@okta/okta-auth-js 7.5.1 → 7.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +14 -0
- package/README.md +168 -4
- package/cjs/base/types.js.map +1 -1
- package/cjs/core/ServiceManager/browser.js +10 -2
- package/cjs/core/ServiceManager/browser.js.map +1 -1
- package/cjs/core/types/Service.js.map +1 -1
- package/cjs/errors/OAuthError.js +9 -1
- package/cjs/errors/OAuthError.js.map +1 -1
- package/cjs/errors/WWWAuthError.js +98 -0
- package/cjs/errors/WWWAuthError.js.map +1 -0
- package/cjs/errors/index.js +14 -1
- package/cjs/errors/index.js.map +1 -1
- package/cjs/features.js +10 -1
- package/cjs/features.js.map +1 -1
- package/cjs/http/OktaUserAgent.js +2 -2
- package/cjs/http/request.js +24 -25
- package/cjs/http/request.js.map +1 -1
- package/cjs/idx/IdxTransactionManager.js +5 -0
- package/cjs/idx/IdxTransactionManager.js.map +1 -1
- package/cjs/idx/authenticator/Authenticator.js.map +1 -1
- package/cjs/idx/authenticator/OktaPassword.js +16 -4
- package/cjs/idx/authenticator/OktaPassword.js.map +1 -1
- package/cjs/idx/run.js +6 -3
- package/cjs/idx/run.js.map +1 -1
- package/cjs/idx/types/idx-js.js.map +1 -1
- package/cjs/idx/types/options.js.map +1 -1
- package/cjs/oidc/TokenManager.js +17 -1
- package/cjs/oidc/TokenManager.js.map +1 -1
- package/cjs/oidc/dpop.js +231 -0
- package/cjs/oidc/dpop.js.map +1 -0
- package/cjs/oidc/endpoints/token.js +77 -27
- package/cjs/oidc/endpoints/token.js.map +1 -1
- package/cjs/oidc/exchangeCodeForTokens.js +51 -28
- package/cjs/oidc/exchangeCodeForTokens.js.map +1 -1
- package/cjs/oidc/getUserInfo.js +32 -17
- package/cjs/oidc/getUserInfo.js.map +1 -1
- package/cjs/oidc/handleOAuthResponse.js +12 -0
- package/cjs/oidc/handleOAuthResponse.js.map +1 -1
- package/cjs/oidc/mixin/index.js +79 -2
- package/cjs/oidc/mixin/index.js.map +1 -1
- package/cjs/oidc/options/OAuthOptionsConstructor.js +3 -1
- package/cjs/oidc/options/OAuthOptionsConstructor.js.map +1 -1
- package/cjs/oidc/renewToken.js +4 -2
- package/cjs/oidc/renewToken.js.map +1 -1
- package/cjs/oidc/renewTokens.js +3 -1
- package/cjs/oidc/renewTokens.js.map +1 -1
- package/cjs/oidc/renewTokensWithRefresh.js +13 -2
- package/cjs/oidc/renewTokensWithRefresh.js.map +1 -1
- package/cjs/oidc/types/Token.js.map +1 -1
- package/cjs/oidc/types/api.js.map +1 -1
- package/cjs/oidc/types/options.js.map +1 -1
- package/cjs/oidc/util/defaultTokenParams.js +4 -2
- package/cjs/oidc/util/defaultTokenParams.js.map +1 -1
- package/cjs/oidc/util/prepareTokenParams.js +3 -0
- package/cjs/oidc/util/prepareTokenParams.js.map +1 -1
- package/cjs/services/RenewOnTabActivationService.js +64 -0
- package/cjs/services/RenewOnTabActivationService.js.map +1 -0
- package/cjs/services/index.js +11 -0
- package/cjs/services/index.js.map +1 -1
- package/dist/okta-auth-js.authn.min.analyzer.html +2 -2
- package/dist/okta-auth-js.authn.min.js +1 -1
- package/dist/okta-auth-js.authn.min.js.map +1 -1
- package/dist/okta-auth-js.core.min.analyzer.html +2 -2
- package/dist/okta-auth-js.core.min.js +1 -1
- package/dist/okta-auth-js.core.min.js.map +1 -1
- package/dist/okta-auth-js.idx.min.analyzer.html +2 -2
- package/dist/okta-auth-js.idx.min.js +1 -1
- package/dist/okta-auth-js.idx.min.js.map +1 -1
- package/dist/okta-auth-js.min.analyzer.html +2 -2
- package/dist/okta-auth-js.min.js +1 -1
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.myaccount.min.analyzer.html +2 -2
- package/dist/okta-auth-js.myaccount.min.js +1 -1
- package/dist/okta-auth-js.myaccount.min.js.map +1 -1
- package/esm/browser/authn/api.js +1 -0
- package/esm/browser/authn/api.js.map +1 -1
- package/esm/browser/authn/util/link2fn.js +1 -0
- package/esm/browser/authn/util/link2fn.js.map +1 -1
- package/esm/browser/authn/util/poll.js +1 -0
- package/esm/browser/authn/util/poll.js.map +1 -1
- package/esm/browser/browser/fingerprint.js +1 -0
- package/esm/browser/browser/fingerprint.js.map +1 -1
