@okta/okta-auth-js 7.3.1 → 7.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (197) hide show
  1. package/CHANGELOG.md +24 -1
  2. package/README.md +2 -2
  3. package/cjs/http/OktaUserAgent.js +2 -2
  4. package/cjs/idx/authenticator/util.js +1 -1
  5. package/cjs/idx/authenticator/util.js.map +1 -1
  6. package/cjs/idx/idxState/v1/idxResponseParser.js +3 -0
  7. package/cjs/idx/idxState/v1/idxResponseParser.js.map +1 -1
  8. package/cjs/idx/remediators/Base/SelectAuthenticator.js +1 -1
  9. package/cjs/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  10. package/cjs/idx/types/api.js.map +1 -1
  11. package/cjs/oidc/TokenManager.js.map +1 -1
  12. package/cjs/oidc/factory/api.js +3 -1
  13. package/cjs/oidc/factory/api.js.map +1 -1
  14. package/cjs/oidc/index.js +9 -1
  15. package/cjs/oidc/index.js.map +1 -1
  16. package/cjs/oidc/introspect.js +70 -0
  17. package/cjs/oidc/introspect.js.map +1 -0
  18. package/cjs/oidc/mixin/index.js +26 -17
  19. package/cjs/oidc/mixin/index.js.map +1 -1
  20. package/cjs/oidc/renewTokens.js +2 -1
  21. package/cjs/oidc/renewTokens.js.map +1 -1
  22. package/cjs/oidc/types/Token.js +8 -2
  23. package/cjs/oidc/types/Token.js.map +1 -1
  24. package/cjs/oidc/types/TokenManager.js.map +1 -1
  25. package/cjs/oidc/types/api.js.map +1 -1
  26. package/cjs/oidc/types/options.js.map +1 -1
  27. package/cjs/oidc/types/proto.js.map +1 -1
  28. package/dist/okta-auth-js.authn.min.analyzer.html +2 -2
  29. package/dist/okta-auth-js.authn.min.js +1 -1
  30. package/dist/okta-auth-js.authn.min.js.map +1 -1
  31. package/dist/okta-auth-js.core.min.analyzer.html +2 -2
  32. package/dist/okta-auth-js.core.min.js +1 -1
  33. package/dist/okta-auth-js.core.min.js.map +1 -1
  34. package/dist/okta-auth-js.idx.min.analyzer.html +2 -2
  35. package/dist/okta-auth-js.idx.min.js +1 -1
  36. package/dist/okta-auth-js.idx.min.js.map +1 -1
  37. package/dist/okta-auth-js.min.analyzer.html +2 -2
  38. package/dist/okta-auth-js.min.js +1 -1
  39. package/dist/okta-auth-js.min.js.map +1 -1
  40. package/dist/okta-auth-js.myaccount.min.analyzer.html +2 -2
  41. package/dist/okta-auth-js.myaccount.min.js +1 -1
  42. package/dist/okta-auth-js.myaccount.min.js.map +1 -1
  43. package/dist/okta-auth-js.polyfill.js +1 -1
  44. package/dist/okta-auth-js.polyfill.js.map +1 -1
  45. package/esm/browser/browser/fingerprint.js +1 -0
  46. package/esm/browser/browser/fingerprint.js.map +1 -1
  47. package/esm/browser/core/AuthStateManager.js +1 -0
  48. package/esm/browser/core/AuthStateManager.js.map +1 -1
  49. package/esm/browser/core/options.js +1 -0
  50. package/esm/browser/core/options.js.map +1 -1
  51. package/esm/browser/exports/exports/authn.js +2 -1
  52. package/esm/browser/exports/exports/authn.js.map +1 -1
  53. package/esm/browser/exports/exports/core.js +2 -1
  54. package/esm/browser/exports/exports/core.js.map +1 -1
  55. package/esm/browser/exports/exports/default.js +2 -1
  56. package/esm/browser/exports/exports/default.js.map +1 -1
  57. package/esm/browser/exports/exports/idx.js +2 -1
  58. package/esm/browser/exports/exports/idx.js.map +1 -1
  59. package/esm/browser/exports/exports/myaccount.js +2 -1
  60. package/esm/browser/exports/exports/myaccount.js.map +1 -1
  61. package/esm/browser/http/OktaUserAgent.js +2 -2
  62. package/esm/browser/idx/authenticator/util.js +1 -1
  63. package/esm/browser/idx/authenticator/util.js.map +1 -1
  64. package/esm/browser/idx/factory/api.js +1 -0
  65. package/esm/browser/idx/factory/api.js.map +1 -1
  66. package/esm/browser/idx/idxState/v1/idxResponseParser.js +4 -0
  67. package/esm/browser/idx/idxState/v1/idxResponseParser.js.map +1 -1
  68. package/esm/browser/idx/interact.js +1 -0
  69. package/esm/browser/idx/interact.js.map +1 -1
  70. package/esm/browser/idx/introspect.js +1 -0
  71. package/esm/browser/idx/introspect.js.map +1 -1
  72. package/esm/browser/idx/remediators/Base/SelectAuthenticator.js +1 -1
  73. package/esm/browser/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  74. package/esm/browser/idx/transactionMeta.js +1 -0
  75. package/esm/browser/idx/transactionMeta.js.map +1 -1
  76. package/esm/browser/idx/types/api.js.map +1 -1
  77. package/esm/browser/oidc/TokenManager.js.map +1 -1
  78. package/esm/browser/oidc/TransactionManager.js +1 -0
  79. package/esm/browser/oidc/TransactionManager.js.map +1 -1
  80. package/esm/browser/oidc/enrollAuthenticator.js +1 -0
  81. package/esm/browser/oidc/enrollAuthenticator.js.map +1 -1
  82. package/esm/browser/oidc/exchangeCodeForTokens.js +1 -0
  83. package/esm/browser/oidc/exchangeCodeForTokens.js.map +1 -1
  84. package/esm/browser/oidc/factory/api.js +4 -1
  85. package/esm/browser/oidc/factory/api.js.map +1 -1
  86. package/esm/browser/oidc/getToken.js +1 -0
  87. package/esm/browser/oidc/getToken.js.map +1 -1
  88. package/esm/browser/oidc/getWithPopup.js +1 -0
  89. package/esm/browser/oidc/getWithPopup.js.map +1 -1
  90. package/esm/browser/oidc/getWithRedirect.js +1 -0
  91. package/esm/browser/oidc/getWithRedirect.js.map +1 -1
  92. package/esm/browser/oidc/handleOAuthResponse.js +1 -0
  93. package/esm/browser/oidc/handleOAuthResponse.js.map +1 -1
  94. package/esm/browser/oidc/introspect.js +67 -0
  95. package/esm/browser/oidc/introspect.js.map +1 -0
  96. package/esm/browser/oidc/mixin/index.js +25 -20
  97. package/esm/browser/oidc/mixin/index.js.map +1 -1
  98. package/esm/browser/oidc/parseFromUrl.js +1 -0
  99. package/esm/browser/oidc/parseFromUrl.js.map +1 -1
  100. package/esm/browser/oidc/renewTokens.js +3 -1
  101. package/esm/browser/oidc/renewTokens.js.map +1 -1
  102. package/esm/browser/oidc/types/Token.js +7 -1
  103. package/esm/browser/oidc/types/Token.js.map +1 -1
  104. package/esm/browser/oidc/types/TokenManager.js.map +1 -1
  105. package/esm/browser/oidc/util/sharedStorage.js +1 -0
  106. package/esm/browser/oidc/util/sharedStorage.js.map +1 -1
  107. package/esm/browser/oidc/verifyToken.js +1 -0
  108. package/esm/browser/oidc/verifyToken.js.map +1 -1
  109. package/esm/browser/package.json +1 -1
  110. package/esm/browser/services/SyncStorageService.js +1 -0
  111. package/esm/browser/services/SyncStorageService.js.map +1 -1
  112. package/esm/node/browser/fingerprint.js +1 -0
  113. package/esm/node/browser/fingerprint.js.map +1 -1
  114. package/esm/node/core/AuthStateManager.js +1 -0
  115. package/esm/node/core/AuthStateManager.js.map +1 -1
  116. package/esm/node/core/options.js +1 -0
  117. package/esm/node/core/options.js.map +1 -1
  118. package/esm/node/exports/exports/authn.js +2 -1
  119. package/esm/node/exports/exports/authn.js.map +1 -1
  120. package/esm/node/exports/exports/core.js +2 -1
  121. package/esm/node/exports/exports/core.js.map +1 -1
  122. package/esm/node/exports/exports/default.js +2 -1
  123. package/esm/node/exports/exports/default.js.map +1 -1
  124. package/esm/node/exports/exports/idx.js +2 -1
  125. package/esm/node/exports/exports/idx.js.map +1 -1
  126. package/esm/node/exports/exports/myaccount.js +2 -1
  127. package/esm/node/exports/exports/myaccount.js.map +1 -1
  128. package/esm/node/http/OktaUserAgent.js +2 -2
  129. package/esm/node/idx/authenticator/util.js +1 -1
  130. package/esm/node/idx/authenticator/util.js.map +1 -1
  131. package/esm/node/idx/factory/api.js +1 -0
  132. package/esm/node/idx/factory/api.js.map +1 -1
  133. package/esm/node/idx/idxState/v1/idxResponseParser.js +4 -0
  134. package/esm/node/idx/idxState/v1/idxResponseParser.js.map +1 -1
  135. package/esm/node/idx/interact.js +1 -0
  136. package/esm/node/idx/interact.js.map +1 -1
  137. package/esm/node/idx/introspect.js +1 -0
  138. package/esm/node/idx/introspect.js.map +1 -1
  139. package/esm/node/idx/remediators/Base/SelectAuthenticator.js +1 -1
  140. package/esm/node/idx/remediators/Base/SelectAuthenticator.js.map +1 -1
  141. package/esm/node/idx/transactionMeta.js +1 -0
  142. package/esm/node/idx/transactionMeta.js.map +1 -1
  143. package/esm/node/idx/types/api.js.map +1 -1
  144. package/esm/node/oidc/TokenManager.js.map +1 -1
  145. package/esm/node/oidc/TransactionManager.js +1 -0
  146. package/esm/node/oidc/TransactionManager.js.map +1 -1
  147. package/esm/node/oidc/enrollAuthenticator.js +1 -0
  148. package/esm/node/oidc/enrollAuthenticator.js.map +1 -1
  149. package/esm/node/oidc/exchangeCodeForTokens.js +1 -0
  150. package/esm/node/oidc/exchangeCodeForTokens.js.map +1 -1
  151. package/esm/node/oidc/factory/api.js +4 -1
  152. package/esm/node/oidc/factory/api.js.map +1 -1
  153. package/esm/node/oidc/getToken.js +1 -0
  154. package/esm/node/oidc/getToken.js.map +1 -1
  155. package/esm/node/oidc/getWithPopup.js +1 -0
  156. package/esm/node/oidc/getWithPopup.js.map +1 -1
  157. package/esm/node/oidc/getWithRedirect.js +1 -0
  158. package/esm/node/oidc/getWithRedirect.js.map +1 -1
  159. package/esm/node/oidc/handleOAuthResponse.js +1 -0
  160. package/esm/node/oidc/handleOAuthResponse.js.map +1 -1
  161. package/esm/node/oidc/introspect.js +67 -0
  162. package/esm/node/oidc/introspect.js.map +1 -0
  163. package/esm/node/oidc/mixin/index.js +25 -20
  164. package/esm/node/oidc/mixin/index.js.map +1 -1
  165. package/esm/node/oidc/parseFromUrl.js +1 -0
  166. package/esm/node/oidc/parseFromUrl.js.map +1 -1
  167. package/esm/node/oidc/renewTokens.js +3 -1
  168. package/esm/node/oidc/renewTokens.js.map +1 -1
  169. package/esm/node/oidc/types/Token.js +7 -1
  170. package/esm/node/oidc/types/Token.js.map +1 -1
  171. package/esm/node/oidc/types/TokenManager.js.map +1 -1
  172. package/esm/node/oidc/util/sharedStorage.js +1 -0
  173. package/esm/node/oidc/util/sharedStorage.js.map +1 -1
  174. package/esm/node/oidc/verifyToken.js +1 -0
  175. package/esm/node/oidc/verifyToken.js.map +1 -1
  176. package/esm/node/package.json +1 -1
  177. package/package.json +9 -5
  178. package/types/lib/idx/types/api.d.ts +1 -0
  179. package/types/lib/oidc/TokenManager.d.ts +2 -2
  180. package/types/lib/oidc/index.d.ts +1 -0
  181. package/types/lib/oidc/introspect.d.ts +14 -0
  182. package/types/lib/oidc/renewTokens.d.ts +2 -2
  183. package/types/lib/oidc/types/Token.d.ts +5 -0
  184. package/types/lib/oidc/types/TokenManager.d.ts +2 -2
  185. package/types/lib/oidc/types/api.d.ts +5 -4
  186. package/types/lib/oidc/types/options.d.ts +4 -0
  187. package/types/lib/oidc/types/proto.d.ts +1 -0
  188. package/umd/authn.js +1 -1
  189. package/umd/authn.js.map +1 -1
  190. package/umd/core.js +1 -1
  191. package/umd/core.js.map +1 -1
  192. package/umd/default.js +1 -1
  193. package/umd/default.js.map +1 -1
  194. package/umd/idx.js +1 -1
  195. package/umd/idx.js.map +1 -1
  196. package/umd/myaccount.js +1 -1
  197. package/umd/myaccount.js.map +1 -1
package/CHANGELOG.md CHANGED
@@ -1,5 +1,28 @@
1
1
  # Changelog
2
2
 
3
+ ## 7.4.0
4
+
5
+ ### Features
6
+
7
+ - [#1440](https://github.com/okta/okta-auth-js/pull/1440) Fixes type of `tokenManager.getSync`
8
+
9
+ - [#1439](https://github.com/okta/okta-auth-js/pull/1439) `.signOut` improvements
10
+ * Passing `postLogoutRedirectUri: null` to `.signOut` now omits the param from `/logout` call and will observe the behavior of `/logout`
11
+ * `state` is now returned as a query param to the `postLogoutRedirectUri` when `.signOut` falls back to `.closeSession`
12
+
13
+ - [#1412](https://github.com/okta/okta-auth-js/pull/1412)
14
+ * Adds oauth2 introspect method, exposed as `authClient.token.introspect`
15
+ * Adds optional `tokens` param to `renewTokens`
16
+
17
+ ### Fixes
18
+
19
+ - [#1421](https://github.com/okta/okta-auth-js/pull/1421) Throw error if there is incorrect `relatesTo` in IDX response
20
+
21
+ ### Other
22
+
23
+ - [#1409](https://github.com/okta/okta-auth-js/pull/1409) Adds password page to React myaccount sample app
24
+ - [#1422](https://github.com/okta/okta-auth-js/pull/1422) IDX: add `customLabel` to `Input` type
25
+
3
26
  ## 7.3.1
4
27
 
5
28
  ### Fixes
@@ -41,7 +64,7 @@
41
64
 
42
65
  - [#1343](https://github.com/okta/okta-auth-js/pull/1343) Supports Step Up MFA against `/authorize` and `/interact` endpoints
43
66
 
44
- # Other
67
+ ### Other
45
68
 
46
69
  - [#1342](https://github.com/okta/okta-auth-js/pull/1342) - fixes possible RCE in jsonpath-plus
47
70
 
package/README.md CHANGED
@@ -44,7 +44,7 @@ This library uses semantic versioning and follows Okta's [library version policy
44
44
  | ------- | -------------------------------- |
45
45
  | `7.x` | :heavy_check_mark: Stable |
46
46
  | `6.x` | :warning: Retiring on 2023-09-30 |
47
- | `5.x` | :warning: Retiring on 2022-10-31 |
47
+ | `5.x` | :x: Retired |
48
48
  | `4.x` | :x: Retired |
49
49
  | `3.x` | :x: Retired |
50
50
  | `2.x` | :x: Retired |
@@ -996,7 +996,7 @@ Signs the user out of their current [Okta session](https://developer.okta.com/do
996
996
 
997
997
  `signOut` takes the following options:
998
998
 
999
- * `postLogoutRedirectUri` - Setting a value will override the `postLogoutRedirectUri` configured on the SDK.
999
+ * `postLogoutRedirectUri` - Setting a value will override the `postLogoutRedirectUri` configured on the SDK. This will default to `window.location.origin` if no value is provided. To prevent this explicitly pass `null` to leverage the default behavior of `/logout`. If `signOut` falls back to `closeSession` `window.location.origin` will still be used as the default value, even if `null` is passed.
1000
1000
  * `state` - An optional value, used along with `postLogoutRedirectUri`. If set, this value will be returned as a query parameter during the redirect to the `postLogoutRedirectUri`
1001
1001
  * `idToken` - Specifies the ID token object. By default, `signOut` will look for a token object named `idToken` within the `TokenManager`. If you have stored the id token object in a different location, you should retrieve it first and then pass it here.
1002
1002
  * `clearTokensBeforeRedirect` - If `true` (default: `false`) local tokens will be removed before the logout redirect happens. Otherwise a flag (`pendingRemove`) will be added to each local token instead of clearing them immediately. Calling `oktaAuth.start()` after logout redirect will clear local tokens if flags are found. **Use this option with care**: removing local tokens before fully terminating the Okta SSO session can result in logging back in again when using [`@okta/okta-react`](https://www.npmjs.com/package/@okta/okta-react)'s [`SecureRoute`](https://github.com/okta/okta-react#secureroute) component.
