@okta/okta-auth-js 7.2.0 → 7.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +11 -0
- package/README.md +8 -3
- package/cjs/http/OktaUserAgent.js +2 -2
- package/cjs/myaccount/request.js +1 -3
- package/cjs/myaccount/request.js.map +1 -1
- package/cjs/oidc/mixin/index.js +4 -2
- package/cjs/oidc/mixin/index.js.map +1 -1
- package/cjs/oidc/types/api.js.map +1 -1
- package/cjs/services/AutoRenewService.js +1 -2
- package/cjs/services/AutoRenewService.js.map +1 -1
- package/cjs/services/LeaderElectionService.js +1 -2
- package/cjs/services/LeaderElectionService.js.map +1 -1
- package/cjs/services/SyncStorageService.js +1 -2
- package/cjs/services/SyncStorageService.js.map +1 -1
- package/cjs/session/mixin.js +2 -1
- package/cjs/session/mixin.js.map +1 -1
- package/cjs/session/types.js.map +1 -1
- package/cjs/storage/BaseStorageManager.js +1 -1
- package/cjs/storage/BaseStorageManager.js.map +1 -1
- package/dist/okta-auth-js.authn.min.analyzer.html +2 -2
- package/dist/okta-auth-js.authn.min.js +1 -1
- package/dist/okta-auth-js.authn.min.js.map +1 -1
- package/dist/okta-auth-js.core.min.analyzer.html +2 -2
- package/dist/okta-auth-js.core.min.js +1 -1
- package/dist/okta-auth-js.core.min.js.map +1 -1
- package/dist/okta-auth-js.idx.min.analyzer.html +2 -2
- package/dist/okta-auth-js.idx.min.js +1 -1
- package/dist/okta-auth-js.idx.min.js.map +1 -1
- package/dist/okta-auth-js.min.analyzer.html +2 -2
- package/dist/okta-auth-js.min.js +1 -1
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.myaccount.min.analyzer.html +2 -2
- package/dist/okta-auth-js.myaccount.min.js +1 -1
- package/dist/okta-auth-js.myaccount.min.js.map +1 -1
- package/esm/browser/http/OktaUserAgent.js +2 -2
- package/esm/browser/myaccount/request.js +1 -1
- package/esm/browser/myaccount/request.js.map +1 -1
- package/esm/browser/oidc/mixin/index.js +3 -1
- package/esm/browser/oidc/mixin/index.js.map +1 -1
- package/esm/browser/package.json +1 -1
- package/esm/browser/services/AutoRenewService.js +1 -2
- package/esm/browser/services/AutoRenewService.js.map +1 -1
- package/esm/browser/services/LeaderElectionService.js +1 -2
- package/esm/browser/services/LeaderElectionService.js.map +1 -1
- package/esm/browser/services/SyncStorageService.js +1 -2
- package/esm/browser/services/SyncStorageService.js.map +1 -1
- package/esm/browser/session/mixin.js +2 -1
- package/esm/browser/session/mixin.js.map +1 -1
- package/esm/browser/storage/BaseStorageManager.js +1 -1
- package/esm/browser/storage/BaseStorageManager.js.map +1 -1
- package/esm/node/http/OktaUserAgent.js +2 -2
- package/esm/node/myaccount/request.js +1 -1
- package/esm/node/myaccount/request.js.map +1 -1
- package/esm/node/oidc/mixin/index.js +3 -1
- package/esm/node/oidc/mixin/index.js.map +1 -1
- package/esm/node/package.json +1 -1
- package/esm/node/session/mixin.js +2 -1
- package/esm/node/session/mixin.js.map +1 -1
- package/esm/node/storage/BaseStorageManager.js +1 -1
- package/esm/node/storage/BaseStorageManager.js.map +1 -1
- package/package.json +7 -5
- package/types/lib/oidc/types/api.d.ts +1 -1
- package/types/lib/session/types.d.ts +1 -1
- package/umd/authn.js +1 -1
- package/umd/authn.js.map +1 -1
- package/umd/core.js +1 -1
- package/umd/core.js.map +1 -1
- package/umd/default.js +1 -1
- package/umd/default.js.map +1 -1
- package/umd/idx.js +1 -1
- package/umd/idx.js.map +1 -1
- package/umd/myaccount.js +1 -1
- package/umd/myaccount.js.map +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,16 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 7.3.0
|
|
4
|
+
|
|
5
|
+
### Features
|
|
6
|
+
|
|
7
|
+
- [#1404](https://github.com/okta/okta-auth-js/pull/1404) Adds `react-native` to `package.json`
|
|
8
|
+
- [#1395](https://github.com/okta/okta-auth-js/pull/1395) Changes resolve value of `closeSession()` and `signOut()` to boolean
|
|
9
|
+
|
|
10
|
+
### Fixes
|
|
11
|
+
|
|
12
|
+
- [#1398](https://github.com/okta/okta-auth-js/pull/1398) Fixes race condition in `LeaderElectionService` start
|
|
13
|
+
|
|
3
14
|
## 7.2.0
|
|
4
15
|
|
|
5
16
|
### Features
|
package/README.md
CHANGED
|
@@ -991,6 +991,7 @@ Signs the user out of their current [Okta session](https://developer.okta.com/do
|
|
|
991
991
|
* Will redirect to an Okta-hosted page before returning to your app.
|
|
992
992
|
* If a `postLogoutRedirectUri` has not been specified or configured, `window.location.origin` will be used as the return URI. This URI must be listed in the Okta application's [Login redirect URIs](#login-redirect-uris). If the URI is unknown or invalid the redirect will end on a 400 error page from Okta. This error will be visible to the user and cannot be handled by the app.
|
|
993
993
|
* Requires a valid ID token. If an ID token is not available, `signOut` will fallback to using the XHR-based [closeSession](#closesession) method. This method may fail to sign the user out if 3rd-party cookies have been blocked by the browser.
|
|
994
|
+
* If a fallback to [closeSession](#closesession) is used, `signOut()` returns a promise that resolves with the result of [closeSession](#closesession) (`true` if an existing Okta session have been closed or `false` if a session does not exist or has already been closed). Otherwise a promise resolves with `true`.
|
|
994
995
|
* For more information, see [Logout](https://developer.okta.com/docs/reference/api/oidc/#logout) in the OIDC API documentation.
|
|
995
996
|
|
|
996
997
|
`signOut` takes the following options:
|
|
@@ -1036,7 +1037,7 @@ authClient.signOut({
|
|
|
1036
1037
|
> :warning: This method requires access to [third party cookies](#third-party-cookies) <br>
|
|
1037
1038
|
> :hourglass: async
|
|
1038
1039
|
|
|
1039
|
-
Signs the user out of their current [Okta session](https://developer.okta.com/docs/api/resources/sessions) and clears all tokens stored locally in the `TokenManager`. This method is an XHR-based alternative to [signOut](#signout), which will redirect to Okta before returning to your application. Here are some points to consider when using this method:
|
|
1040
|
+
Signs the user out of their current [Okta session](https://developer.okta.com/docs/api/resources/sessions) and clears all tokens stored locally in the `TokenManager`. Returns a promise that resolves with `true` if an existing Okta session have been closed, or `false` if a session does not exist or has already been closed. This method is an XHR-based alternative to [signOut](#signout), which will redirect to Okta before returning to your application. Here are some points to consider when using this method:
|
|
1040
1041
|
|
|
1041
1042
|
* Executes in the background. The user will see not any change to `window.location`.
|
|
1042
1043
|
* The method will fail to sign the user out if 3rd-party cookies are blocked by the browser.
|
|
@@ -1047,8 +1048,12 @@ Signs the user out of their current [Okta session](https://developer.okta.com/do
|
|
|
1047
1048
|
```javascript
|
|
1048
1049
|
await authClient.revokeAccessToken(); // strongly recommended
|
|
1049
1050
|
authClient.closeSession()
|
|
1050
|
-
.then(() => {
|
|
1051
|
-
|
|
1051
|
+
.then((sessionClosed) => {
|
|
1052
|
+
if (sessionClosed) {
|
|
1053
|
+
window.location.reload(); // optional
|
|
1054
|
+
} else {
|
|
1055
|
+
// Session does not exist or has already been closed
|
|
1056
|
+
}
|
|
1052
1057
|
})
|
|
1053
1058
|
.catch(e => {
|
|
1054
1059
|
if (e.xhr && e.xhr.status === 429) {
|
|
@@ -20,7 +20,7 @@ var _features = require("../features");
|
|
|
20
20
|
class OktaUserAgent {
|
|
21
21
|
constructor() {
|
|
22
22
|
// add base sdk env
|
|
23
|
-
this.environments = [`okta-auth-js/${"7.
|
|
23
|
+
this.environments = [`okta-auth-js/${"7.3.0"}`];
|
|
24
24
|
}
|
|
25
25
|
addEnvironment(env) {
|
|
26
26
|
this.environments.push(env);
|
|
@@ -32,7 +32,7 @@ class OktaUserAgent {
|
|
|
32
32
|
};
|
|
33
33
|
}
|
|
34
34
|
getVersion() {
|
|
35
|
-
return "7.
|
|
35
|
+
return "7.3.0";
|
|
36
36
|
}
|
|
37
37
|
maybeAddNodeEnvironment() {
|
|
38
38
|
if ((0, _features.isBrowser)() || !process || !process.versions) {
|
package/cjs/myaccount/request.js
CHANGED
|
@@ -11,9 +11,7 @@ async function sendRequest(oktaAuth, options) {
|
|
|
11
11
|
accessToken: accessTokenObj
|
|
12
12
|
} = oktaAuth.tokenManager.getTokensSync();
|
|
13
13
|
const accessToken = options.accessToken || (accessTokenObj === null || accessTokenObj === void 0 ? void 0 : accessTokenObj.accessToken);
|
|
14
|
-
const
|
|
15
|
-
issuer
|
|
16
|
-
} = oktaAuth.options;
|
|
14
|
+
const issuer = oktaAuth.getIssuerOrigin();
|
|
17
15
|
const {
|
|
18
16
|
url,
|
|
19
17
|
method,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request.js","names":["sendRequest","oktaAuth","options","accessToken","accessTokenObj","tokenManager","getTokensSync","issuer","url","method","payload","requestUrl","startsWith","AuthSdkError","res","httpRequest","headers","args","map","EmailTransaction","EmailStatusTransaction","EmailChallengeTransaction","ProfileTransaction","ProfileSchemaTransaction","PhoneTransaction","PasswordTransaction","TransactionClass","transactionClassName","BaseTransaction","Array","isArray","item","generateRequestFnFromLinks","methodName","links","toLowerCase","link","self","href","hints","allow"],"sources":["../../../lib/myaccount/request.ts"],"sourcesContent":["import { \n BaseTransaction,\n EmailTransaction,\n EmailStatusTransaction,\n EmailChallengeTransaction,\n ProfileTransaction,\n ProfileSchemaTransaction,\n PhoneTransaction,\n PasswordTransaction\n} from './transactions';\nimport { httpRequest } from '../http';\nimport { AuthSdkError } from '../errors';\nimport { MyAccountRequestOptions as RequestOptions } from './types';\nimport { OktaAuthOAuthInterface } from '../oidc/types';\n\nexport type TransactionLink = {\n href: string;\n hints?: {\n allow?: string[];\n };\n}\n\ntype TransactionLinks = {\n self: TransactionLink;\n [property: string]: TransactionLink;\n}\n\ntype SendRequestOptions = RequestOptions & {\n url: string;\n method: string;\n transactionClassName?: string;\n}\n\n/* eslint-disable complexity */\nexport async function sendRequest<T extends BaseTransaction> (\n oktaAuth: OktaAuthOAuthInterface, \n options: SendRequestOptions\n): Promise<T | T[]> {\n const { \n accessToken: accessTokenObj\n } = oktaAuth.tokenManager.getTokensSync();\n \n const accessToken = options.accessToken || accessTokenObj?.accessToken;\n const
|
|
1
|
+
{"version":3,"file":"request.js","names":["sendRequest","oktaAuth","options","accessToken","accessTokenObj","tokenManager","getTokensSync","issuer","getIssuerOrigin","url","method","payload","requestUrl","startsWith","AuthSdkError","res","httpRequest","headers","args","map","EmailTransaction","EmailStatusTransaction","EmailChallengeTransaction","ProfileTransaction","ProfileSchemaTransaction","PhoneTransaction","PasswordTransaction","TransactionClass","transactionClassName","BaseTransaction","Array","isArray","item","generateRequestFnFromLinks","methodName","links","toLowerCase","link","self","href","hints","allow"],"sources":["../../../lib/myaccount/request.ts"],"sourcesContent":["import { \n BaseTransaction,\n EmailTransaction,\n EmailStatusTransaction,\n EmailChallengeTransaction,\n ProfileTransaction,\n ProfileSchemaTransaction,\n PhoneTransaction,\n PasswordTransaction\n} from './transactions';\nimport { httpRequest } from '../http';\nimport { AuthSdkError } from '../errors';\nimport { MyAccountRequestOptions as RequestOptions } from './types';\nimport { OktaAuthOAuthInterface } from '../oidc/types';\n\nexport type TransactionLink = {\n href: string;\n hints?: {\n allow?: string[];\n };\n}\n\ntype TransactionLinks = {\n self: TransactionLink;\n [property: string]: TransactionLink;\n}\n\ntype SendRequestOptions = RequestOptions & {\n url: string;\n method: string;\n transactionClassName?: string;\n}\n\n/* eslint-disable complexity */\nexport async function sendRequest<T extends BaseTransaction> (\n oktaAuth: OktaAuthOAuthInterface, \n options: SendRequestOptions\n): Promise<T | T[]> {\n const { \n accessToken: accessTokenObj\n } = oktaAuth.tokenManager.getTokensSync();\n \n const accessToken = options.accessToken || accessTokenObj?.accessToken;\n const issuer = oktaAuth.getIssuerOrigin();\n const { url, method, payload } = options;\n const requestUrl = url.startsWith(issuer!) ? url : `${issuer}${url}`;\n\n if (!accessToken) {\n throw new AuthSdkError('AccessToken is required to request MyAccount API endpoints.');\n }\n \n const res = await httpRequest(oktaAuth, {\n headers: { 'Accept': '*/*;okta-version=1.0.0' },\n accessToken,\n url: requestUrl,\n method,\n ...(payload && { args: payload })\n });\n\n const map = {\n EmailTransaction,\n EmailStatusTransaction,\n EmailChallengeTransaction,\n ProfileTransaction,\n ProfileSchemaTransaction,\n PhoneTransaction,\n PasswordTransaction\n };\n const TransactionClass = map[options.transactionClassName!] || BaseTransaction;\n\n if (Array.isArray(res)) {\n return res.map(item => new TransactionClass(oktaAuth, { \n res: item, \n accessToken\n }));\n }\n\n return new TransactionClass(oktaAuth, { \n res, \n accessToken\n });\n}\n/* eslint-enable complexity */\n\nexport type GenerateRequestFnFromLinksOptions = {\n oktaAuth: OktaAuthOAuthInterface;\n accessToken: string;\n methodName: string;\n links: TransactionLinks;\n transactionClassName?: string;\n}\n\ntype IRequestFnFromLinks = <T extends BaseTransaction>(payload?) => Promise<T | T[]>;\n\nexport function generateRequestFnFromLinks ({\n oktaAuth, \n accessToken,\n methodName,\n links,\n transactionClassName\n}: GenerateRequestFnFromLinksOptions): IRequestFnFromLinks {\n for (const method of ['GET', 'POST', 'PUT', 'DELETE']) {\n if (method.toLowerCase() === methodName) {\n const link = links.self;\n return (async (payload?) => sendRequest(oktaAuth, {\n accessToken,\n url: link.href,\n method,\n payload,\n transactionClassName\n }));\n }\n }\n \n const link = links[methodName];\n if (!link) {\n throw new AuthSdkError(`No link is found with methodName: ${methodName}`);\n }\n\n return (async (payload?) => sendRequest(oktaAuth, {\n accessToken,\n url: link.href,\n method: link.hints!.allow![0],\n payload,\n transactionClassName\n }));\n}\n"],"mappings":";;;;AAAA;AAUA;AACA;AAsBA;AACO,eAAeA,WAAW,CAC/BC,QAAgC,EAChCC,OAA2B,EACT;EAClB,MAAM;IACJC,WAAW,EAAEC;EACf,CAAC,GAAGH,QAAQ,CAACI,YAAY,CAACC,aAAa,EAAE;EAEzC,MAAMH,WAAW,GAAGD,OAAO,CAACC,WAAW,KAAIC,cAAc,aAAdA,cAAc,uBAAdA,cAAc,CAAED,WAAW;EACtE,MAAMI,MAAM,GAAGN,QAAQ,CAACO,eAAe,EAAE;EACzC,MAAM;IAAEC,GAAG;IAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAGT,OAAO;EACxC,MAAMU,UAAU,GAAGH,GAAG,CAACI,UAAU,CAACN,MAAM,CAAE,GAAGE,GAAG,GAAI,GAAEF,MAAO,GAAEE,GAAI,EAAC;EAEpE,IAAI,CAACN,WAAW,EAAE;IAChB,MAAM,IAAIW,oBAAY,CAAC,6DAA6D,CAAC;EACvF;EAEA,MAAMC,GAAG,GAAG,MAAM,IAAAC,iBAAW,EAACf,QAAQ,EAAE;IACtCgB,OAAO,EAAE;MAAE,QAAQ,EAAE;IAAyB,CAAC;IAC/Cd,WAAW;IACXM,GAAG,EAAEG,UAAU;IACfF,MAAM;IACN,IAAIC,OAAO,IAAI;MAAEO,IAAI,EAAEP;IAAQ,CAAC;EAClC,CAAC,CAAC;EAEF,MAAMQ,GAAG,GAAG;IACVC,gBAAgB,EAAhBA,8BAAgB;IAChBC,sBAAsB,EAAtBA,oCAAsB;IACtBC,yBAAyB,EAAzBA,uCAAyB;IACzBC,kBAAkB,EAAlBA,gCAAkB;IAClBC,wBAAwB,EAAxBA,sCAAwB;IACxBC,gBAAgB,EAAhBA,8BAAgB;IAChBC,mBAAmB,EAAnBA;EACF,CAAC;EACD,MAAMC,gBAAgB,GAAGR,GAAG,CAACjB,OAAO,CAAC0B,oBAAoB,CAAE,IAAIC,6BAAe;EAE9E,IAAIC,KAAK,CAACC,OAAO,CAAChB,GAAG,CAAC,EAAE;IACtB,OAAOA,GAAG,CAACI,GAAG,CAACa,IAAI,IAAI,IAAIL,gBAAgB,CAAC1B,QAAQ,EAAE;MACpDc,GAAG,EAAEiB,IAAI;MACT7B;IACF,CAAC,CAAC,CAAC;EACL;EAEA,OAAO,IAAIwB,gBAAgB,CAAC1B,QAAQ,EAAE;IACpCc,GAAG;IACHZ;EACF,CAAC,CAAC;AACJ;AACA;;AAYO,SAAS8B,0BAA0B,CAAE;EAC1ChC,QAAQ;EACRE,WAAW;EACX+B,UAAU;EACVC,KAAK;EACLP;AACiC,CAAC,EAAuB;EACzD,KAAK,MAAMlB,MAAM,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,CAAC,EAAE;IACrD,IAAIA,MAAM,CAAC0B,WAAW,EAAE,KAAKF,UAAU,EAAE;MACvC,MAAMG,IAAI,GAAGF,KAAK,CAACG,IAAI;MACvB,OAAQ,MAAO3B,OAAQ,IAAKX,WAAW,CAACC,QAAQ,EAAE;QAChDE,WAAW;QACXM,GAAG,EAAE4B,IAAI,CAACE,IAAI;QACd7B,MAAM;QACNC,OAAO;QACPiB;MACF,CAAC,CAAC;IACJ;EACF;EAEA,MAAMS,IAAI,GAAGF,KAAK,CAACD,UAAU,CAAC;EAC9B,IAAI,CAACG,IAAI,EAAE;IACT,MAAM,IAAIvB,oBAAY,CAAE,qCAAoCoB,UAAW,EAAC,CAAC;EAC3E;EAEA,OAAQ,MAAOvB,OAAQ,IAAKX,WAAW,CAACC,QAAQ,EAAE;IAChDE,WAAW;IACXM,GAAG,EAAE4B,IAAI,CAACE,IAAI;IACd7B,MAAM,EAAE2B,IAAI,CAACG,KAAK,CAAEC,KAAK,CAAE,CAAC,CAAC;IAC7B9B,OAAO;IACPiB;EACF,CAAC,CAAC;AACJ"}
|
package/cjs/oidc/mixin/index.js
CHANGED
|
@@ -235,7 +235,7 @@ function mixinOAuth(Base, TransactionManagerConstructor) {
|
|
|
235
235
|
}
|
|
236
236
|
|
|
237
237
|
// Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.