- package/esm/browser/core/AuthStateManager.js +1 -0
- package/esm/browser/core/AuthStateManager.js.map +1 -1
- package/esm/browser/core/ServiceManager/browser.js +9 -2
- package/esm/browser/core/ServiceManager/browser.js.map +1 -1
- package/esm/browser/core/options.js +1 -0
- package/esm/browser/core/options.js.map +1 -1
- package/esm/browser/crypto/base64.js +1 -0
- package/esm/browser/crypto/base64.js.map +1 -1
- package/esm/browser/errors/OAuthError.js +5 -1
- package/esm/browser/errors/OAuthError.js.map +1 -1
- package/esm/browser/errors/WWWAuthError.js +61 -0
- package/esm/browser/errors/WWWAuthError.js.map +1 -0
- package/esm/browser/errors/index.js +6 -1
- package/esm/browser/errors/index.js.map +1 -1
- package/esm/browser/exports/exports/authn.js +2 -1
- package/esm/browser/exports/exports/authn.js.map +1 -1
- package/esm/browser/exports/exports/core.js +2 -1
- package/esm/browser/exports/exports/core.js.map +1 -1
- package/esm/browser/exports/exports/default.js +2 -1
- package/esm/browser/exports/exports/default.js.map +1 -1
- package/esm/browser/exports/exports/idx.js +2 -1
- package/esm/browser/exports/exports/idx.js.map +1 -1
- package/esm/browser/exports/exports/myaccount.js +2 -1
- package/esm/browser/exports/exports/myaccount.js.map +1 -1
- package/esm/browser/features.js +12 -2
- package/esm/browser/features.js.map +1 -1
- package/esm/browser/http/OktaUserAgent.js +2 -2
- package/esm/browser/http/options.js +1 -0
- package/esm/browser/http/options.js.map +1 -1
- package/esm/browser/http/request.js +14 -25
- package/esm/browser/http/request.js.map +1 -1
- package/esm/browser/idx/IdxTransactionManager.js +4 -1
- package/esm/browser/idx/IdxTransactionManager.js.map +1 -1
- package/esm/browser/idx/authenticator/Authenticator.js.map +1 -1
- package/esm/browser/idx/authenticator/OktaPassword.js +17 -4
- package/esm/browser/idx/authenticator/OktaPassword.js.map +1 -1
- package/esm/browser/idx/cancel.js +1 -0
- package/esm/browser/idx/cancel.js.map +1 -1
- package/esm/browser/idx/factory/api.js +1 -0
- package/esm/browser/idx/factory/api.js.map +1 -1
- package/esm/browser/idx/flow/AccountUnlockFlow.js +1 -0
- package/esm/browser/idx/flow/AccountUnlockFlow.js.map +1 -1
- package/esm/browser/idx/flow/AuthenticationFlow.js +1 -0
- package/esm/browser/idx/flow/AuthenticationFlow.js.map +1 -1
- package/esm/browser/idx/flow/PasswordRecoveryFlow.js +1 -0
- package/esm/browser/idx/flow/PasswordRecoveryFlow.js.map +1 -1
- package/esm/browser/idx/flow/RegistrationFlow.js +1 -0
- package/esm/browser/idx/flow/RegistrationFlow.js.map +1 -1
- package/esm/browser/idx/handleInteractionCodeRedirect.js +1 -0
- package/esm/browser/idx/handleInteractionCodeRedirect.js.map +1 -1
- package/esm/browser/idx/idxState/v1/generateIdxAction.js +1 -0
- package/esm/browser/idx/idxState/v1/generateIdxAction.js.map +1 -1
- package/esm/browser/idx/idxState/v1/idxResponseParser.js +1 -0
- package/esm/browser/idx/idxState/v1/idxResponseParser.js.map +1 -1
- package/esm/browser/idx/interact.js +1 -0
- package/esm/browser/idx/interact.js.map +1 -1
- package/esm/browser/idx/proceed.js +1 -0
- package/esm/browser/idx/proceed.js.map +1 -1
- package/esm/browser/idx/recoverPassword.js +1 -0
- package/esm/browser/idx/recoverPassword.js.map +1 -1
- package/esm/browser/idx/register.js +1 -0
- package/esm/browser/idx/register.js.map +1 -1
- package/esm/browser/idx/remediate.js +1 -0
- package/esm/browser/idx/remediate.js.map +1 -1
- package/esm/browser/idx/remediators/GenericRemediator/util.js +2 -0
- package/esm/browser/idx/remediators/GenericRemediator/util.js.map +1 -1
- package/esm/browser/idx/run.js +3 -3
- package/esm/browser/idx/run.js.map +1 -1
- package/esm/browser/idx/transactionMeta.js +1 -0
- package/esm/browser/idx/transactionMeta.js.map +1 -1
- package/esm/browser/idx/types/idx-js.js.map +1 -1
