@okta/okta-auth-js 7.1.1 → 7.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (264) hide show
  1. package/CHANGELOG.md +33 -0
  2. package/README.md +101 -39
  3. package/cjs/core/mixin.js +3 -0
  4. package/cjs/core/mixin.js.map +1 -1
  5. package/cjs/core/types/api.js.map +1 -1
  6. package/cjs/http/OktaUserAgent.js +2 -2
  7. package/cjs/idx/IdxTransactionManager.js +0 -4
  8. package/cjs/idx/IdxTransactionManager.js.map +1 -1
  9. package/cjs/idx/factory/OktaAuthIdx.js.map +1 -1
  10. package/cjs/idx/idxState/v1/idxResponseParser.js +2 -3
  11. package/cjs/idx/idxState/v1/idxResponseParser.js.map +1 -1
  12. package/cjs/idx/mixin.js.map +1 -1
  13. package/cjs/idx/types/api.js.map +1 -1
  14. package/cjs/idx/webauthn.js.map +1 -1
  15. package/cjs/myaccount/api.js +11 -0
  16. package/cjs/myaccount/api.js.map +1 -1
  17. package/cjs/myaccount/emailApi.js +7 -7
  18. package/cjs/myaccount/emailApi.js.map +1 -1
  19. package/cjs/myaccount/passwordApi.js +69 -0
  20. package/cjs/myaccount/passwordApi.js.map +1 -0
  21. package/cjs/myaccount/phoneApi.js +6 -6
  22. package/cjs/myaccount/phoneApi.js.map +1 -1
  23. package/cjs/myaccount/profileApi.js +3 -3
  24. package/cjs/myaccount/profileApi.js.map +1 -1
  25. package/cjs/myaccount/request.js +3 -4
  26. package/cjs/myaccount/request.js.map +1 -1
  27. package/cjs/myaccount/transactions/PasswordTransaction.js +81 -0
  28. package/cjs/myaccount/transactions/PasswordTransaction.js.map +1 -0
  29. package/cjs/myaccount/transactions/index.js +7 -0
  30. package/cjs/myaccount/transactions/index.js.map +1 -1
  31. package/cjs/myaccount/types.js +13 -0
  32. package/cjs/myaccount/types.js.map +1 -1
  33. package/cjs/oidc/TokenManager.js +5 -0
  34. package/cjs/oidc/TokenManager.js.map +1 -1
  35. package/cjs/oidc/endpoints/authorize.js +4 -3
  36. package/cjs/oidc/endpoints/authorize.js.map +1 -1
  37. package/cjs/oidc/enrollAuthenticator.js +33 -0
  38. package/cjs/oidc/enrollAuthenticator.js.map +1 -0
  39. package/cjs/oidc/factory/api.js +11 -11
  40. package/cjs/oidc/factory/api.js.map +1 -1
  41. package/cjs/oidc/getWithRedirect.js +5 -1
  42. package/cjs/oidc/getWithRedirect.js.map +1 -1
  43. package/cjs/oidc/handleOAuthResponse.js +3 -2
  44. package/cjs/oidc/handleOAuthResponse.js.map +1 -1
  45. package/cjs/oidc/mixin/index.js +10 -4
  46. package/cjs/oidc/mixin/index.js.map +1 -1
  47. package/cjs/oidc/types/TokenManager.js.map +1 -1
  48. package/cjs/oidc/types/api.js.map +1 -1
  49. package/cjs/oidc/types/endpoints.js +2 -0
  50. package/cjs/oidc/types/endpoints.js.map +1 -0
  51. package/cjs/oidc/types/index.js +11 -0
  52. package/cjs/oidc/types/index.js.map +1 -1
  53. package/cjs/oidc/types/meta.js.map +1 -1
  54. package/cjs/oidc/types/options.js.map +1 -1
  55. package/cjs/oidc/types/proto.js.map +1 -1
  56. package/cjs/oidc/util/defaultEnrollAuthenticatorParams.js +38 -0
  57. package/cjs/oidc/util/defaultEnrollAuthenticatorParams.js.map +1 -0
  58. package/cjs/oidc/util/enrollAuthenticatorMeta.js +23 -0
  59. package/cjs/oidc/util/enrollAuthenticatorMeta.js.map +1 -0
  60. package/cjs/oidc/util/index.js +36 -0
  61. package/cjs/oidc/util/index.js.map +1 -1
  62. package/cjs/oidc/util/prepareEnrollAuthenticatorParams.js +50 -0
  63. package/cjs/oidc/util/prepareEnrollAuthenticatorParams.js.map +1 -0
  64. package/cjs/services/AutoRenewService.js +16 -2
  65. package/cjs/services/AutoRenewService.js.map +1 -1
  66. package/cjs/services/LeaderElectionService.js +1 -2
  67. package/cjs/services/LeaderElectionService.js.map +1 -1
  68. package/cjs/services/SyncStorageService.js +1 -2
  69. package/cjs/services/SyncStorageService.js.map +1 -1
  70. package/cjs/session/mixin.js +2 -1
  71. package/cjs/session/mixin.js.map +1 -1
  72. package/cjs/session/types.js.map +1 -1
  73. package/cjs/storage/BaseStorageManager.js +1 -1
  74. package/cjs/storage/BaseStorageManager.js.map +1 -1
  75. package/cjs/util/jsonpath.js +13 -0
  76. package/cjs/util/jsonpath.js.map +1 -0
  77. package/dist/okta-auth-js.authn.min.analyzer.html +2 -2
  78. package/dist/okta-auth-js.authn.min.js +1 -1
  79. package/dist/okta-auth-js.authn.min.js.map +1 -1
  80. package/dist/okta-auth-js.core.min.analyzer.html +2 -2
  81. package/dist/okta-auth-js.core.min.js +1 -1
  82. package/dist/okta-auth-js.core.min.js.map +1 -1
  83. package/dist/okta-auth-js.idx.min.analyzer.html +2 -2
  84. package/dist/okta-auth-js.idx.min.js +1 -1
  85. package/dist/okta-auth-js.idx.min.js.map +1 -1
  86. package/dist/okta-auth-js.min.analyzer.html +2 -2
  87. package/dist/okta-auth-js.min.js +1 -1
  88. package/dist/okta-auth-js.min.js.map +1 -1
  89. package/dist/okta-auth-js.myaccount.min.analyzer.html +2 -2
  90. package/dist/okta-auth-js.myaccount.min.js +1 -1
  91. package/dist/okta-auth-js.myaccount.min.js.map +1 -1
  92. package/esm/browser/core/mixin.js +3 -0
  93. package/esm/browser/core/mixin.js.map +1 -1
  94. package/esm/browser/exports/exports/authn.js +4 -1
  95. package/esm/browser/exports/exports/authn.js.map +1 -1
  96. package/esm/browser/exports/exports/core.js +4 -1
  97. package/esm/browser/exports/exports/core.js.map +1 -1
  98. package/esm/browser/exports/exports/default.js +7 -2
  99. package/esm/browser/exports/exports/default.js.map +1 -1
  100. package/esm/browser/exports/exports/idx.js +4 -1
  101. package/esm/browser/exports/exports/idx.js.map +1 -1
  102. package/esm/browser/exports/exports/myaccount.js +7 -2
  103. package/esm/browser/exports/exports/myaccount.js.map +1 -1
  104. package/esm/browser/http/OktaUserAgent.js +2 -2
  105. package/esm/browser/idx/IdxTransactionManager.js +1 -4
  106. package/esm/browser/idx/IdxTransactionManager.js.map +1 -1
  107. package/esm/browser/idx/factory/OktaAuthIdx.js.map +1 -1
  108. package/esm/browser/idx/idxState/v1/idxResponseParser.js +2 -2
  109. package/esm/browser/idx/idxState/v1/idxResponseParser.js.map +1 -1
  110. package/esm/browser/idx/mixin.js.map +1 -1
  111. package/esm/browser/idx/types/api.js.map +1 -1
  112. package/esm/browser/idx/webauthn.js.map +1 -1
  113. package/esm/browser/myaccount/api.js +1 -0
  114. package/esm/browser/myaccount/api.js.map +1 -1
  115. package/esm/browser/myaccount/emailApi.js.map +1 -1
  116. package/esm/browser/myaccount/passwordApi.js +56 -0
  117. package/esm/browser/myaccount/passwordApi.js.map +1 -0
  118. package/esm/browser/myaccount/phoneApi.js.map +1 -1
  119. package/esm/browser/myaccount/profileApi.js.map +1 -1
  120. package/esm/browser/myaccount/request.js +4 -2
  121. package/esm/browser/myaccount/request.js.map +1 -1
  122. package/esm/browser/myaccount/transactions/PasswordTransaction.js +73 -0
  123. package/esm/browser/myaccount/transactions/PasswordTransaction.js.map +1 -0
  124. package/esm/browser/myaccount/types.js +6 -1
  125. package/esm/browser/myaccount/types.js.map +1 -1
  126. package/esm/browser/oidc/TokenManager.js +5 -0
  127. package/esm/browser/oidc/TokenManager.js.map +1 -1
  128. package/esm/browser/oidc/endpoints/authorize.js +3 -2
  129. package/esm/browser/oidc/endpoints/authorize.js.map +1 -1
  130. package/esm/browser/oidc/enrollAuthenticator.js +36 -0
  131. package/esm/browser/oidc/enrollAuthenticator.js.map +1 -0
  132. package/esm/browser/oidc/factory/api.js +10 -12
  133. package/esm/browser/oidc/factory/api.js.map +1 -1
  134. package/esm/browser/oidc/getWithRedirect.js +6 -1
  135. package/esm/browser/oidc/getWithRedirect.js.map +1 -1
  136. package/esm/browser/oidc/handleOAuthResponse.js +3 -2
  137. package/esm/browser/oidc/handleOAuthResponse.js.map +1 -1
  138. package/esm/browser/oidc/mixin/index.js +9 -4
  139. package/esm/browser/oidc/mixin/index.js.map +1 -1
  140. package/esm/browser/oidc/types/TokenManager.js.map +1 -1
  141. package/esm/browser/oidc/util/defaultEnrollAuthenticatorParams.js +31 -0
  142. package/esm/browser/oidc/util/defaultEnrollAuthenticatorParams.js.map +1 -0
  143. package/esm/browser/oidc/util/enrollAuthenticatorMeta.js +33 -0
  144. package/esm/browser/oidc/util/enrollAuthenticatorMeta.js.map +1 -0
  145. package/esm/browser/oidc/util/prepareEnrollAuthenticatorParams.js +34 -0
  146. package/esm/browser/oidc/util/prepareEnrollAuthenticatorParams.js.map +1 -0
  147. package/esm/browser/package.json +1 -1
  148. package/esm/browser/services/AutoRenewService.js +15 -2
  149. package/esm/browser/services/AutoRenewService.js.map +1 -1
  150. package/esm/browser/services/LeaderElectionService.js +1 -2
  151. package/esm/browser/services/LeaderElectionService.js.map +1 -1
  152. package/esm/browser/services/SyncStorageService.js +1 -2
  153. package/esm/browser/services/SyncStorageService.js.map +1 -1
  154. package/esm/browser/session/mixin.js +2 -1
  155. package/esm/browser/session/mixin.js.map +1 -1
  156. package/esm/browser/storage/BaseStorageManager.js +1 -1
  157. package/esm/browser/storage/BaseStorageManager.js.map +1 -1
  158. package/esm/browser/util/jsonpath.js +21 -0
  159. package/esm/browser/util/jsonpath.js.map +1 -0
  160. package/esm/node/core/mixin.js +3 -0
  161. package/esm/node/core/mixin.js.map +1 -1
  162. package/esm/node/exports/exports/authn.js +4 -1
  163. package/esm/node/exports/exports/authn.js.map +1 -1
  164. package/esm/node/exports/exports/core.js +4 -1
  165. package/esm/node/exports/exports/core.js.map +1 -1
  166. package/esm/node/exports/exports/default.js +7 -2
  167. package/esm/node/exports/exports/default.js.map +1 -1
  168. package/esm/node/exports/exports/idx.js +4 -1
  169. package/esm/node/exports/exports/idx.js.map +1 -1
  170. package/esm/node/exports/exports/myaccount.js +7 -2
  171. package/esm/node/exports/exports/myaccount.js.map +1 -1
  172. package/esm/node/http/OktaUserAgent.js +2 -2
  173. package/esm/node/idx/IdxTransactionManager.js +1 -4
  174. package/esm/node/idx/IdxTransactionManager.js.map +1 -1
  175. package/esm/node/idx/factory/OktaAuthIdx.js.map +1 -1
  176. package/esm/node/idx/idxState/v1/idxResponseParser.js +2 -2
  177. package/esm/node/idx/idxState/v1/idxResponseParser.js.map +1 -1
  178. package/esm/node/idx/mixin.js.map +1 -1
  179. package/esm/node/idx/types/api.js.map +1 -1
  180. package/esm/node/idx/webauthn.js.map +1 -1
  181. package/esm/node/myaccount/api.js +1 -0
  182. package/esm/node/myaccount/api.js.map +1 -1
  183. package/esm/node/myaccount/emailApi.js.map +1 -1
  184. package/esm/node/myaccount/passwordApi.js +56 -0
  185. package/esm/node/myaccount/passwordApi.js.map +1 -0
  186. package/esm/node/myaccount/phoneApi.js.map +1 -1
  187. package/esm/node/myaccount/profileApi.js.map +1 -1
  188. package/esm/node/myaccount/request.js +4 -2
  189. package/esm/node/myaccount/request.js.map +1 -1
  190. package/esm/node/myaccount/transactions/PasswordTransaction.js +73 -0
  191. package/esm/node/myaccount/transactions/PasswordTransaction.js.map +1 -0
  192. package/esm/node/myaccount/types.js +6 -1
  193. package/esm/node/myaccount/types.js.map +1 -1
  194. package/esm/node/oidc/TokenManager.js +5 -0
  195. package/esm/node/oidc/TokenManager.js.map +1 -1
  196. package/esm/node/oidc/endpoints/authorize.js +3 -2
  197. package/esm/node/oidc/endpoints/authorize.js.map +1 -1
  198. package/esm/node/oidc/enrollAuthenticator.js +37 -0
  199. package/esm/node/oidc/enrollAuthenticator.js.map +1 -0
  200. package/esm/node/oidc/factory/api.js +10 -12
  201. package/esm/node/oidc/factory/api.js.map +1 -1
  202. package/esm/node/oidc/getWithRedirect.js +6 -1
  203. package/esm/node/oidc/getWithRedirect.js.map +1 -1
  204. package/esm/node/oidc/handleOAuthResponse.js +3 -2
  205. package/esm/node/oidc/handleOAuthResponse.js.map +1 -1
  206. package/esm/node/oidc/mixin/index.js +9 -4
  207. package/esm/node/oidc/mixin/index.js.map +1 -1
  208. package/esm/node/oidc/types/TokenManager.js.map +1 -1
  209. package/esm/node/oidc/util/defaultEnrollAuthenticatorParams.js +31 -0
  210. package/esm/node/oidc/util/defaultEnrollAuthenticatorParams.js.map +1 -0
  211. package/esm/node/oidc/util/enrollAuthenticatorMeta.js +33 -0
  212. package/esm/node/oidc/util/enrollAuthenticatorMeta.js.map +1 -0
  213. package/esm/node/oidc/util/prepareEnrollAuthenticatorParams.js +34 -0
  214. package/esm/node/oidc/util/prepareEnrollAuthenticatorParams.js.map +1 -0
  215. package/esm/node/package.json +1 -1
  216. package/esm/node/session/mixin.js +2 -1
  217. package/esm/node/session/mixin.js.map +1 -1
  218. package/esm/node/storage/BaseStorageManager.js +1 -1
  219. package/esm/node/storage/BaseStorageManager.js.map +1 -1
  220. package/esm/node/util/jsonpath.js +21 -0
  221. package/esm/node/util/jsonpath.js.map +1 -0
  222. package/package.json +9 -7
  223. package/types/lib/core/types/api.d.ts +1 -0
  224. package/types/lib/exports/default.d.ts +1 -1
  225. package/types/lib/exports/idx.d.ts +1 -1
  226. package/types/lib/idx/factory/OktaAuthIdx.d.ts +3 -3
  227. package/types/lib/idx/mixin.d.ts +2 -2
  228. package/types/lib/idx/types/api.d.ts +13 -1
  229. package/types/lib/idx/webauthn.d.ts +1 -7
  230. package/types/lib/myaccount/api.d.ts +1 -0
  231. package/types/lib/myaccount/emailApi.d.ts +7 -7
  232. package/types/lib/myaccount/passwordApi.d.ts +17 -0
  233. package/types/lib/myaccount/phoneApi.d.ts +6 -6
  234. package/types/lib/myaccount/profileApi.d.ts +3 -3
  235. package/types/lib/myaccount/transactions/PasswordTransaction.d.ts +13 -0
  236. package/types/lib/myaccount/transactions/index.d.ts +1 -0
  237. package/types/lib/myaccount/types.d.ts +17 -2
  238. package/types/lib/oidc/TokenManager.d.ts +1 -0
  239. package/types/lib/oidc/enrollAuthenticator.d.ts +14 -0
  240. package/types/lib/oidc/factory/api.d.ts +2 -1
  241. package/types/lib/oidc/types/TokenManager.d.ts +1 -0
  242. package/types/lib/oidc/types/api.d.ts +6 -5
  243. package/types/lib/oidc/types/endpoints.d.ts +18 -0
  244. package/types/lib/oidc/types/index.d.ts +1 -0