|
|
238
|
-
// eslint-disable-next-line complexity
|
|
238
|
+
// eslint-disable-next-line complexity, max-statements
|
|
239
239
|
async signOut(options) {
|
|
240
240
|
options = Object.assign({}, options);
|
|
241
241
|
|
|
@@ -271,12 +271,13 @@ function mixinOAuth(Base, TransactionManagerConstructor) {
|
|
|
271
271
|
if (!logoutUri) {
|
|
272
272
|
// local tokens are cleared once session is closed
|
|
273
273
|
return this.closeSession() // can throw if the user cannot be signed out
|
|
274
|
-
.then(function () {
|
|
274
|
+
.then(function (sessionClosed) {
|
|
275
275
|
if (postLogoutRedirectUri === currentUri) {
|
|
276
276
|
window.location.reload(); // force a hard reload if URI is not changing
|
|
277
277
|
} else {
|
|
278
278
|
window.location.assign(postLogoutRedirectUri);
|
|
279
279
|
}
|
|
280
|
+
return sessionClosed;
|
|
280
281
|
});
|
|
281
282
|
} else {
|
|
282
283
|
if (options.clearTokensBeforeRedirect) {
|
|
@@ -287,6 +288,7 @@ function mixinOAuth(Base, TransactionManagerConstructor) {
|
|
|
287
288
|
}
|
|
288
289
|
// Flow ends with logout redirect
|
|
289
290
|
window.location.assign(logoutUri);
|
|
291
|
+
return true;
|
|
290
292
|
}
|
|
291
293
|
}
|
|
292
294
|
}, (0, _defineProperty2.default)(_class, "crypto", crypto), _class;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":["mixinOAuth","Base","TransactionManagerConstructor","WithOriginalUri","provideOriginalUri","OktaAuthOAuth","constructor","args","transactionManager","Object","assign","storageManager","options","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","_pending","handleLogin","_tokenQueue","PromiseQueue","token","createTokenAPI","tokenManager","TokenManager","endpoints","createEndpoints","clearStorage","clear","isAuthenticated","autoRenew","autoRemove","getOptions","shouldRenew","onExpiredToken","shouldRemove","accessToken","getTokensSync","hasExpired","undefined","renew","remove","idToken","signInWithRedirect","opts","originalUri","additionalParams","setOriginalUri","params","scopes","getWithRedirect","getUser","getUserInfo","getIdToken","getAccessToken","getRefreshToken","refreshToken","storeTokensFromRedirect","tokens","responseType","parseFromUrl","setTokens","isLoginRedirect","isPKCE","hasResponseType","Array","isArray","length","indexOf","isAuthorizationCodeFlow","invokeApiMethod","getTokens","httpRequest","revokeAccessToken","accessTokenKey","getStorageKeyByType","Promise","resolve","revoke","revokeRefreshToken","refreshTokenKey","getSignOutRedirectUrl","postLogoutRedirectUri","state","logoutUrl","getOAuthUrls","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","window","location","origin","currentUri","href","closeSession","then","reload","clearTokensBeforeRedirect","addPendingRemoveFlags","crypto"],"sources":["../../../../lib/oidc/mixin/index.ts"],"sourcesContent":["import { httpRequest, RequestOptions } from '../../http';\nimport { OktaAuthConstructor } from '../../base/types';\nimport { \n PromiseQueue,\n} from '../../util';\nimport { CryptoAPI } from '../../crypto/types';\nimport * as crypto from '../../crypto';\nimport {\n AccessToken,\n CustomUserClaims,\n IDToken,\n IsAuthenticatedOptions,\n OAuthResponseType,\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n PkceAPI,\n PKCETransactionMeta,\n RefreshToken,\n SigninWithRedirectOptions,\n SignoutOptions,\n SignoutRedirectUrlOptions,\n TokenAPI,\n TransactionManagerInterface,\n TransactionManagerConstructor,\n UserClaims,\n Endpoints,\n} from '../types';\nimport PKCE from '../util/pkce';\nimport { createEndpoints, createTokenAPI } from '../factory';\nimport { TokenManager } from '../TokenManager';\nimport { getOAuthUrls, isLoginRedirect } from '../util';\n\nimport { OktaAuthSessionInterface } from '../../session/types';\nimport { provideOriginalUri } from './node';\nexport function mixinOAuth\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n = OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n>\n(\n Base: TBase,\n TransactionManagerConstructor: TransactionManagerConstructor<TM>,\n): TBase & OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n{\n const WithOriginalUri = provideOriginalUri(Base);\n return class OktaAuthOAuth extends WithOriginalUri\n implements OktaAuthOAuthInterface<M, S, O, TM>\n {\n static crypto: CryptoAPI = crypto;\n token: TokenAPI;\n tokenManager: TokenManager;\n transactionManager: TM;\n pkce: PkceAPI;\n endpoints: Endpoints;\n\n _pending: { handleLogin: boolean };\n _tokenQueue: PromiseQueue;\n \n constructor(...args: any[]) {\n super(...args);\n\n this.transactionManager = new TransactionManagerConstructor(Object.assign({\n storageManager: this.storageManager,\n }, this.options.transactionManager));\n \n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n \n this._pending = { handleLogin: false };\n\n this._tokenQueue = new PromiseQueue();\n\n this.token = createTokenAPI(this, this._tokenQueue);\n\n // TokenManager\n this.tokenManager = new TokenManager(this, this.options.tokenManager);\n\n this.endpoints = createEndpoints(this);\n }\n\n // inherited from subclass\n clearStorage(): void {\n super.clearStorage();\n \n // Clear all local tokens\n this.tokenManager.clear();\n }\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n // eslint-disable-next-line complexity\n async isAuthenticated(options: IsAuthenticatedOptions = {}): Promise<boolean> {\n // TODO: remove dependency on tokenManager options in next major version - OKTA-473815\n const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;\n const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;\n\n let { accessToken } = this.tokenManager.getTokensSync();\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = undefined;\n if (shouldRenew) {\n try {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n let { idToken } = this.tokenManager.getTokensSync();\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = undefined;\n if (shouldRenew) {\n try {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n\n async getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n \n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n \n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n \n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n \n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens, responseType } = await this.token.parseFromUrl();\n if (responseType !== 'none') {\n this.tokenManager.setTokens(tokens);\n }\n }\n \n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n \n hasResponseType(responseType: OAuthResponseType): boolean {\n let hasResponseType = false;\n if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = this.options.responseType === responseType;\n }\n return hasResponseType;\n }\n \n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // Escape hatch method to make arbitrary OKTA API call\n async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n if (!options.accessToken) {\n const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n options.accessToken = accessToken?.accessToken;\n }\n return httpRequest(this, options);\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n if (!accessToken) {\n accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n if (!refreshToken) {\n refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (!postLogoutRedirectUri) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n // eslint-disable-next-line complexity\n async signOut(options?: SignoutOptions): Promise<void> {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n var defaultUri = window.location.origin;\n var currentUri = window.location.href;\n var postLogoutRedirectUri = options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri;\n \n var accessToken = options.accessToken;\n var refreshToken = options.refreshToken;\n var revokeAccessToken = options.revokeAccessToken !== false;\n var revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n // local tokens are cleared once session is closed\n return this.closeSession() // can throw if the user cannot be signed out\n .then(function() {\n if (postLogoutRedirectUri === currentUri) {\n window.location.reload(); // force a hard reload if URI is not changing\n } else {\n window.location.assign(postLogoutRedirectUri);\n }\n });\n } else {\n if (options.clearTokensBeforeRedirect) {\n // Clear all local tokens\n this.tokenManager.clear();\n } else {\n this.tokenManager.addPendingRemoveFlags();\n }\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n }\n }\n\n };\n\n}\n"],"mappings":";;;;;AAAA;AAEA;AAIA;AAuBA;AACA;AACA;AACA;AAGA;AAA4C;AAAA;AACrC,SAASA,UAAU,CAUxBC,IAAW,EACXC,6BAAgE,EAElE;EAAA;EACE,MAAMC,eAAe,GAAG,IAAAC,wBAAkB,EAACH,IAAI,CAAC;EAChD,gBAAO,MAAMI,aAAa,SAASF,eAAe,CAElD;IAWEG,WAAW,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAGA,IAAI,CAAC;MAEd,IAAI,CAACC,kBAAkB,GAAG,IAAIN,6BAA6B,CAACO,MAAM,CAACC,MAAM,CAAC;QACxEC,cAAc,EAAE,IAAI,CAACA;MACvB,CAAC,EAAE,IAAI,CAACC,OAAO,CAACJ,kBAAkB,CAAC,CAAC;MAEpC,IAAI,CAACK,IAAI,GAAG;QACVC,6BAA6B,EAAEC,aAAI,CAACD,6BAA6B;QACjEE,gBAAgB,EAAED,aAAI,CAACC,gBAAgB;QACvCC,gBAAgB,EAAEF,aAAI,CAACE;MACzB,CAAC;MAED,IAAI,CAACC,QAAQ,GAAG;QAAEC,WAAW,EAAE;MAAM,CAAC;MAEtC,IAAI,CAACC,WAAW,GAAG,IAAIC,kBAAY,EAAE;MAErC,IAAI,CAACC,KAAK,GAAG,IAAAC,uBAAc,EAAC,IAAI,EAAE,IAAI,CAACH,WAAW,CAAC;;MAEnD;MACA,IAAI,CAACI,YAAY,GAAG,IAAIC,0BAAY,CAAC,IAAI,EAAE,IAAI,CAACb,OAAO,CAACY,YAAY,CAAC;MAErE,IAAI,CAACE,SAAS,GAAG,IAAAC,wBAAe,EAAC,IAAI,CAAC;IACxC;;IAEA;IACAC,YAAY,GAAS;MACnB,KAAK,CAACA,YAAY,EAAE;;MAEpB;MACA,IAAI,CAACJ,YAAY,CAACK,KAAK,EAAE;IAC3B;;IAEA;IACA;IACA;IACA,MAAMC,eAAe,CAAClB,OAA+B,GAAG,CAAC,CAAC,EAAoB;MAC5E;MACA,MAAM;QAAEmB,SAAS;QAAEC;MAAW,CAAC,GAAG,IAAI,CAACR,YAAY,CAACS,UAAU,EAAE;MAEhE,MAAMC,WAAW,GAAGtB,OAAO,CAACuB,cAAc,GAAGvB,OAAO,CAACuB,cAAc,KAAK,OAAO,GAAGJ,SAAS;MAC3F,MAAMK,YAAY,GAAGxB,OAAO,CAACuB,cAAc,GAAGvB,OAAO,CAACuB,cAAc,KAAK,QAAQ,GAAGH,UAAU;MAE9F,IAAI;QAAEK;MAAY,CAAC,GAAG,IAAI,CAACb,YAAY,CAACc,aAAa,EAAE;MACvD,IAAID,WAAW,IAAI,IAAI,CAACb,YAAY,CAACe,UAAU,CAACF,WAAW,CAAC,EAAE;QAC5DA,WAAW,GAAGG,SAAS;QACvB,IAAIN,WAAW,EAAE;UACf,IAAI;YACFG,WAAW,GAAG,MAAM,IAAI,CAACb,YAAY,CAACiB,KAAK,CAAC,aAAa,CAAgB;UAC3E,CAAC,CAAC,MAAM;YACN;UACF;QACF,CAAC,MAAM,IAAIL,YAAY,EAAE;UACvB,IAAI,CAACZ,YAAY,CAACkB,MAAM,CAAC,aAAa,CAAC;QACzC;MACF;MAEA,IAAI;QAAEC;MAAQ,CAAC,GAAG,IAAI,CAACnB,YAAY,CAACc,aAAa,EAAE;MACnD,IAAIK,OAAO,IAAI,IAAI,CAACnB,YAAY,CAACe,UAAU,CAACI,OAAO,CAAC,EAAE;QACpDA,OAAO,GAAGH,SAAS;QACnB,IAAIN,WAAW,EAAE;UACf,IAAI;YACFS,OAAO,GAAG,MAAM,IAAI,CAACnB,YAAY,CAACiB,KAAK,CAAC,SAAS,CAAY;UAC/D,CAAC,CAAC,MAAM;YACN;UACF;QACF,CAAC,MAAM,IAAIL,YAAY,EAAE;UACvB,IAAI,CAACZ,YAAY,CAACkB,MAAM,CAAC,SAAS,CAAC;QACrC;MACF;MAEA,OAAO,CAAC,EAAEL,WAAW,IAAIM,OAAO,CAAC;IACnC;IAGA,MAAMC,kBAAkB,CAACC,IAA+B,GAAG,CAAC,CAAC,EAAE;MAC7D,MAAM;QAAEC,WAAW;QAAE,GAAGC;MAAiB,CAAC,GAAGF,IAAI;MACjD,IAAG,IAAI,CAAC3B,QAAQ,CAACC,WAAW,EAAE;QAC5B;QACA;MACF;MAEA,IAAI,CAACD,QAAQ,CAACC,WAAW,GAAG,IAAI;MAChC,IAAI;QACF;QACA,IAAI2B,WAAW,EAAE;UACf,IAAI,CAACE,cAAc,CAACF,WAAW,CAAC;QAClC;QACA,MAAMG,MAAM,GAAGxC,MAAM,CAACC,MAAM,CAAC;UAC3B;UACAwC,MAAM,EAAE,IAAI,CAACtC,OAAO,CAACsC,MAAM,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS;QAC9D,CAAC,EAAEH,gBAAgB,CAAC;QACpB,MAAM,IAAI,CAACzB,KAAK,CAAC6B,eAAe,CAACF,MAAM,CAAC;MAC1C,CAAC,SAAS;QACR,IAAI,CAAC/B,QAAQ,CAACC,WAAW,GAAG,KAAK;MACnC;IACF;IAEA,MAAMiC,OAAO,GAA0E;MACrF,MAAM;QAAET,OAAO;QAAEN;MAAY,CAAC,GAAG,IAAI,CAACb,YAAY,CAACc,aAAa,EAAE;MAClE,OAAO,IAAI,CAAChB,KAAK,CAAC+B,WAAW,CAAChB,WAAW,EAAEM,OAAO,CAAC;IACrD;IAEAW,UAAU,GAAuB;MAC/B,MAAM;QAAEX;MAAQ,CAAC,GAAG,IAAI,CAACnB,YAAY,CAACc,aAAa,EAAE;MACrD,OAAOK,OAAO,GAAGA,OAAO,CAACA,OAAO,GAAGH,SAAS;IAC9C;IAEAe,cAAc,GAAuB;MACnC,MAAM;QAAElB;MAAY,CAAC,GAAG,IAAI,CAACb,YAAY,CAACc,aAAa,EAAE;MACzD,OAAOD,WAAW,GAAGA,WAAW,CAACA,WAAW,GAAGG,SAAS;IAC1D;IAEAgB,eAAe,GAAuB;MACpC,MAAM;QAAEC;MAAa,CAAC,GAAG,IAAI,CAACjC,YAAY,CAACc,aAAa,EAAE;MAC1D,OAAOmB,YAAY,GAAGA,YAAY,CAACA,YAAY,GAAGjB,SAAS;IAC7D;;IAEA;AACJ;AACA;IACI,MAAMkB,uBAAuB,GAAkB;MAC7C,MAAM;QAAEC,MAAM;QAAEC;MAAa,CAAC,GAAG,MAAM,IAAI,CAACtC,KAAK,CAACuC,YAAY,EAAE;MAChE,IAAID,YAAY,KAAK,MAAM,EAAE;QAC3B,IAAI,CAACpC,YAAY,CAACsC,SAAS,CAACH,MAAM,CAAC;MACrC;IACF;IAEAI,eAAe,GAAY;MACzB,OAAO,IAAAA,sBAAe,EAAC,IAAI,CAAC;IAC9B;IAEAC,MAAM,GAAY;MAChB,OAAO,CAAC,CAAC,IAAI,CAACpD,OAAO,CAACC,IAAI;IAC5B;IAEAoD,eAAe,CAACL,YAA+B,EAAW;MACxD,IAAIK,eAAe,GAAG,KAAK;MAC3B,IAAIC,KAAK,CAACC,OAAO,CAAC,IAAI,CAACvD,OAAO,CAACgD,YAAY,CAAC,IAAI,IAAI,CAAChD,OAAO,CAACgD,YAAY,CAACQ,MAAM,EAAE;QAChFH,eAAe,GAAG,IAAI,CAACrD,OAAO,CAACgD,YAAY,CAACS,OAAO,CAACT,YAAY,CAAC,IAAI,CAAC;MACxE,CAAC,MAAM;QACLK,eAAe,GAAG,IAAI,CAACrD,OAAO,CAACgD,YAAY,KAAKA,YAAY;MAC9D;MACA,OAAOK,eAAe;IACxB;IAEAK,uBAAuB,GAAY;MACjC,OAAO,IAAI,CAACL,eAAe,CAAC,MAAM,CAAC;IACrC;;IAEA;IACA,MAAMM,eAAe,CAAC3D,OAAuB,EAAoB;MAC/D,IAAI,CAACA,OAAO,CAACyB,WAAW,EAAE;QACxB,MAAMA,WAAW,GAAG,CAAC,MAAM,IAAI,CAACb,YAAY,CAACgD,SAAS,EAAE,EAAEnC,WAA0B;QACpFzB,OAAO,CAACyB,WAAW,GAAGA,WAAW,aAAXA,WAAW,uBAAXA,WAAW,CAAEA,WAAW;MAChD;MACA,OAAO,IAAAoC,iBAAW,EAAC,IAAI,EAAE7D,OAAO,CAAC;IACnC;;IAEA;IACA,MAAM8D,iBAAiB,CAACrC,WAAyB,EAAoB;MACnE,IAAI,CAACA,WAAW,EAAE;QAChBA,WAAW,GAAG,CAAC,MAAM,IAAI,CAACb,YAAY,CAACgD,SAAS,EAAE,EAAEnC,WAA0B;QAC9E,MAAMsC,cAAc,GAAG,IAAI,CAACnD,YAAY,CAACoD,mBAAmB,CAAC,aAAa,CAAC;QAC3E,IAAI,CAACpD,YAAY,CAACkB,MAAM,CAACiC,cAAc,CAAC;MAC1C;MACA;MACA,IAAI,CAACtC,WAAW,EAAE;QAChB,OAAOwC,OAAO,CAACC,OAAO,CAAC,IAAI,CAAC;MAC9B;MACA,OAAO,IAAI,CAACxD,KAAK,CAACyD,MAAM,CAAC1C,WAAW,CAAC;IACvC;;IAEA;IACA,MAAM2C,kBAAkB,CAACvB,YAA2B,EAAoB;MACtE,IAAI,CAACA,YAAY,EAAE;QACjBA,YAAY,GAAG,CAAC,MAAM,IAAI,CAACjC,YAAY,CAACgD,SAAS,EAAE,EAAEf,YAA4B;QACjF,MAAMwB,eAAe,GAAG,IAAI,CAACzD,YAAY,CAACoD,mBAAmB,CAAC,cAAc,CAAC;QAC7E,IAAI,CAACpD,YAAY,CAACkB,MAAM,CAACuC,eAAe,CAAC;MAC3C;MACA;MACA,IAAI,CAACxB,YAAY,EAAE;QACjB,OAAOoB,OAAO,CAACC,OAAO,CAAC,IAAI,CAAC;MAC9B;MACA,OAAO,IAAI,CAACxD,KAAK,CAACyD,MAAM,CAACtB,YAAY,CAAC;IACxC;IAEAyB,qBAAqB,CAACtE,OAAkC,GAAG,CAAC,CAAC,EAAE;MAC7D,IAAI;QACF+B,OAAO;QACPwC,qBAAqB;QACrBC;MACF,CAAC,GAAGxE,OAAO;MACX,IAAI,CAAC+B,OAAO,EAAE;QACZA,OAAO,GAAG,IAAI,CAACnB,YAAY,CAACc,aAAa,EAAE,CAACK,OAAkB;MAChE;MACA,IAAI,CAACA,OAAO,EAAE;QACZ,OAAO,EAAE;MACX;MACA,IAAI,CAACwC,qBAAqB,EAAE;QAC1BA,qBAAqB,GAAG,IAAI,CAACvE,OAAO,CAACuE,qBAAqB;MAC5D;MAEA,MAAME,SAAS,GAAG,IAAAC,mBAAY,EAAC,IAAI,CAAC,CAACD,SAAS;MAC9C,MAAME,WAAW,GAAG5C,OAAO,CAACA,OAAO,CAAC,CAAC;MACrC,IAAI6C,SAAS,GAAGH,SAAS,GAAG,iBAAiB,GAAGI,kBAAkB,CAACF,WAAW,CAAC;MAC/E,IAAIJ,qBAAqB,EAAE;QACzBK,SAAS,IAAI,4BAA4B,GAAGC,kBAAkB,CAACN,qBAAqB,CAAC;MACvF;MACA;MACA,IAAIC,KAAK,EAAE;QACTI,SAAS,IAAI,SAAS,GAAGC,kBAAkB,CAACL,KAAK,CAAC;MACpD;MAEA,OAAOI,SAAS;IAClB;;IAEA;IACA;IACA,MAAME,OAAO,CAAC9E,OAAwB,EAAiB;MACrDA,OAAO,GAAGH,MAAM,CAACC,MAAM,CAAC,CAAC,CAAC,EAAEE,OAAO,CAAC;;MAEpC;MACA,IAAI+E,UAAU,GAAGC,MAAM,CAACC,QAAQ,CAACC,MAAM;MACvC,IAAIC,UAAU,GAAGH,MAAM,CAACC,QAAQ,CAACG,IAAI;MACrC,IAAIb,qBAAqB,GAAGvE,OAAO,CAACuE,qBAAqB,IACpD,IAAI,CAACvE,OAAO,CAACuE,qBAAqB,IAClCQ,UAAU;MAEf,IAAItD,WAAW,GAAGzB,OAAO,CAACyB,WAAW;MACrC,IAAIoB,YAAY,GAAG7C,OAAO,CAAC6C,YAAY;MACvC,IAAIiB,iBAAiB,GAAG9D,OAAO,CAAC8D,iBAAiB,KAAK,KAAK;MAC3D,IAAIM,kBAAkB,GAAGpE,OAAO,CAACoE,kBAAkB,KAAK,KAAK;MAE7D,IAAIA,kBAAkB,IAAI,OAAOvB,YAAY,KAAK,WAAW,EAAE;QAC7DA,YAAY,GAAG,IAAI,CAACjC,YAAY,CAACc,aAAa,EAAE,CAACmB,YAA4B;MAC/E;MAEA,IAAIiB,iBAAiB,IAAI,OAAOrC,WAAW,KAAK,WAAW,EAAE;QAC3DA,WAAW,GAAG,IAAI,CAACb,YAAY,CAACc,aAAa,EAAE,CAACD,WAA0B;MAC5E;MAEA,IAAI,CAACzB,OAAO,CAAC+B,OAAO,EAAE;QACpB/B,OAAO,CAAC+B,OAAO,GAAG,IAAI,CAACnB,YAAY,CAACc,aAAa,EAAE,CAACK,OAAkB;MACxE;MAEA,IAAIqC,kBAAkB,IAAIvB,YAAY,EAAE;QACtC,MAAM,IAAI,CAACuB,kBAAkB,CAACvB,YAAY,CAAC;MAC7C;MAEA,IAAIiB,iBAAiB,IAAIrC,WAAW,EAAE;QACpC,MAAM,IAAI,CAACqC,iBAAiB,CAACrC,WAAW,CAAC;MAC3C;MAEA,MAAMmD,SAAS,GAAG,IAAI,CAACN,qBAAqB,CAAC;QAAE,GAAGtE,OAAO;QAAEuE;MAAsB,CAAC,CAAC;MACnF;MACA;MACA,IAAI,CAACK,SAAS,EAAE;QACd;QACA,OAAO,IAAI,CAACS,YAAY,EAAE,CAAC;QAAA,CAC1BC,IAAI,CAAC,YAAW;UACf,IAAIf,qBAAqB,KAAKY,UAAU,EAAE;YACxCH,MAAM,CAACC,QAAQ,CAACM,MAAM,EAAE,CAAC,CAAC;UAC5B,CAAC,MAAM;YACLP,MAAM,CAACC,QAAQ,CAACnF,MAAM,CAACyE,qBAAqB,CAAC;UAC/C;QACF,CAAC,CAAC;MACJ,CAAC,MAAM;QACL,IAAIvE,OAAO,CAACwF,yBAAyB,EAAE;UACrC;UACA,IAAI,CAAC5E,YAAY,CAACK,KAAK,EAAE;QAC3B,CAAC,MAAM;UACL,IAAI,CAACL,YAAY,CAAC6E,qBAAqB,EAAE;QAC3C;QACA;QACAT,MAAM,CAACC,QAAQ,CAACnF,MAAM,CAAC8E,SAAS,CAAC;MACnC;IACF;EAEF,CAAC,kDAjS4Bc,MAAM;AAmSrC"}
|
|
1
|
+
{"version":3,"file":"index.js","names":["mixinOAuth","Base","TransactionManagerConstructor","WithOriginalUri","provideOriginalUri","OktaAuthOAuth","constructor","args","transactionManager","Object","assign","storageManager","options","pkce","DEFAULT_CODE_CHALLENGE_METHOD","PKCE","generateVerifier","computeChallenge","_pending","handleLogin","_tokenQueue","PromiseQueue","token","createTokenAPI","tokenManager","TokenManager","endpoints","createEndpoints","clearStorage","clear","isAuthenticated","autoRenew","autoRemove","getOptions","shouldRenew","onExpiredToken","shouldRemove","accessToken","getTokensSync","hasExpired","undefined","renew","remove","idToken","signInWithRedirect","opts","originalUri","additionalParams","setOriginalUri","params","scopes","getWithRedirect","getUser","getUserInfo","getIdToken","getAccessToken","getRefreshToken","refreshToken","storeTokensFromRedirect","tokens","responseType","parseFromUrl","setTokens","isLoginRedirect","isPKCE","hasResponseType","Array","isArray","length","indexOf","isAuthorizationCodeFlow","invokeApiMethod","getTokens","httpRequest","revokeAccessToken","accessTokenKey","getStorageKeyByType","Promise","resolve","revoke","revokeRefreshToken","refreshTokenKey","getSignOutRedirectUrl","postLogoutRedirectUri","state","logoutUrl","getOAuthUrls","idTokenHint","logoutUri","encodeURIComponent","signOut","defaultUri","window","location","origin","currentUri","href","closeSession","then","sessionClosed","reload","clearTokensBeforeRedirect","addPendingRemoveFlags","crypto"],"sources":["../../../../lib/oidc/mixin/index.ts"],"sourcesContent":["import { httpRequest, RequestOptions } from '../../http';\nimport { OktaAuthConstructor } from '../../base/types';\nimport { \n PromiseQueue,\n} from '../../util';\nimport { CryptoAPI } from '../../crypto/types';\nimport * as crypto from '../../crypto';\nimport {\n AccessToken,\n CustomUserClaims,\n IDToken,\n IsAuthenticatedOptions,\n OAuthResponseType,\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n PkceAPI,\n PKCETransactionMeta,\n RefreshToken,\n SigninWithRedirectOptions,\n SignoutOptions,\n SignoutRedirectUrlOptions,\n TokenAPI,\n TransactionManagerInterface,\n TransactionManagerConstructor,\n UserClaims,\n Endpoints,\n} from '../types';\nimport PKCE from '../util/pkce';\nimport { createEndpoints, createTokenAPI } from '../factory';\nimport { TokenManager } from '../TokenManager';\nimport { getOAuthUrls, isLoginRedirect } from '../util';\n\nimport { OktaAuthSessionInterface } from '../../session/types';\nimport { provideOriginalUri } from './node';\nexport function mixinOAuth\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n = OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n>\n(\n Base: TBase,\n TransactionManagerConstructor: TransactionManagerConstructor<TM>,\n): TBase & OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n{\n const WithOriginalUri = provideOriginalUri(Base);\n return class OktaAuthOAuth extends WithOriginalUri\n implements OktaAuthOAuthInterface<M, S, O, TM>\n {\n static crypto: CryptoAPI = crypto;\n token: TokenAPI;\n tokenManager: TokenManager;\n transactionManager: TM;\n pkce: PkceAPI;\n endpoints: Endpoints;\n\n _pending: { handleLogin: boolean };\n _tokenQueue: PromiseQueue;\n \n constructor(...args: any[]) {\n super(...args);\n\n this.transactionManager = new TransactionManagerConstructor(Object.assign({\n storageManager: this.storageManager,\n }, this.options.transactionManager));\n \n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n \n this._pending = { handleLogin: false };\n\n this._tokenQueue = new PromiseQueue();\n\n this.token = createTokenAPI(this, this._tokenQueue);\n\n // TokenManager\n this.tokenManager = new TokenManager(this, this.options.tokenManager);\n\n this.endpoints = createEndpoints(this);\n }\n\n // inherited from subclass\n clearStorage(): void {\n super.clearStorage();\n \n // Clear all local tokens\n this.tokenManager.clear();\n }\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n // eslint-disable-next-line complexity\n async isAuthenticated(options: IsAuthenticatedOptions = {}): Promise<boolean> {\n // TODO: remove dependency on tokenManager options in next major version - OKTA-473815\n const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;\n const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;\n\n let { accessToken } = this.tokenManager.getTokensSync();\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = undefined;\n if (shouldRenew) {\n try {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n let { idToken } = this.tokenManager.getTokensSync();\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = undefined;\n if (shouldRenew) {\n try {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n\n async getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n \n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n \n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n \n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n \n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens, responseType } = await this.token.parseFromUrl();\n if (responseType !== 'none') {\n this.tokenManager.setTokens(tokens);\n }\n }\n \n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n \n hasResponseType(responseType: OAuthResponseType): boolean {\n let hasResponseType = false;\n if (Array.isArray(this.options.responseType) && this.options.responseType.length) {\n hasResponseType = this.options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = this.options.responseType === responseType;\n }\n return hasResponseType;\n }\n \n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // Escape hatch method to make arbitrary OKTA API call\n async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n if (!options.accessToken) {\n const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n options.accessToken = accessToken?.accessToken;\n }\n return httpRequest(this, options);\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n if (!accessToken) {\n accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n if (!refreshToken) {\n refreshToken = (await this.tokenManager.getTokens()).refreshToken as RefreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (!postLogoutRedirectUri) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n // eslint-disable-next-line complexity, max-statements\n async signOut(options?: SignoutOptions): Promise<boolean> {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n var defaultUri = window.location.origin;\n var currentUri = window.location.href;\n var postLogoutRedirectUri = options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri;\n \n var accessToken = options.accessToken;\n var refreshToken = options.refreshToken;\n var revokeAccessToken = options.revokeAccessToken !