npm - @okta/okta-auth-js - Versions diffs - 7.1.1 → 7.2.0 - Mend

@okta/okta-auth-js 7.1.1 → 7.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (242) hide show

package/CHANGELOG.md +22 -0
package/README.md +93 -36
package/cjs/core/mixin.js +3 -0
package/cjs/core/mixin.js.map +1 -1
package/cjs/core/types/api.js.map +1 -1
package/cjs/http/OktaUserAgent.js +2 -2
package/cjs/idx/IdxTransactionManager.js +0 -4
package/cjs/idx/IdxTransactionManager.js.map +1 -1
package/cjs/idx/factory/OktaAuthIdx.js.map +1 -1
package/cjs/idx/idxState/v1/idxResponseParser.js +2 -3
package/cjs/idx/idxState/v1/idxResponseParser.js.map +1 -1
package/cjs/idx/mixin.js.map +1 -1
package/cjs/idx/types/api.js.map +1 -1
package/cjs/idx/webauthn.js.map +1 -1
package/cjs/myaccount/api.js +11 -0
package/cjs/myaccount/api.js.map +1 -1
package/cjs/myaccount/emailApi.js +7 -7
package/cjs/myaccount/emailApi.js.map +1 -1
package/cjs/myaccount/passwordApi.js +69 -0
package/cjs/myaccount/passwordApi.js.map +1 -0
package/cjs/myaccount/phoneApi.js +6 -6
package/cjs/myaccount/phoneApi.js.map +1 -1
package/cjs/myaccount/profileApi.js +3 -3
package/cjs/myaccount/profileApi.js.map +1 -1
package/cjs/myaccount/request.js +2 -1
package/cjs/myaccount/request.js.map +1 -1
package/cjs/myaccount/transactions/PasswordTransaction.js +81 -0
package/cjs/myaccount/transactions/PasswordTransaction.js.map +1 -0
package/cjs/myaccount/transactions/index.js +7 -0
package/cjs/myaccount/transactions/index.js.map +1 -1
package/cjs/myaccount/types.js +13 -0
package/cjs/myaccount/types.js.map +1 -1
package/cjs/oidc/TokenManager.js +5 -0
package/cjs/oidc/TokenManager.js.map +1 -1
package/cjs/oidc/endpoints/authorize.js +4 -3
package/cjs/oidc/endpoints/authorize.js.map +1 -1
package/cjs/oidc/enrollAuthenticator.js +33 -0
package/cjs/oidc/enrollAuthenticator.js.map +1 -0
package/cjs/oidc/factory/api.js +11 -11
package/cjs/oidc/factory/api.js.map +1 -1
package/cjs/oidc/getWithRedirect.js +5 -1
package/cjs/oidc/getWithRedirect.js.map +1 -1
package/cjs/oidc/handleOAuthResponse.js +3 -2
package/cjs/oidc/handleOAuthResponse.js.map +1 -1
package/cjs/oidc/mixin/index.js +6 -2
package/cjs/oidc/mixin/index.js.map +1 -1
package/cjs/oidc/types/TokenManager.js.map +1 -1
package/cjs/oidc/types/api.js.map +1 -1
package/cjs/oidc/types/endpoints.js +2 -0
package/cjs/oidc/types/endpoints.js.map +1 -0
package/cjs/oidc/types/index.js +11 -0
package/cjs/oidc/types/index.js.map +1 -1
package/cjs/oidc/types/meta.js.map +1 -1
package/cjs/oidc/types/options.js.map +1 -1
package/cjs/oidc/types/proto.js.map +1 -1
package/cjs/oidc/util/defaultEnrollAuthenticatorParams.js +38 -0
package/cjs/oidc/util/defaultEnrollAuthenticatorParams.js.map +1 -0
package/cjs/oidc/util/enrollAuthenticatorMeta.js +23 -0
package/cjs/oidc/util/enrollAuthenticatorMeta.js.map +1 -0
package/cjs/oidc/util/index.js +36 -0
package/cjs/oidc/util/index.js.map +1 -1
package/cjs/oidc/util/prepareEnrollAuthenticatorParams.js +50 -0
package/cjs/oidc/util/prepareEnrollAuthenticatorParams.js.map +1 -0
package/cjs/services/AutoRenewService.js +15 -0
package/cjs/services/AutoRenewService.js.map +1 -1
package/cjs/util/jsonpath.js +13 -0
package/cjs/util/jsonpath.js.map +1 -0
package/dist/okta-auth-js.authn.min.analyzer.html +2 -2
package/dist/okta-auth-js.authn.min.js +1 -1
package/dist/okta-auth-js.authn.min.js.map +1 -1
package/dist/okta-auth-js.core.min.analyzer.html +2 -2
package/dist/okta-auth-js.core.min.js +1 -1
package/dist/okta-auth-js.core.min.js.map +1 -1
package/dist/okta-auth-js.idx.min.analyzer.html +2 -2
package/dist/okta-auth-js.idx.min.js +1 -1
package/dist/okta-auth-js.idx.min.js.map +1 -1
package/dist/okta-auth-js.min.analyzer.html +2 -2
package/dist/okta-auth-js.min.js +1 -1
package/dist/okta-auth-js.min.js.map +1 -1
package/dist/okta-auth-js.myaccount.min.analyzer.html +2 -2
package/dist/okta-auth-js.myaccount.min.js +1 -1
package/dist/okta-auth-js.myaccount.min.js.map +1 -1
package/esm/browser/core/mixin.js +3 -0
package/esm/browser/core/mixin.js.map +1 -1
package/esm/browser/exports/exports/authn.js +4 -1
package/esm/browser/exports/exports/authn.js.map +1 -1
package/esm/browser/exports/exports/core.js +4 -1
package/esm/browser/exports/exports/core.js.map +1 -1
package/esm/browser/exports/exports/default.js +7 -2
package/esm/browser/exports/exports/default.js.map +1 -1
package/esm/browser/exports/exports/idx.js +4 -1
package/esm/browser/exports/exports/idx.js.map +1 -1
package/esm/browser/exports/exports/myaccount.js +7 -2
package/esm/browser/exports/exports/myaccount.js.map +1 -1
package/esm/browser/http/OktaUserAgent.js +2 -2
package/esm/browser/idx/IdxTransactionManager.js +1 -4
package/esm/browser/idx/IdxTransactionManager.js.map +1 -1
package/esm/browser/idx/factory/OktaAuthIdx.js.map +1 -1
package/esm/browser/idx/idxState/v1/idxResponseParser.js +2 -2
package/esm/browser/idx/idxState/v1/idxResponseParser.js.map +1 -1
package/esm/browser/idx/mixin.js.map +1 -1
package/esm/browser/idx/types/api.js.map +1 -1
package/esm/browser/idx/webauthn.js.map +1 -1
package/esm/browser/myaccount/api.js +1 -0
package/esm/browser/myaccount/api.js.map +1 -1
package/esm/browser/myaccount/emailApi.js.map +1 -1
package/esm/browser/myaccount/passwordApi.js +56 -0
package/esm/browser/myaccount/passwordApi.js.map +1 -0
package/esm/browser/myaccount/phoneApi.js.map +1 -1
package/esm/browser/myaccount/profileApi.js.map +1 -1
package/esm/browser/myaccount/request.js +3 -1
package/esm/browser/myaccount/request.js.map +1 -1
package/esm/browser/myaccount/transactions/PasswordTransaction.js +73 -0
package/esm/browser/myaccount/transactions/PasswordTransaction.js.map +1 -0
package/esm/browser/myaccount/types.js +6 -1
package/esm/browser/myaccount/types.js.map +1 -1
package/esm/browser/oidc/TokenManager.js +5 -0
package/esm/browser/oidc/TokenManager.js.map +1 -1
package/esm/browser/oidc/endpoints/authorize.js +3 -2
package/esm/browser/oidc/endpoints/authorize.js.map +1 -1
package/esm/browser/oidc/enrollAuthenticator.js +36 -0
package/esm/browser/oidc/enrollAuthenticator.js.map +1 -0
package/esm/browser/oidc/factory/api.js +10 -12
package/esm/browser/oidc/factory/api.js.map +1 -1
package/esm/browser/oidc/getWithRedirect.js +6 -1
package/esm/browser/oidc/getWithRedirect.js.map +1 -1
package/esm/browser/oidc/handleOAuthResponse.js +3 -2
package/esm/browser/oidc/handleOAuthResponse.js.map +1 -1
package/esm/browser/oidc/mixin/index.js +6 -3
package/esm/browser/oidc/mixin/index.js.map +1 -1
package/esm/browser/oidc/types/TokenManager.js.map +1 -1
package/esm/browser/oidc/util/defaultEnrollAuthenticatorParams.js +31 -0
package/esm/browser/oidc/util/defaultEnrollAuthenticatorParams.js.map +1 -0
package/esm/browser/oidc/util/enrollAuthenticatorMeta.js +33 -0
package/esm/browser/oidc/util/enrollAuthenticatorMeta.js.map +1 -0
package/esm/browser/oidc/util/prepareEnrollAuthenticatorParams.js +34 -0
package/esm/browser/oidc/util/prepareEnrollAuthenticatorParams.js.map +1 -0
package/esm/browser/package.json +1 -1
package/esm/browser/services/AutoRenewService.js +14 -0
package/esm/browser/services/AutoRenewService.js.map +1 -1
package/esm/browser/util/jsonpath.js +21 -0
package/esm/browser/util/jsonpath.js.map +1 -0
package/esm/node/core/mixin.js +3 -0
package/esm/node/core/mixin.js.map +1 -1
package/esm/node/exports/exports/authn.js +4 -1
package/esm/node/exports/exports/authn.js.map +1 -1
package/esm/node/exports/exports/core.js +4 -1
package/esm/node/exports/exports/core.js.map +1 -1
package/esm/node/exports/exports/default.js +7 -2
package/esm/node/exports/exports/default.js.map +1 -1
package/esm/node/exports/exports/idx.js +4 -1
package/esm/node/exports/exports/idx.js.map +1 -1
package/esm/node/exports/exports/myaccount.js +7 -2
package/esm/node/exports/exports/myaccount.js.map +1 -1
package/esm/node/http/OktaUserAgent.js +2 -2
package/esm/node/idx/IdxTransactionManager.js +1 -4
package/esm/node/idx/IdxTransactionManager.js.map +1 -1
package/esm/node/idx/factory/OktaAuthIdx.js.map +1 -1
package/esm/node/idx/idxState/v1/idxResponseParser.js +2 -2
package/esm/node/idx/idxState/v1/idxResponseParser.js.map +1 -1
package/esm/node/idx/mixin.js.map +1 -1
package/esm/node/idx/types/api.js.map +1 -1
package/esm/node/idx/webauthn.js.map +1 -1
package/esm/node/myaccount/api.js +1 -0
package/esm/node/myaccount/api.js.map +1 -1
package/esm/node/myaccount/emailApi.js.map +1 -1
package/esm/node/myaccount/passwordApi.js +56 -0
package/esm/node/myaccount/passwordApi.js.map +1 -0
package/esm/node/myaccount/phoneApi.js.map +1 -1
package/esm/node/myaccount/profileApi.js.map +1 -1
package/esm/node/myaccount/request.js +3 -1
package/esm/node/myaccount/request.js.map +1 -1
package/esm/node/myaccount/transactions/PasswordTransaction.js +73 -0
package/esm/node/myaccount/transactions/PasswordTransaction.js.map +1 -0
package/esm/node/myaccount/types.js +6 -1
package/esm/node/myaccount/types.js.map +1 -1
package/esm/node/oidc/TokenManager.js +5 -0
package/esm/node/oidc/TokenManager.js.map +1 -1
package/esm/node/oidc/endpoints/authorize.js +3 -2
package/esm/node/oidc/endpoints/authorize.js.map +1 -1
package/esm/node/oidc/enrollAuthenticator.js +37 -0
package/esm/node/oidc/enrollAuthenticator.js.map +1 -0
package/esm/node/oidc/factory/api.js +10 -12
package/esm/node/oidc/factory/api.js.map +1 -1
package/esm/node/oidc/getWithRedirect.js +6 -1
package/esm/node/oidc/getWithRedirect.js.map +1 -1
package/esm/node/oidc/handleOAuthResponse.js +3 -2
package/esm/node/oidc/handleOAuthResponse.js.map +1 -1
package/esm/node/oidc/mixin/index.js +6 -3
package/esm/node/oidc/mixin/index.js.map +1 -1
package/esm/node/oidc/types/TokenManager.js.map +1 -1
package/esm/node/oidc/util/defaultEnrollAuthenticatorParams.js +31 -0
package/esm/node/oidc/util/defaultEnrollAuthenticatorParams.js.map +1 -0
package/esm/node/oidc/util/enrollAuthenticatorMeta.js +33 -0
package/esm/node/oidc/util/enrollAuthenticatorMeta.js.map +1 -0
package/esm/node/oidc/util/prepareEnrollAuthenticatorParams.js +34 -0
package/esm/node/oidc/util/prepareEnrollAuthenticatorParams.js.map +1 -0
package/esm/node/package.json +1 -1
package/esm/node/util/jsonpath.js +21 -0
package/esm/node/util/jsonpath.js.map +1 -0
package/package.json +5 -5
package/types/lib/core/types/api.d.ts +1 -0
package/types/lib/exports/default.d.ts +1 -1
package/types/lib/exports/idx.d.ts +1 -1
package/types/lib/idx/factory/OktaAuthIdx.d.ts +3 -3
package/types/lib/idx/mixin.d.ts +2 -2
package/types/lib/idx/types/api.d.ts +13 -1
package/types/lib/idx/webauthn.d.ts +1 -7
package/types/lib/myaccount/api.d.ts +1 -0
package/types/lib/myaccount/emailApi.d.ts +7 -7
package/types/lib/myaccount/passwordApi.d.ts +17 -0
package/types/lib/myaccount/phoneApi.d.ts +6 -6
package/types/lib/myaccount/profileApi.d.ts +3 -3
package/types/lib/myaccount/transactions/PasswordTransaction.d.ts +13 -0
package/types/lib/myaccount/transactions/index.d.ts +1 -0
package/types/lib/myaccount/types.d.ts +17 -2
package/types/lib/oidc/TokenManager.d.ts +1 -0
package/types/lib/oidc/enrollAuthenticator.d.ts +14 -0
package/types/lib/oidc/factory/api.d.ts +2 -1
package/types/lib/oidc/types/TokenManager.d.ts +1 -0
package/types/lib/oidc/types/api.d.ts +5 -4
package/types/lib/oidc/types/endpoints.d.ts +18 -0
package/types/lib/oidc/types/index.d.ts +1 -0
package/types/lib/oidc/types/meta.d.ts +1 -1
package/types/lib/oidc/types/options.d.ts +6 -1
package/types/lib/oidc/types/proto.d.ts +1 -0
package/types/lib/oidc/util/defaultEnrollAuthenticatorParams.d.ts +2 -0
package/types/lib/oidc/util/enrollAuthenticatorMeta.d.ts +2 -0
package/types/lib/oidc/util/index.d.ts +3 -0
package/types/lib/oidc/util/prepareEnrollAuthenticatorParams.d.ts +2 -0
package/types/lib/services/AutoRenewService.d.ts +1 -0
package/types/lib/util/jsonpath.d.ts +2 -0
package/umd/authn.js +1 -1
package/umd/authn.js.map +1 -1
package/umd/core.js +1 -1
package/umd/core.js.map +1 -1
package/umd/default.js +1 -1
package/umd/default.js.map +1 -1
package/umd/idx.js +1 -1
package/umd/idx.js.map +1 -1
package/umd/myaccount.js +1 -1
package/umd/myaccount.js.map +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1,11 +1,33 @@
 # Changelog
+## 7.2.0
+### Features
+- [#1333](https://github.com/okta/okta-auth-js/pull/1333) Adds support for MyAccount API password methods
+- [#1324](https://github.com/okta/okta-auth-js/pull/1324) Adds `endpoints.authorize.enrollAuthenticator`. Adds `handleRedirect` and deprecates `handleLoginRedirect`.
+### Fixes
+- [#1354](https://github.com/okta/okta-auth-js/pull/1354) Fixes token auto renew if token has expired before `AutoRenewService` start
+- [#1359](https://github.com/okta/okta-auth-js/pull/1359) IDX: removes statehandle check when load saved idxResponse
 ## 7.1.1
 ### Fixes
 - [#1355](https://github.com/okta/okta-auth-js/pull/1355) Adds missing type `currentAuthenticatorEnrollment` to `IdxContext`
+## 7.1.0
+### Features
+- [#1343](https://github.com/okta/okta-auth-js/pull/1343) Supports Step Up MFA against `/authorize` and `/interact` endpoints
+# Other
+- [#1342](https://github.com/okta/okta-auth-js/pull/1342) - fixes possible RCE in jsonpath-plus
 ## 7.0.2
 ### Fixes

