    enroll_amr_values?: string | string[];
 }
 export interface OAuthResponse {
     state?: string;

package/types/lib/oidc/util/defaultEnrollAuthenticatorParams.d.ts

@@ -0,0 +1,2 @@
+import { OktaAuthOAuthInterface, TokenParams } from '../types';
+export declare function getDefaultEnrollAuthenticatorParams(sdk: OktaAuthOAuthInterface): TokenParams;

package/types/lib/oidc/util/enrollAuthenticatorMeta.d.ts

@@ -0,0 +1,2 @@
+import { OAuthTransactionMeta, OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from '../types';
+export declare function createEnrollAuthenticatorMeta(sdk: OktaAuthOAuthInterface, params: EnrollAuthenticatorOptions): OAuthTransactionMeta;

package/types/lib/oidc/util/index.d.ts

@@ -12,13 +12,16 @@
  */
 export * from './browser';
 export * from './defaultTokenParams';
+export * from './defaultEnrollAuthenticatorParams';
 export * from './errors';
 export * from './loginRedirect';
 export * from './oauth';
 export * from './oauthMeta';
+export * from './enrollAuthenticatorMeta';
 import pkce from './pkce';
 export { pkce };
 export * from './prepareTokenParams';
+export * from './prepareEnrollAuthenticatorParams';
 export * from './refreshToken';
 export * from './urlParams';
 export * from './validateClaims';

package/types/lib/oidc/util/prepareEnrollAuthenticatorParams.d.ts

@@ -0,0 +1,2 @@
+import { OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from '../types';
+export declare function prepareEnrollAuthenticatorParams(sdk: OktaAuthOAuthInterface, options: EnrollAuthenticatorOptions): EnrollAuthenticatorOptions;

package/types/lib/services/AutoRenewService.d.ts

@@ -19,6 +19,7 @@ export declare class AutoRenewService implements ServiceInterface {
     constructor(tokenManager: TokenManagerInterface, options?: ServiceManagerOptions);
     private shouldThrottleRenew;
     requiresLeadership(): boolean;
+    private processExpiredTokens;
     private onTokenExpiredHandler;
     canStart(): boolean;
     start(): Promise<void>;

package/types/lib/util/jsonpath.d.ts

@@ -0,0 +1,2 @@
+import { JSONPathOptions } from 'jsonpath-plus';
+export declare function jsonpath(options: JSONPathOptions): any;