package/cjs/http/OktaUserAgent.js CHANGED
@@ -20,7 +20,7 @@ var _features = require("../features");
20
20
  class OktaUserAgent {
21
21
  constructor() {
22
22
  // add base sdk env
23
- this.environments = [`okta-auth-js/${"7.3.1"}`];
23
+ this.environments = [`okta-auth-js/${"7.4.0"}`];
24
24
  }
25
25
  addEnvironment(env) {
26
26
  this.environments.push(env);
@@ -32,7 +32,7 @@ class OktaUserAgent {
32
32
  };
33
33
  }
34
34
  getVersion() {
35
- return "7.3.1";
35
+ return "7.4.0";
36
36
  }
37
37
  maybeAddNodeEnvironment() {
38
38
  if ((0, _features.isBrowser)() || !process || !process.versions) {
package/cjs/idx/authenticator/util.js CHANGED
@@ -40,7 +40,7 @@ function findMatchedOption(authenticators, options) {
40
40
  for (let authenticator of authenticators) {
41
41
  option = options.find(({
42
42
  relatesTo
43
- }) => relatesTo.key === authenticator.key);
43
+ }) => relatesTo.key && relatesTo.key === authenticator.key);
44
44
  if (option) {
45
45
  break;
46
46
  }
package/cjs/idx/authenticator/util.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"util.js","names":["formatAuthenticator","incoming","authenticator","isAuthenticator","key","Error","compareAuthenticators","auth1","auth2","id","findMatchedOption","authenticators","options","option","find","relatesTo"],"sources":["../../../../lib/idx/authenticator/util.ts"],"sourcesContent":["import { Authenticator, isAuthenticator } from '../types';\n\nexport function formatAuthenticator(incoming: unknown): Authenticator {\n let authenticator: Authenticator;\n if (isAuthenticator(incoming)) {\n authenticator = incoming;\n } else if (typeof incoming === 'string') {\n authenticator = {\n key: incoming\n };\n } else {\n throw new Error('Invalid format for authenticator');\n }\n return authenticator;\n}\n\n// Returns true if the authenticators are equivalent\nexport function compareAuthenticators(auth1, auth2) {\n if (!auth1 || !auth2) {\n return false;\n }\n // by id\n if (auth1.id && auth2.id) {\n return (auth1.id === auth2.id);\n }\n // by key\n if (auth1.key && auth2.key) {\n return (auth1.key === auth2.key);\n }\n return false;\n}\n\n// Find matched authenticator in provided order\nexport function findMatchedOption(authenticators, options) {\n let option;\n for (let authenticator of authenticators) {\n option = options\n .find(({ relatesTo }) => relatesTo.key === authenticator.key);\n if (option) {\n break;\n }\n }\n return option;\n}"],"mappings":";;;;;AAAA;AAEO,SAASA,mBAAmB,CAACC,QAAiB,EAAiB;EACpE,IAAIC,aAA4B;EAChC,IAAK,IAAAC,sBAAe,EAACF,QAAQ,CAAC,EAAE;IAC9BC,aAAa,GAAGD,QAAQ;EAC1B,CAAC,MAAM,IAAI,OAAOA,QAAQ,KAAK,QAAQ,EAAE;IACvCC,aAAa,GAAG;MACdE,GAAG,EAAEH;IACP,CAAC;EACH,CAAC,MAAM;IACL,MAAM,IAAII,KAAK,CAAC,kCAAkC,CAAC;EACrD;EACA,OAAOH,aAAa;AACtB;;AAEA;AACO,SAASI,qBAAqB,CAACC,KAAK,EAAEC,KAAK,EAAE;EAClD,IAAI,CAACD,KAAK,IAAI,CAACC,KAAK,EAAE;IACpB,OAAO,KAAK;EACd;EACA;EACA,IAAID,KAAK,CAACE,EAAE,IAAID,KAAK,CAACC,EAAE,EAAE;IACxB,OAAQF,KAAK,CAACE,EAAE,KAAKD,KAAK,CAACC,EAAE;EAC/B;EACA;EACA,IAAIF,KAAK,CAACH,GAAG,IAAII,KAAK,CAACJ,GAAG,EAAE;IAC1B,OAAQG,KAAK,CAACH,GAAG,KAAKI,KAAK,CAACJ,GAAG;EACjC;EACA,OAAO,KAAK;AACd;;AAEA;AACO,SAASM,iBAAiB,CAACC,cAAc,EAAEC,OAAO,EAAE;EACzD,IAAIC,MAAM;EACV,KAAK,IAAIX,aAAa,IAAIS,cAAc,EAAE;IACxCE,MAAM,GAAGD,OAAO,CACbE,IAAI,CAAC,CAAC;MAAEC;IAAU,CAAC,KAAKA,SAAS,CAACX,GAAG,KAAKF,aAAa,CAACE,GAAG,CAAC;IAC/D,IAAIS,MAAM,EAAE;MACV;IACF;EACF;EACA,OAAOA,MAAM;AACf"}
1
+ {"version":3,"file":"util.js","names":["formatAuthenticator","incoming","authenticator","isAuthenticator","key","Error","compareAuthenticators","auth1","auth2","id","findMatchedOption","authenticators","options","option","find","relatesTo"],"sources":["../../../../lib/idx/authenticator/util.ts"],"sourcesContent":["import { Authenticator, isAuthenticator } from '../types';\n\nexport function formatAuthenticator(incoming: unknown): Authenticator {\n let authenticator: Authenticator;\n if (isAuthenticator(incoming)) {\n authenticator = incoming;\n } else if (typeof incoming === 'string') {\n authenticator = {\n key: incoming\n };\n } else {\n throw new Error('Invalid format for authenticator');\n }\n return authenticator;\n}\n\n// Returns true if the authenticators are equivalent\nexport function compareAuthenticators(auth1, auth2) {\n if (!auth1 || !auth2) {\n return false;\n }\n // by id\n if (auth1.id && auth2.id) {\n return (auth1.id === auth2.id);\n }\n // by key\n if (auth1.key && auth2.key) {\n return (auth1.key === auth2.key);\n }\n return false;\n}\n\n// Find matched authenticator in provided order\nexport function findMatchedOption(authenticators, options) {\n let option;\n for (let authenticator of authenticators) {\n option = options\n .find(({ relatesTo }) => relatesTo.key && relatesTo.key === authenticator.key);\n if (option) {\n break;\n }\n }\n return option;\n}"],"mappings":";;;;;AAAA;AAEO,SAASA,mBAAmB,CAACC,QAAiB,EAAiB;EACpE,IAAIC,aAA4B;EAChC,IAAK,IAAAC,sBAAe,EAACF,QAAQ,CAAC,EAAE;IAC9BC,aAAa,GAAGD,QAAQ;EAC1B,CAAC,MAAM,IAAI,OAAOA,QAAQ,KAAK,QAAQ,EAAE;IACvCC,aAAa,GAAG;MACdE,GAAG,EAAEH;IACP,CAAC;EACH,CAAC,MAAM;IACL,MAAM,IAAII,KAAK,CAAC,kCAAkC,CAAC;EACrD;EACA,OAAOH,aAAa;AACtB;;AAEA;AACO,SAASI,qBAAqB,CAACC,KAAK,EAAEC,KAAK,EAAE;EAClD,IAAI,CAACD,KAAK,IAAI,CAACC,KAAK,EAAE;IACpB,OAAO,KAAK;EACd;EACA;EACA,IAAID,KAAK,CAACE,EAAE,IAAID,KAAK,CAACC,EAAE,EAAE;IACxB,OAAQF,KAAK,CAACE,EAAE,KAAKD,KAAK,CAACC,EAAE;EAC/B;EACA;EACA,IAAIF,KAAK,CAACH,GAAG,IAAII,KAAK,CAACJ,GAAG,EAAE;IAC1B,OAAQG,KAAK,CAACH,GAAG,KAAKI,KAAK,CAACJ,GAAG;EACjC;EACA,OAAO,KAAK;AACd;;AAEA;AACO,SAASM,iBAAiB,CAACC,cAAc,EAAEC,OAAO,EAAE;EACzD,IAAIC,MAAM;EACV,KAAK,IAAIX,aAAa,IAAIS,cAAc,EAAE;IACxCE,MAAM,GAAGD,OAAO,CACbE,IAAI,CAAC,CAAC;MAAEC;IAAU,CAAC,KAAKA,SAAS,CAACX,GAAG,IAAIW,SAAS,CAACX,GAAG,KAAKF,aAAa,CAACE,GAAG,CAAC;IAChF,IAAIS,MAAM,EAAE;MACV;IACF;EACF;EACA,OAAOA,MAAM;AACf"}
package/cjs/idx/idxState/v1/idxResponseParser.js CHANGED
@@ -5,6 +5,7 @@ exports.parseNonRemediations = exports.parseIdxResponse = void 0;
5
5
  var _remediationParser = require("./remediationParser");
6
6
  var _generateIdxAction = _interopRequireDefault(require("./generateIdxAction"));
7
7
  var _jsonpath = require("../../../util/jsonpath");
8
+ var _errors = require("../../../errors");
8
9
  /*!
9
10
  * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.
10
11
  * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
@@ -88,6 +89,8 @@ const expandRelatesTo = (idxResponse, value) => {
88
89
  if (result) {
89
90
  value[k] = result;
90
91
  return;
92
+ } else {
93
+ throw new _errors.AuthSdkError(`Cannot resolve relatesTo: ${query}`);
91
94
  }
92
95
  }
93
96
  }
package/cjs/idx/idxState/v1/idxResponseParser.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"idxResponseParser.js","names":["SKIP_FIELDS","Object","fromEntries","map","field","parseNonRemediations","authClient","idxResponse","toPersist","actions","context","keys","filter","forEach","fieldIsObject","rel","name","generateIdxAction","value","fieldValue","type","info","entries","subField","expandRelatesTo","k","query","Array","isArray","result","jsonpath","path","json","innerValue","convertRemediationAction","remediation","remediationActions","generateRemediationFunctions","actionFn","action","parseIdxResponse","remediationData","remediations"],"sources":["../../../../../lib/idx/idxState/v1/idxResponseParser.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable max-len */\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nimport { OktaAuthIdxInterface } from '../../types'; // auth-js/types\nimport { generateRemediationFunctions } from './remediationParser';\nimport generateIdxAction from './generateIdxAction';\nimport { jsonpath } from '../../../util/jsonpath';\n\nconst SKIP_FIELDS = Object.fromEntries([\n 'remediation', // remediations are put into proceed/neededToProceed\n 'context', // the API response of 'context' isn't externally useful. We ignore it and put all non-action (contextual) info into idxState.context\n].map( (field) => [ field, !!'skip this field' ] ));\n\nexport const parseNonRemediations = function parseNonRemediations( authClient: OktaAuthIdxInterface, idxResponse, toPersist = {} ) {\n const actions = {};\n const context = {};\n\n Object.keys(idxResponse)\n .filter( field => !SKIP_FIELDS[field])\n .forEach( field => {\n const fieldIsObject = typeof idxResponse[field] === 'object' && !!idxResponse[field];\n\n if ( !fieldIsObject ) {\n // simple fields are contextual info\n context[field] = idxResponse[field];\n return;\n }\n\n if ( idxResponse[field].rel ) {\n // top level actions\n actions[idxResponse[field].name] = generateIdxAction(authClient, idxResponse[field], toPersist);\n return;\n }\n\n const { value: fieldValue, type, ...info} = idxResponse[field];\n context[field] = { type, ...info}; // add the non-action parts as context\n\n if ( type !== 'object' ) {\n // only object values hold actions\n context[field].value = fieldValue;\n return;\n }\n\n // We are an object field containing an object value\n context[field].value = {};\n Object.entries(fieldValue)\n .forEach( ([subField, value]) => {\n if (value.rel) { // is [field].value[subField] an action?\n // add any \"action\" value subfields to actions\n actions[`${field}-${subField.name || subField}`] = generateIdxAction(authClient, value, toPersist);\n } else {\n // add non-action value subfields to context\n context[field].value[subField] = value;\n }\n });\n });\n\n return { context, actions };\n};\n\nconst expandRelatesTo = (idxResponse, value) => {\n Object.keys(value).forEach(k => {\n if (k === 'relatesTo') {\n const query = Array.isArray(value[k]) ? value[k][0] : value[k];\n if (typeof query === 'string') {\n const result = jsonpath({ path: query, json: idxResponse })[0];\n if (result) {\n value[k] = result;\n return;\n }\n }\n }\n if (Array.isArray(value[k])) {\n value[k].forEach(innerValue => expandRelatesTo(idxResponse, innerValue));\n }\n });\n};\n\nconst convertRemediationAction = (authClient: OktaAuthIdxInterface, remediation, toPersist) => {\n // Only remediation that has `rel` field (indicator for form submission) can have http action\n if (remediation.rel) {\n const remediationActions = generateRemediationFunctions( authClient, [remediation], toPersist );\n const actionFn = remediationActions[remediation.name];\n return {\n ...remediation,\n action: actionFn,\n };\n }\n\n return remediation;\n};\n\nexport const parseIdxResponse = function parseIdxResponse( authClient: OktaAuthIdxInterface, idxResponse, toPersist = {} ): {\n remediations: IdxRemediation[];\n context: IdxContext;\n actions: IdxActions;\n} {\n const remediationData = idxResponse.remediation?.value || [];\n\n remediationData.forEach(\n remediation => expandRelatesTo(idxResponse, remediation)\n );\n\n const remediations = remediationData.map(remediation => convertRemediationAction( authClient, remediation, toPersist ));\n\n const { context, actions } = parseNonRemediations( authClient, idxResponse, toPersist );\n\n return {\n remediations,\n context,\n actions,\n };\n};\n"],"mappings":";;;;AAgBA;AACA;AACA;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACuD;;AAKvD,MAAMA,WAAW,GAAGC,MAAM,CAACC,WAAW,CAAC,CACrC,aAAa;AAAE;AACf,SAAS,CAAE;AAAA,CACZ,CAACC,GAAG,CAAGC,KAAK,IAAK,CAAEA,KAAK,EAAE,CAAC,CAAC,iBAAiB,CAAE,CAAE,CAAC;AAE5C,MAAMC,oBAAoB,GAAG,SAASA,oBAAoB,CAAEC,UAAgC,EAAEC,WAAW,EAAEC,SAAS,GAAG,CAAC,CAAC,EAAG;EACjI,MAAMC,OAAO,GAAG,CAAC,CAAC;EAClB,MAAMC,OAAO,GAAG,CAAC,CAAC;EAElBT,MAAM,CAACU,IAAI,CAACJ,WAAW,CAAC,CACrBK,MAAM,CAAER,KAAK,IAAI,CAACJ,WAAW,CAACI,KAAK,CAAC,CAAC,CACrCS,OAAO,CAAET,KAAK,IAAI;IACjB,MAAMU,aAAa,GAAG,OAAOP,WAAW,CAACH,KAAK,CAAC,KAAK,QAAQ,IAAI,CAAC,CAACG,WAAW,CAACH,KAAK,CAAC;IAEpF,IAAK,CAACU,aAAa,EAAG;MACpB;MACAJ,OAAO,CAACN,KAAK,CAAC,GAAGG,WAAW,CAACH,KAAK,CAAC;MACnC;IACF;IAEA,IAAKG,WAAW,CAACH,KAAK,CAAC,CAACW,GAAG,EAAG;MAC5B;MACAN,OAAO,CAACF,WAAW,CAACH,KAAK,CAAC,CAACY,IAAI,CAAC,GAAG,IAAAC,0BAAiB,EAACX,UAAU,EAAEC,WAAW,CAACH,KAAK,CAAC,EAAEI,SAAS,CAAC;MAC/F;IACF;IAEA,MAAM;MAAEU,KAAK,EAAEC,UAAU;MAAEC,IAAI;MAAE,GAAGC;IAAI,CAAC,GAAGd,WAAW,CAACH,KAAK,CAAC;IAC9DM,OAAO,CAACN,KAAK,CAAC,GAAG;MAAEgB,IAAI;MAAE,GAAGC;IAAI,CAAC,CAAC,CAAC;;IAEnC,IAAKD,IAAI,KAAK,QAAQ,EAAG;MACvB;MACAV,OAAO,CAACN,KAAK,CAAC,CAACc,KAAK,GAAGC,UAAU;MACjC;IACF;;IAEA;IACAT,OAAO,CAACN,KAAK,CAAC,CAACc,KAAK,GAAG,CAAC,CAAC;IACzBjB,MAAM,CAACqB,OAAO,CAACH,UAAU,CAAC,CACvBN,OAAO,CAAE,CAAC,CAACU,QAAQ,EAAEL,KAAK,CAAC,KAAK;MAC/B,IAAIA,KAAK,CAACH,GAAG,EAAE;QAAE;QACf;QACAN,OAAO,CAAE,GAAEL,KAAM,IAAGmB,QAAQ,CAACP,IAAI,IAAIO,QAAS,EAAC,CAAC,GAAG,IAAAN,0BAAiB,EAACX,UAAU,EAAEY,KAAK,EAAEV,SAAS,CAAC;MACpG,CAAC,MAAM;QACL;QACAE,OAAO,CAACN,KAAK,CAAC,CAACc,KAAK,CAACK,QAAQ,CAAC,GAAGL,KAAK;MACxC;IACF,CAAC,CAAC;EACN,CAAC,CAAC;EAEJ,OAAO;IAAER,OAAO;IAAED;EAAQ,CAAC;AAC7B,CAAC;AAAC;AAEF,MAAMe,eAAe,GAAG,CAACjB,WAAW,EAAEW,KAAK,KAAK;EAC9CjB,MAAM,CAACU,IAAI,CAACO,KAAK,CAAC,CAACL,OAAO,CAACY,CAAC,IAAI;IAC9B,IAAIA,CAAC,KAAK,WAAW,EAAE;MACrB,MAAMC,KAAK,GAAGC,KAAK,CAACC,OAAO,CAACV,KAAK,CAACO,CAAC,CAAC,CAAC,GAAGP,KAAK,CAACO,CAAC,CAAC,CAAC,CAAC,CAAC,GAAGP,KAAK,CAACO,CAAC,CAAC;MAC9D,IAAI,OAAOC,KAAK,KAAK,QAAQ,EAAE;QAC7B,MAAMG,MAAM,GAAG,IAAAC,kBAAQ,EAAC;UAAEC,IAAI,EAAEL,KAAK;UAAEM,IAAI,EAAEzB;QAAY,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9D,IAAIsB,MAAM,EAAE;UACVX,KAAK,CAACO,CAAC,CAAC,GAAGI,MAAM;UACjB;QACF;MACF;IACF;IACA,IAAIF,KAAK,CAACC,OAAO,CAACV,KAAK,CAACO,CAAC,CAAC,CAAC,EAAE;MAC3BP,KAAK,CAACO,CAAC,CAAC,CAACZ,OAAO,CAACoB,UAAU,IAAIT,eAAe,CAACjB,WAAW,EAAE0B,UAAU,CAAC,CAAC;IAC1E;EACF,CAAC,CAAC;AACJ,CAAC;AAED,MAAMC,wBAAwB,GAAG,CAAC5B,UAAgC,EAAE6B,WAAW,EAAE3B,SAAS,KAAK;EAC7F;EACA,IAAI2B,WAAW,CAACpB,GAAG,EAAE;IACnB,MAAMqB,kBAAkB,GAAG,IAAAC,+CAA4B,EAAE/B,UAAU,EAAE,CAAC6B,WAAW,CAAC,EAAE3B,SAAS,CAAE;IAC/F,MAAM8B,QAAQ,GAAGF,kBAAkB,CAACD,WAAW,CAACnB,IAAI,CAAC;IACrD,OAAO;MACL,GAAGmB,WAAW;MACdI,MAAM,EAAED;IACV,CAAC;EACH;EAEA,OAAOH,WAAW;AACpB,CAAC;AAEM,MAAMK,gBAAgB,GAAG,SAASA,gBAAgB,CAAElC,UAAgC,EAAEC,WAAW,EAAEC,SAAS,GAAG,CAAC,CAAC,EAItH;EAAA;EACA,MAAMiC,eAAe,GAAG,0BAAAlC,WAAW,CAAC4B,WAAW,0DAAvB,sBAAyBjB,KAAK,KAAI,EAAE;EAE5DuB,eAAe,CAAC5B,OAAO,CACrBsB,WAAW,IAAIX,eAAe,CAACjB,WAAW,EAAE4B,WAAW,CAAC,CACzD;EAED,MAAMO,YAAY,GAAGD,eAAe,CAACtC,GAAG,CAACgC,WAAW,IAAID,wBAAwB,CAAE5B,UAAU,EAAE6B,WAAW,EAAE3B,SAAS,CAAE,CAAC;EAEvH,MAAM;IAAEE,OAAO;IAAED;EAAQ,CAAC,GAAGJ,oBAAoB,CAAEC,UAAU,EAAEC,WAAW,EAAEC,SAAS,CAAE;EAEvF,OAAO;IACLkC,YAAY;IACZhC,OAAO;IACPD;EACF,CAAC;AACH,CAAC;AAAC"}
1