- package/esm/browser/idx/unlockAccount.js +1 -0
- package/esm/browser/idx/unlockAccount.js.map +1 -1
- package/esm/browser/myaccount/request.js +1 -0
- package/esm/browser/myaccount/request.js.map +1 -1
- package/esm/browser/oidc/TokenManager.js +13 -1
- package/esm/browser/oidc/TokenManager.js.map +1 -1
- package/esm/browser/oidc/decodeToken.js +1 -0
- package/esm/browser/oidc/decodeToken.js.map +1 -1
- package/esm/browser/oidc/dpop.js +160 -0
- package/esm/browser/oidc/dpop.js.map +1 -0
- package/esm/browser/oidc/endpoints/authorize.js +1 -0
- package/esm/browser/oidc/endpoints/authorize.js.map +1 -1
- package/esm/browser/oidc/endpoints/token.js +57 -24
- package/esm/browser/oidc/endpoints/token.js.map +1 -1
- package/esm/browser/oidc/endpoints/well-known.js +1 -0
- package/esm/browser/oidc/endpoints/well-known.js.map +1 -1
- package/esm/browser/oidc/enrollAuthenticator.js +1 -0
- package/esm/browser/oidc/enrollAuthenticator.js.map +1 -1
- package/esm/browser/oidc/exchangeCodeForTokens.js +40 -25
- package/esm/browser/oidc/exchangeCodeForTokens.js.map +1 -1
- package/esm/browser/oidc/factory/api.js +1 -0
- package/esm/browser/oidc/factory/api.js.map +1 -1
- package/esm/browser/oidc/factory/baseApi.js +1 -0
- package/esm/browser/oidc/factory/baseApi.js.map +1 -1
- package/esm/browser/oidc/getToken.js +1 -0
- package/esm/browser/oidc/getToken.js.map +1 -1
- package/esm/browser/oidc/getUserInfo.js +22 -18
- package/esm/browser/oidc/getUserInfo.js.map +1 -1
- package/esm/browser/oidc/getWithPopup.js +1 -0
- package/esm/browser/oidc/getWithPopup.js.map +1 -1
- package/esm/browser/oidc/getWithRedirect.js +1 -0
- package/esm/browser/oidc/getWithRedirect.js.map +1 -1
- package/esm/browser/oidc/getWithoutPrompt.js +1 -0
- package/esm/browser/oidc/getWithoutPrompt.js.map +1 -1
- package/esm/browser/oidc/handleOAuthResponse.js +10 -0
- package/esm/browser/oidc/handleOAuthResponse.js.map +1 -1
- package/esm/browser/oidc/introspect.js +1 -0
- package/esm/browser/oidc/introspect.js.map +1 -1
- package/esm/browser/oidc/mixin/index.js +78 -2
- package/esm/browser/oidc/mixin/index.js.map +1 -1
- package/esm/browser/oidc/mixin/minimal.js +1 -0
- package/esm/browser/oidc/mixin/minimal.js.map +1 -1
- package/esm/browser/oidc/options/OAuthOptionsConstructor.js +2 -1
- package/esm/browser/oidc/options/OAuthOptionsConstructor.js.map +1 -1
- package/esm/browser/oidc/parseFromUrl.js +1 -0
- package/esm/browser/oidc/parseFromUrl.js.map +1 -1
- package/esm/browser/oidc/renewToken.js +4 -2
- package/esm/browser/oidc/renewToken.js.map +1 -1
- package/esm/browser/oidc/renewTokens.js +4 -1
- package/esm/browser/oidc/renewTokens.js.map +1 -1
- package/esm/browser/oidc/renewTokensWithRefresh.js +12 -5
- package/esm/browser/oidc/renewTokensWithRefresh.js.map +1 -1
- package/esm/browser/oidc/revokeToken.js +1 -0
- package/esm/browser/oidc/revokeToken.js.map +1 -1
- package/esm/browser/oidc/storage.js +1 -0
- package/esm/browser/oidc/storage.js.map +1 -1
- package/esm/browser/oidc/types/Token.js.map +1 -1
- package/esm/browser/oidc/util/browser.js +1 -0
- package/esm/browser/oidc/util/browser.js.map +1 -1
- package/esm/browser/oidc/util/defaultTokenParams.js +3 -2
- package/esm/browser/oidc/util/defaultTokenParams.js.map +1 -1
- package/esm/browser/oidc/util/prepareEnrollAuthenticatorParams.js +1 -0
- package/esm/browser/oidc/util/prepareEnrollAuthenticatorParams.js.map +1 -1
- package/esm/browser/oidc/util/prepareTokenParams.js +4 -0
- package/esm/browser/oidc/util/prepareTokenParams.js.map +1 -1
- package/esm/browser/oidc/util/validateToken.js +1 -0
- package/esm/browser/oidc/util/validateToken.js.map +1 -1
- package/esm/browser/oidc/verifyToken.js +1 -0
- package/esm/browser/oidc/verifyToken.js.map +1 -1
- package/esm/browser/package.json +1 -1
- package/esm/browser/services/AutoRenewService.js +1 -0
- package/esm/browser/services/AutoRenewService.js.map +1 -1
