@okta/okta-auth-js 7.1.0 → 7.2.0

package/cjs/oidc/types/TokenManager.js.map

@@ -1 +1 @@
-{"version":3,"file":"TokenManager.js","names":["EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","EVENT_SET_STORAGE"],"sources":["../../../../lib/oidc/types/TokenManager.ts"],"sourcesContent":["/* eslint-disable max-len */\nimport { StorageProvider } from '../../storage/types';\nimport { TokenManagerOptions } from './options';\nimport { AccessToken, IDToken, RefreshToken, Token, Tokens, TokenType } from './Token';\n\nexport interface TokenManagerError {\n  errorSummary: string;\n  errorCode: string;\n  message: string;\n  name: string;\n  tokenKey: string;\n}\n\nexport declare type AccessTokenCallback = (key: string, token: AccessToken) => void;\nexport declare type IDTokenCallback = (key: string, token: IDToken) => void;\nexport declare type RefreshTokenCallback = (key: string, token: RefreshToken) => void;\n\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\nexport const EVENT_SET_STORAGE = 'set_storage';\n\nexport declare type TokenManagerErrorEventHandler = (error: TokenManagerError) => void;\nexport declare type TokenManagerEventHandler = (key: string, token: Token) => void;\nexport declare type TokenManagerRenewEventHandler = (key: string, token: Token, oldtoken: Token) => void;\nexport declare type TokenManagerSetStorageEventHandler = (storage: Tokens) => void;\n\nexport declare type TokenManagerAnyEventHandler = TokenManagerErrorEventHandler | TokenManagerRenewEventHandler | TokenManagerSetStorageEventHandler | TokenManagerEventHandler;\nexport declare type TokenManagerAnyEvent = typeof EVENT_RENEWED | typeof EVENT_ERROR | typeof EVENT_SET_STORAGE | typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED;\n\n// only add methods needed internally\nexport interface TokenManagerInterface {\n  on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n  on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n  on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n  on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, handler: TokenManagerEventHandler, context?: object): void;\n\n  off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n  off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n  off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n  off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, handler?: TokenManagerEventHandler): void;\n\n  clear(): void;\n  setExpireEventTimeout(key: string, token: Token): void;\n  clearExpireEventTimeout(key: string): void;\n  clearExpireEventTimeoutAll(): void;\n  emitAdded(key: string, token: Token): void;\n  emitError(error: Error): void;\n  emitRemoved(key: string, token: Token): void;\n  emitRenewed(key: string, token: Token, oldToken?: Token): void;\n  renew(key: string): Promise<Token | undefined>;\n  remove(key: string): void;\n  hasExpired(token: Token): boolean;\n  getExpireTime(token: Token): number;\n\n  get(key): Promise<Token>;\n  getSync(key): Token;\n  getTokens(): Promise<Tokens>;\n  getTokensSync(): Tokens;\n  setTokens({ accessToken, idToken, refreshToken }: Tokens, accessTokenCb?: AccessTokenCallback, idTokenCb?: IDTokenCallback, refreshTokenCb?: RefreshTokenCallback): void;\n  getStorageKeyByType(type: TokenType): string;\n  add(key: any, token: Token): void;\n  updateRefreshToken(token: RefreshToken);\n  removeRefreshToken(): void;\n  clearPendingRemoveTokens(): void;\n\n  getOptions(): TokenManagerOptions;\n  getStorage(): StorageProvider;\n\n  start();\n  stop();\n}\n"],"mappings":";;;AAAA;;AAiBO,MAAMA,aAAa,GAAG,SAAS;AAAC;AAChC,MAAMC,aAAa,GAAG,SAAS;AAAC;AAChC,MAAMC,WAAW,GAAG,OAAO;AAAC;AAC5B,MAAMC,aAAa,GAAG,SAAS;AAAC;AAChC,MAAMC,WAAW,GAAG,OAAO;AAAC;AAC5B,MAAMC,iBAAiB,GAAG,aAAa;AAAC"}
+{"version":3,"file":"TokenManager.js","names":["EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","EVENT_SET_STORAGE"],"sources":["../../../../lib/oidc/types/TokenManager.ts"],"sourcesContent":["/* eslint-disable max-len */\nimport { StorageProvider } from '../../storage/types';\nimport { TokenManagerOptions } from './options';\nimport { AccessToken, IDToken, RefreshToken, Token, Tokens, TokenType } from './Token';\n\nexport interface TokenManagerError {\n  errorSummary: string;\n  errorCode: string;\n  message: string;\n  name: string;\n  tokenKey: string;\n}\n\nexport declare type AccessTokenCallback = (key: string, token: AccessToken) => void;\nexport declare type IDTokenCallback = (key: string, token: IDToken) => void;\nexport declare type RefreshTokenCallback = (key: string, token: RefreshToken) => void;\n\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\nexport const EVENT_SET_STORAGE = 'set_storage';\n\nexport declare type TokenManagerErrorEventHandler = (error: TokenManagerError) => void;\nexport declare type TokenManagerEventHandler = (key: string, token: Token) => void;\nexport declare type TokenManagerRenewEventHandler = (key: string, token: Token, oldtoken: Token) => void;\nexport declare type TokenManagerSetStorageEventHandler = (storage: Tokens) => void;\n\nexport declare type TokenManagerAnyEventHandler = TokenManagerErrorEventHandler | TokenManagerRenewEventHandler | TokenManagerSetStorageEventHandler | TokenManagerEventHandler;\nexport declare type TokenManagerAnyEvent = typeof EVENT_RENEWED | typeof EVENT_ERROR | typeof EVENT_SET_STORAGE | typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED;\n\n// only add methods needed internally\nexport interface TokenManagerInterface {\n  on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n  on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n  on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n  on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, handler: TokenManagerEventHandler, context?: object): void;\n\n  off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n  off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n  off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n  off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, handler?: TokenManagerEventHandler): void;\n\n  clear(): void;\n  setExpireEventTimeout(key: string, token: Token): void;\n  clearExpireEventTimeout(key: string): void;\n  clearExpireEventTimeoutAll(): void;\n  emitAdded(key: string, token: Token): void;\n  emitError(error: Error): void;\n  emitRemoved(key: string, token: Token): void;\n  emitRenewed(key: string, token: Token, oldToken?: Token): void;\n  renew(key: string): Promise<Token | undefined>;\n  remove(key: string): void;\n  hasExpired(token: Token): boolean;\n  getExpireTime(token: Token): number;\n\n  get(key): Promise<Token>;\n  getSync(key): Token;\n  getTokens(): Promise<Tokens>;\n  getTokensSync(): Tokens;\n  setTokens({ accessToken, idToken, refreshToken }: Tokens, accessTokenCb?: AccessTokenCallback, idTokenCb?: IDTokenCallback, refreshTokenCb?: RefreshTokenCallback): void;\n  getStorageKeyByType(type: TokenType): string;\n  add(key: any, token: Token): void;\n  updateRefreshToken(token: RefreshToken);\n  removeRefreshToken(): void;\n  clearPendingRemoveTokens(): void;\n\n  getOptions(): TokenManagerOptions;\n  getStorage(): StorageProvider;\n\n  start();\n  stop();\n  isStarted(): boolean;\n}\n"],"mappings":";;;AAAA;;AAiBO,MAAMA,aAAa,GAAG,SAAS;AAAC;AAChC,MAAMC,aAAa,GAAG,SAAS;AAAC;AAChC,MAAMC,WAAW,GAAG,OAAO;AAAC;AAC5B,MAAMC,aAAa,GAAG,SAAS;AAAC;AAChC,MAAMC,WAAW,GAAG,OAAO;AAAC;AAC5B,MAAMC,iBAAiB,GAAG,aAAa;AAAC"}