  245. package/types/lib/oidc/types/meta.d.ts +1 -1
  246. package/types/lib/oidc/types/options.d.ts +6 -1
  247. package/types/lib/oidc/types/proto.d.ts +1 -0
  248. package/types/lib/oidc/util/defaultEnrollAuthenticatorParams.d.ts +2 -0
  249. package/types/lib/oidc/util/enrollAuthenticatorMeta.d.ts +2 -0
  250. package/types/lib/oidc/util/index.d.ts +3 -0
  251. package/types/lib/oidc/util/prepareEnrollAuthenticatorParams.d.ts +2 -0
  252. package/types/lib/services/AutoRenewService.d.ts +1 -0
  253. package/types/lib/session/types.d.ts +1 -1
  254. package/types/lib/util/jsonpath.d.ts +2 -0
  255. package/umd/authn.js +1 -1
  256. package/umd/authn.js.map +1 -1
  257. package/umd/core.js +1 -1
  258. package/umd/core.js.map +1 -1
  259. package/umd/default.js +1 -1
  260. package/umd/default.js.map +1 -1
  261. package/umd/idx.js +1 -1
  262. package/umd/idx.js.map +1 -1
  263. package/umd/myaccount.js +1 -1
  264. package/umd/myaccount.js.map +1 -1
package/cjs/oidc/mixin/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","names":["mixinOAuth","Base","TransactionManagerConstructor","WithOriginalUri","provideOriginalUri","OktaAuthOAuth","constructor","args","transactionManager","Object","assign","storageManager","options","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","_pending","handleLogin","_tokenQueue","PromiseQueue","token","createTokenAPI","tokenManager","TokenManager","clearStorage","clear","isAuthenticated","autoRenew","autoRemove","getOptions","shouldRenew","onExpiredToken","shouldRemove","accessToken","getTokensSync","hasExpired","undefined","renew","remove","idToken","signInWithRedirect","opts","originalUri","additionalParams","setOriginalUri","params","scopes","getWithRedirect","getUser","getUserInfo","getIdToken","getAccessToken","getRefreshToken","refreshToken","storeTokensFromRedirect","tokens","parseFromUrl","setTokens","isLoginRedirect","isPKCE","hasResponseType","responseType","Array","isArray","length","indexOf","isAuthorizationCodeFlow","invokeApiMethod","getTokens","httpRequest","revokeAccessToken","accessTokenKey","getStorageKeyByType","Promise","resolve","revoke","revokeRefreshToken","refreshTokenKey","getSignOutRedirectUrl","postLogoutRedirectUri","state","logoutUrl","getOAuthUrls","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","window","location","origin","currentUri","href","closeSession","then","reload","clearTokensBeforeRedirect","addPendingRemoveFlags","crypto"],"sources":["../../../../lib/oidc/mixin/index.ts"],"sourcesContent":["import { httpRequest, RequestOptions } from '../../http';\nimport { OktaAuthConstructor } from '../../base/types';\nimport { \n PromiseQueue,\n} from '../../util';\nimport { CryptoAPI } from '../../crypto/types';\nimport * as crypto from '../../crypto';\nimport {\n AccessToken,\n CustomUserClaims,\n IDToken,\n IsAuthenticatedOptions,\n OAuthResponseType,\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n PkceAPI,\n PKCETransactionMeta,\n RefreshToken,\n SigninWithRedirectOptions,\n SignoutOptions,\n SignoutRedirectUrlOptions,\n TokenAPI,\n TransactionManagerInterface,\n TransactionManagerConstructor,\n UserClaims,\n} from '../types';\nimport PKCE from '../util/pkce';\nimport { createTokenAPI } from '../factory';\nimport { TokenManager } from '../TokenManager';\nimport { getOAuthUrls, isLoginRedirect } from '../util';\n\nimport { OktaAuthSessionInterface } from '../../session/types';\nimport { provideOriginalUri } from './node';\nexport function mixinOAuth\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n = OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n>\n(\n Base: TBase,\n TransactionManagerConstructor: TransactionManagerConstructor<TM>,\n): TBase & OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n{\n const WithOriginalUri = provideOriginalUri(Base);\n return class OktaAuthOAuth extends WithOriginalUri\n implements OktaAuthOAuthInterface<M, S, O, TM>\n {\n static crypto: CryptoAPI = crypto;\n token: TokenAPI;\n tokenManager: TokenManager;\n transactionManager: TM;\n pkce: PkceAPI;\n\n _pending: { handleLogin: boolean };\n _tokenQueue: PromiseQueue;\n \n constructor(...args: any[]) {\n super(...args);\n\n this.transactionManager = new TransactionManagerConstructor(Object.assign({\n storageManager: this.storageManager,\n }, this.options.transactionManager));\n \n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n \n this._pending = { handleLogin: false };\n\n this._tokenQueue = new PromiseQueue();\n\n this.token = createTokenAPI(this, this._tokenQueue);\n\n // TokenManager\n this.tokenManager = new TokenManager(this, this.options.tokenManager);\n }\n\n // inherited from subclass\n clearStorage(): void {\n super.clearStorage();\n \n // Clear all local tokens\n this.tokenManager.clear();\n }\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n // eslint-disable-next-line complexity\n async isAuthenticated(options: IsAuthenticatedOptions = {}): Promise<boolean> {\n // TODO: remove dependency on tokenManager options in next major version - OKTA-473815\n const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;\n const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;\n\n let { accessToken } = this.tokenManager.getTokensSync();\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = undefined;\n if (shouldRenew) {\n try {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n let { idToken } = this.tokenManager.getTokensSync();\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = undefined;\n if (shouldRenew) {\n try {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n\n async getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n \n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n \n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n \n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n \n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens } = await this.token.parseFromUrl();\n this.tokenManager.setTokens(tokens);\n }\n \n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n \n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n \n hasResponseType(responseType: OAuthResponseType): boolean {\n let hasResponseType = false;\n if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = this.options.responseType === responseType;\n }\n return hasResponseType;\n }\n \n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // Escape hatch method to make arbitrary OKTA API call\n async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n if (!options.accessToken) {\n const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n options.accessToken = accessToken?.accessToken;\n }\n return httpRequest(this, options);\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n if (!accessToken) {\n accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n if (!refreshToken) {\n refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (!postLogoutRedirectUri) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n // eslint-disable-next-line complexity\n async signOut(options?: SignoutOptions): Promise<void> {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n var defaultUri = window.location.origin;\n var currentUri = window.location.href;\n var postLogoutRedirectUri = options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri;\n \n var accessToken = options.accessToken;\n var refreshToken = options.refreshToken;\n var revokeAccessToken = options.revokeAccessToken !== false;\n var revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n // local tokens are cleared once session is closed\n return this.closeSession() // can throw if the user cannot be signed out\n .then(function() {\n if (postLogoutRedirectUri === currentUri) {\n window.location.reload(); // force a hard reload if URI is not changing\n } else {\n window.location.assign(postLogoutRedirectUri);\n }\n });\n } else {\n if (options.clearTokensBeforeRedirect) {\n // Clear all local tokens\n this.tokenManager.clear();\n } else {\n this.tokenManager.addPendingRemoveFlags();\n }\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n }\n }\n\n };\n\n}\n"],"mappings":";;;;;AAAA;AAEA;AAIA;AAsBA;AACA;AACA;AACA;AAGA;AAA4C;AAAA;AACrC,SAASA,UAAU,CAUxBC,IAAW,EACXC,6BAAgE,EAElE;EAAA;EACE,MAAMC,eAAe,GAAG,IAAAC,wBAAkB,EAACH,IAAI,CAAC;EAChD,gBAAO,MAAMI,aAAa,SAASF,eAAe,CAElD;IAUEG,WAAW,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAGA,IAAI,CAAC;MAEd,IAAI,CAACC,kBAAkB,GAAG,IAAIN,6BAA6B,CAACO,MAAM,CAACC,MAAM,CAAC;QACxEC,cAAc,EAAE,IAAI,CAACA;MACvB,CAAC,EAAE,IAAI,CAACC,OAAO,CAACJ,kBAAkB,CAAC,CAAC;MAEpC,IAAI,CAACK,IAAI,GAAG;QACVC,6BAA6B,EAAEC,aAAI,CAACD,6BAA6B;QACjEE,gBAAgB,EAAED,aAAI,CAACC,gBAAgB;QACvCC,gBAAgB,EAAEF,aAAI,CAACE;MACzB,CAAC;MAED,IAAI,CAACC,QAAQ,GAAG;QAAEC,WAAW,EAAE;MAAM,CAAC;MAEtC,IAAI,CAACC,WAAW,GAAG,IAAIC,kBAAY,EAAE;MAErC,IAAI,CAACC,KAAK,GAAG,IAAAC,uBAAc,EAAC,IAAI,EAAE,IAAI,CAACH,WAAW,CAAC;;MAEnD;MACA,IAAI,CAACI,YAAY,GAAG,IAAIC,0BAAY,CAAC,IAAI,EAAE,IAAI,CAACb,OAAO,CAACY,YAAY,CAAC;IACvE;;IAEA;IACAE,YAAY,GAAS;MACnB,KAAK,CAACA,YAAY,EAAE;;MAEpB;MACA,IAAI,CAACF,YAAY,CAACG,KAAK,EAAE;IAC3B;;IAEA;IACA;IACA;IACA,MAAMC,eAAe,CAAChB,OAA+B,GAAG,CAAC,CAAC,EAAoB;MAC5E;MACA,MAAM;QAAEiB,SAAS;QAAEC;MAAW,CAAC,GAAG,IAAI,CAACN,YAAY,CAACO,UAAU,EAAE;MAEhE,MAAMC,WAAW,GAAGpB,OAAO,CAACqB,cAAc,GAAGrB,OAAO,CAACqB,cAAc,KAAK,OAAO,GAAGJ,SAAS;MAC3F,MAAMK,YAAY,GAAGtB,OAAO,CAACqB,cAAc,GAAGrB,OAAO,CAACqB,cAAc,KAAK,QAAQ,GAAGH,UAAU;MAE9F,IAAI;QAAEK;MAAY,CAAC,GAAG,IAAI,CAACX,YAAY,CAACY,aAAa,EAAE;MACvD,IAAID,WAAW,IAAI,IAAI,CAACX,YAAY,CAACa,UAAU,CAACF,WAAW,CAAC,EAAE;QAC5DA,WAAW,GAAGG,SAAS;QACvB,IAAIN,WAAW,EAAE;UACf,IAAI;YACFG,WAAW,GAAG,MAAM,IAAI,CAACX,YAAY,CAACe,KAAK,CAAC,aAAa,CAAgB;UAC3E,CAAC,CAAC,MAAM;YACN;UACF;QACF,CAAC,MAAM,IAAIL,YAAY,EAAE;UACvB,IAAI,CAACV,YAAY,CAACgB,MAAM,CAAC,aAAa,CAAC;QACzC;MACF;MAEA,IAAI;QAAEC;MAAQ,CAAC,GAAG,IAAI,CAACjB,YAAY,CAACY,aAAa,EAAE;MACnD,IAAIK,OAAO,IAAI,IAAI,CAACjB,YAAY,CAACa,UAAU,CAACI,OAAO,CAAC,EAAE;QACpDA,OAAO,GAAGH,SAAS;QACnB,IAAIN,WAAW,EAAE;UACf,IAAI;YACFS,OAAO,GAAG,MAAM,IAAI,CAACjB,YAAY,CAACe,KAAK,CAAC,SAAS,CAAY;UAC/D,CAAC,CAAC,MAAM;YACN;UACF;QACF,CAAC,MAAM,IAAIL,YAAY,EAAE;UACvB,IAAI,CAACV,YAAY,CAACgB,MAAM,CAAC,SAAS,CAAC;QACrC;MACF;MAEA,OAAO,CAAC,EAAEL,WAAW,IAAIM,OAAO,CAAC;IACnC;IAGA,MAAMC,kBAAkB,CAACC,IAA+B,GAAG,CAAC,CAAC,EAAE;MAC7D,MAAM;QAAEC,WAAW;QAAE,GAAGC;MAAiB,CAAC,GAAGF,IAAI;MACjD,IAAG,IAAI,CAACzB,QAAQ,CAACC,WAAW,EAAE;QAC5B;QACA;MACF;MAEA,IAAI,CAACD,QAAQ,CAACC,WAAW,GAAG,IAAI;MAChC,IAAI;QACF;QACA,IAAIyB,WAAW,EAAE;UACf,IAAI,CAACE,cAAc,CAACF,WAAW,CAAC;QAClC;QACA,MAAMG,MAAM,GAAGtC,MAAM,CAACC,MAAM,CAAC;UAC3B;UACAsC,MAAM,EAAE,IAAI,CAACpC,OAAO,CAACoC,MAAM,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS;QAC9D,CAAC,EAAEH,gBAAgB,CAAC;QACpB,MAAM,IAAI,CAACvB,KAAK,CAAC2B,eAAe,CAACF,MAAM,CAAC;MAC1C,CAAC,SAAS;QACR,IAAI,CAAC7B,QAAQ,CAACC,WAAW,GAAG,KAAK;MACnC;IACF;IAEA,MAAM+B,OAAO,GAA0E;MACrF,MAAM;QAAET,OAAO;QAAEN;MAAY,CAAC,GAAG,IAAI,CAACX,YAAY,CAACY,aAAa,EAAE;MAClE,OAAO,IAAI,CAACd,KAAK,CAAC6B,WAAW,CAAChB,WAAW,EAAEM,OAAO,CAAC;IACrD;IAEAW,UAAU,GAAuB;MAC/B,MAAM;QAAEX;MAAQ,CAAC,GAAG,IAAI,CAACjB,YAAY,CAACY,aAAa,EAAE;MACrD,OAAOK,OAAO,GAAGA,OAAO,CAACA,OAAO,GAAGH,SAAS;IAC9C;IAEAe,cAAc,GAAuB;MACnC,MAAM;QAAElB;MAAY,CAAC,GAAG,IAAI,CAACX,YAAY,CAACY,aAAa,EAAE;MACzD,OAAOD,WAAW,GAAGA,WAAW,CAACA,WAAW,GAAGG,SAAS;IAC1D;IAEAgB,eAAe,GAAuB;MACpC,MAAM;QAAEC;MAAa,CAAC,GAAG,IAAI,CAAC/B,YAAY,CAACY,aAAa,EAAE;MAC1D,OAAOmB,YAAY,GAAGA,YAAY,CAACA,YAAY,GAAGjB,SAAS;IAC7D;;IAEA;AACJ;AACA;IACI,MAAMkB,uBAAuB,GAAkB;MAC7C,MAAM;QAAEC;MAAO,CAAC,GAAG,MAAM,IAAI,CAACnC,KAAK,CAACoC,YAAY,EAAE;MAClD,IAAI,CAAClC,YAAY,CAACmC,SAAS,CAACF,MAAM,CAAC;IACrC;IAEAG,eAAe,GAAY;MACzB,OAAO,IAAAA,sBAAe,EAAC,IAAI,CAAC;IAC9B;IAGAC,MAAM,GAAY;MAChB,OAAO,CAAC,CAAC,IAAI,CAACjD,OAAO,CAACC,IAAI;IAC5B;IAEAiD,eAAe,CAACC,YAA+B,EAAW;MACxD,IAAID,eAAe,GAAG,KAAK;MAC3B,IAAIE,KAAK,CAACC,OAAO,CAAC,IAAI,CAACrD,OAAO,CAACmD,YAAY,CAAC,IAAI,IAAI,CAACnD,OAAO,CAACmD,YAAY,CAACG,MAAM,EAAE;QAChFJ,eAAe,GAAG,IAAI,CAAClD,OAAO,CAACmD,YAAY,CAACI,OAAO,CAACJ,YAAY,CAAC,IAAI,CAAC;MACxE,CAAC,MAAM;QACLD,eAAe,GAAG,IAAI,CAAClD,OAAO,CAACmD,YAAY,KAAKA,YAAY;MAC9D;MACA,OAAOD,eAAe;IACxB;IAEAM,uBAAuB,GAAY;MACjC,OAAO,IAAI,CAACN,eAAe,CAAC,MAAM,CAAC;IACrC;;IAEA;IACA,MAAMO,eAAe,CAACzD,OAAuB,EAAoB;MAC/D,IAAI,CAACA,OAAO,CAACuB,WAAW,EAAE;QACxB,MAAMA,WAAW,GAAG,CAAC,MAAM,IAAI,CAACX,YAAY,CAAC8C,SAAS,EAAE,EAAEnC,WAA0B;QACpFvB,OAAO,CAACuB,WAAW,GAAGA,WAAW,aAAXA,WAAW,uBAAXA,WAAW,CAAEA,WAAW;MAChD;MACA,OAAO,IAAAoC,iBAAW,EAAC,IAAI,EAAE3D,OAAO,CAAC;IACnC;;IAEA;IACA,MAAM4D,iBAAiB,CAACrC,WAAyB,EAAoB;MACnE,IAAI,CAACA,WAAW,EAAE;QAChBA,WAAW,GAAG,CAAC,MAAM,IAAI,CAACX,YAAY,CAAC8C,SAAS,EAAE,EAAEnC,WAA0B;QAC9E,MAAMsC,cAAc,GAAG,IAAI,CAACjD,YAAY,CAACkD,mBAAmB,CAAC,aAAa,CAAC;QAC3E,IAAI,CAAClD,YAAY,CAACgB,MAAM,CAACiC,cAAc,CAAC;MAC1C;MACA;MACA,IAAI,CAACtC,WAAW,EAAE;QAChB,OAAOwC,OAAO,CAACC,OAAO,CAAC,IAAI,CAAC;MAC9B;MACA,OAAO,IAAI,CAACtD,KAAK,CAACuD,MAAM,CAAC1C,WAAW,CAAC;IACvC;;IAEA;IACA,MAAM2C,kBAAkB,CAACvB,YAA2B,EAAoB;MACtE,IAAI,CAACA,YAAY,EAAE;QACjBA,YAAY,GAAG,CAAC,MAAM,IAAI,CAAC/B,YAAY,CAAC8C,SAAS,EAAE,EAAEf,YAA4B;QACjF,MAAMwB,eAAe,GAAG,IAAI,CAACvD,YAAY,CAACkD,mBAAmB,CAAC,cAAc,CAAC;QAC7E,IAAI,CAAClD,YAAY,CAACgB,MAAM,CAACuC,eAAe,CAAC;MAC3C;MACA;MACA,IAAI,CAACxB,YAAY,EAAE;QACjB,OAAOoB,OAAO,CAACC,OAAO,CAAC,IAAI,CAAC;MAC9B;MACA,OAAO,IAAI,CAACtD,KAAK,CAACuD,MAAM,CAACtB,YAAY,CAAC;IACxC;IAEAyB,qBAAqB,CAACpE,OAAkC,GAAG,CAAC,CAAC,EAAE;MAC7D,IAAI;QACF6B,OAAO;QACPwC,qBAAqB;QACrBC;MACF,CAAC,GAAGtE,OAAO;MACX,IAAI,CAAC6B,OAAO,EAAE;QACZA,OAAO,GAAG,IAAI,CAACjB,YAAY,CAACY,aAAa,EAAE,CAACK,OAAkB;MAChE;MACA,IAAI,CAACA,OAAO,EAAE;QACZ,OAAO,EAAE;MACX;MACA,IAAI,CAACwC,qBAAqB,EAAE;QAC1BA,qBAAqB,GAAG,IAAI,CAACrE,OAAO,CAACqE,qBAAqB;MAC5D;MAEA,MAAME,SAAS,GAAG,IAAAC,mBAAY,EAAC,IAAI,CAAC,CAACD,SAAS;MAC9C,MAAME,WAAW,GAAG5C,OAAO,CAACA,OAAO,CAAC,CAAC;MACrC,IAAI6C,SAAS,GAAGH,SAAS,GAAG,iBAAiB,GAAGI,kBAAkB,CAACF,WAAW,CAAC;MAC/E,IAAIJ,qBAAqB,EAAE;QACzBK,SAAS,IAAI,4BAA4B,GAAGC,kBAAkB,CAACN,qBAAqB,CAAC;MACvF;MACA;MACA,IAAIC,KAAK,EAAE;QACTI,SAAS,IAAI,SAAS,GAAGC,kBAAkB,CAACL,KAAK,CAAC;MACpD;MAEA,OAAOI,SAAS;IAClB;;IAEA;IACA;IACA,MAAME,OAAO,CAAC5E,OAAwB,EAAiB;MACrDA,OAAO,GAAGH,MAAM,CAACC,MAAM,CAAC,CAAC,CAAC,EAAEE,OAAO,CAAC;;MAEpC;MACA,IAAI6E,UAAU,GAAGC,MAAM,CAACC,QAAQ,CAACC,MAAM;MACvC,IAAIC,UAAU,GAAGH,MAAM,CAACC,QAAQ,CAACG,IAAI;MACrC,IAAIb,qBAAqB,GAAGrE,OAAO,CAACqE,qBAAqB,IACpD,IAAI,CAACrE,OAAO,CAACqE,qBAAqB,IAClCQ,UAAU;MAEf,IAAItD,WAAW,GAAGvB,OAAO,CAACuB,WAAW;MACrC,IAAIoB,YAAY,GAAG3C,OAAO,CAAC2C,YAAY;MACvC,IAAIiB,iBAAiB,GAAG5D,OAAO,CAAC4D,iBAAiB,KAAK,KAAK;MAC3D,IAAIM,kBAAkB,GAAGlE,OAAO,CAACkE,kBAAkB,KAAK,KAAK;MAE7D,IAAIA,kBAAkB,IAAI,OAAOvB,YAAY,KAAK,WAAW,EAAE;QAC7DA,YAAY,GAAG,IAAI,CAAC/B,YAAY,CAACY,aAAa,EAAE,CAACmB,YAA4B;MAC/E;MAEA,IAAIiB,iBAAiB,IAAI,OAAOrC,WAAW,KAAK,WAAW,EAAE;QAC3DA,WAAW,GAAG,IAAI,CAACX,YAAY,CAACY,aAAa,EAAE,CAACD,WAA0B;MAC5E;MAEA,IAAI,CAACvB,OAAO,CAAC6B,OAAO,EAAE;QACpB7B,OAAO,CAAC6B,OAAO,GAAG,IAAI,CAACjB,YAAY,CAACY,aAAa,EAAE,CAACK,OAAkB;MACxE;MAEA,IAAIqC,kBAAkB,IAAIvB,YAAY,EAAE;QACtC,MAAM,IAAI,CAACuB,kBAAkB,CAACvB,YAAY,CAAC;MAC7C;MAEA,IAAIiB,iBAAiB,IAAIrC,WAAW,EAAE;QACpC,MAAM,IAAI,CAACqC,iBAAiB,CAACrC,WAAW,CAAC;MAC3C;MAEA,MAAMmD,SAAS,GAAG,IAAI,CAACN,qBAAqB,CAAC;QAAE,GAAGpE,OAAO;QAAEqE;MAAsB,CAAC,CAAC;MACnF;MACA;MACA,IAAI,CAACK,SAAS,EAAE;QACd;QACA,OAAO,IAAI,CAACS,YAAY,EAAE,CAAC;QAAA,CAC1BC,IAAI,CAAC,YAAW;UACf,IAAIf,qBAAqB,KAAKY,UAAU,EAAE;YACxCH,MAAM,CAACC,QAAQ,CAACM,MAAM,EAAE,CAAC,CAAC;UAC5B,CAAC,MAAM;YACLP,MAAM,CAACC,QAAQ,CAACjF,MAAM,CAACuE,qBAAqB,CAAC;UAC/C;QACF,CAAC,CAAC;MACJ,CAAC,MAAM;QACL,IAAIrE,OAAO,CAACsF,yBAAyB,EAAE;UACrC;UACA,IAAI,CAAC1E,YAAY,CAACG,KAAK,EAAE;QAC3B,CAAC,MAAM;UACL,IAAI,CAACH,YAAY,CAAC2E,qBAAqB,EAAE;QAC3C;QACA;QACAT,MAAM,CAACC,QAAQ,CAACjF,MAAM,CAAC4E,SAAS,CAAC;MACnC;IACF;EAEF,CAAC,kDA7R4Bc,MAAM;AA+RrC"}