package/README.md CHANGED Viewed

@@ -225,7 +225,7 @@ var authClient = new OktaAuth(config);
 ### Running as a service
-By default, creating a new instance of `OktaAuth` will not create any asynchronous side-effects. However, certain features such as [token auto renew](#autorenew), [token auto remove](#autoremove) and [cross-tab synchronization](#syncstorage) require `OktaAuth` to be running as a service. This means timeouts are set in the background which will continue working until the service is stopped.  To start the `OktaAuth` service, simply call the `start` method right after creation and before calling other methods like [handleLoginRedirect](#handleloginredirecttokens). To terminate all background processes, call `stop`. See [Service Configuration](#services) for more info.
+By default, creating a new instance of `OktaAuth` will not create any asynchronous side-effects. However, certain features such as [token auto renew](#autorenew), [token auto remove](#autoremove) and [cross-tab synchronization](#syncstorage) require `OktaAuth` to be running as a service. This means timeouts are set in the background which will continue working until the service is stopped.  To start the `OktaAuth` service, simply call the `start` method right after creation and before calling other methods like [handleRedirect](#handleredirectoriginaluri). To terminate all background processes, call `stop`. See [Service Configuration](#services) for more info.
 ```javascript
   var authClient = new OktaAuth(config);
@@ -536,7 +536,7 @@ oktaAuth.authStateManager.updateAuthState();
 > :link: web browser only <br>
-Callback function. When [sdk.handleLoginRedirect](#handleloginredirecttokens) is called, by default it uses `window.location.replace` to redirect back to the [originalUri](#setoriginaluriuri). This option overrides the default behavior.
+Callback function. When [sdk.handleRedirect](#handleredirectoriginaluri) is called, by default it uses `window.location.replace` to redirect back to the [originalUri](#setoriginaluriuri). This option overrides the default behavior.
 ```javascript
 const config = {
@@ -552,7 +552,7 @@ const config = {
 const oktaAuth = new OktaAuth(config);
 if (oktaAuth.isLoginRedirect()) {
   try {
-    await oktaAuth.handleLoginRedirect();
+    await oktaAuth.handleRedirect();
   } catch (e) {
     // log or display error details
   }
@@ -891,7 +891,8 @@ This is accomplished by selecting a single tab to handle the network requests to
 * [getOriginalUri](#getoriginaluristate)
 * [removeOriginalUri](#removeoriginaluri)
 * [isLoginRedirect](#isloginredirect)
-* [handleLoginRedirect](#handleloginredirecttokens)
+* [handleLoginRedirect](#handleloginredirecttokens-originaluri)
+* [handleRedirect](#handleredirectoriginaluri)
 * [setHeaders](#setheaders)
 * [tx.resume](#txresume)
 * [tx.exists](#txexists)
@@ -903,6 +904,8 @@ This is accomplished by selecting a single tab to handle the network requests to
   * [session.refresh](#sessionrefresh)
 * [idx](#idx)
 * [myaccount](#myaccount)
+* [endpoints](#endpoints)
+  * [endpoints.autorize.enrollAuthenticator](#endpointsauthorizeenrollauthenticatoroptions)
 * [token](#token)
   * [token.getWithoutPrompt](#tokengetwithoutpromptoptions)
   * [token.getWithPopup](#tokengetwithpopupoptions)
@@ -966,7 +969,7 @@ You can use [storeTokensFromRedirect](#storetokensfromredirect) to store tokens
 ```javascript
 if (authClient.isLoginRedirect()) {
   try {
-    await authClient.handleLoginRedirect();
+    await authClient.handleRedirect();
   } catch (e) {
     // log or display error details
   }
@@ -1174,7 +1177,7 @@ Check `window.location` to verify if the app is in OAuth callback state or not.
 if (authClient.isLoginRedirect()) {
   // callback flow
   try {
-    await authClient.handleLoginRedirect();
+    await authClient.handleRedirect();
   } catch (e) {
     // log or display error details
   }
@@ -1186,12 +1189,23 @@ if (authClient.isLoginRedirect()) {
 ### `handleLoginRedirect(tokens?, originalUri?)`
 > :link: web browser only <br>
-> :hourglass: async
+> :hourglass: async <br>
+> :warning: Deprecated, this method could be removed in next major release, use [sdk.handleRedirect](#handleredirectoriginaluri) instead.
 Stores passed in tokens or tokens from redirect url into storage, then redirect users back to the [originalUri](#setoriginaluriuri). When using `PKCE` authorization code flow, this method also exchanges authorization code for tokens. By default it calls `window.location.replace` for the redirection. The default behavior can be overrided by providing [options.restoreOriginalUri](#configuration-options). By default, [originalUri](#getoriginaluristate) will be retrieved from storage, but this can be overridden by passing a value fro `originalUri` to this function in the 2nd parameter.
 > **Note:** `handleLoginRedirect` throws `OAuthError` or `AuthSdkError` in case there are errors during token retrieval.
+### `handleRedirect(originalUri?)`
+> :link: web browser only <br>
+> :hourglass: async
+Handle a redirect to the configured [redirectUri](#configuration-options) that happens on the end of [login](#signInWithRedirectoptions) flow, [enroll authenticator](#endpointsauthorizeenrollauthenticatoroptions) flow or on an error.
+Stores tokens from redirect url into storage (for login flow), then redirect users back to the [originalUri](#setoriginaluriuri). When using `PKCE` authorization code flow, this method also exchanges authorization code for tokens. By default it calls `window.location.replace` for the redirection. The default behavior can be overrided by providing [options.restoreOriginalUri](#configuration-options). By default, [originalUri](#getoriginaluristate) will be retrieved from storage, but this can be overridden by specifying `originalUri` in the first parameter to this function.
+> **Note:** `handleRedirect` throws `OAuthError` or `AuthSdkError` in case there are errors during token retrieval or authenticator enrollment.
 ### `setHeaders()`
 Can set (or unset) request headers after construction.
@@ -1238,7 +1252,7 @@ See [authn API](docs/authn.md#sessionsetcookieandredirectsessiontoken-redirectur
 #### `session.exists()`
 > :link: web browser only <br>
-> :warning: This method requires access to [third party cookies] <br>(#third-party-cookies)
+> :warning: This method requires access to [third party cookies](#third-party-cookies) <br>
 > :hourglass: async
 Returns a promise that resolves with `true` if there is an existing Okta [session](https://developer.okta.com/docs/api/resources/sessions#example), or `false` if not.
@@ -1257,7 +1271,7 @@ authClient.session.exists()
 #### `session.get()`
 > :link: web browser only <br>
-> :warning: This method requires access to [third party cookies] <br>(#third-party-cookies)
+> :warning: This method requires access to [third party cookies](#third-party-cookies) <br>
 > :hourglass: async
 Gets the active [session](https://developer.okta.com/docs/api/resources/sessions#example).
@@ -1275,7 +1289,7 @@ authClient.session.get()
 #### `session.refresh()`
 > :link: web browser only <br>
-> :warning: This method requires access to [third party cookies] <br>(#third-party-cookies)
+> :warning: This method requires access to [third party cookies](#third-party-cookies) <br>
 > :hourglass: async
 Refresh the current session by extending its lifetime. This can be used as a keep-alive operation.
@@ -1298,8 +1312,7 @@ See detail in [IDX README](docs/idx.md)
 See detail in [MyAccount API README](docs/myaccount/README.md)
-### `token`
+### `endpoints`
 #### Authorize options
@@ -1315,39 +1328,71 @@ The following configuration options can be included in `token.getWithoutPrompt`,
 | `idp` | Identity provider to use if there is no Okta Session. |
 | `idpScope` | A space delimited list of scopes to be provided to the Social Identity Provider when performing [Social Login][social-login] These scopes are used in addition to the scopes already configured on the Identity Provider. |
 | `display` | The display parameter to be passed to the Social Identity Provider when performing [Social Login][social-login]. |
-| `prompt` | Determines whether the Okta login will be displayed on failure. Use `none` to prevent this behavior. Valid values: `none`, `consent`, `login`, or `consent login`. See [Parameter details](https://developer.okta.com/docs/reference/api/oidc/#parameter-details) for more information. |
+| `prompt` | Determines whether the Okta login will be displayed on failure. Use `none` to prevent this behavior. Valid values: `none`, `consent`, `login`, or `consent login`. See [Parameter details](https://developer.okta.com/docs/reference/api/oidc/#parameter-details) for more information.  Special value `enroll_authenticator` is used for [enrollAuthenticator](#endpointsauthorizeenrollauthenticatoroptions). |
 | `maxAge` | Allowable elapsed time, in seconds, since the last time the end user was actively authenticated by Okta. |
 | `acrValues` | [[EA][early-access]] Optional parameter to increase the level of user assurance. See [Predefined ACR values](https://developer.okta.com/docs/guides/step-up-authentication/main/#predefined-parameter-values) for more information. |
+| `enrollAmrValues` | [[EA][early-access]] List of [authentication methods](https://self-issued.info/docs/draft-jones-oauth-amr-values-00.html) used to enroll authenticators with [enrollAuthenticator](#endpointsauthorizeenrollauthenticatoroptions). See [Parameter details](https://developer.okta.com/docs/reference/api/oidc/#parameter-details) for more information. |
 | `loginHint` | A username to prepopulate if prompting for authentication. |
 For more details, see Okta's [Authorize Request API](https://developer.okta.com/docs/api/resources/oidc#request-parameters).
+#### `endpoints.authorize.enrollAuthenticator(options)`
+> :link: web browser only <br>
+> [Early Access][early-access]
+Enroll authenticators using a redirect to [authorizeUrl](#authorizeurl) with special parameters. After a successful enrollment, the browser will be redirected to the configured [redirectUri](#configuration-options). You can use [sdk.handleRedirect](#handleredirectoriginaluri) to handle the redirect on successful enrollment or an error.
+* `options` - See [Authorize options](#authorize-options)
+  Options that will be omitted: `scopes`, `nonce`.
+  Options that will be overridden: `responseType: 'none', prompt: 'enroll_authenticator'`.
+  Required options:
+  * `enrollAmrValues` - list of [authentication methods](https://self-issued.info/docs/draft-jones-oauth-amr-values-00.html) to allow the user to enroll in.
+    List of AMR values:
+    | AMR Value     | Authenticator        |
+    | ------------- | -------------------- |
+    | `pwd`         | Okta Password        |
+    | `kba`         | Security question    |
+    | `email`       | Okta Email           |
+    | `sms`         | SMS                  |
+    | `tel`         | Voice call           |
+    | `duo`         | DUO                  |
+    | `symantec`    | Symantec VIP         |
+    | `google_otp`  | Google Authenticator |
+    | `okta_verify` | Okta Verify          |
+    | `swk`         | Custom App           |
+    | `pop`         | WebAuthn             |
+    | `oath_otp`    | On-Prem MFA          |
+    | `rsa`         | RSA SecurID          |
+    | `yubikey`     | Yubikey              |
+    | `otp`         | Custom HOTP          |
+    | `fed`         | External IdP         |
+    | `sc` + `swk`  | SmartCard/PIV        |
+  See [enroll_amr_values parameter details](https://developer.okta.com/docs/reference/api/oidc/#request-parameters) for more information.
+  * `acrValues` - must be `urn:okta:2fa:any:ifpossible`, which means the user is prompted for at least one factor before enrollment.
 ##### Example
 ```javascript
-authClient.token.getWithoutPrompt({
-  sessionToken: '00p8RhRDCh_8NxIin-wtF5M6ofFtRhfKWGBAbd2WmE',
-  scopes: [
-    'openid',
-    'email',
-    'profile'
-  ],
-  state: '8rFzn3MH5q',
-  nonce: '51GePTswrm',
-  // Use a custom IdP for social authentication
-  idp: '0oa62b57p7c8PaGpU0h7'
- })
-.then(function(res) {
-  var tokens = res.tokens;
-  // Do something with tokens, such as
-  authClient.tokenManager.setTokens(tokens);
-})
-.catch(function(err) {
-  // handle OAuthError or AuthSdkError
-});
+try {
+  authClient.endpoints.authorize.enrollAuthenticator({
+    enrollAmrValues: ['okta_verify'],
+    acrValues: 'urn:okta:2fa:any:ifpossible'
+  })
+} catch(err) {
+  // handle AuthSdkError
+}
 ```
+### `token`
 #### `token.getWithoutPrompt(options)`
 > :link: web browser only <br>
@@ -1358,11 +1403,22 @@ When you've obtained a sessionToken from the authorization flows, or a session a
 * `options` - See [Authorize options](#authorize-options)
+##### Example
 ```javascript
 authClient.token.getWithoutPrompt({
   responseType: 'id_token', // or array of types
   sessionToken: 'testSessionToken' // optional if the user has an existing Okta session
-})
+  scopes: [
+    'openid',
+    'email',
+    'profile'
+  ],
+  state: '8rFzn3MH5q',
+  nonce: '51GePTswrm',
+  // Use a custom IdP for social authentication
+  idp: '0oa62b57p7c8PaGpU0h7'
+ })
 .then(function(res) {
   var tokens = res.tokens;
@@ -1492,7 +1548,7 @@ console.log(decodedToken.header, decodedToken.payload, decodedToken.signature);
 #### `token.renew(tokenToRenew)`
-> :warning: This method requires access to [third party cookies](#third-party-cookies)
+> :warning: This method requires access to [third party cookies](#third-party-cookies) <br>
 > :hourglass: async
 Returns a new token if the Okta [session](https://developer.okta.com/docs/api/resources/sessions#example) is still valid.
@@ -1597,6 +1653,7 @@ Returns a `TokenParams` object. If `PKCE` is enabled, this object will contain v
 Used internally to perform the final step of the `PKCE` authorization code flow. Accepts a `TokenParams` object which should contain a `codeVerifier` and an `authorizationCode`.
 ### `tokenManager` API
 #### `tokenManager.add(key, token)`

package/cjs/core/mixin.js CHANGED Viewed

@@ -28,6 +28,9 @@ function mixinCore(Base) {
       this.tokenManager.stop();
       await this.serviceManager.stop();
     }
+    async handleRedirect(originalUri) {
+      await this.handleLoginRedirect(undefined, originalUri);
+    }
     // eslint-disable-next-line complexity
     async handleLoginRedirect(tokens, originalUri) {