== false;\n var revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n // local tokens are cleared once session is closed\n return this.closeSession() // can throw if the user cannot be signed out\n .then(function(sessionClosed) {\n if (postLogoutRedirectUri === currentUri) {\n window.location.reload(); // force a hard reload if URI is not changing\n } else {\n window.location.assign(postLogoutRedirectUri);\n }\n return sessionClosed;\n });\n } else {\n if (options.clearTokensBeforeRedirect) {\n // Clear all local tokens\n this.tokenManager.clear();\n } else {\n this.tokenManager.addPendingRemoveFlags();\n }\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n return true;\n }\n }\n\n };\n\n}\n"],"mappings":";;;;;AAAA;AAEA;AAIA;AAuBA;AACA;AACA;AACA;AAGA;AAA4C;AAAA;AACrC,SAASA,UAAU,CAUxBC,IAAW,EACXC,6BAAgE,EAElE;EAAA;EACE,MAAMC,eAAe,GAAG,IAAAC,wBAAkB,EAACH,IAAI,CAAC;EAChD,gBAAO,MAAMI,aAAa,SAASF,eAAe,CAElD;IAWEG,WAAW,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAGA,IAAI,CAAC;MAEd,IAAI,CAACC,kBAAkB,GAAG,IAAIN,6BAA6B,CAACO,MAAM,CAACC,MAAM,CAAC;QACxEC,cAAc,EAAE,IAAI,CAACA;MACvB,CAAC,EAAE,IAAI,CAACC,OAAO,CAACJ,kBAAkB,CAAC,CAAC;MAEpC,IAAI,CAACK,IAAI,GAAG;QACVC,6BAA6B,EAAEC,aAAI,CAACD,6BAA6B;QACjEE,gBAAgB,EAAED,aAAI,CAACC,gBAAgB;QACvCC,gBAAgB,EAAEF,aAAI,CAACE;MACzB,CAAC;MAED,IAAI,CAACC,QAAQ,GAAG;QAAEC,WAAW,EAAE;MAAM,CAAC;MAEtC,IAAI,CAACC,WAAW,GAAG,IAAIC,kBAAY,EAAE;MAErC,IAAI,CAACC,KAAK,GAAG,IAAAC,uBAAc,EAAC,IAAI,EAAE,IAAI,CAACH,WAAW,CAAC;;MAEnD;MACA,IAAI,CAACI,YAAY,GAAG,IAAIC,0BAAY,CAAC,IAAI,EAAE,IAAI,CAACb,OAAO,CAACY,YAAY,CAAC;MAErE,IAAI,CAACE,SAAS,GAAG,IAAAC,wBAAe,EAAC,IAAI,CAAC;IACxC;;IAEA;IACAC,YAAY,GAAS;MACnB,KAAK,CAACA,YAAY,EAAE;;MAEpB;MACA,IAAI,CAACJ,YAAY,CAACK,KAAK,EAAE;IAC3B;;IAEA;IACA;IACA;IACA,MAAMC,eAAe,CAAClB,OAA+B,GAAG,CAAC,CAAC,EAAoB;MAC5E;MACA,MAAM;QAAEmB,SAAS;QAAEC;MAAW,CAAC,GAAG,IAAI,CAACR,YAAY,CAACS,UAAU,EAAE;MAEhE,MAAMC,WAAW,GAAGtB,OAAO,CAACuB,cAAc,GAAGvB,OAAO,CAACuB,cAAc,KAAK,OAAO,GAAGJ,SAAS;MAC3F,MAAMK,YAAY,GAAGxB,OAAO,CAACuB,cAAc,GAAGvB,OAAO,CAACuB,cAAc,KAAK,QAAQ,GAAGH,UAAU;MAE9F,IAAI;QAAEK;MAAY,CAAC,GAAG,IAAI,CAACb,YAAY,CAACc,aAAa,EAAE;MACvD,IAAID,WAAW,IAAI,IAAI,CAACb,YAAY,CAACe,UAAU,CAACF,WAAW,CAAC,EAAE;QAC5DA,WAAW,GAAGG,SAAS;QACvB,IAAIN,WAAW,EAAE;UACf,IAAI;YACFG,WAAW,GAAG,MAAM,IAAI,CAACb,YAAY,CAACiB,KAAK,CAAC,aAAa,CAAgB;UAC3E,CAAC,CAAC,MAAM;YACN;UACF;QACF,CAAC,MAAM,IAAIL,YAAY,EAAE;UACvB,IAAI,CAACZ,YAAY,CAACkB,MAAM,CAAC,aAAa,CAAC;QACzC;MACF;MAEA,IAAI;QAAEC;MAAQ,CAAC,GAAG,IAAI,CAACnB,YAAY,CAACc,aAAa,EAAE;MACnD,IAAIK,OAAO,IAAI,IAAI,CAACnB,YAAY,CAACe,UAAU,CAACI,OAAO,CAAC,EAAE;QACpDA,OAAO,GAAGH,SAAS;QACnB,IAAIN,WAAW,EAAE;UACf,IAAI;YACFS,OAAO,GAAG,MAAM,IAAI,CAACnB,YAAY,CAACiB,KAAK,CAAC,SAAS,CAAY;UAC/D,CAAC,CAAC,MAAM;YACN;UACF;QACF,CAAC,MAAM,IAAIL,YAAY,EAAE;UACvB,IAAI,CAACZ,YAAY,CAACkB,MAAM,CAAC,SAAS,CAAC;QACrC;MACF;MAEA,OAAO,CAAC,EAAEL,WAAW,IAAIM,OAAO,CAAC;IACnC;IAGA,MAAMC,kBAAkB,CAACC,IAA+B,GAAG,CAAC,CAAC,EAAE;MAC7D,MAAM;QAAEC,WAAW;QAAE,GAAGC;MAAiB,CAAC,GAAGF,IAAI;MACjD,IAAG,IAAI,CAAC3B,QAAQ,CAACC,WAAW,EAAE;QAC5B;QACA;MACF;MAEA,IAAI,CAACD,QAAQ,CAACC,WAAW,GAAG,IAAI;MAChC,IAAI;QACF;QACA,IAAI2B,WAAW,EAAE;UACf,IAAI,CAACE,cAAc,CAACF,WAAW,CAAC;QAClC;QACA,MAAMG,MAAM,GAAGxC,MAAM,CAACC,MAAM,CAAC;UAC3B;UACAwC,MAAM,EAAE,IAAI,CAACtC,OAAO,CAACsC,MAAM,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS;QAC9D,CAAC,EAAEH,gBAAgB,CAAC;QACpB,MAAM,IAAI,CAACzB,KAAK,CAAC6B,eAAe,CAACF,MAAM,CAAC;MAC1C,CAAC,SAAS;QACR,IAAI,CAAC/B,QAAQ,CAACC,WAAW,GAAG,KAAK;MACnC;IACF;IAEA,MAAMiC,OAAO,GAA0E;MACrF,MAAM;QAAET,OAAO;QAAEN;MAAY,CAAC,GAAG,IAAI,CAACb,YAAY,CAACc,aAAa,EAAE;MAClE,OAAO,IAAI,CAAChB,KAAK,CAAC+B,WAAW,CAAChB,WAAW,EAAEM,OAAO,CAAC;IACrD;IAEAW,UAAU,GAAuB;MAC/B,MAAM;QAAEX;MAAQ,CAAC,GAAG,IAAI,CAACnB,YAAY,CAACc,aAAa,EAAE;MACrD,OAAOK,OAAO,GAAGA,OAAO,CAACA,OAAO,GAAGH,SAAS;IAC9C;IAEAe,cAAc,GAAuB;MACnC,MAAM;QAAElB;MAAY,CAAC,GAAG,IAAI,CAACb,YAAY,CAACc,aAAa,EAAE;MACzD,OAAOD,WAAW,GAAGA,WAAW,CAACA,WAAW,GAAGG,SAAS;IAC1D;IAEAgB,eAAe,GAAuB;MACpC,MAAM;QAAEC;MAAa,CAAC,GAAG,IAAI,CAACjC,YAAY,CAACc,aAAa,EAAE;MAC1D,OAAOmB,YAAY,GAAGA,YAAY,CAACA,YAAY,GAAGjB,SAAS;IAC7D;;IAEA;AACJ;AACA;IACI,MAAMkB,uBAAuB,GAAkB;MAC7C,MAAM;QAAEC,MAAM;QAAEC;MAAa,CAAC,GAAG,MAAM,IAAI,CAACtC,KAAK,CAACuC,YAAY,EAAE;MAChE,IAAID,YAAY,KAAK,MAAM,EAAE;QAC3B,IAAI,CAACpC,YAAY,CAACsC,SAAS,CAACH,MAAM,CAAC;MACrC;IACF;IAEAI,eAAe,GAAY;MACzB,OAAO,IAAAA,sBAAe,EAAC,IAAI,CAAC;IAC9B;IAEAC,MAAM,GAAY;MAChB,OAAO,CAAC,CAAC,IAAI,CAACpD,OAAO,CAACC,IAAI;IAC5B;IAEAoD,eAAe,CAACL,YAA+B,EAAW;MACxD,IAAIK,eAAe,GAAG,KAAK;MAC3B,IAAIC,KAAK,CAACC,OAAO,CAAC,IAAI,CAACvD,OAAO,CAACgD,YAAY,CAAC,IAAI,IAAI,CAAChD,OAAO,CAACgD,YAAY,CAACQ,MAAM,EAAE;QAChFH,eAAe,GAAG,IAAI,CAACrD,OAAO,CAACgD,YAAY,CAACS,OAAO,CAACT,YAAY,CAAC,IAAI,CAAC;MACxE,CAAC,MAAM;QACLK,eAAe,GAAG,IAAI,CAACrD,OAAO,CAACgD,YAAY,KAAKA,YAAY;MAC9D;MACA,OAAOK,eAAe;IACxB;IAEAK,uBAAuB,GAAY;MACjC,OAAO,IAAI,CAACL,eAAe,CAAC,MAAM,CAAC;IACrC;;IAEA;IACA,MAAMM,eAAe,CAAC3D,OAAuB,EAAoB;MAC/D,IAAI,CAACA,OAAO,CAACyB,WAAW,EAAE;QACxB,MAAMA,WAAW,GAAG,CAAC,MAAM,IAAI,CAACb,YAAY,CAACgD,SAAS,EAAE,EAAEnC,WAA0B;QACpFzB,OAAO,CAACyB,WAAW,GAAGA,WAAW,aAAXA,WAAW,uBAAXA,WAAW,CAAEA,WAAW;MAChD;MACA,OAAO,IAAAoC,iBAAW,EAAC,IAAI,EAAE7D,OAAO,CAAC;IACnC;;IAEA;IACA,MAAM8D,iBAAiB,CAACrC,WAAyB,EAAoB;MACnE,IAAI,CAACA,WAAW,EAAE;QAChBA,WAAW,GAAG,CAAC,MAAM,IAAI,CAACb,YAAY,CAACgD,SAAS,EAAE,EAAEnC,WAA0B;QAC9E,MAAMsC,cAAc,GAAG,IAAI,CAACnD,YAAY,CAACoD,mBAAmB,CAAC,aAAa,CAAC;QAC3E,IAAI,CAACpD,YAAY,CAACkB,MAAM,CAACiC,cAAc,CAAC;MAC1C;MACA;MACA,IAAI,CAACtC,WAAW,EAAE;QAChB,OAAOwC,OAAO,CAACC,OAAO,CAAC,IAAI,CAAC;MAC9B;MACA,OAAO,IAAI,CAACxD,KAAK,CAACyD,MAAM,CAAC1C,WAAW,CAAC;IACvC;;IAEA;IACA,MAAM2C,kBAAkB,CAACvB,YAA2B,EAAoB;MACtE,IAAI,CAACA,YAAY,EAAE;QACjBA,YAAY,GAAG,CAAC,MAAM,IAAI,CAACjC,YAAY,CAACgD,SAAS,EAAE,EAAEf,YAA4B;QACjF,MAAMwB,eAAe,GAAG,IAAI,CAACzD,YAAY,CAACoD,mBAAmB,CAAC,cAAc,CAAC;QAC7E,IAAI,CAACpD,YAAY,CAACkB,MAAM,CAACuC,eAAe,CAAC;MAC3C;MACA;MACA,IAAI,CAACxB,YAAY,EAAE;QACjB,OAAOoB,OAAO,CAACC,OAAO,CAAC,IAAI,CAAC;MAC9B;MACA,OAAO,IAAI,CAACxD,KAAK,CAACyD,MAAM,CAACtB,YAAY,CAAC;IACxC;IAEAyB,qBAAqB,CAACtE,OAAkC,GAAG,CAAC,CAAC,EAAE;MAC7D,IAAI;QACF+B,OAAO;QACPwC,qBAAqB;QACrBC;MACF,CAAC,GAAGxE,OAAO;MACX,IAAI,CAAC+B,OAAO,EAAE;QACZA,OAAO,GAAG,IAAI,CAACnB,YAAY,CAACc,aAAa,EAAE,CAACK,OAAkB;MAChE;MACA,IAAI,CAACA,OAAO,EAAE;QACZ,OAAO,EAAE;MACX;MACA,IAAI,CAACwC,qBAAqB,EAAE;QAC1BA,qBAAqB,GAAG,IAAI,CAACvE,OAAO,CAACuE,qBAAqB;MAC5D;MAEA,MAAME,SAAS,GAAG,IAAAC,mBAAY,EAAC,IAAI,CAAC,CAACD,SAAS;MAC9C,MAAME,WAAW,GAAG5C,OAAO,CAACA,OAAO,CAAC,CAAC;MACrC,IAAI6C,SAAS,GAAGH,SAAS,GAAG,iBAAiB,GAAGI,kBAAkB,CAACF,WAAW,CAAC;MAC/E,IAAIJ,qBAAqB,EAAE;QACzBK,SAAS,IAAI,4BAA4B,GAAGC,kBAAkB,CAACN,qBAAqB,CAAC;MACvF;MACA;MACA,IAAIC,KAAK,EAAE;QACTI,SAAS,IAAI,SAAS,GAAGC,kBAAkB,CAACL,KAAK,CAAC;MACpD;MAEA,OAAOI,SAAS;IAClB;;IAEA;IACA;IACA,MAAME,OAAO,CAAC9E,OAAwB,EAAoB;MACxDA,OAAO,GAAGH,MAAM,CAACC,MAAM,CAAC,CAAC,CAAC,EAAEE,OAAO,CAAC;;MAEpC;MACA,IAAI+E,UAAU,GAAGC,MAAM,CAACC,QAAQ,CAACC,MAAM;MACvC,IAAIC,UAAU,GAAGH,MAAM,CAACC,QAAQ,CAACG,IAAI;MACrC,IAAIb,qBAAqB,GAAGvE,OAAO,CAACuE,qBAAqB,IACpD,IAAI,CAACvE,OAAO,CAACuE,qBAAqB,IAClCQ,UAAU;MAEf,IAAItD,WAAW,GAAGzB,OAAO,CAACyB,WAAW;MACrC,IAAIoB,YAAY,GAAG7C,OAAO,CAAC6C,YAAY;MACvC,IAAIiB,iBAAiB,GAAG9D,OAAO,CAAC8D,iBAAiB,KAAK,KAAK;MAC3D,IAAIM,kBAAkB,GAAGpE,OAAO,CAACoE,kBAAkB,KAAK,KAAK;MAE7D,IAAIA,kBAAkB,IAAI,OAAOvB,YAAY,KAAK,WAAW,EAAE;QAC7DA,YAAY,GAAG,IAAI,CAACjC,YAAY,CAACc,aAAa,EAAE,CAACmB,YAA4B;MAC/E;MAEA,IAAIiB,iBAAiB,IAAI,OAAOrC,WAAW,KAAK,WAAW,EAAE;QAC3DA,WAAW,GAAG,IAAI,CAACb,YAAY,CAACc,aAAa,EAAE,CAACD,WAA0B;MAC5E;MAEA,IAAI,CAACzB,OAAO,CAAC+B,OAAO,EAAE;QACpB/B,OAAO,CAAC+B,OAAO,GAAG,IAAI,CAACnB,YAAY,CAACc,aAAa,EAAE,CAACK,OAAkB;MACxE;MAEA,IAAIqC,kBAAkB,IAAIvB,YAAY,EAAE;QACtC,MAAM,IAAI,CAACuB,kBAAkB,CAACvB,YAAY,CAAC;MAC7C;MAEA,IAAIiB,iBAAiB,IAAIrC,WAAW,EAAE;QACpC,MAAM,IAAI,CAACqC,iBAAiB,CAACrC,WAAW,CAAC;MAC3C;MAEA,MAAMmD,SAAS,GAAG,IAAI,CAACN,qBAAqB,CAAC;QAAE,GAAGtE,OAAO;QAAEuE;MAAsB,CAAC,CAAC;MACnF;MACA;MACA,IAAI,CAACK,SAAS,EAAE;QACd;QACA,OAAO,IAAI,CAACS,YAAY,EAAE,CAAC;QAAA,CAC1BC,IAAI,CAAC,UAASC,aAAa,EAAE;UAC5B,IAAIhB,qBAAqB,KAAKY,UAAU,EAAE;YACxCH,MAAM,CAACC,QAAQ,CAACO,MAAM,EAAE,CAAC,CAAC;UAC5B,CAAC,MAAM;YACLR,MAAM,CAACC,QAAQ,CAACnF,MAAM,CAACyE,qBAAqB,CAAC;UAC/C;UACA,OAAOgB,aAAa;QACtB,CAAC,CAAC;MACJ,CAAC,MAAM;QACL,IAAIvF,OAAO,CAACyF,yBAAyB,EAAE;UACrC;UACA,IAAI,CAAC7E,YAAY,CAACK,KAAK,EAAE;QAC3B,CAAC,MAAM;UACL,IAAI,CAACL,YAAY,CAAC8E,qBAAqB,EAAE;QAC3C;QACA;QACAV,MAAM,CAACC,QAAQ,CAACnF,MAAM,CAAC8E,SAAS,CAAC;QACjC,OAAO,IAAI;MACb;IACF;EAEF,CAAC,kDAnS4Be,MAAM;AAqSrC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"api.js","names":[],"sources":["../../../../lib/oidc/types/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { JWTObject } from './JWT';\nimport { OAuthTransactionMeta, PKCETransactionMeta } from './meta';\nimport { CustomUrls, OktaAuthOAuthOptions, SigninWithRedirectOptions, TokenParams } from './options';\nimport { OAuthResponseType } from './proto';\nimport { OAuthStorageManagerInterface } from './storage';\nimport { AccessToken, IDToken, RefreshToken, RevocableToken, Token, Tokens } from './Token';\nimport { TokenManagerInterface } from './TokenManager';\nimport { CustomUserClaims, UserClaims } from './UserClaims';\nimport { TransactionManagerInterface } from './TransactionManager';\nimport { OktaAuthSessionInterface } from '../../session/types';\nimport { Endpoints } from './endpoints';\n\nexport interface PopupParams {\n popupTitle?: string;\n popupWindow?: Window;\n}\n\nexport interface TokenResponse {\n tokens: Tokens;\n state: string;\n code?: string;\n responseType?: OAuthResponseType | OAuthResponseType[] | 'none';\n}\n\nexport interface ParseFromUrlOptions {\n url?: string;\n responseMode?: string;\n}\n\nexport type ParseFromUrlFunction = (options?: string | ParseFromUrlOptions) => Promise<TokenResponse>;\n\nexport interface ParseFromUrlInterface extends ParseFromUrlFunction {\n _getDocument: () => Document;\n _getLocation: () => Location;\n _getHistory: () => History;\n}\n\nexport type GetWithRedirectFunction = (params?: TokenParams) => Promise<void>;\n\nexport type SetLocationFunction = (loc: string) => void;\n\nexport interface BaseTokenAPI {\n decode(token: string): JWTObject;\n prepareTokenParams(params?: TokenParams): Promise<TokenParams>;\n exchangeCodeForTokens(params: TokenParams, urls?: CustomUrls): Promise<TokenResponse>;\n}\n\nexport interface TokenAPI extends BaseTokenAPI {\n getUserInfo<S extends CustomUserClaims = CustomUserClaims>(\n accessToken?: AccessToken,\n idToken?: IDToken\n ): Promise<UserClaims<S>>;\n getWithRedirect: GetWithRedirectFunction;\n parseFromUrl: ParseFromUrlInterface;\n getWithoutPrompt(params?: TokenParams): Promise<TokenResponse>;\n getWithPopup(params?: TokenParams): Promise<TokenResponse>;\n revoke(token: RevocableToken): Promise<object>;\n renew(token: Token): Promise<Token | undefined>;\n renewTokens(options?: TokenParams): Promise<Tokens>;\n renewTokensWithRefresh(tokenParams: TokenParams, refreshTokenObject: RefreshToken): Promise<Tokens>;\n verify(token: IDToken, params?: object): Promise<IDToken>;\n isLoginRedirect(): boolean;\n}\n\nexport interface TokenVerifyParams {\n clientId: string;\n issuer: string;\n ignoreSignature?: boolean;\n nonce?: string;\n accessToken?: string; // raw access token string\n acrValues?: string;\n}\n\nexport interface IDTokenAPI {\n authorize: {\n _getLocationHref: () => string;\n };\n}\n\nexport interface PkceAPI {\n DEFAULT_CODE_CHALLENGE_METHOD: string;\n generateVerifier(prefix: string): string;\n computeChallenge(str: string): PromiseLike<any>;\n}\n\nexport interface IsAuthenticatedOptions {\n onExpiredToken?: 'renew' | 'remove' | 'none';\n}\n\nexport interface SignoutRedirectUrlOptions {\n postLogoutRedirectUri?: string;\n idToken?: IDToken;\n state?: string;\n}\n\nexport interface SignoutOptions extends SignoutRedirectUrlOptions {\n revokeAccessToken?: boolean;\n revokeRefreshToken?: boolean;\n accessToken?: AccessToken;\n refreshToken?: RefreshToken;\n clearTokensBeforeRedirect?: boolean;\n}\n\nexport interface OriginalUriApi {\n getOriginalUri(state?: string): string | undefined;\n setOriginalUri(originalUri: string, state?: string): void;\n removeOriginalUri(state?: string): void;\n}\n\nexport interface OktaAuthOAuthInterface\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface\n> \n extends OktaAuthSessionInterface<S, O>,\n OriginalUriApi\n{\n token: TokenAPI;\n tokenManager: TokenManagerInterface;\n pkce: PkceAPI;\n transactionManager: TM;\n endpoints: Endpoints;\n \n isPKCE(): boolean;\n getIdToken(): string | undefined;\n getAccessToken(): string | undefined;\n getRefreshToken(): string | undefined;\n\n isAuthenticated(options?: IsAuthenticatedOptions): Promise<boolean>;\n signOut(opts?: SignoutOptions): Promise<
|
|
1
|
+
