@okta/okta-auth-js 7.5.1 → 7.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -0
- package/README.md +26 -4
- package/cjs/core/ServiceManager/browser.js +10 -2
- package/cjs/core/ServiceManager/browser.js.map +1 -1
- package/cjs/core/types/Service.js.map +1 -1
- package/cjs/http/OktaUserAgent.js +2 -2
- package/cjs/idx/authenticator/Authenticator.js.map +1 -1
- package/cjs/idx/authenticator/OktaPassword.js +16 -4
- package/cjs/idx/authenticator/OktaPassword.js.map +1 -1
- package/cjs/idx/types/idx-js.js.map +1 -1
- package/cjs/oidc/TokenManager.js +17 -1
- package/cjs/oidc/TokenManager.js.map +1 -1
- package/cjs/oidc/mixin/index.js +16 -0
- package/cjs/oidc/mixin/index.js.map +1 -1
- package/cjs/oidc/options/OAuthOptionsConstructor.js +1 -1
- package/cjs/oidc/options/OAuthOptionsConstructor.js.map +1 -1
- package/cjs/oidc/types/api.js.map +1 -1
- package/cjs/services/RenewOnTabActivationService.js +64 -0
- package/cjs/services/RenewOnTabActivationService.js.map +1 -0
- package/cjs/services/index.js +11 -0
- package/cjs/services/index.js.map +1 -1
- package/dist/okta-auth-js.authn.min.analyzer.html +2 -2
- package/dist/okta-auth-js.authn.min.js +1 -1
- package/dist/okta-auth-js.authn.min.js.map +1 -1
- package/dist/okta-auth-js.core.min.analyzer.html +2 -2
- package/dist/okta-auth-js.core.min.js +1 -1
- package/dist/okta-auth-js.core.min.js.map +1 -1
- package/dist/okta-auth-js.idx.min.analyzer.html +2 -2
- package/dist/okta-auth-js.idx.min.js +1 -1
- package/dist/okta-auth-js.idx.min.js.map +1 -1
- package/dist/okta-auth-js.min.analyzer.html +2 -2
- package/dist/okta-auth-js.min.js +1 -1
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.myaccount.min.analyzer.html +2 -2
- package/dist/okta-auth-js.myaccount.min.js +1 -1
- package/dist/okta-auth-js.myaccount.min.js.map +1 -1
- package/esm/browser/core/ServiceManager/browser.js +9 -2
- package/esm/browser/core/ServiceManager/browser.js.map +1 -1
- package/esm/browser/http/OktaUserAgent.js +2 -2
- package/esm/browser/idx/authenticator/Authenticator.js.map +1 -1
- package/esm/browser/idx/authenticator/OktaPassword.js +17 -4
- package/esm/browser/idx/authenticator/OktaPassword.js.map +1 -1
- package/esm/browser/idx/types/idx-js.js.map +1 -1
- package/esm/browser/oidc/TokenManager.js +12 -1
- package/esm/browser/oidc/TokenManager.js.map +1 -1
- package/esm/browser/oidc/mixin/index.js +16 -0
- package/esm/browser/oidc/mixin/index.js.map +1 -1
- package/esm/browser/oidc/options/OAuthOptionsConstructor.js +1 -1
- package/esm/browser/oidc/options/OAuthOptionsConstructor.js.map +1 -1
- package/esm/browser/package.json +1 -1
- package/esm/browser/services/RenewOnTabActivationService.js +67 -0
- package/esm/browser/services/RenewOnTabActivationService.js.map +1 -0
- package/esm/node/http/OktaUserAgent.js +2 -2
- package/esm/node/idx/authenticator/Authenticator.js.map +1 -1
- package/esm/node/idx/authenticator/OktaPassword.js +17 -4
- package/esm/node/idx/authenticator/OktaPassword.js.map +1 -1
- package/esm/node/idx/types/idx-js.js.map +1 -1
- package/esm/node/oidc/TokenManager.js +12 -1
- package/esm/node/oidc/TokenManager.js.map +1 -1
- package/esm/node/oidc/mixin/index.js +16 -0
- package/esm/node/oidc/mixin/index.js.map +1 -1
- package/esm/node/oidc/options/OAuthOptionsConstructor.js +1 -1
- package/esm/node/oidc/options/OAuthOptionsConstructor.js.map +1 -1
- package/esm/node/package.json +1 -1
- package/package.json +4 -6
- package/types/lib/core/types/Service.d.ts +7 -1
- package/types/lib/idx/authenticator/Authenticator.d.ts +1 -1
- package/types/lib/idx/authenticator/OktaPassword.d.ts +2 -1
- package/types/lib/idx/types/idx-js.d.ts +1 -0
- package/types/lib/oidc/types/api.d.ts +1 -0
- package/types/lib/services/RenewOnTabActivationService.d.ts +16 -0
- package/types/lib/services/index.d.ts +1 -0
- package/umd/authn.js +1 -1
- package/umd/authn.js.map +1 -1
- package/umd/core.js +1 -1
- package/umd/core.js.map +1 -1
- package/umd/default.js +1 -1
- package/umd/default.js.map +1 -1
- package/umd/idx.js +1 -1
- package/umd/idx.js.map +1 -1
- package/umd/myaccount.js +1 -1
- package/umd/myaccount.js.map +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,17 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 7.6.0
|
|
4
|
+
|
|
5
|
+
### Features
|
|
6
|
+
|
|
7
|
+
- [#1507](https://github.com/okta/okta-auth-js/pull/1507) add: new method `getOrRenewAccessToken`
|
|
8
|
+
- [#1505](https://github.com/okta/okta-auth-js/pull/1505) add: support of `revokeSessions` param for `OktaPassword` authenticator (can be used in `reset-authenticator` remediation)
|
|
9
|
+
- [#1512](https://github.com/okta/okta-auth-js/pull/1512) add: new service `RenewOnTabActivation`
|
|
10
|
+
|
|
11
|
+
### Bug Fix
|
|
12
|
+
|
|
13
|
+
- [#1513](https://github.com/okta/okta-auth-js/pull/1513) fix: restricts `issuer` "-admin" validation to `.okta` domain
|
|
14
|
+
|
|
3
15
|
## 7.5.1
|
|
4
16
|
|
|
5
17
|
### Bug Fix
|
package/README.md
CHANGED
|
@@ -36,6 +36,12 @@ You can learn more on the [Okta + JavaScript][lang-landing] page in our document
|
|
|
36
36
|
|
|
37
37
|
This library uses semantic versioning and follows Okta's [library version policy](https://developer.okta.com/code/library-versions/).
|
|
38
38
|
|
|
39
|
+
> :warning: :warning: :warning: :warning: :warning: :warning: :warning: :warning: :warning:<br>
|
|
40
|
+
#### :warning: Bulletin Board :warning:
|
|
41
|
+
* Review [Future of autoRenew](./docs/autoRenew-notice.md) <br>
|
|
42
|
+
* Review [End of Third-Party Cookies](https://developer.okta.com/blog/2024/02/29/third-party-cookies) <br>
|
|
43
|
+
> :warning: :warning: :warning: :warning: :warning: :warning: :warning: :warning::warning:<br>
|
|
44
|
+
|
|
39
45
|
## Release Status
|
|
40
46
|
|
|
41
47
|
:heavy_check_mark: The current stable major version series is: `7.x`
|
|
@@ -43,7 +49,7 @@ This library uses semantic versioning and follows Okta's [library version policy
|
|
|
43
49
|
| Version | Status |
|
|
44
50
|
| ------- | -------------------------------- |
|
|
45
51
|
| `7.x` | :heavy_check_mark: Stable |
|
|
46
|
-
| `6.x` | :
|
|
52
|
+
| `6.x` | :x: Retired |
|
|
47
53
|
| `5.x` | :x: Retired |
|
|
48
54
|
| `4.x` | :x: Retired |
|
|
49
55
|
| `3.x` | :x: Retired |
|
|
@@ -96,7 +102,7 @@ require('@okta/okta-auth-js/polyfill');
|
|
|
96
102
|
The built polyfill bundle is also available on our global CDN. Include the following script in your HTML file to load before any other scripts:
|
|
97
103
|
|
|
98
104
|
```html
|
|
99
|
-
<script src="https://global.oktacdn.com/okta-auth-js/7.
|
|
105
|
+
<script src="https://global.oktacdn.com/okta-auth-js/7.5.1/okta-auth-js.polyfill.js" type="text/javascript" integrity="sha384-EBFsuVdi4TGp/DwS7b+t+wA8zmWK10omkX05ZjJWQhzWuW31t7FWEGOnHQeIr8+L" crossorigin="anonymous"></script>
|
|
100
106
|
```
|
|
101
107
|
|
|
102
108
|
> :warning: The version shown in this sample may be older than the current version. We recommend using the highest version available
|
|
@@ -171,7 +177,7 @@ If you are using the JS on a web page from the browser, you can copy the `node_m
|
|
|
171
177
|
The built library bundle is also available on our global CDN. Include the following script in your HTML file to load before your application script:
|
|
172
178
|
|
|
173
179
|
```html
|
|
174
|
-
<script src="https://global.oktacdn.com/okta-auth-js/7.
|
|
180
|
+
<script src="https://global.oktacdn.com/okta-auth-js/7.5.1/okta-auth-js.min.js" type="text/javascript" integrity="sha384-6epSwnIDkI5zFNEVNjEYy3A7aSZ+C7ehmEyG8zDJZfP9Bmnxc51TK8du+2me4pjb" crossorigin="anonymous"></script>
|
|
175
181
|
```
|
|
176
182
|
|
|
177
183
|
> :warning: The version shown in this sample may be older than the current version. We recommend using the highest version available
|
|
@@ -342,7 +348,7 @@ Most applications will handle an OAuth callback using a special route/page, sepa
|
|
|
342
348
|
**It’s important that no other app logic runs until the async parseFromUrl / token manager logic is complete**
|
|
343
349
|
3. After this, continue normal app logic
|
|
344
350
|
|
|
345
|
-
```
|
|
351
|
+
```javascript
|
|
346
352
|
|
|
347
353
|
async function main() {
|
|
348
354
|
// create OktaAuth instance
|
|
@@ -843,6 +849,8 @@ services: {
|
|
|
843
849
|
autoRenew: true,
|
|
844
850
|
autoRemove: true,
|
|
845
851
|
syncStorage: true,
|
|
852
|
+
renewOnTabActivation: true,
|
|
853
|
+
tabInactivityDuration: 1800 // seconds
|
|
846
854
|
}
|
|
847
855
|
```
|
|
848
856
|
|
|
@@ -866,6 +874,15 @@ Automatically syncs tokens across browser tabs when it's supported in browser (b
|
|
|
866
874
|
|
|
867
875
|
This is accomplished by selecting a single tab to handle the network requests to refresh the tokens and broadcasting to the other tabs. This is done to avoid all tabs sending refresh requests simultaneously, which can cause rate limiting/throttling issues.
|
|
868
876
|
|
|
877
|
+
#### `renewOnTabActivation`
|
|
878
|
+
> NOTE: This service requires `autoRenew: true`
|
|
879
|
+
|
|
880
|
+
When enabled (`{ autoRenew: true, renewOnTabActivation: true }`), this service binds a handler to the [Page Visibility API](https://developer.mozilla.org/en-US/docs/Web/API/Page_Visibility_API) which attempts a token renew (if needed) when the tab becomes active after a (configurable) inactivity period
|
|
881
|
+
|
|
882
|
+
#### `tabInactivityDuration`
|
|
883
|
+
The amount of time, in seconds, a tab needs to be inactive for the `RenewOnTabActivation` service to attempt a token renew. Defaults to `1800` (30 mins)
|
|
884
|
+
|
|
885
|
+
|
|
869
886
|
## API Reference
|
|
870
887
|
<!-- no toc -->
|
|
871
888
|
* [start](#start)
|
|
@@ -886,6 +903,7 @@ This is accomplished by selecting a single tab to handle the network requests to
|
|
|
886
903
|
* [getUser](#getuser)
|
|
887
904
|
* [getIdToken](#getidtoken)
|
|
888
905
|
* [getAccessToken](#getaccesstoken)
|
|
906
|
+
* [getOrRenewAccessToken](#getorrenewaccesstoken)
|
|
889
907
|
* [storeTokensFromRedirect](#storetokensfromredirect)
|
|
890
908
|
* [setOriginalUri](#setoriginaluriuri)
|
|
891
909
|
* [getOriginalUri](#getoriginaluristate)
|
|
@@ -1154,6 +1172,10 @@ Returns the id token string retrieved from [authState](#authstatemanager) if it
|
|
|
1154
1172
|
|
|
1155
1173
|
Returns the access token string retrieved from [authState](#authstatemanager) if it exists.