- package/esm/browser/services/RenewOnTabActivationService.js +67 -0
- package/esm/browser/services/RenewOnTabActivationService.js.map +1 -0
- package/esm/browser/services/SyncStorageService.js +1 -0
- package/esm/browser/services/SyncStorageService.js.map +1 -1
- package/esm/browser/session/api.js +1 -0
- package/esm/browser/session/api.js.map +1 -1
- package/esm/node/authn/api.js +1 -0
- package/esm/node/authn/api.js.map +1 -1
- package/esm/node/authn/util/link2fn.js +1 -0
- package/esm/node/authn/util/link2fn.js.map +1 -1
- package/esm/node/authn/util/poll.js +1 -0
- package/esm/node/authn/util/poll.js.map +1 -1
- package/esm/node/browser/fingerprint.js +1 -0
- package/esm/node/browser/fingerprint.js.map +1 -1
- package/esm/node/core/AuthStateManager.js +1 -0
- package/esm/node/core/AuthStateManager.js.map +1 -1
- package/esm/node/core/options.js +1 -0
- package/esm/node/core/options.js.map +1 -1
- package/esm/node/crypto/base64.js +1 -0
- package/esm/node/crypto/base64.js.map +1 -1
- package/esm/node/errors/OAuthError.js +5 -1
- package/esm/node/errors/OAuthError.js.map +1 -1
- package/esm/node/errors/WWWAuthError.js +61 -0
- package/esm/node/errors/WWWAuthError.js.map +1 -0
- package/esm/node/errors/index.js +6 -1
- package/esm/node/errors/index.js.map +1 -1
- package/esm/node/exports/exports/authn.js +2 -1
- package/esm/node/exports/exports/authn.js.map +1 -1
- package/esm/node/exports/exports/core.js +2 -1
- package/esm/node/exports/exports/core.js.map +1 -1
- package/esm/node/exports/exports/default.js +2 -1
- package/esm/node/exports/exports/default.js.map +1 -1
- package/esm/node/exports/exports/idx.js +2 -1
- package/esm/node/exports/exports/idx.js.map +1 -1
- package/esm/node/exports/exports/myaccount.js +2 -1
- package/esm/node/exports/exports/myaccount.js.map +1 -1
- package/esm/node/features.js +12 -2
- package/esm/node/features.js.map +1 -1
- package/esm/node/http/OktaUserAgent.js +2 -2
- package/esm/node/http/options.js +1 -0
- package/esm/node/http/options.js.map +1 -1
- package/esm/node/http/request.js +14 -25
- package/esm/node/http/request.js.map +1 -1
- package/esm/node/idx/IdxTransactionManager.js +4 -1
- package/esm/node/idx/IdxTransactionManager.js.map +1 -1
- package/esm/node/idx/authenticator/Authenticator.js.map +1 -1
- package/esm/node/idx/authenticator/OktaPassword.js +17 -4
- package/esm/node/idx/authenticator/OktaPassword.js.map +1 -1
- package/esm/node/idx/cancel.js +1 -0
- package/esm/node/idx/cancel.js.map +1 -1
- package/esm/node/idx/factory/api.js +1 -0
- package/esm/node/idx/factory/api.js.map +1 -1
- package/esm/node/idx/flow/AccountUnlockFlow.js +1 -0
- package/esm/node/idx/flow/AccountUnlockFlow.js.map +1 -1
- package/esm/node/idx/flow/AuthenticationFlow.js +1 -0
- package/esm/node/idx/flow/AuthenticationFlow.js.map +1 -1
- package/esm/node/idx/flow/PasswordRecoveryFlow.js +1 -0
- package/esm/node/idx/flow/PasswordRecoveryFlow.js.map +1 -1
- package/esm/node/idx/flow/RegistrationFlow.js +1 -0
- package/esm/node/idx/flow/RegistrationFlow.js.map +1 -1
- package/esm/node/idx/handleInteractionCodeRedirect.js +1 -0
- package/esm/node/idx/handleInteractionCodeRedirect.js.map +1 -1
- package/esm/node/idx/idxState/v1/generateIdxAction.js +1 -0
- package/esm/node/idx/idxState/v1/generateIdxAction.js.map +1 -1
- package/esm/node/idx/idxState/v1/idxResponseParser.js +1 -0
- package/esm/node/idx/idxState/v1/idxResponseParser.js.map +1 -1
- package/esm/node/idx/interact.js +1 -0
- package/esm/node/idx/interact.js.map +1 -1
- package/esm/node/idx/proceed.js +1 -0
- package/esm/node/idx/proceed.js.map +1 -1
- package/esm/node/idx/recoverPassword.js +1 -0
- package/esm/node/idx/recoverPassword.js.map +1 -1
- package/esm/node/idx/register.js +1 -0
- package/esm/node/idx/register.js.map +1 -1
- package/esm/node/idx/remediate.js +1 -0
- package/esm/node/idx/remediate.js.map +1 -1