package/cjs/oidc/types/api.js.map

@@ -1 +1 @@
-{"version":3,"file":"api.js","names":[],"sources":["../../../../lib/oidc/types/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { JWTObject } from './JWT';\nimport { OAuthTransactionMeta, PKCETransactionMeta } from './meta';\nimport { CustomUrls, OktaAuthOAuthOptions, SigninWithRedirectOptions, TokenParams } from './options';\nimport { OAuthStorageManagerInterface } from './storage';\nimport { AccessToken, IDToken, RefreshToken, RevocableToken, Token, Tokens } from './Token';\nimport { TokenManagerInterface } from './TokenManager';\nimport { CustomUserClaims, UserClaims } from './UserClaims';\nimport { TransactionManagerInterface } from './TransactionManager';\nimport { OktaAuthSessionInterface } from '../../session/types';\n\nexport interface PopupParams {\n  popupTitle?: string;\n  popupWindow?: Window;\n}\n\nexport interface TokenResponse {\n  tokens: Tokens;\n  state: string;\n  code?: string;\n}\n\nexport interface ParseFromUrlOptions {\n  url?: string;\n  responseMode?: string;\n}\n\nexport type ParseFromUrlFunction = (options?: string | ParseFromUrlOptions) => Promise<TokenResponse>;\n\nexport interface ParseFromUrlInterface extends ParseFromUrlFunction {\n  _getDocument: () => Document;\n  _getLocation: () => Location;\n  _getHistory: () => History;\n}\n\nexport type GetWithRedirectFunction = (params?: TokenParams) => Promise<void>;\n\nexport type SetLocationFunction = (loc: string) => void;\n\nexport interface GetWithRedirectAPI extends GetWithRedirectFunction {\n  _setLocation: SetLocationFunction;\n}\n\nexport interface BaseTokenAPI {\n  decode(token: string): JWTObject;\n  prepareTokenParams(params?: TokenParams): Promise<TokenParams>;\n  exchangeCodeForTokens(params: TokenParams, urls?: CustomUrls): Promise<TokenResponse>;\n}\n\nexport interface TokenAPI extends BaseTokenAPI {\n  getUserInfo<S extends CustomUserClaims = CustomUserClaims>(\n    accessToken?: AccessToken,\n    idToken?: IDToken\n  ): Promise<UserClaims<S>>;\n  getWithRedirect: GetWithRedirectAPI;\n  parseFromUrl: ParseFromUrlInterface;\n  getWithoutPrompt(params?: TokenParams): Promise<TokenResponse>;\n  getWithPopup(params?: TokenParams): Promise<TokenResponse>;\n  revoke(token: RevocableToken): Promise<object>;\n  renew(token: Token): Promise<Token | undefined>;\n  renewTokens(options?: TokenParams): Promise<Tokens>;\n  renewTokensWithRefresh(tokenParams: TokenParams, refreshTokenObject: RefreshToken): Promise<Tokens>;\n  verify(token: IDToken, params?: object): Promise<IDToken>;\n  isLoginRedirect(): boolean;\n}\n\nexport interface TokenVerifyParams {\n  clientId: string;\n  issuer: string;\n  ignoreSignature?: boolean;\n  nonce?: string;\n  accessToken?: string; // raw access token string\n  acrValues?: string;\n}\n\nexport interface IDTokenAPI {\n  authorize: {\n    _getLocationHref: () => string;\n  };\n}\n\nexport interface PkceAPI {\n  DEFAULT_CODE_CHALLENGE_METHOD: string;\n  generateVerifier(prefix: string): string;\n  computeChallenge(str: string): PromiseLike<any>;\n}\n\nexport interface IsAuthenticatedOptions {\n  onExpiredToken?: 'renew' | 'remove' | 'none';\n}\n\nexport interface SignoutRedirectUrlOptions {\n  postLogoutRedirectUri?: string;\n  idToken?: IDToken;\n  state?: string;\n}\n\nexport interface SignoutOptions extends SignoutRedirectUrlOptions {\n  revokeAccessToken?: boolean;\n  revokeRefreshToken?: boolean;\n  accessToken?: AccessToken;\n  refreshToken?: RefreshToken;\n  clearTokensBeforeRedirect?: boolean;\n}\n\nexport interface OriginalUriApi {\n  getOriginalUri(state?: string): string | undefined;\n  setOriginalUri(originalUri: string, state?: string): void;\n  removeOriginalUri(state?: string): void;\n}\n\nexport interface OktaAuthOAuthInterface\n<\n  M extends OAuthTransactionMeta = PKCETransactionMeta,\n  S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n  O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n  TM extends TransactionManagerInterface = TransactionManagerInterface\n> \n  extends OktaAuthSessionInterface<S, O>,\n  OriginalUriApi\n{\n  token: TokenAPI;\n  tokenManager: TokenManagerInterface;\n  pkce: PkceAPI;\n  transactionManager: TM;\n  \n  isPKCE(): boolean;\n  getIdToken(): string | undefined;\n  getAccessToken(): string | undefined;\n  getRefreshToken(): string | undefined;\n\n  isAuthenticated(options?: IsAuthenticatedOptions): Promise<boolean>;\n  signOut(opts?: SignoutOptions): Promise<void>;\n  isLoginRedirect(): boolean;\n  storeTokensFromRedirect(): Promise<void>;\n  getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>>;\n  signInWithRedirect(opts?: SigninWithRedirectOptions): Promise<void>;\n  \n  revokeAccessToken(accessToken?: AccessToken): Promise<unknown>;\n  revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown>;\n}\n"],"mappings":""}
+{"version":3,"file":"api.js","names":[],"sources":["../../../../lib/oidc/types/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { JWTObject } from './JWT';\nimport { OAuthTransactionMeta, PKCETransactionMeta } from './meta';\nimport { CustomUrls, OktaAuthOAuthOptions, SigninWithRedirectOptions, TokenParams } from './options';\nimport { OAuthResponseType } from './proto';\nimport { OAuthStorageManagerInterface } from './storage';\nimport { AccessToken, IDToken, RefreshToken, RevocableToken, Token, Tokens } from './Token';\nimport { TokenManagerInterface } from './TokenManager';\nimport { CustomUserClaims, UserClaims } from './UserClaims';\nimport { TransactionManagerInterface } from './TransactionManager';\nimport { OktaAuthSessionInterface } from '../../session/types';\nimport { Endpoints } from './endpoints';\n\nexport interface PopupParams {\n  popupTitle?: string;\n  popupWindow?: Window;\n}\n\nexport interface TokenResponse {\n  tokens: Tokens;\n  state: string;\n  code?: string;\n  responseType?: OAuthResponseType | OAuthResponseType[] | 'none';\n}\n\nexport interface ParseFromUrlOptions {\n  url?: string;\n  responseMode?: string;\n}\n\nexport type ParseFromUrlFunction = (options?: string | ParseFromUrlOptions) => Promise<TokenResponse>;\n\nexport interface ParseFromUrlInterface extends ParseFromUrlFunction {\n  _getDocument: () => Document;\n  _getLocation: () => Location;\n  _getHistory: () => History;\n}\n\nexport type GetWithRedirectFunction = (params?: TokenParams) => Promise<void>;\n\nexport type SetLocationFunction = (loc: string) => void;\n\nexport interface BaseTokenAPI {\n  decode(token: string): JWTObject;\n  prepareTokenParams(params?: TokenParams): Promise<TokenParams>;\n  exchangeCodeForTokens(params: TokenParams, urls?: CustomUrls): Promise<TokenResponse>;\n}\n\nexport interface TokenAPI extends BaseTokenAPI {\n  getUserInfo<S extends CustomUserClaims = CustomUserClaims>(\n    accessToken?: AccessToken,\n    idToken?: IDToken\n  ): Promise<UserClaims<S>>;\n  getWithRedirect: GetWithRedirectFunction;\n  parseFromUrl: ParseFromUrlInterface;\n  getWithoutPrompt(params?: TokenParams): Promise<TokenResponse>;\n  getWithPopup(params?: TokenParams): Promise<TokenResponse>;\n  revoke(token: RevocableToken): Promise<object>;\n  renew(token: Token): Promise<Token | undefined>;\n  renewTokens(options?: TokenParams): Promise<Tokens>;\n  renewTokensWithRefresh(tokenParams: TokenParams, refreshTokenObject: RefreshToken): Promise<Tokens>;\n  verify(token: IDToken, params?: object): Promise<IDToken>;\n  isLoginRedirect(): boolean;\n}\n\nexport interface TokenVerifyParams {\n  clientId: string;\n  issuer: string;\n  ignoreSignature?: boolean;\n  nonce?: string;\n  accessToken?: string; // raw access token string\n  acrValues?: string;\n}\n\nexport interface IDTokenAPI {\n  authorize: {\n    _getLocationHref: () => string;\n  };\n}\n\nexport interface PkceAPI {\n  DEFAULT_CODE_CHALLENGE_METHOD: string;\n  generateVerifier(prefix: string): string;\n  computeChallenge(str: string): PromiseLike<any>;\n}\n\nexport interface IsAuthenticatedOptions {\n  onExpiredToken?: 'renew' | 'remove' | 'none';\n}\n\nexport interface SignoutRedirectUrlOptions {\n  postLogoutRedirectUri?: string;\n  idToken?: IDToken;\n  state?: string;\n}\n\nexport interface SignoutOptions extends SignoutRedirectUrlOptions {\n  revokeAccessToken?: boolean;\n  revokeRefreshToken?: boolean;\n  accessToken?: AccessToken;\n  refreshToken?: RefreshToken;\n  clearTokensBeforeRedirect?: boolean;\n}\n\nexport interface OriginalUriApi {\n  getOriginalUri(state?: string): string | undefined;\n  setOriginalUri(originalUri: string, state?: string): void;\n  removeOriginalUri(state?: string): void;\n}\n\nexport interface OktaAuthOAuthInterface\n<\n  M extends OAuthTransactionMeta = PKCETransactionMeta,\n  S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n  O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n  TM extends TransactionManagerInterface = TransactionManagerInterface\n> \n  extends OktaAuthSessionInterface<S, O>,\n  OriginalUriApi\n{\n  token: TokenAPI;\n  tokenManager: TokenManagerInterface;\n  pkce: PkceAPI;\n  transactionManager: TM;\n  endpoints: Endpoints;\n  \n  isPKCE(): boolean;\n  getIdToken(): string | undefined;\n  getAccessToken(): string | undefined;\n  getRefreshToken(): string | undefined;\n\n  isAuthenticated(options?: IsAuthenticatedOptions): Promise<boolean>;\n  signOut(opts?: SignoutOptions): Promise<void>;\n  isLoginRedirect(): boolean;\n  storeTokensFromRedirect(): Promise<void>;\n  getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>>;\n  signInWithRedirect(opts?: SigninWithRedirectOptions): Promise<void>;\n  \n  revokeAccessToken(accessToken?: AccessToken): Promise<unknown>;\n  revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown>;\n}\n"],"mappings":""}