package/cjs/core/mixin.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"mixin.js","names":["mixinCore","Base","OktaAuthCore","constructor","args","authStateManager","AuthStateManager","serviceManager","ServiceManager","options","services","start","tokenManager","token","isLoginRedirect","updateAuthState","stop","handleLoginRedirect","~~tokens~~","~~originalUri~~","state","setTokens","getOriginalUri","oAuthResponse","parseOAuthResponseFromUrl","storeTokensFromRedirect","e","removeOriginalUri","restoreOriginalUri","window","location","replace"],"sources":["../../../lib/core/mixin.ts"],"sourcesContent":["import { parseOAuthResponseFromUrl } from '../oidc/parseFromUrl';\nimport { OktaAuthConstructor } from '../base/types';\nimport {\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n PKCETransactionMeta,\n Tokens,\n TransactionManagerInterface,\n} from '../oidc/types';\nimport { AuthStateManager } from './AuthStateManager';\nimport { ServiceManager } from './ServiceManager';\nimport { OktaAuthCoreInterface, OktaAuthCoreOptions } from './types';\n\nexport function mixinCore\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions = OktaAuthCoreOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n = OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n>\n(Base: TBase): TBase & OktaAuthConstructor<OktaAuthCoreInterface<M, S, O, TM>>\n{\n return class OktaAuthCore extends Base implements OktaAuthCoreInterface<M, S, O, TM>\n {\n authStateManager: AuthStateManager<M, S, O>;\n serviceManager: ServiceManager<M, S, O>;\n \n constructor(...args: any[]) {\n super(...args);\n\n // AuthStateManager\n this.authStateManager = new AuthStateManager<M, S, O>(this);\n\n // ServiceManager\n this.serviceManager = new ServiceManager<M, S, O>(this, this.options.services);\n }\n\n async start() {\n await this.serviceManager.start();\n // TODO: review tokenManager.start\n this.tokenManager.start();\n if (!this.token.isLoginRedirect()) {\n await this.authStateManager.updateAuthState();\n }\n }\n \n async stop() {\n // TODO: review tokenManager.stop\n this.tokenManager.stop();\n await this.serviceManager.stop();\n }\n\n // eslint-disable-next-line complexity\n async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n let state = this.options.state;\n \n // Store tokens and update AuthState by the emitted events\n if (tokens) {\n this.tokenManager.setTokens(tokens);\n originalUri = originalUri \|\| this.getOriginalUri(this.options.state);\n } else if (this.isLoginRedirect()) {\n try {\n // For redirect flow, get state from the URL and use it to retrieve the originalUri\n const oAuthResponse = await parseOAuthResponseFromUrl(this, {});\n state = oAuthResponse.state;\n originalUri = originalUri \|\| this.getOriginalUri(state);\n await this.storeTokensFromRedirect();\n } catch(e) {\n // auth state should be updated\n await this.authStateManager.updateAuthState();\n throw e;\n }\n } else {\n return; // nothing to do\n }\n \n // ensure auth state has been updated\n await this.authStateManager.updateAuthState();\n \n // clear originalUri from storage\n this.removeOriginalUri(state);\n \n // Redirect to originalUri\n const { restoreOriginalUri } = this.options;\n if (restoreOriginalUri) {\n await restoreOriginalUri(this, originalUri);\n } else if (originalUri) {\n window.location.replace(originalUri);\n }\n }\n };\n}\n"],"mappings":";;;AAAA;AAUA;AACA;AAGO,SAASA,SAAS,CASxBC,IAAW,EACZ;EACE,OAAO,MAAMC,YAAY,SAASD,IAAI,CACtC;IAIEE,WAAW,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAGA,IAAI,CAAC;;MAEd;MACA,IAAI,CAACC,gBAAgB,GAAG,IAAIC,kCAAgB,CAAU,IAAI,CAAC;;MAE3D;MACA,IAAI,CAACC,cAAc,GAAG,IAAIC,8BAAc,CAAU,IAAI,EAAE,IAAI,CAACC,OAAO,CAACC,QAAQ,CAAC;IAChF;IAEA,MAAMC,KAAK,GAAG;MACZ,MAAM,IAAI,CAACJ,cAAc,CAACI,KAAK,EAAE;MACjC;MACA,IAAI,CAACC,YAAY,CAACD,KAAK,EAAE;MACzB,IAAI,CAAC,IAAI,CAACE,KAAK,CAACC,eAAe,EAAE,EAAE;QACjC,MAAM,IAAI,CAACT,gBAAgB,CAACU,eAAe,EAAE;MAC/C;IACF;IAEA,MAAMC,IAAI,GAAG;MACX;MACA,IAAI,CAACJ,YAAY,CAACI,IAAI,EAAE;MACxB,MAAM,IAAI,CAACT,cAAc,CAACS,IAAI,EAAE;IAClC;;IAEA;IACA,MAAMC,mBAAmB,~~CAACC~~,MAAe,~~EAAEC~~,WAAoB,EAAiB;MAC9E,~~IAAIC~~,KAAK,GAAG,IAAI,~~CAACX~~,OAAO,~~CAACW~~,KAAK;;MAE9B;MACA,~~IAAIF~~,MAAM,EAAE;QACV,IAAI,~~CAACN~~,YAAY,~~CAACS~~,SAAS,~~CAACH~~,MAAM,CAAC;~~QACnCC~~,WAAW,GAAGA,WAAW,IAAI,IAAI,~~CAACG~~,cAAc,CAAC,IAAI,~~CAACb~~,OAAO,~~CAACW~~,KAAK,CAAC;MACtE,CAAC,MAAM,IAAI,IAAI,~~CAACN~~,eAAe,EAAE,EAAE;QACjC,IAAI;UACF;UACA,~~MAAMS~~,aAAa,GAAG,MAAM,IAAAC,uCAAyB,EAAC,IAAI,EAAE,CAAC,CAAC,CAAC;UAC/DJ,KAAK,GAAGG,aAAa,CAACH,KAAK;~~UAC3BD~~,WAAW,GAAGA,WAAW,IAAI,IAAI,~~CAACG~~,cAAc,CAACF,KAAK,CAAC;UACvD,MAAM,IAAI,CAACK,uBAAuB,EAAE;QACtC,CAAC,CAAC,OAAMC,CAAC,EAAE;UACT;UACA,MAAM,IAAI,~~CAACrB~~,gBAAgB,CAACU,eAAe,EAAE;UAC7C,~~MAAMW~~,CAAC;QACT;MACF,CAAC,MAAM;QACL,OAAO,CAAC;MACV;;MAEA;MACA,MAAM,IAAI,~~CAACrB~~,gBAAgB,CAACU,eAAe,EAAE;;MAE7C;MACA,IAAI,~~CAACY~~,iBAAiB,CAACP,KAAK,CAAC;;MAE7B;MACA,MAAM;QAAEQ;MAAmB,CAAC,GAAG,IAAI,~~CAACnB~~,OAAO;MAC3C,~~IAAImB~~,kBAAkB,EAAE;QACtB,MAAMA,kBAAkB,CAAC,IAAI,~~EAAET~~,WAAW,CAAC;MAC7C,CAAC,MAAM,IAAIA,WAAW,EAAE;~~QACtBU~~,MAAM,CAACC,QAAQ,CAACC,OAAO,~~CAACZ~~,WAAW,CAAC;MACtC;IACF;EACF,CAAC;AACH"}
1	+ {"version":3,"file":"mixin.js","names":["mixinCore","Base","OktaAuthCore","constructor","args","authStateManager","AuthStateManager","serviceManager","ServiceManager","options","services","start","tokenManager","token","isLoginRedirect","updateAuthState","stop","handleRedirect","originalUri","handleLoginRedirect","undefined","tokens","state","setTokens","getOriginalUri","oAuthResponse","parseOAuthResponseFromUrl","storeTokensFromRedirect","e","removeOriginalUri","restoreOriginalUri","window","location","replace"],"sources":["../../../lib/core/mixin.ts"],"sourcesContent":["import { parseOAuthResponseFromUrl } from '../oidc/parseFromUrl';\nimport { OktaAuthConstructor } from '../base/types';\nimport {\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n PKCETransactionMeta,\n Tokens,\n TransactionManagerInterface,\n} from '../oidc/types';\nimport { AuthStateManager } from './AuthStateManager';\nimport { ServiceManager } from './ServiceManager';\nimport { OktaAuthCoreInterface, OktaAuthCoreOptions } from './types';\n\nexport function mixinCore\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions = OktaAuthCoreOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n = OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n>\n(Base: TBase): TBase & OktaAuthConstructor<OktaAuthCoreInterface<M, S, O, TM>>\n{\n return class OktaAuthCore extends Base implements OktaAuthCoreInterface<M, S, O, TM>\n {\n authStateManager: AuthStateManager<M, S, O>;\n serviceManager: ServiceManager<M, S, O>;\n \n constructor(...args: any[]) {\n super(...args);\n\n // AuthStateManager\n this.authStateManager = new AuthStateManager<M, S, O>(this);\n\n // ServiceManager\n this.serviceManager = new ServiceManager<M, S, O>(this, this.options.services);\n }\n\n async start() {\n await this.serviceManager.start();\n // TODO: review tokenManager.start\n this.tokenManager.start();\n if (!this.token.isLoginRedirect()) {\n await this.authStateManager.updateAuthState();\n }\n }\n \n async stop() {\n // TODO: review tokenManager.stop\n this.tokenManager.stop();\n await this.serviceManager.stop();\n }\n\n async handleRedirect(originalUri?: string): Promise<void> {\n await this.handleLoginRedirect(undefined, originalUri);\n }\n\n // eslint-disable-next-line complexity\n async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n let state = this.options.state;\n \n // Store tokens and update AuthState by the emitted events\n if (tokens) {\n this.tokenManager.setTokens(tokens);\n originalUri = originalUri \|\| this.getOriginalUri(this.options.state);\n } else if (this.isLoginRedirect()) {\n try {\n // For redirect flow, get state from the URL and use it to retrieve the originalUri\n const oAuthResponse = await parseOAuthResponseFromUrl(this, {});\n state = oAuthResponse.state;\n originalUri = originalUri \|\| this.getOriginalUri(state);\n await this.storeTokensFromRedirect();\n } catch(e) {\n // auth state should be updated\n await this.authStateManager.updateAuthState();\n throw e;\n }\n } else {\n return; // nothing to do\n }\n \n // ensure auth state has been updated\n await this.authStateManager.updateAuthState();\n \n // clear originalUri from storage\n this.removeOriginalUri(state);\n \n // Redirect to originalUri\n const { restoreOriginalUri } = this.options;\n if (restoreOriginalUri) {\n await restoreOriginalUri(this, originalUri);\n } else if (originalUri) {\n window.location.replace(originalUri);\n }\n }\n };\n}\n"],"mappings":";;;AAAA;AAUA;AACA;AAGO,SAASA,SAAS,CASxBC,IAAW,EACZ;EACE,OAAO,MAAMC,YAAY,SAASD,IAAI,CACtC;IAIEE,WAAW,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAGA,IAAI,CAAC;;MAEd;MACA,IAAI,CAACC,gBAAgB,GAAG,IAAIC,kCAAgB,CAAU,IAAI,CAAC;;MAE3D;MACA,IAAI,CAACC,cAAc,GAAG,IAAIC,8BAAc,CAAU,IAAI,EAAE,IAAI,CAACC,OAAO,CAACC,QAAQ,CAAC;IAChF;IAEA,MAAMC,KAAK,GAAG;MACZ,MAAM,IAAI,CAACJ,cAAc,CAACI,KAAK,EAAE;MACjC;MACA,IAAI,CAACC,YAAY,CAACD,KAAK,EAAE;MACzB,IAAI,CAAC,IAAI,CAACE,KAAK,CAACC,eAAe,EAAE,EAAE;QACjC,MAAM,IAAI,CAACT,gBAAgB,CAACU,eAAe,EAAE;MAC/C;IACF;IAEA,MAAMC,IAAI,GAAG;MACX;MACA,IAAI,CAACJ,YAAY,CAACI,IAAI,EAAE;MACxB,MAAM,IAAI,CAACT,cAAc,CAACS,IAAI,EAAE;IAClC;IAEA,MAAMC,cAAc,CAACC,WAAoB,EAAiB;MACxD,MAAM,IAAI,CAACC,mBAAmB,CAACC,SAAS,EAAEF,WAAW,CAAC;IACxD;;IAEA;IACA,MAAMC,mBAAmB,CAACE,MAAe,EAAEH,WAAoB,EAAiB;MAC9E,IAAII,KAAK,GAAG,IAAI,CAACb,OAAO,CAACa,KAAK;;MAE9B;MACA,IAAID,MAAM,EAAE;QACV,IAAI,CAACT,YAAY,CAACW,SAAS,CAACF,MAAM,CAAC;QACnCH,WAAW,GAAGA,WAAW,IAAI,IAAI,CAACM,cAAc,CAAC,IAAI,CAACf,OAAO,CAACa,KAAK,CAAC;MACtE,CAAC,MAAM,IAAI,IAAI,CAACR,eAAe,EAAE,EAAE;QACjC,IAAI;UACF;UACA,MAAMW,aAAa,GAAG,MAAM,IAAAC,uCAAyB,EAAC,IAAI,EAAE,CAAC,CAAC,CAAC;UAC/DJ,KAAK,GAAGG,aAAa,CAACH,KAAK;UAC3BJ,WAAW,GAAGA,WAAW,IAAI,IAAI,CAACM,cAAc,CAACF,KAAK,CAAC;UACvD,MAAM,IAAI,CAACK,uBAAuB,EAAE;QACtC,CAAC,CAAC,OAAMC,CAAC,EAAE;UACT;UACA,MAAM,IAAI,CAACvB,gBAAgB,CAACU,eAAe,EAAE;UAC7C,MAAMa,CAAC;QACT;MACF,CAAC,MAAM;QACL,OAAO,CAAC;MACV;;MAEA;MACA,MAAM,IAAI,CAACvB,gBAAgB,CAACU,eAAe,EAAE;;MAE7C;MACA,IAAI,CAACc,iBAAiB,CAACP,KAAK,CAAC;;MAE7B;MACA,MAAM;QAAEQ;MAAmB,CAAC,GAAG,IAAI,CAACrB,OAAO;MAC3C,IAAIqB,kBAAkB,EAAE;QACtB,MAAMA,kBAAkB,CAAC,IAAI,EAAEZ,WAAW,CAAC;MAC7C,CAAC,MAAM,IAAIA,WAAW,EAAE;QACtBa,MAAM,CAACC,QAAQ,CAACC,OAAO,CAACf,WAAW,CAAC;MACtC;IACF;EACF,CAAC;AACH"}

package/cjs/core/types/api.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"api.js","names":[],"sources":["../../../../lib/core/types/api.ts"],"sourcesContent":["import {\n OAuthStorageManagerInterface,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n PKCETransactionMeta,\n Tokens,\n TransactionManagerInterface\n} from '../../oidc/types';\n\nimport { ServiceManagerInterface, ServiceManagerOptions } from './Service';\nimport { AuthState, AuthStateManagerInterface } from './AuthState';\n\n\n// options passed to AuthJS constructor\nexport interface OktaAuthCoreOptions extends OktaAuthOAuthOptions\n{\n services?: ServiceManagerOptions;\n // eslint-disable-next-line no-use-before-define\n transformAuthState?: (oktaAuth: OktaAuthCoreInterface, authState: AuthState) => Promise<AuthState>;\n}\n\nexport type CoreStorageManagerInterface<\n M extends PKCETransactionMeta = PKCETransactionMeta\n> = OAuthStorageManagerInterface<M>;\n\n// an instance of AuthJS with OAuth and Services\nexport interface OktaAuthCoreInterface<\n M extends PKCETransactionMeta = PKCETransactionMeta,\n S extends CoreStorageManagerInterface<M> = CoreStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions = OktaAuthCoreOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface\n> \nextends OktaAuthOAuthInterface<M, S, O, TM>\n{\n serviceManager: ServiceManagerInterface;\n authStateManager: AuthStateManagerInterface;\n start(): Promise<void>;\n stop(): Promise<void>;\n handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void>;\n}\n"],"mappings":""}
1	+ {"version":3,"file":"api.js","names":[],"sources":["../../../../lib/core/types/api.ts"],"sourcesContent":["import {\n OAuthStorageManagerInterface,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n PKCETransactionMeta,\n Tokens,\n TransactionManagerInterface\n} from '../../oidc/types';\n\nimport { ServiceManagerInterface, ServiceManagerOptions } from './Service';\nimport { AuthState, AuthStateManagerInterface } from './AuthState';\n\n\n// options passed to AuthJS constructor\nexport interface OktaAuthCoreOptions extends OktaAuthOAuthOptions\n{\n services?: ServiceManagerOptions;\n // eslint-disable-next-line no-use-before-define\n transformAuthState?: (oktaAuth: OktaAuthCoreInterface, authState: AuthState) => Promise<AuthState>;\n}\n\nexport type CoreStorageManagerInterface<\n M extends PKCETransactionMeta = PKCETransactionMeta\n> = OAuthStorageManagerInterface<M>;\n\n// an instance of AuthJS with OAuth and Services\nexport interface OktaAuthCoreInterface<\n M extends PKCETransactionMeta = PKCETransactionMeta,\n S extends CoreStorageManagerInterface<M> = CoreStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions = OktaAuthCoreOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface\n> \nextends OktaAuthOAuthInterface<M, S, O, TM>\n{\n serviceManager: ServiceManagerInterface;\n authStateManager: AuthStateManagerInterface;\n start(): Promise<void>;\n stop(): Promise<void>;\n handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void>;\n handleRedirect(originalUri?: string): Promise<void>;\n}\n"],"mappings":""}