1
+ {"version":3,"file":"index.js","names":["mixinOAuth","Base","TransactionManagerConstructor","WithOriginalUri","provideOriginalUri","OktaAuthOAuth","constructor","args","transactionManager","Object","assign","storageManager","options","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","_pending","handleLogin","_tokenQueue","PromiseQueue","token","createTokenAPI","tokenManager","TokenManager","endpoints","createEndpoints","clearStorage","clear","isAuthenticated","autoRenew","autoRemove","getOptions","shouldRenew","onExpiredToken","shouldRemove","accessToken","getTokensSync","hasExpired","undefined","renew","remove","idToken","signInWithRedirect","opts","originalUri","additionalParams","setOriginalUri","params","scopes","getWithRedirect","getUser","getUserInfo","getIdToken","getAccessToken","getRefreshToken","refreshToken","storeTokensFromRedirect","tokens","responseType","parseFromUrl","setTokens","isLoginRedirect","isPKCE","hasResponseType","Array","isArray","length","indexOf","isAuthorizationCodeFlow","invokeApiMethod","getTokens","httpRequest","revokeAccessToken","accessTokenKey","getStorageKeyByType","Promise","resolve","revoke","revokeRefreshToken","refreshTokenKey","getSignOutRedirectUrl","postLogoutRedirectUri","state","logoutUrl","getOAuthUrls","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","window","location","origin","currentUri","href","closeSession","then","sessionClosed","reload","clearTokensBeforeRedirect","addPendingRemoveFlags","crypto"],"sources":["../../../../lib/oidc/mixin/index.ts"],"sourcesContent":["import { httpRequest, RequestOptions } from '../../http';\nimport { OktaAuthConstructor } from '../../base/types';\nimport { \n PromiseQueue,\n} from '../../util';\nimport { CryptoAPI } from '../../crypto/types';\nimport * as crypto from '../../crypto';\nimport {\n AccessToken,\n CustomUserClaims,\n IDToken,\n IsAuthenticatedOptions,\n OAuthResponseType,\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n PkceAPI,\n PKCETransactionMeta,\n RefreshToken,\n SigninWithRedirectOptions,\n SignoutOptions,\n SignoutRedirectUrlOptions,\n TokenAPI,\n TransactionManagerInterface,\n TransactionManagerConstructor,\n UserClaims,\n Endpoints,\n} from '../types';\nimport PKCE from '../util/pkce';\nimport { createEndpoints, createTokenAPI } from '../factory';\nimport { TokenManager } from '../TokenManager';\nimport { getOAuthUrls, isLoginRedirect } from '../util';\n\nimport { OktaAuthSessionInterface } from '../../session/types';\nimport { provideOriginalUri } from './node';\nexport function mixinOAuth\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n = OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n>\n(\n Base: TBase,\n TransactionManagerConstructor: TransactionManagerConstructor<TM>,\n): TBase & OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n{\n const WithOriginalUri = provideOriginalUri(Base);\n return class OktaAuthOAuth extends WithOriginalUri\n implements OktaAuthOAuthInterface<M, S, O, TM>\n {\n static crypto: CryptoAPI = crypto;\n token: TokenAPI;\n tokenManager: TokenManager;\n transactionManager: TM;\n pkce: PkceAPI;\n endpoints: Endpoints;\n\n _pending: { handleLogin: boolean };\n _tokenQueue: PromiseQueue;\n \n constructor(...args: any[]) {\n super(...args);\n\n this.transactionManager = new TransactionManagerConstructor(Object.assign({\n storageManager: this.storageManager,\n }, this.options.transactionManager));\n \n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n \n this._pending = { handleLogin: false };\n\n this._tokenQueue = new PromiseQueue();\n\n this.token = createTokenAPI(this, this._tokenQueue);\n\n // TokenManager\n this.tokenManager = new TokenManager(this, this.options.tokenManager);\n\n this.endpoints = createEndpoints(this);\n }\n\n // inherited from subclass\n clearStorage(): void {\n super.clearStorage();\n \n // Clear all local tokens\n this.tokenManager.clear();\n }\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n // eslint-disable-next-line complexity\n async isAuthenticated(options: IsAuthenticatedOptions = {}): Promise<boolean> {\n // TODO: remove dependency on tokenManager options in next major version - OKTA-473815\n const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;\n const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;\n\n let { accessToken } = this.tokenManager.getTokensSync();\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = undefined;\n if (shouldRenew) {\n try {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n let { idToken } = this.tokenManager.getTokensSync();\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = undefined;\n if (shouldRenew) {\n try {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n\n async getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n \n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n \n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n \n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n \n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens, responseType } = await this.token.parseFromUrl();\n if (responseType !== 'none') {\n this.tokenManager.setTokens(tokens);\n }\n }\n \n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n \n hasResponseType(responseType: OAuthResponseType): boolean {\n let hasResponseType = false;\n if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = this.options.responseType === responseType;\n }\n return hasResponseType;\n }\n \n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // Escape hatch method to make arbitrary OKTA API call\n async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n if (!options.accessToken) {\n const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n options.accessToken = accessToken?.accessToken;\n }\n return httpRequest(this, options);\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n if (!accessToken) {\n accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n if (!refreshToken) {\n refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (!postLogoutRedirectUri) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n // eslint-disable-next-line complexity, max-statements\n async signOut(options?: SignoutOptions): Promise<boolean> {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n var defaultUri = window.location.origin;\n var currentUri = window.location.href;\n var postLogoutRedirectUri = options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri;\n \n var accessToken = options.accessToken;\n var refreshToken = options.refreshToken;\n var revokeAccessToken = options.revokeAccessToken !== false;\n var revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n // local tokens are cleared once session is closed\n return this.closeSession() // can throw if the user cannot be signed out\n .then(function(sessionClosed) {\n if (postLogoutRedirectUri === currentUri) {\n window.location.reload(); // force a hard reload if URI is not changing\n } else {\n window.location.assign(postLogoutRedirectUri);\n }\n return sessionClosed;\n });\n } else {\n if (options.clearTokensBeforeRedirect) {\n // Clear all local tokens\n this.tokenManager.clear();\n } else {\n this.tokenManager.addPendingRemoveFlags();\n }\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n return true;\n }\n }\n\n };\n\n}\n"],"mappings":";;;;;AAAA;AAEA;AAIA;AAuBA;AACA;AACA;AACA;AAGA;AAA4C;AAAA;AACrC,SAASA,UAAU,CAUxBC,IAAW,EACXC,6BAAgE,EAElE;EAAA;EACE,MAAMC,eAAe,GAAG,IAAAC,wBAAkB,EAACH,IAAI,CAAC;EAChD,gBAAO,MAAMI,aAAa,SAASF,eAAe,CAElD;IAWEG,WAAW,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAGA,IAAI,CAAC;MAEd,IAAI,CAACC,kBAAkB,GAAG,IAAIN,6BAA6B,CAACO,MAAM,CAACC,MAAM,CAAC;QACxEC,cAAc,EAAE,IAAI,CAACA;MACvB,CAAC,EAAE,IAAI,CAACC,OAAO,CAACJ,kBAAkB,CAAC,CAAC;MAEpC,IAAI,CAACK,IAAI,GAAG;QACVC,6BAA6B,EAAEC,aAAI,CAACD,6BAA6B;QACjEE,gBAAgB,EAAED,aAAI,CAACC,gBAAgB;QACvCC,gBAAgB,EAAEF,aAAI,CAACE;MACzB,CAAC;MAED,IAAI,CAACC,QAAQ,GAAG;QAAEC,WAAW,EAAE;MAAM,CAAC;MAEtC,IAAI,CAACC,WAAW,GAAG,IAAIC,kBAAY,EAAE;MAErC,IAAI,CAACC,KAAK,GAAG,IAAAC,uBAAc,EAAC,IAAI,EAAE,IAAI,CAACH,WAAW,CAAC;;MAEnD;MACA,IAAI,CAACI,YAAY,GAAG,IAAIC,0BAAY,CAAC,IAAI,EAAE,IAAI,CAACb,OAAO,CAACY,YAAY,CAAC;MAErE,IAAI,CAACE,SAAS,GAAG,IAAAC,wBAAe,EAAC,IAAI,CAAC;IACxC;;IAEA;IACAC,YAAY,GAAS;MACnB,KAAK,CAACA,YAAY,EAAE;;MAEpB;MACA,IAAI,CAACJ,YAAY,CAACK,KAAK,EAAE;IAC3B;;IAEA;IACA;IACA;IACA,MAAMC,eAAe,CAAClB,OAA+B,GAAG,CAAC,CAAC,EAAoB;MAC5E;MACA,MAAM;QAAEmB,SAAS;QAAEC;MAAW,CAAC,GAAG,IAAI,CAACR,YAAY,CAACS,UAAU,EAAE;MAEhE,MAAMC,WAAW,GAAGtB,OAAO,CAACuB,cAAc,GAAGvB,OAAO,CAACuB,cAAc,KAAK,OAAO,GAAGJ,SAAS;MAC3F,MAAMK,YAAY,GAAGxB,OAAO,CAACuB,cAAc,GAAGvB,OAAO,CAACuB,cAAc,KAAK,QAAQ,GAAGH,UAAU;MAE9F,IAAI;QAAEK;MAAY,CAAC,GAAG,IAAI,CAACb,YAAY,CAACc,aAAa,EAAE;MACvD,IAAID,WAAW,IAAI,IAAI,CAACb,YAAY,CAACe,UAAU,CAACF,WAAW,CAAC,EAAE;QAC5DA,WAAW,GAAGG,SAAS;QACvB,IAAIN,WAAW,EAAE;UACf,IAAI;YACFG,WAAW,GAAG,MAAM,IAAI,CAACb,YAAY,CAACiB,KAAK,CAAC,aAAa,CAAgB;UAC3E,CAAC,CAAC,MAAM;YACN;UACF;QACF,CAAC,MAAM,IAAIL,YAAY,EAAE;UACvB,IAAI,CAACZ,YAAY,CAACkB,MAAM,CAAC,aAAa,CAAC;QACzC;MACF;MAEA,IAAI;QAAEC;MAAQ,CAAC,GAAG,IAAI,CAACnB,YAAY,CAACc,aAAa,EAAE;MACnD,IAAIK,OAAO,IAAI,IAAI,CAACnB,YAAY,CAACe,UAAU,CAACI,OAAO,CAAC,EAAE;QACpDA,OAAO,GAAGH,SAAS;QACnB,IAAIN,WAAW,EAAE;UACf,IAAI;YACFS,OAAO,GAAG,MAAM,IAAI,CAACnB,YAAY,CAACiB,KAAK,CAAC,SAAS,CAAY;UAC/D,CAAC,CAAC,MAAM;YACN;UACF;QACF,CAAC,MAAM,IAAIL,YAAY,EAAE;UACvB,IAAI,CAACZ,YAAY,CAACkB,MAAM,CAAC,SAAS,CAAC;QACrC;MACF;MAEA,OAAO,CAAC,EAAEL,WAAW,IAAIM,OAAO,CAAC;IACnC;IAGA,MAAMC,kBAAkB,CAACC,IAA+B,GAAG,CAAC,CAAC,EAAE;MAC7D,MAAM;QAAEC,WAAW;QAAE,GAAGC;MAAiB,CAAC,GAAGF,IAAI;MACjD,IAAG,IAAI,CAAC3B,QAAQ,CAACC,WAAW,EAAE;QAC5B;QACA;MACF;MAEA,IAAI,CAACD,QAAQ,CAACC,WAAW,GAAG,IAAI;MAChC,IAAI;QACF;QACA,IAAI2B,WAAW,EAAE;UACf,IAAI,CAACE,cAAc,CAACF,WAAW,CAAC;QAClC;QACA,MAAMG,MAAM,GAAGxC,MAAM,CAACC,MAAM,CAAC;UAC3B;UACAwC,MAAM,EAAE,IAAI,CAACtC,OAAO,CAACsC,MAAM,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS;QAC9D,CAAC,EAAEH,gBAAgB,CAAC;QACpB,MAAM,IAAI,CAACzB,KAAK,CAAC6B,eAAe,CAACF,MAAM,CAAC;MAC1C,CAAC,SAAS;QACR,IAAI,CAAC/B,QAAQ,CAACC,WAAW,GAAG,KAAK;MACnC;IACF;IAEA,MAAMiC,OAAO,GAA0E;MACrF,MAAM;QAAET,OAAO;QAAEN;MAAY,CAAC,GAAG,IAAI,CAACb,YAAY,CAACc,aAAa,EAAE;MAClE,OAAO,IAAI,CAAChB,KAAK,CAAC+B,WAAW,CAAChB,WAAW,EAAEM,OAAO,CAAC;IACrD;IAEAW,UAAU,GAAuB;MAC/B,MAAM;QAAEX;MAAQ,CAAC,GAAG,IAAI,CAACnB,YAAY,CAACc,aAAa,EAAE;MACrD,OAAOK,OAAO,GAAGA,OAAO,CAACA,OAAO,GAAGH,SAAS;IAC9C;IAEAe,cAAc,GAAuB;MACnC,MAAM;QAAElB;MAAY,CAAC,GAAG,IAAI,CAACb,YAAY,CAACc,aAAa,EAAE;MACzD,OAAOD,WAAW,GAAGA,WAAW,CAACA,WAAW,GAAGG,SAAS;IAC1D;IAEAgB,eAAe,GAAuB;MACpC,MAAM;QAAEC;MAAa,CAAC,GAAG,IAAI,CAACjC,YAAY,CAACc,aAAa,EAAE;MAC1D,OAAOmB,YAAY,GAAGA,YAAY,CAACA,YAAY,GAAGjB,SAAS;IAC7D;;IAEA;AACJ;AACA;IACI,MAAMkB,uBAAuB,GAAkB;MAC7C,MAAM;QAAEC,MAAM;QAAEC;MAAa,CAAC,GAAG,MAAM,IAAI,CAACtC,KAAK,CAACuC,YAAY,EAAE;MAChE,IAAID,YAAY,KAAK,MAAM,EAAE;QAC3B,IAAI,CAACpC,YAAY,CAACsC,SAAS,CAACH,MAAM,CAAC;MACrC;IACF;IAEAI,eAAe,GAAY;MACzB,OAAO,IAAAA,sBAAe,EAAC,IAAI,CAAC;IAC9B;IAEAC,MAAM,GAAY;MAChB,OAAO,CAAC,CAAC,IAAI,CAACpD,OAAO,CAACC,IAAI;IAC5B;IAEAoD,eAAe,CAACL,YAA+B,EAAW;MACxD,IAAIK,eAAe,GAAG,KAAK;MAC3B,IAAIC,KAAK,CAACC,OAAO,CAAC,IAAI,CAACvD,OAAO,CAACgD,YAAY,CAAC,IAAI,IAAI,CAAChD,OAAO,CAACgD,YAAY,CAACQ,MAAM,EAAE;QAChFH,eAAe,GAAG,IAAI,CAACrD,OAAO,CAACgD,YAAY,CAACS,OAAO,CAACT,YAAY,CAAC,IAAI,CAAC;MACxE,CAAC,MAAM;QACLK,eAAe,GAAG,IAAI,CAACrD,OAAO,CAACgD,YAAY,KAAKA,YAAY;MAC9D;MACA,OAAOK,eAAe;IACxB;IAEAK,uBAAuB,GAAY;MACjC,OAAO,IAAI,CAACL,eAAe,CAAC,MAAM,CAAC;IACrC;;IAEA;IACA,MAAMM,eAAe,CAAC3D,OAAuB,EAAoB;MAC/D,IAAI,CAACA,OAAO,CAACyB,WAAW,EAAE;QACxB,MAAMA,WAAW,GAAG,CAAC,MAAM,IAAI,CAACb,YAAY,CAACgD,SAAS,EAAE,EAAEnC,WAA0B;QACpFzB,OAAO,CAACyB,WAAW,GAAGA,WAAW,aAAXA,WAAW,uBAAXA,WAAW,CAAEA,WAAW;MAChD;MACA,OAAO,IAAAoC,iBAAW,EAAC,IAAI,EAAE7D,OAAO,CAAC;IACnC;;IAEA;IACA,MAAM8D,iBAAiB,CAACrC,WAAyB,EAAoB;MACnE,IAAI,CAACA,WAAW,EAAE;QAChBA,WAAW,GAAG,CAAC,MAAM,IAAI,CAACb,YAAY,CAACgD,SAAS,EAAE,EAAEnC,WAA0B;QAC9E,MAAMsC,cAAc,GAAG,IAAI,CAACnD,YAAY,CAACoD,mBAAmB,CAAC,aAAa,CAAC;QAC3E,IAAI,CAACpD,YAAY,CAACkB,MAAM,CAACiC,cAAc,CAAC;MAC1C;MACA;MACA,IAAI,CAACtC,WAAW,EAAE;QAChB,OAAOwC,OAAO,CAACC,OAAO,CAAC,IAAI,CAAC;MAC9B;MACA,OAAO,IAAI,CAACxD,KAAK,CAACyD,MAAM,CAAC1C,WAAW,CAAC;IACvC;;IAEA;IACA,MAAM2C,kBAAkB,CAACvB,YAA2B,EAAoB;MACtE,IAAI,CAACA,YAAY,EAAE;QACjBA,YAAY,GAAG,CAAC,MAAM,IAAI,CAACjC,YAAY,CAACgD,SAAS,EAAE,EAAEf,YAA4B;QACjF,MAAMwB,eAAe,GAAG,IAAI,CAACzD,YAAY,CAACoD,mBAAmB,CAAC,cAAc,CAAC;QAC7E,IAAI,CAACpD,YAAY,CAACkB,MAAM,CAACuC,eAAe,CAAC;MAC3C;MACA;MACA,IAAI,CAACxB,YAAY,EAAE;QACjB,OAAOoB,OAAO,CAACC,OAAO,CAAC,IAAI,CAAC;MAC9B;MACA,OAAO,IAAI,CAACxD,KAAK,CAACyD,MAAM,CAACtB,YAAY,CAAC;IACxC;IAEAyB,qBAAqB,CAACtE,OAAkC,GAAG,CAAC,CAAC,EAAE;MAC7D,IAAI;QACF+B,OAAO;QACPwC,qBAAqB;QACrBC;MACF,CAAC,GAAGxE,OAAO;MACX,IAAI,CAAC+B,OAAO,EAAE;QACZA,OAAO,GAAG,IAAI,CAACnB,YAAY,CAACc,aAAa,EAAE,CAACK,OAAkB;MAChE;MACA,IAAI,CAACA,OAAO,EAAE;QACZ,OAAO,EAAE;MACX;MACA,IAAI,CAACwC,qBAAqB,EAAE;QAC1BA,qBAAqB,GAAG,IAAI,CAACvE,OAAO,CAACuE,qBAAqB;MAC5D;MAEA,MAAME,SAAS,GAAG,IAAAC,mBAAY,EAAC,IAAI,CAAC,CAACD,SAAS;MAC9C,MAAME,WAAW,GAAG5C,OAAO,CAACA,OAAO,CAAC,CAAC;MACrC,IAAI6C,SAAS,GAAGH,SAAS,GAAG,iBAAiB,GAAGI,kBAAkB,CAACF,WAAW,CAAC;MAC/E,IAAIJ,qBAAqB,EAAE;QACzBK,SAAS,IAAI,4BAA4B,GAAGC,kBAAkB,CAACN,qBAAqB,CAAC;MACvF;MACA;MACA,IAAIC,KAAK,EAAE;QACTI,SAAS,IAAI,SAAS,GAAGC,kBAAkB,CAACL,KAAK,CAAC;MACpD;MAEA,OAAOI,SAAS;IAClB;;IAEA;IACA;IACA,MAAME,OAAO,CAAC9E,OAAwB,EAAoB;MACxDA,OAAO,GAAGH,MAAM,CAACC,MAAM,CAAC,CAAC,CAAC,EAAEE,OAAO,CAAC;;MAEpC;MACA,IAAI+E,UAAU,GAAGC,MAAM,CAACC,QAAQ,CAACC,MAAM;MACvC,IAAIC,UAAU,GAAGH,MAAM,CAACC,QAAQ,CAACG,IAAI;MACrC,IAAIb,qBAAqB,GAAGvE,OAAO,CAACuE,qBAAqB,IACpD,IAAI,CAACvE,OAAO,CAACuE,qBAAqB,IAClCQ,UAAU;MAEf,IAAItD,WAAW,GAAGzB,OAAO,CAACyB,WAAW;MACrC,IAAIoB,YAAY,GAAG7C,OAAO,CAAC6C,YAAY;MACvC,IAAIiB,iBAAiB,GAAG9D,OAAO,CAAC8D,iBAAiB,KAAK,KAAK;MAC3D,IAAIM,kBAAkB,GAAGpE,OAAO,CAACoE,kBAAkB,KAAK,KAAK;MAE7D,IAAIA,kBAAkB,IAAI,OAAOvB,YAAY,KAAK,WAAW,EAAE;QAC7DA,YAAY,GAAG,IAAI,CAACjC,YAAY,CAACc,aAAa,EAAE,CAACmB,YAA4B;MAC/E;MAEA,IAAIiB,iBAAiB,IAAI,OAAOrC,WAAW,KAAK,WAAW,EAAE;QAC3DA,WAAW,GAAG,IAAI,CAACb,YAAY,CAACc,aAAa,EAAE,CAACD,WAA0B;MAC5E;MAEA,IAAI,CAACzB,OAAO,CAAC+B,OAAO,EAAE;QACpB/B,OAAO,CAAC+B,OAAO,GAAG,IAAI,CAACnB,YAAY,CAACc,aAAa,EAAE,CAACK,OAAkB;MACxE;MAEA,IAAIqC,kBAAkB,IAAIvB,YAAY,EAAE;QACtC,MAAM,IAAI,CAACuB,kBAAkB,CAACvB,YAAY,CAAC;MAC7C;MAEA,IAAIiB,iBAAiB,IAAIrC,WAAW,EAAE;QACpC,MAAM,IAAI,CAACqC,iBAAiB,CAACrC,WAAW,CAAC;MAC3C;MAEA,MAAMmD,SAAS,GAAG,IAAI,CAACN,qBAAqB,CAAC;QAAE,GAAGtE,OAAO;QAAEuE;MAAsB,CAAC,CAAC;MACnF;MACA;MACA,IAAI,CAACK,SAAS,EAAE;QACd;QACA,OAAO,IAAI,CAACS,YAAY,EAAE,CAAC;QAAA,CAC1BC,IAAI,CAAC,UAASC,aAAa,EAAE;UAC5B,IAAIhB,qBAAqB,KAAKY,UAAU,EAAE;YACxCH,MAAM,CAACC,QAAQ,CAACO,MAAM,EAAE,CAAC,CAAC;UAC5B,CAAC,MAAM;YACLR,MAAM,CAACC,QAAQ,CAACnF,MAAM,CAACyE,qBAAqB,CAAC;UAC/C;UACA,OAAOgB,aAAa;QACtB,CAAC,CAAC;MACJ,CAAC,MAAM;QACL,IAAIvF,OAAO,CAACyF,yBAAyB,EAAE;UACrC;UACA,IAAI,CAAC7E,YAAY,CAACK,KAAK,EAAE;QAC3B,CAAC,MAAM;UACL,IAAI,CAACL,YAAY,CAAC8E,qBAAqB,EAAE;QAC3C;QACA;QACAV,MAAM,CAACC,QAAQ,CAACnF,MAAM,CAAC8E,SAAS,CAAC;QACjC,OAAO,IAAI;MACb;IACF;EAEF,CAAC,kDAnS4Be,MAAM;AAqSrC"}
package/cjs/oidc/types/TokenManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"TokenManager.js","names":["EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","EVENT_SET_STORAGE"],"sources":["../../../../lib/oidc/types/TokenManager.ts"],"sourcesContent":["/* eslint-disable max-len */\nimport { StorageProvider } from '../../storage/types';\nimport { TokenManagerOptions } from './options';\nimport { AccessToken, IDToken, RefreshToken, Token, Tokens, TokenType } from './Token';\n\nexport interface TokenManagerError {\n errorSummary: string;\n errorCode: string;\n message: string;\n name: string;\n tokenKey: string;\n}\n\nexport declare type AccessTokenCallback = (key: string, token: AccessToken) => void;\nexport declare type IDTokenCallback = (key: string, token: IDToken) => void;\nexport declare type RefreshTokenCallback = (key: string, token: RefreshToken) => void;\n\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\nexport const EVENT_SET_STORAGE = 'set_storage';\n\nexport declare type TokenManagerErrorEventHandler = (error: TokenManagerError) => void;\nexport declare type TokenManagerEventHandler = (key: string, token: Token) => void;\nexport declare type TokenManagerRenewEventHandler = (key: string, token: Token, oldtoken: Token) => void;\nexport declare type TokenManagerSetStorageEventHandler = (storage: Tokens) => void;\n\nexport declare type TokenManagerAnyEventHandler = TokenManagerErrorEventHandler | TokenManagerRenewEventHandler | TokenManagerSetStorageEventHandler | TokenManagerEventHandler;\nexport declare type TokenManagerAnyEvent = typeof EVENT_RENEWED | typeof EVENT_ERROR | typeof EVENT_SET_STORAGE | typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED;\n\n// only add methods needed internally\nexport interface TokenManagerInterface {\n on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, handler: TokenManagerEventHandler, context?: object): void;\n\n off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, handler?: TokenManagerEventHandler): void;\n\n clear(): void;\n setExpireEventTimeout(key: string, token: Token): void;\n clearExpireEventTimeout(key: string): void;\n clearExpireEventTimeoutAll(): void;\n emitAdded(key: string, token: Token): void;\n emitError(error: Error): void;\n emitRemoved(key: string, token: Token): void;\n emitRenewed(key: string, token: Token, oldToken?: Token): void;\n renew(key: string): Promise<Token | undefined>;\n remove(key: string): void;\n hasExpired(token: Token): boolean;\n getExpireTime(token: Token): number;\n\n get(key): Promise<Token>;\n getSync(key): Token;\n getTokens(): Promise<Tokens>;\n getTokensSync(): Tokens;\n setTokens({ accessToken, idToken, refreshToken }: Tokens, accessTokenCb?: AccessTokenCallback, idTokenCb?: IDTokenCallback, refreshTokenCb?: RefreshTokenCallback): void;\n getStorageKeyByType(type: TokenType): string;\n add(key: any, token: Token): void;\n updateRefreshToken(token: RefreshToken);\n removeRefreshToken(): void;\n clearPendingRemoveTokens(): void;\n\n getOptions(): TokenManagerOptions;\n getStorage(): StorageProvider;\n\n start();\n stop();\n}\n"],"mappings":";;;AAAA;;AAiBO,MAAMA,aAAa,GAAG,SAAS;AAAC;AAChC,MAAMC,aAAa,GAAG,SAAS;AAAC;AAChC,MAAMC,WAAW,GAAG,OAAO;AAAC;AAC5B,MAAMC,aAAa,GAAG,SAAS;AAAC;AAChC,MAAMC,WAAW,GAAG,OAAO;AAAC;AAC5B,MAAMC,iBAAiB,GAAG,aAAa;AAAC"}
1
+ {"version":3,"file":"TokenManager.js","names":["EVENT_EXPIRED","EVENT_RENEWED","EVENT_ADDED","EVENT_REMOVED","EVENT_ERROR","EVENT_SET_STORAGE"],"sources":["../../../../lib/oidc/types/TokenManager.ts"],"sourcesContent":["/* eslint-disable max-len */\nimport { StorageProvider } from '../../storage/types';\nimport { TokenManagerOptions } from './options';\nimport { AccessToken, IDToken, RefreshToken, Token, Tokens, TokenType } from './Token';\n\nexport interface TokenManagerError {\n errorSummary: string;\n errorCode: string;\n message: string;\n name: string;\n tokenKey: string;\n}\n\nexport declare type AccessTokenCallback = (key: string, token: AccessToken) => void;\nexport declare type IDTokenCallback = (key: string, token: IDToken) => void;\nexport declare type RefreshTokenCallback = (key: string, token: RefreshToken) => void;\n\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\nexport const EVENT_SET_STORAGE = 'set_storage';\n\nexport declare type TokenManagerErrorEventHandler = (error: TokenManagerError) => void;\nexport declare type TokenManagerEventHandler = (key: string, token: Token) => void;\nexport declare type TokenManagerRenewEventHandler = (key: string, token: Token, oldtoken: Token) => void;\nexport declare type TokenManagerSetStorageEventHandler = (storage: Tokens) => void;\n\nexport declare type TokenManagerAnyEventHandler = TokenManagerErrorEventHandler | TokenManagerRenewEventHandler | TokenManagerSetStorageEventHandler | TokenManagerEventHandler;\nexport declare type TokenManagerAnyEvent = typeof EVENT_RENEWED | typeof EVENT_ERROR | typeof EVENT_SET_STORAGE | typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED;\n\n// only add methods needed internally\nexport interface TokenManagerInterface {\n on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, handler: TokenManagerEventHandler, context?: object): void;\n\n off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, handler?: TokenManagerEventHandler): void;\n\n clear(): void;\n setExpireEventTimeout(key: string, token: Token): void;\n clearExpireEventTimeout(key: string): void;\n clearExpireEventTimeoutAll(): void;\n emitAdded(key: string, token: Token): void;\n emitError(error: Error): void;\n emitRemoved(key: string, token: Token): void;\n emitRenewed(key: string, token: Token, oldToken?: Token): void;\n renew(key: string): Promise<Token | undefined>;\n remove(key: string): void;\n hasExpired(token: Token): boolean;\n getExpireTime(token: Token): number;\n\n get(key): Promise<Token>;\n getSync(key): Token;\n getTokens(): Promise<Tokens>;\n getTokensSync(): Tokens;\n setTokens({ accessToken, idToken, refreshToken }: Tokens, accessTokenCb?: AccessTokenCallback, idTokenCb?: IDTokenCallback, refreshTokenCb?: RefreshTokenCallback): void;\n getStorageKeyByType(type: TokenType): string;\n add(key: any, token: Token): void;\n updateRefreshToken(token: RefreshToken);\n removeRefreshToken(): void;\n clearPendingRemoveTokens(): void;\n\n getOptions(): TokenManagerOptions;\n getStorage(): StorageProvider;\n\n start();\n stop();\n isStarted(): boolean;\n}\n"],"mappings":";;;AAAA;;AAiBO,MAAMA,aAAa,GAAG,SAAS;AAAC;AAChC,MAAMC,aAAa,GAAG,SAAS;AAAC;AAChC,MAAMC,WAAW,GAAG,OAAO;AAAC;AAC5B,MAAMC,aAAa,GAAG,SAAS;AAAC;AAChC,MAAMC,WAAW,GAAG,OAAO;AAAC;AAC5B,MAAMC,iBAAiB,GAAG,aAAa;AAAC"}
package/cjs/oidc/types/api.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"api.js","names":[],"sources":["../../../../lib/oidc/types/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { JWTObject } from './JWT';\nimport { OAuthTransactionMeta, PKCETransactionMeta } from './meta';\nimport { CustomUrls, OktaAuthOAuthOptions, SigninWithRedirectOptions, TokenParams } from './options';\nimport { OAuthStorageManagerInterface } from './storage';\nimport { AccessToken, IDToken, RefreshToken, RevocableToken, Token, Tokens } from './Token';\nimport { TokenManagerInterface } from './TokenManager';\nimport { CustomUserClaims, UserClaims } from './UserClaims';\nimport { TransactionManagerInterface } from './TransactionManager';\nimport { OktaAuthSessionInterface } from '../../session/types';\n\nexport interface PopupParams {\n popupTitle?: string;\n popupWindow?: Window;\n}\n\nexport interface TokenResponse {\n tokens: Tokens;\n state: string;\n code?: string;\n}\n\nexport interface ParseFromUrlOptions {\n url?: string;\n responseMode?: string;\n}\n\nexport type ParseFromUrlFunction = (options?: string | ParseFromUrlOptions) => Promise<TokenResponse>;\n\nexport interface ParseFromUrlInterface extends ParseFromUrlFunction {\n _getDocument: () => Document;\n _getLocation: () => Location;\n _getHistory: () => History;\n}\n\nexport type GetWithRedirectFunction = (params?: TokenParams) => Promise<void>;\n\nexport type SetLocationFunction = (loc: string) => void;\n\nexport interface GetWithRedirectAPI extends GetWithRedirectFunction {\n _setLocation: SetLocationFunction;\n}\n\nexport interface BaseTokenAPI {\n decode(token: string): JWTObject;\n prepareTokenParams(params?: TokenParams): Promise<TokenParams>;\n exchangeCodeForTokens(params: TokenParams, urls?: CustomUrls): Promise<TokenResponse>;\n}\n\nexport interface TokenAPI extends BaseTokenAPI {\n getUserInfo<S extends CustomUserClaims = CustomUserClaims>(\n accessToken?: AccessToken,\n idToken?: IDToken\n ): Promise<UserClaims<S>>;\n getWithRedirect: GetWithRedirectAPI;\n parseFromUrl: ParseFromUrlInterface;\n getWithoutPrompt(params?: TokenParams): Promise<TokenResponse>;\n getWithPopup(params?: TokenParams): Promise<TokenResponse>;\n revoke(token: RevocableToken): Promise<object>;\n renew(token: Token): Promise<Token | undefined>;\n renewTokens(options?: TokenParams): Promise<Tokens>;\n renewTokensWithRefresh(tokenParams: TokenParams, refreshTokenObject: RefreshToken): Promise<Tokens>;\n verify(token: IDToken, params?: object): Promise<IDToken>;\n isLoginRedirect(): boolean;\n}\n\nexport interface TokenVerifyParams {\n clientId: string;\n issuer: string;\n ignoreSignature?: boolean;\n nonce?: string;\n accessToken?: string; // raw access token string\n acrValues?: string;\n}\n\nexport interface IDTokenAPI {\n authorize: {\n _getLocationHref: () => string;\n };\n}\n\nexport interface PkceAPI {\n DEFAULT_CODE_CHALLENGE_METHOD: string;\n generateVerifier(prefix: string): string;\n computeChallenge(str: string): PromiseLike<any>;\n}\n\nexport interface IsAuthenticatedOptions {\n onExpiredToken?: 'renew' | 'remove' | 'none';\n}\n\nexport interface SignoutRedirectUrlOptions {\n postLogoutRedirectUri?: string;\n idToken?: IDToken;\n state?: string;\n}\n\nexport interface SignoutOptions extends SignoutRedirectUrlOptions {\n revokeAccessToken?: boolean;\n revokeRefreshToken?: boolean;\n accessToken?: AccessToken;\n refreshToken?: RefreshToken;\n clearTokensBeforeRedirect?: boolean;\n}\n\nexport interface OriginalUriApi {\n getOriginalUri(state?: string): string | undefined;\n setOriginalUri(originalUri: string, state?: string): void;\n removeOriginalUri(state?: string): void;\n}\n\nexport interface OktaAuthOAuthInterface\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface\n> \n extends OktaAuthSessionInterface<S, O>,\n OriginalUriApi\n{\n token: TokenAPI;\n tokenManager: TokenManagerInterface;\n pkce: PkceAPI;\n transactionManager: TM;\n \n isPKCE(): boolean;\n getIdToken(): string | undefined;\n getAccessToken(): string | undefined;\n getRefreshToken(): string | undefined;\n\n isAuthenticated(options?: IsAuthenticatedOptions): Promise<boolean>;\n signOut(opts?: SignoutOptions): Promise<void>;\n isLoginRedirect(): boolean;\n storeTokensFromRedirect(): Promise<void>;\n getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>>;\n signInWithRedirect(opts?: SigninWithRedirectOptions): Promise<void>;\n \n revokeAccessToken(accessToken?: AccessToken): Promise<unknown>;\n revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown>;\n}\n"],"mappings":""}