+ {"version":3,"file":"idxResponseParser.js","names":["SKIP_FIELDS","Object","fromEntries","map","field","parseNonRemediations","authClient","idxResponse","toPersist","actions","context","keys","filter","forEach","fieldIsObject","rel","name","generateIdxAction","value","fieldValue","type","info","entries","subField","expandRelatesTo","k","query","Array","isArray","result","jsonpath","path","json","AuthSdkError","innerValue","convertRemediationAction","remediation","remediationActions","generateRemediationFunctions","actionFn","action","parseIdxResponse","remediationData","remediations"],"sources":["../../../../../lib/idx/idxState/v1/idxResponseParser.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable max-len */\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-nocheck\nimport { OktaAuthIdxInterface } from '../../types'; // auth-js/types\nimport { generateRemediationFunctions } from './remediationParser';\nimport generateIdxAction from './generateIdxAction';\nimport { jsonpath } from '../../../util/jsonpath';\nimport { AuthSdkError } from '../../../errors';\n\nconst SKIP_FIELDS = Object.fromEntries([\n 'remediation', // remediations are put into proceed/neededToProceed\n 'context', // the API response of 'context' isn't externally useful. We ignore it and put all non-action (contextual) info into idxState.context\n].map( (field) => [ field, !!'skip this field' ] ));\n\nexport const parseNonRemediations = function parseNonRemediations( authClient: OktaAuthIdxInterface, idxResponse, toPersist = {} ) {\n const actions = {};\n const context = {};\n\n Object.keys(idxResponse)\n .filter( field => !SKIP_FIELDS[field])\n .forEach( field => {\n const fieldIsObject = typeof idxResponse[field] === 'object' && !!idxResponse[field];\n\n if ( !fieldIsObject ) {\n // simple fields are contextual info\n context[field] = idxResponse[field];\n return;\n }\n\n if ( idxResponse[field].rel ) {\n // top level actions\n actions[idxResponse[field].name] = generateIdxAction(authClient, idxResponse[field], toPersist);\n return;\n }\n\n const { value: fieldValue, type, ...info} = idxResponse[field];\n context[field] = { type, ...info}; // add the non-action parts as context\n\n if ( type !== 'object' ) {\n // only object values hold actions\n context[field].value = fieldValue;\n return;\n }\n\n // We are an object field containing an object value\n context[field].value = {};\n Object.entries(fieldValue)\n .forEach( ([subField, value]) => {\n if (value.rel) { // is [field].value[subField] an action?\n // add any \"action\" value subfields to actions\n actions[`${field}-${subField.name || subField}`] = generateIdxAction(authClient, value, toPersist);\n } else {\n // add non-action value subfields to context\n context[field].value[subField] = value;\n }\n });\n });\n\n return { context, actions };\n};\n\nconst expandRelatesTo = (idxResponse, value) => {\n Object.keys(value).forEach(k => {\n if (k === 'relatesTo') {\n const query = Array.isArray(value[k]) ? value[k][0] : value[k];\n if (typeof query === 'string') {\n const result = jsonpath({ path: query, json: idxResponse })[0];\n if (result) {\n value[k] = result;\n return;\n } else {\n throw new AuthSdkError(`Cannot resolve relatesTo: ${query}`);\n }\n }\n }\n if (Array.isArray(value[k])) {\n value[k].forEach(innerValue => expandRelatesTo(idxResponse, innerValue));\n }\n });\n};\n\nconst convertRemediationAction = (authClient: OktaAuthIdxInterface, remediation, toPersist) => {\n // Only remediation that has `rel` field (indicator for form submission) can have http action\n if (remediation.rel) {\n const remediationActions = generateRemediationFunctions( authClient, [remediation], toPersist );\n const actionFn = remediationActions[remediation.name];\n return {\n ...remediation,\n action: actionFn,\n };\n }\n\n return remediation;\n};\n\nexport const parseIdxResponse = function parseIdxResponse( authClient: OktaAuthIdxInterface, idxResponse, toPersist = {} ): {\n remediations: IdxRemediation[];\n context: IdxContext;\n actions: IdxActions;\n} {\n const remediationData = idxResponse.remediation?.value || [];\n\n remediationData.forEach(\n remediation => expandRelatesTo(idxResponse, remediation)\n );\n\n const remediations = remediationData.map(remediation => convertRemediationAction( authClient, remediation, toPersist ));\n\n const { context, actions } = parseNonRemediations( authClient, idxResponse, toPersist );\n\n return {\n remediations,\n context,\n actions,\n };\n};\n"],"mappings":";;;;AAgBA;AACA;AACA;AACA;AAnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACuD;;AAMvD,MAAMA,WAAW,GAAGC,MAAM,CAACC,WAAW,CAAC,CACrC,aAAa;AAAE;AACf,SAAS,CAAE;AAAA,CACZ,CAACC,GAAG,CAAGC,KAAK,IAAK,CAAEA,KAAK,EAAE,CAAC,CAAC,iBAAiB,CAAE,CAAE,CAAC;AAE5C,MAAMC,oBAAoB,GAAG,SAASA,oBAAoB,CAAEC,UAAgC,EAAEC,WAAW,EAAEC,SAAS,GAAG,CAAC,CAAC,EAAG;EACjI,MAAMC,OAAO,GAAG,CAAC,CAAC;EAClB,MAAMC,OAAO,GAAG,CAAC,CAAC;EAElBT,MAAM,CAACU,IAAI,CAACJ,WAAW,CAAC,CACrBK,MAAM,CAAER,KAAK,IAAI,CAACJ,WAAW,CAACI,KAAK,CAAC,CAAC,CACrCS,OAAO,CAAET,KAAK,IAAI;IACjB,MAAMU,aAAa,GAAG,OAAOP,WAAW,CAACH,KAAK,CAAC,KAAK,QAAQ,IAAI,CAAC,CAACG,WAAW,CAACH,KAAK,CAAC;IAEpF,IAAK,CAACU,aAAa,EAAG;MACpB;MACAJ,OAAO,CAACN,KAAK,CAAC,GAAGG,WAAW,CAACH,KAAK,CAAC;MACnC;IACF;IAEA,IAAKG,WAAW,CAACH,KAAK,CAAC,CAACW,GAAG,EAAG;MAC5B;MACAN,OAAO,CAACF,WAAW,CAACH,KAAK,CAAC,CAACY,IAAI,CAAC,GAAG,IAAAC,0BAAiB,EAACX,UAAU,EAAEC,WAAW,CAACH,KAAK,CAAC,EAAEI,SAAS,CAAC;MAC/F;IACF;IAEA,MAAM;MAAEU,KAAK,EAAEC,UAAU;MAAEC,IAAI;MAAE,GAAGC;IAAI,CAAC,GAAGd,WAAW,CAACH,KAAK,CAAC;IAC9DM,OAAO,CAACN,KAAK,CAAC,GAAG;MAAEgB,IAAI;MAAE,GAAGC;IAAI,CAAC,CAAC,CAAC;;IAEnC,IAAKD,IAAI,KAAK,QAAQ,EAAG;MACvB;MACAV,OAAO,CAACN,KAAK,CAAC,CAACc,KAAK,GAAGC,UAAU;MACjC;IACF;;IAEA;IACAT,OAAO,CAACN,KAAK,CAAC,CAACc,KAAK,GAAG,CAAC,CAAC;IACzBjB,MAAM,CAACqB,OAAO,CAACH,UAAU,CAAC,CACvBN,OAAO,CAAE,CAAC,CAACU,QAAQ,EAAEL,KAAK,CAAC,KAAK;MAC/B,IAAIA,KAAK,CAACH,GAAG,EAAE;QAAE;QACf;QACAN,OAAO,CAAE,GAAEL,KAAM,IAAGmB,QAAQ,CAACP,IAAI,IAAIO,QAAS,EAAC,CAAC,GAAG,IAAAN,0BAAiB,EAACX,UAAU,EAAEY,KAAK,EAAEV,SAAS,CAAC;MACpG,CAAC,MAAM;QACL;QACAE,OAAO,CAACN,KAAK,CAAC,CAACc,KAAK,CAACK,QAAQ,CAAC,GAAGL,KAAK;MACxC;IACF,CAAC,CAAC;EACN,CAAC,CAAC;EAEJ,OAAO;IAAER,OAAO;IAAED;EAAQ,CAAC;AAC7B,CAAC;AAAC;AAEF,MAAMe,eAAe,GAAG,CAACjB,WAAW,EAAEW,KAAK,KAAK;EAC9CjB,MAAM,CAACU,IAAI,CAACO,KAAK,CAAC,CAACL,OAAO,CAACY,CAAC,IAAI;IAC9B,IAAIA,CAAC,KAAK,WAAW,EAAE;MACrB,MAAMC,KAAK,GAAGC,KAAK,CAACC,OAAO,CAACV,KAAK,CAACO,CAAC,CAAC,CAAC,GAAGP,KAAK,CAACO,CAAC,CAAC,CAAC,CAAC,CAAC,GAAGP,KAAK,CAACO,CAAC,CAAC;MAC9D,IAAI,OAAOC,KAAK,KAAK,QAAQ,EAAE;QAC7B,MAAMG,MAAM,GAAG,IAAAC,kBAAQ,EAAC;UAAEC,IAAI,EAAEL,KAAK;UAAEM,IAAI,EAAEzB;QAAY,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9D,IAAIsB,MAAM,EAAE;UACVX,KAAK,CAACO,CAAC,CAAC,GAAGI,MAAM;UACjB;QACF,CAAC,MAAM;UACL,MAAM,IAAII,oBAAY,CAAE,6BAA4BP,KAAM,EAAC,CAAC;QAC9D;MACF;IACF;IACA,IAAIC,KAAK,CAACC,OAAO,CAACV,KAAK,CAACO,CAAC,CAAC,CAAC,EAAE;MAC3BP,KAAK,CAACO,CAAC,CAAC,CAACZ,OAAO,CAACqB,UAAU,IAAIV,eAAe,CAACjB,WAAW,EAAE2B,UAAU,CAAC,CAAC;IAC1E;EACF,CAAC,CAAC;AACJ,CAAC;AAED,MAAMC,wBAAwB,GAAG,CAAC7B,UAAgC,EAAE8B,WAAW,EAAE5B,SAAS,KAAK;EAC7F;EACA,IAAI4B,WAAW,CAACrB,GAAG,EAAE;IACnB,MAAMsB,kBAAkB,GAAG,IAAAC,+CAA4B,EAAEhC,UAAU,EAAE,CAAC8B,WAAW,CAAC,EAAE5B,SAAS,CAAE;IAC/F,MAAM+B,QAAQ,GAAGF,kBAAkB,CAACD,WAAW,CAACpB,IAAI,CAAC;IACrD,OAAO;MACL,GAAGoB,WAAW;MACdI,MAAM,EAAED;IACV,CAAC;EACH;EAEA,OAAOH,WAAW;AACpB,CAAC;AAEM,MAAMK,gBAAgB,GAAG,SAASA,gBAAgB,CAAEnC,UAAgC,EAAEC,WAAW,EAAEC,SAAS,GAAG,CAAC,CAAC,EAItH;EAAA;EACA,MAAMkC,eAAe,GAAG,0BAAAnC,WAAW,CAAC6B,WAAW,0DAAvB,sBAAyBlB,KAAK,KAAI,EAAE;EAE5DwB,eAAe,CAAC7B,OAAO,CACrBuB,WAAW,IAAIZ,eAAe,CAACjB,WAAW,EAAE6B,WAAW,CAAC,CACzD;EAED,MAAMO,YAAY,GAAGD,eAAe,CAACvC,GAAG,CAACiC,WAAW,IAAID,wBAAwB,CAAE7B,UAAU,EAAE8B,WAAW,EAAE5B,SAAS,CAAE,CAAC;EAEvH,MAAM;IAAEE,OAAO;IAAED;EAAQ,CAAC,GAAGJ,oBAAoB,CAAEC,UAAU,EAAEC,WAAW,EAAEC,SAAS,CAAE;EAEvF,OAAO;IACLmC,YAAY;IACZjC,OAAO;IACPD;EACF,CAAC;AACH,CAAC;AAAC"}
package/cjs/idx/remediators/Base/SelectAuthenticator.js CHANGED
@@ -26,7 +26,7 @@ class SelectAuthenticator extends _Remediator.Remediator {
26
26
  for (let authenticator of authenticators) {
27
27
  option = options.find(({
28
28
  relatesTo
29
- }) => relatesTo.key === authenticator.key);
29
+ }) => relatesTo.key && relatesTo.key === authenticator.key);
30
30
  if (option) {
31
31
  break;
32
32
  }
package/cjs/idx/remediators/Base/SelectAuthenticator.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"SelectAuthenticator.js","names":["SelectAuthenticator","Remediator","findMatchedOption","authenticators","options","option","authenticator","find","relatesTo","key","canRemediate","context","values","authenticatorFromRemediation","getAuthenticatorFromRemediation","remediation","length","isAuthenticator","id","matchedOption","isCurrentAuthenticator","currentAuthenticator","value","isCurrentAuthenticatorEnrollment","currentAuthenticatorEnrollment","mapAuthenticator","remediationValue","selectedAuthenticator","selectedOption","form","name","getInputAuthenticator","map","label","type","getValuesAfterProceed","filter","compareAuthenticators"],"sources":["../../../../../lib/idx/remediators/Base/SelectAuthenticator.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Remediator';\nimport { getAuthenticatorFromRemediation } from '../util';\nimport { IdxRemediationValue, IdxContext, IdxOption } from '../../types/idx-js';\nimport { Authenticator, isAuthenticator } from '../../types/api';\nimport { compareAuthenticators, findMatchedOption} from '../../authenticator/util';\n\nexport type SelectAuthenticatorValues = RemediationValues & {\n authenticator?: string | Authenticator;\n};\n\n// Base class - DO NOT expose static remediationName\nexport class SelectAuthenticator<T extends SelectAuthenticatorValues = SelectAuthenticatorValues>\n extends Remediator<T> {\n selectedAuthenticator?: Authenticator;\n selectedOption?: any;\n\n // Find matched authenticator in provided order\n findMatchedOption(authenticators, options) {\n let option: IdxOption | undefined;\n for (let authenticator of authenticators) {\n option = options\n .find(({ relatesTo }) => relatesTo.key === authenticator.key);\n if (option) {\n break;\n }\n }\n return option;\n }\n\n /* eslint complexity:[0,9] */\n canRemediate(context?: IdxContext) {\n const { authenticators, authenticator } = this.values;\n const authenticatorFromRemediation = getAuthenticatorFromRemediation(this.remediation);\n const { options } = authenticatorFromRemediation;\n // Let users select authenticator if no input is provided\n if (!authenticators || !authenticators.length) {\n return false;\n }\n\n // Authenticator is explicitly specified by id\n if (isAuthenticator(authenticator) && authenticator.id) {\n return true;\n }\n\n // Proceed with provided authenticators\n const matchedOption = this.findMatchedOption(authenticators, options!);\n if (matchedOption) {\n // Don't select current authenticator (OKTA-612939)\n const isCurrentAuthenticator = context?.currentAuthenticator\n && context?.currentAuthenticator.value.id === matchedOption.relatesTo?.id;\n const isCurrentAuthenticatorEnrollment = context?.currentAuthenticatorEnrollment\n && context?.currentAuthenticatorEnrollment.value.id === matchedOption.relatesTo?.id;\n return !isCurrentAuthenticator && !isCurrentAuthenticatorEnrollment;\n }\n \n return false;\n }\n\n mapAuthenticator(remediationValue: IdxRemediationValue) {\n const { authenticators, authenticator } = this.values;\n\n // Authenticator is explicitly specified by id\n if (isAuthenticator(authenticator) && authenticator.id) {\n this.selectedAuthenticator = authenticator; // track the selected authenticator\n return authenticator;\n }\n\n const { options } = remediationValue;\n const selectedOption = findMatchedOption(authenticators, options);\n this.selectedAuthenticator = selectedOption.relatesTo; // track the selected authenticator\n this.selectedOption = selectedOption;\n return {\n id: selectedOption?.value.form.value.find(({ name }) => name === 'id').value\n };\n }\n\n getInputAuthenticator(remediation) {\n const options = remediation.options.map(({ label, relatesTo }) => {\n return {\n label,\n value: relatesTo.key\n };\n });\n return { name: 'authenticator', type: 'string', options };\n }\n\n getValuesAfterProceed(): T {\n this.values = super.getValuesAfterProceed();\n // remove used authenticators\n const authenticators = (this.values.authenticators as Authenticator[])\n .filter(authenticator => {\n return compareAuthenticators(authenticator, this.selectedAuthenticator) !== true;\n });\n return { ...this.values, authenticators };\n }\n\n}\n"],"mappings":";;;AAcA;AACA;AAEA;AACA;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAaA;AACO,MAAMA,mBAAmB,SACtBC,sBAAU,CAAI;EAItB;EACAC,iBAAiB,CAACC,cAAc,EAAEC,OAAO,EAAE;IACzC,IAAIC,MAA6B;IACjC,KAAK,IAAIC,aAAa,IAAIH,cAAc,EAAE;MACxCE,MAAM,GAAGD,OAAO,CACbG,IAAI,CAAC,CAAC;QAAEC;MAAU,CAAC,KAAKA,SAAS,CAACC,GAAG,KAAKH,aAAa,CAACG,GAAG,CAAC;MAC/D,IAAIJ,MAAM,EAAE;QACV;MACF;IACF;IACA,OAAOA,MAAM;EACf;;EAEA;EACAK,YAAY,CAACC,OAAoB,EAAE;IACjC,MAAM;MAAER,cAAc;MAAEG;IAAc,CAAC,GAAG,IAAI,CAACM,MAAM;IACrD,MAAMC,4BAA4B,GAAG,IAAAC,qCAA+B,EAAC,IAAI,CAACC,WAAW,CAAC;IACtF,MAAM;MAAEX;IAAQ,CAAC,GAAGS,4BAA4B;IAChD;IACA,IAAI,CAACV,cAAc,IAAI,CAACA,cAAc,CAACa,MAAM,EAAE;MAC7C,OAAO,KAAK;IACd;;IAEA;IACA,IAAI,IAAAC,oBAAe,EAACX,aAAa,CAAC,IAAIA,aAAa,CAACY,EAAE,EAAE;MACtD,OAAO,IAAI;IACb;;IAEA;IACA,MAAMC,aAAa,GAAG,IAAI,CAACjB,iBAAiB,CAACC,cAAc,EAAEC,OAAO,CAAE;IACtE,IAAIe,aAAa,EAAE;MAAA;MACjB;MACA,MAAMC,sBAAsB,GAAG,CAAAT,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEU,oBAAoB,KACvD,CAAAV,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEU,oBAAoB,CAACC,KAAK,CAACJ,EAAE,gCAAKC,aAAa,CAACX,SAAS,0DAAvB,sBAAyBU,EAAE;MAC3E,MAAMK,gCAAgC,GAAG,CAAAZ,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEa,8BAA8B,KAC3E,CAAAb,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEa,8BAA8B,CAACF,KAAK,CAACJ,EAAE,iCAAKC,aAAa,CAACX,SAAS,2DAAvB,uBAAyBU,EAAE;MACrF,OAAO,CAACE,sBAAsB,IAAI,CAACG,gCAAgC;IACrE;IAEA,OAAO,KAAK;EACd;EAEAE,gBAAgB,CAACC,gBAAqC,EAAE;IACtD,MAAM;MAAEvB,cAAc;MAAEG;IAAc,CAAC,GAAG,IAAI,CAACM,MAAM;;IAErD;IACA,IAAI,IAAAK,oBAAe,EAACX,aAAa,CAAC,IAAIA,aAAa,CAACY,EAAE,EAAE;MACtD,IAAI,CAACS,qBAAqB,GAAGrB,aAAa,CAAC,CAAC;MAC5C,OAAOA,aAAa;IACtB;IAEA,MAAM;MAAEF;IAAQ,CAAC,GAAGsB,gBAAgB;IACpC,MAAME,cAAc,GAAG,IAAA1B,wBAAiB,EAACC,cAAc,EAAEC,OAAO,CAAC;IACjE,IAAI,CAACuB,qBAAqB,GAAGC,cAAc,CAACpB,SAAS,CAAC,CAAC;IACvD,IAAI,CAACoB,cAAc,GAAGA,cAAc;IACpC,OAAO;MACLV,EAAE,EAAEU,cAAc,aAAdA,cAAc,uBAAdA,cAAc,CAAEN,KAAK,CAACO,IAAI,CAACP,KAAK,CAACf,IAAI,CAAC,CAAC;QAAEuB;MAAK,CAAC,KAAKA,IAAI,KAAK,IAAI,CAAC,CAACR;IACzE,CAAC;EACH;EAEAS,qBAAqB,CAAChB,WAAW,EAAE;IACjC,MAAMX,OAAO,GAAGW,WAAW,CAACX,OAAO,CAAC4B,GAAG,CAAC,CAAC;MAAEC,KAAK;MAAEzB;IAAU,CAAC,KAAK;MAChE,OAAO;QACLyB,KAAK;QACLX,KAAK,EAAEd,SAAS,CAACC;MACnB,CAAC;IACH,CAAC,CAAC;IACF,OAAO;MAAEqB,IAAI,EAAE,eAAe;MAAEI,IAAI,EAAE,QAAQ;MAAE9B;IAAQ,CAAC;EAC3D;EAEA+B,qBAAqB,GAAM;IACzB,IAAI,CAACvB,MAAM,GAAG,KAAK,CAACuB,qBAAqB,EAAE;IAC3C;IACA,MAAMhC,cAAc,GAAI,IAAI,CAACS,MAAM,CAACT,cAAc,CAC/CiC,MAAM,CAAC9B,aAAa,IAAI;MACvB,OAAO,IAAA+B,4BAAqB,EAAC/B,aAAa,EAAE,IAAI,CAACqB,qBAAqB,CAAC,KAAK,IAAI;IAClF,CAAC,CAAC;IACJ,OAAO;MAAE,GAAG,IAAI,CAACf,MAAM;MAAET;IAAe,CAAC;EAC3C;AAEF;AAAC"}
1