|
|
1156
1174
|
|
|
1175
|
+
### `getOrRenewAccessToken()`
|
|
1176
|
+
|
|
1177
|
+
Returns the access token string if it exists. Returns `null` if the access token doesn't exist or a renewal cannot be completed
|
|
1178
|
+
|
|
1157
1179
|
### `storeTokensFromRedirect()`
|
|
1158
1180
|
|
|
1159
1181
|
> :hourglass: async
|
|
@@ -20,6 +20,7 @@ var _util = require("../../util");
|
|
|
20
20
|
const AUTO_RENEW = 'autoRenew';
|
|
21
21
|
const SYNC_STORAGE = 'syncStorage';
|
|
22
22
|
const LEADER_ELECTION = 'leaderElection';
|
|
23
|
+
const RENEW_ON_TAB_ACTIVATION = 'renewOnTabActivation';
|
|
23
24
|
class ServiceManager {
|
|
24
25
|
constructor(sdk, options = {}) {
|
|
25
26
|
this.sdk = sdk;
|
|
@@ -120,6 +121,11 @@ class ServiceManager {
|
|
|
120
121
|
...this.options
|
|
121
122
|
});
|
|
122
123
|
break;
|
|
124
|
+
case RENEW_ON_TAB_ACTIVATION:
|
|
125
|
+
service = new _services.RenewOnTabActivationService(tokenManager, {
|
|
126
|
+
...this.options
|
|
127
|
+
});
|
|
128
|
+
break;
|
|
123
129
|
default:
|
|
124
130
|
throw new Error(`Unknown service ${name}`);
|
|
125
131
|
}
|
|
@@ -127,10 +133,12 @@ class ServiceManager {
|
|
|
127
133
|
}
|
|
128
134
|
}
|
|
129
135
|
exports.ServiceManager = ServiceManager;
|
|
130
|
-
(0, _defineProperty2.default)(ServiceManager, "knownServices", [AUTO_RENEW, SYNC_STORAGE, LEADER_ELECTION]);
|
|
136
|
+
(0, _defineProperty2.default)(ServiceManager, "knownServices", [AUTO_RENEW, SYNC_STORAGE, LEADER_ELECTION, RENEW_ON_TAB_ACTIVATION]);
|
|
131
137
|
(0, _defineProperty2.default)(ServiceManager, "defaultOptions", {
|
|
132
138
|
autoRenew: true,
|
|
133
139
|
autoRemove: true,
|
|
134
|
-
syncStorage: true
|
|
140
|
+
syncStorage: true,
|
|
141
|
+
renewOnTabActivation: true,
|
|
142
|
+
tabInactivityDuration: 1800 // 30 mins in seconds
|
|
135
143
|
});
|
|
136
144
|
//# sourceMappingURL=browser.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"browser.js","names":["AUTO_RENEW","SYNC_STORAGE","LEADER_ELECTION","ServiceManager","constructor","sdk","options","onLeader","bind","autoRenew","autoRemove","syncStorage","tokenManager","getOptions","electionChannelName","broadcastChannelName","Object","assign","defaultOptions","clientId","syncChannelName","removeNils","started","services","Map","knownServices","forEach","name","svc","createService","set","startServices","isLeader","getService","isLeaderRequired","values","some","srv","canStart","requiresLeadership","start","stop","stopServices","get","entries","canStartService","isStarted","service","LeaderElectionService","AutoRenewService","SyncStorageService","Error"],"sources":["../../../../lib/core/ServiceManager/browser.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport {\n OAuthTransactionMeta,\n OAuthStorageManagerInterface,\n} from '../../oidc';\n\nimport {\n ServiceManagerInterface,\n ServiceInterface,\n ServiceManagerOptions,\n OktaAuthCoreInterface,\n OktaAuthCoreOptions\n} from '../types';\nimport { AutoRenewService
|
|
1
|
+
{"version":3,"file":"browser.js","names":["AUTO_RENEW","SYNC_STORAGE","LEADER_ELECTION","RENEW_ON_TAB_ACTIVATION","ServiceManager","constructor","sdk","options","onLeader","bind","autoRenew","autoRemove","syncStorage","tokenManager","getOptions","electionChannelName","broadcastChannelName","Object","assign","defaultOptions","clientId","syncChannelName","removeNils","started","services","Map","knownServices","forEach","name","svc","createService","set","startServices","isLeader","getService","isLeaderRequired","values","some","srv","canStart","requiresLeadership","start","stop","stopServices","get","entries","canStartService","isStarted","service","LeaderElectionService","AutoRenewService","SyncStorageService","RenewOnTabActivationService","Error","renewOnTabActivation","tabInactivityDuration"],"sources":["../../../../lib/core/ServiceManager/browser.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport {\n OAuthTransactionMeta,\n OAuthStorageManagerInterface,\n} from '../../oidc';\n\nimport {\n ServiceManagerInterface,\n ServiceInterface,\n ServiceManagerOptions,\n OktaAuthCoreInterface,\n OktaAuthCoreOptions\n} from '../types';\nimport { AutoRenewService,\n SyncStorageService,\n LeaderElectionService,\n RenewOnTabActivationService\n} from '../../services';\nimport { removeNils } from '../../util';\n\nconst AUTO_RENEW = 'autoRenew';\nconst SYNC_STORAGE = 'syncStorage';\nconst LEADER_ELECTION = 'leaderElection';\nconst RENEW_ON_TAB_ACTIVATION = 'renewOnTabActivation';\n\nexport class ServiceManager\n<\n M extends OAuthTransactionMeta,\n S extends OAuthStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions\n>\nimplements ServiceManagerInterface \n{\n private sdk: OktaAuthCoreInterface<M, S, O>;\n private options: ServiceManagerOptions;\n private services: Map<string, ServiceInterface>;\n private started: boolean;\n\n private static knownServices = [AUTO_RENEW, SYNC_STORAGE, LEADER_ELECTION, RENEW_ON_TAB_ACTIVATION];\n\n private static defaultOptions: ServiceManagerOptions = {\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n renewOnTabActivation: true,\n tabInactivityDuration: 1800, // 30 mins in seconds\n };\n\n constructor(sdk: OktaAuthCoreInterface<M, S, O>, options: ServiceManagerOptions = {}) {\n this.sdk = sdk;\n this.onLeader = this.onLeader.bind(this);\n\n // TODO: backwards compatibility, remove in next major version - OKTA-473815\n const { autoRenew, autoRemove, syncStorage } = sdk.tokenManager.getOptions();\n options.electionChannelName = options.electionChannelName || options.broadcastChannelName;\n this.options = Object.assign({}, \n ServiceManager.defaultOptions,\n { autoRenew, autoRemove, syncStorage }, \n {\n electionChannelName: `${sdk.options.clientId}-election`,\n syncChannelName: `${sdk.options.clientId}-sync`,\n },\n removeNils(options)\n );\n\n this.started = false;\n this.services = new Map();\n\n ServiceManager.knownServices.forEach(name => {\n const svc = this.createService(name);\n if (svc) {\n this.services.set(name, svc);\n }\n });\n }\n\n private async onLeader() {\n if (this.started) {\n // Start services that requires leadership\n await this.startServices();\n }\n }\n\n isLeader() {\n return (this.getService(LEADER_ELECTION) as LeaderElectionService)?.isLeader();\n }\n\n isLeaderRequired() {\n return [...this.services.values()].some(srv => srv.canStart() && srv.requiresLeadership());\n }\n\n async start() {\n if (this.started) {\n return; // noop if services have already started\n }\n await this.startServices();\n this.started = true;\n }\n \n async stop() {\n await this.stopServices();\n this.started = false;\n }\n\n getService(name: string): ServiceInterface | undefined {\n return this.services.get(name);\n }\n\n private async startServices() {\n for (const [name, srv] of this.services.entries()) {\n if (this.canStartService(name, srv)) {\n await srv.start();\n }\n }\n }\n\n private async stopServices() {\n for (const srv of this.services.values()) {\n await srv.stop();\n }\n }\n\n // eslint-disable-next-line complexity\n private canStartService(name: string, srv: ServiceInterface): boolean {\n let canStart = srv.canStart() && !srv.isStarted();\n // only start election if a leader is required\n if (name === LEADER_ELECTION) {\n canStart &&= this.isLeaderRequired();\n } else if (srv.requiresLeadership()) {\n canStart &&= this.isLeader();\n }\n return canStart;\n }\n\n private createService(name: string): ServiceInterface {\n const tokenManager = this.sdk.tokenManager;\n\n let service: ServiceInterface;\n switch (name) {\n case LEADER_ELECTION:\n service = new LeaderElectionService({...this.options, onLeader: this.onLeader});\n break;\n case AUTO_RENEW:\n service = new AutoRenewService(tokenManager, {...this.options});\n break;\n case SYNC_STORAGE:\n service = new SyncStorageService(tokenManager, {...this.options});\n break;\n case RENEW_ON_TAB_ACTIVATION:\n service = new RenewOnTabActivationService(tokenManager, {...this.options});\n break;\n default:\n throw new Error(`Unknown service ${name}`);\n }\n return service;\n }\n\n}\n"],"mappings":";;;;;AAyBA;AAKA;AA9BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAsBA,MAAMA,UAAU,GAAG,WAAW;AAC9B,MAAMC,YAAY,GAAG,aAAa;AAClC,MAAMC,eAAe,GAAG,gBAAgB;AACxC,MAAMC,uBAAuB,GAAG,sBAAsB;AAE/C,MAAMC,cAAc,CAO3B;EAgBEC,WAAW,CAACC,GAAmC,EAAEC,OAA8B,GAAG,CAAC,CAAC,EAAE;IACpF,IAAI,CAACD,GAAG,GAAGA,GAAG;IACd,IAAI,CAACE,QAAQ,GAAG,IAAI,CAACA,QAAQ,CAACC,IAAI,CAAC,IAAI,CAAC;;IAExC;IACA,MAAM;MAAEC,SAAS;MAAEC,UAAU;MAAEC;IAAY,CAAC,GAAGN,GAAG,CAACO,YAAY,CAACC,UAAU,EAAE;IAC5EP,OAAO,CAACQ,mBAAmB,GAAGR,OAAO,CAACQ,mBAAmB,IAAIR,OAAO,CAACS,oBAAoB;IACzF,IAAI,CAACT,OAAO,GAAGU,MAAM,CAACC,MAAM,CAAC,CAAC,CAAC,EAC7Bd,cAAc,CAACe,cAAc,EAC7B;MAAET,SAAS;MAAEC,UAAU;MAAEC;IAAY,CAAC,EACtC;MACEG,mBAAmB,EAAG,GAAET,GAAG,CAACC,OAAO,CAACa,QAAS,WAAU;MACvDC,eAAe,EAAG,GAAEf,GAAG,CAACC,OAAO,CAACa,QAAS;IAC3C,CAAC,EACD,IAAAE,gBAAU,EAACf,OAAO,CAAC,CACpB;IAED,IAAI,CAACgB,OAAO,GAAG,KAAK;IACpB,IAAI,CAACC,QAAQ,GAAG,IAAIC,GAAG,EAAE;IAEzBrB,cAAc,CAACsB,aAAa,CAACC,OAAO,CAACC,IAAI,IAAI;MAC3C,MAAMC,GAAG,GAAG,IAAI,CAACC,aAAa,CAACF,IAAI,CAAC;MACpC,IAAIC,GAAG,EAAE;QACP,IAAI,CAACL,QAAQ,CAACO,GAAG,CAACH,IAAI,EAAEC,GAAG,CAAC;MAC9B;IACF,CAAC,CAAC;EACJ;EAEA,MAAcrB,QAAQ,GAAG;IACvB,IAAI,IAAI,CAACe,OAAO,EAAE;MAChB;MACA,MAAM,IAAI,CAACS,aAAa,EAAE;IAC5B;EACF;EAEAC,QAAQ,GAAG;IACT,OAAQ,IAAI,CAACC,UAAU,CAAChC,eAAe,CAAC,EAA4B+B,QAAQ,EAAE;EAChF;EAEAE,gBAAgB,GAAG;IACjB,OAAO,CAAC,GAAG,IAAI,CAACX,QAAQ,CAACY,MAAM,EAAE,CAAC,CAACC,IAAI,CAACC,GAAG,IAAIA,GAAG,CAACC,QAAQ,EAAE,IAAID,GAAG,CAACE,kBAAkB,EAAE,CAAC;EAC5F;EAEA,MAAMC,KAAK,GAAG;IACZ,IAAI,IAAI,CAAClB,OAAO,EAAE;MAChB,OAAO,CAAK;IACd;;IACA,MAAM,IAAI,CAACS,aAAa,EAAE;IAC1B,IAAI,CAACT,OAAO,GAAG,IAAI;EACrB;EAEA,MAAMmB,IAAI,GAAG;IACX,MAAM,IAAI,CAACC,YAAY,EAAE;IACzB,IAAI,CAACpB,OAAO,GAAG,KAAK;EACtB;EAEAW,UAAU,CAACN,IAAY,EAAgC;IACrD,OAAO,IAAI,CAACJ,QAAQ,CAACoB,GAAG,CAAChB,IAAI,CAAC;EAChC;EAEA,MAAcI,aAAa,GAAG;IAC5B,KAAK,MAAM,CAACJ,IAAI,EAAEU,GAAG,CAAC,IAAI,IAAI,CAACd,QAAQ,CAACqB,OAAO,EAAE,EAAE;MACjD,IAAI,IAAI,CAACC,eAAe,CAAClB,IAAI,EAAEU,GAAG,CAAC,EAAE;QACnC,MAAMA,GAAG,CAACG,KAAK,EAAE;MACnB;IACF;EACF;EAEA,MAAcE,YAAY,GAAG;IAC3B,KAAK,MAAML,GAAG,IAAI,IAAI,CAACd,QAAQ,CAACY,MAAM,EAAE,EAAE;MACxC,MAAME,GAAG,CAACI,IAAI,EAAE;IAClB;EACF;;EAEA;EACQI,eAAe,CAAClB,IAAY,EAAEU,GAAqB,EAAW;IACpE,IAAIC,QAAQ,GAAGD,GAAG,CAACC,QAAQ,EAAE,IAAI,CAACD,GAAG,CAACS,SAAS,EAAE;IACjD;IACA,IAAInB,IAAI,KAAK1B,eAAe,EAAE;MAC5BqC,QAAQ,KAAK,IAAI,CAACJ,gBAAgB,EAAE;IACtC,CAAC,MAAM,IAAIG,GAAG,CAACE,kBAAkB,EAAE,EAAE;MACnCD,QAAQ,KAAK,IAAI,CAACN,QAAQ,EAAE;IAC9B;IACA,OAAOM,QAAQ;EACjB;EAEQT,aAAa,CAACF,IAAY,EAAoB;IACpD,MAAMf,YAAY,GAAG,IAAI,CAACP,GAAG,CAACO,YAAY;IAE1C,IAAImC,OAAyB;IAC7B,QAAQpB,IAAI;MACV,KAAK1B,eAAe;QAClB8C,OAAO,GAAG,IAAIC,+BAAqB,CAAC;UAAC,GAAG,IAAI,CAAC1C,OAAO;UAAEC,QAAQ,EAAE,IAAI,CAACA;QAAQ,CAAC,CAAC;QAC/E;MACF,KAAKR,UAAU;QACbgD,OAAO,GAAG,IAAIE,0BAAgB,CAACrC,YAAY,EAAE;UAAC,GAAG,IAAI,CAACN;QAAO,CAAC,CAAC;QAC/D;MACF,KAAKN,YAAY;QACf+C,OAAO,GAAG,IAAIG,4BAAkB,CAACtC,YAAY,EAAE;UAAC,GAAG,IAAI,CAACN;QAAO,CAAC,CAAC;QACjE;MACF,KAAKJ,uBAAuB;QAC1B6C,OAAO,GAAG,IAAII,qCAA2B,CAACvC,YAAY,EAAE;UAAC,GAAG,IAAI,CAACN;QAAO,CAAC,CAAC;QAC1E;MACF;QACE,MAAM,IAAI8C,KAAK,CAAE,mBAAkBzB,IAAK,EAAC,CAAC;IAAC;IAE/C,OAAOoB,OAAO;EAChB;AAEF;AAAC;AAAA,8BApIY5C,cAAc,mBAaM,CAACJ,UAAU,EAAEC,YAAY,EAAEC,eAAe,EAAEC,uBAAuB,CAAC;AAAA,8BAbxFC,cAAc,oBAe8B;EACrDM,SAAS,EAAE,IAAI;EACfC,UAAU,EAAE,IAAI;EAChBC,WAAW,EAAE,IAAI;EACjB0C,oBAAoB,EAAE,IAAI;EAC1BC,qBAAqB,EAAE,IAAI,CAAK;AAClC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Service.js","names":[],"sources":["../../../../lib/core/types/Service.ts"],"sourcesContent":["// only add methods needed internally\nexport interface ServiceInterface {\n start(): Promise<void>;\n stop(): Promise<void>;\n isStarted(): boolean;\n canStart(): boolean;\n requiresLeadership(): boolean;\n}\n\nexport interface ServiceManagerInterface {\n isLeaderRequired(): boolean;\n isLeader(): boolean;\n start(): Promise<void>;\n stop(): Promise<void>;\n getService(name: string): ServiceInterface | undefined;\n}\n\nexport interface AutoRenewServiceOptions {\n autoRenew?: boolean;\n autoRemove?: boolean;\n}\n\nexport interface SyncStorageServiceOptions {\n syncStorage?: boolean;\n syncChannelName?: string;\n}\n\nexport interface LeaderElectionServiceOptions {\n electionChannelName?: string;\n // TODO: remove in next major version - OKTA-473815\n broadcastChannelName?: string;\n}\n\nexport type ServiceManagerOptions
|
|
1
|
+
{"version":3,"file":"Service.js","names":[],"sources":["../../../../lib/core/types/Service.ts"],"sourcesContent":["// only add methods needed internally\nexport interface ServiceInterface {\n start(): Promise<void>;\n stop(): Promise<void>;\n isStarted(): boolean;\n canStart(): boolean;\n requiresLeadership(): boolean;\n}\n\nexport interface ServiceManagerInterface {\n isLeaderRequired(): boolean;\n isLeader(): boolean;\n start(): Promise<void>;\n stop(): Promise<void>;\n getService(name: string): ServiceInterface | undefined;\n}\n\nexport interface AutoRenewServiceOptions {\n autoRenew?: boolean;\n autoRemove?: boolean;\n}\n\nexport interface SyncStorageServiceOptions {\n syncStorage?: boolean;\n syncChannelName?: string;\n}\n\nexport interface LeaderElectionServiceOptions {\n electionChannelName?: string;\n // TODO: remove in next major version - OKTA-473815\n broadcastChannelName?: string;\n}\n\ntype seconds = number;\n\nexport interface RenewOnTabActivationServiceOptions {\n renewOnTabActivation?: boolean;\n tabInactivityDuration?: seconds;\n}\n\nexport type ServiceManagerOptions =\n AutoRenewServiceOptions &\n SyncStorageServiceOptions &\n LeaderElectionServiceOptions &\n RenewOnTabActivationServiceOptions;\n"],"mappings":""}
|
|
@@ -20,7 +20,7 @@ var _features = require("../features");
|
|
|
20
20
|
class OktaUserAgent {
|
|
21
21
|
constructor() {
|
|
22
22
|
// add base sdk env
|
|
23
|
-
this.environments = [`okta-auth-js/${"7.