- package/esm/node/idx/remediators/GenericRemediator/util.js +2 -0
- package/esm/node/idx/remediators/GenericRemediator/util.js.map +1 -1
- package/esm/node/idx/run.js +3 -3
- package/esm/node/idx/run.js.map +1 -1
- package/esm/node/idx/transactionMeta.js +1 -0
- package/esm/node/idx/transactionMeta.js.map +1 -1
- package/esm/node/idx/types/idx-js.js.map +1 -1
- package/esm/node/idx/unlockAccount.js +1 -0
- package/esm/node/idx/unlockAccount.js.map +1 -1
- package/esm/node/myaccount/request.js +1 -0
- package/esm/node/myaccount/request.js.map +1 -1
- package/esm/node/oidc/TokenManager.js +13 -1
- package/esm/node/oidc/TokenManager.js.map +1 -1
- package/esm/node/oidc/decodeToken.js +1 -0
- package/esm/node/oidc/decodeToken.js.map +1 -1
- package/esm/node/oidc/dpop.js +160 -0
- package/esm/node/oidc/dpop.js.map +1 -0
- package/esm/node/oidc/endpoints/authorize.js +1 -0
- package/esm/node/oidc/endpoints/authorize.js.map +1 -1
- package/esm/node/oidc/endpoints/token.js +57 -24
- package/esm/node/oidc/endpoints/token.js.map +1 -1
- package/esm/node/oidc/endpoints/well-known.js +1 -0
- package/esm/node/oidc/endpoints/well-known.js.map +1 -1
- package/esm/node/oidc/enrollAuthenticator.js +1 -0
- package/esm/node/oidc/enrollAuthenticator.js.map +1 -1
- package/esm/node/oidc/exchangeCodeForTokens.js +40 -25
- package/esm/node/oidc/exchangeCodeForTokens.js.map +1 -1
- package/esm/node/oidc/factory/api.js +1 -0
- package/esm/node/oidc/factory/api.js.map +1 -1
- package/esm/node/oidc/factory/baseApi.js +1 -0
- package/esm/node/oidc/factory/baseApi.js.map +1 -1
- package/esm/node/oidc/getToken.js +1 -0
- package/esm/node/oidc/getToken.js.map +1 -1
- package/esm/node/oidc/getUserInfo.js +22 -18
- package/esm/node/oidc/getUserInfo.js.map +1 -1
- package/esm/node/oidc/getWithPopup.js +1 -0
- package/esm/node/oidc/getWithPopup.js.map +1 -1
- package/esm/node/oidc/getWithRedirect.js +1 -0
- package/esm/node/oidc/getWithRedirect.js.map +1 -1
- package/esm/node/oidc/getWithoutPrompt.js +1 -0
- package/esm/node/oidc/getWithoutPrompt.js.map +1 -1
- package/esm/node/oidc/handleOAuthResponse.js +10 -0
- package/esm/node/oidc/handleOAuthResponse.js.map +1 -1
- package/esm/node/oidc/introspect.js +1 -0
- package/esm/node/oidc/introspect.js.map +1 -1
- package/esm/node/oidc/mixin/index.js +78 -2
- package/esm/node/oidc/mixin/index.js.map +1 -1
- package/esm/node/oidc/mixin/minimal.js +1 -0
- package/esm/node/oidc/mixin/minimal.js.map +1 -1
- package/esm/node/oidc/options/OAuthOptionsConstructor.js +2 -1
- package/esm/node/oidc/options/OAuthOptionsConstructor.js.map +1 -1
- package/esm/node/oidc/parseFromUrl.js +1 -0
- package/esm/node/oidc/parseFromUrl.js.map +1 -1
- package/esm/node/oidc/renewToken.js +4 -2
- package/esm/node/oidc/renewToken.js.map +1 -1
- package/esm/node/oidc/renewTokens.js +4 -1
- package/esm/node/oidc/renewTokens.js.map +1 -1
- package/esm/node/oidc/renewTokensWithRefresh.js +12 -5
- package/esm/node/oidc/renewTokensWithRefresh.js.map +1 -1
- package/esm/node/oidc/revokeToken.js +1 -0
- package/esm/node/oidc/revokeToken.js.map +1 -1
- package/esm/node/oidc/storage.js +1 -0
- package/esm/node/oidc/storage.js.map +1 -1
- package/esm/node/oidc/types/Token.js.map +1 -1
- package/esm/node/oidc/util/browser.js +1 -0
- package/esm/node/oidc/util/browser.js.map +1 -1
- package/esm/node/oidc/util/defaultTokenParams.js +3 -2
- package/esm/node/oidc/util/defaultTokenParams.js.map +1 -1
- package/esm/node/oidc/util/prepareEnrollAuthenticatorParams.js +1 -0
- package/esm/node/oidc/util/prepareEnrollAuthenticatorParams.js.map +1 -1
- package/esm/node/oidc/util/prepareTokenParams.js +4 -0
- package/esm/node/oidc/util/prepareTokenParams.js.map +1 -1
- package/esm/node/oidc/util/validateToken.js +1 -0
- package/esm/node/oidc/util/validateToken.js.map +1 -1
- package/esm/node/oidc/verifyToken.js +1 -0
- package/esm/node/oidc/verifyToken.js.map +1 -1