package/cjs/oidc/types/endpoints.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=endpoints.js.map

package/cjs/oidc/types/endpoints.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"endpoints.js","names":[],"sources":["../../../../lib/oidc/types/endpoints.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport {\n  EnrollAuthenticatorOptions\n} from './options';\n\nexport type EnrollAuthenticatorFunction = (params: EnrollAuthenticatorOptions) => void;\n\nexport interface Endpoints {\n  authorize: {\n    enrollAuthenticator: EnrollAuthenticatorFunction;\n  }\n}\n"],"mappings":""}

package/cjs/oidc/types/index.js

@@ -121,4 +121,15 @@ Object.keys(_UserClaims).forEach(function (key) {
     }
   });
 });
+var _endpoints = require("./endpoints");
+Object.keys(_endpoints).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _endpoints[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _endpoints[key];
+    }
+  });
+});
 //# sourceMappingURL=index.js.map

package/cjs/oidc/types/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","names":[],"sources":["../../../../lib/oidc/types/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport * from './api';\nexport * from './JWT';\nexport * from './meta';\nexport * from './options';\nexport * from './proto';\nexport * from './storage';\nexport * from './Token';\nexport * from './TokenManager';\nexport * from './Transaction';\nexport * from './TransactionManager';\nexport * from './UserClaims';\n"],"mappings":";;AAYA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}
+{"version":3,"file":"index.js","names":[],"sources":["../../../../lib/oidc/types/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport * from './api';\nexport * from './JWT';\nexport * from './meta';\nexport * from './options';\nexport * from './proto';\nexport * from './storage';\nexport * from './Token';\nexport * from './TokenManager';\nexport * from './Transaction';\nexport * from './TransactionManager';\nexport * from './UserClaims';\nexport * from './endpoints';\n"],"mappings":";;AAYA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}

package/cjs/oidc/types/meta.js.map

@@ -1 +1 @@
-{"version":3,"file":"meta.js","names":[],"sources":["../../../../lib/oidc/types/meta.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { CustomUrls, TokenParams } from './options';\n\n// formerly known as \"Redirect OAuth Params\"\nexport interface OAuthTransactionMeta extends\n  Pick<TokenParams,\n    'issuer' |\n    'clientId' |\n    'redirectUri' |\n    'responseType' |\n    'responseMode' |\n    'scopes' |\n    'state' |\n    'pkce' |\n    'ignoreSignature' |\n    'nonce' |\n    'acrValues'\n  >\n{\n  urls: CustomUrls;\n  originalUri?: string;\n}\n\nexport interface PKCETransactionMeta extends\n  OAuthTransactionMeta,\n  Pick<TokenParams,\n    'codeChallenge' |\n    'codeChallengeMethod' |\n    'codeVerifier'\n  >\n{}\n\nexport interface TransactionMetaOptions extends\n  Pick<PKCETransactionMeta,\n    'state' |\n    'codeChallenge' |\n    'codeChallengeMethod' |\n    'codeVerifier'\n  >\n{\n  muteWarning?: boolean;\n}\n"],"mappings":""}
+{"version":3,"file":"meta.js","names":[],"sources":["../../../../lib/oidc/types/meta.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { CustomUrls, TokenParams } from './options';\n\n// formerly known as \"Redirect OAuth Params\"\nexport interface OAuthTransactionMeta extends\n  Pick<TokenParams,\n    'issuer' |\n    'clientId' |\n    'redirectUri' |\n    'responseType' |\n    'responseMode' |\n    'scopes' |\n    'state' |\n    'pkce' |\n    'ignoreSignature' |\n    'nonce' |\n    'acrValues' |\n    'enrollAmrValues'\n  >\n{\n  urls: CustomUrls;\n  originalUri?: string;\n}\n\nexport interface PKCETransactionMeta extends\n  OAuthTransactionMeta,\n  Pick<TokenParams,\n    'codeChallenge' |\n    'codeChallengeMethod' |\n    'codeVerifier'\n  >\n{}\n\nexport interface TransactionMetaOptions extends\n  Pick<PKCETransactionMeta,\n    'state' |\n    'codeChallenge' |\n    'codeChallengeMethod' |\n    'codeVerifier'\n  >\n{\n  muteWarning?: boolean;\n}\n"],"mappings":""}