package/cjs/http/OktaUserAgent.js CHANGED Viewed

@@ -20,7 +20,7 @@ var _features = require("../features");
 class OktaUserAgent {
   constructor() {
     // add base sdk env
-    this.environments = [`okta-auth-js/${"7.1.1"}`];
+    this.environments = [`okta-auth-js/${"7.2.0"}`];
   }
   addEnvironment(env) {
     this.environments.push(env);
@@ -32,7 +32,7 @@ class OktaUserAgent {
     };
   }
   getVersion() {
-    return "7.1.1";
+    return "7.2.0";
   }
   maybeAddNodeEnvironment() {
     if ((0, _features.isBrowser)() || !process || !process.versions) {

package/cjs/idx/IdxTransactionManager.js CHANGED Viewed

@@ -41,12 +41,8 @@ function createIdxTransactionManager() {
       }
       if (options) {
         const {
-          stateHandle,
           interactionHandle
         } = options;
-        if (stateHandle && storedValue.stateHandle !== stateHandle) {
-          return null;
-        }
         if (interactionHandle && storedValue.interactionHandle !== interactionHandle) {
           return null;
         }

package/cjs/idx/IdxTransactionManager.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"IdxTransactionManager.js","names":["createIdxTransactionManager","TransactionManager","createTransactionManager","IdxTransactionManager","constructor","options","clear","clearIdxResponse","saveIdxResponse","data","saveLastResponse","storage","storageManager","getIdxResponseStorage","setStorage","loadIdxResponse","storedValue","getStorage","isRawIdxResponse","rawIdxResponse","~~stateHandle","~~interactionHandle","clearStorage"],"sources":["../../../lib/idx/IdxTransactionManager.ts"],"sourcesContent":["import { ClearTransactionMetaOptions, TransactionManagerOptions } from '../oidc/types';\nimport { createTransactionManager } from '../oidc/TransactionManager';\nimport { IdxTransactionMeta, IntrospectOptions } from './types';\nimport { isRawIdxResponse } from './types/idx-js';\nimport { IdxStorageManagerInterface, SavedIdxResponse } from './types/storage';\n\nexport function createIdxTransactionManager\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>\n>\n()\n{\n const TransactionManager = createTransactionManager<M, S>();\n return class IdxTransactionManager extends TransactionManager\n {\n constructor(options: TransactionManagerOptions) {\n super(options);\n }\n\n clear(options: ClearTransactionMetaOptions = {}) {\n super.clear(options);\n\n if (options.clearIdxResponse !== false) {\n this.clearIdxResponse();\n }\n }\n \n saveIdxResponse(data: SavedIdxResponse): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(data);\n }\n\n // eslint-disable-next-line complexity\n loadIdxResponse(options?: IntrospectOptions): SavedIdxResponse \| null {\n if (!this.saveLastResponse) {\n return null;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const storedValue = storage.getStorage();\n if (!storedValue \|\| !isRawIdxResponse(storedValue.rawIdxResponse)) {\n return null;\n }\n\n if (options) {\n const { ~~stateHandle,~~ interactionHandle } = options;\n if (~~stateHandle && storedValue.stateHandle !== stateHandle) {\n return null;\n }\n if (~~interactionHandle && storedValue.interactionHandle !== interactionHandle) {\n return null;\n }\n }\n\n return storedValue;\n }\n\n clearIdxResponse(): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n storage?.clearStorage();\n }\n };\n}\n"],"mappings":";;;AACA;AAEA;AAGO,SAASA,2BAA2B,GAM3C;EACE,MAAMC,kBAAkB,GAAG,IAAAC,4CAAwB,GAAQ;EAC3D,OAAO,MAAMC,qBAAqB,SAASF,kBAAkB,CAC7D;IACEG,WAAW,CAACC,OAAkC,EAAE;MAC9C,KAAK,CAACA,OAAO,CAAC;IAChB;IAEAC,KAAK,CAACD,OAAoC,GAAG,CAAC,CAAC,EAAE;MAC/C,KAAK,CAACC,KAAK,CAACD,OAAO,CAAC;MAEpB,IAAIA,OAAO,CAACE,gBAAgB,KAAK,KAAK,EAAE;QACtC,IAAI,CAACA,gBAAgB,EAAE;MACzB;IACF;IAEAC,eAAe,CAACC,IAAsB,EAAQ;MAC5C,IAAI,CAAC,IAAI,CAACC,gBAAgB,EAAE;QAC1B;MACF;MACA,MAAMC,OAAO,GAAG,IAAI,CAACC,cAAc,CAACC,qBAAqB,EAAE;MAC3D,IAAI,CAACF,OAAO,EAAE;QACZ;MACF;MACAA,OAAO,CAACG,UAAU,CAACL,IAAI,CAAC;IAC1B;;IAEA;IACAM,eAAe,CAACV,OAA2B,EAA2B;MACpE,IAAI,CAAC,IAAI,CAACK,gBAAgB,EAAE;QAC1B,OAAO,IAAI;MACb;MACA,MAAMC,OAAO,GAAG,IAAI,CAACC,cAAc,CAACC,qBAAqB,EAAE;MAC3D,IAAI,CAACF,OAAO,EAAE;QACZ,OAAO,IAAI;MACb;MACA,MAAMK,WAAW,GAAGL,OAAO,CAACM,UAAU,EAAE;MACxC,IAAI,CAACD,WAAW,IAAI,CAAC,IAAAE,uBAAgB,EAACF,WAAW,CAACG,cAAc,CAAC,EAAE;QACjE,OAAO,IAAI;MACb;MAEA,IAAId,OAAO,EAAE;QACX,MAAM;UAAEe~~,WAAW~~;~~UAAEC;~~QAAkB,CAAC,~~GAAGhB~~,OAAO;~~QAClD~~,IAAIe,~~WAAW~~,IAAIJ,WAAW,CAACI,~~WAAW,KAAKA,WAAW,EAAE;UAC1D,OAAO,IAAI;QACb;QACA,IAAIC,~~iBAAiB,~~IAAIL,WAAW,CAACK,iBAAiB,~~KAAKA,iBAAiB,EAAE;UAC5E,OAAO,IAAI;QACb;MACF;MAEA,~~OAAOL~~,WAAW;IACpB;IAEAT,gBAAgB,GAAS;MACvB,IAAI,CAAC,IAAI,CAACG,gBAAgB,EAAE;QAC1B;MACF;MACA,MAAMC,OAAO,GAAG,IAAI,CAACC,cAAc,CAACC,qBAAqB,EAAE;MAC3DF,OAAO,aAAPA,OAAO,uBAAPA,OAAO,~~CAAEW~~,YAAY,EAAE;IACzB;EACF,CAAC;AACH"}
1	+ {"version":3,"file":"IdxTransactionManager.js","names":["createIdxTransactionManager","TransactionManager","createTransactionManager","IdxTransactionManager","constructor","options","clear","clearIdxResponse","saveIdxResponse","data","saveLastResponse","storage","storageManager","getIdxResponseStorage","setStorage","loadIdxResponse","storedValue","getStorage","isRawIdxResponse","rawIdxResponse","interactionHandle","clearStorage"],"sources":["../../../lib/idx/IdxTransactionManager.ts"],"sourcesContent":["import { ClearTransactionMetaOptions, TransactionManagerOptions } from '../oidc/types';\nimport { createTransactionManager } from '../oidc/TransactionManager';\nimport { IdxTransactionMeta, IntrospectOptions } from './types';\nimport { isRawIdxResponse } from './types/idx-js';\nimport { IdxStorageManagerInterface, SavedIdxResponse } from './types/storage';\n\nexport function createIdxTransactionManager\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>\n>\n()\n{\n const TransactionManager = createTransactionManager<M, S>();\n return class IdxTransactionManager extends TransactionManager\n {\n constructor(options: TransactionManagerOptions) {\n super(options);\n }\n\n clear(options: ClearTransactionMetaOptions = {}) {\n super.clear(options);\n\n if (options.clearIdxResponse !== false) {\n this.clearIdxResponse();\n }\n }\n \n saveIdxResponse(data: SavedIdxResponse): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return;\n }\n storage.setStorage(data);\n }\n\n // eslint-disable-next-line complexity\n loadIdxResponse(options?: IntrospectOptions): SavedIdxResponse \| null {\n if (!this.saveLastResponse) {\n return null;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n if (!storage) {\n return null;\n }\n const storedValue = storage.getStorage();\n if (!storedValue \|\| !isRawIdxResponse(storedValue.rawIdxResponse)) {\n return null;\n }\n\n if (options) {\n const { interactionHandle } = options;\n if (interactionHandle && storedValue.interactionHandle !== interactionHandle) {\n return null;\n }\n }\n\n return storedValue;\n }\n\n clearIdxResponse(): void {\n if (!this.saveLastResponse) {\n return;\n }\n const storage = this.storageManager.getIdxResponseStorage();\n storage?.clearStorage();\n }\n };\n}\n"],"mappings":";;;AACA;AAEA;AAGO,SAASA,2BAA2B,GAM3C;EACE,MAAMC,kBAAkB,GAAG,IAAAC,4CAAwB,GAAQ;EAC3D,OAAO,MAAMC,qBAAqB,SAASF,kBAAkB,CAC7D;IACEG,WAAW,CAACC,OAAkC,EAAE;MAC9C,KAAK,CAACA,OAAO,CAAC;IAChB;IAEAC,KAAK,CAACD,OAAoC,GAAG,CAAC,CAAC,EAAE;MAC/C,KAAK,CAACC,KAAK,CAACD,OAAO,CAAC;MAEpB,IAAIA,OAAO,CAACE,gBAAgB,KAAK,KAAK,EAAE;QACtC,IAAI,CAACA,gBAAgB,EAAE;MACzB;IACF;IAEAC,eAAe,CAACC,IAAsB,EAAQ;MAC5C,IAAI,CAAC,IAAI,CAACC,gBAAgB,EAAE;QAC1B;MACF;MACA,MAAMC,OAAO,GAAG,IAAI,CAACC,cAAc,CAACC,qBAAqB,EAAE;MAC3D,IAAI,CAACF,OAAO,EAAE;QACZ;MACF;MACAA,OAAO,CAACG,UAAU,CAACL,IAAI,CAAC;IAC1B;;IAEA;IACAM,eAAe,CAACV,OAA2B,EAA2B;MACpE,IAAI,CAAC,IAAI,CAACK,gBAAgB,EAAE;QAC1B,OAAO,IAAI;MACb;MACA,MAAMC,OAAO,GAAG,IAAI,CAACC,cAAc,CAACC,qBAAqB,EAAE;MAC3D,IAAI,CAACF,OAAO,EAAE;QACZ,OAAO,IAAI;MACb;MACA,MAAMK,WAAW,GAAGL,OAAO,CAACM,UAAU,EAAE;MACxC,IAAI,CAACD,WAAW,IAAI,CAAC,IAAAE,uBAAgB,EAACF,WAAW,CAACG,cAAc,CAAC,EAAE;QACjE,OAAO,IAAI;MACb;MAEA,IAAId,OAAO,EAAE;QACX,MAAM;UAAEe;QAAkB,CAAC,GAAGf,OAAO;QACrC,IAAIe,iBAAiB,IAAIJ,WAAW,CAACI,iBAAiB,KAAKA,iBAAiB,EAAE;UAC5E,OAAO,IAAI;QACb;MACF;MAEA,OAAOJ,WAAW;IACpB;IAEAT,gBAAgB,GAAS;MACvB,IAAI,CAAC,IAAI,CAACG,gBAAgB,EAAE;QAC1B;MACF;MACA,MAAMC,OAAO,GAAG,IAAI,CAACC,cAAc,CAACC,qBAAqB,EAAE;MAC3DF,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEU,YAAY,EAAE;IACzB;EACF,CAAC;AACH"}

package/cjs/idx/factory/OktaAuthIdx.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"OktaAuthIdx.js","names":["createOktaAuthIdx","StorageManagerConstructor","OptionsConstructor","TransactionManagerConstructor","Core","createOktaAuthCore","WithIdx","mixinIdx"],"sources":["../../../../lib/idx/factory/OktaAuthIdx.ts"],"sourcesContent":["import { createOktaAuthCore } from '../../core/factory';\nimport { ~~OktaAuthConstructor,~~ OktaAuthOptionsConstructor } from '../../base/types';\nimport { StorageManagerConstructor } from '../../storage/types';\nimport { IdxTransactionManagerInterface, OktaAuthIdxInterface } from '../types/api';\nimport { IdxTransactionMeta } from '../types/meta';\nimport { IdxStorageManagerInterface } from '../types/storage';\nimport { OktaAuthIdxOptions } from '../types/options';\nimport { mixinIdx } from '../mixin';\nimport { TransactionManagerConstructor } from '../../oidc/types';\nimport { OktaAuthCoreInterface } from '../../core/types';\n\nexport function createOktaAuthIdx<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface\n>(\n StorageManagerConstructor: StorageManagerConstructor<S>,\n OptionsConstructor: OktaAuthOptionsConstructor<O>,\n TransactionManagerConstructor: TransactionManagerConstructor<TM>\n)\n: ~~OktaAuthConstructor~~<OktaAuthIdxInterface<M, S, O, TM> & OktaAuthCoreInterface<M, S, O, TM>>\n{\n const Core = createOktaAuthCore<M, S, O, TM>(\n StorageManagerConstructor,\n OptionsConstructor,\n TransactionManagerConstructor\n );\n const WithIdx = mixinIdx(Core);\n return WithIdx;\n}\n"],"mappings":";;;AAAA;AAOA;AAIO,SAASA,iBAAiB,CAM/BC,yBAAuD,EACvDC,kBAAiD,EACjDC,6BAAgE,EAGlE;EACE,MAAMC,IAAI,GAAG,IAAAC,2BAAkB,EAC7BJ,yBAAyB,EACzBC,kBAAkB,EAClBC,6BAA6B,CAC9B;EACD,MAAMG,OAAO,GAAG,IAAAC,eAAQ,EAACH,IAAI,CAAC;EAC9B,OAAOE,OAAO;AAChB"}
1	+ {"version":3,"file":"OktaAuthIdx.js","names":["createOktaAuthIdx","StorageManagerConstructor","OptionsConstructor","TransactionManagerConstructor","Core","createOktaAuthCore","WithIdx","mixinIdx"],"sources":["../../../../lib/idx/factory/OktaAuthIdx.ts"],"sourcesContent":["import { createOktaAuthCore } from '../../core/factory';\nimport { OktaAuthOptionsConstructor } from '../../base/types';\nimport { StorageManagerConstructor } from '../../storage/types';\nimport { IdxTransactionManagerInterface, OktaAuthIdxInterface, OktaAuthIdxConstructor } from '../types/api';\nimport { IdxTransactionMeta } from '../types/meta';\nimport { IdxStorageManagerInterface } from '../types/storage';\nimport { OktaAuthIdxOptions } from '../types/options';\nimport { mixinIdx } from '../mixin';\nimport { TransactionManagerConstructor } from '../../oidc/types';\nimport { OktaAuthCoreInterface } from '../../core/types';\n\nexport function createOktaAuthIdx<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface\n>(\n StorageManagerConstructor: StorageManagerConstructor<S>,\n OptionsConstructor: OktaAuthOptionsConstructor<O>,\n TransactionManagerConstructor: TransactionManagerConstructor<TM>\n)\n: OktaAuthIdxConstructor<OktaAuthIdxInterface<M, S, O, TM> & OktaAuthCoreInterface<M, S, O, TM>>\n{\n const Core = createOktaAuthCore<M, S, O, TM>(\n StorageManagerConstructor,\n OptionsConstructor,\n TransactionManagerConstructor\n );\n const WithIdx = mixinIdx(Core);\n return WithIdx;\n}\n"],"mappings":";;;AAAA;AAOA;AAIO,SAASA,iBAAiB,CAM/BC,yBAAuD,EACvDC,kBAAiD,EACjDC,6BAAgE,EAGlE;EACE,MAAMC,IAAI,GAAG,IAAAC,2BAAkB,EAC7BJ,yBAAyB,EACzBC,kBAAkB,EAClBC,6BAA6B,CAC9B;EACD,MAAMG,OAAO,GAAG,IAAAC,eAAQ,EAACH,IAAI,CAAC;EAC9B,OAAOE,OAAO;AAChB"}