1
+ {"version":3,"file":"api.js","names":[],"sources":["../../../../lib/oidc/types/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { JWTObject } from './JWT';\nimport { OAuthTransactionMeta, PKCETransactionMeta } from './meta';\nimport { CustomUrls, OktaAuthOAuthOptions, SigninWithRedirectOptions, TokenParams } from './options';\nimport { OAuthResponseType } from './proto';\nimport { OAuthStorageManagerInterface } from './storage';\nimport { AccessToken, IDToken, RefreshToken, RevocableToken, Token, Tokens } from './Token';\nimport { TokenManagerInterface } from './TokenManager';\nimport { CustomUserClaims, UserClaims } from './UserClaims';\nimport { TransactionManagerInterface } from './TransactionManager';\nimport { OktaAuthSessionInterface } from '../../session/types';\nimport { Endpoints } from './endpoints';\n\nexport interface PopupParams {\n popupTitle?: string;\n popupWindow?: Window;\n}\n\nexport interface TokenResponse {\n tokens: Tokens;\n state: string;\n code?: string;\n responseType?: OAuthResponseType | OAuthResponseType[] | 'none';\n}\n\nexport interface ParseFromUrlOptions {\n url?: string;\n responseMode?: string;\n}\n\nexport type ParseFromUrlFunction = (options?: string | ParseFromUrlOptions) => Promise<TokenResponse>;\n\nexport interface ParseFromUrlInterface extends ParseFromUrlFunction {\n _getDocument: () => Document;\n _getLocation: () => Location;\n _getHistory: () => History;\n}\n\nexport type GetWithRedirectFunction = (params?: TokenParams) => Promise<void>;\n\nexport type SetLocationFunction = (loc: string) => void;\n\nexport interface BaseTokenAPI {\n decode(token: string): JWTObject;\n prepareTokenParams(params?: TokenParams): Promise<TokenParams>;\n exchangeCodeForTokens(params: TokenParams, urls?: CustomUrls): Promise<TokenResponse>;\n}\n\nexport interface TokenAPI extends BaseTokenAPI {\n getUserInfo<S extends CustomUserClaims = CustomUserClaims>(\n accessToken?: AccessToken,\n idToken?: IDToken\n ): Promise<UserClaims<S>>;\n getWithRedirect: GetWithRedirectFunction;\n parseFromUrl: ParseFromUrlInterface;\n getWithoutPrompt(params?: TokenParams): Promise<TokenResponse>;\n getWithPopup(params?: TokenParams): Promise<TokenResponse>;\n revoke(token: RevocableToken): Promise<object>;\n renew(token: Token): Promise<Token | undefined>;\n renewTokens(options?: TokenParams): Promise<Tokens>;\n renewTokensWithRefresh(tokenParams: TokenParams, refreshTokenObject: RefreshToken): Promise<Tokens>;\n verify(token: IDToken, params?: object): Promise<IDToken>;\n isLoginRedirect(): boolean;\n}\n\nexport interface TokenVerifyParams {\n clientId: string;\n issuer: string;\n ignoreSignature?: boolean;\n nonce?: string;\n accessToken?: string; // raw access token string\n acrValues?: string;\n}\n\nexport interface IDTokenAPI {\n authorize: {\n _getLocationHref: () => string;\n };\n}\n\nexport interface PkceAPI {\n DEFAULT_CODE_CHALLENGE_METHOD: string;\n generateVerifier(prefix: string): string;\n computeChallenge(str: string): PromiseLike<any>;\n}\n\nexport interface IsAuthenticatedOptions {\n onExpiredToken?: 'renew' | 'remove' | 'none';\n}\n\nexport interface SignoutRedirectUrlOptions {\n postLogoutRedirectUri?: string;\n idToken?: IDToken;\n state?: string;\n}\n\nexport interface SignoutOptions extends SignoutRedirectUrlOptions {\n revokeAccessToken?: boolean;\n revokeRefreshToken?: boolean;\n accessToken?: AccessToken;\n refreshToken?: RefreshToken;\n clearTokensBeforeRedirect?: boolean;\n}\n\nexport interface OriginalUriApi {\n getOriginalUri(state?: string): string | undefined;\n setOriginalUri(originalUri: string, state?: string): void;\n removeOriginalUri(state?: string): void;\n}\n\nexport interface OktaAuthOAuthInterface\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface\n> \n extends OktaAuthSessionInterface<S, O>,\n OriginalUriApi\n{\n token: TokenAPI;\n tokenManager: TokenManagerInterface;\n pkce: PkceAPI;\n transactionManager: TM;\n endpoints: Endpoints;\n \n isPKCE(): boolean;\n getIdToken(): string | undefined;\n getAccessToken(): string | undefined;\n getRefreshToken(): string | undefined;\n\n isAuthenticated(options?: IsAuthenticatedOptions): Promise<boolean>;\n signOut(opts?: SignoutOptions): Promise<boolean>;\n isLoginRedirect(): boolean;\n storeTokensFromRedirect(): Promise<void>;\n getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>>;\n signInWithRedirect(opts?: SigninWithRedirectOptions): Promise<void>;\n \n revokeAccessToken(accessToken?: AccessToken): Promise<unknown>;\n revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown>;\n}\n"],"mappings":""}
package/cjs/oidc/types/endpoints.js ADDED
@@ -0,0 +1,2 @@
1
+ "use strict";
2
+ //# sourceMappingURL=endpoints.js.map
package/cjs/oidc/types/endpoints.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"endpoints.js","names":[],"sources":["../../../../lib/oidc/types/endpoints.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport {\n EnrollAuthenticatorOptions\n} from './options';\n\nexport type EnrollAuthenticatorFunction = (params: EnrollAuthenticatorOptions) => void;\n\nexport interface Endpoints {\n authorize: {\n enrollAuthenticator: EnrollAuthenticatorFunction;\n }\n}\n"],"mappings":""}
package/cjs/oidc/types/index.js CHANGED
@@ -121,4 +121,15 @@ Object.keys(_UserClaims).forEach(function (key) {
121
121
  }
122
122
  });
123
123
  });
124
+ var _endpoints = require("./endpoints");
125
+ Object.keys(_endpoints).forEach(function (key) {
126
+ if (key === "default" || key === "__esModule") return;
127
+ if (key in exports && exports[key] === _endpoints[key]) return;
128
+ Object.defineProperty(exports, key, {
129
+ enumerable: true,
130
+ get: function () {
131
+ return _endpoints[key];
132
+ }
133
+ });
134
+ });
124
135
  //# sourceMappingURL=index.js.map
package/cjs/oidc/types/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","names":[],"sources":["../../../../lib/oidc/types/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport * from './api';\nexport * from './JWT';\nexport * from './meta';\nexport * from './options';\nexport * from './proto';\nexport * from './storage';\nexport * from './Token';\nexport * from './TokenManager';\nexport * from './Transaction';\nexport * from './TransactionManager';\nexport * from './UserClaims';\n"],"mappings":";;AAYA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}
1
+ {"version":3,"file":"index.js","names":[],"sources":["../../../../lib/oidc/types/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport * from './api';\nexport * from './JWT';\nexport * from './meta';\nexport * from './options';\nexport * from './proto';\nexport * from './storage';\nexport * from './Token';\nexport * from './TokenManager';\nexport * from './Transaction';\nexport * from './TransactionManager';\nexport * from './UserClaims';\nexport * from './endpoints';\n"],"mappings":";;AAYA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}
package/cjs/oidc/types/meta.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"meta.js","names":[],"sources":["../../../../lib/oidc/types/meta.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { CustomUrls, TokenParams } from './options';\n\n// formerly known as \"Redirect OAuth Params\"\nexport interface OAuthTransactionMeta extends\n Pick<TokenParams,\n 'issuer' |\n 'clientId' |\n 'redirectUri' |\n 'responseType' |\n 'responseMode' |\n 'scopes' |\n 'state' |\n 'pkce' |\n 'ignoreSignature' |\n 'nonce' |\n 'acrValues'\n >\n{\n urls: CustomUrls;\n originalUri?: string;\n}\n\nexport interface PKCETransactionMeta extends\n OAuthTransactionMeta,\n Pick<TokenParams,\n 'codeChallenge' |\n 'codeChallengeMethod' |\n 'codeVerifier'\n >\n{}\n\nexport interface TransactionMetaOptions extends\n Pick<PKCETransactionMeta,\n 'state' |\n 'codeChallenge' |\n 'codeChallengeMethod' |\n 'codeVerifier'\n >\n{\n muteWarning?: boolean;\n}\n"],"mappings":""}
1
+ {"version":3,"file":"meta.js","names":[],"sources":["../../../../lib/oidc/types/meta.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { CustomUrls, TokenParams } from './options';\n\n// formerly known as \"Redirect OAuth Params\"\nexport interface OAuthTransactionMeta extends\n Pick<TokenParams,\n 'issuer' |\n 'clientId' |\n 'redirectUri' |\n 'responseType' |\n 'responseMode' |\n 'scopes' |\n 'state' |\n 'pkce' |\n 'ignoreSignature' |\n 'nonce' |\n 'acrValues' |\n 'enrollAmrValues'\n >\n{\n urls: CustomUrls;\n originalUri?: string;\n}\n\nexport interface PKCETransactionMeta extends\n OAuthTransactionMeta,\n Pick<TokenParams,\n 'codeChallenge' |\n 'codeChallengeMethod' |\n 'codeVerifier'\n >\n{}\n\nexport interface TransactionMetaOptions extends\n Pick<PKCETransactionMeta,\n 'state' |\n 'codeChallenge' |\n 'codeChallengeMethod' |\n 'codeVerifier'\n >\n{\n muteWarning?: boolean;\n}\n"],"mappings":""}
package/cjs/oidc/types/options.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"options.js","names":[],"sources":["../../../../lib/oidc/types/options.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuthOptionsConstructor } from '../../base/types';\nimport { OktaAuthHttpOptions } from '../../http/types';\nimport { SimpleStorage } from '../../storage/types';\nimport { OktaAuthOAuthInterface, SetLocationFunction } from './api';\nimport { OAuthResponseMode, OAuthResponseType } from './proto';\nimport { TransactionManagerOptions } from './Transaction';\n\nexport interface CustomUrls {\n issuer?: string;\n authorizeUrl?: string;\n userinfoUrl?: string;\n tokenUrl?: string;\n revokeUrl?: string;\n logoutUrl?: string;\n}\n\nexport interface TokenParams extends CustomUrls {\n pkce?: boolean;\n clientId?: string;\n redirectUri?: string;\n responseType?: OAuthResponseType | OAuthResponseType[];\n responseMode?: OAuthResponseMode;\n state?: string;\n nonce?: string;\n scopes?: string[];\n display?: string;\n ignoreSignature?: boolean;\n codeVerifier?: string;\n authorizationCode?: string;\n codeChallenge?: string;\n codeChallengeMethod?: string;\n interactionCode?: string;\n idp?: string;\n idpScope?: string | string[];\n loginHint?: string;\n maxAge?: string | number;\n acrValues?: string;\n prompt?: string;\n sessionToken?: string;\n timeout?: number;\n extraParams?: { [propName: string]: string }; // custom authorize query params\n // TODO: remove in the next major version\n popupTitle?: string;\n}\n\nexport interface TokenManagerOptions {\n autoRenew?: boolean;\n autoRemove?: boolean;\n clearPendingRemoveTokens?: boolean;\n secure?: boolean;\n storage?: string | SimpleStorage;\n storageKey?: string;\n expireEarlySeconds?: number;\n syncStorage?: boolean;\n}\n\nexport interface SigninWithRedirectOptions extends TokenParams {\n originalUri?: string;\n}\n\nexport interface OktaAuthOAuthOptions extends\n OktaAuthHttpOptions,\n CustomUrls,\n Pick<TokenParams,\n 'issuer' |\n 'clientId' |\n 'redirectUri' |\n 'responseType' |\n 'responseMode' |\n 'scopes' |\n 'state' |\n 'pkce' |\n 'ignoreSignature' |\n 'codeChallenge' |\n 'codeChallengeMethod' |\n 'maxAge' |\n 'acrValues'\n >\n{\n ignoreLifetime?: boolean;\n tokenManager?: TokenManagerOptions;\n postLogoutRedirectUri?: string;\n maxClockSkew?: number;\n restoreOriginalUri?: (oktaAuth: OktaAuthOAuthInterface, originalUri?: string) => Promise<void>;\n\n transactionManager?: TransactionManagerOptions;\n\n // For server-side web applications ONLY!\n clientSecret?: string;\n setLocation?: SetLocationFunction;\n}\n\nexport type OktaAuthOauthOptionsConstructor = OktaAuthOptionsConstructor<OktaAuthOAuthOptions>;\n"],"mappings":""}
1
+ {"version":3,"file":"options.js","names":[],"sources":["../../../../lib/oidc/types/options.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuthOptionsConstructor } from '../../base/types';\nimport { OktaAuthHttpOptions } from '../../http/types';\nimport { SimpleStorage } from '../../storage/types';\nimport { OktaAuthOAuthInterface, SetLocationFunction } from './api';\nimport { OAuthResponseMode, OAuthResponseType } from './proto';\nimport { TransactionManagerOptions } from './Transaction';\n\nexport interface CustomUrls {\n issuer?: string;\n authorizeUrl?: string;\n userinfoUrl?: string;\n tokenUrl?: string;\n revokeUrl?: string;\n logoutUrl?: string;\n}\n\nexport interface TokenParams extends CustomUrls {\n pkce?: boolean;\n clientId?: string;\n redirectUri?: string;\n responseType?: OAuthResponseType | OAuthResponseType[] | 'none';\n responseMode?: OAuthResponseMode;\n state?: string;\n nonce?: string;\n scopes?: string[];\n enrollAmrValues?: string | string[];\n display?: string;\n ignoreSignature?: boolean;\n codeVerifier?: string;\n authorizationCode?: string;\n codeChallenge?: string;\n codeChallengeMethod?: string;\n interactionCode?: string;\n idp?: string;\n idpScope?: string | string[];\n loginHint?: string;\n maxAge?: string | number;\n acrValues?: string;\n prompt?: string;\n sessionToken?: string;\n timeout?: number;\n extraParams?: { [propName: string]: string }; // custom authorize query params\n // TODO: remove in the next major version\n popupTitle?: string;\n}\n\nexport interface TokenManagerOptions {\n autoRenew?: boolean;\n autoRemove?: boolean;\n clearPendingRemoveTokens?: boolean;\n secure?: boolean;\n storage?: string | SimpleStorage;\n storageKey?: string;\n expireEarlySeconds?: number;\n syncStorage?: boolean;\n}\n\nexport interface EnrollAuthenticatorOptions extends TokenParams {\n enrollAmrValues: string | string[];\n acrValues: string;\n}\n\nexport interface SigninWithRedirectOptions extends TokenParams {\n originalUri?: string;\n}\n\nexport interface OktaAuthOAuthOptions extends\n OktaAuthHttpOptions,\n CustomUrls,\n Pick<TokenParams,\n 'issuer' |\n 'clientId' |\n 'redirectUri' |\n 'responseType' |\n 'responseMode' |\n 'scopes' |\n 'state' |\n 'pkce' |\n 'ignoreSignature' |\n 'codeChallenge' |\n 'codeChallengeMethod' |\n 'maxAge' |\n 'acrValues'\n >\n{\n ignoreLifetime?: boolean;\n tokenManager?: TokenManagerOptions;\n postLogoutRedirectUri?: string;\n maxClockSkew?: number;\n restoreOriginalUri?: (oktaAuth: OktaAuthOAuthInterface, originalUri?: string) => Promise<void>;\n\n transactionManager?: TransactionManagerOptions;\n\n // For server-side web applications ONLY!\n clientSecret?: string;\n setLocation?: SetLocationFunction;\n}\n\nexport type OktaAuthOauthOptionsConstructor = OktaAuthOptionsConstructor<OktaAuthOAuthOptions>;\n"],"mappings":""}