package/cjs/oidc/types/options.js.map

@@ -1 +1 @@
-{"version":3,"file":"options.js","names":[],"sources":["../../../../lib/oidc/types/options.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuthOptionsConstructor } from '../../base/types';\nimport { OktaAuthHttpOptions } from '../../http/types';\nimport { SimpleStorage } from '../../storage/types';\nimport { OktaAuthOAuthInterface, SetLocationFunction } from './api';\nimport { OAuthResponseMode, OAuthResponseType } from './proto';\nimport { TransactionManagerOptions } from './Transaction';\n\nexport interface CustomUrls {\n  issuer?: string;\n  authorizeUrl?: string;\n  userinfoUrl?: string;\n  tokenUrl?: string;\n  revokeUrl?: string;\n  logoutUrl?: string;\n}\n\nexport interface TokenParams extends CustomUrls {\n  pkce?: boolean;\n  clientId?: string;\n  redirectUri?: string;\n  responseType?: OAuthResponseType | OAuthResponseType[];\n  responseMode?: OAuthResponseMode;\n  state?: string;\n  nonce?: string;\n  scopes?: string[];\n  display?: string;\n  ignoreSignature?: boolean;\n  codeVerifier?: string;\n  authorizationCode?: string;\n  codeChallenge?: string;\n  codeChallengeMethod?: string;\n  interactionCode?: string;\n  idp?: string;\n  idpScope?: string | string[];\n  loginHint?: string;\n  maxAge?: string | number;\n  acrValues?: string;\n  prompt?: string;\n  sessionToken?: string;\n  timeout?: number;\n  extraParams?: { [propName: string]: string }; // custom authorize query params\n  // TODO: remove in the next major version\n  popupTitle?: string;\n}\n\nexport interface TokenManagerOptions {\n  autoRenew?: boolean;\n  autoRemove?: boolean;\n  clearPendingRemoveTokens?: boolean;\n  secure?: boolean;\n  storage?: string | SimpleStorage;\n  storageKey?: string;\n  expireEarlySeconds?: number;\n  syncStorage?: boolean;\n}\n\nexport interface SigninWithRedirectOptions extends TokenParams {\n  originalUri?: string;\n}\n\nexport interface OktaAuthOAuthOptions extends\n  OktaAuthHttpOptions,\n  CustomUrls,\n  Pick<TokenParams,\n    'issuer' |\n    'clientId' |\n    'redirectUri' |\n    'responseType' |\n    'responseMode' |\n    'scopes' |\n    'state' |\n    'pkce' |\n    'ignoreSignature' |\n    'codeChallenge' |\n    'codeChallengeMethod' |\n    'maxAge' |\n    'acrValues'\n  >\n{\n  ignoreLifetime?: boolean;\n  tokenManager?: TokenManagerOptions;\n  postLogoutRedirectUri?: string;\n  maxClockSkew?: number;\n  restoreOriginalUri?: (oktaAuth: OktaAuthOAuthInterface, originalUri?: string) => Promise<void>;\n\n  transactionManager?: TransactionManagerOptions;\n\n  // For server-side web applications ONLY!\n  clientSecret?: string;\n  setLocation?: SetLocationFunction;\n}\n\nexport type OktaAuthOauthOptionsConstructor = OktaAuthOptionsConstructor<OktaAuthOAuthOptions>;\n"],"mappings":""}
+{"version":3,"file":"options.js","names":[],"sources":["../../../../lib/oidc/types/options.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuthOptionsConstructor } from '../../base/types';\nimport { OktaAuthHttpOptions } from '../../http/types';\nimport { SimpleStorage } from '../../storage/types';\nimport { OktaAuthOAuthInterface, SetLocationFunction } from './api';\nimport { OAuthResponseMode, OAuthResponseType } from './proto';\nimport { TransactionManagerOptions } from './Transaction';\n\nexport interface CustomUrls {\n  issuer?: string;\n  authorizeUrl?: string;\n  userinfoUrl?: string;\n  tokenUrl?: string;\n  revokeUrl?: string;\n  logoutUrl?: string;\n}\n\nexport interface TokenParams extends CustomUrls {\n  pkce?: boolean;\n  clientId?: string;\n  redirectUri?: string;\n  responseType?: OAuthResponseType | OAuthResponseType[] | 'none';\n  responseMode?: OAuthResponseMode;\n  state?: string;\n  nonce?: string;\n  scopes?: string[];\n  enrollAmrValues?: string | string[];\n  display?: string;\n  ignoreSignature?: boolean;\n  codeVerifier?: string;\n  authorizationCode?: string;\n  codeChallenge?: string;\n  codeChallengeMethod?: string;\n  interactionCode?: string;\n  idp?: string;\n  idpScope?: string | string[];\n  loginHint?: string;\n  maxAge?: string | number;\n  acrValues?: string;\n  prompt?: string;\n  sessionToken?: string;\n  timeout?: number;\n  extraParams?: { [propName: string]: string }; // custom authorize query params\n  // TODO: remove in the next major version\n  popupTitle?: string;\n}\n\nexport interface TokenManagerOptions {\n  autoRenew?: boolean;\n  autoRemove?: boolean;\n  clearPendingRemoveTokens?: boolean;\n  secure?: boolean;\n  storage?: string | SimpleStorage;\n  storageKey?: string;\n  expireEarlySeconds?: number;\n  syncStorage?: boolean;\n}\n\nexport interface EnrollAuthenticatorOptions extends TokenParams {\n  enrollAmrValues: string | string[];\n  acrValues: string;\n}\n\nexport interface SigninWithRedirectOptions extends TokenParams {\n  originalUri?: string;\n}\n\nexport interface OktaAuthOAuthOptions extends\n  OktaAuthHttpOptions,\n  CustomUrls,\n  Pick<TokenParams,\n    'issuer' |\n    'clientId' |\n    'redirectUri' |\n    'responseType' |\n    'responseMode' |\n    'scopes' |\n    'state' |\n    'pkce' |\n    'ignoreSignature' |\n    'codeChallenge' |\n    'codeChallengeMethod' |\n    'maxAge' |\n    'acrValues'\n  >\n{\n  ignoreLifetime?: boolean;\n  tokenManager?: TokenManagerOptions;\n  postLogoutRedirectUri?: string;\n  maxClockSkew?: number;\n  restoreOriginalUri?: (oktaAuth: OktaAuthOAuthInterface, originalUri?: string) => Promise<void>;\n\n  transactionManager?: TransactionManagerOptions;\n\n  // For server-side web applications ONLY!\n  clientSecret?: string;\n  setLocation?: SetLocationFunction;\n}\n\nexport type OktaAuthOauthOptionsConstructor = OktaAuthOptionsConstructor<OktaAuthOAuthOptions>;\n"],"mappings":""}

package/cjs/oidc/types/proto.js.map

@@ -1 +1 @@
-{"version":3,"file":"proto.js","names":[],"sources":["../../../../lib/oidc/types/proto.ts"],"sourcesContent":["/* eslint-disable camelcase */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport interface OAuthParams {\n  client_id?: string;\n  code_challenge?: string;\n  code_challenge_method?: string;\n  display?: string;\n  idp?: string;\n  idp_scope?: string | string[];\n  login_hint?: string;\n  max_age?: string | number;\n  nonce?: string;\n  prompt?: string;\n  redirect_uri?: string;\n  response_mode?: string;\n  response_type?: string | string[];\n  scope?: string;\n  sessionToken?: string;\n  state?: string;\n  grant_type?: string;\n  code?: string;\n  interaction_code?: string;\n  acr_values?: string;\n}\n\nexport interface OAuthResponse {\n  state?: string;\n  code?: string;\n  interaction_code?: string;\n  expires_in?: string;\n  token_type?: string;\n  access_token?: string;\n  id_token?: string;\n  refresh_token?: string;\n  scope?: string;\n  error?: string;\n  error_description?: string;\n}\n\nexport interface WellKnownResponse {\n  issuer: string;\n  authorization_endpoint: string;\n  userinfo_endpoint: string;\n  jwks_uri: string;\n  response_types_supported: string[];\n  response_modes_supported: string[];\n  grant_types_supported: string[];\n  subject_types_supported: string[];\n  id_token_signing_alg_values_supported: string[];\n  scopes_supported: string[];\n  claims_supported: string[];\n}\n\n\nexport type OAuthResponseMode = 'okta_post_message' |'fragment' |'query' |'form_post';\n\nexport type OAuthResponseType = 'code' |'token' |'id_token' | 'refresh_token';\n"],"mappings":""}
+{"version":3,"file":"proto.js","names":[],"sources":["../../../../lib/oidc/types/proto.ts"],"sourcesContent":["/* eslint-disable camelcase */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport interface OAuthParams {\n  client_id?: string;\n  code_challenge?: string;\n  code_challenge_method?: string;\n  display?: string;\n  idp?: string;\n  idp_scope?: string | string[];\n  login_hint?: string;\n  max_age?: string | number;\n  nonce?: string;\n  prompt?: string;\n  redirect_uri?: string;\n  response_mode?: string;\n  response_type?: string | string[];\n  scope?: string;\n  sessionToken?: string;\n  state?: string;\n  grant_type?: string;\n  code?: string;\n  interaction_code?: string;\n  acr_values?: string;\n  enroll_amr_values?: string | string[];\n}\n\nexport interface OAuthResponse {\n  state?: string;\n  code?: string;\n  interaction_code?: string;\n  expires_in?: string;\n  token_type?: string;\n  access_token?: string;\n  id_token?: string;\n  refresh_token?: string;\n  scope?: string;\n  error?: string;\n  error_description?: string;\n}\n\nexport interface WellKnownResponse {\n  issuer: string;\n  authorization_endpoint: string;\n  userinfo_endpoint: string;\n  jwks_uri: string;\n  response_types_supported: string[];\n  response_modes_supported: string[];\n  grant_types_supported: string[];\n  subject_types_supported: string[];\n  id_token_signing_alg_values_supported: string[];\n  scopes_supported: string[];\n  claims_supported: string[];\n}\n\n\nexport type OAuthResponseMode = 'okta_post_message' |'fragment' |'query' |'form_post';\n\nexport type OAuthResponseType = 'code' |'token' |'id_token' | 'refresh_token';\n"],"mappings":""}