|
|
23
|
+
this.environments = [`okta-auth-js/${"7.6.0"}`];
|
|
24
24
|
this.maybeAddNodeEnvironment();
|
|
25
25
|
}
|
|
26
26
|
addEnvironment(env) {
|
|
@@ -32,7 +32,7 @@ class OktaUserAgent {
|
|
|
32
32
|
};
|
|
33
33
|
}
|
|
34
34
|
getVersion() {
|
|
35
|
-
return "7.
|
|
35
|
+
return "7.6.0";
|
|
36
36
|
}
|
|
37
37
|
maybeAddNodeEnvironment() {
|
|
38
38
|
if ((0, _features.isBrowser)() || !process || !process.versions) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Authenticator.js","names":["Authenticator","constructor","authenticator","meta"],"sources":["../../../../lib/idx/authenticator/Authenticator.ts"],"sourcesContent":["import { IdxAuthenticator, IdxRemediationValue } from '../types/idx-js';\n\n\nexport interface Credentials {\n [key: string]: string | undefined;\n}\n\nexport abstract class Authenticator<Values> {\n meta: IdxAuthenticator;\n\n constructor(authenticator: IdxAuthenticator) {\n this.meta = authenticator;\n }\n\n abstract canVerify(values: Values): boolean;\n\n abstract mapCredentials(values: Values): Credentials | undefined;\n\n abstract getInputs(idxRemediationValue: IdxRemediationValue): any; // TODO: add type\n}\n"],"mappings":";;;AAOO,MAAeA,aAAa,CAAS;EAG1CC,WAAW,CAACC,aAA+B,EAAE;IAC3C,IAAI,CAACC,IAAI,GAAGD,aAAa;EAC3B;;EAMmE;AACrE;AAAC"}
|
|
1
|
+
{"version":3,"file":"Authenticator.js","names":["Authenticator","constructor","authenticator","meta"],"sources":["../../../../lib/idx/authenticator/Authenticator.ts"],"sourcesContent":["import { IdxAuthenticator, IdxRemediationValue } from '../types/idx-js';\n\n\nexport interface Credentials {\n [key: string]: string | boolean | number | undefined;\n}\n\nexport abstract class Authenticator<Values> {\n meta: IdxAuthenticator;\n\n constructor(authenticator: IdxAuthenticator) {\n this.meta = authenticator;\n }\n\n abstract canVerify(values: Values): boolean;\n\n abstract mapCredentials(values: Values): Credentials | undefined;\n\n abstract getInputs(idxRemediationValue: IdxRemediationValue): any; // TODO: add type\n}\n"],"mappings":";;;AAOO,MAAeA,aAAa,CAAS;EAG1CC,WAAW,CAACC,aAA+B,EAAE;IAC3C,IAAI,CAACC,IAAI,GAAGD,aAAa;EAC3B;;EAMmE;AACrE;AAAC"}
|
|
@@ -10,22 +10,34 @@ class OktaPassword extends _Authenticator.Authenticator {
|
|
|
10
10
|
const {
|
|
11
11
|
credentials,
|
|
12
12
|
password,
|
|
13
|
-
passcode
|
|
13
|
+
passcode,
|
|
14
|
+
revokeSessions
|
|
14
15
|
} = values;
|
|
15
16
|
if (!credentials && !password && !passcode) {
|
|
16
17
|
return;
|
|
17
18
|
}
|
|
18
19
|
return credentials || {
|
|
19
|
-
passcode: passcode || password
|
|
20
|
+
passcode: passcode || password,
|
|
21
|
+
revokeSessions
|
|
20
22
|
};
|
|
21
23
|
}
|
|
22
24
|
getInputs(idxRemediationValue) {
|
|
23
|
-
|
|
25
|
+
const inputs = [{
|
|
24
26
|
...idxRemediationValue.form?.value[0],
|
|
25
27
|
name: 'password',
|
|
26
28
|
type: 'string',
|
|
27
29
|
required: idxRemediationValue.required
|
|
28
|
-
};
|
|
30
|
+
}];
|
|
31
|
+
const revokeSessions = idxRemediationValue.form?.value.find(input => input.name === 'revokeSessions');
|
|
32
|
+
if (revokeSessions) {
|
|
33
|
+
inputs.push({
|
|
34
|
+
name: 'revokeSessions',
|
|
35
|
+
type: 'boolean',
|
|
36
|
+
label: 'Sign me out of all other devices',
|
|
37
|
+
required: false
|
|
38
|
+
});
|
|
39
|
+
}
|
|
40
|
+
return inputs;
|
|
29
41
|
}
|
|
30
42
|
}
|
|
31
43
|
exports.OktaPassword = OktaPassword;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"OktaPassword.js","names":["OktaPassword","Authenticator","canVerify","values","credentials","password","passcode","mapCredentials","getInputs","idxRemediationValue","form","value","name","type","required"],"sources":["../../../../lib/idx/authenticator/OktaPassword.ts"],"sourcesContent":["import { Authenticator, Credentials } from './Authenticator';\n\nexport interface OktaPasswordInputValues {\n password?: string;\n passcode?: string;\n credentials?: Credentials;\n}\n\nexport class OktaPassword extends Authenticator<OktaPasswordInputValues> {\n canVerify(values: OktaPasswordInputValues) {\n return !!(values.credentials || values.password || values.passcode);\n }\n\n mapCredentials(values: OktaPasswordInputValues): Credentials | undefined {\n const { credentials, password, passcode } = values;\n if (!credentials && !password && !passcode) {\n return;\n }\n return credentials || {
|
|
1
|
+
{"version":3,"file":"OktaPassword.js","names":["OktaPassword","Authenticator","canVerify","values","credentials","password","passcode","mapCredentials","revokeSessions","getInputs","idxRemediationValue","inputs","form","value","name","type","required","find","input","push","label"],"sources":["../../../../lib/idx/authenticator/OktaPassword.ts"],"sourcesContent":["import { Authenticator, Credentials } from './Authenticator';\n\nexport interface OktaPasswordInputValues {\n password?: string;\n passcode?: string;\n credentials?: Credentials;\n // for ResetAuthenticator\n revokeSessions?: boolean;\n}\n\nexport class OktaPassword extends Authenticator<OktaPasswordInputValues> {\n canVerify(values: OktaPasswordInputValues) {\n return !!(values.credentials || values.password || values.passcode);\n }\n\n mapCredentials(values: OktaPasswordInputValues): Credentials | undefined {\n const { credentials, password, passcode, revokeSessions } = values;\n if (!credentials && !password && !passcode) {\n return;\n }\n return credentials || {\n passcode: passcode || password,\n revokeSessions,\n };\n }\n\n getInputs(idxRemediationValue) {\n const inputs = [{\n ...idxRemediationValue.form?.value[0],\n name: 'password',\n type: 'string',\n required: idxRemediationValue.required,\n }];\n const revokeSessions = idxRemediationValue.form?.value.find(\n input => input.name === 'revokeSessions'\n );\n if (revokeSessions) {\n inputs.push({\n name: 'revokeSessions',\n type: 'boolean',\n label: 'Sign me out of all other devices',\n required: false,\n });\n }\n return inputs;\n }\n}\n"],"mappings":";;;AAAA;AAUO,MAAMA,YAAY,SAASC,4BAAa,CAA0B;EACvEC,SAAS,CAACC,MAA+B,EAAE;IACzC,OAAO,CAAC,EAAEA,MAAM,CAACC,WAAW,IAAID,MAAM,CAACE,QAAQ,IAAIF,MAAM,CAACG,QAAQ,CAAC;EACrE;EAEAC,cAAc,CAACJ,MAA+B,EAA2B;IACvE,MAAM;MAAEC,WAAW;MAAEC,QAAQ;MAAEC,QAAQ;MAAEE;IAAe,CAAC,GAAGL,MAAM;IAClE,IAAI,CAACC,WAAW,IAAI,CAACC,QAAQ,IAAI,CAACC,QAAQ,EAAE;MAC1C;IACF;IACA,OAAOF,WAAW,IAAI;MACpBE,QAAQ,EAAEA,QAAQ,IAAID,QAAQ;MAC9BG;IACF,CAAC;EACH;EAEAC,SAAS,CAACC,mBAAmB,EAAE;IAC7B,MAAMC,MAAM,GAAG,CAAC;MACd,GAAGD,mBAAmB,CAACE,IAAI,EAAEC,KAAK,CAAC,CAAC,CAAC;MACrCC,IAAI,EAAE,UAAU;MAChBC,IAAI,EAAE,QAAQ;MACdC,QAAQ,EAAEN,mBAAmB,CAACM;IAChC,CAAC,CAAC;IACF,MAAMR,cAAc,GAAGE,mBAAmB,CAACE,IAAI,EAAEC,KAAK,CAACI,IAAI,CACzDC,KAAK,IAAIA,KAAK,CAACJ,IAAI,KAAK,gBAAgB,CACzC;IACD,IAAIN,cAAc,EAAE;MAClBG,MAAM,CAACQ,IAAI,CAAC;QACVL,IAAI,EAAE,gBAAgB;QACtBC,IAAI,EAAE,SAAS;QACfK,KAAK,EAAE,kCAAkC;QACzCJ,QAAQ,EAAE;MACZ,CAAC,CAAC;IACJ;IACA,OAAOL,MAAM;EACf;AACF;AAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"idx-js.js","names":["isRawIdxResponse","obj","version","isIdxResponse","rawIdxState"],"sources":["../../../../lib/idx/types/idx-js.ts"],"sourcesContent":["/* eslint-disable no-use-before-define */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { Input } from './api';\n\n\n// TODO: remove when idx-js provides type information\n\nexport interface ChallengeData {\n challenge: string; \n userVerification: string; \n extensions?: {\n appid: string;\n };\n}\nexport interface ActivationData {\n challenge: string;\n rp: {\n name: string;\n };\n user: {\n id: string;\n name: string;\n displayName: string;\n };\n pubKeyCredParams: {\n type: string;\n alg: number;\n }[];\n attestation?: string;\n authenticatorSelection?: {\n userVerification?: string;\n authenticatorAttachment?: string;\n requireResidentKey?: boolean;\n residentKey?: string;\n };\n excludeCredentials?: {\n id: string;\n type: string;\n }[];\n}\nexport interface IdxAuthenticatorMethod {\n type: string;\n}\nexport interface IdxAuthenticator {\n displayName: string;\n id: string;\n key: string;\n methods: IdxAuthenticatorMethod[];\n type: string;\n settings?: {\n complexity?: unknown;\n age?: unknown;\n };\n contextualData?: {\n enrolledQuestion?: {\n question: string;\n questionKey: string;\n };\n qrcode?: { \n href: string; \n method: string; \n type: string; \n };\n sharedSecret?: string;\n questions?: {\n questionKey: string;\n question: string;\n }[];\n questionKeys?: string[];\n selectedChannel?: string;\n activationData?: ActivationData;\n challengeData?: ChallengeData;\n };\n credentialId?: string;\n enrollmentId?: string;\n profile?: Record<string, unknown>;\n resend?: Record<string, unknown>;\n poll?: Record<string, unknown>;\n recover?: Record<string, unknown>;\n deviceKnown?: boolean;\n}\n\nexport interface IdxForm {\n value: IdxRemediationValue[];\n}\n\nexport interface IdxOption {\n value: string | {form: IdxForm} | Input[];\n label: string;\n relatesTo?: IdxAuthenticator;\n}\n\nexport interface IdpConfig {\n id: string;\n name: string;\n}\n\nexport interface IdxRemediationValueForm {\n form: IdxForm;\n}\n\nexport interface IdxRemediationValue {\n name: string;\n type?: string;\n required?: boolean;\n secret?: boolean;\n visible?: boolean;\n mutable?: boolean;\n value?: string | IdxRemediationValueForm;\n label?: string;\n form?: IdxForm;\n options?: IdxOption[];\n messages?: IdxMessages;\n minLength?: number;\n maxLength?: number;\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n}\n\nexport interface IdxRemediation {\n name: string;\n label?: string;\n value?: IdxRemediationValue[];\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n idp?: IdpConfig;\n href?: string;\n method?: string;\n type?: string;\n accepts?: string;\n produces?: string;\n refresh?: number;\n rel?: string[];\n action?: (payload?: IdxActionParams) => Promise<IdxResponse>;\n}\n\nexport interface IdxContext {\n version: string;\n stateHandle: string;\n expiresAt: string;\n intent: string;\n currentAuthenticator: {\n type: string;\n value: IdxAuthenticator;\n };\n currentAuthenticatorEnrollment: {\n type: string;\n value: IdxAuthenticator;\n };\n authenticators: {\n type: string;\n value: IdxAuthenticator[];\n };\n authenticatorEnrollments: {\n type: string;\n value: IdxAuthenticator[];\n };\n enrollmentAuthenticator: {\n type: string;\n value: IdxAuthenticator;\n };\n user?: {\n type: string;\n value: Record<string, unknown>;\n };\n uiDisplay?: IdxContextUIDisplay\n app: {\n type: string;\n value: Record<string, unknown>;\n };\n messages?: IdxMessages;\n success?: IdxRemediation;\n failure?: IdxRemediation;\n}\n\nexport interface IdxContextUIDisplay {\n type: string;\n value: {\n label?: string;\n buttonLabel?: string;\n }\n}\n\nexport interface IdxMessage {\n message: string;\n class: string;\n i18n: {\n key: string;\n params?: unknown[];\n };\n}\n\nexport interface IdxMessages {\n type: 'array';\n value: IdxMessage[];\n}\n\n// JSON response from the server\nexport interface RawIdxResponse {\n version: string;\n stateHandle: string;\n intent?: string;\n expiresAt?: string;\n remediation?: {\n type: 'array';\n value: IdxRemediation[];\n };\n messages?: IdxMessages;\n success?: boolean;\n successWithInteractionCode?: IdxRemediation;\n currentAuthenticator?: {\n type: string;\n value: IdxAuthenticator;\n };\n currentAuthenticatorEnrollment?: {\n type: string;\n value: IdxAuthenticator;\n };\n}\n\nexport function isRawIdxResponse(obj: any): obj is RawIdxResponse {\n return obj && obj.version;\n}\n\nexport interface IdxActionParams {\n [key: string]: string | boolean | number | object;\n}\n\nexport interface IdxActions {\n [key: string]: (params?: IdxActionParams) => Promise<IdxResponse>;\n}\n\nexport interface IdxToPersist {\n interactionHandle?: string;\n withCredentials?: boolean;\n}\n\nexport interface IdxActionFunction {\n (params: IdxActionParams): Promise<IdxResponse>;\n neededParams?: Array<Array<IdxRemediationValue>>;\n}\n\nexport interface IdxResponse {\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n toPersist: IdxToPersist;\n context?: IdxContext;\n requestDidSucceed?: boolean;\n stepUp?: boolean;\n}\n\nexport function isIdxResponse(obj: any): obj is IdxResponse {\n return obj && isRawIdxResponse(obj.rawIdxState);\n}\n"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAKA;;
|
|
1
|
+
{"version":3,"file":"idx-js.js","names":["isRawIdxResponse","obj","version","isIdxResponse","rawIdxState"],"sources":["../../../../lib/idx/types/idx-js.ts"],"sourcesContent":["/* eslint-disable no-use-before-define */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { Input } from './api';\n\n\n// TODO: remove when idx-js provides type information\n\nexport interface ChallengeData {\n challenge: string; \n userVerification: string; \n extensions?: {\n appid: string;\n };\n}\nexport interface ActivationData {\n challenge: string;\n rp: {\n name: string;\n };\n user: {\n id: string;\n name: string;\n displayName: string;\n };\n pubKeyCredParams: {\n type: string;\n alg: number;\n }[];\n attestation?: string;\n authenticatorSelection?: {\n userVerification?: string;\n authenticatorAttachment?: string;\n requireResidentKey?: boolean;\n residentKey?: string;\n };\n excludeCredentials?: {\n id: string;\n type: string;\n }[];\n}\nexport interface IdxAuthenticatorMethod {\n type: string;\n}\nexport interface IdxAuthenticator {\n displayName: string;\n id: string;\n key: string;\n methods: IdxAuthenticatorMethod[];\n type: string;\n settings?: {\n complexity?: unknown;\n age?: unknown;\n };\n contextualData?: {\n enrolledQuestion?: {\n question: string;\n questionKey: string;\n };\n qrcode?: { \n href: string; \n method: string; \n type: string; \n };\n sharedSecret?: string;\n questions?: {\n questionKey: string;\n question: string;\n }[];\n questionKeys?: string[];\n selectedChannel?: string;\n activationData?: ActivationData;\n challengeData?: ChallengeData;\n };\n credentialId?: string;\n enrollmentId?: string;\n profile?: Record<string, unknown>;\n resend?: Record<string, unknown>;\n poll?: Record<string, unknown>;\n recover?: Record<string, unknown>;\n deviceKnown?: boolean;\n nickname?: string;\n}\n\nexport interface IdxForm {\n value: IdxRemediationValue[];\n}\n\nexport interface IdxOption {\n value: string | {form: IdxForm} | Input[];\n label: string;\n relatesTo?: IdxAuthenticator;\n}\n\nexport interface IdpConfig {\n id: string;\n name: string;\n}\n\nexport interface IdxRemediationValueForm {\n form: IdxForm;\n}\n\nexport interface IdxRemediationValue {\n name: string;\n type?: string;\n required?: boolean;\n secret?: boolean;\n visible?: boolean;\n mutable?: boolean;\n value?: string | IdxRemediationValueForm;\n label?: string;\n form?: IdxForm;\n options?: IdxOption[];\n messages?: IdxMessages;\n minLength?: number;\n maxLength?: number;\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n}\n\nexport interface IdxRemediation {\n name: string;\n label?: string;\n value?: IdxRemediationValue[];\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n idp?: IdpConfig;\n href?: string;\n method?: string;\n type?: string;\n accepts?: string;\n produces?: string;\n refresh?: number;\n rel?: string[];\n action?: (payload?: IdxActionParams) => Promise<IdxResponse>;\n}\n\nexport interface IdxContext {\n version: string;\n stateHandle: string;\n expiresAt: string;\n intent: string;\n currentAuthenticator: {\n type: string;\n value: IdxAuthenticator;\n };\n currentAuthenticatorEnrollment: {\n type: string;\n value: IdxAuthenticator;\n };\n authenticators: {\n type: string;\n value: IdxAuthenticator[];\n };\n authenticatorEnrollments: {\n type: string;\n value: IdxAuthenticator[];\n };\n enrollmentAuthenticator: {\n type: string;\n value: IdxAuthenticator;\n };\n user?: {\n type: string;\n value: Record<string, unknown>;\n };\n uiDisplay?: IdxContextUIDisplay\n app: {\n type: string;\n value: Record<string, unknown>;\n };\n messages?: IdxMessages;\n success?: IdxRemediation;\n failure?: IdxRemediation;\n}\n\nexport interface IdxContextUIDisplay {\n type: string;\n value: {\n label?: string;\n buttonLabel?: string;\n }\n}\n\nexport interface IdxMessage {\n message: string;\n class: string;\n i18n: {\n key: string;\n params?: unknown[];\n };\n}\n\nexport interface IdxMessages {\n type: 'array';\n value: IdxMessage[];\n}\n\n// JSON response from the server\nexport interface RawIdxResponse {\n version: string;\n stateHandle: string;\n intent?: string;\n expiresAt?: string;\n remediation?: {\n type: 'array';\n value: IdxRemediation[];\n };\n messages?: IdxMessages;\n success?: boolean;\n successWithInteractionCode?: IdxRemediation;\n currentAuthenticator?: {\n type: string;\n value: IdxAuthenticator;\n };\n currentAuthenticatorEnrollment?: {\n type: string;\n value: IdxAuthenticator;\n };\n}\n\nexport function isRawIdxResponse(obj: any): obj is RawIdxResponse {\n return obj && obj.version;\n}\n\nexport interface IdxActionParams {\n [key: string]: string | boolean | number | object;\n}\n\nexport interface IdxActions {\n [key: string]: (params?: IdxActionParams) => Promise<IdxResponse>;\n}\n\nexport interface IdxToPersist {\n interactionHandle?: string;\n withCredentials?: boolean;\n}\n\nexport interface IdxActionFunction {\n (params: IdxActionParams): Promise<IdxResponse>;\n neededParams?: Array<Array<IdxRemediationValue>>;\n}\n\nexport interface IdxResponse {\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n toPersist: IdxToPersist;\n context?: IdxContext;\n requestDidSucceed?: boolean;\n stepUp?: boolean;\n}\n\nexport function isIdxResponse(obj: any): obj is IdxResponse {\n return obj && isRawIdxResponse(obj.rawIdxState);\n}\n"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAKA;;AAqMA;;AAuBO,SAASA,gBAAgB,CAACC,GAAQ,EAAyB;EAChE,OAAOA,GAAG,IAAIA,GAAG,CAACC,OAAO;AAC3B;AAgCO,SAASC,aAAa,CAACF,GAAQ,EAAsB;EAC1D,OAAOA,GAAG,IAAID,gBAAgB,CAACC,GAAG,CAACG,WAAW,CAAC;AACjD"}
|
package/cjs/oidc/TokenManager.js
CHANGED
|
@@ -341,7 +341,15 @@ class TokenManager {
|
|
|
341
341
|
}
|
|
342
342
|
try {
|
|
343
343
|
var token = this.getSync(key);
|
|
344
|
-
|
|
344
|
+
let shouldRenew = token !== undefined;
|
|
345
|
+
// explicitly check if key='accessToken' because token keys are not guaranteed (long story, features dragons)
|
|
346
|
+
if (!token && key === 'accessToken') {
|
|
347
|
+
// attempt token renewal if refresh token is present (improves consistency of autoRenew)
|
|
348
|
+
const refreshKey = this.getStorageKeyByType('refreshToken');
|
|
349
|
+
const refreshToken = this.getSync(refreshKey);
|
|
350
|
+
shouldRenew = refreshToken !== undefined;
|
|
351
|
+
}
|
|
352
|
+
if (!shouldRenew) {
|
|
345
353
|
throw new _errors.AuthSdkError('The tokenManager has no token for the key: ' + key);
|
|
346
354
|
}
|
|
347
355
|
} catch (err) {
|
|
@@ -357,6 +365,14 @@ class TokenManager {
|
|
|
357
365
|
const renewPromise = this.state.renewPromise = this.sdk.token.renewTokens().then(tokens => {
|
|
358
366
|
this.setTokens(tokens);
|
|
359
367
|
|
|
368
|
+
// return accessToken in case where access token doesn't exist
|
|
369
|
+
// but refresh token exists
|
|
370
|
+
if (!token && key === 'accessToken') {
|
|
371
|
+
const accessToken = tokens['accessToken'];
|
|
372
|
+
this.emitRenewed(key, accessToken, null);
|
|
373
|
+
return accessToken;
|
|
374
|
+
}
|
|
375
|
+
|
|
360
376
|
// resolve token based on the key
|
|
361
377
|
const tokenType = this.getTokenType(token);
|
|
362
378
|