package/cjs/oidc/types/proto.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"proto.js","names":[],"sources":["../../../../lib/oidc/types/proto.ts"],"sourcesContent":["/* eslint-disable camelcase */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport interface OAuthParams {\n client_id?: string;\n code_challenge?: string;\n code_challenge_method?: string;\n display?: string;\n idp?: string;\n idp_scope?: string | string[];\n login_hint?: string;\n max_age?: string | number;\n nonce?: string;\n prompt?: string;\n redirect_uri?: string;\n response_mode?: string;\n response_type?: string | string[];\n scope?: string;\n sessionToken?: string;\n state?: string;\n grant_type?: string;\n code?: string;\n interaction_code?: string;\n acr_values?: string;\n}\n\nexport interface OAuthResponse {\n state?: string;\n code?: string;\n interaction_code?: string;\n expires_in?: string;\n token_type?: string;\n access_token?: string;\n id_token?: string;\n refresh_token?: string;\n scope?: string;\n error?: string;\n error_description?: string;\n}\n\nexport interface WellKnownResponse {\n issuer: string;\n authorization_endpoint: string;\n userinfo_endpoint: string;\n jwks_uri: string;\n response_types_supported: string[];\n response_modes_supported: string[];\n grant_types_supported: string[];\n subject_types_supported: string[];\n id_token_signing_alg_values_supported: string[];\n scopes_supported: string[];\n claims_supported: string[];\n}\n\n\nexport type OAuthResponseMode = 'okta_post_message' |'fragment' |'query' |'form_post';\n\nexport type OAuthResponseType = 'code' |'token' |'id_token' | 'refresh_token';\n"],"mappings":""}
1
+ {"version":3,"file":"proto.js","names":[],"sources":["../../../../lib/oidc/types/proto.ts"],"sourcesContent":["/* eslint-disable camelcase */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport interface OAuthParams {\n client_id?: string;\n code_challenge?: string;\n code_challenge_method?: string;\n display?: string;\n idp?: string;\n idp_scope?: string | string[];\n login_hint?: string;\n max_age?: string | number;\n nonce?: string;\n prompt?: string;\n redirect_uri?: string;\n response_mode?: string;\n response_type?: string | string[];\n scope?: string;\n sessionToken?: string;\n state?: string;\n grant_type?: string;\n code?: string;\n interaction_code?: string;\n acr_values?: string;\n enroll_amr_values?: string | string[];\n}\n\nexport interface OAuthResponse {\n state?: string;\n code?: string;\n interaction_code?: string;\n expires_in?: string;\n token_type?: string;\n access_token?: string;\n id_token?: string;\n refresh_token?: string;\n scope?: string;\n error?: string;\n error_description?: string;\n}\n\nexport interface WellKnownResponse {\n issuer: string;\n authorization_endpoint: string;\n userinfo_endpoint: string;\n jwks_uri: string;\n response_types_supported: string[];\n response_modes_supported: string[];\n grant_types_supported: string[];\n subject_types_supported: string[];\n id_token_signing_alg_values_supported: string[];\n scopes_supported: string[];\n claims_supported: string[];\n}\n\n\nexport type OAuthResponseMode = 'okta_post_message' |'fragment' |'query' |'form_post';\n\nexport type OAuthResponseType = 'code' |'token' |'id_token' | 'refresh_token';\n"],"mappings":""}
package/cjs/oidc/util/defaultEnrollAuthenticatorParams.js ADDED
@@ -0,0 +1,38 @@
1
+ "use strict";
2
+
3
+ exports.getDefaultEnrollAuthenticatorParams = getDefaultEnrollAuthenticatorParams;
4
+ var _oauth = require("./oauth");
5
+ var _features = require("../../features");
6
+ var _util = require("../../util");
7
+ /* global window */
8
+ /*!
9
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
10
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
11
+ *
12
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
13
+ * Unless required by applicable law or agreed to in writing, software
14
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16
+ *
17
+ * See the License for the specific language governing permissions and limitations under the License.
18
+ *
19
+ */
20
+
21
+ function getDefaultEnrollAuthenticatorParams(sdk) {
22
+ const {
23
+ clientId,
24
+ redirectUri,
25
+ responseMode,
26
+ state
27
+ } = sdk.options;
28
+ const defaultRedirectUri = (0, _features.isBrowser)() ? window.location.href : undefined;
29
+ return (0, _util.removeNils)({
30
+ clientId,
31
+ redirectUri: redirectUri || defaultRedirectUri,
32
+ responseMode,
33
+ state: state || (0, _oauth.generateState)(),
34
+ responseType: 'none',
35
+ prompt: 'enroll_authenticator'
36
+ });
37
+ }
38
+ //# sourceMappingURL=defaultEnrollAuthenticatorParams.js.map
package/cjs/oidc/util/defaultEnrollAuthenticatorParams.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"defaultEnrollAuthenticatorParams.js","names":["getDefaultEnrollAuthenticatorParams","sdk","clientId","redirectUri","responseMode","state","options","defaultRedirectUri","isBrowser","window","location","href","undefined","removeNils","generateState","responseType","prompt"],"sources":["../../../../lib/oidc/util/defaultEnrollAuthenticatorParams.ts"],"sourcesContent":["\n/* global window */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { generateState } from './oauth';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { isBrowser } from '../../features';\nimport { removeNils } from '../../util';\n\nexport function getDefaultEnrollAuthenticatorParams(sdk: OktaAuthOAuthInterface): TokenParams {\n const {\n clientId,\n redirectUri,\n responseMode,\n state,\n } = sdk.options;\n const defaultRedirectUri = isBrowser() ? window.location.href : undefined;\n return removeNils({\n clientId,\n redirectUri: redirectUri || defaultRedirectUri,\n responseMode,\n state: state || generateState(),\n responseType: 'none',\n prompt: 'enroll_authenticator',\n });\n}"],"mappings":";;;AAcA;AAEA;AACA;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAMO,SAASA,mCAAmC,CAACC,GAA2B,EAAe;EAC5F,MAAM;IACJC,QAAQ;IACRC,WAAW;IACXC,YAAY;IACZC;EACF,CAAC,GAAGJ,GAAG,CAACK,OAAO;EACf,MAAMC,kBAAkB,GAAG,IAAAC,mBAAS,GAAE,GAAGC,MAAM,CAACC,QAAQ,CAACC,IAAI,GAAGC,SAAS;EACzE,OAAO,IAAAC,gBAAU,EAAC;IAChBX,QAAQ;IACRC,WAAW,EAAEA,WAAW,IAAII,kBAAkB;IAC9CH,YAAY;IACZC,KAAK,EAAEA,KAAK,IAAI,IAAAS,oBAAa,GAAE;IAC/BC,YAAY,EAAE,MAAM;IACpBC,MAAM,EAAE;EACV,CAAC,CAAC;AACJ"}
package/cjs/oidc/util/enrollAuthenticatorMeta.js ADDED
@@ -0,0 +1,23 @@
1
+ "use strict";
2
+
3
+ exports.createEnrollAuthenticatorMeta = createEnrollAuthenticatorMeta;
4
+ var _oauth = require("./oauth");
5
+ /* eslint-disable @typescript-eslint/no-non-null-assertion */
6
+
7
+ function createEnrollAuthenticatorMeta(sdk, params) {
8
+ const issuer = sdk.options.issuer;
9
+ const urls = (0, _oauth.getOAuthUrls)(sdk, params);
10
+ const oauthMeta = {
11
+ issuer,
12
+ urls,
13
+ clientId: params.clientId,
14
+ redirectUri: params.redirectUri,
15
+ responseType: params.responseType,
16
+ responseMode: params.responseMode,
17
+ state: params.state,
18
+ acrValues: params.acrValues,
19
+ enrollAmrValues: params.enrollAmrValues
20
+ };
21
+ return oauthMeta;
22
+ }
23
+ //# sourceMappingURL=enrollAuthenticatorMeta.js.map
package/cjs/oidc/util/enrollAuthenticatorMeta.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"enrollAuthenticatorMeta.js","names":["createEnrollAuthenticatorMeta","sdk","params","issuer","options","urls","getOAuthUrls","oauthMeta","clientId","redirectUri","responseType","responseMode","state","acrValues","enrollAmrValues"],"sources":["../../../../lib/oidc/util/enrollAuthenticatorMeta.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport { OAuthTransactionMeta, OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from '../types';\nimport { getOAuthUrls } from './oauth';\n\nexport function createEnrollAuthenticatorMeta(\n sdk: OktaAuthOAuthInterface, \n params: EnrollAuthenticatorOptions\n): OAuthTransactionMeta {\n const issuer = sdk.options.issuer!;\n const urls = getOAuthUrls(sdk, params);\n const oauthMeta: OAuthTransactionMeta = {\n issuer,\n urls,\n clientId: params.clientId!,\n redirectUri: params.redirectUri!,\n responseType: params.responseType!,\n responseMode: params.responseMode!,\n state: params.state!,\n acrValues: params.acrValues,\n enrollAmrValues: params.enrollAmrValues,\n };\n\n return oauthMeta;\n}\n"],"mappings":";;;AAEA;AAFA;;AAIO,SAASA,6BAA6B,CAC3CC,GAA2B,EAC3BC,MAAkC,EACZ;EACtB,MAAMC,MAAM,GAAGF,GAAG,CAACG,OAAO,CAACD,MAAO;EAClC,MAAME,IAAI,GAAG,IAAAC,mBAAY,EAACL,GAAG,EAAEC,MAAM,CAAC;EACtC,MAAMK,SAA+B,GAAG;IACtCJ,MAAM;IACNE,IAAI;IACJG,QAAQ,EAAEN,MAAM,CAACM,QAAS;IAC1BC,WAAW,EAAEP,MAAM,CAACO,WAAY;IAChCC,YAAY,EAAER,MAAM,CAACQ,YAAa;IAClCC,YAAY,EAAET,MAAM,CAACS,YAAa;IAClCC,KAAK,EAAEV,MAAM,CAACU,KAAM;IACpBC,SAAS,EAAEX,MAAM,CAACW,SAAS;IAC3BC,eAAe,EAAEZ,MAAM,CAACY;EAC1B,CAAC;EAED,OAAOP,SAAS;AAClB"}
package/cjs/oidc/util/index.js CHANGED
@@ -34,6 +34,18 @@ Object.keys(_defaultTokenParams).forEach(function (key) {
34
34
  }
35
35
  });
36
36
  });
37
+ var _defaultEnrollAuthenticatorParams = require("./defaultEnrollAuthenticatorParams");
38
+ Object.keys(_defaultEnrollAuthenticatorParams).forEach(function (key) {
39
+ if (key === "default" || key === "__esModule") return;
40
+ if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
41
+ if (key in exports && exports[key] === _defaultEnrollAuthenticatorParams[key]) return;
42
+ Object.defineProperty(exports, key, {
43
+ enumerable: true,
44
+ get: function () {
45
+ return _defaultEnrollAuthenticatorParams[key];
46
+ }
47
+ });
48
+ });
37
49
  var _errors = require("./errors");
38
50
  Object.keys(_errors).forEach(function (key) {
39
51
  if (key === "default" || key === "__esModule") return;
@@ -82,6 +94,18 @@ Object.keys(_oauthMeta).forEach(function (key) {
82
94
  }
83
95
  });
84
96
  });
97
+ var _enrollAuthenticatorMeta = require("./enrollAuthenticatorMeta");
98
+ Object.keys(_enrollAuthenticatorMeta).forEach(function (key) {
99
+ if (key === "default" || key === "__esModule") return;
100
+ if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
101
+ if (key in exports && exports[key] === _enrollAuthenticatorMeta[key]) return;
102
+ Object.defineProperty(exports, key, {
103
+ enumerable: true,
104
+ get: function () {
105
+ return _enrollAuthenticatorMeta[key];
106
+ }
107
+ });
108
+ });
85
109
  var _pkce = _interopRequireDefault(require("./pkce"));
86
110
  var _prepareTokenParams = require("./prepareTokenParams");
87
111
  Object.keys(_prepareTokenParams).forEach(function (key) {
@@ -95,6 +119,18 @@ Object.keys(_prepareTokenParams).forEach(function (key) {
95
119
  }
96
120
  });
97
121
  });
122
+ var _prepareEnrollAuthenticatorParams = require("./prepareEnrollAuthenticatorParams");
123
+ Object.keys(_prepareEnrollAuthenticatorParams).forEach(function (key) {
124
+ if (key === "default" || key === "__esModule") return;
125
+ if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
126
+ if (key in exports && exports[key] === _prepareEnrollAuthenticatorParams[key]) return;
127
+ Object.defineProperty(exports, key, {
128
+ enumerable: true,
129
+ get: function () {
130
+ return _prepareEnrollAuthenticatorParams[key];
131
+ }
132
+ });
133
+ });
98
134
  var _refreshToken = require("./refreshToken");
99
135
  Object.keys(_refreshToken).forEach(function (key) {
100
136
  if (key === "default" || key === "__esModule") return;
package/cjs/oidc/util/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","names":[],"sources":["../../../../lib/oidc/util/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n\nexport * from './browser';\nexport * from './defaultTokenParams';\nexport * from './errors';\nexport * from './loginRedirect';\nexport * from './oauth';\nexport * from './oauthMeta';\nimport pkce from './pkce';\nexport { pkce };\nexport * from './prepareTokenParams';\nexport * from './refreshToken';\nexport * from './urlParams';\nexport * from './validateClaims';\nexport * from './validateToken';\n"],"mappings":";;;;;;;;;;;;AAcA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAEA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}
1
+ {"version":3,"file":"index.js","names":[],"sources":["../../../../lib/oidc/util/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n\nexport * from './browser';\nexport * from './defaultTokenParams';\nexport * from './defaultEnrollAuthenticatorParams';\nexport * from './errors';\nexport * from './loginRedirect';\nexport * from './oauth';\nexport * from './oauthMeta';\nexport * from './enrollAuthenticatorMeta';\nimport pkce from './pkce';\nexport { pkce };\nexport * from './prepareTokenParams';\nexport * from './prepareEnrollAuthenticatorParams';\nexport * from './refreshToken';\nexport * from './urlParams';\nexport * from './validateClaims';\nexport * from './validateToken';\n"],"mappings":";;;;;;;;;;;;AAcA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAEA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}
package/cjs/oidc/util/prepareEnrollAuthenticatorParams.js ADDED
@@ -0,0 +1,50 @@
1
+ "use strict";
2
+
3
+ exports.prepareEnrollAuthenticatorParams = prepareEnrollAuthenticatorParams;
4
+ var _errors = require("../../errors");
5
+ var _defaultEnrollAuthenticatorParams = require("./defaultEnrollAuthenticatorParams");
6
+ /* eslint-disable complexity */
7
+ /*!