package/cjs/idx/idxState/v1/idxResponseParser.js CHANGED Viewed

@@ -4,7 +4,7 @@ var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefau
 exports.parseNonRemediations = exports.parseIdxResponse = void 0;
 var _remediationParser = require("./remediationParser");
 var _generateIdxAction = _interopRequireDefault(require("./generateIdxAction"));
-var _jsonpathPlus = require("jsonpath-plus");
+var _jsonpath = require("../../../util/jsonpath");
 /*!
  * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -81,8 +81,7 @@ const expandRelatesTo = (idxResponse, value) => {
     if (k === 'relatesTo') {
       const query = Array.isArray(value[k]) ? value[k][0] : value[k];
       if (typeof query === 'string') {
-        // eslint-disable-next-line new-cap
-        const result = (0, _jsonpathPlus.JSONPath)({
+        const result = (0, _jsonpath.jsonpath)({
           path: query,
           json: idxResponse
         })[0];

package/cjs/idx/idxState/v1/idxResponseParser.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"idxResponseParser.js","names":["SKIP_FIELDS","Object","fromEntries","map","field","parseNonRemediations","authClient","idxResponse","toPersist","actions","context","keys","filter","forEach","fieldIsObject","rel","name","generateIdxAction","value","fieldValue","type","info","entries","subField","expandRelatesTo","k","query","Array","isArray","result","~~JSONPath~~","path","json","innerValue","convertRemediationAction","remediation","remediationActions","generateRemediationFunctions","actionFn","action","parseIdxResponse","remediationData","remediations"],"sources":["../../../../../lib/idx/idxState/v1/idxResponseParser.ts"],"sourcesContent":["/!\n Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n \n See the License for the specific language governing permissions and limitations under the License.\n /\n\n/ eslint-disable max-len */\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nimport { OktaAuthIdxInterface } from '../../types'; // auth-js/types\nimport { generateRemediationFunctions } from './remediationParser';\nimport generateIdxAction from './generateIdxAction';\nimport { ~~JSONPath~~ } from 'jsonpath~~-plus~~';\n\nconst SKIP_FIELDS = Object.fromEntries([\n 'remediation', // remediations are put into proceed/neededToProceed\n 'context', // the API response of 'context' isn't externally useful. We ignore it and put all non-action (contextual) info into idxState.context\n].map( (field) => [ field, !!'skip this field' ] ));\n\nexport const parseNonRemediations = function parseNonRemediations( authClient: OktaAuthIdxInterface, idxResponse, toPersist = {} ) {\n const actions = {};\n const context = {};\n\n Object.keys(idxResponse)\n .filter( field => !SKIP_FIELDS[field])\n .forEach( field => {\n const fieldIsObject = typeof idxResponse[field] === 'object' && !!idxResponse[field];\n\n if ( !fieldIsObject ) {\n // simple fields are contextual info\n context[field] = idxResponse[field];\n return;\n }\n\n if ( idxResponse[field].rel ) {\n // top level actions\n actions[idxResponse[field].name] = generateIdxAction(authClient, idxResponse[field], toPersist);\n return;\n }\n\n const { value: fieldValue, type, ...info} = idxResponse[field];\n context[field] = { type, ...info}; // add the non-action parts as context\n\n if ( type !== 'object' ) {\n // only object values hold actions\n context[field].value = fieldValue;\n return;\n }\n\n // We are an object field containing an object value\n context[field].value = {};\n Object.entries(fieldValue)\n .forEach( ([subField, value]) => {\n if (value.rel) { // is [field].value[subField] an action?\n // add any \"action\" value subfields to actions\n actions[`${field}-${subField.name \|\| subField}`] = generateIdxAction(authClient, value, toPersist);\n } else {\n // add non-action value subfields to context\n context[field].value[subField] = value;\n }\n });\n });\n\n return { context, actions };\n};\n\nconst expandRelatesTo = (idxResponse, value) => {\n Object.keys(value).forEach(k => {\n if (k === 'relatesTo') {\n const query = Array.isArray(value[k]) ? value[k][0] : value[k];\n if (typeof query === 'string') {\n ~~// eslint-disable-next-line new-cap\n~~ const result = ~~JSONPath~~({ path: query, json: idxResponse })[0];\n if (result) {\n value[k] = result;\n return;\n }\n }\n }\n if (Array.isArray(value[k])) {\n value[k].forEach(innerValue => expandRelatesTo(idxResponse, innerValue));\n }\n });\n};\n\nconst convertRemediationAction = (authClient: OktaAuthIdxInterface, remediation, toPersist) => {\n // Only remediation that has `rel` field (indicator for form submission) can have http action\n if (remediation.rel) {\n const remediationActions = generateRemediationFunctions( authClient, [remediation], toPersist );\n const actionFn = remediationActions[remediation.name];\n return {\n ...remediation,\n action: actionFn,\n };\n }\n \n return remediation;\n};\n\nexport const parseIdxResponse = function parseIdxResponse( authClient: OktaAuthIdxInterface, idxResponse, toPersist = {} ): {\n remediations: IdxRemediation[];\n context: IdxContext;\n actions: IdxActions;\n} {\n const remediationData = idxResponse.remediation?.value \|\| [];\n\n remediationData.forEach(\n remediation => expandRelatesTo(idxResponse, remediation)\n );\n\n const remediations = remediationData.map(remediation => convertRemediationAction( authClient, remediation, toPersist ));\n\n const { context, actions } = parseNonRemediations( authClient, idxResponse, toPersist );\n\n return {\n remediations,\n context,\n actions,\n };\n};\n"],"mappings":";;;;AAgBA;AACA;AACA;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACuD;;AAKvD,MAAMA,WAAW,GAAGC,MAAM,CAACC,WAAW,CAAC,CACrC,aAAa;AAAE;AACf,SAAS,CAAE;AAAA,CACZ,CAACC,GAAG,CAAGC,KAAK,IAAK,CAAEA,KAAK,EAAE,CAAC,CAAC,iBAAiB,CAAE,CAAE,CAAC;AAE5C,MAAMC,oBAAoB,GAAG,SAASA,oBAAoB,CAAEC,UAAgC,EAAEC,WAAW,EAAEC,SAAS,GAAG,CAAC,CAAC,EAAG;EACjI,MAAMC,OAAO,GAAG,CAAC,CAAC;EAClB,MAAMC,OAAO,GAAG,CAAC,CAAC;EAElBT,MAAM,CAACU,IAAI,CAACJ,WAAW,CAAC,CACrBK,MAAM,CAAER,KAAK,IAAI,CAACJ,WAAW,CAACI,KAAK,CAAC,CAAC,CACrCS,OAAO,CAAET,KAAK,IAAI;IACjB,MAAMU,aAAa,GAAG,OAAOP,WAAW,CAACH,KAAK,CAAC,KAAK,QAAQ,IAAI,CAAC,CAACG,WAAW,CAACH,KAAK,CAAC;IAEpF,IAAK,CAACU,aAAa,EAAG;MACpB;MACAJ,OAAO,CAACN,KAAK,CAAC,GAAGG,WAAW,CAACH,KAAK,CAAC;MACnC;IACF;IAEA,IAAKG,WAAW,CAACH,KAAK,CAAC,CAACW,GAAG,EAAG;MAC5B;MACAN,OAAO,CAACF,WAAW,CAACH,KAAK,CAAC,CAACY,IAAI,CAAC,GAAG,IAAAC,0BAAiB,EAACX,UAAU,EAAEC,WAAW,CAACH,KAAK,CAAC,EAAEI,SAAS,CAAC;MAC/F;IACF;IAEA,MAAM;MAAEU,KAAK,EAAEC,UAAU;MAAEC,IAAI;MAAE,GAAGC;IAAI,CAAC,GAAGd,WAAW,CAACH,KAAK,CAAC;IAC9DM,OAAO,CAACN,KAAK,CAAC,GAAG;MAAEgB,IAAI;MAAE,GAAGC;IAAI,CAAC,CAAC,CAAC;;IAEnC,IAAKD,IAAI,KAAK,QAAQ,EAAG;MACvB;MACAV,OAAO,CAACN,KAAK,CAAC,CAACc,KAAK,GAAGC,UAAU;MACjC;IACF;;IAEA;IACAT,OAAO,CAACN,KAAK,CAAC,CAACc,KAAK,GAAG,CAAC,CAAC;IACzBjB,MAAM,CAACqB,OAAO,CAACH,UAAU,CAAC,CACvBN,OAAO,CAAE,CAAC,CAACU,QAAQ,EAAEL,KAAK,CAAC,KAAK;MAC/B,IAAIA,KAAK,CAACH,GAAG,EAAE;QAAE;QACf;QACAN,OAAO,CAAE,GAAEL,KAAM,IAAGmB,QAAQ,CAACP,IAAI,IAAIO,QAAS,EAAC,CAAC,GAAG,IAAAN,0BAAiB,EAACX,UAAU,EAAEY,KAAK,EAAEV,SAAS,CAAC;MACpG,CAAC,MAAM;QACL;QACAE,OAAO,CAACN,KAAK,CAAC,CAACc,KAAK,CAACK,QAAQ,CAAC,GAAGL,KAAK;MACxC;IACF,CAAC,CAAC;EACN,CAAC,CAAC;EAEJ,OAAO;IAAER,OAAO;IAAED;EAAQ,CAAC;AAC7B,CAAC;AAAC;AAEF,MAAMe,eAAe,GAAG,CAACjB,WAAW,EAAEW,KAAK,KAAK;EAC9CjB,MAAM,CAACU,IAAI,CAACO,KAAK,CAAC,CAACL,OAAO,CAACY,CAAC,IAAI;IAC9B,IAAIA,CAAC,KAAK,WAAW,EAAE;MACrB,MAAMC,KAAK,GAAGC,KAAK,CAACC,OAAO,CAACV,KAAK,CAACO,CAAC,CAAC,CAAC,GAAGP,KAAK,CAACO,CAAC,CAAC,CAAC,CAAC,CAAC,GAAGP,KAAK,CAACO,CAAC,CAAC;MAC9D,IAAI,OAAOC,KAAK,KAAK,QAAQ,EAAE;QAC7B~~;QACA~~,MAAMG,MAAM,GAAG,IAAAC,~~sBAAQ~~,EAAC;UAAEC,IAAI,EAAEL,KAAK;UAAEM,IAAI,EAAEzB;QAAY,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9D,IAAIsB,MAAM,EAAE;UACVX,KAAK,CAACO,CAAC,CAAC,GAAGI,MAAM;UACjB;QACF;MACF;IACF;IACA,IAAIF,KAAK,CAACC,OAAO,CAACV,KAAK,CAACO,CAAC,CAAC,CAAC,EAAE;MAC3BP,KAAK,CAACO,CAAC,CAAC,CAACZ,OAAO,CAACoB,UAAU,IAAIT,eAAe,CAACjB,WAAW,EAAE0B,UAAU,CAAC,CAAC;IAC1E;EACF,CAAC,CAAC;AACJ,CAAC;AAED,MAAMC,wBAAwB,GAAG,CAAC5B,UAAgC,EAAE6B,WAAW,EAAE3B,SAAS,KAAK;EAC7F;EACA,IAAI2B,WAAW,CAACpB,GAAG,EAAE;IACnB,MAAMqB,kBAAkB,GAAG,IAAAC,+CAA4B,EAAE/B,UAAU,EAAE,CAAC6B,WAAW,CAAC,EAAE3B,SAAS,CAAE;IAC/F,MAAM8B,QAAQ,GAAGF,kBAAkB,CAACD,WAAW,CAACnB,IAAI,CAAC;IACrD,OAAO;MACL,GAAGmB,WAAW;MACdI,MAAM,EAAED;IACV,CAAC;EACH;EAEA,OAAOH,WAAW;AACpB,CAAC;AAEM,MAAMK,gBAAgB,GAAG,SAASA,gBAAgB,CAAElC,UAAgC,EAAEC,WAAW,EAAEC,SAAS,GAAG,CAAC,CAAC,EAItH;EAAA;EACA,MAAMiC,eAAe,GAAG,0BAAAlC,WAAW,CAAC4B,WAAW,0DAAvB,sBAAyBjB,KAAK,KAAI,EAAE;EAE5DuB,eAAe,CAAC5B,OAAO,CACrBsB,WAAW,IAAIX,eAAe,CAACjB,WAAW,EAAE4B,WAAW,CAAC,CACzD;EAED,MAAMO,YAAY,GAAGD,eAAe,CAACtC,GAAG,CAACgC,WAAW,IAAID,wBAAwB,CAAE5B,UAAU,EAAE6B,WAAW,EAAE3B,SAAS,CAAE,CAAC;EAEvH,MAAM;IAAEE,OAAO;IAAED;EAAQ,CAAC,GAAGJ,oBAAoB,CAAEC,UAAU,EAAEC,WAAW,EAAEC,SAAS,CAAE;EAEvF,OAAO;IACLkC,YAAY;IACZhC,OAAO;IACPD;EACF,CAAC;AACH,CAAC;AAAC"}
1	+ {"version":3,"file":"idxResponseParser.js","names":["SKIP_FIELDS","Object","fromEntries","map","field","parseNonRemediations","authClient","idxResponse","toPersist","actions","context","keys","filter","forEach","fieldIsObject","rel","name","generateIdxAction","value","fieldValue","type","info","entries","subField","expandRelatesTo","k","query","Array","isArray","result","jsonpath","path","json","innerValue","convertRemediationAction","remediation","remediationActions","generateRemediationFunctions","actionFn","action","parseIdxResponse","remediationData","remediations"],"sources":["../../../../../lib/idx/idxState/v1/idxResponseParser.ts"],"sourcesContent":["/!\n Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n \n See the License for the specific language governing permissions and limitations under the License.\n /\n\n/ eslint-disable max-len */\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nimport { OktaAuthIdxInterface } from '../../types'; // auth-js/types\nimport { generateRemediationFunctions } from './remediationParser';\nimport generateIdxAction from './generateIdxAction';\nimport { jsonpath } from '../../../util/jsonpath';\n\nconst SKIP_FIELDS = Object.fromEntries([\n 'remediation', // remediations are put into proceed/neededToProceed\n 'context', // the API response of 'context' isn't externally useful. We ignore it and put all non-action (contextual) info into idxState.context\n].map( (field) => [ field, !!'skip this field' ] ));\n\nexport const parseNonRemediations = function parseNonRemediations( authClient: OktaAuthIdxInterface, idxResponse, toPersist = {} ) {\n const actions = {};\n const context = {};\n\n Object.keys(idxResponse)\n .filter( field => !SKIP_FIELDS[field])\n .forEach( field => {\n const fieldIsObject = typeof idxResponse[field] === 'object' && !!idxResponse[field];\n\n if ( !fieldIsObject ) {\n // simple fields are contextual info\n context[field] = idxResponse[field];\n return;\n }\n\n if ( idxResponse[field].rel ) {\n // top level actions\n actions[idxResponse[field].name] = generateIdxAction(authClient, idxResponse[field], toPersist);\n return;\n }\n\n const { value: fieldValue, type, ...info} = idxResponse[field];\n context[field] = { type, ...info}; // add the non-action parts as context\n\n if ( type !== 'object' ) {\n // only object values hold actions\n context[field].value = fieldValue;\n return;\n }\n\n // We are an object field containing an object value\n context[field].value = {};\n Object.entries(fieldValue)\n .forEach( ([subField, value]) => {\n if (value.rel) { // is [field].value[subField] an action?\n // add any \"action\" value subfields to actions\n actions[`${field}-${subField.name \|\| subField}`] = generateIdxAction(authClient, value, toPersist);\n } else {\n // add non-action value subfields to context\n context[field].value[subField] = value;\n }\n });\n });\n\n return { context, actions };\n};\n\nconst expandRelatesTo = (idxResponse, value) => {\n Object.keys(value).forEach(k => {\n if (k === 'relatesTo') {\n const query = Array.isArray(value[k]) ? value[k][0] : value[k];\n if (typeof query === 'string') {\n const result = jsonpath({ path: query, json: idxResponse })[0];\n if (result) {\n value[k] = result;\n return;\n }\n }\n }\n if (Array.isArray(value[k])) {\n value[k].forEach(innerValue => expandRelatesTo(idxResponse, innerValue));\n }\n });\n};\n\nconst convertRemediationAction = (authClient: OktaAuthIdxInterface, remediation, toPersist) => {\n // Only remediation that has `rel` field (indicator for form submission) can have http action\n if (remediation.rel) {\n const remediationActions = generateRemediationFunctions( authClient, [remediation], toPersist );\n const actionFn = remediationActions[remediation.name];\n return {\n ...remediation,\n action: actionFn,\n };\n }\n\n return remediation;\n};\n\nexport const parseIdxResponse = function parseIdxResponse( authClient: OktaAuthIdxInterface, idxResponse, toPersist = {} ): {\n remediations: IdxRemediation[];\n context: IdxContext;\n actions: IdxActions;\n} {\n const remediationData = idxResponse.remediation?.value \|\| [];\n\n remediationData.forEach(\n remediation => expandRelatesTo(idxResponse, remediation)\n );\n\n const remediations = remediationData.map(remediation => convertRemediationAction( authClient, remediation, toPersist ));\n\n const { context, actions } = parseNonRemediations( authClient, idxResponse, toPersist );\n\n return {\n remediations,\n context,\n actions,\n };\n};\n"],"mappings":";;;;AAgBA;AACA;AACA;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACuD;;AAKvD,MAAMA,WAAW,GAAGC,MAAM,CAACC,WAAW,CAAC,CACrC,aAAa;AAAE;AACf,SAAS,CAAE;AAAA,CACZ,CAACC,GAAG,CAAGC,KAAK,IAAK,CAAEA,KAAK,EAAE,CAAC,CAAC,iBAAiB,CAAE,CAAE,CAAC;AAE5C,MAAMC,oBAAoB,GAAG,SAASA,oBAAoB,CAAEC,UAAgC,EAAEC,WAAW,EAAEC,SAAS,GAAG,CAAC,CAAC,EAAG;EACjI,MAAMC,OAAO,GAAG,CAAC,CAAC;EAClB,MAAMC,OAAO,GAAG,CAAC,CAAC;EAElBT,MAAM,CAACU,IAAI,CAACJ,WAAW,CAAC,CACrBK,MAAM,CAAER,KAAK,IAAI,CAACJ,WAAW,CAACI,KAAK,CAAC,CAAC,CACrCS,OAAO,CAAET,KAAK,IAAI;IACjB,MAAMU,aAAa,GAAG,OAAOP,WAAW,CAACH,KAAK,CAAC,KAAK,QAAQ,IAAI,CAAC,CAACG,WAAW,CAACH,KAAK,CAAC;IAEpF,IAAK,CAACU,aAAa,EAAG;MACpB;MACAJ,OAAO,CAACN,KAAK,CAAC,GAAGG,WAAW,CAACH,KAAK,CAAC;MACnC;IACF;IAEA,IAAKG,WAAW,CAACH,KAAK,CAAC,CAACW,GAAG,EAAG;MAC5B;MACAN,OAAO,CAACF,WAAW,CAACH,KAAK,CAAC,CAACY,IAAI,CAAC,GAAG,IAAAC,0BAAiB,EAACX,UAAU,EAAEC,WAAW,CAACH,KAAK,CAAC,EAAEI,SAAS,CAAC;MAC/F;IACF;IAEA,MAAM;MAAEU,KAAK,EAAEC,UAAU;MAAEC,IAAI;MAAE,GAAGC;IAAI,CAAC,GAAGd,WAAW,CAACH,KAAK,CAAC;IAC9DM,OAAO,CAACN,KAAK,CAAC,GAAG;MAAEgB,IAAI;MAAE,GAAGC;IAAI,CAAC,CAAC,CAAC;;IAEnC,IAAKD,IAAI,KAAK,QAAQ,EAAG;MACvB;MACAV,OAAO,CAACN,KAAK,CAAC,CAACc,KAAK,GAAGC,UAAU;MACjC;IACF;;IAEA;IACAT,OAAO,CAACN,KAAK,CAAC,CAACc,KAAK,GAAG,CAAC,CAAC;IACzBjB,MAAM,CAACqB,OAAO,CAACH,UAAU,CAAC,CACvBN,OAAO,CAAE,CAAC,CAACU,QAAQ,EAAEL,KAAK,CAAC,KAAK;MAC/B,IAAIA,KAAK,CAACH,GAAG,EAAE;QAAE;QACf;QACAN,OAAO,CAAE,GAAEL,KAAM,IAAGmB,QAAQ,CAACP,IAAI,IAAIO,QAAS,EAAC,CAAC,GAAG,IAAAN,0BAAiB,EAACX,UAAU,EAAEY,KAAK,EAAEV,SAAS,CAAC;MACpG,CAAC,MAAM;QACL;QACAE,OAAO,CAACN,KAAK,CAAC,CAACc,KAAK,CAACK,QAAQ,CAAC,GAAGL,KAAK;MACxC;IACF,CAAC,CAAC;EACN,CAAC,CAAC;EAEJ,OAAO;IAAER,OAAO;IAAED;EAAQ,CAAC;AAC7B,CAAC;AAAC;AAEF,MAAMe,eAAe,GAAG,CAACjB,WAAW,EAAEW,KAAK,KAAK;EAC9CjB,MAAM,CAACU,IAAI,CAACO,KAAK,CAAC,CAACL,OAAO,CAACY,CAAC,IAAI;IAC9B,IAAIA,CAAC,KAAK,WAAW,EAAE;MACrB,MAAMC,KAAK,GAAGC,KAAK,CAACC,OAAO,CAACV,KAAK,CAACO,CAAC,CAAC,CAAC,GAAGP,KAAK,CAACO,CAAC,CAAC,CAAC,CAAC,CAAC,GAAGP,KAAK,CAACO,CAAC,CAAC;MAC9D,IAAI,OAAOC,KAAK,KAAK,QAAQ,EAAE;QAC7B,MAAMG,MAAM,GAAG,IAAAC,kBAAQ,EAAC;UAAEC,IAAI,EAAEL,KAAK;UAAEM,IAAI,EAAEzB;QAAY,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9D,IAAIsB,MAAM,EAAE;UACVX,KAAK,CAACO,CAAC,CAAC,GAAGI,MAAM;UACjB;QACF;MACF;IACF;IACA,IAAIF,KAAK,CAACC,OAAO,CAACV,KAAK,CAACO,CAAC,CAAC,CAAC,EAAE;MAC3BP,KAAK,CAACO,CAAC,CAAC,CAACZ,OAAO,CAACoB,UAAU,IAAIT,eAAe,CAACjB,WAAW,EAAE0B,UAAU,CAAC,CAAC;IAC1E;EACF,CAAC,CAAC;AACJ,CAAC;AAED,MAAMC,wBAAwB,GAAG,CAAC5B,UAAgC,EAAE6B,WAAW,EAAE3B,SAAS,KAAK;EAC7F;EACA,IAAI2B,WAAW,CAACpB,GAAG,EAAE;IACnB,MAAMqB,kBAAkB,GAAG,IAAAC,+CAA4B,EAAE/B,UAAU,EAAE,CAAC6B,WAAW,CAAC,EAAE3B,SAAS,CAAE;IAC/F,MAAM8B,QAAQ,GAAGF,kBAAkB,CAACD,WAAW,CAACnB,IAAI,CAAC;IACrD,OAAO;MACL,GAAGmB,WAAW;MACdI,MAAM,EAAED;IACV,CAAC;EACH;EAEA,OAAOH,WAAW;AACpB,CAAC;AAEM,MAAMK,gBAAgB,GAAG,SAASA,gBAAgB,CAAElC,UAAgC,EAAEC,WAAW,EAAEC,SAAS,GAAG,CAAC,CAAC,EAItH;EAAA;EACA,MAAMiC,eAAe,GAAG,0BAAAlC,WAAW,CAAC4B,WAAW,0DAAvB,sBAAyBjB,KAAK,KAAI,EAAE;EAE5DuB,eAAe,CAAC5B,OAAO,CACrBsB,WAAW,IAAIX,eAAe,CAACjB,WAAW,EAAE4B,WAAW,CAAC,CACzD;EAED,MAAMO,YAAY,GAAGD,eAAe,CAACtC,GAAG,CAACgC,WAAW,IAAID,wBAAwB,CAAE5B,UAAU,EAAE6B,WAAW,EAAE3B,SAAS,CAAE,CAAC;EAEvH,MAAM;IAAEE,OAAO;IAAED;EAAQ,CAAC,GAAGJ,oBAAoB,CAAEC,UAAU,EAAEC,WAAW,EAAEC,SAAS,CAAE;EAEvF,OAAO;IACLkC,YAAY;IACZhC,OAAO;IACPD;EACF,CAAC;AACH,CAAC;AAAC"}