+ {"version":3,"file":"SelectAuthenticator.js","names":["SelectAuthenticator","Remediator","findMatchedOption","authenticators","options","option","authenticator","find","relatesTo","key","canRemediate","context","values","authenticatorFromRemediation","getAuthenticatorFromRemediation","remediation","length","isAuthenticator","id","matchedOption","isCurrentAuthenticator","currentAuthenticator","value","isCurrentAuthenticatorEnrollment","currentAuthenticatorEnrollment","mapAuthenticator","remediationValue","selectedAuthenticator","selectedOption","form","name","getInputAuthenticator","map","label","type","getValuesAfterProceed","filter","compareAuthenticators"],"sources":["../../../../../lib/idx/remediators/Base/SelectAuthenticator.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { Remediator, RemediationValues } from './Remediator';\nimport { getAuthenticatorFromRemediation } from '../util';\nimport { IdxRemediationValue, IdxContext, IdxOption } from '../../types/idx-js';\nimport { Authenticator, isAuthenticator } from '../../types/api';\nimport { compareAuthenticators, findMatchedOption} from '../../authenticator/util';\n\nexport type SelectAuthenticatorValues = RemediationValues & {\n authenticator?: string | Authenticator;\n};\n\n// Base class - DO NOT expose static remediationName\nexport class SelectAuthenticator<T extends SelectAuthenticatorValues = SelectAuthenticatorValues>\n extends Remediator<T> {\n selectedAuthenticator?: Authenticator;\n selectedOption?: any;\n\n // Find matched authenticator in provided order\n findMatchedOption(authenticators, options) {\n let option: IdxOption | undefined;\n for (let authenticator of authenticators) {\n option = options\n .find(({ relatesTo }) => relatesTo.key && relatesTo.key === authenticator.key);\n if (option) {\n break;\n }\n }\n return option;\n }\n\n /* eslint complexity:[0,9] */\n canRemediate(context?: IdxContext) {\n const { authenticators, authenticator } = this.values;\n const authenticatorFromRemediation = getAuthenticatorFromRemediation(this.remediation);\n const { options } = authenticatorFromRemediation;\n // Let users select authenticator if no input is provided\n if (!authenticators || !authenticators.length) {\n return false;\n }\n\n // Authenticator is explicitly specified by id\n if (isAuthenticator(authenticator) && authenticator.id) {\n return true;\n }\n\n // Proceed with provided authenticators\n const matchedOption = this.findMatchedOption(authenticators, options!);\n if (matchedOption) {\n // Don't select current authenticator (OKTA-612939)\n const isCurrentAuthenticator = context?.currentAuthenticator\n && context?.currentAuthenticator.value.id === matchedOption.relatesTo?.id;\n const isCurrentAuthenticatorEnrollment = context?.currentAuthenticatorEnrollment\n && context?.currentAuthenticatorEnrollment.value.id === matchedOption.relatesTo?.id;\n return !isCurrentAuthenticator && !isCurrentAuthenticatorEnrollment;\n }\n \n return false;\n }\n\n mapAuthenticator(remediationValue: IdxRemediationValue) {\n const { authenticators, authenticator } = this.values;\n\n // Authenticator is explicitly specified by id\n if (isAuthenticator(authenticator) && authenticator.id) {\n this.selectedAuthenticator = authenticator; // track the selected authenticator\n return authenticator;\n }\n\n const { options } = remediationValue;\n const selectedOption = findMatchedOption(authenticators, options);\n this.selectedAuthenticator = selectedOption.relatesTo; // track the selected authenticator\n this.selectedOption = selectedOption;\n return {\n id: selectedOption?.value.form.value.find(({ name }) => name === 'id').value\n };\n }\n\n getInputAuthenticator(remediation) {\n const options = remediation.options.map(({ label, relatesTo }) => {\n return {\n label,\n value: relatesTo.key\n };\n });\n return { name: 'authenticator', type: 'string', options };\n }\n\n getValuesAfterProceed(): T {\n this.values = super.getValuesAfterProceed();\n // remove used authenticators\n const authenticators = (this.values.authenticators as Authenticator[])\n .filter(authenticator => {\n return compareAuthenticators(authenticator, this.selectedAuthenticator) !== true;\n });\n return { ...this.values, authenticators };\n }\n\n}\n"],"mappings":";;;AAcA;AACA;AAEA;AACA;AAlBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAaA;AACO,MAAMA,mBAAmB,SACtBC,sBAAU,CAAI;EAItB;EACAC,iBAAiB,CAACC,cAAc,EAAEC,OAAO,EAAE;IACzC,IAAIC,MAA6B;IACjC,KAAK,IAAIC,aAAa,IAAIH,cAAc,EAAE;MACxCE,MAAM,GAAGD,OAAO,CACbG,IAAI,CAAC,CAAC;QAAEC;MAAU,CAAC,KAAKA,SAAS,CAACC,GAAG,IAAID,SAAS,CAACC,GAAG,KAAKH,aAAa,CAACG,GAAG,CAAC;MAChF,IAAIJ,MAAM,EAAE;QACV;MACF;IACF;IACA,OAAOA,MAAM;EACf;;EAEA;EACAK,YAAY,CAACC,OAAoB,EAAE;IACjC,MAAM;MAAER,cAAc;MAAEG;IAAc,CAAC,GAAG,IAAI,CAACM,MAAM;IACrD,MAAMC,4BAA4B,GAAG,IAAAC,qCAA+B,EAAC,IAAI,CAACC,WAAW,CAAC;IACtF,MAAM;MAAEX;IAAQ,CAAC,GAAGS,4BAA4B;IAChD;IACA,IAAI,CAACV,cAAc,IAAI,CAACA,cAAc,CAACa,MAAM,EAAE;MAC7C,OAAO,KAAK;IACd;;IAEA;IACA,IAAI,IAAAC,oBAAe,EAACX,aAAa,CAAC,IAAIA,aAAa,CAACY,EAAE,EAAE;MACtD,OAAO,IAAI;IACb;;IAEA;IACA,MAAMC,aAAa,GAAG,IAAI,CAACjB,iBAAiB,CAACC,cAAc,EAAEC,OAAO,CAAE;IACtE,IAAIe,aAAa,EAAE;MAAA;MACjB;MACA,MAAMC,sBAAsB,GAAG,CAAAT,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEU,oBAAoB,KACvD,CAAAV,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEU,oBAAoB,CAACC,KAAK,CAACJ,EAAE,gCAAKC,aAAa,CAACX,SAAS,0DAAvB,sBAAyBU,EAAE;MAC3E,MAAMK,gCAAgC,GAAG,CAAAZ,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEa,8BAA8B,KAC3E,CAAAb,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEa,8BAA8B,CAACF,KAAK,CAACJ,EAAE,iCAAKC,aAAa,CAACX,SAAS,2DAAvB,uBAAyBU,EAAE;MACrF,OAAO,CAACE,sBAAsB,IAAI,CAACG,gCAAgC;IACrE;IAEA,OAAO,KAAK;EACd;EAEAE,gBAAgB,CAACC,gBAAqC,EAAE;IACtD,MAAM;MAAEvB,cAAc;MAAEG;IAAc,CAAC,GAAG,IAAI,CAACM,MAAM;;IAErD;IACA,IAAI,IAAAK,oBAAe,EAACX,aAAa,CAAC,IAAIA,aAAa,CAACY,EAAE,EAAE;MACtD,IAAI,CAACS,qBAAqB,GAAGrB,aAAa,CAAC,CAAC;MAC5C,OAAOA,aAAa;IACtB;IAEA,MAAM;MAAEF;IAAQ,CAAC,GAAGsB,gBAAgB;IACpC,MAAME,cAAc,GAAG,IAAA1B,wBAAiB,EAACC,cAAc,EAAEC,OAAO,CAAC;IACjE,IAAI,CAACuB,qBAAqB,GAAGC,cAAc,CAACpB,SAAS,CAAC,CAAC;IACvD,IAAI,CAACoB,cAAc,GAAGA,cAAc;IACpC,OAAO;MACLV,EAAE,EAAEU,cAAc,aAAdA,cAAc,uBAAdA,cAAc,CAAEN,KAAK,CAACO,IAAI,CAACP,KAAK,CAACf,IAAI,CAAC,CAAC;QAAEuB;MAAK,CAAC,KAAKA,IAAI,KAAK,IAAI,CAAC,CAACR;IACzE,CAAC;EACH;EAEAS,qBAAqB,CAAChB,WAAW,EAAE;IACjC,MAAMX,OAAO,GAAGW,WAAW,CAACX,OAAO,CAAC4B,GAAG,CAAC,CAAC;MAAEC,KAAK;MAAEzB;IAAU,CAAC,KAAK;MAChE,OAAO;QACLyB,KAAK;QACLX,KAAK,EAAEd,SAAS,CAACC;MACnB,CAAC;IACH,CAAC,CAAC;IACF,OAAO;MAAEqB,IAAI,EAAE,eAAe;MAAEI,IAAI,EAAE,QAAQ;MAAE9B;IAAQ,CAAC;EAC3D;EAEA+B,qBAAqB,GAAM;IACzB,IAAI,CAACvB,MAAM,GAAG,KAAK,CAACuB,qBAAqB,EAAE;IAC3C;IACA,MAAMhC,cAAc,GAAI,IAAI,CAACS,MAAM,CAACT,cAAc,CAC/CiC,MAAM,CAAC9B,aAAa,IAAI;MACvB,OAAO,IAAA+B,4BAAqB,EAAC/B,aAAa,EAAE,IAAI,CAACqB,qBAAqB,CAAC,KAAK,IAAI;IAClF,CAAC,CAAC;IACJ,OAAO;MAAE,GAAG,IAAI,CAACf,MAAM;MAAET;IAAe,CAAC;EAC3C;AAEF;AAAC"}
package/cjs/idx/types/api.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"api.js","names":["IdxStatus","AuthenticatorKey","IdxFeature","isAuthenticator","obj","key","id"],"sources":["../../../../lib/idx/types/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { APIError } from '../../errors/types';\nimport {\n OktaAuthOAuthInterface,\n Tokens,\n TransactionManagerConstructor,\n TransactionManagerInterface\n} from '../../oidc/types';\nimport { FlowIdentifier } from './FlowIdentifier';\nimport {\n IdxActions,\n IdxAuthenticator,\n IdxContext,\n IdxForm,\n IdxMessage,\n IdxOption,\n IdxRemediation,\n IdxResponse,\n RawIdxResponse,\n IdxActionParams,\n IdpConfig,\n IdxToPersist,\n ChallengeData,\n ActivationData,\n} from './idx-js';\nimport {\n AccountUnlockOptions,\n AuthenticationOptions,\n CancelOptions,\n InteractOptions,\n IntrospectOptions,\n OktaAuthIdxOptions,\n PasswordRecoveryOptions,\n ProceedOptions,\n RegistrationOptions,\n StartOptions,\n IdxTransactionMetaOptions\n} from './options';\nimport { IdxTransactionMeta } from './meta';\nimport { IdxStorageManagerInterface, SavedIdxResponse } from './storage';\nimport type {\n WebauthnEnrollValues,\n WebauthnVerificationValues\n} from '../authenticator';\nimport { OktaAuthConstructor } from '../../base/types';\n\nexport enum IdxStatus {\n SUCCESS = 'SUCCESS',\n PENDING = 'PENDING',\n FAILURE = 'FAILURE',\n TERMINAL = 'TERMINAL',\n CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n OKTA_PASSWORD = 'okta_password',\n OKTA_EMAIL = 'okta_email',\n PHONE_NUMBER = 'phone_number',\n GOOGLE_AUTHENTICATOR = 'google_otp',\n SECURITY_QUESTION = 'security_question',\n OKTA_VERIFY = 'okta_verify',\n WEBAUTHN = 'webauthn',\n}\n\nexport type Input = {\n name: string;\n key?: string;\n type?: string;\n label?: string;\n value?: string | {form: IdxForm} | Input[];\n minLength?: number;\n maxLength?: number;\n secret?: boolean;\n required?: boolean;\n options?: IdxOption[];\n mutable?: boolean;\n visible?: boolean;\n}\n\n\nexport interface IdxPollOptions {\n required?: boolean;\n refresh?: number;\n}\n\nexport type NextStep = {\n name: string;\n authenticator?: IdxAuthenticator;\n canSkip?: boolean;\n canResend?: boolean;\n inputs?: Input[];\n poll?: IdxPollOptions;\n authenticatorEnrollments?: IdxAuthenticator[];\n // eslint-disable-next-line no-use-before-define\n action?: (params?: IdxActionParams) => Promise<IdxTransaction>;\n idp?: IdpConfig;\n href?: string;\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n refresh?: number;\n}\n\nexport enum IdxFeature {\n PASSWORD_RECOVERY = 'recover-password',\n REGISTRATION = 'enroll-profile',\n SOCIAL_IDP = 'redirect-idp',\n ACCOUNT_UNLOCK = 'unlock-account',\n}\n\n\nexport interface IdxTransaction {\n status: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError | IdxResponse;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n requestDidSucceed?: boolean;\n stepUp?: boolean;\n \n // from idx-js, used by signin widget\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n context: IdxContext;\n}\n\n\nexport type Authenticator = {\n id?: string;\n key?: string;\n methodType?: string;\n phoneNumber?: string;\n channel?: string;\n};\n\nexport function isAuthenticator(obj: any): obj is Authenticator {\n return obj && (obj.key || obj.id);\n}\n\nexport interface RemediationResponse {\n idxResponse: IdxResponse;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n terminal?: boolean;\n canceled?: boolean;\n}\n\nexport interface InteractResponse {\n state?: string;\n interactionHandle: string;\n meta: IdxTransactionMeta;\n}\n\nexport interface EmailVerifyCallbackResponse {\n state: string;\n otp: string;\n}\n\nexport interface IdxAPI {\n // lowest level api\n interact: (options?: InteractOptions) => Promise<InteractResponse>;\n introspect: (options?: IntrospectOptions) => Promise<IdxResponse>;\n makeIdxResponse: (rawIdxResponse: RawIdxResponse, toPersist: IdxToPersist, requestDidSucceed: boolean) => IdxResponse;\n\n // flow entrypoints\n authenticate: (options?: AuthenticationOptions) => Promise<IdxTransaction>;\n register: (options?: RegistrationOptions) => Promise<IdxTransaction>;\n recoverPassword: (options?: PasswordRecoveryOptions) => Promise<IdxTransaction>;\n unlockAccount: (options?: AccountUnlockOptions) => Promise<IdxTransaction>;\n poll: (options?: IdxPollOptions) => Promise<IdxTransaction>;\n\n // flow control\n start: (options?: StartOptions) => Promise<IdxTransaction>;\n canProceed(options?: ProceedOptions): boolean;\n proceed: (options?: ProceedOptions) => Promise<IdxTransaction>;\n cancel: (options?: CancelOptions) => Promise<IdxTransaction>;\n getFlow(): FlowIdentifier | undefined;\n setFlow(flow: FlowIdentifier): void;\n\n // call `start` instead of `startTransaction`. `startTransaction` will be removed in next major version (7.0)\n startTransaction: (options?: StartOptions) => Promise<IdxTransaction>;\n\n // redirect callbacks\n isInteractionRequired: (hashOrSearch?: string) => boolean;\n isInteractionRequiredError: (error: Error) => boolean; \n handleInteractionCodeRedirect: (url: string) => Promise<void>;\n isEmailVerifyCallback: (search: string) => boolean;\n parseEmailVerifyCallback: (search: string) => EmailVerifyCallbackResponse;\n handleEmailVerifyCallback: (search: string) => Promise<IdxTransaction | undefined>;\n isEmailVerifyCallbackError: (error: Error) => boolean;\n\n // transaction meta\n getSavedTransactionMeta: (options?: IdxTransactionMetaOptions) => IdxTransactionMeta | undefined;\n createTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n getTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n saveTransactionMeta: (meta: unknown) => void;\n clearTransactionMeta: () => void;\n isTransactionMetaValid: (meta: unknown) => boolean;\n}\n\nexport interface IdxTransactionManagerInterface extends TransactionManagerInterface {\n saveIdxResponse(data: SavedIdxResponse): void;\n loadIdxResponse(options?: IntrospectOptions): SavedIdxResponse | null;\n clearIdxResponse(): void;\n}\n\nexport type IdxTransactionManagerConstructor = TransactionManagerConstructor<IdxTransactionManagerInterface>;\n\nexport interface WebauthnAPI {\n getAssertion(credential: PublicKeyCredential): WebauthnVerificationValues;\n getAttestation(credential: PublicKeyCredential): WebauthnEnrollValues;\n buildCredentialRequestOptions(\n challengeData: ChallengeData, authenticatorEnrollments: IdxAuthenticator[]\n ): CredentialRequestOptions;\n buildCredentialCreationOptions(\n activationData: ActivationData, authenticatorEnrollments: IdxAuthenticator[]\n ): CredentialCreationOptions;\n}\n\nexport interface OktaAuthIdxInterface\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface\n>\n extends OktaAuthOAuthInterface<M, S, O, TM>\n{\n idx: IdxAPI;\n}\n\nexport interface OktaAuthIdxConstructor\n<\n I extends OktaAuthIdxInterface = OktaAuthIdxInterface\n>\n extends OktaAuthConstructor<I>\n{\n new(...args: any[]): I;\n webauthn: WebauthnAPI;\n}\n\n"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,GAVA,IAyDYA,SAAS;AAAA;AAAA,WAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;AAAA,GAATA,SAAS,yBAATA,SAAS;AAAA,IAQTC,gBAAgB;AAAA;AAAA,WAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;AAAA,GAAhBA,gBAAgB,gCAAhBA,gBAAgB;AAAA,IAkDhBC,UAAU;AAAA;AAAA,WAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;AAAA,GAAVA,UAAU,0BAAVA,UAAU;AAsCf,SAASC,eAAe,CAACC,GAAQ,EAAwB;EAC9D,OAAOA,GAAG,KAAKA,GAAG,CAACC,GAAG,IAAID,GAAG,CAACE,EAAE,CAAC;AACnC"}
1
+ {"version":3,"file":"api.js","names":["IdxStatus","AuthenticatorKey","IdxFeature","isAuthenticator","obj","key","id"],"sources":["../../../../lib/idx/types/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { APIError } from '../../errors/types';\nimport {\n OktaAuthOAuthInterface,\n Tokens,\n TransactionManagerConstructor,\n TransactionManagerInterface\n} from '../../oidc/types';\nimport { FlowIdentifier } from './FlowIdentifier';\nimport {\n IdxActions,\n IdxAuthenticator,\n IdxContext,\n IdxForm,\n IdxMessage,\n IdxOption,\n IdxRemediation,\n IdxResponse,\n RawIdxResponse,\n IdxActionParams,\n IdpConfig,\n IdxToPersist,\n ChallengeData,\n ActivationData,\n} from './idx-js';\nimport {\n AccountUnlockOptions,\n AuthenticationOptions,\n CancelOptions,\n InteractOptions,\n IntrospectOptions,\n OktaAuthIdxOptions,\n PasswordRecoveryOptions,\n ProceedOptions,\n RegistrationOptions,\n StartOptions,\n IdxTransactionMetaOptions\n} from './options';\nimport { IdxTransactionMeta } from './meta';\nimport { IdxStorageManagerInterface, SavedIdxResponse } from './storage';\nimport type {\n WebauthnEnrollValues,\n WebauthnVerificationValues\n} from '../authenticator';\nimport { OktaAuthConstructor } from '../../base/types';\n\nexport enum IdxStatus {\n SUCCESS = 'SUCCESS',\n PENDING = 'PENDING',\n FAILURE = 'FAILURE',\n TERMINAL = 'TERMINAL',\n CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n OKTA_PASSWORD = 'okta_password',\n OKTA_EMAIL = 'okta_email',\n PHONE_NUMBER = 'phone_number',\n GOOGLE_AUTHENTICATOR = 'google_otp',\n SECURITY_QUESTION = 'security_question',\n OKTA_VERIFY = 'okta_verify',\n WEBAUTHN = 'webauthn',\n}\n\nexport type Input = {\n name: string;\n key?: string;\n type?: string;\n label?: string;\n value?: string | {form: IdxForm} | Input[];\n minLength?: number;\n maxLength?: number;\n secret?: boolean;\n required?: boolean;\n options?: IdxOption[];\n mutable?: boolean;\n visible?: boolean;\n customLabel?: boolean\n}\n\n\nexport interface IdxPollOptions {\n required?: boolean;\n refresh?: number;\n}\n\nexport type NextStep = {\n name: string;\n authenticator?: IdxAuthenticator;\n canSkip?: boolean;\n canResend?: boolean;\n inputs?: Input[];\n poll?: IdxPollOptions;\n authenticatorEnrollments?: IdxAuthenticator[];\n // eslint-disable-next-line no-use-before-define\n action?: (params?: IdxActionParams) => Promise<IdxTransaction>;\n idp?: IdpConfig;\n href?: string;\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n refresh?: number;\n}\n\nexport enum IdxFeature {\n PASSWORD_RECOVERY = 'recover-password',\n REGISTRATION = 'enroll-profile',\n SOCIAL_IDP = 'redirect-idp',\n ACCOUNT_UNLOCK = 'unlock-account',\n}\n\n\nexport interface IdxTransaction {\n status: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError | IdxResponse;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n requestDidSucceed?: boolean;\n stepUp?: boolean;\n \n // from idx-js, used by signin widget\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n context: IdxContext;\n}\n\n\nexport type Authenticator = {\n id?: string;\n key?: string;\n methodType?: string;\n phoneNumber?: string;\n channel?: string;\n};\n\nexport function isAuthenticator(obj: any): obj is Authenticator {\n return obj && (obj.key || obj.id);\n}\n\nexport interface RemediationResponse {\n idxResponse: IdxResponse;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n terminal?: boolean;\n canceled?: boolean;\n}\n\nexport interface InteractResponse {\n state?: string;\n interactionHandle: string;\n meta: IdxTransactionMeta;\n}\n\nexport interface EmailVerifyCallbackResponse {\n state: string;\n otp: string;\n}\n\nexport interface IdxAPI {\n // lowest level api\n interact: (options?: InteractOptions) => Promise<InteractResponse>;\n introspect: (options?: IntrospectOptions) => Promise<IdxResponse>;\n makeIdxResponse: (rawIdxResponse: RawIdxResponse, toPersist: IdxToPersist, requestDidSucceed: boolean) => IdxResponse;\n\n // flow entrypoints\n authenticate: (options?: AuthenticationOptions) => Promise<IdxTransaction>;\n register: (options?: RegistrationOptions) => Promise<IdxTransaction>;\n recoverPassword: (options?: PasswordRecoveryOptions) => Promise<IdxTransaction>;\n unlockAccount: (options?: AccountUnlockOptions) => Promise<IdxTransaction>;\n poll: (options?: IdxPollOptions) => Promise<IdxTransaction>;\n\n // flow control\n start: (options?: StartOptions) => Promise<IdxTransaction>;\n canProceed(options?: ProceedOptions): boolean;\n proceed: (options?: ProceedOptions) => Promise<IdxTransaction>;\n cancel: (options?: CancelOptions) => Promise<IdxTransaction>;\n getFlow(): FlowIdentifier | undefined;\n setFlow(flow: FlowIdentifier): void;\n\n // call `start` instead of `startTransaction`. `startTransaction` will be removed in next major version (7.0)\n startTransaction: (options?: StartOptions) => Promise<IdxTransaction>;\n\n // redirect callbacks\n isInteractionRequired: (hashOrSearch?: string) => boolean;\n isInteractionRequiredError: (error: Error) => boolean; \n handleInteractionCodeRedirect: (url: string) => Promise<void>;\n isEmailVerifyCallback: (search: string) => boolean;\n parseEmailVerifyCallback: (search: string) => EmailVerifyCallbackResponse;\n handleEmailVerifyCallback: (search: string) => Promise<IdxTransaction | undefined>;\n isEmailVerifyCallbackError: (error: Error) => boolean;\n\n // transaction meta\n getSavedTransactionMeta: (options?: IdxTransactionMetaOptions) => IdxTransactionMeta | undefined;\n createTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n getTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n saveTransactionMeta: (meta: unknown) => void;\n clearTransactionMeta: () => void;\n isTransactionMetaValid: (meta: unknown) => boolean;\n}\n\nexport interface IdxTransactionManagerInterface extends TransactionManagerInterface {\n saveIdxResponse(data: SavedIdxResponse): void;\n loadIdxResponse(options?: IntrospectOptions): SavedIdxResponse | null;\n clearIdxResponse(): void;\n}\n\nexport type IdxTransactionManagerConstructor = TransactionManagerConstructor<IdxTransactionManagerInterface>;\n\nexport interface WebauthnAPI {\n getAssertion(credential: PublicKeyCredential): WebauthnVerificationValues;\n getAttestation(credential: PublicKeyCredential): WebauthnEnrollValues;\n buildCredentialRequestOptions(\n challengeData: ChallengeData, authenticatorEnrollments: IdxAuthenticator[]\n ): CredentialRequestOptions;\n buildCredentialCreationOptions(\n activationData: ActivationData, authenticatorEnrollments: IdxAuthenticator[]\n ): CredentialCreationOptions;\n}\n\nexport interface OktaAuthIdxInterface\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface\n>\n extends OktaAuthOAuthInterface<M, S, O, TM>\n{\n idx: IdxAPI;\n}\n\nexport interface OktaAuthIdxConstructor\n<\n I extends OktaAuthIdxInterface = OktaAuthIdxInterface\n>\n extends OktaAuthConstructor<I>\n{\n new(...args: any[]): I;\n webauthn: WebauthnAPI;\n}\n\n"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,GAVA,IAyDYA,SAAS;AAAA;AAAA,WAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;AAAA,GAATA,SAAS,yBAATA,SAAS;AAAA,IAQTC,gBAAgB;AAAA;AAAA,WAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;AAAA,GAAhBA,gBAAgB,gCAAhBA,gBAAgB;AAAA,IAmDhBC,UAAU;AAAA;AAAA,WAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;AAAA,GAAVA,UAAU,0BAAVA,UAAU;AAsCf,SAASC,eAAe,CAACC,GAAQ,EAAwB;EAC9D,OAAOA,GAAG,KAAKA,GAAG,CAACC,GAAG,IAAID,GAAG,CAACE,EAAE,CAAC;AACnC"}
package/cjs/oidc/TokenManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"TokenManager.js","names":["DEFAULT_OPTIONS","autoRenew","autoRemove","syncStorage","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","defaultState","expireTimeouts","renewPromise","TokenManager","on","event","handler","context","emitter","off","constructor","sdk","options","AuthSdkError","Object","assign","removeNils","isLocalhost","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","useSeparateCookies","clock","SdkClock","create","state","start","setExpireEventTimeoutAll","started","stop","clearExpireEventTimeoutAll","isStarted","getOptions","clone","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","EVENT_EXPIRED","emitRenewed","freshToken","oldToken","EVENT_RENEWED","emitAdded","EVENT_ADDED","emitRemoved","EVENT_REMOVED","emitError","error","EVENT_ERROR","clearExpireEventTimeout","clearTimeout","prototype","hasOwnProperty","call","setExpireEventTimeout","isRefreshToken","expireEventWait","Math","max","expireEventTimeout","setTimeout","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","validateToken","setStorage","emitSetStorageEvent","getSync","get","getTokensSync","tokens","keys","forEach","isAccessToken","accessToken","isIDToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","filter","getTokenType","isIE11OrLess","EVENT_SET_STORAGE","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","reduce","newToken","existingToken","remove","removedToken","renewToken","renew","e","Promise","reject","renewTokens","then","tokenType","catch","err","tokenKey","finally","clear","clearStorage","removedTokens","pendingRemove","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","removeRefreshToken","addPendingRemoveFlags"],"sources":["../../../lib/oidc/TokenManager.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from '../util';\nimport { AuthSdkError } from '../errors';\nimport { validateToken } from '../oidc/util';\nimport { isLocalhost, isIE11OrLess } from '../features';\nimport SdkClock from '../clock';\nimport {\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n TokenManagerErrorEventHandler,\n TokenManagerSetStorageEventHandler,\n TokenManagerRenewEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken,\n AccessTokenCallback,\n IDTokenCallback,\n RefreshTokenCallback,\n EVENT_RENEWED,\n EVENT_ADDED,\n EVENT_ERROR,\n EVENT_EXPIRED,\n EVENT_REMOVED,\n EVENT_SET_STORAGE,\n TokenManagerAnyEventHandler,\n TokenManagerAnyEvent,\n OktaAuthOAuthInterface\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY, TOKEN_STORAGE_NAME } from '../constants';\nimport { EventEmitter } from '../base/types';\nimport { StorageOptions, StorageProvider, StorageType } from '../storage/types';\n\nconst DEFAULT_OPTIONS = {\n // TODO: remove in next major version - OKTA-473815\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n // --- //\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME\n};\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token | undefined> | null;\n started?: boolean;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuthOAuthInterface;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n\n on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler: TokenManagerEventHandler, context?: object): void;\n on(event: TokenManagerAnyEvent, handler: TokenManagerAnyEventHandler, context?: object): void {\n if (context) {\n this.emitter.on(event, handler, context);\n } else {\n this.emitter.on(event, handler);\n }\n }\n\n off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler?: TokenManagerEventHandler): void;\n off(event: TokenManagerAnyEvent, handler?: TokenManagerAnyEventHandler): void {\n if (handler) {\n this.emitter.off(event, handler);\n } else {\n this.emitter.off(event);\n }\n }\n\n // eslint-disable-next-line complexity\n constructor(sdk: OktaAuthOAuthInterface, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n \n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n }\n\n start() {\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.setExpireEventTimeoutAll();\n this.state.started = true;\n }\n \n stop() {\n this.clearExpireEventTimeoutAll();\n this.state.started = false;\n }\n\n isStarted() {\n return !!this.state.started;\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n var expireTime = token.expiresAt - expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key): Token {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key): Promise<Token> {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n // for synchronization of LocalStorage cross tabs for IE11\n private emitSetStorageEvent() {\n if (isIE11OrLess()) {\n const storage = this.storage.getStorage();\n this.emitter.emit(EVENT_SET_STORAGE, storage);\n }\n }\n\n // used in `SyncStorageService` for synchronization of LocalStorage cross tabs for IE11\n public getStorage() {\n return this.storage;\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: AccessTokenCallback, \n idTokenCb?: IDTokenCallback,\n refreshTokenCb?: RefreshTokenCallback\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n this.emitSetStorageEvent();\n\n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token?.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token | undefined> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n \n try {\n var token = this.getSync(key);\n if (!token) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n } catch (e) {\n return Promise.reject(e);\n }\n \n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n const renewPromise = this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token from storage and emit error\n this.remove(key);\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return renewPromise;\n }\n \n clear() {\n const tokens = this.getTokensSync();\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n this.emitSetStorageEvent();\n\n Object.keys(tokens).forEach(key => {\n this.emitRemoved(key, tokens[key]);\n });\n }\n\n clearPendingRemoveTokens() {\n const tokenStorage = this.storage.getStorage();\n const removedTokens = {};\n Object.keys(tokenStorage).forEach(key => {\n if (tokenStorage[key].pendingRemove) {\n removedTokens[key] = tokenStorage[key];\n delete tokenStorage[key];\n }\n });\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n Object.keys(removedTokens).forEach(key => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, removedTokens[key]);\n });\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n }\n\n removeRefreshToken () {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n this.remove(key);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n"],"mappings":";;;;AAYA;AACA;AACA;AACA;AACA;AACA;AA2BA;AA5CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAqCA,MAAMA,eAAe,GAAG;EACtB;EACAC,SAAS,EAAE,IAAI;EACfC,UAAU,EAAE,IAAI;EAChBC,WAAW,EAAE,IAAI;EACjB;EACAC,wBAAwB,EAAE,IAAI;EAC9BC,OAAO,EAAEC,SAAS;EAAE;EACpBC,kBAAkB,EAAE,EAAE;EACtBC,UAAU,EAAEC;AACd,CAAC;AAOD,SAASC,YAAY,GAAsB;EACzC,OAAO;IACLC,cAAc,EAAE,CAAC,CAAC;IAClBC,YAAY,EAAE;EAChB,CAAC;AACH;AACO,MAAMC,YAAY,CAAkC;EAazDC,EAAE,CAACC,KAA2B,EAAEC,OAAoC,EAAEC,OAAgB,EAAQ;IAC5F,IAAIA,OAAO,EAAE;MACX,IAAI,CAACC,OAAO,CAACJ,EAAE,CAACC,KAAK,EAAEC,OAAO,EAAEC,OAAO,CAAC;IAC1C,CAAC,MAAM;MACL,IAAI,CAACC,OAAO,CAACJ,EAAE,CAACC,KAAK,EAAEC,OAAO,CAAC;IACjC;EACF;EAOAG,GAAG,CAACJ,KAA2B,EAAEC,OAAqC,EAAQ;IAC5E,IAAIA,OAAO,EAAE;MACX,IAAI,CAACE,OAAO,CAACC,GAAG,CAACJ,KAAK,EAAEC,OAAO,CAAC;IAClC,CAAC,MAAM;MACL,IAAI,CAACE,OAAO,CAACC,GAAG,CAACJ,KAAK,CAAC;IACzB;EACF;;EAEA;EACAK,WAAW,CAACC,GAA2B,EAAEC,OAA4B,GAAG,CAAC,CAAC,EAAE;IAC1E,IAAI,CAACD,GAAG,GAAGA,GAAG;IACd,IAAI,CAACH,OAAO,GAAIG,GAAG,CAASH,OAAO;IACnC,IAAI,CAAC,IAAI,CAACA,OAAO,EAAE;MACjB,MAAM,IAAIK,oBAAY,CAAC,mDAAmD,CAAC;IAC7E;IAEAD,OAAO,GAAGE,MAAM,CAACC,MAAM,CAAC,CAAC,CAAC,EAAEzB,eAAe,EAAE,IAAA0B,gBAAU,EAACJ,OAAO,CAAC,CAAC;IACjE,IAAI,CAAC,IAAAK,qBAAW,GAAE,EAAE;MAClBL,OAAO,CAACf,kBAAkB,GAAGP,eAAe,CAACO,kBAAkB;IACjE;IAEA,IAAI,CAACe,OAAO,GAAGA,OAAO;IAEtB,MAAMM,cAA8B,GAAG,IAAAF,gBAAU,EAAC;MAChDlB,UAAU,EAAEc,OAAO,CAACd,UAAU;MAC9BqB,MAAM,EAAEP,OAAO,CAACO;IAClB,CAAC,CAAC;IACF,IAAI,OAAOP,OAAO,CAACjB,OAAO,KAAK,QAAQ,EAAE;MACvC;MACAuB,cAAc,CAACE,eAAe,GAAGR,OAAO,CAACjB,OAAO;IAClD,CAAC,MAAM,IAAIiB,OAAO,CAACjB,OAAO,EAAE;MAC1BuB,cAAc,CAACG,WAAW,GAAGT,OAAO,CAACjB,OAAsB;IAC7D;IAEA,IAAI,CAACA,OAAO,GAAGgB,GAAG,CAACW,cAAc,CAACC,eAAe,CAAC;MAAC,GAAGL,cAAc;MAAEM,kBAAkB,EAAE;IAAI,CAAC,CAAC;IAChG,IAAI,CAACC,KAAK,GAAGC,cAAQ,CAACC,MAAM,EAAoB;IAChD,IAAI,CAACC,KAAK,GAAG5B,YAAY,EAAE;EAC7B;EAEA6B,KAAK,GAAG;IACN,IAAI,IAAI,CAACjB,OAAO,CAAClB,wBAAwB,EAAE;MACzC,IAAI,CAACA,wBAAwB,EAAE;IACjC;IACA,IAAI,CAACoC,wBAAwB,EAAE;IAC/B,IAAI,CAACF,KAAK,CAACG,OAAO,GAAG,IAAI;EAC3B;EAEAC,IAAI,GAAG;IACL,IAAI,CAACC,0BAA0B,EAAE;IACjC,IAAI,CAACL,KAAK,CAACG,OAAO,GAAG,KAAK;EAC5B;EAEAG,SAAS,GAAG;IACV,OAAO,CAAC,CAAC,IAAI,CAACN,KAAK,CAACG,OAAO;EAC7B;EAEAI,UAAU,GAAwB;IAChC,OAAO,IAAAC,WAAK,EAAC,IAAI,CAACxB,OAAO,CAAC;EAC5B;EAEAyB,aAAa,CAACC,KAAK,EAAE;IACnB,MAAMzC,kBAAkB,GAAG,IAAI,CAACe,OAAO,CAACf,kBAAkB,IAAI,CAAC;IAC/D,IAAI0C,UAAU,GAAGD,KAAK,CAACE,SAAS,GAAG3C,kBAAkB;IACrD,OAAO0C,UAAU;EACnB;EAEAE,UAAU,CAACH,KAAK,EAAE;IAChB,IAAIC,UAAU,GAAG,IAAI,CAACF,aAAa,CAACC,KAAK,CAAC;IAC1C,OAAOC,UAAU,IAAI,IAAI,CAACd,KAAK,CAACiB,GAAG,EAAE;EACvC;EAEAC,WAAW,CAACC,GAAG,EAAEN,KAAK,EAAE;IACtB,IAAI,CAAC9B,OAAO,CAACqC,IAAI,CAACC,oBAAa,EAAEF,GAAG,EAAEN,KAAK,CAAC;EAC9C;EAEAS,WAAW,CAACH,GAAG,EAAEI,UAAU,EAAEC,QAAQ,EAAE;IACrC,IAAI,CAACzC,OAAO,CAACqC,IAAI,CAACK,oBAAa,EAAEN,GAAG,EAAEI,UAAU,EAAEC,QAAQ,CAAC;EAC7D;EAEAE,SAAS,CAACP,GAAG,EAAEN,KAAK,EAAE;IACpB,IAAI,CAAC9B,OAAO,CAACqC,IAAI,CAACO,kBAAW,EAAER,GAAG,EAAEN,KAAK,CAAC;EAC5C;EAEAe,WAAW,CAACT,GAAG,EAAEN,KAAM,EAAE;IACvB,IAAI,CAAC9B,OAAO,CAACqC,IAAI,CAACS,oBAAa,EAAEV,GAAG,EAAEN,KAAK,CAAC;EAC9C;EAEAiB,SAAS,CAACC,KAAK,EAAE;IACf,IAAI,CAAChD,OAAO,CAACqC,IAAI,CAACY,kBAAW,EAAED,KAAK,CAAC;EACvC;EAEAE,uBAAuB,CAACd,GAAG,EAAE;IAC3Be,YAAY,CAAC,IAAI,CAAC/B,KAAK,CAAC3B,cAAc,CAAC2C,GAAG,CAAC,CAAQ;IACnD,OAAO,IAAI,CAAChB,KAAK,CAAC3B,cAAc,CAAC2C,GAAG,CAAC;;IAErC;IACA,IAAI,CAAChB,KAAK,CAAC1B,YAAY,GAAG,IAAI;EAChC;EAEA+B,0BAA0B,GAAG;IAC3B,IAAIhC,cAAc,GAAG,IAAI,CAAC2B,KAAK,CAAC3B,cAAc;IAC9C,KAAK,IAAI2C,GAAG,IAAI3C,cAAc,EAAE;MAC9B,IAAI,CAACa,MAAM,CAAC8C,SAAS,CAACC,cAAc,CAACC,IAAI,CAAC7D,cAAc,EAAE2C,GAAG,CAAC,EAAE;QAC9D;MACF;MACA,IAAI,CAACc,uBAAuB,CAACd,GAAG,CAAC;IACnC;EACF;EAEAmB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,EAAE;IAChC,IAAI,IAAA0B,qBAAc,EAAC1B,KAAK,CAAC,EAAE;MACzB;IACF;IAEA,IAAIC,UAAU,GAAG,IAAI,CAACF,aAAa,CAACC,KAAK,CAAC;IAC1C,IAAI2B,eAAe,GAAGC,IAAI,CAACC,GAAG,CAAC5B,UAAU,GAAG,IAAI,CAACd,KAAK,CAACiB,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI;;IAEvE;IACA,IAAI,CAACgB,uBAAuB,CAACd,GAAG,CAAC;IAEjC,IAAIwB,kBAAkB,GAAGC,UAAU,CAAC,MAAM;MACxC,IAAI,CAAC1B,WAAW,CAACC,GAAG,EAAEN,KAAK,CAAC;IAC9B,CAAC,EAAE2B,eAAe,CAAC;;IAEnB;IACA,IAAI,CAACrC,KAAK,CAAC3B,cAAc,CAAC2C,GAAG,CAAC,GAAGwB,kBAAkB;EACrD;EAEAtC,wBAAwB,GAAG;IACzB,IAAIwC,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,KAAI,IAAI3B,GAAG,IAAI0B,YAAY,EAAE;MAC3B,IAAI,CAACxD,MAAM,CAAC8C,SAAS,CAACC,cAAc,CAACC,IAAI,CAACQ,YAAY,EAAE1B,GAAG,CAAC,EAAE;QAC5D;MACF;MACA,IAAIN,KAAK,GAAGgC,YAAY,CAAC1B,GAAG,CAAC;MAC7B,IAAI,CAACmB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;IACxC;EACF;;EAEA;EACAkC,0BAA0B,GAAG;IAC3B,IAAI,CAACvC,0BAA0B,EAAE;IACjC,IAAI,CAACH,wBAAwB,EAAE;EACjC;EAEA2C,GAAG,CAAC7B,GAAG,EAAEN,KAAY,EAAE;IACrB,IAAIgC,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,IAAAG,oBAAa,EAACpC,KAAK,CAAC;IACpBgC,YAAY,CAAC1B,GAAG,CAAC,GAAGN,KAAK;IACzB,IAAI,CAAC3C,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