return tokens[tokenType];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TokenManager.js","names":["DEFAULT_OPTIONS","autoRenew","autoRemove","syncStorage","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","defaultState","expireTimeouts","renewPromise","TokenManager","on","event","handler","context","emitter","off","constructor","sdk","options","AuthSdkError","Object","assign","removeNils","isLocalhost","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","useSeparateCookies","clock","SdkClock","create","state","start","setExpireEventTimeoutAll","started","stop","clearExpireEventTimeoutAll","isStarted","getOptions","clone","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","EVENT_EXPIRED","emitRenewed","freshToken","oldToken","EVENT_RENEWED","emitAdded","EVENT_ADDED","emitRemoved","EVENT_REMOVED","emitError","error","EVENT_ERROR","clearExpireEventTimeout","clearTimeout","prototype","hasOwnProperty","call","setExpireEventTimeout","isRefreshToken","expireEventWait","Math","max","expireEventTimeout","setTimeout","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","validateToken","setStorage","emitSetStorageEvent","getSync","get","getTokensSync","tokens","keys","forEach","isAccessToken","accessToken","isIDToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","filter","getTokenType","isIE11OrLess","EVENT_SET_STORAGE","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","reduce","newToken","existingToken","remove","removedToken","renewToken","renew","err","Promise","reject","renewTokens","then","tokenType","catch","tokenKey","finally","clear","clearStorage","removedTokens","pendingRemove","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","removeRefreshToken","addPendingRemoveFlags"],"sources":["../../../lib/oidc/TokenManager.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from '../util';\nimport { AuthSdkError } from '../errors';\nimport { validateToken } from '../oidc/util';\nimport { isLocalhost, isIE11OrLess } from '../features';\nimport SdkClock from '../clock';\nimport {\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n TokenManagerErrorEventHandler,\n TokenManagerSetStorageEventHandler,\n TokenManagerRenewEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken,\n AccessTokenCallback,\n IDTokenCallback,\n RefreshTokenCallback,\n EVENT_RENEWED,\n EVENT_ADDED,\n EVENT_ERROR,\n EVENT_EXPIRED,\n EVENT_REMOVED,\n EVENT_SET_STORAGE,\n TokenManagerAnyEventHandler,\n TokenManagerAnyEvent,\n OktaAuthOAuthInterface\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY, TOKEN_STORAGE_NAME } from '../constants';\nimport { EventEmitter } from '../base/types';\nimport { StorageOptions, StorageProvider, StorageType } from '../storage/types';\n\nconst DEFAULT_OPTIONS = {\n // TODO: remove in next major version - OKTA-473815\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n // --- //\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME\n};\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token | undefined> | null;\n started?: boolean;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuthOAuthInterface;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n\n on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler: TokenManagerEventHandler, context?: object): void;\n on(event: TokenManagerAnyEvent, handler: TokenManagerAnyEventHandler, context?: object): void {\n if (context) {\n this.emitter.on(event, handler, context);\n } else {\n this.emitter.on(event, handler);\n }\n }\n\n off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler?: TokenManagerEventHandler): void;\n off(event: TokenManagerAnyEvent, handler?: TokenManagerAnyEventHandler): void {\n if (handler) {\n this.emitter.off(event, handler);\n } else {\n this.emitter.off(event);\n }\n }\n\n // eslint-disable-next-line complexity\n constructor(sdk: OktaAuthOAuthInterface, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n \n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n }\n\n start() {\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.setExpireEventTimeoutAll();\n this.state.started = true;\n }\n \n stop() {\n this.clearExpireEventTimeoutAll();\n this.state.started = false;\n }\n\n isStarted() {\n return !!this.state.started;\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n var expireTime = token.expiresAt - expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key): Token | undefined {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key): Promise<Token | undefined> {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n // for synchronization of LocalStorage cross tabs for IE11\n private emitSetStorageEvent() {\n if (isIE11OrLess()) {\n const storage = this.storage.getStorage();\n this.emitter.emit(EVENT_SET_STORAGE, storage);\n }\n }\n\n // used in `SyncStorageService` for synchronization of LocalStorage cross tabs for IE11\n public getStorage() {\n return this.storage;\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: AccessTokenCallback, \n idTokenCb?: IDTokenCallback,\n refreshTokenCb?: RefreshTokenCallback\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n this.emitSetStorageEvent();\n\n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token?.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token | undefined> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n \n try {\n var token = this.getSync(key);\n if (!token) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n } catch (err) {\n this.emitError(err);\n return Promise.reject(err);\n }\n \n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n const renewPromise = this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token!);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token from storage and emit error\n this.remove(key);\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return renewPromise;\n }\n \n clear() {\n const tokens = this.getTokensSync();\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n this.emitSetStorageEvent();\n\n Object.keys(tokens).forEach(key => {\n this.emitRemoved(key, tokens[key]);\n });\n }\n\n clearPendingRemoveTokens() {\n const tokenStorage = this.storage.getStorage();\n const removedTokens = {};\n Object.keys(tokenStorage).forEach(key => {\n if (tokenStorage[key].pendingRemove) {\n removedTokens[key] = tokenStorage[key];\n delete tokenStorage[key];\n }\n });\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n Object.keys(removedTokens).forEach(key => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, removedTokens[key]);\n });\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n }\n\n removeRefreshToken () {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n this.remove(key);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n"],"mappings":";;;;AAYA;AACA;AACA;AACA;AACA;AACA;AA2BA;AA5CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAqCA,MAAMA,eAAe,GAAG;EACtB;EACAC,SAAS,EAAE,IAAI;EACfC,UAAU,EAAE,IAAI;EAChBC,WAAW,EAAE,IAAI;EACjB;EACAC,wBAAwB,EAAE,IAAI;EAC9BC,OAAO,EAAEC,SAAS;EAAE;EACpBC,kBAAkB,EAAE,EAAE;EACtBC,UAAU,EAAEC;AACd,CAAC;AAOD,SAASC,YAAY,GAAsB;EACzC,OAAO;IACLC,cAAc,EAAE,CAAC,CAAC;IAClBC,YAAY,EAAE;EAChB,CAAC;AACH;AACO,MAAMC,YAAY,CAAkC;EAazDC,EAAE,CAACC,KAA2B,EAAEC,OAAoC,EAAEC,OAAgB,EAAQ;IAC5F,IAAIA,OAAO,EAAE;MACX,IAAI,CAACC,OAAO,CAACJ,EAAE,CAACC,KAAK,EAAEC,OAAO,EAAEC,OAAO,CAAC;IAC1C,CAAC,MAAM;MACL,IAAI,CAACC,OAAO,CAACJ,EAAE,CAACC,KAAK,EAAEC,OAAO,CAAC;IACjC;EACF;EAOAG,GAAG,CAACJ,KAA2B,EAAEC,OAAqC,EAAQ;IAC5E,IAAIA,OAAO,EAAE;MACX,IAAI,CAACE,OAAO,CAACC,GAAG,CAACJ,KAAK,EAAEC,OAAO,CAAC;IAClC,CAAC,MAAM;MACL,IAAI,CAACE,OAAO,CAACC,GAAG,CAACJ,KAAK,CAAC;IACzB;EACF;;EAEA;EACAK,WAAW,CAACC,GAA2B,EAAEC,OAA4B,GAAG,CAAC,CAAC,EAAE;IAC1E,IAAI,CAACD,GAAG,GAAGA,GAAG;IACd,IAAI,CAACH,OAAO,GAAIG,GAAG,CAASH,OAAO;IACnC,IAAI,CAAC,IAAI,CAACA,OAAO,EAAE;MACjB,MAAM,IAAIK,oBAAY,CAAC,mDAAmD,CAAC;IAC7E;IAEAD,OAAO,GAAGE,MAAM,CAACC,MAAM,CAAC,CAAC,CAAC,EAAEzB,eAAe,EAAE,IAAA0B,gBAAU,EAACJ,OAAO,CAAC,CAAC;IACjE,IAAI,CAAC,IAAAK,qBAAW,GAAE,EAAE;MAClBL,OAAO,CAACf,kBAAkB,GAAGP,eAAe,CAACO,kBAAkB;IACjE;IAEA,IAAI,CAACe,OAAO,GAAGA,OAAO;IAEtB,MAAMM,cAA8B,GAAG,IAAAF,gBAAU,EAAC;MAChDlB,UAAU,EAAEc,OAAO,CAACd,UAAU;MAC9BqB,MAAM,EAAEP,OAAO,CAACO;IAClB,CAAC,CAAC;IACF,IAAI,OAAOP,OAAO,CAACjB,OAAO,KAAK,QAAQ,EAAE;MACvC;MACAuB,cAAc,CAACE,eAAe,GAAGR,OAAO,CAACjB,OAAO;IAClD,CAAC,MAAM,IAAIiB,OAAO,CAACjB,OAAO,EAAE;MAC1BuB,cAAc,CAACG,WAAW,GAAGT,OAAO,CAACjB,OAAsB;IAC7D;IAEA,IAAI,CAACA,OAAO,GAAGgB,GAAG,CAACW,cAAc,CAACC,eAAe,CAAC;MAAC,GAAGL,cAAc;MAAEM,kBAAkB,EAAE;IAAI,CAAC,CAAC;IAChG,IAAI,CAACC,KAAK,GAAGC,cAAQ,CAACC,MAAM,EAAoB;IAChD,IAAI,CAACC,KAAK,GAAG5B,YAAY,EAAE;EAC7B;EAEA6B,KAAK,GAAG;IACN,IAAI,IAAI,CAACjB,OAAO,CAAClB,wBAAwB,EAAE;MACzC,IAAI,CAACA,wBAAwB,EAAE;IACjC;IACA,IAAI,CAACoC,wBAAwB,EAAE;IAC/B,IAAI,CAACF,KAAK,CAACG,OAAO,GAAG,IAAI;EAC3B;EAEAC,IAAI,GAAG;IACL,IAAI,CAACC,0BAA0B,EAAE;IACjC,IAAI,CAACL,KAAK,CAACG,OAAO,GAAG,KAAK;EAC5B;EAEAG,SAAS,GAAG;IACV,OAAO,CAAC,CAAC,IAAI,CAACN,KAAK,CAACG,OAAO;EAC7B;EAEAI,UAAU,GAAwB;IAChC,OAAO,IAAAC,WAAK,EAAC,IAAI,CAACxB,OAAO,CAAC;EAC5B;EAEAyB,aAAa,CAACC,KAAK,EAAE;IACnB,MAAMzC,kBAAkB,GAAG,IAAI,CAACe,OAAO,CAACf,kBAAkB,IAAI,CAAC;IAC/D,IAAI0C,UAAU,GAAGD,KAAK,CAACE,SAAS,GAAG3C,kBAAkB;IACrD,OAAO0C,UAAU;EACnB;EAEAE,UAAU,CAACH,KAAK,EAAE;IAChB,IAAIC,UAAU,GAAG,IAAI,CAACF,aAAa,CAACC,KAAK,CAAC;IAC1C,OAAOC,UAAU,IAAI,IAAI,CAACd,KAAK,CAACiB,GAAG,EAAE;EACvC;EAEAC,WAAW,CAACC,GAAG,EAAEN,KAAK,EAAE;IACtB,IAAI,CAAC9B,OAAO,CAACqC,IAAI,CAACC,oBAAa,EAAEF,GAAG,EAAEN,KAAK,CAAC;EAC9C;EAEAS,WAAW,CAACH,GAAG,EAAEI,UAAU,EAAEC,QAAQ,EAAE;IACrC,IAAI,CAACzC,OAAO,CAACqC,IAAI,CAACK,oBAAa,EAAEN,GAAG,EAAEI,UAAU,EAAEC,QAAQ,CAAC;EAC7D;EAEAE,SAAS,CAACP,GAAG,EAAEN,KAAK,EAAE;IACpB,IAAI,CAAC9B,OAAO,CAACqC,IAAI,CAACO,kBAAW,EAAER,GAAG,EAAEN,KAAK,CAAC;EAC5C;EAEAe,WAAW,CAACT,GAAG,EAAEN,KAAM,EAAE;IACvB,IAAI,CAAC9B,OAAO,CAACqC,IAAI,CAACS,oBAAa,EAAEV,GAAG,EAAEN,KAAK,CAAC;EAC9C;EAEAiB,SAAS,CAACC,KAAK,EAAE;IACf,IAAI,CAAChD,OAAO,CAACqC,IAAI,CAACY,kBAAW,EAAED,KAAK,CAAC;EACvC;EAEAE,uBAAuB,CAACd,GAAG,EAAE;IAC3Be,YAAY,CAAC,IAAI,CAAC/B,KAAK,CAAC3B,cAAc,CAAC2C,GAAG,CAAC,CAAQ;IACnD,OAAO,IAAI,CAAChB,KAAK,CAAC3B,cAAc,CAAC2C,GAAG,CAAC;;IAErC;IACA,IAAI,CAAChB,KAAK,CAAC1B,YAAY,GAAG,IAAI;EAChC;EAEA+B,0BAA0B,GAAG;IAC3B,IAAIhC,cAAc,GAAG,IAAI,CAAC2B,KAAK,CAAC3B,cAAc;IAC9C,KAAK,IAAI2C,GAAG,IAAI3C,cAAc,EAAE;MAC9B,IAAI,CAACa,MAAM,CAAC8C,SAAS,CAACC,cAAc,CAACC,IAAI,CAAC7D,cAAc,EAAE2C,GAAG,CAAC,EAAE;QAC9D;MACF;MACA,IAAI,CAACc,uBAAuB,CAACd,GAAG,CAAC;IACnC;EACF;EAEAmB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,EAAE;IAChC,IAAI,IAAA0B,qBAAc,EAAC1B,KAAK,CAAC,EAAE;MACzB;IACF;IAEA,IAAIC,UAAU,GAAG,IAAI,CAACF,aAAa,CAACC,KAAK,CAAC;IAC1C,IAAI2B,eAAe,GAAGC,IAAI,CAACC,GAAG,CAAC5B,UAAU,GAAG,IAAI,CAACd,KAAK,CAACiB,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI;;IAEvE;IACA,IAAI,CAACgB,uBAAuB,CAACd,GAAG,CAAC;IAEjC,IAAIwB,kBAAkB,GAAGC,UAAU,CAAC,MAAM;MACxC,IAAI,CAAC1B,WAAW,CAACC,GAAG,EAAEN,KAAK,CAAC;IAC9B,CAAC,EAAE2B,eAAe,CAAC;;IAEnB;IACA,IAAI,CAACrC,KAAK,CAAC3B,cAAc,CAAC2C,GAAG,CAAC,GAAGwB,kBAAkB;EACrD;EAEAtC,wBAAwB,GAAG;IACzB,IAAIwC,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,KAAI,IAAI3B,GAAG,IAAI0B,YAAY,EAAE;MAC3B,IAAI,CAACxD,MAAM,CAAC8C,SAAS,CAACC,cAAc,CAACC,IAAI,CAACQ,YAAY,EAAE1B,GAAG,CAAC,EAAE;QAC5D;MACF;MACA,IAAIN,KAAK,GAAGgC,YAAY,CAAC1B,GAAG,CAAC;MAC7B,IAAI,CAACmB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;IACxC;EACF;;EAEA;EACAkC,0BAA0B,GAAG;IAC3B,IAAI,CAACvC,0BAA0B,EAAE;IACjC,IAAI,CAACH,wBAAwB,EAAE;EACjC;EAEA2C,GAAG,CAAC7B,GAAG,EAAEN,KAAY,EAAE;IACrB,IAAIgC,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,IAAAG,oBAAa,EAACpC,KAAK,CAAC;IACpBgC,YAAY,CAAC1B,GAAG,CAAC,GAAGN,KAAK;IACzB,IAAI,CAAC3C,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;IAC1B,IAAI,CAACzB,SAAS,CAACP,GAAG,EAAEN,KAAK,CAAC;IAC1B,IAAI,CAACyB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;EACxC;EAEAuC,OAAO,CAACjC,GAAG,EAAqB;IAC9B,IAAI0B,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,OAAOD,YAAY,CAAC1B,GAAG,CAAC;EAC1B;EAEA,MAAMkC,GAAG,CAAClC,GAAG,EAA8B;IACzC,OAAO,IAAI,CAACiC,OAAO,CAACjC,GAAG,CAAC;EAC1B;EAEAmC,aAAa,GAAW;IACtB,MAAMC,MAAM,GAAG,CAAC,CAAW;IAC3B,MAAMV,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC9CzD,MAAM,CAACmE,IAAI,CAACX,YAAY,CAAC,CAACY,OAAO,CAACtC,GAAG,IAAI;MACvC,MAAMN,KAAK,GAAGgC,YAAY,CAAC1B,GAAG,CAAC;MAC/B,IAAI,IAAAuC,oBAAa,EAAC7C,KAAK,CAAC,EAAE;QACxB0C,MAAM,CAACI,WAAW,GAAG9C,KAAK;MAC5B,CAAC,MAAM,IAAI,IAAA+C,gBAAS,EAAC/C,KAAK,CAAC,EAAE;QAC3B0C,MAAM,CAACM,OAAO,GAAGhD,KAAK;MACxB,CAAC,MAAM,IAAI,IAAA0B,qBAAc,EAAC1B,KAAK,CAAC,EAAE;QAChC0C,MAAM,CAACO,YAAY,GAAGjD,KAAK;MAC7B;IACF,CAAC,CAAC;IACF,OAAO0C,MAAM;EACf;EAEA,MAAMQ,SAAS,GAAoB;IACjC,OAAO,IAAI,CAACT,aAAa,EAAE;EAC7B;EAEAU,mBAAmB,CAACC,IAAe,EAAU;IAC3C,MAAMpB,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC9C,MAAM3B,GAAG,GAAG9B,MAAM,CAACmE,IAAI,CAACX,YAAY,CAAC,CAACqB,MAAM,CAAC/C,GAAG,IAAI;MAClD,MAAMN,KAAK,GAAGgC,YAAY,CAAC1B,GAAG,CAAC;MAC/B,OAAQ,IAAAuC,oBAAa,EAAC7C,KAAK,CAAC,IAAIoD,IAAI,KAAK,aAAa,IAChD,IAAAL,gBAAS,EAAC/C,KAAK,CAAC,IAAIoD,IAAI,KAAK,SAAU,IACvC,IAAA1B,qBAAc,EAAC1B,KAAK,CAAC,IAAIoD,IAAI,KAAK,cAAe;IACzD,CAAC,CAAC,CAAC,CAAC,CAAC;IACL,OAAO9C,GAAG;EACZ;EAEQgD,YAAY,CAACtD,KAAY,EAAa;IAC5C,IAAI,IAAA6C,oBAAa,EAAC7C,KAAK,CAAC,EAAE;MACxB,OAAO,aAAa;IACtB;IACA,IAAI,IAAA+C,gBAAS,EAAC/C,KAAK,CAAC,EAAE;MACpB,OAAO,SAAS;IAClB;IACA,IAAG,IAAA0B,qBAAc,EAAC1B,KAAK,CAAC,EAAE;MACxB,OAAO,cAAc;IACvB;IACA,MAAM,IAAIzB,oBAAY,CAAC,oBAAoB,CAAC;EAC9C;;EAEA;EACQ+D,mBAAmB,GAAG;IAC5B,IAAI,IAAAiB,sBAAY,GAAE,EAAE;MAClB,MAAMlG,OAAO,GAAG,IAAI,CAACA,OAAO,CAAC4E,UAAU,EAAE;MACzC,IAAI,CAAC/D,OAAO,CAACqC,IAAI,CAACiD,wBAAiB,EAAEnG,OAAO,CAAC;IAC/C;EACF;;EAEA;EACO4E,UAAU,GAAG;IAClB,OAAO,IAAI,CAAC5E,OAAO;EACrB;EAEAoG,SAAS,CACPf,MAAc;EACd;EACAgB,aAAmC,EACnCC,SAA2B,EAC3BC,cAAqC,EAC/B;IACN,MAAMC,mBAAmB,GAAG,CAACvD,GAAG,EAAEN,KAAK,KAAK;MAC1C,MAAMoD,IAAI,GAAG,IAAI,CAACE,YAAY,CAACtD,KAAK,CAAC;MACrC,IAAIoD,IAAI,KAAK,aAAa,EAAE;QAC1BM,aAAa,IAAIA,aAAa,CAACpD,GAAG,EAAEN,KAAK,CAAC;MAC5C,CAAC,MAAM,IAAIoD,IAAI,KAAK,SAAS,EAAE;QAC7BO,SAAS,IAAIA,SAAS,CAACrD,GAAG,EAAEN,KAAK,CAAC;MACpC,CAAC,MAAM,IAAIoD,IAAI,KAAK,cAAc,EAAE;QAClCQ,cAAc,IAAIA,cAAc,CAACtD,GAAG,EAAEN,KAAK,CAAC;MAC9C;IACF,CAAC;IACD,MAAM8D,WAAW,GAAG,CAACxD,GAAG,EAAEN,KAAK,KAAK;MAClC,IAAI,CAACa,SAAS,CAACP,GAAG,EAAEN,KAAK,CAAC;MAC1B,IAAI,CAACyB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;MACtC6D,mBAAmB,CAACvD,GAAG,EAAEN,KAAK,CAAC;IACjC,CAAC;IACD,MAAM+D,aAAa,GAAG,CAACzD,GAAG,EAAEN,KAAK,EAAEW,QAAQ,KAAK;MAC9C,IAAI,CAACF,WAAW,CAACH,GAAG,EAAEN,KAAK,EAAEW,QAAQ,CAAC;MACtC,IAAI,CAACS,uBAAuB,CAACd,GAAG,CAAC;MACjC,IAAI,CAACmB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;MACtC6D,mBAAmB,CAACvD,GAAG,EAAEN,KAAK,CAAC;IACjC,CAAC;IACD,MAAMgE,aAAa,GAAG,CAAC1D,GAAG,EAAEN,KAAK,KAAK;MACpC,IAAI,CAACoB,uBAAuB,CAACd,GAAG,CAAC;MACjC,IAAI,CAACS,WAAW,CAACT,GAAG,EAAEN,KAAK,CAAC;MAC5B6D,mBAAmB,CAACvD,GAAG,EAAEN,KAAK,CAAC;IACjC,CAAC;IAED,MAAMiE,KAAkB,GAAG,CAAC,SAAS,EAAE,aAAa,EAAE,cAAc,CAAC;IACrE,MAAMC,cAAc,GAAG,IAAI,CAACzB,aAAa,EAAE;;IAE3C;IACAwB,KAAK,CAACrB,OAAO,CAAEQ,IAAI,IAAK;MACtB,MAAMpD,KAAK,GAAG0C,MAAM,CAACU,IAAI,CAAC;MAC1B,IAAIpD,KAAK,EAAE;QACT,IAAAoC,oBAAa,EAACpC,KAAK,EAAEoD,IAAI,CAAC;MAC5B;IACF,CAAC,CAAC;;IAEF;IACA,MAAM/F,OAAO,GAAG4G,KAAK,CAACE,MAAM,CAAC,CAAC9G,OAAO,EAAE+F,IAAI,KAAK;MAC9C,MAAMpD,KAAK,GAAG0C,MAAM,CAACU,IAAI,CAAC;MAC1B,IAAIpD,KAAK,EAAE;QACT,MAAMxC,UAAU,GAAG,IAAI,CAAC2F,mBAAmB,CAACC,IAAI,CAAC,IAAIA,IAAI;QACzD/F,OAAO,CAACG,UAAU,CAAC,GAAGwC,KAAK;MAC7B;MACA,OAAO3C,OAAO;IAChB,CAAC,EAAE,CAAC,CAAC,CAAC;IACN,IAAI,CAACA,OAAO,CAACgF,UAAU,CAAChF,OAAO,CAAC;IAChC,IAAI,CAACiF,mBAAmB,EAAE;;IAE1B;IACA2B,KAAK,CAACrB,OAAO,CAACQ,IAAI,IAAI;MACpB,MAAMgB,QAAQ,GAAG1B,MAAM,CAACU,IAAI,CAAC;MAC7B,MAAMiB,aAAa,GAAGH,cAAc,CAACd,IAAI,CAAC;MAC1C,MAAM5F,UAAU,GAAG,IAAI,CAAC2F,mBAAmB,CAACC,IAAI,CAAC,IAAIA,IAAI;MACzD,IAAIgB,QAAQ,IAAIC,aAAa,EAAE;QAAE;QAC/B;QACAL,aAAa,CAACxG,UAAU,EAAE6G,aAAa,CAAC;QACxCP,WAAW,CAACtG,UAAU,EAAE4G,QAAQ,CAAC;QACjCL,aAAa,CAACvG,UAAU,EAAE4G,QAAQ,EAAEC,aAAa,CAAC;MACpD,CAAC,MAAM,IAAID,QAAQ,EAAE;QAAE;QACrBN,WAAW,CAACtG,UAAU,EAAE4G,QAAQ,CAAC;MACnC,CAAC,MAAM,IAAIC,aAAa,EAAE;QAAE;QAC1BL,aAAa,CAACxG,UAAU,EAAE6G,aAAa,CAAC;MAC1C;IACF,CAAC,CAAC;EACJ;EAEAC,MAAM,CAAChE,GAAG,EAAE;IACV;IACA,IAAI,CAACc,uBAAuB,CAACd,GAAG,CAAC;IAEjC,IAAI0B,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,IAAIsC,YAAY,GAAGvC,YAAY,CAAC1B,GAAG,CAAC;IACpC,OAAO0B,YAAY,CAAC1B,GAAG,CAAC;IACxB,IAAI,CAACjD,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;IAE1B,IAAI,CAACvB,WAAW,CAACT,GAAG,EAAEiE,YAAY,CAAC;EACrC;;EAEA;EACA,MAAMC,UAAU,CAACxE,KAAK,EAAE;IACtB,OAAO,IAAI,CAAC3B,GAAG,CAAC2B,KAAK,EAAEyE,KAAK,CAACzE,KAAK,CAAC;EACrC;EACA;EACAoC,aAAa,CAACpC,KAAY,EAAE;IAC1B,OAAO,IAAAoC,oBAAa,EAACpC,KAAK,CAAC;EAC7B;;EAEA;EACAyE,KAAK,CAACnE,GAAG,EAA8B;IACrC;IACA,IAAI,IAAI,CAAChB,KAAK,CAAC1B,YAAY,EAAE;MAC3B,OAAO,IAAI,CAAC0B,KAAK,CAAC1B,YAAY;IAChC;IAEA,IAAI;MACF,IAAIoC,KAAK,GAAG,IAAI,CAACuC,OAAO,CAACjC,GAAG,CAAC;MAC7B,IAAI,CAACN,KAAK,EAAE;QACV,MAAM,IAAIzB,oBAAY,CAAC,6CAA6C,GAAG+B,GAAG,CAAC;MAC7E;IACF,CAAC,CAAC,OAAOoE,GAAG,EAAE;MACZ,IAAI,CAACzD,SAAS,CAACyD,GAAG,CAAC;MACnB,OAAOC,OAAO,CAACC,MAAM,CAACF,GAAG,CAAC;IAC5B;;IAEA;IACA,IAAI,CAACtD,uBAAuB,CAACd,GAAG,CAAC;;IAEjC;IACA;IACA,MAAM1C,YAAY,GAAG,IAAI,CAAC0B,KAAK,CAAC1B,YAAY,GAAG,IAAI,CAACS,GAAG,CAAC2B,KAAK,CAAC6E,WAAW,EAAE,CACxEC,IAAI,CAACpC,MAAM,IAAI;MACd,IAAI,CAACe,SAAS,CAACf,MAAM,CAAC;;MAEtB;MACA,MAAMqC,SAAS,GAAG,IAAI,CAACzB,YAAY,CAACtD,KAAK,CAAE;MAC3C,OAAO0C,MAAM,CAACqC,SAAS,CAAC;IAC1B,CAAC,CAAC,CACDC,KAAK,CAACN,GAAG,IAAI;MACZ;MACA,IAAI,CAACJ,MAAM,CAAChE,GAAG,CAAC;MAChBoE,GAAG,CAACO,QAAQ,GAAG3E,GAAG;MAClB,IAAI,CAACW,SAAS,CAACyD,GAAG,CAAC;MACnB,MAAMA,GAAG;IACX,CAAC,CAAC,CACDQ,OAAO,CAAC,MAAM;MACb;MACA,IAAI,CAAC5F,KAAK,CAAC1B,YAAY,GAAG,IAAI;IAChC,CAAC,CAAC;IAEJ,OAAOA,YAAY;EACrB;EAEAuH,KAAK,GAAG;IACN,MAAMzC,MAAM,GAAG,IAAI,CAACD,aAAa,EAAE;IACnC,IAAI,CAAC9C,0BAA0B,EAAE;IACjC,IAAI,CAACtC,OAAO,CAAC+H,YAAY,EAAE;IAC3B,IAAI,CAAC9C,mBAAmB,EAAE;IAE1B9D,MAAM,CAACmE,IAAI,CAACD,MAAM,CAAC,CAACE,OAAO,CAACtC,GAAG,IAAI;MACjC,IAAI,CAACS,WAAW,CAACT,GAAG,EAAEoC,MAAM,CAACpC,GAAG,CAAC,CAAC;IACpC,CAAC,CAAC;EACJ;EAEAlD,wBAAwB,GAAG;IACzB,MAAM4E,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC9C,MAAMoD,aAAa,GAAG,CAAC,CAAC;IACxB7G,MAAM,CAACmE,IAAI,CAACX,YAAY,CAAC,CAACY,OAAO,CAACtC,GAAG,IAAI;MACvC,IAAI0B,YAAY,CAAC1B,GAAG,CAAC,CAACgF,aAAa,EAAE;QACnCD,aAAa,CAAC/E,GAAG,CAAC,GAAG0B,YAAY,CAAC1B,GAAG,CAAC;QACtC,OAAO0B,YAAY,CAAC1B,GAAG,CAAC;MAC1B;IACF,CAAC,CAAC;IACF,IAAI,CAACjD,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;IAC1B9D,MAAM,CAACmE,IAAI,CAAC0C,aAAa,CAAC,CAACzC,OAAO,CAACtC,GAAG,IAAI;MACxC,IAAI,CAACc,uBAAuB,CAACd,GAAG,CAAC;MACjC,IAAI,CAACS,WAAW,CAACT,GAAG,EAAE+E,aAAa,CAAC/E,GAAG,CAAC,CAAC;IAC3C,CAAC,CAAC;EACJ;EAEAiF,kBAAkB,CAACvF,KAAmB,EAAE;IACtC,MAAMM,GAAG,GAAG,IAAI,CAAC6C,mBAAmB,CAAC,cAAc,CAAC,IAAIqC,oCAAyB;;IAEjF;IACA,IAAIxD,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,IAAAG,oBAAa,EAACpC,KAAK,CAAC;IACpBgC,YAAY,CAAC1B,GAAG,CAAC,GAAGN,KAAK;IACzB,IAAI,CAAC3C,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;EAC5B;EAEAmD,kBAAkB,GAAI;IACpB,MAAMnF,GAAG,GAAG,IAAI,CAAC6C,mBAAmB,CAAC,cAAc,CAAC,IAAIqC,oCAAyB;IACjF,IAAI,CAAClB,MAAM,CAAChE,GAAG,CAAC;EAClB;EAEAoF,qBAAqB,GAAG;IACtB,MAAMhD,MAAM,GAAG,IAAI,CAACD,aAAa,EAAE;IACnCjE,MAAM,CAACmE,IAAI,CAACD,MAAM,CAAC,CAACE,OAAO,CAACtC,GAAG,IAAI;MACjCoC,MAAM,CAACpC,GAAG,CAAC,CAACgF,aAAa,GAAG,IAAI;IAClC,CAAC,CAAC;IACF,IAAI,CAAC7B,SAAS,CAACf,MAAM,CAAC;EACxB;AAEF;AAAC"}
|
|
1
|
+