{"version":3,"file":"api.js","names":[],"sources":["../../../../lib/oidc/types/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { JWTObject } from './JWT';\nimport { OAuthTransactionMeta, PKCETransactionMeta } from './meta';\nimport { CustomUrls, OktaAuthOAuthOptions, SigninWithRedirectOptions, TokenParams } from './options';\nimport { OAuthResponseType } from './proto';\nimport { OAuthStorageManagerInterface } from './storage';\nimport { AccessToken, IDToken, RefreshToken, RevocableToken, Token, Tokens } from './Token';\nimport { TokenManagerInterface } from './TokenManager';\nimport { CustomUserClaims, UserClaims } from './UserClaims';\nimport { TransactionManagerInterface } from './TransactionManager';\nimport { OktaAuthSessionInterface } from '../../session/types';\nimport { Endpoints } from './endpoints';\n\nexport interface PopupParams {\n popupTitle?: string;\n popupWindow?: Window;\n}\n\nexport interface TokenResponse {\n tokens: Tokens;\n state: string;\n code?: string;\n responseType?: OAuthResponseType | OAuthResponseType[] | 'none';\n}\n\nexport interface ParseFromUrlOptions {\n url?: string;\n responseMode?: string;\n}\n\nexport type ParseFromUrlFunction = (options?: string | ParseFromUrlOptions) => Promise<TokenResponse>;\n\nexport interface ParseFromUrlInterface extends ParseFromUrlFunction {\n _getDocument: () => Document;\n _getLocation: () => Location;\n _getHistory: () => History;\n}\n\nexport type GetWithRedirectFunction = (params?: TokenParams) => Promise<void>;\n\nexport type SetLocationFunction = (loc: string) => void;\n\nexport interface BaseTokenAPI {\n decode(token: string): JWTObject;\n prepareTokenParams(params?: TokenParams): Promise<TokenParams>;\n exchangeCodeForTokens(params: TokenParams, urls?: CustomUrls): Promise<TokenResponse>;\n}\n\nexport interface TokenAPI extends BaseTokenAPI {\n getUserInfo<S extends CustomUserClaims = CustomUserClaims>(\n accessToken?: AccessToken,\n idToken?: IDToken\n ): Promise<UserClaims<S>>;\n getWithRedirect: GetWithRedirectFunction;\n parseFromUrl: ParseFromUrlInterface;\n getWithoutPrompt(params?: TokenParams): Promise<TokenResponse>;\n getWithPopup(params?: TokenParams): Promise<TokenResponse>;\n revoke(token: RevocableToken): Promise<object>;\n renew(token: Token): Promise<Token | undefined>;\n renewTokens(options?: TokenParams): Promise<Tokens>;\n renewTokensWithRefresh(tokenParams: TokenParams, refreshTokenObject: RefreshToken): Promise<Tokens>;\n verify(token: IDToken, params?: object): Promise<IDToken>;\n isLoginRedirect(): boolean;\n}\n\nexport interface TokenVerifyParams {\n clientId: string;\n issuer: string;\n ignoreSignature?: boolean;\n nonce?: string;\n accessToken?: string; // raw access token string\n acrValues?: string;\n}\n\nexport interface IDTokenAPI {\n authorize: {\n _getLocationHref: () => string;\n };\n}\n\nexport interface PkceAPI {\n DEFAULT_CODE_CHALLENGE_METHOD: string;\n generateVerifier(prefix: string): string;\n computeChallenge(str: string): PromiseLike<any>;\n}\n\nexport interface IsAuthenticatedOptions {\n onExpiredToken?: 'renew' | 'remove' | 'none';\n}\n\nexport interface SignoutRedirectUrlOptions {\n postLogoutRedirectUri?: string;\n idToken?: IDToken;\n state?: string;\n}\n\nexport interface SignoutOptions extends SignoutRedirectUrlOptions {\n revokeAccessToken?: boolean;\n revokeRefreshToken?: boolean;\n accessToken?: AccessToken;\n refreshToken?: RefreshToken;\n clearTokensBeforeRedirect?: boolean;\n}\n\nexport interface OriginalUriApi {\n getOriginalUri(state?: string): string | undefined;\n setOriginalUri(originalUri: string, state?: string): void;\n removeOriginalUri(state?: string): void;\n}\n\nexport interface OktaAuthOAuthInterface\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface\n> \n extends OktaAuthSessionInterface<S, O>,\n OriginalUriApi\n{\n token: TokenAPI;\n tokenManager: TokenManagerInterface;\n pkce: PkceAPI;\n transactionManager: TM;\n endpoints: Endpoints;\n \n isPKCE(): boolean;\n getIdToken(): string | undefined;\n getAccessToken(): string | undefined;\n getRefreshToken(): string | undefined;\n\n isAuthenticated(options?: IsAuthenticatedOptions): Promise<boolean>;\n signOut(opts?: SignoutOptions): Promise<boolean>;\n isLoginRedirect(): boolean;\n storeTokensFromRedirect(): Promise<void>;\n getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>>;\n signInWithRedirect(opts?: SigninWithRedirectOptions): Promise<void>;\n \n revokeAccessToken(accessToken?: AccessToken): Promise<unknown>;\n revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown>;\n}\n"],"mappings":""}
|
|
@@ -64,11 +64,10 @@ class AutoRenewService {
|
|
|
64
64
|
}
|
|
65
65
|
}
|
|
66
66
|
canStart() {
|
|
67
|
-
return !!this.options.autoRenew || !!this.options.autoRemove;
|
|
67
|
+
return (!!this.options.autoRenew || !!this.options.autoRemove) && !this.started;
|
|
68
68
|
}
|
|
69
69
|
async start() {
|
|
70
70
|
if (this.canStart()) {
|
|
71
|
-
await this.stop();
|
|
72
71
|
this.tokenManager.on(_types.EVENT_EXPIRED, this.onTokenExpiredHandler);
|
|
73
72
|
if (this.tokenManager.isStarted()) {
|
|
74
73
|
// If token manager has been already started, we could miss token expire events,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AutoRenewService.js","names":["AutoRenewService","constructor","tokenManager","options","renewTimeQueue","onTokenExpiredHandler","bind","shouldThrottleRenew","res","push","Date","now","length","firstTime","shift","lastTime","requiresLeadership","syncStorage","isBrowser","processExpiredTokens","tokenStorage","getStorage","tokens","Object","keys","forEach","key","token","isRefreshToken","hasExpired","autoRenew","error","AuthSdkError","emitError","renew","catch","autoRemove","remove","canStart","
|
|
1
|
+
{"version":3,"file":"AutoRenewService.js","names":["AutoRenewService","constructor","tokenManager","options","renewTimeQueue","onTokenExpiredHandler","bind","shouldThrottleRenew","res","push","Date","now","length","firstTime","shift","lastTime","requiresLeadership","syncStorage","isBrowser","processExpiredTokens","tokenStorage","getStorage","tokens","Object","keys","forEach","key","token","isRefreshToken","hasExpired","autoRenew","error","AuthSdkError","emitError","renew","catch","autoRemove","remove","canStart","started","start","on","EVENT_EXPIRED","isStarted","stop","off"],"sources":["../../../lib/services/AutoRenewService.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../errors';\nimport { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport { EVENT_EXPIRED, TokenManagerInterface, isRefreshToken } from '../oidc/types';\nimport { isBrowser } from '../features';\n\nexport class AutoRenewService implements ServiceInterface {\n private tokenManager: TokenManagerInterface;\n private options: ServiceManagerOptions;\n private renewTimeQueue: Array<number>;\n private started = false;\n\n constructor(tokenManager: TokenManagerInterface, options: ServiceManagerOptions = {}) {\n this.tokenManager = tokenManager;\n this.options = options;\n this.renewTimeQueue = [];\n this.onTokenExpiredHandler = this.onTokenExpiredHandler.bind(this);\n }\n \n private shouldThrottleRenew(): boolean {\n let res = false;\n this.renewTimeQueue.push(Date.now());\n if (this.renewTimeQueue.length >= 10) {\n // get and remove first item from queue\n const firstTime = this.renewTimeQueue.shift() as number;\n const lastTime = this.renewTimeQueue[this.renewTimeQueue.length - 1];\n res = (lastTime - firstTime) < 30 * 1000;\n }\n return res;\n }\n\n requiresLeadership() {\n // If tokens sync storage is enabled, handle tokens expiration only in 1 leader tab\n return !!this.options.syncStorage && isBrowser();\n }\n\n private processExpiredTokens() {\n const tokenStorage = this.tokenManager.getStorage();\n const tokens = tokenStorage.getStorage();\n Object.keys(tokens).forEach(key => {\n const token = tokens[key];\n if (!isRefreshToken(token) && this.tokenManager.hasExpired(token)) {\n this.onTokenExpiredHandler(key);\n }\n });\n }\n\n private onTokenExpiredHandler(key: string) {\n if (this.options.autoRenew) {\n if (this.shouldThrottleRenew()) {\n const error = new AuthSdkError('Too many token renew requests');\n this.tokenManager.emitError(error);\n } else {\n this.tokenManager.renew(key).catch(() => {}); // Renew errors will emit an \"error\" event \n }\n } else if (this.options.autoRemove) {\n this.tokenManager.remove(key);\n }\n }\n\n canStart() {\n return (!!this.options.autoRenew || !!this.options.autoRemove) && !this.started;\n }\n\n async start() {\n if (this.canStart()) {\n this.tokenManager.on(EVENT_EXPIRED, this.onTokenExpiredHandler);\n if (this.tokenManager.isStarted()) {\n // If token manager has been already started, we could miss token expire events,\n // so need to process expired tokens manually.\n this.processExpiredTokens();\n }\n this.started = true;\n }\n }\n\n async stop() {\n if (this.started) {\n this.tokenManager.off(EVENT_EXPIRED, this.onTokenExpiredHandler);\n this.renewTimeQueue = [];\n this.started = false;\n }\n }\n\n isStarted() {\n return this.started;\n }\n}\n"],"mappings":";;;;;AAaA;AAEA;AACA;AAhBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAQO,MAAMA,gBAAgB,CAA6B;EAMxDC,WAAW,CAACC,YAAmC,EAAEC,OAA8B,GAAG,CAAC,CAAC,EAAE;IAAA,+CAFpE,KAAK;IAGrB,IAAI,CAACD,YAAY,GAAGA,YAAY;IAChC,IAAI,CAACC,OAAO,GAAGA,OAAO;IACtB,IAAI,CAACC,cAAc,GAAG,EAAE;IACxB,IAAI,CAACC,qBAAqB,GAAG,IAAI,CAACA,qBAAqB,CAACC,IAAI,CAAC,IAAI,CAAC;EACpE;EAEQC,mBAAmB,GAAY;IACrC,IAAIC,GAAG,GAAG,KAAK;IACf,IAAI,CAACJ,cAAc,CAACK,IAAI,CAACC,IAAI,CAACC,GAAG,EAAE,CAAC;IACpC,IAAI,IAAI,CAACP,cAAc,CAACQ,MAAM,IAAI,EAAE,EAAE;MACpC;MACA,MAAMC,SAAS,GAAG,IAAI,CAACT,cAAc,CAACU,KAAK,EAAY;MACvD,MAAMC,QAAQ,GAAG,IAAI,CAACX,cAAc,CAAC,IAAI,CAACA,cAAc,CAACQ,MAAM,GAAG,CAAC,CAAC;MACpEJ,GAAG,GAAIO,QAAQ,GAAGF,SAAS,GAAI,EAAE,GAAG,IAAI;IAC1C;IACA,OAAOL,GAAG;EACZ;EAEAQ,kBAAkB,GAAG;IACnB;IACA,OAAO,CAAC,CAAC,IAAI,CAACb,OAAO,CAACc,WAAW,IAAI,IAAAC,mBAAS,GAAE;EAClD;EAEQC,oBAAoB,GAAG;IAC7B,MAAMC,YAAY,GAAG,IAAI,CAAClB,YAAY,CAACmB,UAAU,EAAE;IACnD,MAAMC,MAAM,GAAGF,YAAY,CAACC,UAAU,EAAE;IACxCE,MAAM,CAACC,IAAI,CAACF,MAAM,CAAC,CAACG,OAAO,CAACC,GAAG,IAAI;MACjC,MAAMC,KAAK,GAAGL,MAAM,CAACI,GAAG,CAAC;MACzB,IAAI,CAAC,IAAAE,qBAAc,EAACD,KAAK,CAAC,IAAI,IAAI,CAACzB,YAAY,CAAC2B,UAAU,CAACF,KAAK,CAAC,EAAE;QACjE,IAAI,CAACtB,qBAAqB,CAACqB,GAAG,CAAC;MACjC;IACF,CAAC,CAAC;EACJ;EAEQrB,qBAAqB,CAACqB,GAAW,EAAE;IACzC,IAAI,IAAI,CAACvB,OAAO,CAAC2B,SAAS,EAAE;MAC1B,IAAI,IAAI,CAACvB,mBAAmB,EAAE,EAAE;QAC9B,MAAMwB,KAAK,GAAG,IAAIC,oBAAY,CAAC,+BAA+B,CAAC;QAC/D,IAAI,CAAC9B,YAAY,CAAC+B,SAAS,CAACF,KAAK,CAAC;MACpC,CAAC,MAAM;QACL,IAAI,CAAC7B,YAAY,CAACgC,KAAK,CAACR,GAAG,CAAC,CAACS,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;MAChD;IACF,CAAC,MAAM,IAAI,IAAI,CAAChC,OAAO,CAACiC,UAAU,EAAE;MAClC,IAAI,CAAClC,YAAY,CAACmC,MAAM,CAACX,GAAG,CAAC;IAC/B;EACF;EAEAY,QAAQ,GAAG;IACT,OAAO,CAAC,CAAC,CAAC,IAAI,CAACnC,OAAO,CAAC2B,SAAS,IAAI,CAAC,CAAC,IAAI,CAAC3B,OAAO,CAACiC,UAAU,KAAK,CAAC,IAAI,CAACG,OAAO;EACjF;EAEA,MAAMC,KAAK,GAAG;IACZ,IAAI,IAAI,CAACF,QAAQ,EAAE,EAAE;MACnB,IAAI,CAACpC,YAAY,CAACuC,EAAE,CAACC,oBAAa,EAAE,IAAI,CAACrC,qBAAqB,CAAC;MAC/D,IAAI,IAAI,CAACH,YAAY,CAACyC,SAAS,EAAE,EAAE;QACjC;QACA;QACA,IAAI,CAACxB,oBAAoB,EAAE;MAC7B;MACA,IAAI,CAACoB,OAAO,GAAG,IAAI;IACrB;EACF;EAEA,MAAMK,IAAI,GAAG;IACX,IAAI,IAAI,CAACL,OAAO,EAAE;MAChB,IAAI,CAACrC,YAAY,CAAC2C,GAAG,CAACH,oBAAa,EAAE,IAAI,CAACrC,qBAAqB,CAAC;MAChE,IAAI,CAACD,cAAc,GAAG,EAAE;MACxB,IAAI,CAACmC,OAAO,GAAG,KAAK;IACtB;EACF;EAEAI,SAAS,GAAG;IACV,OAAO,IAAI,CAACJ,OAAO;EACrB;AACF;AAAC"}
|
|
@@ -38,7 +38,6 @@ class LeaderElectionService {
|
|
|
38
38
|
return !!((_this$elector2 = this.elector) !== null && _this$elector2 !== void 0 && _this$elector2.hasLeader);
|
|
39
39
|
}
|
|
40
40
|
async start() {
|
|
41
|
-
await this.stop();
|
|
42
41
|
if (this.canStart()) {
|
|
43
42
|
const {
|
|
44
43
|
electionChannelName
|
|
@@ -72,7 +71,7 @@ class LeaderElectionService {
|
|
|
72
71
|
return this.started;
|
|
73
72
|
}
|
|
74
73
|
canStart() {
|
|
75
|
-
return (0, _features.isBrowser)();