package/cjs/idx/mixin.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"mixin.js","names":["mixinIdx","Base","OktaAuthIdx","constructor","args","idx","createIdxAPI","webauthn"],"sources":["../../../lib/idx/mixin.ts"],"sourcesContent":["import { OktaAuthConstructor } from '../base/types';\nimport { OktaAuthOAuthInterface } from '../oidc/types';\nimport { IdxAPI, IdxTransactionManagerInterface, OktaAuthIdxInterface, OktaAuthIdxOptions } from './types';\nimport { IdxTransactionMeta } from './types/meta';\nimport { IdxStorageManagerInterface } from './types/storage';\nimport { createIdxAPI } from './factory/api';\nimport ~~{ WebauthnAPI } from './webauthn';\nimport~~ * as webauthn from './webauthn';\n\nexport function mixinIdx\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n = OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n>\n(Base: TBase): TBase & ~~OktaAuthConstructor~~<OktaAuthIdxInterface<M, S, O, TM>>\n{\n return class OktaAuthIdx extends Base implements OktaAuthIdxInterface<M, S, O, TM>\n {\n idx: IdxAPI;\n static webauthn: WebauthnAPI = webauthn;\n \n constructor(...args: any[]) {\n super(...args);\n this.idx = createIdxAPI(this);\n }\n };\n}\n"],"mappings":";;;;;~~AAKA~~;~~AAEA~~;AAAuC;AAAA;AAEhC,SAASA,QAAQ,CASvBC,IAAW,EACZ;EAAA;EACE,gBAAO,MAAMC,WAAW,SAASD,IAAI,CACrC;IAIEE,WAAW,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAGA,IAAI,CAAC;MACd,IAAI,CAACC,GAAG,GAAG,IAAAC,iBAAY,EAAC,IAAI,CAAC;IAC/B;EACF,CAAC,oDANgCC,QAAQ;AAO3C"}
1	+ {"version":3,"file":"mixin.js","names":["mixinIdx","Base","OktaAuthIdx","constructor","args","idx","createIdxAPI","webauthn"],"sources":["../../../lib/idx/mixin.ts"],"sourcesContent":["import { OktaAuthConstructor } from '../base/types';\nimport { OktaAuthOAuthInterface } from '../oidc/types';\nimport {\n IdxAPI, \n IdxTransactionManagerInterface, \n OktaAuthIdxInterface, \n OktaAuthIdxConstructor, \n OktaAuthIdxOptions, \n WebauthnAPI\n} from './types';\nimport { IdxTransactionMeta } from './types/meta';\nimport { IdxStorageManagerInterface } from './types/storage';\nimport { createIdxAPI } from './factory/api';\nimport * as webauthn from './webauthn';\n\nexport function mixinIdx\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n = OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n>\n(Base: TBase): TBase & OktaAuthIdxConstructor<OktaAuthIdxInterface<M, S, O, TM>>\n{\n return class OktaAuthIdx extends Base implements OktaAuthIdxInterface<M, S, O, TM>\n {\n idx: IdxAPI;\n static webauthn: WebauthnAPI = webauthn;\n \n constructor(...args: any[]) {\n super(...args);\n this.idx = createIdxAPI(this);\n }\n };\n}\n"],"mappings":";;;;;AAYA;AACA;AAAuC;AAAA;AAEhC,SAASA,QAAQ,CASvBC,IAAW,EACZ;EAAA;EACE,gBAAO,MAAMC,WAAW,SAASD,IAAI,CACrC;IAIEE,WAAW,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAGA,IAAI,CAAC;MACd,IAAI,CAACC,GAAG,GAAG,IAAAC,iBAAY,EAAC,IAAI,CAAC;IAC/B;EACF,CAAC,oDANgCC,QAAQ;AAO3C"}