package/cjs/oidc/util/defaultEnrollAuthenticatorParams.js

@@ -0,0 +1,38 @@
+"use strict";
+
+exports.getDefaultEnrollAuthenticatorParams = getDefaultEnrollAuthenticatorParams;
+var _oauth = require("./oauth");
+var _features = require("../../features");
+var _util = require("../../util");
+/* global window */
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ * See the License for the specific language governing permissions and limitations under the License.
+ *
+ */
+
+function getDefaultEnrollAuthenticatorParams(sdk) {
+  const {
+    clientId,
+    redirectUri,
+    responseMode,
+    state
+  } = sdk.options;
+  const defaultRedirectUri = (0, _features.isBrowser)() ? window.location.href : undefined;
+  return (0, _util.removeNils)({
+    clientId,
+    redirectUri: redirectUri || defaultRedirectUri,
+    responseMode,
+    state: state || (0, _oauth.generateState)(),
+    responseType: 'none',
+    prompt: 'enroll_authenticator'
+  });
+}
+//# sourceMappingURL=defaultEnrollAuthenticatorParams.js.map

package/cjs/oidc/util/defaultEnrollAuthenticatorParams.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"defaultEnrollAuthenticatorParams.js","names":["getDefaultEnrollAuthenticatorParams","sdk","clientId","redirectUri","responseMode","state","options","defaultRedirectUri","isBrowser","window","location","href","undefined","removeNils","generateState","responseType","prompt"],"sources":["../../../../lib/oidc/util/defaultEnrollAuthenticatorParams.ts"],"sourcesContent":["\n/* global window */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { generateState } from './oauth';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { isBrowser } from '../../features';\nimport { removeNils } from '../../util';\n\nexport function getDefaultEnrollAuthenticatorParams(sdk: OktaAuthOAuthInterface): TokenParams {\n  const {\n    clientId,\n    redirectUri,\n    responseMode,\n    state,\n  } = sdk.options;\n  const defaultRedirectUri = isBrowser() ? window.location.href : undefined;\n  return removeNils({\n    clientId,\n    redirectUri: redirectUri || defaultRedirectUri,\n    responseMode,\n    state: state || generateState(),\n    responseType: 'none',\n    prompt: 'enroll_authenticator',\n  });\n}"],"mappings":";;;AAcA;AAEA;AACA;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAMO,SAASA,mCAAmC,CAACC,GAA2B,EAAe;EAC5F,MAAM;IACJC,QAAQ;IACRC,WAAW;IACXC,YAAY;IACZC;EACF,CAAC,GAAGJ,GAAG,CAACK,OAAO;EACf,MAAMC,kBAAkB,GAAG,IAAAC,mBAAS,GAAE,GAAGC,MAAM,CAACC,QAAQ,CAACC,IAAI,GAAGC,SAAS;EACzE,OAAO,IAAAC,gBAAU,EAAC;IAChBX,QAAQ;IACRC,WAAW,EAAEA,WAAW,IAAII,kBAAkB;IAC9CH,YAAY;IACZC,KAAK,EAAEA,KAAK,IAAI,IAAAS,oBAAa,GAAE;IAC/BC,YAAY,EAAE,MAAM;IACpBC,MAAM,EAAE;EACV,CAAC,CAAC;AACJ"}

package/cjs/oidc/util/enrollAuthenticatorMeta.js

@@ -0,0 +1,23 @@
+"use strict";
+
+exports.createEnrollAuthenticatorMeta = createEnrollAuthenticatorMeta;
+var _oauth = require("./oauth");
+/* eslint-disable @typescript-eslint/no-non-null-assertion */
+
+function createEnrollAuthenticatorMeta(sdk, params) {
+  const issuer = sdk.options.issuer;
+  const urls = (0, _oauth.getOAuthUrls)(sdk, params);
+  const oauthMeta = {
+    issuer,
+    urls,
+    clientId: params.clientId,
+    redirectUri: params.redirectUri,
+    responseType: params.responseType,
+    responseMode: params.responseMode,
+    state: params.state,
+    acrValues: params.acrValues,
+    enrollAmrValues: params.enrollAmrValues
+  };
+  return oauthMeta;
+}
+//# sourceMappingURL=enrollAuthenticatorMeta.js.map

package/cjs/oidc/util/enrollAuthenticatorMeta.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"enrollAuthenticatorMeta.js","names":["createEnrollAuthenticatorMeta","sdk","params","issuer","options","urls","getOAuthUrls","oauthMeta","clientId","redirectUri","responseType","responseMode","state","acrValues","enrollAmrValues"],"sources":["../../../../lib/oidc/util/enrollAuthenticatorMeta.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport { OAuthTransactionMeta, OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from '../types';\nimport { getOAuthUrls } from './oauth';\n\nexport function createEnrollAuthenticatorMeta(\n  sdk: OktaAuthOAuthInterface, \n  params: EnrollAuthenticatorOptions\n): OAuthTransactionMeta {\n  const issuer = sdk.options.issuer!;\n  const urls = getOAuthUrls(sdk, params);\n  const oauthMeta: OAuthTransactionMeta = {\n    issuer,\n    urls,\n    clientId: params.clientId!,\n    redirectUri: params.redirectUri!,\n    responseType: params.responseType!,\n    responseMode: params.responseMode!,\n    state: params.state!,\n    acrValues: params.acrValues,\n    enrollAmrValues: params.enrollAmrValues,\n  };\n\n  return oauthMeta;\n}\n"],"mappings":";;;AAEA;AAFA;;AAIO,SAASA,6BAA6B,CAC3CC,GAA2B,EAC3BC,MAAkC,EACZ;EACtB,MAAMC,MAAM,GAAGF,GAAG,CAACG,OAAO,CAACD,MAAO;EAClC,MAAME,IAAI,GAAG,IAAAC,mBAAY,EAACL,GAAG,EAAEC,MAAM,CAAC;EACtC,MAAMK,SAA+B,GAAG;IACtCJ,MAAM;IACNE,IAAI;IACJG,QAAQ,EAAEN,MAAM,CAACM,QAAS;IAC1BC,WAAW,EAAEP,MAAM,CAACO,WAAY;IAChCC,YAAY,EAAER,MAAM,CAACQ,YAAa;IAClCC,YAAY,EAAET,MAAM,CAACS,YAAa;IAClCC,KAAK,EAAEV,MAAM,CAACU,KAAM;IACpBC,SAAS,EAAEX,MAAM,CAACW,SAAS;IAC3BC,eAAe,EAAEZ,MAAM,CAACY;EAC1B,CAAC;EAED,OAAOP,SAAS;AAClB"}

package/cjs/oidc/util/index.js

@@ -34,6 +34,18 @@ Object.keys(_defaultTokenParams).forEach(function (key) {
     }
   });
 });
+var _defaultEnrollAuthenticatorParams = require("./defaultEnrollAuthenticatorParams");
+Object.keys(_defaultEnrollAuthenticatorParams).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _defaultEnrollAuthenticatorParams[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _defaultEnrollAuthenticatorParams[key];
+    }
+  });
+});
 var _errors = require("./errors");
 Object.keys(_errors).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
@@ -82,6 +94,18 @@ Object.keys(_oauthMeta).forEach(function (key) {
     }
   });
 });
+var _enrollAuthenticatorMeta = require("./enrollAuthenticatorMeta");
+Object.keys(_enrollAuthenticatorMeta).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _enrollAuthenticatorMeta[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _enrollAuthenticatorMeta[key];
+    }
+  });
+});
 var _pkce = _interopRequireDefault(require("./pkce"));
 var _prepareTokenParams = require("./prepareTokenParams");
 Object.keys(_prepareTokenParams).forEach(function (key) {
@@ -95,6 +119,18 @@ Object.keys(_prepareTokenParams).forEach(function (key) {
     }
   });
 });
+var _prepareEnrollAuthenticatorParams = require("./prepareEnrollAuthenticatorParams");
+Object.keys(_prepareEnrollAuthenticatorParams).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _prepareEnrollAuthenticatorParams[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _prepareEnrollAuthenticatorParams[key];
+    }
+  });
+});
 var _refreshToken = require("./refreshToken");
 Object.keys(_refreshToken).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;