;IAC1B,IAAI,CAACzB,SAAS,CAACP,GAAG,EAAEN,KAAK,CAAC;IAC1B,IAAI,CAACyB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;EACxC;EAEAuC,OAAO,CAACjC,GAAG,EAAS;IAClB,IAAI0B,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,OAAOD,YAAY,CAAC1B,GAAG,CAAC;EAC1B;EAEA,MAAMkC,GAAG,CAAClC,GAAG,EAAkB;IAC7B,OAAO,IAAI,CAACiC,OAAO,CAACjC,GAAG,CAAC;EAC1B;EAEAmC,aAAa,GAAW;IACtB,MAAMC,MAAM,GAAG,CAAC,CAAW;IAC3B,MAAMV,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC9CzD,MAAM,CAACmE,IAAI,CAACX,YAAY,CAAC,CAACY,OAAO,CAACtC,GAAG,IAAI;MACvC,MAAMN,KAAK,GAAGgC,YAAY,CAAC1B,GAAG,CAAC;MAC/B,IAAI,IAAAuC,oBAAa,EAAC7C,KAAK,CAAC,EAAE;QACxB0C,MAAM,CAACI,WAAW,GAAG9C,KAAK;MAC5B,CAAC,MAAM,IAAI,IAAA+C,gBAAS,EAAC/C,KAAK,CAAC,EAAE;QAC3B0C,MAAM,CAACM,OAAO,GAAGhD,KAAK;MACxB,CAAC,MAAM,IAAI,IAAA0B,qBAAc,EAAC1B,KAAK,CAAC,EAAE;QAChC0C,MAAM,CAACO,YAAY,GAAGjD,KAAK;MAC7B;IACF,CAAC,CAAC;IACF,OAAO0C,MAAM;EACf;EAEA,MAAMQ,SAAS,GAAoB;IACjC,OAAO,IAAI,CAACT,aAAa,EAAE;EAC7B;EAEAU,mBAAmB,CAACC,IAAe,EAAU;IAC3C,MAAMpB,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC9C,MAAM3B,GAAG,GAAG9B,MAAM,CAACmE,IAAI,CAACX,YAAY,CAAC,CAACqB,MAAM,CAAC/C,GAAG,IAAI;MAClD,MAAMN,KAAK,GAAGgC,YAAY,CAAC1B,GAAG,CAAC;MAC/B,OAAQ,IAAAuC,oBAAa,EAAC7C,KAAK,CAAC,IAAIoD,IAAI,KAAK,aAAa,IAChD,IAAAL,gBAAS,EAAC/C,KAAK,CAAC,IAAIoD,IAAI,KAAK,SAAU,IACvC,IAAA1B,qBAAc,EAAC1B,KAAK,CAAC,IAAIoD,IAAI,KAAK,cAAe;IACzD,CAAC,CAAC,CAAC,CAAC,CAAC;IACL,OAAO9C,GAAG;EACZ;EAEQgD,YAAY,CAACtD,KAAY,EAAa;IAC5C,IAAI,IAAA6C,oBAAa,EAAC7C,KAAK,CAAC,EAAE;MACxB,OAAO,aAAa;IACtB;IACA,IAAI,IAAA+C,gBAAS,EAAC/C,KAAK,CAAC,EAAE;MACpB,OAAO,SAAS;IAClB;IACA,IAAG,IAAA0B,qBAAc,EAAC1B,KAAK,CAAC,EAAE;MACxB,OAAO,cAAc;IACvB;IACA,MAAM,IAAIzB,oBAAY,CAAC,oBAAoB,CAAC;EAC9C;;EAEA;EACQ+D,mBAAmB,GAAG;IAC5B,IAAI,IAAAiB,sBAAY,GAAE,EAAE;MAClB,MAAMlG,OAAO,GAAG,IAAI,CAACA,OAAO,CAAC4E,UAAU,EAAE;MACzC,IAAI,CAAC/D,OAAO,CAACqC,IAAI,CAACiD,wBAAiB,EAAEnG,OAAO,CAAC;IAC/C;EACF;;EAEA;EACO4E,UAAU,GAAG;IAClB,OAAO,IAAI,CAAC5E,OAAO;EACrB;EAEAoG,SAAS,CACPf,MAAc;EACd;EACAgB,aAAmC,EACnCC,SAA2B,EAC3BC,cAAqC,EAC/B;IACN,MAAMC,mBAAmB,GAAG,CAACvD,GAAG,EAAEN,KAAK,KAAK;MAC1C,MAAMoD,IAAI,GAAG,IAAI,CAACE,YAAY,CAACtD,KAAK,CAAC;MACrC,IAAIoD,IAAI,KAAK,aAAa,EAAE;QAC1BM,aAAa,IAAIA,aAAa,CAACpD,GAAG,EAAEN,KAAK,CAAC;MAC5C,CAAC,MAAM,IAAIoD,IAAI,KAAK,SAAS,EAAE;QAC7BO,SAAS,IAAIA,SAAS,CAACrD,GAAG,EAAEN,KAAK,CAAC;MACpC,CAAC,MAAM,IAAIoD,IAAI,KAAK,cAAc,EAAE;QAClCQ,cAAc,IAAIA,cAAc,CAACtD,GAAG,EAAEN,KAAK,CAAC;MAC9C;IACF,CAAC;IACD,MAAM8D,WAAW,GAAG,CAACxD,GAAG,EAAEN,KAAK,KAAK;MAClC,IAAI,CAACa,SAAS,CAACP,GAAG,EAAEN,KAAK,CAAC;MAC1B,IAAI,CAACyB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;MACtC6D,mBAAmB,CAACvD,GAAG,EAAEN,KAAK,CAAC;IACjC,CAAC;IACD,MAAM+D,aAAa,GAAG,CAACzD,GAAG,EAAEN,KAAK,EAAEW,QAAQ,KAAK;MAC9C,IAAI,CAACF,WAAW,CAACH,GAAG,EAAEN,KAAK,EAAEW,QAAQ,CAAC;MACtC,IAAI,CAACS,uBAAuB,CAACd,GAAG,CAAC;MACjC,IAAI,CAACmB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;MACtC6D,mBAAmB,CAACvD,GAAG,EAAEN,KAAK,CAAC;IACjC,CAAC;IACD,MAAMgE,aAAa,GAAG,CAAC1D,GAAG,EAAEN,KAAK,KAAK;MACpC,IAAI,CAACoB,uBAAuB,CAACd,GAAG,CAAC;MACjC,IAAI,CAACS,WAAW,CAACT,GAAG,EAAEN,KAAK,CAAC;MAC5B6D,mBAAmB,CAACvD,GAAG,EAAEN,KAAK,CAAC;IACjC,CAAC;IAED,MAAMiE,KAAkB,GAAG,CAAC,SAAS,EAAE,aAAa,EAAE,cAAc,CAAC;IACrE,MAAMC,cAAc,GAAG,IAAI,CAACzB,aAAa,EAAE;;IAE3C;IACAwB,KAAK,CAACrB,OAAO,CAAEQ,IAAI,IAAK;MACtB,MAAMpD,KAAK,GAAG0C,MAAM,CAACU,IAAI,CAAC;MAC1B,IAAIpD,KAAK,EAAE;QACT,IAAAoC,oBAAa,EAACpC,KAAK,EAAEoD,IAAI,CAAC;MAC5B;IACF,CAAC,CAAC;;IAEF;IACA,MAAM/F,OAAO,GAAG4G,KAAK,CAACE,MAAM,CAAC,CAAC9G,OAAO,EAAE+F,IAAI,KAAK;MAC9C,MAAMpD,KAAK,GAAG0C,MAAM,CAACU,IAAI,CAAC;MAC1B,IAAIpD,KAAK,EAAE;QACT,MAAMxC,UAAU,GAAG,IAAI,CAAC2F,mBAAmB,CAACC,IAAI,CAAC,IAAIA,IAAI;QACzD/F,OAAO,CAACG,UAAU,CAAC,GAAGwC,KAAK;MAC7B;MACA,OAAO3C,OAAO;IAChB,CAAC,EAAE,CAAC,CAAC,CAAC;IACN,IAAI,CAACA,OAAO,CAACgF,UAAU,CAAChF,OAAO,CAAC;IAChC,IAAI,CAACiF,mBAAmB,EAAE;;IAE1B;IACA2B,KAAK,CAACrB,OAAO,CAACQ,IAAI,IAAI;MACpB,MAAMgB,QAAQ,GAAG1B,MAAM,CAACU,IAAI,CAAC;MAC7B,MAAMiB,aAAa,GAAGH,cAAc,CAACd,IAAI,CAAC;MAC1C,MAAM5F,UAAU,GAAG,IAAI,CAAC2F,mBAAmB,CAACC,IAAI,CAAC,IAAIA,IAAI;MACzD,IAAIgB,QAAQ,IAAIC,aAAa,EAAE;QAAE;QAC/B;QACAL,aAAa,CAACxG,UAAU,EAAE6G,aAAa,CAAC;QACxCP,WAAW,CAACtG,UAAU,EAAE4G,QAAQ,CAAC;QACjCL,aAAa,CAACvG,UAAU,EAAE4G,QAAQ,EAAEC,aAAa,CAAC;MACpD,CAAC,MAAM,IAAID,QAAQ,EAAE;QAAE;QACrBN,WAAW,CAACtG,UAAU,EAAE4G,QAAQ,CAAC;MACnC,CAAC,MAAM,IAAIC,aAAa,EAAE;QAAE;QAC1BL,aAAa,CAACxG,UAAU,EAAE6G,aAAa,CAAC;MAC1C;IACF,CAAC,CAAC;EACJ;EAEAC,MAAM,CAAChE,GAAG,EAAE;IACV;IACA,IAAI,CAACc,uBAAuB,CAACd,GAAG,CAAC;IAEjC,IAAI0B,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,IAAIsC,YAAY,GAAGvC,YAAY,CAAC1B,GAAG,CAAC;IACpC,OAAO0B,YAAY,CAAC1B,GAAG,CAAC;IACxB,IAAI,CAACjD,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;IAE1B,IAAI,CAACvB,WAAW,CAACT,GAAG,EAAEiE,YAAY,CAAC;EACrC;;EAEA;EACA,MAAMC,UAAU,CAACxE,KAAK,EAAE;IAAA;IACtB,0BAAO,IAAI,CAAC3B,GAAG,CAAC2B,KAAK,oDAAd,gBAAgByE,KAAK,CAACzE,KAAK,CAAC;EACrC;EACA;EACAoC,aAAa,CAACpC,KAAY,EAAE;IAC1B,OAAO,IAAAoC,oBAAa,EAACpC,KAAK,CAAC;EAC7B;;EAEA;EACAyE,KAAK,CAACnE,GAAG,EAA8B;IACrC;IACA,IAAI,IAAI,CAAChB,KAAK,CAAC1B,YAAY,EAAE;MAC3B,OAAO,IAAI,CAAC0B,KAAK,CAAC1B,YAAY;IAChC;IAEA,IAAI;MACF,IAAIoC,KAAK,GAAG,IAAI,CAACuC,OAAO,CAACjC,GAAG,CAAC;MAC7B,IAAI,CAACN,KAAK,EAAE;QACV,MAAM,IAAIzB,oBAAY,CAAC,6CAA6C,GAAG+B,GAAG,CAAC;MAC7E;IACF,CAAC,CAAC,OAAOoE,CAAC,EAAE;MACV,OAAOC,OAAO,CAACC,MAAM,CAACF,CAAC,CAAC;IAC1B;;IAEA;IACA,IAAI,CAACtD,uBAAuB,CAACd,GAAG,CAAC;;IAEjC;IACA;IACA,MAAM1C,YAAY,GAAG,IAAI,CAAC0B,KAAK,CAAC1B,YAAY,GAAG,IAAI,CAACS,GAAG,CAAC2B,KAAK,CAAC6E,WAAW,EAAE,CACxEC,IAAI,CAACpC,MAAM,IAAI;MACd,IAAI,CAACe,SAAS,CAACf,MAAM,CAAC;;MAEtB;MACA,MAAMqC,SAAS,GAAG,IAAI,CAACzB,YAAY,CAACtD,KAAK,CAAC;MAC1C,OAAO0C,MAAM,CAACqC,SAAS,CAAC;IAC1B,CAAC,CAAC,CACDC,KAAK,CAACC,GAAG,IAAI;MACZ;MACA,IAAI,CAACX,MAAM,CAAChE,GAAG,CAAC;MAChB2E,GAAG,CAACC,QAAQ,GAAG5E,GAAG;MAClB,IAAI,CAACW,SAAS,CAACgE,GAAG,CAAC;MACnB,MAAMA,GAAG;IACX,CAAC,CAAC,CACDE,OAAO,CAAC,MAAM;MACb;MACA,IAAI,CAAC7F,KAAK,CAAC1B,YAAY,GAAG,IAAI;IAChC,CAAC,CAAC;IAEJ,OAAOA,YAAY;EACrB;EAEAwH,KAAK,GAAG;IACN,MAAM1C,MAAM,GAAG,IAAI,CAACD,aAAa,EAAE;IACnC,IAAI,CAAC9C,0BAA0B,EAAE;IACjC,IAAI,CAACtC,OAAO,CAACgI,YAAY,EAAE;IAC3B,IAAI,CAAC/C,mBAAmB,EAAE;IAE1B9D,MAAM,CAACmE,IAAI,CAACD,MAAM,CAAC,CAACE,OAAO,CAACtC,GAAG,IAAI;MACjC,IAAI,CAACS,WAAW,CAACT,GAAG,EAAEoC,MAAM,CAACpC,GAAG,CAAC,CAAC;IACpC,CAAC,CAAC;EACJ;EAEAlD,wBAAwB,GAAG;IACzB,MAAM4E,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC9C,MAAMqD,aAAa,GAAG,CAAC,CAAC;IACxB9G,MAAM,CAACmE,IAAI,CAACX,YAAY,CAAC,CAACY,OAAO,CAACtC,GAAG,IAAI;MACvC,IAAI0B,YAAY,CAAC1B,GAAG,CAAC,CAACiF,aAAa,EAAE;QACnCD,aAAa,CAAChF,GAAG,CAAC,GAAG0B,YAAY,CAAC1B,GAAG,CAAC;QACtC,OAAO0B,YAAY,CAAC1B,GAAG,CAAC;MAC1B;IACF,CAAC,CAAC;IACF,IAAI,CAACjD,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;IAC1B9D,MAAM,CAACmE,IAAI,CAAC2C,aAAa,CAAC,CAAC1C,OAAO,CAACtC,GAAG,IAAI;MACxC,IAAI,CAACc,uBAAuB,CAACd,GAAG,CAAC;MACjC,IAAI,CAACS,WAAW,CAACT,GAAG,EAAEgF,aAAa,CAAChF,GAAG,CAAC,CAAC;IAC3C,CAAC,CAAC;EACJ;EAEAkF,kBAAkB,CAACxF,KAAmB,EAAE;IACtC,MAAMM,GAAG,GAAG,IAAI,CAAC6C,mBAAmB,CAAC,cAAc,CAAC,IAAIsC,oCAAyB;;IAEjF;IACA,IAAIzD,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,IAAAG,oBAAa,EAACpC,KAAK,CAAC;IACpBgC,YAAY,CAAC1B,GAAG,CAAC,GAAGN,KAAK;IACzB,IAAI,CAAC3C,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;EAC5B;EAEAoD,kBAAkB,GAAI;IACpB,MAAMpF,GAAG,GAAG,IAAI,CAAC6C,mBAAmB,CAAC,cAAc,CAAC,IAAIsC,oCAAyB;IACjF,IAAI,CAACnB,MAAM,CAAChE,GAAG,CAAC;EAClB;EAEAqF,qBAAqB,GAAG;IACtB,MAAMjD,MAAM,GAAG,IAAI,CAACD,aAAa,EAAE;IACnCjE,MAAM,CAACmE,IAAI,CAACD,MAAM,CAAC,CAACE,OAAO,CAACtC,GAAG,IAAI;MACjCoC,MAAM,CAACpC,GAAG,CAAC,CAACiF,aAAa,GAAG,IAAI;IAClC,CAAC,CAAC;IACF,IAAI,CAAC9B,SAAS,CAACf,MAAM,CAAC;EACxB;AAEF;AAAC"}
1
+ {"version":3,"file":"TokenManager.js","names":["DEFAULT_OPTIONS","autoRenew","autoRemove","syncStorage","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","defaultState","expireTimeouts","renewPromise","TokenManager","on","event","handler","context","emitter","off","constructor","sdk","options","AuthSdkError","Object","assign","removeNils","isLocalhost","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","useSeparateCookies","clock","SdkClock","create","state","start","setExpireEventTimeoutAll","started","stop","clearExpireEventTimeoutAll","isStarted","getOptions","clone","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","EVENT_EXPIRED","emitRenewed","freshToken","oldToken","EVENT_RENEWED","emitAdded","EVENT_ADDED","emitRemoved","EVENT_REMOVED","emitError","error","EVENT_ERROR","clearExpireEventTimeout","clearTimeout","prototype","hasOwnProperty","call","setExpireEventTimeout","isRefreshToken","expireEventWait","Math","max","expireEventTimeout","setTimeout","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","validateToken","setStorage","emitSetStorageEvent","getSync","get","getTokensSync","tokens","keys","forEach","isAccessToken","accessToken","isIDToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","filter","getTokenType","isIE11OrLess","EVENT_SET_STORAGE","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","reduce","newToken","existingToken","remove","removedToken","renewToken","renew","e","Promise","reject","renewTokens","then","tokenType","catch","err","tokenKey","finally","clear","clearStorage","removedTokens","pendingRemove","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","removeRefreshToken","addPendingRemoveFlags"],"sources":["../../../lib/oidc/TokenManager.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from '../util';\nimport { AuthSdkError } from '../errors';\nimport { validateToken } from '../oidc/util';\nimport { isLocalhost, isIE11OrLess } from '../features';\nimport SdkClock from '../clock';\nimport {\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n TokenManagerErrorEventHandler,\n TokenManagerSetStorageEventHandler,\n TokenManagerRenewEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken,\n AccessTokenCallback,\n IDTokenCallback,\n RefreshTokenCallback,\n EVENT_RENEWED,\n EVENT_ADDED,\n EVENT_ERROR,\n EVENT_EXPIRED,\n EVENT_REMOVED,\n EVENT_SET_STORAGE,\n TokenManagerAnyEventHandler,\n TokenManagerAnyEvent,\n OktaAuthOAuthInterface\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY, TOKEN_STORAGE_NAME } from '../constants';\nimport { EventEmitter } from '../base/types';\nimport { StorageOptions, StorageProvider, StorageType } from '../storage/types';\n\nconst DEFAULT_OPTIONS = {\n // TODO: remove in next major version - OKTA-473815\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n // --- //\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME\n};\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token | undefined> | null;\n started?: boolean;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuthOAuthInterface;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n\n on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler: TokenManagerEventHandler, context?: object): void;\n on(event: TokenManagerAnyEvent, handler: TokenManagerAnyEventHandler, context?: object): void {\n if (context) {\n this.emitter.on(event, handler, context);\n } else {\n this.emitter.on(event, handler);\n }\n }\n\n off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler?: TokenManagerEventHandler): void;\n off(event: TokenManagerAnyEvent, handler?: TokenManagerAnyEventHandler): void {\n if (handler) {\n this.emitter.off(event, handler);\n } else {\n this.emitter.off(event);\n }\n }\n\n // eslint-disable-next-line complexity\n constructor(sdk: OktaAuthOAuthInterface, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n \n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n }\n\n start() {\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.setExpireEventTimeoutAll();\n this.state.started = true;\n }\n \n stop() {\n this.clearExpireEventTimeoutAll();\n this.state.started = false;\n }\n\n isStarted() {\n return !!this.state.started;\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n var expireTime = token.expiresAt - expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key): Token | undefined {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key): Promise<Token | undefined> {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n // for synchronization of LocalStorage cross tabs for IE11\n private emitSetStorageEvent() {\n if (isIE11OrLess()) {\n const storage = this.storage.getStorage();\n this.emitter.emit(EVENT_SET_STORAGE, storage);\n }\n }\n\n // used in `SyncStorageService` for synchronization of LocalStorage cross tabs for IE11\n public getStorage() {\n return this.storage;\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: AccessTokenCallback, \n idTokenCb?: IDTokenCallback,\n refreshTokenCb?: RefreshTokenCallback\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n this.emitSetStorageEvent();\n\n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token?.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token | undefined> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n \n try {\n var token = this.getSync(key);\n if (!token) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n } catch (e) {\n return Promise.reject(e);\n }\n \n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n const renewPromise = this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token!);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token from storage and emit error\n this.remove(key);\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return renewPromise;\n }\n \n clear() {\n const tokens = this.getTokensSync();\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n this.emitSetStorageEvent();\n\n Object.keys(tokens).forEach(key => {\n this.emitRemoved(key, tokens[key]);\n });\n }\n\n clearPendingRemoveTokens() {\n const tokenStorage = this.storage.getStorage();\n const removedTokens = {};\n Object.keys(tokenStorage).forEach(key => {\n if (tokenStorage[key].pendingRemove) {\n removedTokens[key] = tokenStorage[key];\n delete tokenStorage[key];\n }\n });\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n Object.keys(removedTokens).forEach(key => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, removedTokens[key]);\n });\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n }\n\n removeRefreshToken () {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n