{"version":3,"file":"TokenManager.js","names":["DEFAULT_OPTIONS","autoRenew","autoRemove","syncStorage","clearPendingRemoveTokens","storage","undefined","expireEarlySeconds","storageKey","TOKEN_STORAGE_NAME","defaultState","expireTimeouts","renewPromise","TokenManager","on","event","handler","context","emitter","off","constructor","sdk","options","AuthSdkError","Object","assign","removeNils","isLocalhost","storageOptions","secure","storageProvider","storageType","storageManager","getTokenStorage","useSeparateCookies","clock","SdkClock","create","state","start","setExpireEventTimeoutAll","started","stop","clearExpireEventTimeoutAll","isStarted","getOptions","clone","getExpireTime","token","expireTime","expiresAt","hasExpired","now","emitExpired","key","emit","EVENT_EXPIRED","emitRenewed","freshToken","oldToken","EVENT_RENEWED","emitAdded","EVENT_ADDED","emitRemoved","EVENT_REMOVED","emitError","error","EVENT_ERROR","clearExpireEventTimeout","clearTimeout","prototype","hasOwnProperty","call","setExpireEventTimeout","isRefreshToken","expireEventWait","Math","max","expireEventTimeout","setTimeout","tokenStorage","getStorage","resetExpireEventTimeoutAll","add","validateToken","setStorage","emitSetStorageEvent","getSync","get","getTokensSync","tokens","keys","forEach","isAccessToken","accessToken","isIDToken","idToken","refreshToken","getTokens","getStorageKeyByType","type","filter","getTokenType","isIE11OrLess","EVENT_SET_STORAGE","setTokens","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","handleAdded","handleRenewed","handleRemoved","types","existingTokens","reduce","newToken","existingToken","remove","removedToken","renewToken","renew","shouldRenew","refreshKey","err","Promise","reject","renewTokens","then","tokenType","catch","tokenKey","finally","clear","clearStorage","removedTokens","pendingRemove","updateRefreshToken","REFRESH_TOKEN_STORAGE_KEY","removeRefreshToken","addPendingRemoveFlags"],"sources":["../../../lib/oidc/TokenManager.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from '../util';\nimport { AuthSdkError } from '../errors';\nimport { validateToken } from '../oidc/util';\nimport { isLocalhost, isIE11OrLess } from '../features';\nimport SdkClock from '../clock';\nimport {\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n TokenManagerErrorEventHandler,\n TokenManagerSetStorageEventHandler,\n TokenManagerRenewEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken,\n AccessTokenCallback,\n IDTokenCallback,\n RefreshTokenCallback,\n EVENT_RENEWED,\n EVENT_ADDED,\n EVENT_ERROR,\n EVENT_EXPIRED,\n EVENT_REMOVED,\n EVENT_SET_STORAGE,\n TokenManagerAnyEventHandler,\n TokenManagerAnyEvent,\n OktaAuthOAuthInterface\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY, TOKEN_STORAGE_NAME } from '../constants';\nimport { EventEmitter } from '../base/types';\nimport { StorageOptions, StorageProvider, StorageType } from '../storage/types';\n\nconst DEFAULT_OPTIONS = {\n // TODO: remove in next major version - OKTA-473815\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n // --- //\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME\n};\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token | undefined> | null;\n started?: boolean;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuthOAuthInterface;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n\n on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler: TokenManagerEventHandler, context?: object): void;\n on(event: TokenManagerAnyEvent, handler: TokenManagerAnyEventHandler, context?: object): void {\n if (context) {\n this.emitter.on(event, handler, context);\n } else {\n this.emitter.on(event, handler);\n }\n }\n\n off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler?: TokenManagerEventHandler): void;\n off(event: TokenManagerAnyEvent, handler?: TokenManagerAnyEventHandler): void {\n if (handler) {\n this.emitter.off(event, handler);\n } else {\n this.emitter.off(event);\n }\n }\n\n // eslint-disable-next-line complexity\n constructor(sdk: OktaAuthOAuthInterface, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n \n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n }\n\n start() {\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.setExpireEventTimeoutAll();\n this.state.started = true;\n }\n \n stop() {\n this.clearExpireEventTimeoutAll();\n this.state.started = false;\n }\n\n isStarted() {\n return !!this.state.started;\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n var expireTime = token.expiresAt - expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key): Token | undefined {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key): Promise<Token | undefined> {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n // for synchronization of LocalStorage cross tabs for IE11\n private emitSetStorageEvent() {\n if (isIE11OrLess()) {\n const storage = this.storage.getStorage();\n this.emitter.emit(EVENT_SET_STORAGE, storage);\n }\n }\n\n // used in `SyncStorageService` for synchronization of LocalStorage cross tabs for IE11\n public getStorage() {\n return this.storage;\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: AccessTokenCallback, \n idTokenCb?: IDTokenCallback,\n refreshTokenCb?: RefreshTokenCallback\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n this.emitSetStorageEvent();\n\n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token?.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token | undefined> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n\n try {\n var token = this.getSync(key);\n let shouldRenew = token !== undefined;\n // explicitly check if key='accessToken' because token keys are not guaranteed (long story, features dragons)\n if (!token && key === 'accessToken') {\n // attempt token renewal if refresh token is present (improves consistency of autoRenew)\n const refreshKey = this.getStorageKeyByType('refreshToken');\n const refreshToken = this.getSync(refreshKey);\n shouldRenew = refreshToken !== undefined;\n }\n\n if (!shouldRenew) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n }\n catch (err) {\n this.emitError(err);\n return Promise.reject(err);\n }\n\n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n const renewPromise = this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // return accessToken in case where access token doesn't exist\n // but refresh token exists\n if (!token && key === 'accessToken') {\n const accessToken = tokens['accessToken'];\n this.emitRenewed(key, accessToken, null);\n return accessToken;\n }\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token!);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token from storage and emit error\n this.remove(key);\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return renewPromise;\n }\n \n clear() {\n const tokens = this.getTokensSync();\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n this.emitSetStorageEvent();\n\n Object.keys(tokens).forEach(key => {\n this.emitRemoved(key, tokens[key]);\n });\n }\n\n clearPendingRemoveTokens() {\n const tokenStorage = this.storage.getStorage();\n const removedTokens = {};\n Object.keys(tokenStorage).forEach(key => {\n if (tokenStorage[key].pendingRemove) {\n removedTokens[key] = tokenStorage[key];\n delete tokenStorage[key];\n }\n });\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n Object.keys(removedTokens).forEach(key => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, removedTokens[key]);\n });\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n }\n\n removeRefreshToken () {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n this.remove(key);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n"],"mappings":";;;;AAYA;AACA;AACA;AACA;AACA;AACA;AA2BA;AA5CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAqCA,MAAMA,eAAe,GAAG;EACtB;EACAC,SAAS,EAAE,IAAI;EACfC,UAAU,EAAE,IAAI;EAChBC,WAAW,EAAE,IAAI;EACjB;EACAC,wBAAwB,EAAE,IAAI;EAC9BC,OAAO,EAAEC,SAAS;EAAE;EACpBC,kBAAkB,EAAE,EAAE;EACtBC,UAAU,EAAEC;AACd,CAAC;AAOD,SAASC,YAAY,GAAsB;EACzC,OAAO;IACLC,cAAc,EAAE,CAAC,CAAC;IAClBC,YAAY,EAAE;EAChB,CAAC;AACH;AACO,MAAMC,YAAY,CAAkC;EAazDC,EAAE,CAACC,KAA2B,EAAEC,OAAoC,EAAEC,OAAgB,EAAQ;IAC5F,IAAIA,OAAO,EAAE;MACX,IAAI,CAACC,OAAO,CAACJ,EAAE,CAACC,KAAK,EAAEC,OAAO,EAAEC,OAAO,CAAC;IAC1C,CAAC,MAAM;MACL,IAAI,CAACC,OAAO,CAACJ,EAAE,CAACC,KAAK,EAAEC,OAAO,CAAC;IACjC;EACF;EAOAG,GAAG,CAACJ,KAA2B,EAAEC,OAAqC,EAAQ;IAC5E,IAAIA,OAAO,EAAE;MACX,IAAI,CAACE,OAAO,CAACC,GAAG,CAACJ,KAAK,EAAEC,OAAO,CAAC;IAClC,CAAC,MAAM;MACL,IAAI,CAACE,OAAO,CAACC,GAAG,CAACJ,KAAK,CAAC;IACzB;EACF;;EAEA;EACAK,WAAW,CAACC,GAA2B,EAAEC,OAA4B,GAAG,CAAC,CAAC,EAAE;IAC1E,IAAI,CAACD,GAAG,GAAGA,GAAG;IACd,IAAI,CAACH,OAAO,GAAIG,GAAG,CAASH,OAAO;IACnC,IAAI,CAAC,IAAI,CAACA,OAAO,EAAE;MACjB,MAAM,IAAIK,oBAAY,CAAC,mDAAmD,CAAC;IAC7E;IAEAD,OAAO,GAAGE,MAAM,CAACC,MAAM,CAAC,CAAC,CAAC,EAAEzB,eAAe,EAAE,IAAA0B,gBAAU,EAACJ,OAAO,CAAC,CAAC;IACjE,IAAI,CAAC,IAAAK,qBAAW,GAAE,EAAE;MAClBL,OAAO,CAACf,kBAAkB,GAAGP,eAAe,CAACO,kBAAkB;IACjE;IAEA,IAAI,CAACe,OAAO,GAAGA,OAAO;IAEtB,MAAMM,cAA8B,GAAG,IAAAF,gBAAU,EAAC;MAChDlB,UAAU,EAAEc,OAAO,CAACd,UAAU;MAC9BqB,MAAM,EAAEP,OAAO,CAACO;IAClB,CAAC,CAAC;IACF,IAAI,OAAOP,OAAO,CAACjB,OAAO,KAAK,QAAQ,EAAE;MACvC;MACAuB,cAAc,CAACE,eAAe,GAAGR,OAAO,CAACjB,OAAO;IAClD,CAAC,MAAM,IAAIiB,OAAO,CAACjB,OAAO,EAAE;MAC1BuB,cAAc,CAACG,WAAW,GAAGT,OAAO,CAACjB,OAAsB;IAC7D;IAEA,IAAI,CAACA,OAAO,GAAGgB,GAAG,CAACW,cAAc,CAACC,eAAe,CAAC;MAAC,GAAGL,cAAc;MAAEM,kBAAkB,EAAE;IAAI,CAAC,CAAC;IAChG,IAAI,CAACC,KAAK,GAAGC,cAAQ,CAACC,MAAM,EAAoB;IAChD,IAAI,CAACC,KAAK,GAAG5B,YAAY,EAAE;EAC7B;EAEA6B,KAAK,GAAG;IACN,IAAI,IAAI,CAACjB,OAAO,CAAClB,wBAAwB,EAAE;MACzC,IAAI,CAACA,wBAAwB,EAAE;IACjC;IACA,IAAI,CAACoC,wBAAwB,EAAE;IAC/B,IAAI,CAACF,KAAK,CAACG,OAAO,GAAG,IAAI;EAC3B;EAEAC,IAAI,GAAG;IACL,IAAI,CAACC,0BAA0B,EAAE;IACjC,IAAI,CAACL,KAAK,CAACG,OAAO,GAAG,KAAK;EAC5B;EAEAG,SAAS,GAAG;IACV,OAAO,CAAC,CAAC,IAAI,CAACN,KAAK,CAACG,OAAO;EAC7B;EAEAI,UAAU,GAAwB;IAChC,OAAO,IAAAC,WAAK,EAAC,IAAI,CAACxB,OAAO,CAAC;EAC5B;EAEAyB,aAAa,CAACC,KAAK,EAAE;IACnB,MAAMzC,kBAAkB,GAAG,IAAI,CAACe,OAAO,CAACf,kBAAkB,IAAI,CAAC;IAC/D,IAAI0C,UAAU,GAAGD,KAAK,CAACE,SAAS,GAAG3C,kBAAkB;IACrD,OAAO0C,UAAU;EACnB;EAEAE,UAAU,CAACH,KAAK,EAAE;IAChB,IAAIC,UAAU,GAAG,IAAI,CAACF,aAAa,CAACC,KAAK,CAAC;IAC1C,OAAOC,UAAU,IAAI,IAAI,CAACd,KAAK,CAACiB,GAAG,EAAE;EACvC;EAEAC,WAAW,CAACC,GAAG,EAAEN,KAAK,EAAE;IACtB,IAAI,CAAC9B,OAAO,CAACqC,IAAI,CAACC,oBAAa,EAAEF,GAAG,EAAEN,KAAK,CAAC;EAC9C;EAEAS,WAAW,CAACH,GAAG,EAAEI,UAAU,EAAEC,QAAQ,EAAE;IACrC,IAAI,CAACzC,OAAO,CAACqC,IAAI,CAACK,oBAAa,EAAEN,GAAG,EAAEI,UAAU,EAAEC,QAAQ,CAAC;EAC7D;EAEAE,SAAS,CAACP,GAAG,EAAEN,KAAK,EAAE;IACpB,IAAI,CAAC9B,OAAO,CAACqC,IAAI,CAACO,kBAAW,EAAER,GAAG,EAAEN,KAAK,CAAC;EAC5C;EAEAe,WAAW,CAACT,GAAG,EAAEN,KAAM,EAAE;IACvB,IAAI,CAAC9B,OAAO,CAACqC,IAAI,CAACS,oBAAa,EAAEV,GAAG,EAAEN,KAAK,CAAC;EAC9C;EAEAiB,SAAS,CAACC,KAAK,EAAE;IACf,IAAI,CAAChD,OAAO,CAACqC,IAAI,CAACY,kBAAW,EAAED,KAAK,CAAC;EACvC;EAEAE,uBAAuB,CAACd,GAAG,EAAE;IAC3Be,YAAY,CAAC,IAAI,CAAC/B,KAAK,CAAC3B,cAAc,CAAC2C,GAAG,CAAC,CAAQ;IACnD,OAAO,IAAI,CAAChB,KAAK,CAAC3B,cAAc,CAAC2C,GAAG,CAAC;;IAErC;IACA,IAAI,CAAChB,KAAK,CAAC1B,YAAY,GAAG,IAAI;EAChC;EAEA+B,0BAA0B,GAAG;IAC3B,IAAIhC,cAAc,GAAG,IAAI,CAAC2B,KAAK,CAAC3B,cAAc;IAC9C,KAAK,IAAI2C,GAAG,IAAI3C,cAAc,EAAE;MAC9B,IAAI,CAACa,MAAM,CAAC8C,SAAS,CAACC,cAAc,CAACC,IAAI,CAAC7D,cAAc,EAAE2C,GAAG,CAAC,EAAE;QAC9D;MACF;MACA,IAAI,CAACc,uBAAuB,CAACd,GAAG,CAAC;IACnC;EACF;EAEAmB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,EAAE;IAChC,IAAI,IAAA0B,qBAAc,EAAC1B,KAAK,CAAC,EAAE;MACzB;IACF;IAEA,IAAIC,UAAU,GAAG,IAAI,CAACF,aAAa,CAACC,KAAK,CAAC;IAC1C,IAAI2B,eAAe,GAAGC,IAAI,CAACC,GAAG,CAAC5B,UAAU,GAAG,IAAI,CAACd,KAAK,CAACiB,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI;;IAEvE;IACA,IAAI,CAACgB,uBAAuB,CAACd,GAAG,CAAC;IAEjC,IAAIwB,kBAAkB,GAAGC,UAAU,CAAC,MAAM;MACxC,IAAI,CAAC1B,WAAW,CAACC,GAAG,EAAEN,KAAK,CAAC;IAC9B,CAAC,EAAE2B,eAAe,CAAC;;IAEnB;IACA,IAAI,CAACrC,KAAK,CAAC3B,cAAc,CAAC2C,GAAG,CAAC,GAAGwB,kBAAkB;EACrD;EAEAtC,wBAAwB,GAAG;IACzB,IAAIwC,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,KAAI,IAAI3B,GAAG,IAAI0B,YAAY,EAAE;MAC3B,IAAI,CAACxD,MAAM,CAAC8C,SAAS,CAACC,cAAc,CAACC,IAAI,CAACQ,YAAY,EAAE1B,GAAG,CAAC,EAAE;QAC5D;MACF;MACA,IAAIN,KAAK,GAAGgC,YAAY,CAAC1B,GAAG,CAAC;MAC7B,IAAI,CAACmB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;IACxC;EACF;;EAEA;EACAkC,0BAA0B,GAAG;IAC3B,IAAI,CAACvC,0BAA0B,EAAE;IACjC,IAAI,CAACH,wBAAwB,EAAE;EACjC;EAEA2C,GAAG,CAAC7B,GAAG,EAAEN,KAAY,EAAE;IACrB,IAAIgC,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,IAAAG,oBAAa,EAACpC,KAAK,CAAC;IACpBgC,YAAY,CAAC1B,GAAG,CAAC,GAAGN,KAAK;IACzB,IAAI,CAAC3C,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;IAC1B,IAAI,CAACzB,SAAS,CAACP,GAAG,EAAEN,KAAK,CAAC;IAC1B,IAAI,CAACyB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;EACxC;EAEAuC,OAAO,CAACjC,GAAG,EAAqB;IAC9B,IAAI0B,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,OAAOD,YAAY,CAAC1B,GAAG,CAAC;EAC1B;EAEA,MAAMkC,GAAG,CAAClC,GAAG,EAA8B;IACzC,OAAO,IAAI,CAACiC,OAAO,CAACjC,GAAG,CAAC;EAC1B;EAEAmC,aAAa,GAAW;IACtB,MAAMC,MAAM,GAAG,CAAC,CAAW;IAC3B,MAAMV,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC9CzD,MAAM,CAACmE,IAAI,CAACX,YAAY,CAAC,CAACY,OAAO,CAACtC,GAAG,IAAI;MACvC,MAAMN,KAAK,GAAGgC,YAAY,CAAC1B,GAAG,CAAC;MAC/B,IAAI,IAAAuC,oBAAa,EAAC7C,KAAK,CAAC,EAAE;QACxB0C,MAAM,CAACI,WAAW,GAAG9C,KAAK;MAC5B,CAAC,MAAM,IAAI,IAAA+C,gBAAS,EAAC/C,KAAK,CAAC,EAAE;QAC3B0C,MAAM,CAACM,OAAO,GAAGhD,KAAK;MACxB,CAAC,MAAM,IAAI,IAAA0B,qBAAc,EAAC1B,KAAK,CAAC,EAAE;QAChC0C,MAAM,CAACO,YAAY,GAAGjD,KAAK;MAC7B;IACF,CAAC,CAAC;IACF,OAAO0C,MAAM;EACf;EAEA,MAAMQ,SAAS,GAAoB;IACjC,OAAO,IAAI,CAACT,aAAa,EAAE;EAC7B;EAEAU,mBAAmB,CAACC,IAAe,EAAU;IAC3C,MAAMpB,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC9C,MAAM3B,GAAG,GAAG9B,MAAM,CAACmE,IAAI,CAACX,YAAY,CAAC,CAACqB,MAAM,CAAC/C,GAAG,IAAI;MAClD,MAAMN,KAAK,GAAGgC,YAAY,CAAC1B,GAAG,CAAC;MAC/B,OAAQ,IAAAuC,oBAAa,EAAC7C,KAAK,CAAC,IAAIoD,IAAI,KAAK,aAAa,IAChD,IAAAL,gBAAS,EAAC/C,KAAK,CAAC,IAAIoD,IAAI,KAAK,SAAU,IACvC,IAAA1B,qBAAc,EAAC1B,KAAK,CAAC,IAAIoD,IAAI,KAAK,cAAe;IACzD,CAAC,CAAC,CAAC,CAAC,CAAC;IACL,OAAO9C,GAAG;EACZ;EAEQgD,YAAY,CAACtD,KAAY,EAAa;IAC5C,IAAI,IAAA6C,oBAAa,EAAC7C,KAAK,CAAC,EAAE;MACxB,OAAO,aAAa;IACtB;IACA,IAAI,IAAA+C,gBAAS,EAAC/C,KAAK,CAAC,EAAE;MACpB,OAAO,SAAS;IAClB;IACA,IAAG,IAAA0B,qBAAc,EAAC1B,KAAK,CAAC,EAAE;MACxB,OAAO,cAAc;IACvB;IACA,MAAM,IAAIzB,oBAAY,CAAC,oBAAoB,CAAC;EAC9C;;EAEA;EACQ+D,mBAAmB,GAAG;IAC5B,IAAI,IAAAiB,sBAAY,GAAE,EAAE;MAClB,MAAMlG,OAAO,GAAG,IAAI,CAACA,OAAO,CAAC4E,UAAU,EAAE;MACzC,IAAI,CAAC/D,OAAO,CAACqC,IAAI,CAACiD,wBAAiB,EAAEnG,OAAO,CAAC;IAC/C;EACF;;EAEA;EACO4E,UAAU,GAAG;IAClB,OAAO,IAAI,CAAC5E,OAAO;EACrB;EAEAoG,SAAS,CACPf,MAAc;EACd;EACAgB,aAAmC,EACnCC,SAA2B,EAC3BC,cAAqC,EAC/B;IACN,MAAMC,mBAAmB,GAAG,CAACvD,GAAG,EAAEN,KAAK,KAAK;MAC1C,MAAMoD,IAAI,GAAG,IAAI,CAACE,YAAY,CAACtD,KAAK,CAAC;MACrC,IAAIoD,IAAI,KAAK,aAAa,EAAE;QAC1BM,aAAa,IAAIA,aAAa,CAACpD,GAAG,EAAEN,KAAK,CAAC;MAC5C,CAAC,MAAM,IAAIoD,IAAI,KAAK,SAAS,EAAE;QAC7BO,SAAS,IAAIA,SAAS,CAACrD,GAAG,EAAEN,KAAK,CAAC;MACpC,CAAC,MAAM,IAAIoD,IAAI,KAAK,cAAc,EAAE;QAClCQ,cAAc,IAAIA,cAAc,CAACtD,GAAG,EAAEN,KAAK,CAAC;MAC9C;IACF,CAAC;IACD,MAAM8D,WAAW,GAAG,CAACxD,GAAG,EAAEN,KAAK,KAAK;MAClC,IAAI,CAACa,SAAS,CAACP,GAAG,EAAEN,KAAK,CAAC;MAC1B,IAAI,CAACyB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;MACtC6D,mBAAmB,CAACvD,GAAG,EAAEN,KAAK,CAAC;IACjC,CAAC;IACD,MAAM+D,aAAa,GAAG,CAACzD,GAAG,EAAEN,KAAK,EAAEW,QAAQ,KAAK;MAC9C,IAAI,CAACF,WAAW,CAACH,GAAG,EAAEN,KAAK,EAAEW,QAAQ,CAAC;MACtC,IAAI,CAACS,uBAAuB,CAACd,GAAG,CAAC;MACjC,IAAI,CAACmB,qBAAqB,CAACnB,GAAG,EAAEN,KAAK,CAAC;MACtC6D,mBAAmB,CAACvD,GAAG,EAAEN,KAAK,CAAC;IACjC,CAAC;IACD,MAAMgE,aAAa,GAAG,CAAC1D,GAAG,EAAEN,KAAK,KAAK;MACpC,IAAI,CAACoB,uBAAuB,CAACd,GAAG,CAAC;MACjC,IAAI,CAACS,WAAW,CAACT,GAAG,EAAEN,KAAK,CAAC;MAC5B6D,mBAAmB,CAACvD,GAAG,EAAEN,KAAK,CAAC;IACjC,CAAC;IAED,MAAMiE,KAAkB,GAAG,CAAC,SAAS,EAAE,aAAa,EAAE,cAAc,CAAC;IACrE,MAAMC,cAAc,GAAG,IAAI,CAACzB,aAAa,EAAE;;IAE3C;IACAwB,KAAK,CAACrB,OAAO,CAAEQ,IAAI,IAAK;MACtB,MAAMpD,KAAK,GAAG0C,MAAM,CAACU,IAAI,CAAC;MAC1B,IAAIpD,KAAK,EAAE;QACT,IAAAoC,oBAAa,EAACpC,KAAK,EAAEoD,IAAI,CAAC;MAC5B;IACF,CAAC,CAAC;;IAEF;IACA,MAAM/F,OAAO,GAAG4G,KAAK,CAACE,MAAM,CAAC,CAAC9G,OAAO,EAAE+F,IAAI,KAAK;MAC9C,MAAMpD,KAAK,GAAG0C,MAAM,CAACU,IAAI,CAAC;MAC1B,IAAIpD,KAAK,EAAE;QACT,MAAMxC,UAAU,GAAG,IAAI,CAAC2F,mBAAmB,CAACC,IAAI,CAAC,IAAIA,IAAI;QACzD/F,OAAO,CAACG,UAAU,CAAC,GAAGwC,KAAK;MAC7B;MACA,OAAO3C,OAAO;IAChB,CAAC,EAAE,CAAC,CAAC,CAAC;IACN,IAAI,CAACA,OAAO,CAACgF,UAAU,CAAChF,OAAO,CAAC;IAChC,IAAI,CAACiF,mBAAmB,EAAE;;IAE1B;IACA2B,KAAK,CAACrB,OAAO,CAACQ,IAAI,IAAI;MACpB,MAAMgB,QAAQ,GAAG1B,MAAM,CAACU,IAAI,CAAC;MAC7B,MAAMiB,aAAa,GAAGH,cAAc,CAACd,IAAI,CAAC;MAC1C,MAAM5F,UAAU,GAAG,IAAI,CAAC2F,mBAAmB,CAACC,IAAI,CAAC,IAAIA,IAAI;MACzD,IAAIgB,QAAQ,IAAIC,aAAa,EAAE;QAAE;QAC/B;QACAL,aAAa,CAACxG,UAAU,EAAE6G,aAAa,CAAC;QACxCP,WAAW,CAACtG,UAAU,EAAE4G,QAAQ,CAAC;QACjCL,aAAa,CAACvG,UAAU,EAAE4G,QAAQ,EAAEC,aAAa,CAAC;MACpD,CAAC,MAAM,IAAID,QAAQ,EAAE;QAAE;QACrBN,WAAW,CAACtG,UAAU,EAAE4G,QAAQ,CAAC;MACnC,CAAC,MAAM,IAAIC,aAAa,EAAE;QAAE;QAC1BL,aAAa,CAACxG,UAAU,EAAE6G,aAAa,CAAC;MAC1C;IACF,CAAC,CAAC;EACJ;EAEAC,MAAM,CAAChE,GAAG,EAAE;IACV;IACA,IAAI,CAACc,uBAAuB,CAACd,GAAG,CAAC;IAEjC,IAAI0B,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,IAAIsC,YAAY,GAAGvC,YAAY,CAAC1B,GAAG,CAAC;IACpC,OAAO0B,YAAY,CAAC1B,GAAG,CAAC;IACxB,IAAI,CAACjD,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;IAE1B,IAAI,CAACvB,WAAW,CAACT,GAAG,EAAEiE,YAAY,CAAC;EACrC;;EAEA;EACA,MAAMC,UAAU,CAACxE,KAAK,EAAE;IACtB,OAAO,IAAI,CAAC3B,GAAG,CAAC2B,KAAK,EAAEyE,KAAK,CAACzE,KAAK,CAAC;EACrC;EACA;EACAoC,aAAa,CAACpC,KAAY,EAAE;IAC1B,OAAO,IAAAoC,oBAAa,EAACpC,KAAK,CAAC;EAC7B;;EAEA;EACAyE,KAAK,CAACnE,GAAG,EAA8B;IACrC;IACA,IAAI,IAAI,CAAChB,KAAK,CAAC1B,YAAY,EAAE;MAC3B,OAAO,IAAI,CAAC0B,KAAK,CAAC1B,YAAY;IAChC;IAEA,IAAI;MACF,IAAIoC,KAAK,GAAG,IAAI,CAACuC,OAAO,CAACjC,GAAG,CAAC;MAC7B,IAAIoE,WAAW,GAAG1E,KAAK,KAAK1C,SAAS;MACrC;MACA,IAAI,CAAC0C,KAAK,IAAIM,GAAG,KAAK,aAAa,EAAE;QACnC;QACA,MAAMqE,UAAU,GAAG,IAAI,CAACxB,mBAAmB,CAAC,cAAc,CAAC;QAC3D,MAAMF,YAAY,GAAG,IAAI,CAACV,OAAO,CAACoC,UAAU,CAAC;QAC7CD,WAAW,GAAGzB,YAAY,KAAK3F,SAAS;MAC1C;MAEA,IAAI,CAACoH,WAAW,EAAE;QAChB,MAAM,IAAInG,oBAAY,CAAC,6CAA6C,GAAG+B,GAAG,CAAC;MAC7E;IACF,CAAC,CACD,OAAOsE,GAAG,EAAE;MACV,IAAI,CAAC3D,SAAS,CAAC2D,GAAG,CAAC;MACnB,OAAOC,OAAO,CAACC,MAAM,CAACF,GAAG,CAAC;IAC5B;;IAEA;IACA,IAAI,CAACxD,uBAAuB,CAACd,GAAG,CAAC;;IAEjC;IACA;IACA,MAAM1C,YAAY,GAAG,IAAI,CAAC0B,KAAK,CAAC1B,YAAY,GAAG,IAAI,CAACS,GAAG,CAAC2B,KAAK,CAAC+E,WAAW,EAAE,CACxEC,IAAI,CAACtC,MAAM,IAAI;MACd,IAAI,CAACe,SAAS,CAACf,MAAM,CAAC;;MAEtB;MACA;MACA,IAAI,CAAC1C,KAAK,IAAIM,GAAG,KAAK,aAAa,EAAE;QACnC,MAAMwC,WAAW,GAAGJ,MAAM,CAAC,aAAa,CAAC;QACzC,IAAI,CAACjC,WAAW,CAACH,GAAG,EAAEwC,WAAW,EAAE,IAAI,CAAC;QACxC,OAAOA,WAAW;MACpB;;MAEA;MACA,MAAMmC,SAAS,GAAG,IAAI,CAAC3B,YAAY,CAACtD,KAAK,CAAE;MAC3C,OAAO0C,MAAM,CAACuC,SAAS,CAAC;IAC1B,CAAC,CAAC,CACDC,KAAK,CAACN,GAAG,IAAI;MACZ;MACA,IAAI,CAACN,MAAM,CAAChE,GAAG,CAAC;MAChBsE,GAAG,CAACO,QAAQ,GAAG7E,GAAG;MAClB,IAAI,CAACW,SAAS,CAAC2D,GAAG,CAAC;MACnB,MAAMA,GAAG;IACX,CAAC,CAAC,CACDQ,OAAO,CAAC,MAAM;MACb;MACA,IAAI,CAAC9F,KAAK,CAAC1B,YAAY,GAAG,IAAI;IAChC,CAAC,CAAC;IAEJ,OAAOA,YAAY;EACrB;EAEAyH,KAAK,GAAG;IACN,MAAM3C,MAAM,GAAG,IAAI,CAACD,aAAa,EAAE;IACnC,IAAI,CAAC9C,0BAA0B,EAAE;IACjC,IAAI,CAACtC,OAAO,CAACiI,YAAY,EAAE;IAC3B,IAAI,CAAChD,mBAAmB,EAAE;IAE1B9D,MAAM,CAACmE,IAAI,CAACD,MAAM,CAAC,CAACE,OAAO,CAACtC,GAAG,IAAI;MACjC,IAAI,CAACS,WAAW,CAACT,GAAG,EAAEoC,MAAM,CAACpC,GAAG,CAAC,CAAC;IACpC,CAAC,CAAC;EACJ;EAEAlD,wBAAwB,GAAG;IACzB,MAAM4E,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC9C,MAAMsD,aAAa,GAAG,CAAC,CAAC;IACxB/G,MAAM,CAACmE,IAAI,CAACX,YAAY,CAAC,CAACY,OAAO,CAACtC,GAAG,IAAI;MACvC,IAAI0B,YAAY,CAAC1B,GAAG,CAAC,CAACkF,aAAa,EAAE;QACnCD,aAAa,CAACjF,GAAG,CAAC,GAAG0B,YAAY,CAAC1B,GAAG,CAAC;QACtC,OAAO0B,YAAY,CAAC1B,GAAG,CAAC;MAC1B;IACF,CAAC,CAAC;IACF,IAAI,CAACjD,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;IAC1B9D,MAAM,CAACmE,IAAI,CAAC4C,aAAa,CAAC,CAAC3C,OAAO,CAACtC,GAAG,IAAI;MACxC,IAAI,CAACc,uBAAuB,CAACd,GAAG,CAAC;MACjC,IAAI,CAACS,WAAW,CAACT,GAAG,EAAEiF,aAAa,CAACjF,GAAG,CAAC,CAAC;IAC3C,CAAC,CAAC;EACJ;EAEAmF,kBAAkB,CAACzF,KAAmB,EAAE;IACtC,MAAMM,GAAG,GAAG,IAAI,CAAC6C,mBAAmB,CAAC,cAAc,CAAC,IAAIuC,oCAAyB;;IAEjF;IACA,IAAI1D,YAAY,GAAG,IAAI,CAAC3E,OAAO,CAAC4E,UAAU,EAAE;IAC5C,IAAAG,oBAAa,EAACpC,KAAK,CAAC;IACpBgC,YAAY,CAAC1B,GAAG,CAAC,GAAGN,KAAK;IACzB,IAAI,CAAC3C,OAAO,CAACgF,UAAU,CAACL,YAAY,CAAC;IACrC,IAAI,CAACM,mBAAmB,EAAE;EAC5B;EAEAqD,kBAAkB,GAAI;IACpB,MAAMrF,GAAG,GAAG,IAAI,CAAC6C,mBAAmB,CAAC,cAAc,CAAC,IAAIuC,oCAAyB;IACjF,IAAI,CAACpB,MAAM,CAAChE,GAAG,CAAC;EAClB;EAEAsF,qBAAqB,GAAG;IACtB,MAAMlD,MAAM,GAAG,IAAI,CAACD,aAAa,EAAE;IACnCjE,MAAM,CAACmE,IAAI,CAACD,MAAM,CAAC,CAACE,OAAO,CAACtC,GAAG,IAAI;MACjCoC,MAAM,CAACpC,GAAG,CAAC,CAACkF,aAAa,GAAG,IAAI;IAClC,CAAC,CAAC;IACF,IAAI,CAAC/B,SAAS,CAACf,MAAM,CAAC;EACxB;AAEF;AAAC"}
|
package/cjs/oidc/mixin/index.js
CHANGED
|
@@ -138,6 +138,22 @@ function mixinOAuth(Base, TransactionManagerConstructor) {
|
|
|
138
138
|
} = this.tokenManager.getTokensSync();
|
|
139
139
|
return refreshToken ? refreshToken.refreshToken : undefined;
|
|
140
140
|
}
|
|
141
|
+
async getOrRenewAccessToken() {
|
|
142
|
+
const {
|
|
143
|
+
accessToken
|
|
144
|
+
} = this.tokenManager.getTokensSync();
|
|
145
|
+
if (accessToken && !this.tokenManager.hasExpired(accessToken)) {
|
|
146
|
+
return accessToken.accessToken;
|
|
147
|
+
}
|
|
148
|
+
try {
|
|
149
|
+
const key = this.tokenManager.getStorageKeyByType('accessToken');
|
|
150
|
+
const token = await this.tokenManager.renew(key ?? 'accessToken');
|
|
151
|
+
return token?.accessToken ?? null;
|
|
152
|
+
} catch (err) {
|
|
153
|
+
this.emitter.emit('error', err);
|
|
154
|
+
return null;
|
|
155
|
+
}
|
|
156
|
+
}
|
|
141
157
|
|
|
142
158
|
/**
|
|
143
159
|
* Store parsed tokens from redirect url
|