package/cjs/idx/types/api.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"api.js","names":["IdxStatus","AuthenticatorKey","IdxFeature","isAuthenticator","obj","key","id"],"sources":["../../../../lib/idx/types/api.ts"],"sourcesContent":["/!\n Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n \n See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { APIError } from '../../errors/types';\nimport {\n OktaAuthOAuthInterface,\n Tokens,\n TransactionManagerConstructor,\n TransactionManagerInterface\n} from '../../oidc/types';\nimport { FlowIdentifier } from './FlowIdentifier';\nimport {\n IdxActions,\n IdxAuthenticator,\n IdxContext,\n IdxForm,\n IdxMessage,\n IdxOption,\n IdxRemediation,\n IdxResponse,\n RawIdxResponse,\n IdxActionParams,\n IdpConfig,\n IdxToPersist,\n} from './idx-js';\nimport {\n AccountUnlockOptions,\n AuthenticationOptions,\n CancelOptions,\n InteractOptions,\n IntrospectOptions,\n OktaAuthIdxOptions,\n PasswordRecoveryOptions,\n ProceedOptions,\n RegistrationOptions,\n StartOptions,\n IdxTransactionMetaOptions\n} from './options';\nimport { IdxTransactionMeta } from './meta';\nimport { IdxStorageManagerInterface, SavedIdxResponse } from './storage';\n\nexport enum IdxStatus {\n SUCCESS = 'SUCCESS',\n PENDING = 'PENDING',\n FAILURE = 'FAILURE',\n TERMINAL = 'TERMINAL',\n CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n OKTA_PASSWORD = 'okta_password',\n OKTA_EMAIL = 'okta_email',\n PHONE_NUMBER = 'phone_number',\n GOOGLE_AUTHENTICATOR = 'google_otp',\n SECURITY_QUESTION = 'security_question',\n OKTA_VERIFY = 'okta_verify',\n WEBAUTHN = 'webauthn',\n}\n\nexport type Input = {\n name: string;\n key?: string;\n type?: string;\n label?: string;\n value?: string \| {form: IdxForm} \| Input[];\n minLength?: number;\n maxLength?: number;\n secret?: boolean;\n required?: boolean;\n options?: IdxOption[];\n mutable?: boolean;\n visible?: boolean;\n}\n\n\nexport interface IdxPollOptions {\n required?: boolean;\n refresh?: number;\n}\n\nexport type NextStep = {\n name: string;\n authenticator?: IdxAuthenticator;\n canSkip?: boolean;\n canResend?: boolean;\n inputs?: Input[];\n poll?: IdxPollOptions;\n authenticatorEnrollments?: IdxAuthenticator[];\n // eslint-disable-next-line no-use-before-define\n action?: (params?: IdxActionParams) => Promise<IdxTransaction>;\n idp?: IdpConfig;\n href?: string;\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n refresh?: number;\n}\n\nexport enum IdxFeature {\n PASSWORD_RECOVERY = 'recover-password',\n REGISTRATION = 'enroll-profile',\n SOCIAL_IDP = 'redirect-idp',\n ACCOUNT_UNLOCK = 'unlock-account',\n}\n\n\nexport interface IdxTransaction {\n status: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError \| IdxResponse;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n requestDidSucceed?: boolean;\n stepUp?: boolean;\n \n // from idx-js, used by signin widget\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n context: IdxContext;\n}\n\n\nexport type Authenticator = {\n id?: string;\n key?: string;\n methodType?: string;\n phoneNumber?: string;\n channel?: string;\n};\n\nexport function isAuthenticator(obj: any): obj is Authenticator {\n return obj && (obj.key \|\| obj.id);\n}\n\nexport interface RemediationResponse {\n idxResponse: IdxResponse;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n terminal?: boolean;\n canceled?: boolean;\n}\n\nexport interface InteractResponse {\n state?: string;\n interactionHandle: string;\n meta: IdxTransactionMeta;\n}\n\nexport interface EmailVerifyCallbackResponse {\n state: string;\n otp: string;\n}\n\nexport interface IdxAPI {\n // lowest level api\n interact: (options?: InteractOptions) => Promise<InteractResponse>;\n introspect: (options?: IntrospectOptions) => Promise<IdxResponse>;\n makeIdxResponse: (rawIdxResponse: RawIdxResponse, toPersist: IdxToPersist, requestDidSucceed: boolean) => IdxResponse;\n\n // flow entrypoints\n authenticate: (options?: AuthenticationOptions) => Promise<IdxTransaction>;\n register: (options?: RegistrationOptions) => Promise<IdxTransaction>;\n recoverPassword: (options?: PasswordRecoveryOptions) => Promise<IdxTransaction>;\n unlockAccount: (options?: AccountUnlockOptions) => Promise<IdxTransaction>;\n poll: (options?: IdxPollOptions) => Promise<IdxTransaction>;\n\n // flow control\n start: (options?: StartOptions) => Promise<IdxTransaction>;\n canProceed(options?: ProceedOptions): boolean;\n proceed: (options?: ProceedOptions) => Promise<IdxTransaction>;\n cancel: (options?: CancelOptions) => Promise<IdxTransaction>;\n getFlow(): FlowIdentifier \| undefined;\n setFlow(flow: FlowIdentifier): void;\n\n // call `start` instead of `startTransaction`. `startTransaction` will be removed in next major version (7.0)\n startTransaction: (options?: StartOptions) => Promise<IdxTransaction>;\n\n // redirect callbacks\n isInteractionRequired: (hashOrSearch?: string) => boolean;\n isInteractionRequiredError: (error: Error) => boolean; \n handleInteractionCodeRedirect: (url: string) => Promise<void>;\n isEmailVerifyCallback: (search: string) => boolean;\n parseEmailVerifyCallback: (search: string) => EmailVerifyCallbackResponse;\n handleEmailVerifyCallback: (search: string) => Promise<IdxTransaction \| undefined>;\n isEmailVerifyCallbackError: (error: Error) => boolean;\n\n // transaction meta\n getSavedTransactionMeta: (options?: IdxTransactionMetaOptions) => IdxTransactionMeta \| undefined;\n createTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n getTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n saveTransactionMeta: (meta: unknown) => void;\n clearTransactionMeta: () => void;\n isTransactionMetaValid: (meta: unknown) => boolean;\n}\n\nexport interface IdxTransactionManagerInterface extends TransactionManagerInterface {\n saveIdxResponse(data: SavedIdxResponse): void;\n loadIdxResponse(options?: IntrospectOptions): SavedIdxResponse \| null;\n clearIdxResponse(): void;\n}\n\nexport type IdxTransactionManagerConstructor = TransactionManagerConstructor<IdxTransactionManagerInterface>;\n\nexport interface OktaAuthIdxInterface\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface\n>\n extends OktaAuthOAuthInterface<M, S, O, TM>\n{\n idx: IdxAPI;\n}\n"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,GAVA,~~IAkDYA~~,SAAS;AAAA;AAAA,WAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;AAAA,GAATA,SAAS,yBAATA,SAAS;AAAA,IAQTC,gBAAgB;AAAA;AAAA,WAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;AAAA,GAAhBA,gBAAgB,gCAAhBA,gBAAgB;AAAA,IAkDhBC,UAAU;AAAA;AAAA,WAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;AAAA,GAAVA,UAAU,0BAAVA,UAAU;AAsCf,SAASC,eAAe,CAACC,GAAQ,EAAwB;EAC9D,OAAOA,GAAG,KAAKA,GAAG,CAACC,GAAG,IAAID,GAAG,CAACE,EAAE,CAAC;AACnC"}
1	+ {"version":3,"file":"api.js","names":["IdxStatus","AuthenticatorKey","IdxFeature","isAuthenticator","obj","key","id"],"sources":["../../../../lib/idx/types/api.ts"],"sourcesContent":["/!\n Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n \n See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { APIError } from '../../errors/types';\nimport {\n OktaAuthOAuthInterface,\n Tokens,\n TransactionManagerConstructor,\n TransactionManagerInterface\n} from '../../oidc/types';\nimport { FlowIdentifier } from './FlowIdentifier';\nimport {\n IdxActions,\n IdxAuthenticator,\n IdxContext,\n IdxForm,\n IdxMessage,\n IdxOption,\n IdxRemediation,\n IdxResponse,\n RawIdxResponse,\n IdxActionParams,\n IdpConfig,\n IdxToPersist,\n ChallengeData,\n ActivationData,\n} from './idx-js';\nimport {\n AccountUnlockOptions,\n AuthenticationOptions,\n CancelOptions,\n InteractOptions,\n IntrospectOptions,\n OktaAuthIdxOptions,\n PasswordRecoveryOptions,\n ProceedOptions,\n RegistrationOptions,\n StartOptions,\n IdxTransactionMetaOptions\n} from './options';\nimport { IdxTransactionMeta } from './meta';\nimport { IdxStorageManagerInterface, SavedIdxResponse } from './storage';\nimport type {\n WebauthnEnrollValues,\n WebauthnVerificationValues\n} from '../authenticator';\nimport { OktaAuthConstructor } from '../../base/types';\n\nexport enum IdxStatus {\n SUCCESS = 'SUCCESS',\n PENDING = 'PENDING',\n FAILURE = 'FAILURE',\n TERMINAL = 'TERMINAL',\n CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n OKTA_PASSWORD = 'okta_password',\n OKTA_EMAIL = 'okta_email',\n PHONE_NUMBER = 'phone_number',\n GOOGLE_AUTHENTICATOR = 'google_otp',\n SECURITY_QUESTION = 'security_question',\n OKTA_VERIFY = 'okta_verify',\n WEBAUTHN = 'webauthn',\n}\n\nexport type Input = {\n name: string;\n key?: string;\n type?: string;\n label?: string;\n value?: string \| {form: IdxForm} \| Input[];\n minLength?: number;\n maxLength?: number;\n secret?: boolean;\n required?: boolean;\n options?: IdxOption[];\n mutable?: boolean;\n visible?: boolean;\n}\n\n\nexport interface IdxPollOptions {\n required?: boolean;\n refresh?: number;\n}\n\nexport type NextStep = {\n name: string;\n authenticator?: IdxAuthenticator;\n canSkip?: boolean;\n canResend?: boolean;\n inputs?: Input[];\n poll?: IdxPollOptions;\n authenticatorEnrollments?: IdxAuthenticator[];\n // eslint-disable-next-line no-use-before-define\n action?: (params?: IdxActionParams) => Promise<IdxTransaction>;\n idp?: IdpConfig;\n href?: string;\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n refresh?: number;\n}\n\nexport enum IdxFeature {\n PASSWORD_RECOVERY = 'recover-password',\n REGISTRATION = 'enroll-profile',\n SOCIAL_IDP = 'redirect-idp',\n ACCOUNT_UNLOCK = 'unlock-account',\n}\n\n\nexport interface IdxTransaction {\n status: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError \| IdxResponse;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n requestDidSucceed?: boolean;\n stepUp?: boolean;\n \n // from idx-js, used by signin widget\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n context: IdxContext;\n}\n\n\nexport type Authenticator = {\n id?: string;\n key?: string;\n methodType?: string;\n phoneNumber?: string;\n channel?: string;\n};\n\nexport function isAuthenticator(obj: any): obj is Authenticator {\n return obj && (obj.key \|\| obj.id);\n}\n\nexport interface RemediationResponse {\n idxResponse: IdxResponse;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n terminal?: boolean;\n canceled?: boolean;\n}\n\nexport interface InteractResponse {\n state?: string;\n interactionHandle: string;\n meta: IdxTransactionMeta;\n}\n\nexport interface EmailVerifyCallbackResponse {\n state: string;\n otp: string;\n}\n\nexport interface IdxAPI {\n // lowest level api\n interact: (options?: InteractOptions) => Promise<InteractResponse>;\n introspect: (options?: IntrospectOptions) => Promise<IdxResponse>;\n makeIdxResponse: (rawIdxResponse: RawIdxResponse, toPersist: IdxToPersist, requestDidSucceed: boolean) => IdxResponse;\n\n // flow entrypoints\n authenticate: (options?: AuthenticationOptions) => Promise<IdxTransaction>;\n register: (options?: RegistrationOptions) => Promise<IdxTransaction>;\n recoverPassword: (options?: PasswordRecoveryOptions) => Promise<IdxTransaction>;\n unlockAccount: (options?: AccountUnlockOptions) => Promise<IdxTransaction>;\n poll: (options?: IdxPollOptions) => Promise<IdxTransaction>;\n\n // flow control\n start: (options?: StartOptions) => Promise<IdxTransaction>;\n canProceed(options?: ProceedOptions): boolean;\n proceed: (options?: ProceedOptions) => Promise<IdxTransaction>;\n cancel: (options?: CancelOptions) => Promise<IdxTransaction>;\n getFlow(): FlowIdentifier \| undefined;\n setFlow(flow: FlowIdentifier): void;\n\n // call `start` instead of `startTransaction`. `startTransaction` will be removed in next major version (7.0)\n startTransaction: (options?: StartOptions) => Promise<IdxTransaction>;\n\n // redirect callbacks\n isInteractionRequired: (hashOrSearch?: string) => boolean;\n isInteractionRequiredError: (error: Error) => boolean; \n handleInteractionCodeRedirect: (url: string) => Promise<void>;\n isEmailVerifyCallback: (search: string) => boolean;\n parseEmailVerifyCallback: (search: string) => EmailVerifyCallbackResponse;\n handleEmailVerifyCallback: (search: string) => Promise<IdxTransaction \| undefined>;\n isEmailVerifyCallbackError: (error: Error) => boolean;\n\n // transaction meta\n getSavedTransactionMeta: (options?: IdxTransactionMetaOptions) => IdxTransactionMeta \| undefined;\n createTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n getTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n saveTransactionMeta: (meta: unknown) => void;\n clearTransactionMeta: () => void;\n isTransactionMetaValid: (meta: unknown) => boolean;\n}\n\nexport interface IdxTransactionManagerInterface extends TransactionManagerInterface {\n saveIdxResponse(data: SavedIdxResponse): void;\n loadIdxResponse(options?: IntrospectOptions): SavedIdxResponse \| null;\n clearIdxResponse(): void;\n}\n\nexport type IdxTransactionManagerConstructor = TransactionManagerConstructor<IdxTransactionManagerInterface>;\n\nexport interface WebauthnAPI {\n getAssertion(credential: PublicKeyCredential): WebauthnVerificationValues;\n getAttestation(credential: PublicKeyCredential): WebauthnEnrollValues;\n buildCredentialRequestOptions(\n challengeData: ChallengeData, authenticatorEnrollments: IdxAuthenticator[]\n ): CredentialRequestOptions;\n buildCredentialCreationOptions(\n activationData: ActivationData, authenticatorEnrollments: IdxAuthenticator[]\n ): CredentialCreationOptions;\n}\n\nexport interface OktaAuthIdxInterface\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface\n>\n extends OktaAuthOAuthInterface<M, S, O, TM>\n{\n idx: IdxAPI;\n}\n\nexport interface OktaAuthIdxConstructor\n<\n I extends OktaAuthIdxInterface = OktaAuthIdxInterface\n>\n extends OktaAuthConstructor<I>\n{\n new(...args: any[]): I;\n webauthn: WebauthnAPI;\n}\n\n"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,GAVA,IAyDYA,SAAS;AAAA;AAAA,WAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;AAAA,GAATA,SAAS,yBAATA,SAAS;AAAA,IAQTC,gBAAgB;AAAA;AAAA,WAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;AAAA,GAAhBA,gBAAgB,gCAAhBA,gBAAgB;AAAA,IAkDhBC,UAAU;AAAA;AAAA,WAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;AAAA,GAAVA,UAAU,0BAAVA,UAAU;AAsCf,SAASC,eAAe,CAACC,GAAQ,EAAwB;EAC9D,OAAOA,GAAG,KAAKA,GAAG,CAACC,GAAG,IAAID,GAAG,CAACE,EAAE,CAAC;AACnC"}