8
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
9
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
10
+ *
11
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
12
+ * Unless required by applicable law or agreed to in writing, software
13
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ *
16
+ * See the License for the specific language governing permissions and limitations under the License.
17
+ *
18
+ */
19
+
20
+ function prepareParams(params) {
21
+ params = {
22
+ ...params,
23
+ // forced params:
24
+ responseType: 'none',
25
+ prompt: 'enroll_authenticator',
26
+ maxAge: 0
27
+ };
28
+ if (!params.enrollAmrValues) {
29
+ throw new _errors.AuthSdkError('enroll_amr_values must be specified');
30
+ }
31
+ if (!params.acrValues) {
32
+ // `acr_values` is required and should equal 'urn:okta:2fa:any:ifpossible'
33
+ // But this can be changed in future
34
+ throw new _errors.AuthSdkError('acr_values must be specified');
35
+ }
36
+
37
+ // `scope`, `nonce` must be omitted
38
+ delete params.scopes;
39
+ delete params.nonce;
40
+ return params;
41
+ }
42
+
43
+ // Prepares params for a call to /authorize
44
+ function prepareEnrollAuthenticatorParams(sdk, options) {
45
+ return prepareParams({
46
+ ...(0, _defaultEnrollAuthenticatorParams.getDefaultEnrollAuthenticatorParams)(sdk),
47
+ ...options
48
+ });
49
+ }
50
+ //# sourceMappingURL=prepareEnrollAuthenticatorParams.js.map
package/cjs/oidc/util/prepareEnrollAuthenticatorParams.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"prepareEnrollAuthenticatorParams.js","names":["prepareParams","params","responseType","prompt","maxAge","enrollAmrValues","AuthSdkError","acrValues","scopes","nonce","prepareEnrollAuthenticatorParams","sdk","options","getDefaultEnrollAuthenticatorParams"],"sources":["../../../../lib/oidc/util/prepareEnrollAuthenticatorParams.ts"],"sourcesContent":["/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from '../types';\nimport { getDefaultEnrollAuthenticatorParams } from './defaultEnrollAuthenticatorParams';\n\nfunction prepareParams(\n params: EnrollAuthenticatorOptions\n): EnrollAuthenticatorOptions {\n params = {\n ...params,\n // forced params:\n responseType: 'none',\n prompt: 'enroll_authenticator',\n maxAge: 0,\n };\n\n if (!params.enrollAmrValues) {\n throw new AuthSdkError('enroll_amr_values must be specified');\n }\n if (!params.acrValues) {\n // `acr_values` is required and should equal 'urn:okta:2fa:any:ifpossible'\n // But this can be changed in future\n throw new AuthSdkError('acr_values must be specified');\n }\n\n // `scope`, `nonce` must be omitted\n delete params.scopes;\n delete params.nonce;\n\n return params;\n}\n\n// Prepares params for a call to /authorize\nexport function prepareEnrollAuthenticatorParams(\n sdk: OktaAuthOAuthInterface,\n options: EnrollAuthenticatorOptions\n): EnrollAuthenticatorOptions {\n return prepareParams({\n ...getDefaultEnrollAuthenticatorParams(sdk),\n ...options\n });\n}\n"],"mappings":";;;AAaA;AAEA;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAKA,SAASA,aAAa,CACpBC,MAAkC,EACN;EAC5BA,MAAM,GAAG;IACP,GAAGA,MAAM;IACT;IACAC,YAAY,EAAE,MAAM;IACpBC,MAAM,EAAE,sBAAsB;IAC9BC,MAAM,EAAE;EACV,CAAC;EAED,IAAI,CAACH,MAAM,CAACI,eAAe,EAAE;IAC3B,MAAM,IAAIC,oBAAY,CAAC,qCAAqC,CAAC;EAC/D;EACA,IAAI,CAACL,MAAM,CAACM,SAAS,EAAE;IACrB;IACA;IACA,MAAM,IAAID,oBAAY,CAAC,8BAA8B,CAAC;EACxD;;EAEA;EACA,OAAOL,MAAM,CAACO,MAAM;EACpB,OAAOP,MAAM,CAACQ,KAAK;EAEnB,OAAOR,MAAM;AACf;;AAEA;AACO,SAASS,gCAAgC,CAC9CC,GAA2B,EAC3BC,OAAmC,EACP;EAC5B,OAAOZ,aAAa,CAAC;IACnB,GAAG,IAAAa,qEAAmC,EAACF,GAAG,CAAC;IAC3C,GAAGC;EACL,CAAC,CAAC;AACJ"}
package/cjs/services/AutoRenewService.js CHANGED
@@ -41,6 +41,16 @@ class AutoRenewService {
41
41
  // If tokens sync storage is enabled, handle tokens expiration only in 1 leader tab
42
42
  return !!this.options.syncStorage && (0, _features.isBrowser)();
43
43
  }
44
+ processExpiredTokens() {
45
+ const tokenStorage = this.tokenManager.getStorage();
46
+ const tokens = tokenStorage.getStorage();
47
+ Object.keys(tokens).forEach(key => {
48
+ const token = tokens[key];
49
+ if (!(0, _types.isRefreshToken)(token) && this.tokenManager.hasExpired(token)) {
50
+ this.onTokenExpiredHandler(key);
51
+ }
52
+ });
53
+ }
44
54
  onTokenExpiredHandler(key) {
45
55
  if (this.options.autoRenew) {
46
56
  if (this.shouldThrottleRenew()) {
@@ -54,12 +64,16 @@ class AutoRenewService {
54
64
  }
55
65
  }
56
66
  canStart() {
57
- return !!this.options.autoRenew || !!this.options.autoRemove;
67
+ return (!!this.options.autoRenew || !!this.options.autoRemove) && !this.started;
58
68
  }
59
69
  async start() {
60
70
  if (this.canStart()) {
61
- await this.stop();
62
71
  this.tokenManager.on(_types.EVENT_EXPIRED, this.onTokenExpiredHandler);
72
+ if (this.tokenManager.isStarted()) {
73
+ // If token manager has been already started, we could miss token expire events,
74
+ // so need to process expired tokens manually.
75
+ this.processExpiredTokens();
76
+ }
63
77
  this.started = true;
64
78
  }
65
79
  }
package/cjs/services/AutoRenewService.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"AutoRenewService.js","names":["AutoRenewService","constructor","tokenManager","options","renewTimeQueue","onTokenExpiredHandler","bind","shouldThrottleRenew","res","push","Date","now","length","firstTime","shift","lastTime","requiresLeadership","syncStorage","isBrowser","key","autoRenew","error","AuthSdkError","emitError","renew","catch","autoRemove","remove","canStart","start","stop","on","EVENT_EXPIRED","started","off","isStarted"],"sources":["../../../lib/services/AutoRenewService.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../errors';\nimport { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport { EVENT_EXPIRED, TokenManagerInterface } from '../oidc/types';\nimport { isBrowser } from '../features';\n\nexport class AutoRenewService implements ServiceInterface {\n private tokenManager: TokenManagerInterface;\n private options: ServiceManagerOptions;\n private renewTimeQueue: Array<number>;\n private started = false;\n\n constructor(tokenManager: TokenManagerInterface, options: ServiceManagerOptions = {}) {\n this.tokenManager = tokenManager;\n this.options = options;\n this.renewTimeQueue = [];\n this.onTokenExpiredHandler = this.onTokenExpiredHandler.bind(this);\n }\n \n private shouldThrottleRenew(): boolean {\n let res = false;\n this.renewTimeQueue.push(Date.now());\n if (this.renewTimeQueue.length >= 10) {\n // get and remove first item from queue\n const firstTime = this.renewTimeQueue.shift() as number;\n const lastTime = this.renewTimeQueue[this.renewTimeQueue.length - 1];\n res = (lastTime - firstTime) < 30 * 1000;\n }\n return res;\n }\n\n requiresLeadership() {\n // If tokens sync storage is enabled, handle tokens expiration only in 1 leader tab\n return !!this.options.syncStorage && isBrowser();\n }\n\n private onTokenExpiredHandler(key: string) {\n if (this.options.autoRenew) {\n if (this.shouldThrottleRenew()) {\n const error = new AuthSdkError('Too many token renew requests');\n this.tokenManager.emitError(error);\n } else {\n this.tokenManager.renew(key).catch(() => {}); // Renew errors will emit an \"error\" event \n }\n } else if (this.options.autoRemove) {\n this.tokenManager.remove(key);\n }\n }\n\n canStart() {\n return (!!this.options.autoRenew || !!this.options.autoRemove);\n }\n\n async start() {\n if (this.canStart()) {\n await this.stop();\n this.tokenManager.on(EVENT_EXPIRED, this.onTokenExpiredHandler);\n this.started = true;\n }\n }\n\n async stop() {\n if (this.started) {\n this.tokenManager.off(EVENT_EXPIRED, this.onTokenExpiredHandler);\n this.renewTimeQueue = [];\n this.started = false;\n }\n }\n\n isStarted() {\n return this.started;\n }\n}\n"],"mappings":";;;;;AAaA;AAEA;AACA;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAQO,MAAMA,gBAAgB,CAA6B;EAMxDC,WAAW,CAACC,YAAmC,EAAEC,OAA8B,GAAG,CAAC,CAAC,EAAE;IAAA,+CAFpE,KAAK;IAGrB,IAAI,CAACD,YAAY,GAAGA,YAAY;IAChC,IAAI,CAACC,OAAO,GAAGA,OAAO;IACtB,IAAI,CAACC,cAAc,GAAG,EAAE;IACxB,IAAI,CAACC,qBAAqB,GAAG,IAAI,CAACA,qBAAqB,CAACC,IAAI,CAAC,IAAI,CAAC;EACpE;EAEQC,mBAAmB,GAAY;IACrC,IAAIC,GAAG,GAAG,KAAK;IACf,IAAI,CAACJ,cAAc,CAACK,IAAI,CAACC,IAAI,CAACC,GAAG,EAAE,CAAC;IACpC,IAAI,IAAI,CAACP,cAAc,CAACQ,MAAM,IAAI,EAAE,EAAE;MACpC;MACA,MAAMC,SAAS,GAAG,IAAI,CAACT,cAAc,CAACU,KAAK,EAAY;MACvD,MAAMC,QAAQ,GAAG,IAAI,CAACX,cAAc,CAAC,IAAI,CAACA,cAAc,CAACQ,MAAM,GAAG,CAAC,CAAC;MACpEJ,GAAG,GAAIO,QAAQ,GAAGF,SAAS,GAAI,EAAE,GAAG,IAAI;IAC1C;IACA,OAAOL,GAAG;EACZ;EAEAQ,kBAAkB,GAAG;IACnB;IACA,OAAO,CAAC,CAAC,IAAI,CAACb,OAAO,CAACc,WAAW,IAAI,IAAAC,mBAAS,GAAE;EAClD;EAEQb,qBAAqB,CAACc,GAAW,EAAE;IACzC,IAAI,IAAI,CAAChB,OAAO,CAACiB,SAAS,EAAE;MAC1B,IAAI,IAAI,CAACb,mBAAmB,EAAE,EAAE;QAC9B,MAAMc,KAAK,GAAG,IAAIC,oBAAY,CAAC,+BAA+B,CAAC;QAC/D,IAAI,CAACpB,YAAY,CAACqB,SAAS,CAACF,KAAK,CAAC;MACpC,CAAC,MAAM;QACL,IAAI,CAACnB,YAAY,CAACsB,KAAK,CAACL,GAAG,CAAC,CAACM,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;MAChD;IACF,CAAC,MAAM,IAAI,IAAI,CAACtB,OAAO,CAACuB,UAAU,EAAE;MAClC,IAAI,CAACxB,YAAY,CAACyB,MAAM,CAACR,GAAG,CAAC;IAC/B;EACF;EAEAS,QAAQ,GAAG;IACT,OAAQ,CAAC,CAAC,IAAI,CAACzB,OAAO,CAACiB,SAAS,IAAI,CAAC,CAAC,IAAI,CAACjB,OAAO,CAACuB,UAAU;EAC/D;EAEA,MAAMG,KAAK,GAAG;IACZ,IAAI,IAAI,CAACD,QAAQ,EAAE,EAAE;MACnB,MAAM,IAAI,CAACE,IAAI,EAAE;MACjB,IAAI,CAAC5B,YAAY,CAAC6B,EAAE,CAACC,oBAAa,EAAE,IAAI,CAAC3B,qBAAqB,CAAC;MAC/D,IAAI,CAAC4B,OAAO,GAAG,IAAI;IACrB;EACF;EAEA,MAAMH,IAAI,GAAG;IACX,IAAI,IAAI,CAACG,OAAO,EAAE;MAChB,IAAI,CAAC/B,YAAY,CAACgC,GAAG,CAACF,oBAAa,EAAE,IAAI,CAAC3B,qBAAqB,CAAC;MAChE,IAAI,CAACD,cAAc,GAAG,EAAE;MACxB,IAAI,CAAC6B,OAAO,GAAG,KAAK;IACtB;EACF;EAEAE,SAAS,GAAG;IACV,OAAO,IAAI,CAACF,OAAO;EACrB;AACF;AAAC"}
1
+ {"version":3,"file":"AutoRenewService.js","names":["AutoRenewService","constructor","tokenManager","options","renewTimeQueue","onTokenExpiredHandler","bind","shouldThrottleRenew","res","push","Date","now","length","firstTime","shift","lastTime","requiresLeadership","syncStorage","isBrowser","processExpiredTokens","tokenStorage","getStorage","tokens","Object","keys","forEach","key","token","isRefreshToken","hasExpired","autoRenew","error","AuthSdkError","emitError","renew","catch","autoRemove","remove","canStart","started","start","on","EVENT_EXPIRED","isStarted","stop","off"],"sources":["../../../lib/services/AutoRenewService.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../errors';\nimport { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport { EVENT_EXPIRED, TokenManagerInterface, isRefreshToken } from '../oidc/types';\nimport { isBrowser } from '../features';\n\nexport class AutoRenewService implements ServiceInterface {\n private tokenManager: TokenManagerInterface;\n private options: ServiceManagerOptions;\n private renewTimeQueue: Array<number>;\n private started = false;\n\n constructor(tokenManager: TokenManagerInterface, options: ServiceManagerOptions = {}) {\n this.tokenManager = tokenManager;\n this.options = options;\n this.renewTimeQueue = [];\n this.onTokenExpiredHandler = this.onTokenExpiredHandler.bind(this);\n }\n \n private shouldThrottleRenew(): boolean {\n let res = false;\n this.renewTimeQueue.push(Date.now());\n if (this.renewTimeQueue.length >= 10) {\n // get and remove first item from queue\n const firstTime = this.renewTimeQueue.shift() as number;\n const lastTime = this.renewTimeQueue[this.renewTimeQueue.length - 1];\n res = (lastTime - firstTime) < 30 * 1000;\n }\n return res;\n }\n\n requiresLeadership() {\n // If tokens sync storage is enabled, handle tokens expiration only in 1 leader tab\n return !!this.options.syncStorage && isBrowser();\n }\n\n private processExpiredTokens() {\n const tokenStorage = this.tokenManager.getStorage();\n const tokens = tokenStorage.getStorage();\n Object.keys(tokens).forEach(key => {\n const token = tokens[key];\n if (!isRefreshToken(token) && this.tokenManager.hasExpired(token)) {\n this.onTokenExpiredHandler(key);\n }\n });\n }\n\n private onTokenExpiredHandler(key: string) {\n if (this.options.autoRenew) {\n if (this.shouldThrottleRenew()) {\n const error = new AuthSdkError('Too many token renew requests');\n this.tokenManager.emitError(error);\n } else {\n this.tokenManager.renew(key).catch(() => {}); // Renew errors will emit an \"error\" event \n }\n } else if (this.options.autoRemove) {\n this.tokenManager.remove(key);\n }\n }\n\n canStart() {\n return (!!this.options.autoRenew || !!this.options.autoRemove) && !this.started;\n }\n\n async start() {\n if (this.canStart()) {\n this.tokenManager.on(EVENT_EXPIRED, this.onTokenExpiredHandler);\n if (this.tokenManager.isStarted()) {\n // If token manager has been already started, we could miss token expire events,\n // so need to process expired tokens manually.