package/cjs/oidc/util/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","names":[],"sources":["../../../../lib/oidc/util/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n\nexport * from './browser';\nexport * from './defaultTokenParams';\nexport * from './errors';\nexport * from './loginRedirect';\nexport * from './oauth';\nexport * from './oauthMeta';\nimport pkce from './pkce';\nexport { pkce };\nexport * from './prepareTokenParams';\nexport * from './refreshToken';\nexport * from './urlParams';\nexport * from './validateClaims';\nexport * from './validateToken';\n"],"mappings":";;;;;;;;;;;;AAcA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAEA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}
+{"version":3,"file":"index.js","names":[],"sources":["../../../../lib/oidc/util/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n\nexport * from './browser';\nexport * from './defaultTokenParams';\nexport * from './defaultEnrollAuthenticatorParams';\nexport * from './errors';\nexport * from './loginRedirect';\nexport * from './oauth';\nexport * from './oauthMeta';\nexport * from './enrollAuthenticatorMeta';\nimport pkce from './pkce';\nexport { pkce };\nexport * from './prepareTokenParams';\nexport * from './prepareEnrollAuthenticatorParams';\nexport * from './refreshToken';\nexport * from './urlParams';\nexport * from './validateClaims';\nexport * from './validateToken';\n"],"mappings":";;;;;;;;;;;;AAcA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAEA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}

package/cjs/oidc/util/prepareEnrollAuthenticatorParams.js

@@ -0,0 +1,50 @@
+"use strict";
+
+exports.prepareEnrollAuthenticatorParams = prepareEnrollAuthenticatorParams;
+var _errors = require("../../errors");
+var _defaultEnrollAuthenticatorParams = require("./defaultEnrollAuthenticatorParams");
+/* eslint-disable complexity */
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *
+ * See the License for the specific language governing permissions and limitations under the License.
+ *
+ */
+
+function prepareParams(params) {
+  params = {
+    ...params,
+    // forced params:
+    responseType: 'none',
+    prompt: 'enroll_authenticator',
+    maxAge: 0
+  };
+  if (!params.enrollAmrValues) {
+    throw new _errors.AuthSdkError('enroll_amr_values must be specified');
+  }
+  if (!params.acrValues) {
+    // `acr_values` is required and should equal 'urn:okta:2fa:any:ifpossible'
+    // But this can be changed in future
+    throw new _errors.AuthSdkError('acr_values must be specified');
+  }
+
+  // `scope`, `nonce` must be omitted
+  delete params.scopes;
+  delete params.nonce;
+  return params;
+}
+
+// Prepares params for a call to /authorize
+function prepareEnrollAuthenticatorParams(sdk, options) {
+  return prepareParams({
+    ...(0, _defaultEnrollAuthenticatorParams.getDefaultEnrollAuthenticatorParams)(sdk),
+    ...options
+  });
+}
+//# sourceMappingURL=prepareEnrollAuthenticatorParams.js.map

package/cjs/oidc/util/prepareEnrollAuthenticatorParams.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prepareEnrollAuthenticatorParams.js","names":["prepareParams","params","responseType","prompt","maxAge","enrollAmrValues","AuthSdkError","acrValues","scopes","nonce","prepareEnrollAuthenticatorParams","sdk","options","getDefaultEnrollAuthenticatorParams"],"sources":["../../../../lib/oidc/util/prepareEnrollAuthenticatorParams.ts"],"sourcesContent":["/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from '../types';\nimport { getDefaultEnrollAuthenticatorParams } from './defaultEnrollAuthenticatorParams';\n\nfunction prepareParams(\n  params: EnrollAuthenticatorOptions\n): EnrollAuthenticatorOptions {\n  params = {\n    ...params,\n    // forced params:\n    responseType: 'none',\n    prompt: 'enroll_authenticator',\n    maxAge: 0,\n  };\n\n  if (!params.enrollAmrValues) {\n    throw new AuthSdkError('enroll_amr_values must be specified');\n  }\n  if (!params.acrValues) {\n    // `acr_values` is required and should equal 'urn:okta:2fa:any:ifpossible'\n    // But this can be changed in future\n    throw new AuthSdkError('acr_values must be specified');\n  }\n\n  // `scope`, `nonce` must be omitted\n  delete params.scopes;\n  delete params.nonce;\n\n  return params;\n}\n\n// Prepares params for a call to /authorize\nexport function prepareEnrollAuthenticatorParams(\n  sdk: OktaAuthOAuthInterface,\n  options: EnrollAuthenticatorOptions\n): EnrollAuthenticatorOptions {\n  return prepareParams({\n    ...getDefaultEnrollAuthenticatorParams(sdk),\n    ...options\n  });\n}\n"],"mappings":";;;AAaA;AAEA;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAKA,SAASA,aAAa,CACpBC,MAAkC,EACN;EAC5BA,MAAM,GAAG;IACP,GAAGA,MAAM;IACT;IACAC,YAAY,EAAE,MAAM;IACpBC,MAAM,EAAE,sBAAsB;IAC9BC,MAAM,EAAE;EACV,CAAC;EAED,IAAI,CAACH,MAAM,CAACI,eAAe,EAAE;IAC3B,MAAM,IAAIC,oBAAY,CAAC,qCAAqC,CAAC;EAC/D;EACA,IAAI,CAACL,MAAM,CAACM,SAAS,EAAE;IACrB;IACA;IACA,MAAM,IAAID,oBAAY,CAAC,8BAA8B,CAAC;EACxD;;EAEA;EACA,OAAOL,MAAM,CAACO,MAAM;EACpB,OAAOP,MAAM,CAACQ,KAAK;EAEnB,OAAOR,MAAM;AACf;;AAEA;AACO,SAASS,gCAAgC,CAC9CC,GAA2B,EAC3BC,OAAmC,EACP;EAC5B,OAAOZ,aAAa,CAAC;IACnB,GAAG,IAAAa,qEAAmC,EAACF,GAAG,CAAC;IAC3C,GAAGC;EACL,CAAC,CAAC;AACJ"}

package/cjs/services/AutoRenewService.js

@@ -41,6 +41,16 @@ class AutoRenewService {
     // If tokens sync storage is enabled, handle tokens expiration only in 1 leader tab
     return !!this.options.syncStorage && (0, _features.isBrowser)();
   }
+  processExpiredTokens() {
+    const tokenStorage = this.tokenManager.getStorage();
+    const tokens = tokenStorage.getStorage();
+    Object.keys(tokens).forEach(key => {
+      const token = tokens[key];
+      if (!(0, _types.isRefreshToken)(token) && this.tokenManager.hasExpired(token)) {
+        this.onTokenExpiredHandler(key);
+      }
+    });
+  }
   onTokenExpiredHandler(key) {
     if (this.options.autoRenew) {
       if (this.shouldThrottleRenew()) {
@@ -60,6 +70,11 @@ class AutoRenewService {
     if (this.canStart()) {
       await this.stop();
       this.tokenManager.on(_types.EVENT_EXPIRED, this.onTokenExpiredHandler);
+      if (this.tokenManager.isStarted()) {
+        // If token manager has been already started, we could miss token expire events,
+        //  so need to process expired tokens manually.
+        this.processExpiredTokens();
+      }
       this.started = true;
     }
   }