|
|
74
|
+
return (0, _features.isBrowser)() && !this.started;
|
|
76
75
|
}
|
|
77
76
|
}
|
|
78
77
|
exports.LeaderElectionService = LeaderElectionService;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"LeaderElectionService.js","names":["LeaderElectionService","constructor","options","onLeaderDuplicate","bind","onLeader","isLeader","elector","hasLeader","start","
|
|
1
|
+
{"version":3,"file":"LeaderElectionService.js","names":["LeaderElectionService","constructor","options","onLeaderDuplicate","bind","onLeader","isLeader","elector","hasLeader","start","canStart","electionChannelName","channel","BroadcastChannel","createLeaderElection","onduplicate","awaitLeadership","then","started","stop","die","undefined","postInternal","Promise","resolve","close","requiresLeadership","isStarted","isBrowser"],"sources":["../../../lib/services/LeaderElectionService.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport {\n BroadcastChannel,\n createLeaderElection,\n LeaderElector\n} from 'broadcast-channel';\nimport { isBrowser } from '../features';\n\ndeclare type OnLeaderHandler = (() => Promise<void>);\ndeclare type ServiceOptions = ServiceManagerOptions & {\n onLeader?: OnLeaderHandler;\n};\n\nexport class LeaderElectionService implements ServiceInterface {\n private options: ServiceOptions;\n private channel?: BroadcastChannel;\n private elector?: LeaderElector;\n private started = false;\n\n constructor(options: ServiceOptions = {}) {\n this.options = options;\n this.onLeaderDuplicate = this.onLeaderDuplicate.bind(this);\n this.onLeader = this.onLeader.bind(this);\n }\n\n private onLeaderDuplicate() {\n }\n\n private async onLeader() {\n await this.options.onLeader?.();\n }\n\n isLeader() {\n return !!this.elector?.isLeader;\n }\n\n hasLeader() {\n return !!this.elector?.hasLeader;\n }\n\n async start() {\n if (this.canStart()) {\n const { electionChannelName } = this.options;\n this.channel = new BroadcastChannel(electionChannelName as string);\n this.elector = createLeaderElection(this.channel);\n this.elector.onduplicate = this.onLeaderDuplicate;\n this.elector.awaitLeadership().then(this.onLeader);\n this.started = true;\n }\n }\n\n async stop() {\n if (this.started) {\n if (this.elector) {\n await this.elector.die();\n this.elector = undefined;\n }\n if (this.channel) {\n // Workaround to fix error `Failed to execute 'postMessage' on 'BroadcastChannel': Channel is closed`\n (this.channel as any).postInternal = () => Promise.resolve();\n await this.channel.close();\n this.channel = undefined;\n }\n this.started = false;\n }\n }\n\n requiresLeadership() {\n return false;\n }\n\n isStarted() {\n return this.started;\n }\n\n canStart() {\n return isBrowser() && !this.started;\n }\n\n}\n"],"mappings":";;;;;AAcA;AAKA;AAnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAgBO,MAAMA,qBAAqB,CAA6B;EAM7DC,WAAW,CAACC,OAAuB,GAAG,CAAC,CAAC,EAAE;IAAA,+CAFxB,KAAK;IAGrB,IAAI,CAACA,OAAO,GAAGA,OAAO;IACtB,IAAI,CAACC,iBAAiB,GAAG,IAAI,CAACA,iBAAiB,CAACC,IAAI,CAAC,IAAI,CAAC;IAC1D,IAAI,CAACC,QAAQ,GAAG,IAAI,CAACA,QAAQ,CAACD,IAAI,CAAC,IAAI,CAAC;EAC1C;EAEQD,iBAAiB,GAAG,CAC5B;EAEA,MAAcE,QAAQ,GAAG;IAAA;IACvB,gCAAM,qBAAI,CAACH,OAAO,EAACG,QAAQ,0DAArB,yCAAyB;EACjC;EAEAC,QAAQ,GAAG;IAAA;IACT,OAAO,CAAC,mBAAC,IAAI,CAACC,OAAO,0CAAZ,cAAcD,QAAQ;EACjC;EAEAE,SAAS,GAAG;IAAA;IACV,OAAO,CAAC,oBAAC,IAAI,CAACD,OAAO,2CAAZ,eAAcC,SAAS;EAClC;EAEA,MAAMC,KAAK,GAAG;IACZ,IAAI,IAAI,CAACC,QAAQ,EAAE,EAAE;MACnB,MAAM;QAAEC;MAAoB,CAAC,GAAG,IAAI,CAACT,OAAO;MAC5C,IAAI,CAACU,OAAO,GAAG,IAAIC,kCAAgB,CAACF,mBAAmB,CAAW;MAClE,IAAI,CAACJ,OAAO,GAAG,IAAAO,sCAAoB,EAAC,IAAI,CAACF,OAAO,CAAC;MACjD,IAAI,CAACL,OAAO,CAACQ,WAAW,GAAG,IAAI,CAACZ,iBAAiB;MACjD,IAAI,CAACI,OAAO,CAACS,eAAe,EAAE,CAACC,IAAI,CAAC,IAAI,CAACZ,QAAQ,CAAC;MAClD,IAAI,CAACa,OAAO,GAAG,IAAI;IACrB;EACF;EAEA,MAAMC,IAAI,GAAG;IACX,IAAI,IAAI,CAACD,OAAO,EAAE;MAChB,IAAI,IAAI,CAACX,OAAO,EAAE;QAChB,MAAM,IAAI,CAACA,OAAO,CAACa,GAAG,EAAE;QACxB,IAAI,CAACb,OAAO,GAAGc,SAAS;MAC1B;MACA,IAAI,IAAI,CAACT,OAAO,EAAE;QAChB;QACC,IAAI,CAACA,OAAO,CAASU,YAAY,GAAG,MAAMC,OAAO,CAACC,OAAO,EAAE;QAC5D,MAAM,IAAI,CAACZ,OAAO,CAACa,KAAK,EAAE;QAC1B,IAAI,CAACb,OAAO,GAAGS,SAAS;MAC1B;MACA,IAAI,CAACH,OAAO,GAAG,KAAK;IACtB;EACF;EAEAQ,kBAAkB,GAAG;IACnB,OAAO,KAAK;EACd;EAEAC,SAAS,GAAG;IACV,OAAO,IAAI,CAACT,OAAO;EACrB;EAEAR,QAAQ,GAAG;IACT,OAAO,IAAAkB,mBAAS,GAAE,IAAI,CAAC,IAAI,CAACV,OAAO;EACrC;AAEF;AAAC"}
|
|
@@ -38,13 +38,12 @@ class SyncStorageService {
|
|
|
38
38
|
return this.started;
|
|
39
39
|
}
|
|
40
40
|
canStart() {
|
|
41
|
-
return !!this.options.syncStorage && (0, _features.isBrowser)();
|
|
41
|
+
return !!this.options.syncStorage && (0, _features.isBrowser)() && !this.started;
|
|
42
42
|
}
|
|
43
43
|
async start() {
|
|
44
44
|
if (!this.canStart()) {
|
|
45
45
|
return;
|
|
46
46
|
}
|
|
47
|
-
await this.stop();
|
|
48
47
|
const {
|
|
49
48
|
syncChannelName
|
|
50
49
|
} = this.options;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SyncStorageService.js","names":["SyncStorageService","constructor","tokenManager","options","onTokenAddedHandler","bind","onTokenRemovedHandler","onTokenRenewedHandler","onSetStorageHandler","onSyncMessageHandler","requiresLeadership","isStarted","started","canStart","syncStorage","isBrowser","start","stop","syncChannelName","channel","BroadcastChannel","err","AuthSdkError","on","EVENT_ADDED","EVENT_REMOVED","EVENT_RENEWED","EVENT_SET_STORAGE","addEventListener","off","removeEventListener","close","undefined","key","token","enablePostMessage","postMessage","type","oldToken","storage","msg","getStorage","setStorage","emitAdded","setExpireEventTimeout","clearExpireEventTimeout","emitRemoved","emitRenewed"],"sources":["../../../lib/services/SyncStorageService.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { BroadcastChannel } from 'broadcast-channel';\nimport { isBrowser } from '../features';\nimport {\n ServiceManagerOptions, ServiceInterface\n} from '../core/types';\nimport {\n Token, Tokens, \n EVENT_ADDED, EVENT_REMOVED, EVENT_RENEWED, EVENT_SET_STORAGE, TokenManagerInterface\n} from '../oidc/types';\nimport { AuthSdkError } from '../errors';\n\nexport type SyncMessage = {\n type: string;\n key?: string;\n token?: Token;\n oldToken?: Token;\n storage?: Tokens;\n};\nexport class SyncStorageService implements ServiceInterface {\n private tokenManager: TokenManagerInterface;\n private options: ServiceManagerOptions;\n private channel?: BroadcastChannel<SyncMessage>;\n private started = false;\n private enablePostMessage = true;\n\n constructor(tokenManager: TokenManagerInterface, options: ServiceManagerOptions = {}) {\n this.tokenManager = tokenManager;\n this.options = options;\n this.onTokenAddedHandler = this.onTokenAddedHandler.bind(this);\n this.onTokenRemovedHandler = this.onTokenRemovedHandler.bind(this);\n this.onTokenRenewedHandler = this.onTokenRenewedHandler.bind(this);\n this.onSetStorageHandler = this.onSetStorageHandler.bind(this);\n this.onSyncMessageHandler = this.onSyncMessageHandler.bind(this);\n }\n\n requiresLeadership() {\n return false;\n }\n\n isStarted() {\n return this.started;\n }\n\n canStart() {\n return !!this.options.syncStorage && isBrowser();\n }\n\n async start() {\n if (!this.canStart()) {\n return;\n }\n\n await this.stop();\n \n const { syncChannelName } = this.options;\n try {\n // BroadcastChannel throws if no supported method can be found\n this.channel = new BroadcastChannel(syncChannelName as string);\n } catch (err) {\n throw new AuthSdkError('SyncStorageService is not supported in current browser.');\n }\n\n this.tokenManager.on(EVENT_ADDED, this.onTokenAddedHandler);\n this.tokenManager.on(EVENT_REMOVED, this.onTokenRemovedHandler);\n this.tokenManager.on(EVENT_RENEWED, this.onTokenRenewedHandler);\n this.tokenManager.on(EVENT_SET_STORAGE, this.onSetStorageHandler);\n this.channel.addEventListener('message', this.onSyncMessageHandler);\n this.started = true;\n }\n\n async stop() {\n if (this.started) {\n this.tokenManager.off(EVENT_ADDED, this.onTokenAddedHandler);\n this.tokenManager.off(EVENT_REMOVED, this.onTokenRemovedHandler);\n this.tokenManager.off(EVENT_RENEWED, this.onTokenRenewedHandler);\n this.tokenManager.off(EVENT_SET_STORAGE, this.onSetStorageHandler);\n this.channel?.removeEventListener('message', this.onSyncMessageHandler);\n await this.channel?.close();\n this.channel = undefined;\n this.started = false;\n }\n }\n\n private onTokenAddedHandler(key: string, token: Token) {\n if (!this.enablePostMessage) {\n return;\n }\n this.channel?.postMessage({\n type: EVENT_ADDED,\n key,\n token\n });\n }\n\n private onTokenRemovedHandler(key: string, token: Token) {\n if (!this.enablePostMessage) {\n return;\n }\n this.channel?.postMessage({\n type: EVENT_REMOVED,\n key,\n token\n });\n }\n\n private onTokenRenewedHandler(key: string, token: Token, oldToken?: Token) {\n if (!this.enablePostMessage) {\n return;\n }\n this.channel?.postMessage({\n type: EVENT_RENEWED,\n key,\n token,\n oldToken\n });\n }\n\n private onSetStorageHandler(storage: Tokens) {\n this.channel?.postMessage({\n type: EVENT_SET_STORAGE,\n storage\n });\n }\n\n /* eslint-disable complexity */\n private onSyncMessageHandler(msg: SyncMessage) {\n // Notes:\n // 1. Using `enablePostMessage` flag here to prevent sync message loop.\n // If this flag is on, tokenManager event handlers do not post sync message.\n // 2. IE11 has known issue with synchronization of LocalStorage cross tabs.\n // One workaround is to set empty event handler for `window.onstorage`.\n // But it's not 100% working, sometimes you still get old value from LocalStorage.\n // Better approch is to explicitly udpate LocalStorage with `setStorage`.\n\n this.enablePostMessage = false;\n switch (msg.type) {\n case EVENT_SET_STORAGE:\n this.tokenManager.getStorage().setStorage(msg.storage);\n break;\n case EVENT_ADDED:\n this.tokenManager.emitAdded(msg.key!, msg.token!);\n this.tokenManager.setExpireEventTimeout(msg.key!, msg.token!);\n break;\n case EVENT_REMOVED:\n this.tokenManager.clearExpireEventTimeout(msg.key!);\n this.tokenManager.emitRemoved(msg.key!, msg.token!);\n break;\n case EVENT_RENEWED:\n this.tokenManager.emitRenewed(msg.key!, msg.token!, msg.oldToken);\n break;\n default:\n break;\n }\n this.enablePostMessage = true;\n }\n} "],"mappings":";;;;;AAYA;AACA;AAIA;AAIA;AArBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAoBO,MAAMA,kBAAkB,CAA6B;EAO1DC,WAAW,CAACC,YAAmC,EAAEC,OAA8B,GAAG,CAAC,CAAC,EAAE;IAAA,+CAHpE,KAAK;IAAA,yDACK,IAAI;IAG9B,IAAI,CAACD,YAAY,GAAGA,YAAY;IAChC,IAAI,CAACC,OAAO,GAAGA,OAAO;IACtB,IAAI,CAACC,mBAAmB,GAAG,IAAI,CAACA,mBAAmB,CAACC,IAAI,CAAC,IAAI,CAAC;IAC9D,IAAI,CAACC,qBAAqB,GAAG,IAAI,CAACA,qBAAqB,CAACD,IAAI,CAAC,IAAI,CAAC;IAClE,IAAI,CAACE,qBAAqB,GAAG,IAAI,CAACA,qBAAqB,CAACF,IAAI,CAAC,IAAI,CAAC;IAClE,IAAI,CAACG,mBAAmB,GAAG,IAAI,CAACA,mBAAmB,CAACH,IAAI,CAAC,IAAI,CAAC;IAC9D,IAAI,CAACI,oBAAoB,GAAG,IAAI,CAACA,oBAAoB,CAACJ,IAAI,CAAC,IAAI,CAAC;EAClE;EAEAK,kBAAkB,GAAG;IACnB,OAAO,KAAK;EACd;EAEAC,SAAS,GAAG;IACV,OAAO,IAAI,CAACC,OAAO;EACrB;EAEAC,QAAQ,GAAG;IACT,OAAO,CAAC,CAAC,IAAI,CAACV,OAAO,CAACW,WAAW,IAAI,IAAAC,mBAAS,GAAE;EAClD;EAEA,MAAMC,KAAK,GAAG;IACZ,IAAI,CAAC,IAAI,CAACH,QAAQ,EAAE,EAAE;MACpB;IACF;IAEA,MAAM,IAAI,CAACI,IAAI,EAAE;IAEjB,MAAM;MAAEC;IAAgB,CAAC,GAAG,IAAI,CAACf,OAAO;IACxC,IAAI;MACF;MACA,IAAI,CAACgB,OAAO,GAAG,IAAIC,kCAAgB,CAACF,eAAe,CAAW;IAChE,CAAC,CAAC,OAAOG,GAAG,EAAE;MACZ,MAAM,IAAIC,oBAAY,CAAC,yDAAyD,CAAC;IACnF;IAEA,IAAI,CAACpB,YAAY,CAACqB,EAAE,CAACC,kBAAW,EAAE,IAAI,CAACpB,mBAAmB,CAAC;IAC3D,IAAI,CAACF,YAAY,CAACqB,EAAE,CAACE,oBAAa,EAAE,IAAI,CAACnB,qBAAqB,CAAC;IAC/D,IAAI,CAACJ,YAAY,CAACqB,EAAE,CAACG,oBAAa,EAAE,IAAI,CAACnB,qBAAqB,CAAC;IAC/D,IAAI,CAACL,YAAY,CAACqB,EAAE,CAACI,wBAAiB,EAAE,IAAI,CAACnB,mBAAmB,CAAC;IACjE,IAAI,CAACW,OAAO,CAACS,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAACnB,oBAAoB,CAAC;IACnE,IAAI,CAACG,OAAO,GAAG,IAAI;EACrB;EAEA,MAAMK,IAAI,GAAG;IACX,IAAI,IAAI,CAACL,OAAO,EAAE;MAAA;MAChB,IAAI,CAACV,YAAY,CAAC2B,GAAG,CAACL,kBAAW,EAAE,IAAI,CAACpB,mBAAmB,CAAC;MAC5D,IAAI,CAACF,YAAY,CAAC2B,GAAG,CAACJ,oBAAa,EAAE,IAAI,CAACnB,qBAAqB,CAAC;MAChE,IAAI,CAACJ,YAAY,CAAC2B,GAAG,CAACH,oBAAa,EAAE,IAAI,CAACnB,qBAAqB,CAAC;MAChE,IAAI,CAACL,YAAY,CAAC2B,GAAG,CAACF,wBAAiB,EAAE,IAAI,CAACnB,mBAAmB,CAAC;MAClE,qBAAI,CAACW,OAAO,kDAAZ,cAAcW,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAACrB,oBAAoB,CAAC;MACvE,yBAAM,IAAI,CAACU,OAAO,mDAAZ,eAAcY,KAAK,EAAE;MAC3B,IAAI,CAACZ,OAAO,GAAGa,SAAS;MACxB,IAAI,CAACpB,OAAO,GAAG,KAAK;IACtB;EACF;EAEQR,mBAAmB,CAAC6B,GAAW,EAAEC,KAAY,EAAE;IAAA;IACrD,IAAI,CAAC,IAAI,CAACC,iBAAiB,EAAE;MAC3B;IACF;IACA,sBAAI,CAAChB,OAAO,mDAAZ,eAAciB,WAAW,CAAC;MACxBC,IAAI,EAAEb,kBAAW;MACjBS,GAAG;MACHC;IACF,CAAC,CAAC;EACJ;EAEQ5B,qBAAqB,CAAC2B,GAAW,EAAEC,KAAY,EAAE;IAAA;IACvD,IAAI,CAAC,IAAI,CAACC,iBAAiB,EAAE;MAC3B;IACF;IACA,sBAAI,CAAChB,OAAO,mDAAZ,eAAciB,WAAW,CAAC;MACxBC,IAAI,EAAEZ,oBAAa;MACnBQ,GAAG;MACHC;IACF,CAAC,CAAC;EACJ;EAEQ3B,qBAAqB,CAAC0B,GAAW,EAAEC,KAAY,EAAEI,QAAgB,EAAE;IAAA;IACzE,IAAI,CAAC,IAAI,CAACH,iBAAiB,EAAE;MAC3B;IACF;IACA,sBAAI,CAAChB,OAAO,mDAAZ,eAAciB,WAAW,CAAC;MACxBC,IAAI,EAAEX,oBAAa;MACnBO,GAAG;MACHC,KAAK;MACLI;IACF,CAAC,CAAC;EACJ;EAEQ9B,mBAAmB,CAAC+B,OAAe,EAAE;IAAA;IAC3C,sBAAI,CAACpB,OAAO,mDAAZ,eAAciB,WAAW,CAAC;MACxBC,IAAI,EAAEV,wBAAiB;MACvBY;IACF,CAAC,CAAC;EACJ;;EAEA;EACQ9B,oBAAoB,CAAC+B,GAAgB,EAAE;IAC7C;IACA;IACA;IACA;IACA;IACA;IACA;;IAEA,IAAI,CAACL,iBAAiB,GAAG,KAAK;IAC9B,QAAQK,GAAG,CAACH,IAAI;MACd,KAAKV,wBAAiB;QACpB,IAAI,CAACzB,YAAY,CAACuC,UAAU,EAAE,CAACC,UAAU,CAACF,GAAG,CAACD,OAAO,CAAC;QACtD;MACF,KAAKf,kBAAW;QACd,IAAI,CAACtB,YAAY,CAACyC,SAAS,CAACH,GAAG,CAACP,GAAG,EAAGO,GAAG,CAACN,KAAK,CAAE;QACjD,IAAI,CAAChC,YAAY,CAAC0C,qBAAqB,CAACJ,GAAG,CAACP,GAAG,EAAGO,GAAG,CAACN,KAAK,CAAE;QAC7D;MACF,KAAKT,oBAAa;QAChB,IAAI,CAACvB,YAAY,CAAC2C,uBAAuB,CAACL,GAAG,CAACP,GAAG,CAAE;QACnD,IAAI,CAAC/B,YAAY,CAAC4C,WAAW,CAACN,GAAG,CAACP,GAAG,EAAGO,GAAG,CAACN,KAAK,CAAE;QACnD;MACF,KAAKR,oBAAa;QAChB,IAAI,CAACxB,YAAY,CAAC6C,WAAW,CAACP,GAAG,CAACP,GAAG,EAAGO,GAAG,CAACN,KAAK,EAAGM,GAAG,CAACF,QAAQ,CAAC;QACjE;MACF;QACE;IAAM;IAEV,IAAI,CAACH,iBAAiB,GAAG,IAAI;EAC/B;AACF;AAAC"}
|
|
1
|
+
{"version":3,"file":"SyncStorageService.js","names":["SyncStorageService","constructor","tokenManager","options","onTokenAddedHandler","bind","onTokenRemovedHandler","onTokenRenewedHandler","onSetStorageHandler","onSyncMessageHandler","requiresLeadership","isStarted","started","canStart","syncStorage","isBrowser","start","syncChannelName","channel","BroadcastChannel","err","AuthSdkError","on","EVENT_ADDED","EVENT_REMOVED","EVENT_RENEWED","EVENT_SET_STORAGE","addEventListener","stop","off","removeEventListener","close","undefined","key","token","enablePostMessage","postMessage","type","oldToken","storage","msg","getStorage","setStorage","emitAdded","setExpireEventTimeout","clearExpireEventTimeout","emitRemoved","emitRenewed"],"sources":["../../../lib/services/SyncStorageService.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { BroadcastChannel } from 'broadcast-channel';\nimport { isBrowser } from '../features';\nimport {\n ServiceManagerOptions, ServiceInterface\n} from '../core/types';\nimport {\n Token, Tokens, \n EVENT_ADDED, EVENT_REMOVED, EVENT_RENEWED, EVENT_SET_STORAGE, TokenManagerInterface\n} from '../oidc/types';\nimport { AuthSdkError } from '../errors';\n\nexport type SyncMessage = {\n type: string;\n key?: string;\n token?: Token;\n oldToken?: Token;\n storage?: Tokens;\n};\nexport class SyncStorageService implements ServiceInterface {\n private tokenManager: TokenManagerInterface;\n private options: ServiceManagerOptions;\n private channel?: BroadcastChannel<SyncMessage>;\n private started = false;\n private enablePostMessage = true;\n\n constructor(tokenManager: TokenManagerInterface, options: ServiceManagerOptions = {}) {\n this.tokenManager = tokenManager;\n this.options = options;\n this.onTokenAddedHandler = this.onTokenAddedHandler.bind(this);\n this.onTokenRemovedHandler = this.onTokenRemovedHandler.bind(this);\n this.onTokenRenewedHandler = this.onTokenRenewedHandler.bind(this);\n this.onSetStorageHandler = this.onSetStorageHandler.bind(this);\n this.onSyncMessageHandler = this.onSyncMessageHandler.bind(this);\n }\n\n requiresLeadership() {\n return false;\n }\n\n isStarted() {\n return this.started;\n }\n\n canStart() {\n return !!this.options.syncStorage && isBrowser() && !this.started;\n }\n\n async start() {\n if (!this.canStart()) {\n return;\n }\n \n const { syncChannelName } = this.options;\n try {\n // BroadcastChannel throws if no supported method can be found\n this.channel = new BroadcastChannel(syncChannelName as string);\n } catch (err) {\n throw new AuthSdkError('SyncStorageService is not supported in current browser.');\n }\n\n this.tokenManager.on(EVENT_ADDED, this.onTokenAddedHandler);\n this.tokenManager.on(EVENT_REMOVED, this.onTokenRemovedHandler);\n this.tokenManager.on(EVENT_RENEWED, this.onTokenRenewedHandler);\n this.tokenManager.on(EVENT_SET_STORAGE, this.onSetStorageHandler);\n this.channel.addEventListener('message', this.onSyncMessageHandler);\n this.started = true;\n }\n\n async stop() {\n if (this.started) {\n this.tokenManager.off(EVENT_ADDED, this.onTokenAddedHandler);\n this.tokenManager.off(EVENT_REMOVED, this.onTokenRemovedHandler);\n this.tokenManager.off(EVENT_RENEWED, this.onTokenRenewedHandler);\n this.tokenManager.off(EVENT_SET_STORAGE, this.onSetStorageHandler);\n this.channel?.removeEventListener('message', this.onSyncMessageHandler);\n await this.channel?.close();\n this.channel = undefined;\n this.started = false;\n }\n }\n\n private onTokenAddedHandler(key: string, token: Token) {\n if (!this.enablePostMessage) {\n return;\n }\n this.channel?.postMessage({\n type: EVENT_ADDED,\n key,\n token\n });\n }\n\n private onTokenRemovedHandler(key: string, token: Token) {\n if (!this.enablePostMessage) {\n return;\n }\n this.channel?.postMessage({\n type: EVENT_REMOVED,\n key,\n token\n });\n }\n\n private onTokenRenewedHandler(key: string, token: Token, oldToken?: Token) {\n if (!this.enablePostMessage) {\n return;\n }\n this.channel?.postMessage({\n type: EVENT_RENEWED,\n key,\n token,\n oldToken\n });\n }\n\n private onSetStorageHandler(storage: Tokens) {\n this.channel?.postMessage({\n type: EVENT_SET_STORAGE,\n storage\n });\n }\n\n /* eslint-disable complexity */\n private onSyncMessageHandler(msg: SyncMessage) {\n // Notes:\n // 1. Using `enablePostMessage` flag here to prevent sync message loop.\n // If this flag is on, tokenManager event handlers do not post sync message.\n // 2. IE11 has known issue with synchronization of LocalStorage cross tabs.\n // One workaround is to set empty event handler for `window.onstorage`.\n // But it's not 100% working, sometimes you still get old value from LocalStorage.\n // Better approch is to explicitly udpate LocalStorage with `setStorage`.\n\n this.enablePostMessage = false;\n switch (msg.type) {\n case EVENT_SET_STORAGE:\n this.tokenManager.getStorage().setStorage(msg.storage);\n break;\n case EVENT_ADDED:\n this.tokenManager.emitAdded(msg.key!, msg.token!);\n this.tokenManager.setExpireEventTimeout(msg.key!, msg.token!);\n break;\n case EVENT_REMOVED:\n this.tokenManager.clearExpireEventTimeout(msg.key!);\n this.tokenManager.emitRemoved(msg.key!, msg.token!);\n break;\n case EVENT_RENEWED:\n this.tokenManager.emitRenewed(msg.key!, msg.token!, msg.oldToken);\n break;\n default:\n break;\n }\n this.enablePostMessage = true;\n }\n} "],"mappings":";;;;;AAYA;AACA;AAIA;AAIA;AArBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAoBO,MAAMA,kBAAkB,CAA6B;EAO1DC,WAAW,CAACC,YAAmC,EAAEC,OAA8B,GAAG,CAAC,CAAC,EAAE;IAAA,+CAHpE,KAAK;IAAA,yDACK,IAAI;IAG9B,IAAI,CAACD,YAAY,GAAGA,YAAY;IAChC,IAAI,CAACC,OAAO,GAAGA,OAAO;IACtB,IAAI,CAACC,mBAAmB,GAAG,IAAI,CAACA,mBAAmB,CAACC,IAAI,CAAC,IAAI,CAAC;IAC9D,IAAI,CAACC,qBAAqB,GAAG,IAAI,CAACA,qBAAqB,CAACD,IAAI,CAAC,IAAI,CAAC;IAClE,IAAI,CAACE,qBAAqB,GAAG,IAAI,CAACA,qBAAqB,CAACF,IAAI,CAAC,IAAI,CAAC;IAClE,IAAI,CAACG,mBAAmB,GAAG,IAAI,CAACA,mBAAmB,CAACH,IAAI,CAAC,IAAI,CAAC;IAC9D,IAAI,CAACI,oBAAoB,GAAG,IAAI,CAACA,oBAAoB,CAACJ,IAAI,CAAC,IAAI,CAAC;EAClE;EAEAK,kBAAkB,GAAG;IACnB,OAAO,KAAK;EACd;EAEAC,SAAS,GAAG;IACV,OAAO,IAAI,CAACC,OAAO;EACrB;EAEAC,QAAQ,GAAG;IACT,OAAO,CAAC,CAAC,IAAI,CAACV,OAAO,CAACW,WAAW,IAAI,IAAAC,mBAAS,GAAE,IAAI,CAAC,IAAI,CAACH,OAAO;EACnE;EAEA,MAAMI,KAAK,GAAG;IACZ,IAAI,CAAC,IAAI,CAACH,QAAQ,EAAE,EAAE;MACpB;IACF;IAEA,MAAM;MAAEI;IAAgB,CAAC,GAAG,IAAI,CAACd,OAAO;IACxC,IAAI;MACF;MACA,IAAI,CAACe,OAAO,GAAG,IAAIC,kCAAgB,CAACF,eAAe,CAAW;IAChE,CAAC,CAAC,OAAOG,GAAG,EAAE;MACZ,MAAM,IAAIC,oBAAY,CAAC,yDAAyD,CAAC;IACnF;IAEA,IAAI,CAACnB,YAAY,CAACoB,EAAE,CAACC,kBAAW,EAAE,IAAI,CAACnB,mBAAmB,CAAC;IAC3D,IAAI,CAACF,YAAY,CAACoB,EAAE,CAACE,oBAAa,EAAE,IAAI,CAAClB,qBAAqB,CAAC;IAC/D,IAAI,CAACJ,YAAY,CAACoB,EAAE,CAACG,oBAAa,EAAE,IAAI,CAAClB,qBAAqB,CAAC;IAC/D,IAAI,CAACL,YAAY,CAACoB,EAAE,CAACI,wBAAiB,EAAE,IAAI,CAAClB,mBAAmB,CAAC;IACjE,IAAI,CAACU,OAAO,CAACS,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAClB,oBAAoB,CAAC;IACnE,IAAI,CAACG,OAAO,GAAG,IAAI;EACrB;EAEA,MAAMgB,IAAI,GAAG;IACX,IAAI,IAAI,CAAChB,OAAO,EAAE;MAAA;MAChB,IAAI,CAACV,YAAY,CAAC2B,GAAG,CAACN,kBAAW,EAAE,IAAI,CAACnB,mBAAmB,CAAC;MAC5D,IAAI,CAACF,YAAY,CAAC2B,GAAG,CAACL,oBAAa,EAAE,IAAI,CAAClB,qBAAqB,CAAC;MAChE,IAAI,CAACJ,YAAY,CAAC2B,GAAG,CAACJ,oBAAa,EAAE,IAAI,CAAClB,qBAAqB,CAAC;MAChE,IAAI,CAACL,YAAY,CAAC2B,GAAG,CAACH,wBAAiB,EAAE,IAAI,CAAClB,mBAAmB,CAAC;MAClE,qBAAI,CAACU,OAAO,kDAAZ,cAAcY,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAACrB,oBAAoB,CAAC;MACvE,yBAAM,IAAI,CAACS,OAAO,mDAAZ,eAAca,KAAK,EAAE;MAC3B,IAAI,CAACb,OAAO,GAAGc,SAAS;MACxB,IAAI,CAACpB,OAAO,GAAG,KAAK;IACtB;EACF;EAEQR,mBAAmB,CAAC6B,GAAW,EAAEC,KAAY,EAAE;IAAA;IACrD,IAAI,CAAC,IAAI,CAACC,iBAAiB,EAAE;MAC3B;IACF;IACA,sBAAI,CAACjB,OAAO,mDAAZ,eAAckB,WAAW,CAAC;MACxBC,IAAI,EAAEd,kBAAW;MACjBU,GAAG;MACHC;IACF,CAAC,CAAC;EACJ;EAEQ5B,qBAAqB,CAAC2B,GAAW,EAAEC,KAAY,EAAE;IAAA;IACvD,IAAI,CAAC,IAAI,CAACC,iBAAiB,EAAE;MAC3B;IACF;IACA,sBAAI,CAACjB,OAAO,mDAAZ,eAAckB,WAAW,CAAC;MACxBC,IAAI,EAAEb,oBAAa;MACnBS,GAAG;MACHC;IACF,CAAC,CAAC;EACJ;EAEQ3B,qBAAqB,CAAC0B,GAAW,EAAEC,KAAY,EAAEI,QAAgB,EAAE;IAAA;IACzE,IAAI,CAAC,IAAI,CAACH,iBAAiB,EAAE;MAC3B;IACF;IACA,sBAAI,CAACjB,OAAO,mDAAZ,eAAckB,WAAW,CAAC;MACxBC,IAAI,EAAEZ,oBAAa;MACnBQ,GAAG;MACHC,KAAK;MACLI;IACF,CAAC,CAAC;EACJ;EAEQ9B,mBAAmB,CAAC+B,OAAe,EAAE;IAAA;IAC3C,sBAAI,CAACrB,OAAO,mDAAZ,eAAckB,WAAW,CAAC;MACxBC,IAAI,EAAEX,wBAAiB;MACvBa;IACF,CAAC,CAAC;EACJ;;EAEA;EACQ9B,oBAAoB,CAAC+B,GAAgB,EAAE;IAC7C;IACA;IACA;IACA;IACA;IACA;IACA;;IAEA,IAAI,CAACL,iBAAiB,GAAG,KAAK;IAC9B,QAAQK,GAAG,CAACH,IAAI;MACd,KAAKX,wBAAiB;QACpB,IAAI,CAACxB,YAAY,CAACuC,UAAU,EAAE,CAACC,UAAU,CAACF,GAAG,CAACD,OAAO,CAAC;QACtD;MACF,KAAKhB,kBAAW;QACd,IAAI,CAACrB,YAAY,CAACyC,SAAS,CAACH,GAAG,CAACP,GAAG,EAAGO,GAAG,CAACN,KAAK,CAAE;QACjD,IAAI,CAAChC,YAAY,CAAC0C,qBAAqB,CAACJ,GAAG,CAACP,GAAG,EAAGO,GAAG,CAACN,KAAK,CAAE;QAC7D;MACF,KAAKV,oBAAa;QAChB,IAAI,CAACtB,YAAY,CAAC2C,uBAAuB,CAACL,GAAG,CAACP,GAAG,CAAE;QACnD,IAAI,CAAC/B,YAAY,CAAC4C,WAAW,CAACN,GAAG,CAACP,GAAG,EAAGO,GAAG,CAACN,KAAK,CAAE;QACnD;MACF,KAAKT,oBAAa;QAChB,IAAI,CAACvB,YAAY,CAAC6C,WAAW,CAACP,GAAG,CAACP,GAAG,EAAGO,GAAG,CAACN,KAAK,EAAGM,GAAG,CAACF,QAAQ,CAAC;QACjE;MACF;QACE;IAAM;IAEV,IAAI,CAACH,iBAAiB,GAAG,IAAI;EAC/B;AACF;AAAC"}
|
package/cjs/session/mixin.js
CHANGED
|
@@ -15,10 +15,11 @@ function mixinSession(Base) {
|
|
|
15
15
|
.then(async () => {
|
|
16
16
|
// Clear all local tokens
|
|
17
17
|
this.clearStorage();
|
|
18
|
+
return true;
|
|
18
19
|
}).catch(function (e) {
|
|
19
20
|
if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {
|
|
20
21
|
// Session does not exist or has already been closed
|
|
21
|
-
return
|
|
22
|
+
return false;
|
|
22
23
|
}
|
|
23
24
|
throw e;
|
|
24
25
|
});
|