\n this.processExpiredTokens();\n }\n this.started = true;\n }\n }\n\n async stop() {\n if (this.started) {\n this.tokenManager.off(EVENT_EXPIRED, this.onTokenExpiredHandler);\n this.renewTimeQueue = [];\n this.started = false;\n }\n }\n\n isStarted() {\n return this.started;\n }\n}\n"],"mappings":";;;;;AAaA;AAEA;AACA;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAQO,MAAMA,gBAAgB,CAA6B;EAMxDC,WAAW,CAACC,YAAmC,EAAEC,OAA8B,GAAG,CAAC,CAAC,EAAE;IAAA,+CAFpE,KAAK;IAGrB,IAAI,CAACD,YAAY,GAAGA,YAAY;IAChC,IAAI,CAACC,OAAO,GAAGA,OAAO;IACtB,IAAI,CAACC,cAAc,GAAG,EAAE;IACxB,IAAI,CAACC,qBAAqB,GAAG,IAAI,CAACA,qBAAqB,CAACC,IAAI,CAAC,IAAI,CAAC;EACpE;EAEQC,mBAAmB,GAAY;IACrC,IAAIC,GAAG,GAAG,KAAK;IACf,IAAI,CAACJ,cAAc,CAACK,IAAI,CAACC,IAAI,CAACC,GAAG,EAAE,CAAC;IACpC,IAAI,IAAI,CAACP,cAAc,CAACQ,MAAM,IAAI,EAAE,EAAE;MACpC;MACA,MAAMC,SAAS,GAAG,IAAI,CAACT,cAAc,CAACU,KAAK,EAAY;MACvD,MAAMC,QAAQ,GAAG,IAAI,CAACX,cAAc,CAAC,IAAI,CAACA,cAAc,CAACQ,MAAM,GAAG,CAAC,CAAC;MACpEJ,GAAG,GAAIO,QAAQ,GAAGF,SAAS,GAAI,EAAE,GAAG,IAAI;IAC1C;IACA,OAAOL,GAAG;EACZ;EAEAQ,kBAAkB,GAAG;IACnB;IACA,OAAO,CAAC,CAAC,IAAI,CAACb,OAAO,CAACc,WAAW,IAAI,IAAAC,mBAAS,GAAE;EAClD;EAEQC,oBAAoB,GAAG;IAC7B,MAAMC,YAAY,GAAG,IAAI,CAAClB,YAAY,CAACmB,UAAU,EAAE;IACnD,MAAMC,MAAM,GAAGF,YAAY,CAACC,UAAU,EAAE;IACxCE,MAAM,CAACC,IAAI,CAACF,MAAM,CAAC,CAACG,OAAO,CAACC,GAAG,IAAI;MACjC,MAAMC,KAAK,GAAGL,MAAM,CAACI,GAAG,CAAC;MACzB,IAAI,CAAC,IAAAE,qBAAc,EAACD,KAAK,CAAC,IAAI,IAAI,CAACzB,YAAY,CAAC2B,UAAU,CAACF,KAAK,CAAC,EAAE;QACjE,IAAI,CAACtB,qBAAqB,CAACqB,GAAG,CAAC;MACjC;IACF,CAAC,CAAC;EACJ;EAEQrB,qBAAqB,CAACqB,GAAW,EAAE;IACzC,IAAI,IAAI,CAACvB,OAAO,CAAC2B,SAAS,EAAE;MAC1B,IAAI,IAAI,CAACvB,mBAAmB,EAAE,EAAE;QAC9B,MAAMwB,KAAK,GAAG,IAAIC,oBAAY,CAAC,+BAA+B,CAAC;QAC/D,IAAI,CAAC9B,YAAY,CAAC+B,SAAS,CAACF,KAAK,CAAC;MACpC,CAAC,MAAM;QACL,IAAI,CAAC7B,YAAY,CAACgC,KAAK,CAACR,GAAG,CAAC,CAACS,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;MAChD;IACF,CAAC,MAAM,IAAI,IAAI,CAAChC,OAAO,CAACiC,UAAU,EAAE;MAClC,IAAI,CAAClC,YAAY,CAACmC,MAAM,CAACX,GAAG,CAAC;IAC/B;EACF;EAEAY,QAAQ,GAAG;IACT,OAAO,CAAC,CAAC,CAAC,IAAI,CAACnC,OAAO,CAAC2B,SAAS,IAAI,CAAC,CAAC,IAAI,CAAC3B,OAAO,CAACiC,UAAU,KAAK,CAAC,IAAI,CAACG,OAAO;EACjF;EAEA,MAAMC,KAAK,GAAG;IACZ,IAAI,IAAI,CAACF,QAAQ,EAAE,EAAE;MACnB,IAAI,CAACpC,YAAY,CAACuC,EAAE,CAACC,oBAAa,EAAE,IAAI,CAACrC,qBAAqB,CAAC;MAC/D,IAAI,IAAI,CAACH,YAAY,CAACyC,SAAS,EAAE,EAAE;QACjC;QACA;QACA,IAAI,CAACxB,oBAAoB,EAAE;MAC7B;MACA,IAAI,CAACoB,OAAO,GAAG,IAAI;IACrB;EACF;EAEA,MAAMK,IAAI,GAAG;IACX,IAAI,IAAI,CAACL,OAAO,EAAE;MAChB,IAAI,CAACrC,YAAY,CAAC2C,GAAG,CAACH,oBAAa,EAAE,IAAI,CAACrC,qBAAqB,CAAC;MAChE,IAAI,CAACD,cAAc,GAAG,EAAE;MACxB,IAAI,CAACmC,OAAO,GAAG,KAAK;IACtB;EACF;EAEAI,SAAS,GAAG;IACV,OAAO,IAAI,CAACJ,OAAO;EACrB;AACF;AAAC"}
package/cjs/services/LeaderElectionService.js CHANGED
@@ -38,7 +38,6 @@ class LeaderElectionService {
38
38
  return !!((_this$elector2 = this.elector) !== null && _this$elector2 !== void 0 && _this$elector2.hasLeader);
39
39
  }
40
40
  async start() {
41
- await this.stop();
42
41
  if (this.canStart()) {
43
42
  const {
44
43
  electionChannelName
@@ -72,7 +71,7 @@ class LeaderElectionService {
72
71
  return this.started;
73
72
  }
74
73
  canStart() {
75
- return (0, _features.isBrowser)();
74
+ return (0, _features.isBrowser)() && !this.started;
76
75
  }
77
76
  }
78
77
  exports.LeaderElectionService = LeaderElectionService;
package/cjs/services/LeaderElectionService.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"LeaderElectionService.js","names":["LeaderElectionService","constructor","options","onLeaderDuplicate","bind","onLeader","isLeader","elector","hasLeader","start","stop","canStart","electionChannelName","channel","BroadcastChannel","createLeaderElection","onduplicate","awaitLeadership","then","started","die","undefined","postInternal","Promise","resolve","close","requiresLeadership","isStarted","isBrowser"],"sources":["../../../lib/services/LeaderElectionService.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport {\n BroadcastChannel,\n createLeaderElection,\n LeaderElector\n} from 'broadcast-channel';\nimport { isBrowser } from '../features';\n\ndeclare type OnLeaderHandler = (() => Promise<void>);\ndeclare type ServiceOptions = ServiceManagerOptions & {\n onLeader?: OnLeaderHandler;\n};\n\nexport class LeaderElectionService implements ServiceInterface {\n private options: ServiceOptions;\n private channel?: BroadcastChannel;\n private elector?: LeaderElector;\n private started = false;\n\n constructor(options: ServiceOptions = {}) {\n this.options = options;\n this.onLeaderDuplicate = this.onLeaderDuplicate.bind(this);\n this.onLeader = this.onLeader.bind(this);\n }\n\n private onLeaderDuplicate() {\n }\n\n private async onLeader() {\n await this.options.onLeader?.();\n }\n\n isLeader() {\n return !!this.elector?.isLeader;\n }\n\n hasLeader() {\n return !!this.elector?.hasLeader;\n }\n\n async start() {\n await this.stop();\n if (this.canStart()) {\n const { electionChannelName } = this.options;\n this.channel = new BroadcastChannel(electionChannelName as string);\n this.elector = createLeaderElection(this.channel);\n this.elector.onduplicate = this.onLeaderDuplicate;\n this.elector.awaitLeadership().then(this.onLeader);\n this.started = true;\n }\n }\n\n async stop() {\n if (this.started) {\n if (this.elector) {\n await this.elector.die();\n this.elector = undefined;\n }\n if (this.channel) {\n // Workaround to fix error `Failed to execute 'postMessage' on 'BroadcastChannel': Channel is closed`\n (this.channel as any).postInternal = () => Promise.resolve();\n await this.channel.close();\n this.channel = undefined;\n }\n this.started = false;\n }\n }\n\n requiresLeadership() {\n return false;\n }\n\n isStarted() {\n return this.started;\n }\n\n canStart() {\n return isBrowser();\n }\n\n}\n"],"mappings":";;;;;AAcA;AAKA;AAnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAgBO,MAAMA,qBAAqB,CAA6B;EAM7DC,WAAW,CAACC,OAAuB,GAAG,CAAC,CAAC,EAAE;IAAA,+CAFxB,KAAK;IAGrB,IAAI,CAACA,OAAO,GAAGA,OAAO;IACtB,IAAI,CAACC,iBAAiB,GAAG,IAAI,CAACA,iBAAiB,CAACC,IAAI,CAAC,IAAI,CAAC;IAC1D,IAAI,CAACC,QAAQ,GAAG,IAAI,CAACA,QAAQ,CAACD,IAAI,CAAC,IAAI,CAAC;EAC1C;EAEQD,iBAAiB,GAAG,CAC5B;EAEA,MAAcE,QAAQ,GAAG;IAAA;IACvB,gCAAM,qBAAI,CAACH,OAAO,EAACG,QAAQ,0DAArB,yCAAyB;EACjC;EAEAC,QAAQ,GAAG;IAAA;IACT,OAAO,CAAC,mBAAC,IAAI,CAACC,OAAO,0CAAZ,cAAcD,QAAQ;EACjC;EAEAE,SAAS,GAAG;IAAA;IACV,OAAO,CAAC,oBAAC,IAAI,CAACD,OAAO,2CAAZ,eAAcC,SAAS;EAClC;EAEA,MAAMC,KAAK,GAAG;IACZ,MAAM,IAAI,CAACC,IAAI,EAAE;IACjB,IAAI,IAAI,CAACC,QAAQ,EAAE,EAAE;MACnB,MAAM;QAAEC;MAAoB,CAAC,GAAG,IAAI,CAACV,OAAO;MAC5C,IAAI,CAACW,OAAO,GAAG,IAAIC,kCAAgB,CAACF,mBAAmB,CAAW;MAClE,IAAI,CAACL,OAAO,GAAG,IAAAQ,sCAAoB,EAAC,IAAI,CAACF,OAAO,CAAC;MACjD,IAAI,CAACN,OAAO,CAACS,WAAW,GAAG,IAAI,CAACb,iBAAiB;MACjD,IAAI,CAACI,OAAO,CAACU,eAAe,EAAE,CAACC,IAAI,CAAC,IAAI,CAACb,QAAQ,CAAC;MAClD,IAAI,CAACc,OAAO,GAAG,IAAI;IACrB;EACF;EAEA,MAAMT,IAAI,GAAG;IACX,IAAI,IAAI,CAACS,OAAO,EAAE;MAChB,IAAI,IAAI,CAACZ,OAAO,EAAE;QAChB,MAAM,IAAI,CAACA,OAAO,CAACa,GAAG,EAAE;QACxB,IAAI,CAACb,OAAO,GAAGc,SAAS;MAC1B;MACA,IAAI,IAAI,CAACR,OAAO,EAAE;QAChB;QACC,IAAI,CAACA,OAAO,CAASS,YAAY,GAAG,MAAMC,OAAO,CAACC,OAAO,EAAE;QAC5D,MAAM,IAAI,CAACX,OAAO,CAACY,KAAK,EAAE;QAC1B,IAAI,CAACZ,OAAO,GAAGQ,SAAS;MAC1B;MACA,IAAI,CAACF,OAAO,GAAG,KAAK;IACtB;EACF;EAEAO,kBAAkB,GAAG;IACnB,OAAO,KAAK;EACd;EAEAC,SAAS,GAAG;IACV,OAAO,IAAI,CAACR,OAAO;EACrB;EAEAR,QAAQ,GAAG;IACT,OAAO,IAAAiB,mBAAS,GAAE;EACpB;AAEF;AAAC"}
1
+ {"version":3,"file":"LeaderElectionService.js","names":["LeaderElectionService","constructor","options","onLeaderDuplicate","bind","onLeader","isLeader","elector","hasLeader","start","canStart","electionChannelName","channel","BroadcastChannel","createLeaderElection","onduplicate","awaitLeadership","then","started","stop","die","undefined","postInternal","Promise","resolve","close","requiresLeadership","isStarted","isBrowser"],"sources":["../../../lib/services/LeaderElectionService.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport {\n BroadcastChannel,\n createLeaderElection,\n LeaderElector\n} from 'broadcast-channel';\nimport { isBrowser } from '../features';\n\ndeclare type OnLeaderHandler = (() => Promise<void>);\ndeclare type ServiceOptions = ServiceManagerOptions & {\n onLeader?: OnLeaderHandler;\n};\n\nexport class LeaderElectionService implements ServiceInterface {\n private options: ServiceOptions;\n private channel?: BroadcastChannel;\n private elector?: LeaderElector;\n private started = false;\n\n constructor(options: ServiceOptions = {}) {\n this.options = options;\n this.onLeaderDuplicate = this.onLeaderDuplicate.bind(this);\n this.onLeader = this.onLeader.bind(this);\n }\n\n private onLeaderDuplicate() {\n }\n\n private async onLeader() {\n await this.options.onLeader?.();\n }\n\n isLeader() {\n return !!this.elector?.isLeader;\n }\n\n hasLeader() {\n return !!this.elector?.hasLeader;\n }\n\n async start() {\n if (this.canStart()) {\n const { electionChannelName } = this.options;\n this.channel = new BroadcastChannel(electionChannelName as string);\n this.elector = createLeaderElection(this.channel);\n this.elector.onduplicate = this.onLeaderDuplicate;\n this.elector.awaitLeadership().then(this.onLeader);\n this.started = true;\n }\n }\n\n async stop() {\n if (this.started) {\n if (this.elector) {\n await this.elector.die();\n this.elector = undefined;\n }\n if (this.channel) {\n // Workaround to fix error `Failed to execute 'postMessage' on 'BroadcastChannel': Channel is closed`\n (this.channel as any).postInternal = () => Promise.resolve();\n await this.channel.close();\n this.channel = undefined;\n }\n this.started = false;\n }\n }\n\n requiresLeadership() {\n return false;\n }\n\n isStarted() {\n return this.started;\n }\n\n canStart() {\n return isBrowser() && !this.started;\n }\n\n}\n"],"mappings":";;;;;AAcA;AAKA;AAnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAgBO,MAAMA,qBAAqB,CAA6B;EAM7DC,WAAW,CAACC,OAAuB,GAAG,CAAC,CAAC,EAAE;IAAA,+CAFxB,KAAK;IAGrB,IAAI,CAACA,OAAO,GAAGA,OAAO;IACtB,IAAI,CAACC,iBAAiB,GAAG,IAAI,CAACA,iBAAiB,CAACC,IAAI,CAAC,IAAI,CAAC;IAC1D,IAAI,CAACC,QAAQ,GAAG,IAAI,CAACA,QAAQ,CAACD,IAAI,CAAC,IAAI,CAAC;EAC1C;EAEQD,iBAAiB,GAAG,CAC5B;EAEA,MAAcE,QAAQ,GAAG;IAAA;IACvB,gCAAM,qBAAI,CAACH,OAAO,EAACG,QAAQ,0DAArB,yCAAyB;EACjC;EAEAC,QAAQ,GAAG;IAAA;IACT,OAAO,CAAC,mBAAC,IAAI,CAACC,OAAO,0CAAZ,cAAcD,QAAQ;EACjC;EAEAE,SAAS,GAAG;IAAA;IACV,OAAO,CAAC,oBAAC,IAAI,CAACD,OAAO,2CAAZ,eAAcC,SAAS;EAClC;EAEA,MAAMC,KAAK,GAAG;IACZ,IAAI,IAAI,CAACC,QAAQ,EAAE,EAAE;MACnB,MAAM;QAAEC;MAAoB,CAAC,GAAG,IAAI,CAACT,OAAO;MAC5C,IAAI,CAACU,OAAO,GAAG,IAAIC,kCAAgB,CAACF,mBAAmB,CAAW;MAClE,IAAI,CAACJ,OAAO,GAAG,IAAAO,sCAAoB,EAAC,IAAI,CAACF,OAAO,CAAC;MACjD,IAAI,CAACL,OAAO,CAACQ,WAAW,GAAG,IAAI,CAACZ,iBAAiB;MACjD,IAAI,CAACI,OAAO,CAACS,eAAe,EAAE,CAACC,IAAI,CAAC,IAAI,CAACZ,QAAQ,CAAC;MAClD,IAAI,CAACa,OAAO,GAAG,IAAI;IACrB;EACF;EAEA,MAAMC,IAAI,GAAG;IACX,IAAI,IAAI,CAACD,OAAO,EAAE;MAChB,IAAI,IAAI,CAACX,OAAO,EAAE;QAChB,MAAM,IAAI,CAACA,OAAO,CAACa,GAAG,EAAE;QACxB,IAAI,CAACb,OAAO,GAAGc,SAAS;MAC1B;MACA,IAAI,IAAI,CAACT,OAAO,EAAE;QAChB;QACC,IAAI,CAACA,OAAO,CAASU,YAAY,GAAG,MAAMC,OAAO,CAACC,OAAO,EAAE;QAC5D,MAAM,IAAI,CAACZ,OAAO,CAACa,KAAK,EAAE;QAC1B,IAAI,CAACb,OAAO,GAAGS,SAAS;MAC1B;MACA,IAAI,CAACH,OAAO,GAAG,KAAK;IACtB;EACF;EAEAQ,kBAAkB,GAAG;IACnB,OAAO,KAAK;EACd;EAEAC,SAAS,GAAG;IACV,OAAO,IAAI,CAACT,OAAO;EACrB;EAEAR,QAAQ,GAAG;IACT,OAAO,IAAAkB,mBAAS,GAAE,IAAI,CAAC,IAAI,CAACV,OAAO;EACrC;AAEF;AAAC"}
package/cjs/services/SyncStorageService.js CHANGED
@@ -38,13 +38,12 @@ class SyncStorageService {
38
38
  return this.started;
39
39
  }
40
40
  canStart() {
41
- return !!this.options.syncStorage && (0, _features.isBrowser)();
41
+ return !!this.options.syncStorage && (0, _features.isBrowser)() && !this.started;
42
42
  }
43
43
  async start() {
44
44
  if (!this.canStart()) {
45
45
  return;
46
46
  }
47
- await this.stop();
48
47
  const {
49
48
  syncChannelName
50
49
  } = this.options;