package/cjs/services/AutoRenewService.js.map

@@ -1 +1 @@
-{"version":3,"file":"AutoRenewService.js","names":["AutoRenewService","constructor","tokenManager","options","renewTimeQueue","onTokenExpiredHandler","bind","shouldThrottleRenew","res","push","Date","now","length","firstTime","shift","lastTime","requiresLeadership","syncStorage","isBrowser","key","autoRenew","error","AuthSdkError","emitError","renew","catch","autoRemove","remove","canStart","start","stop","on","EVENT_EXPIRED","started","off","isStarted"],"sources":["../../../lib/services/AutoRenewService.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../errors';\nimport { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport { EVENT_EXPIRED, TokenManagerInterface } from '../oidc/types';\nimport { isBrowser } from '../features';\n\nexport class AutoRenewService implements ServiceInterface {\n  private tokenManager: TokenManagerInterface;\n  private options: ServiceManagerOptions;\n  private renewTimeQueue: Array<number>;\n  private started = false;\n\n  constructor(tokenManager: TokenManagerInterface, options: ServiceManagerOptions = {}) {\n    this.tokenManager = tokenManager;\n    this.options = options;\n    this.renewTimeQueue = [];\n    this.onTokenExpiredHandler = this.onTokenExpiredHandler.bind(this);\n  }\n  \n  private shouldThrottleRenew(): boolean {\n    let res = false;\n    this.renewTimeQueue.push(Date.now());\n    if (this.renewTimeQueue.length >= 10) {\n      // get and remove first item from queue\n      const firstTime = this.renewTimeQueue.shift() as number;\n      const lastTime = this.renewTimeQueue[this.renewTimeQueue.length - 1];\n      res = (lastTime - firstTime) < 30 * 1000;\n    }\n    return res;\n  }\n\n  requiresLeadership() {\n    // If tokens sync storage is enabled, handle tokens expiration only in 1 leader tab\n    return !!this.options.syncStorage && isBrowser();\n  }\n\n  private onTokenExpiredHandler(key: string) {\n    if (this.options.autoRenew) {\n      if (this.shouldThrottleRenew()) {\n        const error = new AuthSdkError('Too many token renew requests');\n        this.tokenManager.emitError(error);\n      } else {\n        this.tokenManager.renew(key).catch(() => {}); // Renew errors will emit an \"error\" event \n      }\n    } else if (this.options.autoRemove) {\n      this.tokenManager.remove(key);\n    }\n  }\n\n  canStart() {\n    return (!!this.options.autoRenew || !!this.options.autoRemove);\n  }\n\n  async start() {\n    if (this.canStart()) {\n      await this.stop();\n      this.tokenManager.on(EVENT_EXPIRED, this.onTokenExpiredHandler);\n      this.started = true;\n    }\n  }\n\n  async stop() {\n    if (this.started) {\n      this.tokenManager.off(EVENT_EXPIRED, this.onTokenExpiredHandler);\n      this.renewTimeQueue = [];\n      this.started = false;\n    }\n  }\n\n  isStarted() {\n    return this.started;\n  }\n}\n"],"mappings":";;;;;AAaA;AAEA;AACA;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAQO,MAAMA,gBAAgB,CAA6B;EAMxDC,WAAW,CAACC,YAAmC,EAAEC,OAA8B,GAAG,CAAC,CAAC,EAAE;IAAA,+CAFpE,KAAK;IAGrB,IAAI,CAACD,YAAY,GAAGA,YAAY;IAChC,IAAI,CAACC,OAAO,GAAGA,OAAO;IACtB,IAAI,CAACC,cAAc,GAAG,EAAE;IACxB,IAAI,CAACC,qBAAqB,GAAG,IAAI,CAACA,qBAAqB,CAACC,IAAI,CAAC,IAAI,CAAC;EACpE;EAEQC,mBAAmB,GAAY;IACrC,IAAIC,GAAG,GAAG,KAAK;IACf,IAAI,CAACJ,cAAc,CAACK,IAAI,CAACC,IAAI,CAACC,GAAG,EAAE,CAAC;IACpC,IAAI,IAAI,CAACP,cAAc,CAACQ,MAAM,IAAI,EAAE,EAAE;MACpC;MACA,MAAMC,SAAS,GAAG,IAAI,CAACT,cAAc,CAACU,KAAK,EAAY;MACvD,MAAMC,QAAQ,GAAG,IAAI,CAACX,cAAc,CAAC,IAAI,CAACA,cAAc,CAACQ,MAAM,GAAG,CAAC,CAAC;MACpEJ,GAAG,GAAIO,QAAQ,GAAGF,SAAS,GAAI,EAAE,GAAG,IAAI;IAC1C;IACA,OAAOL,GAAG;EACZ;EAEAQ,kBAAkB,GAAG;IACnB;IACA,OAAO,CAAC,CAAC,IAAI,CAACb,OAAO,CAACc,WAAW,IAAI,IAAAC,mBAAS,GAAE;EAClD;EAEQb,qBAAqB,CAACc,GAAW,EAAE;IACzC,IAAI,IAAI,CAAChB,OAAO,CAACiB,SAAS,EAAE;MAC1B,IAAI,IAAI,CAACb,mBAAmB,EAAE,EAAE;QAC9B,MAAMc,KAAK,GAAG,IAAIC,oBAAY,CAAC,+BAA+B,CAAC;QAC/D,IAAI,CAACpB,YAAY,CAACqB,SAAS,CAACF,KAAK,CAAC;MACpC,CAAC,MAAM;QACL,IAAI,CAACnB,YAAY,CAACsB,KAAK,CAACL,GAAG,CAAC,CAACM,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;MAChD;IACF,CAAC,MAAM,IAAI,IAAI,CAACtB,OAAO,CAACuB,UAAU,EAAE;MAClC,IAAI,CAACxB,YAAY,CAACyB,MAAM,CAACR,GAAG,CAAC;IAC/B;EACF;EAEAS,QAAQ,GAAG;IACT,OAAQ,CAAC,CAAC,IAAI,CAACzB,OAAO,CAACiB,SAAS,IAAI,CAAC,CAAC,IAAI,CAACjB,OAAO,CAACuB,UAAU;EAC/D;EAEA,MAAMG,KAAK,GAAG;IACZ,IAAI,IAAI,CAACD,QAAQ,EAAE,EAAE;MACnB,MAAM,IAAI,CAACE,IAAI,EAAE;MACjB,IAAI,CAAC5B,YAAY,CAAC6B,EAAE,CAACC,oBAAa,EAAE,IAAI,CAAC3B,qBAAqB,CAAC;MAC/D,IAAI,CAAC4B,OAAO,GAAG,IAAI;IACrB;EACF;EAEA,MAAMH,IAAI,GAAG;IACX,IAAI,IAAI,CAACG,OAAO,EAAE;MAChB,IAAI,CAAC/B,YAAY,CAACgC,GAAG,CAACF,oBAAa,EAAE,IAAI,CAAC3B,qBAAqB,CAAC;MAChE,IAAI,CAACD,cAAc,GAAG,EAAE;MACxB,IAAI,CAAC6B,OAAO,GAAG,KAAK;IACtB;EACF;EAEAE,SAAS,GAAG;IACV,OAAO,IAAI,CAACF,OAAO;EACrB;AACF;AAAC"}
+{"version":3,"file":"AutoRenewService.js","names":["AutoRenewService","constructor","tokenManager","options","renewTimeQueue","onTokenExpiredHandler","bind","shouldThrottleRenew","res","push","Date","now","length","firstTime","shift","lastTime","requiresLeadership","syncStorage","isBrowser","processExpiredTokens","tokenStorage","getStorage","tokens","Object","keys","forEach","key","token","isRefreshToken","hasExpired","autoRenew","error","AuthSdkError","emitError","renew","catch","autoRemove","remove","canStart","start","stop","on","EVENT_EXPIRED","isStarted","started","off"],"sources":["../../../lib/services/AutoRenewService.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../errors';\nimport { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport { EVENT_EXPIRED, TokenManagerInterface, isRefreshToken } from '../oidc/types';\nimport { isBrowser } from '../features';\n\nexport class AutoRenewService implements ServiceInterface {\n  private tokenManager: TokenManagerInterface;\n  private options: ServiceManagerOptions;\n  private renewTimeQueue: Array<number>;\n  private started = false;\n\n  constructor(tokenManager: TokenManagerInterface, options: ServiceManagerOptions = {}) {\n    this.tokenManager = tokenManager;\n    this.options = options;\n    this.renewTimeQueue = [];\n    this.onTokenExpiredHandler = this.onTokenExpiredHandler.bind(this);\n  }\n  \n  private shouldThrottleRenew(): boolean {\n    let res = false;\n    this.renewTimeQueue.push(Date.now());\n    if (this.renewTimeQueue.length >= 10) {\n      // get and remove first item from queue\n      const firstTime = this.renewTimeQueue.shift() as number;\n      const lastTime = this.renewTimeQueue[this.renewTimeQueue.length - 1];\n      res = (lastTime - firstTime) < 30 * 1000;\n    }\n    return res;\n  }\n\n  requiresLeadership() {\n    // If tokens sync storage is enabled, handle tokens expiration only in 1 leader tab\n    return !!this.options.syncStorage && isBrowser();\n  }\n\n  private processExpiredTokens() {\n    const tokenStorage = this.tokenManager.getStorage();\n    const tokens = tokenStorage.getStorage();\n    Object.keys(tokens).forEach(key => {\n      const token = tokens[key];\n      if (!isRefreshToken(token) && this.tokenManager.hasExpired(token)) {\n        this.onTokenExpiredHandler(key);\n      }\n    });\n  }\n\n  private onTokenExpiredHandler(key: string) {\n    if (this.options.autoRenew) {\n      if (this.shouldThrottleRenew()) {\n        const error = new AuthSdkError('Too many token renew requests');\n        this.tokenManager.emitError(error);\n      } else {\n        this.tokenManager.renew(key).catch(() => {}); // Renew errors will emit an \"error\" event \n      }\n    } else if (this.options.autoRemove) {\n      this.tokenManager.remove(key);\n    }\n  }\n\n  canStart() {\n    return (!!this.options.autoRenew || !!this.options.autoRemove);\n  }\n\n  async start() {\n    if (this.canStart()) {\n      await this.stop();\n      this.tokenManager.on(EVENT_EXPIRED, this.onTokenExpiredHandler);\n      if (this.tokenManager.isStarted()) {\n        // If token manager has been already started, we could miss token expire events,\n        //  so need to process expired tokens manually.\n        this.processExpiredTokens();\n      }\n      this.started = true;\n    }\n  }\n\n  async stop() {\n    if (this.started) {\n      this.tokenManager.off(EVENT_EXPIRED, this.onTokenExpiredHandler);\n      this.renewTimeQueue = [];\n      this.started = false;\n    }\n  }\n\n  isStarted() {\n    return this.started;\n  }\n}\n"],"mappings":";;;;;AAaA;AAEA;AACA;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAQO,MAAMA,gBAAgB,CAA6B;EAMxDC,WAAW,CAACC,YAAmC,EAAEC,OAA8B,GAAG,CAAC,CAAC,EAAE;IAAA,+CAFpE,KAAK;IAGrB,IAAI,CAACD,YAAY,GAAGA,YAAY;IAChC,IAAI,CAACC,OAAO,GAAGA,OAAO;IACtB,IAAI,CAACC,cAAc,GAAG,EAAE;IACxB,IAAI,CAACC,qBAAqB,GAAG,IAAI,CAACA,qBAAqB,CAACC,IAAI,CAAC,IAAI,CAAC;EACpE;EAEQC,mBAAmB,GAAY;IACrC,IAAIC,GAAG,GAAG,KAAK;IACf,IAAI,CAACJ,cAAc,CAACK,IAAI,CAACC,IAAI,CAACC,GAAG,EAAE,CAAC;IACpC,IAAI,IAAI,CAACP,cAAc,CAACQ,MAAM,IAAI,EAAE,EAAE;MACpC;MACA,MAAMC,SAAS,GAAG,IAAI,CAACT,cAAc,CAACU,KAAK,EAAY;MACvD,MAAMC,QAAQ,GAAG,IAAI,CAACX,cAAc,CAAC,IAAI,CAACA,cAAc,CAACQ,MAAM,GAAG,CAAC,CAAC;MACpEJ,GAAG,GAAIO,QAAQ,GAAGF,SAAS,GAAI,EAAE,GAAG,IAAI;IAC1C;IACA,OAAOL,GAAG;EACZ;EAEAQ,kBAAkB,GAAG;IACnB;IACA,OAAO,CAAC,CAAC,IAAI,CAACb,OAAO,CAACc,WAAW,IAAI,IAAAC,mBAAS,GAAE;EAClD;EAEQC,oBAAoB,GAAG;IAC7B,MAAMC,YAAY,GAAG,IAAI,CAAClB,YAAY,CAACmB,UAAU,EAAE;IACnD,MAAMC,MAAM,GAAGF,YAAY,CAACC,UAAU,EAAE;IACxCE,MAAM,CAACC,IAAI,CAACF,MAAM,CAAC,CAACG,OAAO,CAACC,GAAG,IAAI;MACjC,MAAMC,KAAK,GAAGL,MAAM,CAACI,GAAG,CAAC;MACzB,IAAI,CAAC,IAAAE,qBAAc,EAACD,KAAK,CAAC,IAAI,IAAI,CAACzB,YAAY,CAAC2B,UAAU,CAACF,KAAK,CAAC,EAAE;QACjE,IAAI,CAACtB,qBAAqB,CAACqB,GAAG,CAAC;MACjC;IACF,CAAC,CAAC;EACJ;EAEQrB,qBAAqB,CAACqB,GAAW,EAAE;IACzC,IAAI,IAAI,CAACvB,OAAO,CAAC2B,SAAS,EAAE;MAC1B,IAAI,IAAI,CAACvB,mBAAmB,EAAE,EAAE;QAC9B,MAAMwB,KAAK,GAAG,IAAIC,oBAAY,CAAC,+BAA+B,CAAC;QAC/D,IAAI,CAAC9B,YAAY,CAAC+B,SAAS,CAACF,KAAK,CAAC;MACpC,CAAC,MAAM;QACL,IAAI,CAAC7B,YAAY,CAACgC,KAAK,CAACR,GAAG,CAAC,CAACS,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;MAChD;IACF,CAAC,MAAM,IAAI,IAAI,CAAChC,OAAO,CAACiC,UAAU,EAAE;MAClC,IAAI,CAAClC,YAAY,CAACmC,MAAM,CAACX,GAAG,CAAC;IAC/B;EACF;EAEAY,QAAQ,GAAG;IACT,OAAQ,CAAC,CAAC,IAAI,CAACnC,OAAO,CAAC2B,SAAS,IAAI,CAAC,CAAC,IAAI,CAAC3B,OAAO,CAACiC,UAAU;EAC/D;EAEA,MAAMG,KAAK,GAAG;IACZ,IAAI,IAAI,CAACD,QAAQ,EAAE,EAAE;MACnB,MAAM,IAAI,CAACE,IAAI,EAAE;MACjB,IAAI,CAACtC,YAAY,CAACuC,EAAE,CAACC,oBAAa,EAAE,IAAI,CAACrC,qBAAqB,CAAC;MAC/D,IAAI,IAAI,CAACH,YAAY,CAACyC,SAAS,EAAE,EAAE;QACjC;QACA;QACA,IAAI,CAACxB,oBAAoB,EAAE;MAC7B;MACA,IAAI,CAACyB,OAAO,GAAG,IAAI;IACrB;EACF;EAEA,MAAMJ,IAAI,GAAG;IACX,IAAI,IAAI,CAACI,OAAO,EAAE;MAChB,IAAI,CAAC1C,YAAY,CAAC2C,GAAG,CAACH,oBAAa,EAAE,IAAI,CAACrC,qBAAqB,CAAC;MAChE,IAAI,CAACD,cAAc,GAAG,EAAE;MACxB,IAAI,CAACwC,OAAO,GAAG,KAAK;IACtB;EACF;EAEAD,SAAS,GAAG;IACV,OAAO,IAAI,CAACC,OAAO;EACrB;AACF;AAAC"}