this.remove(key);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n"],"mappings":";;;;AAYA;AACA;AACA;AACA;AACA;AACA;AA2BA;AA5CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAqCA,MAAMA,eAAe,GAAG;EACtB;EACAC,SAAS,EAAE,IAAI;EACfC,UAAU,EAAE,IAAI;EAChBC,WAAW,EAAE,IAAI;EACjB;EACAC,wBAAwB,EAAE,IAAI;EAC9BC,OAAO,EAAEC,SAAS;EAAE;EACpBC,kBAAkB,EAAE,EAAE;EACtBC,UAAU,EAAEC;AACd,CAAC;AAOD,SAASC,YAAY,GAAsB;EACzC,OAAO;IACLC,cAAc,EAAE,CAAC,CAAC;IAClBC,YAAY,EAAE;EAChB,CAAC;AACH;AACO,MAAMC,YAAY,CAAkC;EAazDC,EAAE,CAACC,KAA2B,EAAEC,OAAoC,EAAEC,OAAgB,EAAQ;IAC5F,IAAIA,OAAO,EAAE;MACX,IAAI,CAACC,OAAO,CAACJ,EAAE,CAACC,KAAK,EAAEC,OAAO,EAAEC,OAAO,CAAC;IAC1C,CAAC,MAAM;MACL,IAAI,CAACC,OAAO,CAACJ,EAAE,CAACC,KAAK,EAAEC,OAAO,CAAC;IACjC;EACF;EAOAG,GAAG,CAACJ,KAA2B,EAAEC,OAAqC,EAAQ;IAC5E,IAAIA,OAAO,EAAE;MACX,IAAI,CAACE,OAAO,CAACC,GAAG,CAACJ,KAAK,EAAEC,OAAO,CAAC;IAClC,CAAC,MAAM;MACL,IAAI,CAACE,OAAO,CAACC,GAAG,CAACJ,KAAK,CAAC;IACzB;EACF;;EAEA;EACAK,WAAW,CAACC,GAA2B,EAAEC,OAA4B,GAAG,CAAC,CAAC,EAAE;IAC1E,IAAI,CAACD,GAAG,GAAGA,GAAG;IACd,IAAI,CAACH,OAAO,GAAIG,GAAG,CAASH,OAAO;IACnC,IAAI,CAAC,IAAI,CAACA,OAAO,EAAE;MACjB,MAAM,IAAIK,oBAAY,CAAC,mDAAmD,CAAC;IAC7E;IAEAD,OAAO,GAAGE,MAAM,CAACC,MAAM,CAAC,CAAC,CAAC,EAAEzB,eAAe,EAAE,IAAA0B,gBAAU,EAACJ,OAAO,CAAC,CAAC;IACjE,IAAI,CAAC,IAAAK,qBAAW,GAAE,EAAE;MAClBL,OAAO,CAACf,kBAAkB,GAAGP,eAAe,CAACO,kBAAkB;IACjE;IAEA,IAAI,CAACe,OAAO,GAAGA,OAAO;IAEtB,MAAMM,cAA8B,GAAG,IAAAF,gBAAU,EAAC;MAChDlB,UAAU,EAAEc,OAAO,CAACd,UAAU;MAC9BqB,MAAM,EAAEP,OAAO,CAACO;IAClB,CAAC,CAAC;IACF,IAAI,OAAOP,OAAO,CAACjB,OAAO,KAAK,QAAQ,EAAE;MACvC;MACAuB,cAAc,CAACE,eAAe,GAAGR,OAAO,CAACjB,OAAO;IAClD,CAAC,MAAM,IAAIiB,OAAO,CAACjB,OAAO,EAAE;MAC1BuB,cAAc,CAACG,WAAW,GAAGT,OAAO,CAACjB,OAAsB;IAC7D;IAEA,IAAI,CAACA,OAAO,GAAGgB,GAAG,CAACW,cAAc,CAACC,eAAe,CAAC;MAAC,GAAGL,cAAc;MAAEM,kBAAkB,EAAE;IAAI,CAAC,CAAC;IAChG,IAAI,CAACC,KAAK,GAAGC,cAAQ,CAACC,MAAM,EAAoB;IAChD,IAAI,CAACC,KAAK,GAAG5B,YAAY,EAAE;EAC7B;EAEA6B,KAAK,GAAG;IACN,IAAI,IAAI,CAACjB,OAAO,CAAClB,wBAAwB,EAAE;MACzC,IAAI,CAACA,wBAAwB,EAAE;IACjC;IACA,IAAI,CAACoC,wBAAwB,EAAE;IAC/B,IAAI,CAACF,KAAK,CAACG,OAAO,GAAG,IAAI;EAC3B;EAEAC,IAAI,GAAG;IACL,IAAI,CAACC,0BAA0B,EAAE;IACjC,IAAI,CAACL,KAAK,CAACG,OAAO,GAAG,KAAK;EAC5B;EAEAG,SAAS,GAAG;IACV,OAAO,CAAC,CAAC,IAAI,CAACN,KAAK,CAACG,OAAO;EAC7B;EAEAI,UAAU,GAAwB;IAChC,OAAO,IAAAC,WAAK,EAAC,IAAI,CAACxB,OAAO,CAAC;EAC5B;EAEAyB,aAAa,CAACC,KAAK,EAAE;IACnB,MAAMzC,kBAAkB,GAAG,IAAI,CAACe,OAAO,CAACf,kBAAkB,IAAI,CAAC;IAC/D,IAAI0C,UAAU,GAAGD,KAAK,CAACE,SAAS,GAAG3C,kBAAkB;IACrD,OAAO0C,UAAU;EACnB;EAEAE,UAAU,CAACH,KAAK,EAAE;IAChB,IAAIC,UAAU,GAAG,IAAI,CAACF,aAAa,CAACC,KAAK,CAAC;IAC1C,OAAOC,UAAU,IAAI,IAAI,CAACd,KAAK,CAACiB,GAAG,EAAE;EACvC;EAEAC,WAAW,CAACC,GAAG,EAAEN,KAAK,EAAE;IACtB,IAAI,CAAC9B,OAAO,CAACqC,IAAI,CAACC,oBAAa,EAAEF,GAAG,EAAEN,KAAK,CAAC;EAC9C;EAEAS,WAAW,CAACH,GAAG,EAAEI,UAAU,EAAEC,QAAQ,EAAE;IACrC,IAAI,CAACzC,OAAO,CAACqC,IAAI,CAACK,oBAAa,EAAEN,GAAG,EAAEI,UAAU,EAAEC,QAAQ,CAAC;EAC7D;EAEAE,SAAS,CAACP,GAAG,EAAEN,KAAK,EAAE;IACpB,IAAI,CAAC9B,OAAO,CAACqC,IAAI,CAACO,kBAAW,EAAER,GAAG,EAAEN,KAAK,CAAC;EAC5C;EAEAe,WAAW,CAACT,GAAG,EAAEN,KAAM,EAAE;IACvB,IAAI,CAAC9B,OAAO,CAACqC,IAAI,CAACS,oBAAa,EAAEV,GAAG,EAAEN,KAAK,CAAC;EAC9C;EAEAiB,SAAS,CAACC,KAAK,EAAE;IACf,IAAI,CAAChD,OAAO,CAACqC,IAAI,CAACY,kBAAW,EAAED,KAAK,CAAC;EACvC;EAEAE,uBAAuB,CAACd,GAAG,EAAE;IAC3Be,YAAY,CAAC,IAAI,CAAC/B,KAAK,CAAC3B,cAAc,CAAC2C,GAAG,CAAC,CAAQ;IACnD,OAAO,IAAI,CAAChB,KAAK,CAAC3B,cAAc,CAAC2C,GAAG,CAAC;;IAErC;IACA,IAAI,CAAChB,KAAK,CAAC1B,YAAY,GAAG,IAAI;EAChC;EAEA+B,0BAA0B,GAAG;IAC3B,IAAIhC,cAAc,GAAG,IAAI,CAAC2B,KAAK,CAAC3B,cAAc;IAC9C,KAAK,IAAI2C,GAAG,IAAI3C,cAAc,EAAE;MAC9B,IAAI,CAACa,MAAM,CAAC8C,SAAS,CAACC,cAAc,CAACC,IAAI,CAAC7D,cAAc,EAAE2C,GAAG,CAAC,EAAE;QAC9D;MACF;MACA,IAAI,CAACc,uBAAuB,CAACd,GAAG,CAAC;IACnC;EACF;EAEAmB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,EAAE;IAChC,IAAI,IAAA0B,qBAAc,EAAC1B,KAAK,CAAC,EAAE;MACzB;IACF;IAEA,IAAIC,UAAU,GAAG,IAAI,CAACF,aAAa,CAACC,KAAK,CAAC;IAC1C,IAAI2B,eAAe,GAAGC,IAAI,CAACC,GAAG,CAAC5B,UAAU,GAAG,IAAI,CAACd,KAAK,CAACiB,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI;;IAEvE;IACA,IAAI,CAACgB,uBAAuB,CAACd,GAAG,CAAC;IAEjC,IAAIwB,kBAAkB,GAAGC,UAAU,CAAC,MAAM;MACxC,IAAI,CAAC1B,WAAW,CAACC,GAAG,EAAEN,KAAK,CAAC;IAC9B,CAAC,EAAE2B,eAAe,CAAC;;IAEnB;IACA,IAAI,CAACrC,KAAK,CAAC3B,cAAc,CAAC2C,GAAG,CAAC,GAAGwB,kBAAkB;EACrD;EAEAtC,wBAAwB,GAAG;IACzB,IAAIwC,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,KAAI,IAAI3B,GAAG,IAAI0B,YAAY,EAAE;MAC3B,IAAI,CAACxD,MAAM,CAAC8C,SAAS,CAACC,cAAc,CAACC,IAAI,CAACQ,YAAY,EAAE1B,GAAG,CAAC,EAAE;QAC5D;MACF;MACA,IAAIN,KAAK,GAAGgC,YAAY,CAAC1B,GAAG,CAAC;MAC7B,IAAI,CAACmB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;IACxC;EACF;;EAEA;EACAkC,0BAA0B,GAAG;IAC3B,IAAI,CAACvC,0BAA0B,EAAE;IACjC,IAAI,CAACH,wBAAwB,EAAE;EACjC;EAEA2C,GAAG,CAAC7B,GAAG,EAAEN,KAAY,EAAE;IACrB,IAAIgC,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,IAAAG,oBAAa,EAACpC,KAAK,CAAC;IACpBgC,YAAY,CAAC1B,GAAG,CAAC,GAAGN,KAAK;IACzB,IAAI,CAAC3C,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;IAC1B,IAAI,CAACzB,SAAS,CAACP,GAAG,EAAEN,KAAK,CAAC;IAC1B,IAAI,CAACyB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;EACxC;EAEAuC,OAAO,CAACjC,GAAG,EAAqB;IAC9B,IAAI0B,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,OAAOD,YAAY,CAAC1B,GAAG,CAAC;EAC1B;EAEA,MAAMkC,GAAG,CAAClC,GAAG,EAA8B;IACzC,OAAO,IAAI,CAACiC,OAAO,CAACjC,GAAG,CAAC;EAC1B;EAEAmC,aAAa,GAAW;IACtB,MAAMC,MAAM,GAAG,CAAC,CAAW;IAC3B,MAAMV,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC9CzD,MAAM,CAACmE,IAAI,CAACX,YAAY,CAAC,CAACY,OAAO,CAACtC,GAAG,IAAI;MACvC,MAAMN,KAAK,GAAGgC,YAAY,CAAC1B,GAAG,CAAC;MAC/B,IAAI,IAAAuC,oBAAa,EAAC7C,KAAK,CAAC,EAAE;QACxB0C,MAAM,CAACI,WAAW,GAAG9C,KAAK;MAC5B,CAAC,MAAM,IAAI,IAAA+C,gBAAS,EAAC/C,KAAK,CAAC,EAAE;QAC3B0C,MAAM,CAACM,OAAO,GAAGhD,KAAK;MACxB,CAAC,MAAM,IAAI,IAAA0B,qBAAc,EAAC1B,KAAK,CAAC,EAAE;QAChC0C,MAAM,CAACO,YAAY,GAAGjD,KAAK;MAC7B;IACF,CAAC,CAAC;IACF,OAAO0C,MAAM;EACf;EAEA,MAAMQ,SAAS,GAAoB;IACjC,OAAO,IAAI,CAACT,aAAa,EAAE;EAC7B;EAEAU,mBAAmB,CAACC,IAAe,EAAU;IAC3C,MAAMpB,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC9C,MAAM3B,GAAG,GAAG9B,MAAM,CAACmE,IAAI,CAACX,YAAY,CAAC,CAACqB,MAAM,CAAC/C,GAAG,IAAI;MAClD,MAAMN,KAAK,GAAGgC,YAAY,CAAC1B,GAAG,CAAC;MAC/B,OAAQ,IAAAuC,oBAAa,EAAC7C,KAAK,CAAC,IAAIoD,IAAI,KAAK,aAAa,IAChD,IAAAL,gBAAS,EAAC/C,KAAK,CAAC,IAAIoD,IAAI,KAAK,SAAU,IACvC,IAAA1B,qBAAc,EAAC1B,KAAK,CAAC,IAAIoD,IAAI,KAAK,cAAe;IACzD,CAAC,CAAC,CAAC,CAAC,CAAC;IACL,OAAO9C,GAAG;EACZ;EAEQgD,YAAY,CAACtD,KAAY,EAAa;IAC5C,IAAI,IAAA6C,oBAAa,EAAC7C,KAAK,CAAC,EAAE;MACxB,OAAO,aAAa;IACtB;IACA,IAAI,IAAA+C,gBAAS,EAAC/C,KAAK,CAAC,EAAE;MACpB,OAAO,SAAS;IAClB;IACA,IAAG,IAAA0B,qBAAc,EAAC1B,KAAK,CAAC,EAAE;MACxB,OAAO,cAAc;IACvB;IACA,MAAM,IAAIzB,oBAAY,CAAC,oBAAoB,CAAC;EAC9C;;EAEA;EACQ+D,mBAAmB,GAAG;IAC5B,IAAI,IAAAiB,sBAAY,GAAE,EAAE;MAClB,MAAMlG,OAAO,GAAG,IAAI,CAACA,OAAO,CAAC4E,UAAU,EAAE;MACzC,IAAI,CAAC/D,OAAO,CAACqC,IAAI,CAACiD,wBAAiB,EAAEnG,OAAO,CAAC;IAC/C;EACF;;EAEA;EACO4E,UAAU,GAAG;IAClB,OAAO,IAAI,CAAC5E,OAAO;EACrB;EAEAoG,SAAS,CACPf,MAAc;EACd;EACAgB,aAAmC,EACnCC,SAA2B,EAC3BC,cAAqC,EAC/B;IACN,MAAMC,mBAAmB,GAAG,CAACvD,GAAG,EAAEN,KAAK,KAAK;MAC1C,MAAMoD,IAAI,GAAG,IAAI,CAACE,YAAY,CAACtD,KAAK,CAAC;MACrC,IAAIoD,IAAI,KAAK,aAAa,EAAE;QAC1BM,aAAa,IAAIA,aAAa,CAACpD,GAAG,EAAEN,KAAK,CAAC;MAC5C,CAAC,MAAM,IAAIoD,IAAI,KAAK,SAAS,EAAE;QAC7BO,SAAS,IAAIA,SAAS,CAACrD,GAAG,EAAEN,KAAK,CAAC;MACpC,CAAC,MAAM,IAAIoD,IAAI,KAAK,cAAc,EAAE;QAClCQ,cAAc,IAAIA,cAAc,CAACtD,GAAG,EAAEN,KAAK,CAAC;MAC9C;IACF,CAAC;IACD,MAAM8D,WAAW,GAAG,CAACxD,GAAG,EAAEN,KAAK,KAAK;MAClC,IAAI,CAACa,SAAS,CAACP,GAAG,EAAEN,KAAK,CAAC;MAC1B,IAAI,CAACyB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;MACtC6D,mBAAmB,CAACvD,GAAG,EAAEN,KAAK,CAAC;IACjC,CAAC;IACD,MAAM+D,aAAa,GAAG,CAACzD,GAAG,EAAEN,KAAK,EAAEW,QAAQ,KAAK;MAC9C,IAAI,CAACF,WAAW,CAACH,GAAG,EAAEN,KAAK,EAAEW,QAAQ,CAAC;MACtC,IAAI,CAACS,uBAAuB,CAACd,GAAG,CAAC;MACjC,IAAI,CAACmB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;MACtC6D,mBAAmB,CAACvD,GAAG,EAAEN,KAAK,CAAC;IACjC,CAAC;IACD,MAAMgE,aAAa,GAAG,CAAC1D,GAAG,EAAEN,KAAK,KAAK;MACpC,IAAI,CAACoB,uBAAuB,CAACd,GAAG,CAAC;MACjC,IAAI,CAACS,WAAW,CAACT,GAAG,EAAEN,KAAK,CAAC;MAC5B6D,mBAAmB,CAACvD,GAAG,EAAEN,KAAK,CAAC;IACjC,CAAC;IAED,MAAMiE,KAAkB,GAAG,CAAC,SAAS,EAAE,aAAa,EAAE,cAAc,CAAC;IACrE,MAAMC,cAAc,GAAG,IAAI,CAACzB,aAAa,EAAE;;IAE3C;IACAwB,KAAK,CAACrB,OAAO,CAAEQ,IAAI,IAAK;MACtB,MAAMpD,KAAK,GAAG0C,MAAM,CAACU,IAAI,CAAC;MAC1B,IAAIpD,KAAK,EAAE;QACT,IAAAoC,oBAAa,EAACpC,KAAK,EAAEoD,IAAI,CAAC;MAC5B;IACF,CAAC,CAAC;;IAEF;IACA,MAAM/F,OAAO,GAAG4G,KAAK,CAACE,MAAM,CAAC,CAAC9G,OAAO,EAAE+F,IAAI,KAAK;MAC9C,MAAMpD,KAAK,GAAG0C,MAAM,CAACU,IAAI,CAAC;MAC1B,IAAIpD,KAAK,EAAE;QACT,MAAMxC,UAAU,GAAG,IAAI,CAAC2F,mBAAmB,CAACC,IAAI,CAAC,IAAIA,IAAI;QACzD/F,OAAO,CAACG,UAAU,CAAC,GAAGwC,KAAK;MAC7B;MACA,OAAO3C,OAAO;IAChB,CAAC,EAAE,CAAC,CAAC,CAAC;IACN,IAAI,CAACA,OAAO,CAACgF,UAAU,CAAChF,OAAO,CAAC;IAChC,IAAI,CAACiF,mBAAmB,EAAE;;IAE1B;IACA2B,KAAK,CAACrB,OAAO,CAACQ,IAAI,IAAI;MACpB,MAAMgB,QAAQ,GAAG1B,MAAM,CAACU,IAAI,CAAC;MAC7B,MAAMiB,aAAa,GAAGH,cAAc,CAACd,IAAI,CAAC;MAC1C,MAAM5F,UAAU,GAAG,IAAI,CAAC2F,mBAAmB,CAACC,IAAI,CAAC,IAAIA,IAAI;MACzD,IAAIgB,QAAQ,IAAIC,aAAa,EAAE;QAAE;QAC/B;QACAL,aAAa,CAACxG,UAAU,EAAE6G,aAAa,CAAC;QACxCP,WAAW,CAACtG,UAAU,EAAE4G,QAAQ,CAAC;QACjCL,aAAa,CAACvG,UAAU,EAAE4G,QAAQ,EAAEC,aAAa,CAAC;MACpD,CAAC,MAAM,IAAID,QAAQ,EAAE;QAAE;QACrBN,WAAW,CAACtG,UAAU,EAAE4G,QAAQ,CAAC;MACnC,CAAC,MAAM,IAAIC,aAAa,EAAE;QAAE;QAC1BL,aAAa,CAACxG,UAAU,EAAE6G,aAAa,CAAC;MAC1C;IACF,CAAC,CAAC;EACJ;EAEAC,MAAM,CAAChE,GAAG,EAAE;IACV;IACA,IAAI,CAACc,uBAAuB,CAACd,GAAG,CAAC;IAEjC,IAAI0B,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,IAAIsC,YAAY,GAAGvC,YAAY,CAAC1B,GAAG,CAAC;IACpC,OAAO0B,YAAY,CAAC1B,GAAG,CAAC;IACxB,IAAI,CAACjD,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;IAE1B,IAAI,CAACvB,WAAW,CAACT,GAAG,EAAEiE,YAAY,CAAC;EACrC;;EAEA;EACA,MAAMC,UAAU,CAACxE,KAAK,EAAE;IAAA;IACtB,0BAAO,IAAI,CAAC3B,GAAG,CAAC2B,KAAK,oDAAd,gBAAgByE,KAAK,CAACzE,KAAK,CAAC;EACrC;EACA;EACAoC,aAAa,CAACpC,KAAY,EAAE;IAC1B,OAAO,IAAAoC,oBAAa,EAACpC,KAAK,CAAC;EAC7B;;EAEA;EACAyE,KAAK,CAACnE,GAAG,EAA8B;IACrC;IACA,IAAI,IAAI,CAAChB,KAAK,CAAC1B,YAAY,EAAE;MAC3B,OAAO,IAAI,CAAC0B,KAAK,CAAC1B,YAAY;IAChC;IAEA,IAAI;MACF,IAAIoC,KAAK,GAAG,IAAI,CAACuC,OAAO,CAACjC,GAAG,CAAC;MAC7B,IAAI,CAACN,KAAK,EAAE;QACV,MAAM,IAAIzB,oBAAY,CAAC,6CAA6C,GAAG+B,GAAG,CAAC;MAC7E;IACF,CAAC,CAAC,OAAOoE,CAAC,EAAE;MACV,OAAOC,OAAO,CAACC,MAAM,CAACF,CAAC,CAAC;IAC1B;;IAEA;IACA,IAAI,CAACtD,uBAAuB,CAACd,GAAG,CAAC;;IAEjC;IACA;IACA,MAAM1C,YAAY,GAAG,IAAI,CAAC0B,KAAK,CAAC1B,YAAY,GAAG,IAAI,CAACS,GAAG,CAAC2B,KAAK,CAAC6E,WAAW,EAAE,CACxEC,IAAI,CAACpC,MAAM,IAAI;MACd,IAAI,CAACe,SAAS,CAACf,MAAM,CAAC;;MAEtB;MACA,MAAMqC,SAAS,GAAG,IAAI,CAACzB,YAAY,CAACtD,KAAK,CAAE;MAC3C,OAAO0C,MAAM,CAACqC,SAAS,CAAC;IAC1B,CAAC,CAAC,CACDC,KAAK,CAACC,GAAG,IAAI;MACZ;MACA,IAAI,CAACX,MAAM,CAAChE,GAAG,CAAC;MAChB2E,GAAG,CAACC,QAAQ,GAAG5E,GAAG;MAClB,IAAI,CAACW,SAAS,CAACgE,GAAG,CAAC;MACnB,MAAMA,GAAG;IACX,CAAC,CAAC,CACDE,OAAO,CAAC,MAAM;MACb;MACA,IAAI,CAAC7F,KAAK,CAAC1B,YAAY,GAAG,IAAI;IAChC,CAAC,CAAC;IAEJ,OAAOA,YAAY;EACrB;EAEAwH,KAAK,GAAG;IACN,MAAM1C,MAAM,GAAG,IAAI,CAACD,aAAa,EAAE;IACnC,IAAI,CAAC9C,0BAA0B,EAAE;IACjC,IAAI,CAACtC,OAAO,CAACgI,YAAY,EAAE;IAC3B,IAAI,CAAC/C,mBAAmB,EAAE;IAE1B9D,MAAM,CAACmE,IAAI,CAACD,MAAM,CAAC,CAACE,OAAO,CAACtC,GAAG,IAAI;MACjC,IAAI,CAACS,WAAW,CAACT,GAAG,EAAEoC,MAAM,CAACpC,GAAG,CAAC,CAAC;IACpC,CAAC,CAAC;EACJ;EAEAlD,wBAAwB,GAAG;IACzB,MAAM4E,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC9C,MAAMqD,aAAa,GAAG,CAAC,CAAC;IACxB9G,MAAM,CAACmE,IAAI,CAACX,YAAY,CAAC,CAACY,OAAO,CAACtC,GAAG,IAAI;MACvC,IAAI0B,YAAY,CAAC1B,GAAG,CAAC,CAACiF,aAAa,EAAE;QACnCD,aAAa,CAAChF,GAAG,CAAC,GAAG0B,YAAY,CAAC1B,GAAG,CAAC;QACtC,OAAO0B,YAAY,CAAC1B,GAAG,CAAC;MAC1B;IACF,CAAC,CAAC;IACF,IAAI,CAACjD,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;IAC1B9D,MAAM,CAACmE,IAAI,CAAC2C,aAAa,CAAC,CAAC1C,OAAO,CAACtC,GAAG,IAAI;MACxC,IAAI,CAACc,uBAAuB,CAACd,GAAG,CAAC;MACjC,IAAI,CAACS,WAAW,CAACT,GAAG,EAAEgF,aAAa,CAAChF,GAAG,CAAC,CAAC;IAC3C,CAAC,CAAC;EACJ;EAEAkF,kBAAkB,CAACxF,KAAmB,EAAE;IACtC,MAAMM,GAAG,GAAG,IAAI,CAAC6C,mBAAmB,CAAC,cAAc,CAAC,IAAIsC,oCAAyB;;IAEjF;IACA,IAAIzD,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,IAAAG,oBAAa,EAACpC,KAAK,CAAC;IACpBgC,YAAY,CAAC1B,GAAG,CAAC,GAAGN,KAAK;IACzB,IAAI,CAAC3C,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;EAC5B;EAEAoD,kBAAkB,GAAI;IACpB,MAAMpF,GAAG,GAAG,IAAI,CAAC6C,mBAAmB,CAAC,cAAc,CAAC,IAAIsC,oCAAyB;IACjF,IAAI,CAACnB,MAAM,CAAChE,GAAG,CAAC;EAClB;EAEAqF,qBAAqB,GAAG;IACtB,MAAMjD,MAAM,GAAG,IAAI,CAACD,aAAa,EAAE;IACnCjE,MAAM,CAACmE,IAAI,CAACD,MAAM,CAAC,CAACE,OAAO,CAACtC,GAAG,IAAI;MACjCoC,MAAM,CAACpC,GAAG,CAAC,CAACiF,aAAa,GAAG,IAAI;IAClC,CAAC,CAAC;IACF,IAAI,CAAC9B,SAAS,CAACf,MAAM,CAAC;EACxB;AAEF;AAAC"}
package/cjs/oidc/factory/api.js CHANGED
@@ -14,6 +14,7 @@ var _renewToken = require("../renewToken");
14
14
  var _renewTokens = require("../renewTokens");
15
15
  var _renewTokensWithRefresh = require("../renewTokensWithRefresh");
16
16
  var _revokeToken = require("../revokeToken");
17
+ var _introspect = require("../introspect");
17
18
  var _util2 = require("../util");
18
19
  var _verifyToken = require("../verifyToken");
19
20
  var _enrollAuthenticator = require("../enrollAuthenticator");
@@ -69,7 +70,8 @@ function createTokenAPI(sdk, queue) {
69
70
  return (0, _getUserInfo.getUserInfo)(sdk, accessTokenObject, idTokenObject);
70
71
  },
71
72
  verify: _verifyToken.verifyToken.bind(null, sdk),
72
- isLoginRedirect: _util2.isLoginRedirect.bind(null, sdk)
73
+ isLoginRedirect: _util2.isLoginRedirect.bind(null, sdk),
74
+ introspect: _introspect.oidcIntrospect.bind(null, sdk)
73
75
  };
74
76
 
75
77
  // Wrap certain async token API methods using PromiseQueue to avoid issues with concurrency
package/cjs/oidc/factory/api.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"api.js","names":["createTokenAPI","sdk","queue","useQueue","method","PromiseQueue","prototype","push","bind","getWithRedirectFn","getWithRedirect","parseFromUrlFn","parseFromUrl","parseFromUrlApi","Object","assign","_getHistory","window","history","_getLocation","location","_getDocument","document","token","prepareTokenParams","exchangeCodeForTokens","getWithoutPrompt","getWithPopup","decode","decodeToken","revoke","revokeToken","renew","renewToken","renewTokensWithRefresh","renewTokens","getUserInfo","accessTokenObject","idTokenObject","verify","verifyToken","isLoginRedirect","toWrap","forEach","key","createEndpoints","authorize","enrollAuthenticator"],"sources":["../../../../lib/oidc/factory/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport { PromiseQueue } from '../../util';\nimport { decodeToken } from '../decodeToken';\nimport { exchangeCodeForTokens } from '../exchangeCodeForTokens';\nimport { getUserInfo } from '../getUserInfo';\nimport { getWithoutPrompt } from '../getWithoutPrompt';\nimport { getWithPopup } from '../getWithPopup';\nimport { getWithRedirect } from '../getWithRedirect';\nimport { parseFromUrl } from '../parseFromUrl';\nimport { renewToken } from '../renewToken';\nimport { renewTokens } from '../renewTokens';\nimport { renewTokensWithRefresh } from '../renewTokensWithRefresh';\nimport { revokeToken } from '../revokeToken';\nimport {\n AccessToken,\n CustomUserClaims,\n GetWithRedirectFunction,\n IDToken,\n OktaAuthOAuthInterface,\n ParseFromUrlInterface,\n TokenAPI,\n UserClaims,\n Endpoints,\n} from '../types';\nimport { isLoginRedirect, prepareTokenParams } from '../util';\nimport { verifyToken } from '../verifyToken';\nimport { enrollAuthenticator } from '../enrollAuthenticator';\n\n// Factory\nexport function createTokenAPI(sdk: OktaAuthOAuthInterface, queue: PromiseQueue): TokenAPI {\n const useQueue = (method) => {\n return PromiseQueue.prototype.push.bind(queue, method, null);\n };\n\n const getWithRedirectFn = useQueue(getWithRedirect.bind(null, sdk)) as GetWithRedirectFunction;\n\n // eslint-disable-next-line max-len\n const parseFromUrlFn = useQueue(parseFromUrl.bind(null, sdk)) as ParseFromUrlInterface;\n const parseFromUrlApi: ParseFromUrlInterface = Object.assign(parseFromUrlFn, {\n // This is exposed so we can mock getting window.history in our tests\n _getHistory: function() {\n return window.history;\n },\n\n // This is exposed so we can mock getting window.location in our tests\n _getLocation: function() {\n return window.location;\n },\n\n // This is exposed so we can mock getting window.document in our tests\n _getDocument: function() {\n return window.document;\n }\n });\n\n const token: TokenAPI ={\n prepareTokenParams: prepareTokenParams.bind(null, sdk),\n exchangeCodeForTokens: exchangeCodeForTokens.bind(null, sdk),\n getWithoutPrompt: getWithoutPrompt.bind(null, sdk),\n getWithPopup: getWithPopup.bind(null, sdk),\n getWithRedirect: getWithRedirectFn,\n parseFromUrl: parseFromUrlApi,\n decode: decodeToken,\n revoke: revokeToken.bind(null, sdk),\n renew: renewToken.bind(null, sdk),\n renewTokensWithRefresh: renewTokensWithRefresh.bind(null, sdk),\n renewTokens: renewTokens.bind(null, sdk),\n getUserInfo: <C extends CustomUserClaims = CustomUserClaims>(\n accessTokenObject: AccessToken,\n idTokenObject: IDToken\n ): Promise<UserClaims<C>> => {\n return getUserInfo(sdk, accessTokenObject, idTokenObject);\n },\n verify: verifyToken.bind(null, sdk),\n isLoginRedirect: isLoginRedirect.bind(null, sdk)\n };\n\n // Wrap certain async token API methods using PromiseQueue to avoid issues with concurrency\n // 'getWithRedirect' and 