package/cjs/idx/webauthn.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"webauthn.js","names":["getEnrolledCredentials","authenticatorEnrollments","credentials","forEach","enrollement","key","push","type","id","base64UrlToBuffer","credentialId","buildCredentialCreationOptions","activationData","publicKey","rp","user","name","displayName","challenge","pubKeyCredParams","attestation","authenticatorSelection","excludeCredentials","buildCredentialRequestOptions","challengeData","userVerification","allowCredentials","getAttestation","credential","response","clientData","bufferToBase64Url","clientDataJSON","attestationObject","getAssertion","authenticatorData","signatureData","signature"],"sources":["../../../lib/idx/webauthn.ts"],"sourcesContent":["/!\n Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n \n See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { base64UrlToBuffer, bufferToBase64Url } from '../crypto/base64';\nimport {\n ActivationData,\n ChallengeData,\n IdxAuthenticator,\n ~~WebauthnEnrollValues,\n WebauthnVerificationValues\n~~} from './types';\n\n\~~nexport interface WebauthnAPI {\~~n getAssertion(credential: PublicKeyCredential): WebauthnVerificationValues;\n getAttestation(credential: PublicKeyCredential): WebauthnEnrollValues;\n buildCredentialRequestOptions(\n challengeData: ChallengeData, authenticatorEnrollments: IdxAuthenticator[]\n ): CredentialRequestOptions;\n buildCredentialCreationOptions(\n activationData: ActivationData, authenticatorEnrollments: IdxAuthenticator[]\n ): CredentialCreationOptions;\n}\n\n\n// Get known credentials from list of enrolled authenticators\nconst getEnrolledCredentials = (authenticatorEnrollments: IdxAuthenticator[] = []) => {\n const credentials: PublicKeyCredentialDescriptor[] = [];\n authenticatorEnrollments.forEach((enrollement) => {\n if (enrollement.key === 'webauthn') {\n credentials.push({\n type: 'public-key',\n id: base64UrlToBuffer(enrollement.credentialId),\n });\n }\n });\n return credentials;\n};\n\n// Build options for navigator.credentials.create\n// https://developer.mozilla.org/en-US/docs/Web/API/CredentialsContainer/create\nexport const buildCredentialCreationOptions = (\n activationData: ActivationData, authenticatorEnrollments: IdxAuthenticator[]\n) => {\n return {\n publicKey: {\n rp: activationData.rp,\n user: {\n id: base64UrlToBuffer(activationData.user.id),\n name: activationData.user.name,\n displayName: activationData.user.displayName\n },\n challenge: base64UrlToBuffer(activationData.challenge),\n pubKeyCredParams: activationData.pubKeyCredParams,\n attestation: activationData.attestation,\n authenticatorSelection: activationData.authenticatorSelection,\n excludeCredentials: getEnrolledCredentials(authenticatorEnrollments),\n }\n } as CredentialCreationOptions;\n};\n\n\n// Build options for navigator.credentials.get\n// https://developer.mozilla.org/en-US/docs/Web/API/CredentialsContainer/get\nexport const buildCredentialRequestOptions = (\n challengeData: ChallengeData, authenticatorEnrollments: IdxAuthenticator[]\n) => {\n return {\n publicKey: {\n challenge: base64UrlToBuffer(challengeData.challenge),\n userVerification: challengeData.userVerification,\n allowCredentials: getEnrolledCredentials(authenticatorEnrollments),\n }\n } as CredentialRequestOptions;\n};\n\n// Build attestation for webauthn enroll\n// https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAttestationResponse\nexport const getAttestation = (credential: PublicKeyCredential) => {\n const response = credential.response as AuthenticatorAttestationResponse;\n const id = credential.id;\n const clientData = bufferToBase64Url(response.clientDataJSON);\n const attestation = bufferToBase64Url(response.attestationObject);\n return {\n id,\n clientData,\n attestation\n };\n};\n\n// Build assertion for webauthn verification\n// https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAssertionResponse\nexport const getAssertion = (credential: PublicKeyCredential) => {\n const response = credential.response as AuthenticatorAssertionResponse;\n const id = credential.id;\n const clientData = bufferToBase64Url(response.clientDataJSON);\n const authenticatorData = bufferToBase64Url(response.authenticatorData);\n const signatureData = bufferToBase64Url(response.signature);\n return {\n id,\n clientData,\n authenticatorData,\n signatureData\n };\n};\n"],"mappings":";;;AAYA;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;~~AAwBA~~;AACA,MAAMA,sBAAsB,GAAG,CAACC,wBAA4C,GAAG,EAAE,KAAK;EACpF,MAAMC,WAA4C,GAAG,EAAE;EACvDD,wBAAwB,CAACE,OAAO,CAAEC,WAAW,IAAK;IAChD,IAAIA,WAAW,CAACC,GAAG,KAAK,UAAU,EAAE;MAClCH,WAAW,CAACI,IAAI,CAAC;QACfC,IAAI,EAAE,YAAY;QAClBC,EAAE,EAAE,IAAAC,uBAAiB,EAACL,WAAW,CAACM,YAAY;MAChD,CAAC,CAAC;IACJ;EACF,CAAC,CAAC;EACF,OAAOR,WAAW;AACpB,CAAC;;AAED;AACA;AACO,MAAMS,8BAA8B,GAAG,CAC5CC,cAA8B,EAAEX,wBAA4C,KACzE;EACH,OAAO;IACLY,SAAS,EAAE;MACTC,EAAE,EAAEF,cAAc,CAACE,EAAE;MACrBC,IAAI,EAAE;QACJP,EAAE,EAAE,IAAAC,uBAAiB,EAACG,cAAc,CAACG,IAAI,CAACP,EAAE,CAAC;QAC7CQ,IAAI,EAAEJ,cAAc,CAACG,IAAI,CAACC,IAAI;QAC9BC,WAAW,EAAEL,cAAc,CAACG,IAAI,CAACE;MACnC,CAAC;MACDC,SAAS,EAAE,IAAAT,uBAAiB,EAACG,cAAc,CAACM,SAAS,CAAC;MACtDC,gBAAgB,EAAEP,cAAc,CAACO,gBAAgB;MACjDC,WAAW,EAAER,cAAc,CAACQ,WAAW;MACvCC,sBAAsB,EAAET,cAAc,CAACS,sBAAsB;MAC7DC,kBAAkB,EAAEtB,sBAAsB,CAACC,wBAAwB;IACrE;EACF,CAAC;AACH,CAAC;;AAGD;AACA;AAAA;AACO,MAAMsB,6BAA6B,GAAG,CAC3CC,aAA4B,EAAEvB,wBAA4C,KACvE;EACH,OAAO;IACLY,SAAS,EAAE;MACTK,SAAS,EAAE,IAAAT,uBAAiB,EAACe,aAAa,CAACN,SAAS,CAAC;MACrDO,gBAAgB,EAAED,aAAa,CAACC,gBAAgB;MAChDC,gBAAgB,EAAE1B,sBAAsB,CAACC,wBAAwB;IACnE;EACF,CAAC;AACH,CAAC;;AAED;AACA;AAAA;AACO,MAAM0B,cAAc,GAAIC,UAA+B,IAAK;EACjE,MAAMC,QAAQ,GAAGD,UAAU,CAACC,QAA4C;EACxE,MAAMrB,EAAE,GAAGoB,UAAU,CAACpB,EAAE;EACxB,MAAMsB,UAAU,GAAG,IAAAC,uBAAiB,EAACF,QAAQ,CAACG,cAAc,CAAC;EAC7D,MAAMZ,WAAW,GAAG,IAAAW,uBAAiB,EAACF,QAAQ,CAACI,iBAAiB,CAAC;EACjE,OAAO;IACLzB,EAAE;IACFsB,UAAU;IACVV;EACF,CAAC;AACH,CAAC;;AAED;AACA;AAAA;AACO,MAAMc,YAAY,GAAIN,UAA+B,IAAK;EAC/D,MAAMC,QAAQ,GAAGD,UAAU,CAACC,QAA0C;EACtE,MAAMrB,EAAE,GAAGoB,UAAU,CAACpB,EAAE;EACxB,MAAMsB,UAAU,GAAG,IAAAC,uBAAiB,EAACF,QAAQ,CAACG,cAAc,CAAC;EAC7D,MAAMG,iBAAiB,GAAG,IAAAJ,uBAAiB,EAACF,QAAQ,CAACM,iBAAiB,CAAC;EACvE,MAAMC,aAAa,GAAG,IAAAL,uBAAiB,EAACF,QAAQ,CAACQ,SAAS,CAAC;EAC3D,OAAO;IACL7B,EAAE;IACFsB,UAAU;IACVK,iBAAiB;IACjBC;EACF,CAAC;AACH,CAAC;AAAC"}
1	+ {"version":3,"file":"webauthn.js","names":["getEnrolledCredentials","authenticatorEnrollments","credentials","forEach","enrollement","key","push","type","id","base64UrlToBuffer","credentialId","buildCredentialCreationOptions","activationData","publicKey","rp","user","name","displayName","challenge","pubKeyCredParams","attestation","authenticatorSelection","excludeCredentials","buildCredentialRequestOptions","challengeData","userVerification","allowCredentials","getAttestation","credential","response","clientData","bufferToBase64Url","clientDataJSON","attestationObject","getAssertion","authenticatorData","signatureData","signature"],"sources":["../../../lib/idx/webauthn.ts"],"sourcesContent":["/!\n Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n \n See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { base64UrlToBuffer, bufferToBase64Url } from '../crypto/base64';\nimport {\n ActivationData,\n ChallengeData,\n IdxAuthenticator,\n} from './types';\n\n\n// Get known credentials from list of enrolled authenticators\nconst getEnrolledCredentials = (authenticatorEnrollments: IdxAuthenticator[] = []) => {\n const credentials: PublicKeyCredentialDescriptor[] = [];\n authenticatorEnrollments.forEach((enrollement) => {\n if (enrollement.key === 'webauthn') {\n credentials.push({\n type: 'public-key',\n id: base64UrlToBuffer(enrollement.credentialId),\n });\n }\n });\n return credentials;\n};\n\n// Build options for navigator.credentials.create\n// https://developer.mozilla.org/en-US/docs/Web/API/CredentialsContainer/create\nexport const buildCredentialCreationOptions = (\n activationData: ActivationData, authenticatorEnrollments: IdxAuthenticator[]\n) => {\n return {\n publicKey: {\n rp: activationData.rp,\n user: {\n id: base64UrlToBuffer(activationData.user.id),\n name: activationData.user.name,\n displayName: activationData.user.displayName\n },\n challenge: base64UrlToBuffer(activationData.challenge),\n pubKeyCredParams: activationData.pubKeyCredParams,\n attestation: activationData.attestation,\n authenticatorSelection: activationData.authenticatorSelection,\n excludeCredentials: getEnrolledCredentials(authenticatorEnrollments),\n }\n } as CredentialCreationOptions;\n};\n\n\n// Build options for navigator.credentials.get\n// https://developer.mozilla.org/en-US/docs/Web/API/CredentialsContainer/get\nexport const buildCredentialRequestOptions = (\n challengeData: ChallengeData, authenticatorEnrollments: IdxAuthenticator[]\n) => {\n return {\n publicKey: {\n challenge: base64UrlToBuffer(challengeData.challenge),\n userVerification: challengeData.userVerification,\n allowCredentials: getEnrolledCredentials(authenticatorEnrollments),\n }\n } as CredentialRequestOptions;\n};\n\n// Build attestation for webauthn enroll\n// https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAttestationResponse\nexport const getAttestation = (credential: PublicKeyCredential) => {\n const response = credential.response as AuthenticatorAttestationResponse;\n const id = credential.id;\n const clientData = bufferToBase64Url(response.clientDataJSON);\n const attestation = bufferToBase64Url(response.attestationObject);\n return {\n id,\n clientData,\n attestation\n };\n};\n\n// Build assertion for webauthn verification\n// https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAssertionResponse\nexport const getAssertion = (credential: PublicKeyCredential) => {\n const response = credential.response as AuthenticatorAssertionResponse;\n const id = credential.id;\n const clientData = bufferToBase64Url(response.clientDataJSON);\n const authenticatorData = bufferToBase64Url(response.authenticatorData);\n const signatureData = bufferToBase64Url(response.signature);\n return {\n id,\n clientData,\n authenticatorData,\n signatureData\n };\n};\n"],"mappings":";;;AAYA;AAZA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAUA;AACA,MAAMA,sBAAsB,GAAG,CAACC,wBAA4C,GAAG,EAAE,KAAK;EACpF,MAAMC,WAA4C,GAAG,EAAE;EACvDD,wBAAwB,CAACE,OAAO,CAAEC,WAAW,IAAK;IAChD,IAAIA,WAAW,CAACC,GAAG,KAAK,UAAU,EAAE;MAClCH,WAAW,CAACI,IAAI,CAAC;QACfC,IAAI,EAAE,YAAY;QAClBC,EAAE,EAAE,IAAAC,uBAAiB,EAACL,WAAW,CAACM,YAAY;MAChD,CAAC,CAAC;IACJ;EACF,CAAC,CAAC;EACF,OAAOR,WAAW;AACpB,CAAC;;AAED;AACA;AACO,MAAMS,8BAA8B,GAAG,CAC5CC,cAA8B,EAAEX,wBAA4C,KACzE;EACH,OAAO;IACLY,SAAS,EAAE;MACTC,EAAE,EAAEF,cAAc,CAACE,EAAE;MACrBC,IAAI,EAAE;QACJP,EAAE,EAAE,IAAAC,uBAAiB,EAACG,cAAc,CAACG,IAAI,CAACP,EAAE,CAAC;QAC7CQ,IAAI,EAAEJ,cAAc,CAACG,IAAI,CAACC,IAAI;QAC9BC,WAAW,EAAEL,cAAc,CAACG,IAAI,CAACE;MACnC,CAAC;MACDC,SAAS,EAAE,IAAAT,uBAAiB,EAACG,cAAc,CAACM,SAAS,CAAC;MACtDC,gBAAgB,EAAEP,cAAc,CAACO,gBAAgB;MACjDC,WAAW,EAAER,cAAc,CAACQ,WAAW;MACvCC,sBAAsB,EAAET,cAAc,CAACS,sBAAsB;MAC7DC,kBAAkB,EAAEtB,sBAAsB,CAACC,wBAAwB;IACrE;EACF,CAAC;AACH,CAAC;;AAGD;AACA;AAAA;AACO,MAAMsB,6BAA6B,GAAG,CAC3CC,aAA4B,EAAEvB,wBAA4C,KACvE;EACH,OAAO;IACLY,SAAS,EAAE;MACTK,SAAS,EAAE,IAAAT,uBAAiB,EAACe,aAAa,CAACN,SAAS,CAAC;MACrDO,gBAAgB,EAAED,aAAa,CAACC,gBAAgB;MAChDC,gBAAgB,EAAE1B,sBAAsB,CAACC,wBAAwB;IACnE;EACF,CAAC;AACH,CAAC;;AAED;AACA;AAAA;AACO,MAAM0B,cAAc,GAAIC,UAA+B,IAAK;EACjE,MAAMC,QAAQ,GAAGD,UAAU,CAACC,QAA4C;EACxE,MAAMrB,EAAE,GAAGoB,UAAU,CAACpB,EAAE;EACxB,MAAMsB,UAAU,GAAG,IAAAC,uBAAiB,EAACF,QAAQ,CAACG,cAAc,CAAC;EAC7D,MAAMZ,WAAW,GAAG,IAAAW,uBAAiB,EAACF,QAAQ,CAACI,iBAAiB,CAAC;EACjE,OAAO;IACLzB,EAAE;IACFsB,UAAU;IACVV;EACF,CAAC;AACH,CAAC;;AAED;AACA;AAAA;AACO,MAAMc,YAAY,GAAIN,UAA+B,IAAK;EAC/D,MAAMC,QAAQ,GAAGD,UAAU,CAACC,QAA0C;EACtE,MAAMrB,EAAE,GAAGoB,UAAU,CAACpB,EAAE;EACxB,MAAMsB,UAAU,GAAG,IAAAC,uBAAiB,EAACF,QAAQ,CAACG,cAAc,CAAC;EAC7D,MAAMG,iBAAiB,GAAG,IAAAJ,uBAAiB,EAACF,QAAQ,CAACM,iBAAiB,CAAC;EACvE,MAAMC,aAAa,GAAG,IAAAL,uBAAiB,EAACF,QAAQ,CAACQ,SAAS,CAAC;EAC3D,OAAO;IACL7B,EAAE;IACFsB,UAAU;IACVK,iBAAiB;IACjBC;EACF,CAAC;AACH,CAAC;AAAC"}

package/cjs/myaccount/api.js CHANGED Viewed

@@ -33,4 +33,15 @@ Object.keys(_phoneApi).forEach(function (key) {
     }
   });
 });
+var _passwordApi = require("./passwordApi");
+Object.keys(_passwordApi).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (key in exports && exports[key] === _passwordApi[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _passwordApi[key];
+    }
+  });
+});
 //# sourceMappingURL=api.js.map

package/cjs/myaccount/api.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"api.js","names":[],"sources":["../../../lib/myaccount/api.ts"],"sourcesContent":["/!\n Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n /\n\n\n// exports all public methods from myaccount module\n\nexport from './profileApi';\nexport * from './emailApi';\nexport * from './phoneApi';\n"],"mappings":";;AAeA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}
1	+ {"version":3,"file":"api.js","names":[],"sources":["../../../lib/myaccount/api.ts"],"sourcesContent":["/!\n Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n \n You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n /\n\n\n// exports all public methods from myaccount module\n\nexport from './profileApi';\nexport * from './emailApi';\nexport * from './phoneApi';\nexport * from './passwordApi';"],"mappings":";;AAeA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}