package/cjs/util/jsonpath.js

@@ -0,0 +1,13 @@
+"use strict";
+
+exports.jsonpath = jsonpath;
+var _jsonpathPlus = require("jsonpath-plus");
+function jsonpath(options) {
+  // eslint-disable-next-line new-cap
+  return (0, _jsonpathPlus.JSONPath)({
+    // Disable javascript evaluation by default
+    preventEval: true,
+    ...options
+  });
+}
+//# sourceMappingURL=jsonpath.js.map

package/cjs/util/jsonpath.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jsonpath.js","names":["jsonpath","options","JSONPath","preventEval"],"sources":["../../../lib/util/jsonpath.ts"],"sourcesContent":["import { JSONPath, JSONPathOptions } from 'jsonpath-plus';\n\nexport function jsonpath(options: JSONPathOptions): any {\n  // eslint-disable-next-line new-cap\n  return JSONPath({\n    // Disable javascript evaluation by default\n\tpreventEval: true, ...options, });\n}\n"],"mappings":";;;AAAA;AAEO,SAASA,QAAQ,CAACC,OAAwB,EAAO;EACtD;EACA,OAAO,IAAAC,sBAAQ,EAAC;IACd;IACHC,WAAW,EAAE,IAAI;IAAE,GAAGF;EAAS,CAAC,CAAC;AAClC"}