'parseFromUrl' are already wrapped\n const toWrap = [\n 'getWithoutPrompt',\n 'getWithPopup',\n 'revoke',\n 'renew',\n 'renewTokensWithRefresh',\n 'renewTokens'\n ];\n toWrap.forEach(key => {\n token[key] = useQueue(token[key]);\n });\n\n return token;\n}\n\nexport function createEndpoints(sdk: OktaAuthOAuthInterface): Endpoints {\n return {\n authorize: {\n enrollAuthenticator: enrollAuthenticator.bind(null, sdk),\n }\n };\n}\n"],"mappings":";;;;AAaA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYA;AACA;AACA;AAtCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AA6BA;AACO,SAASA,cAAc,CAACC,GAA2B,EAAEC,KAAmB,EAAY;EACzF,MAAMC,QAAQ,GAAIC,MAAM,IAAK;IAC3B,OAAOC,kBAAY,CAACC,SAAS,CAACC,IAAI,CAACC,IAAI,CAACN,KAAK,EAAEE,MAAM,EAAE,IAAI,CAAC;EAC9D,CAAC;EAED,MAAMK,iBAAiB,GAAGN,QAAQ,CAACO,gCAAe,CAACF,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC,CAA4B;;EAE9F;EACA,MAAMU,cAAc,GAAGR,QAAQ,CAACS,0BAAY,CAACJ,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC,CAA0B;EACtF,MAAMY,eAAsC,GAAGC,MAAM,CAACC,MAAM,CAACJ,cAAc,EAAE;IAC3E;IACAK,WAAW,EAAE,YAAW;MACtB,OAAOC,MAAM,CAACC,OAAO;IACvB,CAAC;IAED;IACAC,YAAY,EAAE,YAAW;MACvB,OAAOF,MAAM,CAACG,QAAQ;IACxB,CAAC;IAED;IACAC,YAAY,EAAE,YAAW;MACvB,OAAOJ,MAAM,CAACK,QAAQ;IACxB;EACF,CAAC,CAAC;EAEF,MAAMC,KAAe,GAAE;IACrBC,kBAAkB,EAAEA,yBAAkB,CAAChB,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IACtDwB,qBAAqB,EAAEA,4CAAqB,CAACjB,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IAC5DyB,gBAAgB,EAAEA,kCAAgB,CAAClB,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IAClD0B,YAAY,EAAEA,0BAAY,CAACnB,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IAC1CS,eAAe,EAAED,iBAAiB;IAClCG,YAAY,EAAEC,eAAe;IAC7Be,MAAM,EAAEC,wBAAW;IACnBC,MAAM,EAAEC,wBAAW,CAACvB,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IACnC+B,KAAK,EAAEC,sBAAU,CAACzB,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IACjCiC,sBAAsB,EAAEA,8CAAsB,CAAC1B,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IAC9DkC,WAAW,EAAEA,wBAAW,CAAC3B,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IACxCmC,WAAW,EAAE,CACXC,iBAA8B,EAC9BC,aAAsB,KACK;MAC3B,OAAO,IAAAF,wBAAW,EAACnC,GAAG,EAAEoC,iBAAiB,EAAEC,aAAa,CAAC;IAC3D,CAAC;IACDC,MAAM,EAAEC,wBAAW,CAAChC,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IACnCwC,eAAe,EAAEA,sBAAe,CAACjC,IAAI,CAAC,IAAI,EAAEP,GAAG;EACjD,CAAC;;EAED;EACA;EACA,MAAMyC,MAAM,GAAG,CACb,kBAAkB,EAClB,cAAc,EACd,QAAQ,EACR,OAAO,EACP,wBAAwB,EACxB,aAAa,CACd;EACDA,MAAM,CAACC,OAAO,CAACC,GAAG,IAAI;IACpBrB,KAAK,CAACqB,GAAG,CAAC,GAAGzC,QAAQ,CAACoB,KAAK,CAACqB,GAAG,CAAC,CAAC;EACnC,CAAC,CAAC;EAEF,OAAOrB,KAAK;AACd;AAEO,SAASsB,eAAe,CAAC5C,GAA2B,EAAa;EACtE,OAAO;IACL6C,SAAS,EAAE;MACTC,mBAAmB,EAAEA,wCAAmB,CAACvC,IAAI,CAAC,IAAI,EAAEP,GAAG;IACzD;EACF,CAAC;AACH"}
1
+ {"version":3,"file":"api.js","names":["createTokenAPI","sdk","queue","useQueue","method","PromiseQueue","prototype","push","bind","getWithRedirectFn","getWithRedirect","parseFromUrlFn","parseFromUrl","parseFromUrlApi","Object","assign","_getHistory","window","history","_getLocation","location","_getDocument","document","token","prepareTokenParams","exchangeCodeForTokens","getWithoutPrompt","getWithPopup","decode","decodeToken","revoke","revokeToken","renew","renewToken","renewTokensWithRefresh","renewTokens","getUserInfo","accessTokenObject","idTokenObject","verify","verifyToken","isLoginRedirect","introspect","oidcIntrospect","toWrap","forEach","key","createEndpoints","authorize","enrollAuthenticator"],"sources":["../../../../lib/oidc/factory/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport { PromiseQueue } from '../../util';\nimport { decodeToken } from '../decodeToken';\nimport { exchangeCodeForTokens } from '../exchangeCodeForTokens';\nimport { getUserInfo } from '../getUserInfo';\nimport { getWithoutPrompt } from '../getWithoutPrompt';\nimport { getWithPopup } from '../getWithPopup';\nimport { getWithRedirect } from '../getWithRedirect';\nimport { parseFromUrl } from '../parseFromUrl';\nimport { renewToken } from '../renewToken';\nimport { renewTokens } from '../renewTokens';\nimport { renewTokensWithRefresh } from '../renewTokensWithRefresh';\nimport { revokeToken } from '../revokeToken';\nimport { oidcIntrospect } from '../introspect';\nimport {\n AccessToken,\n CustomUserClaims,\n GetWithRedirectFunction,\n IDToken,\n OktaAuthOAuthInterface,\n ParseFromUrlInterface,\n TokenAPI,\n UserClaims,\n Endpoints,\n} from '../types';\nimport { isLoginRedirect, prepareTokenParams } from '../util';\nimport { verifyToken } from '../verifyToken';\nimport { enrollAuthenticator } from '../enrollAuthenticator';\n\n// Factory\nexport function createTokenAPI(sdk: OktaAuthOAuthInterface, queue: PromiseQueue): TokenAPI {\n const useQueue = (method) => {\n return PromiseQueue.prototype.push.bind(queue, method, null);\n };\n\n const getWithRedirectFn = useQueue(getWithRedirect.bind(null, sdk)) as GetWithRedirectFunction;\n\n // eslint-disable-next-line max-len\n const parseFromUrlFn = useQueue(parseFromUrl.bind(null, sdk)) as ParseFromUrlInterface;\n const parseFromUrlApi: ParseFromUrlInterface = Object.assign(parseFromUrlFn, {\n // This is exposed so we can mock getting window.history in our tests\n _getHistory: function() {\n return window.history;\n },\n\n // This is exposed so we can mock getting window.location in our tests\n _getLocation: function() {\n return window.location;\n },\n\n // This is exposed so we can mock getting window.document in our tests\n _getDocument: function() {\n return window.document;\n }\n });\n\n const token: TokenAPI ={\n prepareTokenParams: prepareTokenParams.bind(null, sdk),\n exchangeCodeForTokens: exchangeCodeForTokens.bind(null, sdk),\n getWithoutPrompt: getWithoutPrompt.bind(null, sdk),\n getWithPopup: getWithPopup.bind(null, sdk),\n getWithRedirect: getWithRedirectFn,\n parseFromUrl: parseFromUrlApi,\n decode: decodeToken,\n revoke: revokeToken.bind(null, sdk),\n renew: renewToken.bind(null, sdk),\n renewTokensWithRefresh: renewTokensWithRefresh.bind(null, sdk),\n renewTokens: renewTokens.bind(null, sdk),\n getUserInfo: <C extends CustomUserClaims = CustomUserClaims>(\n accessTokenObject: AccessToken,\n idTokenObject: IDToken\n ): Promise<UserClaims<C>> => {\n return getUserInfo(sdk, accessTokenObject, idTokenObject);\n },\n verify: verifyToken.bind(null, sdk),\n isLoginRedirect: isLoginRedirect.bind(null, sdk),\n introspect: oidcIntrospect.bind(null, sdk),\n };\n\n // Wrap certain async token API methods using PromiseQueue to avoid issues with concurrency\n // 'getWithRedirect' and 'parseFromUrl' are already wrapped\n const toWrap = [\n 'getWithoutPrompt',\n 'getWithPopup',\n 'revoke',\n 'renew',\n 'renewTokensWithRefresh',\n 'renewTokens'\n ];\n toWrap.forEach(key => {\n token[key] = useQueue(token[key]);\n });\n\n return token;\n}\n\nexport function createEndpoints(sdk: OktaAuthOAuthInterface): Endpoints {\n return {\n authorize: {\n enrollAuthenticator: enrollAuthenticator.bind(null, sdk),\n }\n };\n}\n"],"mappings":";;;;AAaA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAYA;AACA;AACA;AAvCA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AA8BA;AACO,SAASA,cAAc,CAACC,GAA2B,EAAEC,KAAmB,EAAY;EACzF,MAAMC,QAAQ,GAAIC,MAAM,IAAK;IAC3B,OAAOC,kBAAY,CAACC,SAAS,CAACC,IAAI,CAACC,IAAI,CAACN,KAAK,EAAEE,MAAM,EAAE,IAAI,CAAC;EAC9D,CAAC;EAED,MAAMK,iBAAiB,GAAGN,QAAQ,CAACO,gCAAe,CAACF,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC,CAA4B;;EAE9F;EACA,MAAMU,cAAc,GAAGR,QAAQ,CAACS,0BAAY,CAACJ,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC,CAA0B;EACtF,MAAMY,eAAsC,GAAGC,MAAM,CAACC,MAAM,CAACJ,cAAc,EAAE;IAC3E;IACAK,WAAW,EAAE,YAAW;MACtB,OAAOC,MAAM,CAACC,OAAO;IACvB,CAAC;IAED;IACAC,YAAY,EAAE,YAAW;MACvB,OAAOF,MAAM,CAACG,QAAQ;IACxB,CAAC;IAED;IACAC,YAAY,EAAE,YAAW;MACvB,OAAOJ,MAAM,CAACK,QAAQ;IACxB;EACF,CAAC,CAAC;EAEF,MAAMC,KAAe,GAAE;IACrBC,kBAAkB,EAAEA,yBAAkB,CAAChB,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IACtDwB,qBAAqB,EAAEA,4CAAqB,CAACjB,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IAC5DyB,gBAAgB,EAAEA,kCAAgB,CAAClB,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IAClD0B,YAAY,EAAEA,0BAAY,CAACnB,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IAC1CS,eAAe,EAAED,iBAAiB;IAClCG,YAAY,EAAEC,eAAe;IAC7Be,MAAM,EAAEC,wBAAW;IACnBC,MAAM,EAAEC,wBAAW,CAACvB,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IACnC+B,KAAK,EAAEC,sBAAU,CAACzB,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IACjCiC,sBAAsB,EAAEA,8CAAsB,CAAC1B,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IAC9DkC,WAAW,EAAEA,wBAAW,CAAC3B,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IACxCmC,WAAW,EAAE,CACXC,iBAA8B,EAC9BC,aAAsB,KACK;MAC3B,OAAO,IAAAF,wBAAW,EAACnC,GAAG,EAAEoC,iBAAiB,EAAEC,aAAa,CAAC;IAC3D,CAAC;IACDC,MAAM,EAAEC,wBAAW,CAAChC,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IACnCwC,eAAe,EAAEA,sBAAe,CAACjC,IAAI,CAAC,IAAI,EAAEP,GAAG,CAAC;IAChDyC,UAAU,EAAEC,0BAAc,CAACnC,IAAI,CAAC,IAAI,EAAEP,GAAG;EAC3C,CAAC;;EAED;EACA;EACA,MAAM2C,MAAM,GAAG,CACb,kBAAkB,EAClB,cAAc,EACd,QAAQ,EACR,OAAO,EACP,wBAAwB,EACxB,aAAa,CACd;EACDA,MAAM,CAACC,OAAO,CAACC,GAAG,IAAI;IACpBvB,KAAK,CAACuB,GAAG,CAAC,GAAG3C,QAAQ,CAACoB,KAAK,CAACuB,GAAG,CAAC,CAAC;EACnC,CAAC,CAAC;EAEF,OAAOvB,KAAK;AACd;AAEO,SAASwB,eAAe,CAAC9C,GAA2B,EAAa;EACtE,OAAO;IACL+C,SAAS,EAAE;MACTC,mBAAmB,EAAEA,wCAAmB,CAACzC,IAAI,CAAC,IAAI,EAAEP,GAAG;IACzD;EACF,CAAC;AACH"}
package/cjs/oidc/index.js CHANGED
@@ -14,7 +14,8 @@ var _exportNames = {
14
14
  getWithoutPrompt: true,
15
15
  getWithPopup: true,
16
16
  getWithRedirect: true,
17
- parseFromUrl: true
17
+ parseFromUrl: true,
18
+ oidcIntrospect: true
18
19
  };
19
20
  Object.defineProperty(exports, "decodeToken", {
20
21
  enumerable: true,
@@ -64,6 +65,12 @@ Object.defineProperty(exports, "handleOAuthResponse", {
64
65
  return _handleOAuthResponse.handleOAuthResponse;
65
66
  }
66
67
  });
68
+ Object.defineProperty(exports, "oidcIntrospect", {
69
+ enumerable: true,
70
+ get: function () {
71
+ return _introspect.oidcIntrospect;
72
+ }
73
+ });
67
74
  Object.defineProperty(exports, "parseFromUrl", {
68
75
  enumerable: true,
69
76
  get: function () {
@@ -222,4 +229,5 @@ var _getWithoutPrompt = require("./getWithoutPrompt");
222
229
  var _getWithPopup = require("./getWithPopup");
223
230
  var _getWithRedirect = require("./getWithRedirect");
224
231
  var _parseFromUrl = require("./parseFromUrl");
232
+ var _introspect = require("./introspect");
225
233
  //# sourceMappingURL=index.js.map
package/cjs/oidc/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","names":[],"sources":["../../../lib/oidc/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nexport * from './factory';\nexport * from './mixin';\nexport * from './storage';\nexport * from './endpoints';\nexport * from './options';\nexport * from './types';\nexport * from './TokenManager';\nexport * from './TransactionManager';\nexport * from './util';\n\nexport { decodeToken } from './decodeToken';\nexport { revokeToken } from './revokeToken';\nexport { renewToken } from './renewToken';\nexport { renewTokensWithRefresh } from './renewTokensWithRefresh';\nexport { renewTokens } from './renewTokens';\nexport { verifyToken } from './verifyToken';\nexport { getUserInfo } from './getUserInfo';\nexport { handleOAuthResponse } from './handleOAuthResponse';\nexport { exchangeCodeForTokens } from './exchangeCodeForTokens';\nexport { getToken } from './getToken';\nexport { getWithoutPrompt } from './getWithoutPrompt';\nexport { getWithPopup } from './getWithPopup';\nexport { getWithRedirect } from './getWithRedirect';\nexport { parseFromUrl } from './parseFromUrl';\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAYA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA"}
1
+ {"version":3,"file":"index.js","names":[],"sources":["../../../lib/oidc/index.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nexport * from './factory';\nexport * from './mixin';\nexport * from './storage';\nexport * from './endpoints';\nexport * from './options';\nexport * from './types';\nexport * from './TokenManager';\nexport * from './TransactionManager';\nexport * from './util';\n\nexport { decodeToken } from './decodeToken';\nexport { revokeToken } from './revokeToken';\nexport { renewToken } from './renewToken';\nexport { renewTokensWithRefresh } from './renewTokensWithRefresh';\nexport { renewTokens } from './renewTokens';\nexport { verifyToken } from './verifyToken';\nexport { getUserInfo } from './getUserInfo';\nexport { handleOAuthResponse } from './handleOAuthResponse';\nexport { exchangeCodeForTokens } from './exchangeCodeForTokens';\nexport { getToken } from './getToken';\nexport { getWithoutPrompt } from './getWithoutPrompt';\nexport { getWithPopup } from './getWithPopup';\nexport { getWithRedirect } from './getWithRedirect';\nexport { parseFromUrl } from './parseFromUrl';\nexport { oidcIntrospect } from './introspect';\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAYA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AACA;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA"}
package/cjs/oidc/introspect.js ADDED
@@ -0,0 +1,70 @@
1
+ "use strict";
2
+
3
+ exports.oidcIntrospect = oidcIntrospect;
4
+ var _errors = require("../errors");
5
+ var _wellKnown = require("./endpoints/well-known");
6
+ var _http = require("../http");
7
+ var _util = require("../util");
8
+ var _crypto = require("../crypto");
9
+ var _types = require("./types");
10
+ /*!
11
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
12
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
13
+ *
14
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
15
+ * Unless required by applicable law or agreed to in writing, software
16
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18
+ *
19
+ * See the License for the specific language governing permissions and limitations under the License.
20
+ *
21
+ */
22
+
23
+ const hintMap = {
24
+ accessToken: 'access_token',
25
+ idToken: 'id_token',
26
+ refreshToken: 'refresh_token'
27
+ };
28
+
29
+ /* eslint complexity: [2, 9] */
30
+ async function oidcIntrospect(sdk, kind, token) {
31
+ let issuer;
32
+ let clientId = sdk.options.clientId;
33
+ let clientSecret = sdk.options.clientSecret;
34
+ if (!token) {
35
+ token = sdk.tokenManager.getTokens()[kind];
36
+ }
37
+ if (!token) {
38
+ throw new _errors.AuthSdkError(`unable to find ${kind} in storage or fn params`);
39
+ }
40
+ if (kind !== _types.TokenKind.ACCESS) {
41
+ var _token;
42
+ issuer = (_token = token) === null || _token === void 0 ? void 0 : _token.issuer;
43
+ } else {
44
+ var _token2, _token2$claims;
45
+ issuer = (_token2 = token) === null || _token2 === void 0 ? void 0 : (_token2$claims = _token2.claims) === null || _token2$claims === void 0 ? void 0 : _token2$claims.iss;
46
+ }
47
+ issuer ?? (issuer = sdk.options.issuer);
48
+ if (!clientId) {
49
+ throw new _errors.AuthSdkError('A clientId must be specified in the OktaAuth constructor to introspect a token');
50
+ }
51
+ if (!issuer) {
52
+ throw new _errors.AuthSdkError('Unable to find issuer');
53
+ }
54
+ const {
55
+ introspection_endpoint: introspectUrl
56
+ } = await (0, _wellKnown.getWellKnown)(sdk, issuer);
57
+ const authHeader = clientSecret ? (0, _crypto.btoa)(`${clientId}:${clientSecret}`) : (0, _crypto.btoa)(clientId);
58
+ const args = (0, _util.toQueryString)({
59
+ // eslint-disable-next-line camelcase
60
+ token_type_hint: hintMap[kind],
61
+ token: token[kind] // extract raw token string from token object
62
+ }).slice(1);
63
+ return (0, _http.post)(sdk, introspectUrl, args, {
64
+ headers: {
65
+ 'Content-Type': 'application/x-www-form-urlencoded',
66
+ 'Authorization': 'Basic ' + authHeader
67
+ }
68
+ });
69
+ }
70
+ //# sourceMappingURL=introspect.js.map