package/cjs/session/mixin.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mixin.js","names":["mixinSession","Base","OktaAuthSession","constructor","args","session","createSessionApi","closeSession","close","then","clearStorage","catch","e","name","errorCode"],"sources":["../../../lib/session/mixin.ts"],"sourcesContent":["import { OktaAuthHttpInterface, OktaAuthHttpOptions } from '../http/types';\nimport { OktaAuthConstructor } from '../base/types';\nimport { createSessionApi } from './factory';\nimport {\n OktaAuthSessionInterface, SessionAPI,\n} from './types';\nimport { StorageManagerInterface } from '../storage/types';\n\nexport function mixinSession\n<\n S extends StorageManagerInterface = StorageManagerInterface,\n O extends OktaAuthHttpOptions = OktaAuthHttpOptions,\n TBase extends OktaAuthConstructor<OktaAuthHttpInterface<S, O>>\n = OktaAuthConstructor<OktaAuthHttpInterface<S, O>>\n>\n(Base: TBase): TBase & OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n{\n return class OktaAuthSession extends Base implements OktaAuthSessionInterface<S, O>\n {\n session: SessionAPI;\n\n constructor(...args: any[]) {\n super(...args);\n\n this.session = createSessionApi(this);\n }\n\n // Ends the current Okta SSO session without redirecting to Okta.\n closeSession(): Promise<
|
|
1
|
+
{"version":3,"file":"mixin.js","names":["mixinSession","Base","OktaAuthSession","constructor","args","session","createSessionApi","closeSession","close","then","clearStorage","catch","e","name","errorCode"],"sources":["../../../lib/session/mixin.ts"],"sourcesContent":["import { OktaAuthHttpInterface, OktaAuthHttpOptions } from '../http/types';\nimport { OktaAuthConstructor } from '../base/types';\nimport { createSessionApi } from './factory';\nimport {\n OktaAuthSessionInterface, SessionAPI,\n} from './types';\nimport { StorageManagerInterface } from '../storage/types';\n\nexport function mixinSession\n<\n S extends StorageManagerInterface = StorageManagerInterface,\n O extends OktaAuthHttpOptions = OktaAuthHttpOptions,\n TBase extends OktaAuthConstructor<OktaAuthHttpInterface<S, O>>\n = OktaAuthConstructor<OktaAuthHttpInterface<S, O>>\n>\n(Base: TBase): TBase & OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n{\n return class OktaAuthSession extends Base implements OktaAuthSessionInterface<S, O>\n {\n session: SessionAPI;\n\n constructor(...args: any[]) {\n super(...args);\n\n this.session = createSessionApi(this);\n }\n\n // Ends the current Okta SSO session without redirecting to Okta.\n closeSession(): Promise<boolean> {\n return this.session.close() // DELETE /api/v1/sessions/me\n .then(async () => {\n // Clear all local tokens\n this.clearStorage();\n return true;\n })\n .catch(function(e) {\n if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n // Session does not exist or has already been closed\n return false;\n }\n throw e;\n });\n }\n };\n}\n"],"mappings":";;;AAEA;AAMO,SAASA,YAAY,CAO3BC,IAAW,EACZ;EACE,OAAO,MAAMC,eAAe,SAASD,IAAI,CACzC;IAGEE,WAAW,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAGA,IAAI,CAAC;MAEd,IAAI,CAACC,OAAO,GAAG,IAAAC,yBAAgB,EAAC,IAAI,CAAC;IACvC;;IAEA;IACAC,YAAY,GAAqB;MAC/B,OAAO,IAAI,CAACF,OAAO,CAACG,KAAK,EAAE,CAAC;MAAA,CAC3BC,IAAI,CAAC,YAAY;QAChB;QACA,IAAI,CAACC,YAAY,EAAE;QACnB,OAAO,IAAI;MACb,CAAC,CAAC,CACDC,KAAK,CAAC,UAASC,CAAC,EAAE;QACjB,IAAIA,CAAC,CAACC,IAAI,KAAK,cAAc,IAAID,CAAC,CAACE,SAAS,KAAK,UAAU,EAAE;UAC3D;UACA,OAAO,KAAK;QACd;QACA,MAAMF,CAAC;MACT,CAAC,CAAC;IACJ;EACF,CAAC;AACH"}
|
package/cjs/session/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","names":[],"sources":["../../../lib/session/types.ts"],"sourcesContent":["import { OktaAuthHttpInterface, OktaAuthHttpOptions } from '../http/types';\nimport { StorageManagerInterface } from '../storage/types';\n\n// Session API\nexport interface SessionObject {\n status: string;\n refresh?: () => Promise<object>;\n user?: () => Promise<object>;\n}\n\nexport interface SessionAPI {\n close: () => Promise<object>;\n exists: () => Promise<boolean>;\n get: () => Promise<SessionObject>;\n refresh: () => Promise<object>;\n setCookieAndRedirect: (sessionToken?: string, redirectUri?: string) => void;\n}\n\nexport interface OktaAuthSessionInterface\n<\n S extends StorageManagerInterface = StorageManagerInterface,\n O extends OktaAuthHttpOptions = OktaAuthHttpOptions\n> \n extends OktaAuthHttpInterface<S, O>\n{\n session: SessionAPI;\n closeSession(): Promise<
|
|
1
|
+
{"version":3,"file":"types.js","names":[],"sources":["../../../lib/session/types.ts"],"sourcesContent":["import { OktaAuthHttpInterface, OktaAuthHttpOptions } from '../http/types';\nimport { StorageManagerInterface } from '../storage/types';\n\n// Session API\nexport interface SessionObject {\n status: string;\n refresh?: () => Promise<object>;\n user?: () => Promise<object>;\n}\n\nexport interface SessionAPI {\n close: () => Promise<object>;\n exists: () => Promise<boolean>;\n get: () => Promise<SessionObject>;\n refresh: () => Promise<object>;\n setCookieAndRedirect: (sessionToken?: string, redirectUri?: string) => void;\n}\n\nexport interface OktaAuthSessionInterface\n<\n S extends StorageManagerInterface = StorageManagerInterface,\n O extends OktaAuthHttpOptions = OktaAuthHttpOptions\n> \n extends OktaAuthHttpInterface<S, O>\n{\n session: SessionAPI;\n closeSession(): Promise<boolean>;\n}\n"],"mappings":""}
|
|
@@ -19,7 +19,7 @@ var _util = require("../util");
|
|
|
19
19
|
*/
|
|
20
20
|
|
|
21
21
|
function logServerSideMemoryStorageWarning(options) {
|
|
22
|
-
if (!(0, _features.isBrowser)() && !options.storageProvider && !options.
|
|
22
|
+
if (!(0, _features.isBrowser)() && !options.storageProvider && !options.storageKey) {
|
|
23
23
|
// eslint-disable-next-line max-len
|
|
24
24
|
(0, _util.warn)('Memory storage can only support simple single user use case on server side, please provide custom storageProvider or storageKey if advanced scenarios need to be supported.');
|
|
25
25
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"BaseStorageManager.js","names":["logServerSideMemoryStorageWarning","options","isBrowser","storageProvider","warn","BaseStorageManager","constructor","storageManagerOptions","cookieOptions","storageUtil","getOptionsForSection","sectionName","overrideOptions","Object","assign","getStorage","storageType","storageTypes","sessionCookie","idx","indexOf","slice","undefined","findStorageType","getStorageByType","getTokenStorage","storage","
|
|
1
|
+
{"version":3,"file":"BaseStorageManager.js","names":["logServerSideMemoryStorageWarning","options","isBrowser","storageProvider","storageKey","warn","BaseStorageManager","constructor","storageManagerOptions","cookieOptions","storageUtil","getOptionsForSection","sectionName","overrideOptions","Object","assign","getStorage","storageType","storageTypes","sessionCookie","idx","indexOf","slice","undefined","findStorageType","getStorageByType","getTokenStorage","storage","TOKEN_STORAGE_NAME","SavedObject","getHttpCache","CACHE_STORAGE_NAME"],"sources":["../../../lib/storage/BaseStorageManager.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n\nimport {\n TOKEN_STORAGE_NAME,\n CACHE_STORAGE_NAME,\n} from '../constants';\nimport {\n StorageUtil,\n StorageProvider,\n StorageOptions,\n CookieOptions,\n StorageManagerOptions,\n SimpleStorage,\n StorageManagerInterface\n} from './types';\nimport { SavedObject } from './SavedObject';\nimport { isBrowser } from '../features';\nimport { warn } from '../util';\n\nexport function logServerSideMemoryStorageWarning(options: StorageOptions) {\n if (!isBrowser() && !options.storageProvider && !options.storageKey) {\n // eslint-disable-next-line max-len\n warn('Memory storage can only support simple single user use case on server side, please provide custom storageProvider or storageKey if advanced scenarios need to be supported.');\n }\n}\n\n\nexport class BaseStorageManager implements StorageManagerInterface {\n storageManagerOptions: StorageManagerOptions;\n cookieOptions: CookieOptions;\n storageUtil: StorageUtil;\n\n constructor(storageManagerOptions: StorageManagerOptions, cookieOptions: CookieOptions, storageUtil: StorageUtil) {\n this.storageManagerOptions = storageManagerOptions;\n this.cookieOptions = cookieOptions;\n this.storageUtil = storageUtil;\n }\n\n // combines defaults in order\n getOptionsForSection(sectionName: string, overrideOptions?: StorageOptions) {\n return Object.assign({}, this.storageManagerOptions[sectionName], overrideOptions);\n }\n \n // generic method to get any available storage provider\n // eslint-disable-next-line complexity\n getStorage(options: StorageOptions): SimpleStorage {\n options = Object.assign({}, this.cookieOptions, options); // set defaults\n\n if (options.storageProvider) {\n return options.storageProvider;\n }\n\n let { storageType, storageTypes } = options;\n\n if(storageType === 'sessionStorage') {\n options.sessionCookie = true;\n }\n\n // If both storageType and storageTypes are specified, then storageType will be used first\n // If storageType cannot be used but it matches an entry in storageTypes, subsequent entries may be used as fallback\n // if storageType does not match an entry in storageTypes then storageType is used with no fallback.\n if (storageType && storageTypes) {\n const idx = storageTypes.indexOf(storageType);\n if (idx >= 0) {\n storageTypes = storageTypes.slice(idx);\n storageType = undefined;\n }\n }\n\n if (!storageType) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n storageType = this.storageUtil.findStorageType(storageTypes!);\n }\n return this.storageUtil.getStorageByType(storageType, options);\n }\n\n // access_token, id_token, refresh_token\n getTokenStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('token', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TOKEN_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // caches well-known response, among others\n getHttpCache(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('cache', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || CACHE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n}\n"],"mappings":";;;;AAcA;AAaA;AACA;AACA;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAqBO,SAASA,iCAAiC,CAACC,OAAuB,EAAE;EACzE,IAAI,CAAC,IAAAC,mBAAS,GAAE,IAAI,CAACD,OAAO,CAACE,eAAe,IAAI,CAACF,OAAO,CAACG,UAAU,EAAE;IACnE;IACA,IAAAC,UAAI,EAAC,6KAA6K,CAAC;EACrL;AACF;AAGO,MAAMC,kBAAkB,CAAoC;EAKjEC,WAAW,CAACC,qBAA4C,EAAEC,aAA4B,EAAEC,WAAwB,EAAE;IAChH,IAAI,CAACF,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACC,aAAa,GAAGA,aAAa;IAClC,IAAI,CAACC,WAAW,GAAGA,WAAW;EAChC;;EAEA;EACAC,oBAAoB,CAACC,WAAmB,EAAEC,eAAgC,EAAE;IAC1E,OAAOC,MAAM,CAACC,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,CAACP,qBAAqB,CAACI,WAAW,CAAC,EAAEC,eAAe,CAAC;EACpF;;EAEA;EACA;EACAG,UAAU,CAACf,OAAuB,EAAiB;IACjDA,OAAO,GAAGa,MAAM,CAACC,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,CAACN,aAAa,EAAER,OAAO,CAAC,CAAC,CAAC;;IAE1D,IAAIA,OAAO,CAACE,eAAe,EAAE;MAC3B,OAAOF,OAAO,CAACE,eAAe;IAChC;IAEA,IAAI;MAAEc,WAAW;MAAEC;IAAa,CAAC,GAAGjB,OAAO;IAE3C,IAAGgB,WAAW,KAAK,gBAAgB,EAAE;MACnChB,OAAO,CAACkB,aAAa,GAAG,IAAI;IAC9B;;IAEA;IACA;IACA;IACA,IAAIF,WAAW,IAAIC,YAAY,EAAE;MAC/B,MAAME,GAAG,GAAGF,YAAY,CAACG,OAAO,CAACJ,WAAW,CAAC;MAC7C,IAAIG,GAAG,IAAI,CAAC,EAAE;QACZF,YAAY,GAAGA,YAAY,CAACI,KAAK,CAACF,GAAG,CAAC;QACtCH,WAAW,GAAGM,SAAS;MACzB;IACF;IAEA,IAAI,CAACN,WAAW,EAAE;MAChB;MACAA,WAAW,GAAG,IAAI,CAACP,WAAW,CAACc,eAAe,CAACN,YAAY,CAAE;IAC/D;IACA,OAAO,IAAI,CAACR,WAAW,CAACe,gBAAgB,CAACR,WAAW,EAAEhB,OAAO,CAAC;EAChE;;EAEA;EACAyB,eAAe,CAACzB,OAAwB,EAAmB;IACzDA,OAAO,GAAG,IAAI,CAACU,oBAAoB,CAAC,OAAO,EAAEV,OAAO,CAAC;IACrDD,iCAAiC,CAACC,OAAO,CAAC;IAC1C,MAAM0B,OAAO,GAAG,IAAI,CAACX,UAAU,CAACf,OAAO,CAAC;IACxC,MAAMG,UAAU,GAAGH,OAAO,CAACG,UAAU,IAAIwB,6BAAkB;IAC3D,OAAO,IAAIC,wBAAW,CAACF,OAAO,EAAEvB,UAAU,CAAC;EAC7C;;EAEA;EACA0B,YAAY,CAAC7B,OAAwB,EAAmB;IACtDA,OAAO,GAAG,IAAI,CAACU,oBAAoB,CAAC,OAAO,EAAEV,OAAO,CAAC;IACrD,MAAM0B,OAAO,GAAG,IAAI,CAACX,UAAU,CAACf,OAAO,CAAC;IACxC,MAAMG,UAAU,GAAGH,OAAO,CAACG,UAAU,IAAI2B,6BAAkB;IAC3D,OAAO,IAAIF,wBAAW,CAACF,OAAO,EAAEvB,UAAU,CAAC;EAC7C;AAEF;AAAC"}
|