- package/esm/node/package.json +1 -1
- package/esm/node/server/serverStorage.js +1 -0
- package/esm/node/server/serverStorage.js.map +1 -1
- package/esm/node/session/api.js +1 -0
- package/esm/node/session/api.js.map +1 -1
- package/esm/node/storage/options/StorageOptionsConstructor.js +1 -0
- package/esm/node/storage/options/StorageOptionsConstructor.js.map +1 -1
- package/package.json +5 -6
- package/types/lib/base/types.d.ts +1 -0
- package/types/lib/core/options.d.ts +1 -0
- package/types/lib/core/types/Service.d.ts +7 -1
- package/types/lib/errors/OAuthError.d.ts +3 -1
- package/types/lib/errors/WWWAuthError.d.ts +29 -0
- package/types/lib/errors/index.d.ts +3 -1
- package/types/lib/features.d.ts +1 -0
- package/types/lib/idx/authenticator/Authenticator.d.ts +1 -1
- package/types/lib/idx/authenticator/OktaPassword.d.ts +2 -1
- package/types/lib/idx/options.d.ts +1 -0
- package/types/lib/idx/types/idx-js.d.ts +1 -0
- package/types/lib/idx/types/options.d.ts +1 -0
- package/types/lib/oidc/dpop.d.ts +35 -0
- package/types/lib/oidc/endpoints/token.d.ts +5 -2
- package/types/lib/oidc/options/OAuthOptionsConstructor.d.ts +1 -0
- package/types/lib/oidc/types/Token.d.ts +2 -0
- package/types/lib/oidc/types/api.d.ts +14 -0
- package/types/lib/oidc/types/options.d.ts +3 -0
- package/types/lib/services/RenewOnTabActivationService.d.ts +16 -0
- package/types/lib/services/index.d.ts +1 -0
- package/umd/authn.js +1 -1
- package/umd/authn.js.map +1 -1
- package/umd/core.js +1 -1
- package/umd/core.js.map +1 -1
- package/umd/default.js +1 -1
- package/umd/default.js.map +1 -1
- package/umd/idx.js +1 -1
- package/umd/idx.js.map +1 -1
- package/umd/myaccount.js +1 -1
- package/umd/myaccount.js.map +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prepareTokenParams.js","sources":["../../../../../lib/oidc/util/prepareTokenParams.ts"],"sourcesContent":["/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown } from '../endpoints/well-known';\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { getDefaultTokenParams } from './defaultTokenParams';\nimport { DEFAULT_CODE_CHALLENGE_METHOD } from '../../constants';\nimport PKCE from './pkce';\nimport { OktaAuthBaseInterface } from '../../base/types';\n\nexport function assertPKCESupport(sdk: OktaAuthBaseInterface) {\n if (!sdk.features.isPKCESupported()) {\n var errorMessage = 'PKCE requires a modern browser with encryption support running in a secure context.';\n if (!sdk.features.isHTTPS()) {\n // eslint-disable-next-line max-len\n errorMessage += '\\nThe current page is not being served with HTTPS protocol. PKCE requires secure HTTPS protocol.';\n }\n if (!sdk.features.hasTextEncoder()) {\n // eslint-disable-next-line max-len\n errorMessage += '\\n\"TextEncoder\" is not defined. To use PKCE, you may need to include a polyfill/shim for this browser.';\n }\n throw new AuthSdkError(errorMessage);\n }\n}\n\nexport async function validateCodeChallengeMethod(sdk: OktaAuthOAuthInterface, codeChallengeMethod?: string) {\n // set default code challenge method, if none provided\n codeChallengeMethod = codeChallengeMethod || sdk.options.codeChallengeMethod || DEFAULT_CODE_CHALLENGE_METHOD;\n\n // validate against .well-known/openid-configuration\n const wellKnownResponse = await getWellKnown(sdk);\n var methods = wellKnownResponse['code_challenge_methods_supported'] || [];\n if (methods.indexOf(codeChallengeMethod) === -1) {\n throw new AuthSdkError('Invalid code_challenge_method');\n }\n return codeChallengeMethod;\n}\n\nexport async function preparePKCE(\n sdk: OktaAuthOAuthInterface, \n tokenParams: TokenParams\n): Promise<TokenParams> {\n let {\n codeVerifier,\n codeChallenge,\n codeChallengeMethod\n } = tokenParams;\n\n // PKCE calculations can be avoided by passing a codeChallenge\n codeChallenge = codeChallenge || sdk.options.codeChallenge;\n if (!codeChallenge) {\n assertPKCESupport(sdk);\n codeVerifier = codeVerifier || PKCE.generateVerifier();\n codeChallenge = await PKCE.computeChallenge(codeVerifier);\n }\n codeChallengeMethod = await validateCodeChallengeMethod(sdk, codeChallengeMethod);\n\n // Clone/copy the params. Set PKCE values\n tokenParams = {\n ...tokenParams,\n responseType: 'code', // responseType is forced\n codeVerifier,\n codeChallenge,\n codeChallengeMethod\n };\n\n return tokenParams;\n}\n\n// Prepares params for a call to /authorize or /token\nexport async function prepareTokenParams(\n sdk: OktaAuthOAuthInterface,\n tokenParams: TokenParams = {}\n): Promise<TokenParams> {\n // build params using defaults + options\n const defaults = getDefaultTokenParams(sdk);\n tokenParams = { ...defaults, ...tokenParams };\n\n if (tokenParams.pkce === false) {\n // Implicit flow or authorization_code without PKCE\n return tokenParams;\n }\n\n return preparePKCE(sdk, tokenParams);\n}"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAqBM,CAAU,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiB,CAAC,CAAA,CAAA,CAA0B,CAAA,CAAA,CAAA;AAC1D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAG,CAAA,CAAA,CAAC,QAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,EAAE,CAAE,CAAA,CAAA;QACnC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAqF,CAAC;AACzG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAG,CAAA,CAAA,CAAC,QAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,EAAE,CAAE,CAAA,CAAA;CAE3B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAkG,CAAC;AACpH,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAG,CAAA,CAAA,CAAC,QAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,EAAE,CAAE,CAAA,CAAA;CAElC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAwG,CAAC;AAC1H,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAC;AACtC,CAAA,CAAA,CAAA,CAAA,CAAA;AACH,CAAC;AAEM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAA2B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAA2B,CAAA,CAAA,CAAA,CAAE,mBAA4B,CAAA,CAAA,CAAA;CAEzG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA6B,CAAC;AAG9G,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,iBAAiB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,YAAY,CAAC,CAAA,CAAA,CAAG,CAAC,CAAC;CAClD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,OAAO,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiB,CAAC,CAAkC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC;CAC1E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,mBAAmB,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAC,CAAE,CAAA,CAAA;AAC/C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA+B,CAAC,CAAC;AACzD,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,mBAAmB,CAAC;AAC7B,CAAC;AAEM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAC/B,CAA2B,CAAA,CAAA,CAAA,CAC3B,WAAwB,CAAA,CAAA,CAAA;CAExB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CACF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CACZ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,EACb,CAAmB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACpB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC;CAGhB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,GAAG,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,GAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC;CAC3D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAE,CAAA,CAAA;QAClB,CAAiB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAC,CAAC;AACvB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,GAAG,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,IAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,EAAE,CAAC;CACvD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,GAAG,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAC3D,CAAA,CAAA,CAAA,CAAA,CAAA;CACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,GAAG,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA2B,CAAC,CAAG,CAAA,CAAA,CAAA,CAAE,CAAmB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAGlF,CAAA,CAAA,CAAA,CAAA,WAAW,mCACN,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,EAAA,CACd,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,EAAE,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QACpB,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QACZ,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACb,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,GACpB,CAAC;AAEF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,WAAW,CAAC;AACrB,CAAC;AAGM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,kBAAkB,CACtC,CAAA,CAAA,CAA2B,EAC3B,cAA2B,EAAE,CAAA,CAAA,CAAA;AAG7B,CAAA,CAAA,CAAA,CAAA,MAAM,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,qBAAqB,CAAC,CAAA,CAAA,CAAG,CAAC,CAAC;AAC5C,CAAA,CAAA,CAAA,CAAA,WAAW,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,EAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAE,CAAC;AAE9C,CAAA,CAAA,CAAA,CAAA,IAAI,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,KAAK,CAAE,CAAA,CAAA;AAE9B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,WAAW,CAAC;AACpB,CAAA,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,OAAO,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,GAAG,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAC;AACvC,CAAA;;"}
|
|
1
|
+
{"version":3,"file":"prepareTokenParams.js","sources":["../../../../../lib/oidc/util/prepareTokenParams.ts"],"sourcesContent":["/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown } from '../endpoints/well-known';\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { getDefaultTokenParams } from './defaultTokenParams';\nimport { DEFAULT_CODE_CHALLENGE_METHOD } from '../../constants';\nimport PKCE from './pkce';\nimport { OktaAuthBaseInterface } from '../../base/types';\n\nexport function assertPKCESupport(sdk: OktaAuthBaseInterface) {\n if (!sdk.features.isPKCESupported()) {\n var errorMessage = 'PKCE requires a modern browser with encryption support running in a secure context.';\n if (!sdk.features.isHTTPS()) {\n // eslint-disable-next-line max-len\n errorMessage += '\\nThe current page is not being served with HTTPS protocol. PKCE requires secure HTTPS protocol.';\n }\n if (!sdk.features.hasTextEncoder()) {\n // eslint-disable-next-line max-len\n errorMessage += '\\n\"TextEncoder\" is not defined. To use PKCE, you may need to include a polyfill/shim for this browser.';\n }\n throw new AuthSdkError(errorMessage);\n }\n}\n\nexport async function validateCodeChallengeMethod(sdk: OktaAuthOAuthInterface, codeChallengeMethod?: string) {\n // set default code challenge method, if none provided\n codeChallengeMethod = codeChallengeMethod || sdk.options.codeChallengeMethod || DEFAULT_CODE_CHALLENGE_METHOD;\n\n // validate against .well-known/openid-configuration\n const wellKnownResponse = await getWellKnown(sdk);\n var methods = wellKnownResponse['code_challenge_methods_supported'] || [];\n if (methods.indexOf(codeChallengeMethod) === -1) {\n throw new AuthSdkError('Invalid code_challenge_method');\n }\n return codeChallengeMethod;\n}\n\nexport async function preparePKCE(\n sdk: OktaAuthOAuthInterface, \n tokenParams: TokenParams\n): Promise<TokenParams> {\n let {\n codeVerifier,\n codeChallenge,\n codeChallengeMethod\n } = tokenParams;\n\n // PKCE calculations can be avoided by passing a codeChallenge\n codeChallenge = codeChallenge || sdk.options.codeChallenge;\n if (!codeChallenge) {\n assertPKCESupport(sdk);\n codeVerifier = codeVerifier || PKCE.generateVerifier();\n codeChallenge = await PKCE.computeChallenge(codeVerifier);\n }\n codeChallengeMethod = await validateCodeChallengeMethod(sdk, codeChallengeMethod);\n\n // Clone/copy the params. Set PKCE values\n tokenParams = {\n ...tokenParams,\n responseType: 'code', // responseType is forced\n codeVerifier,\n codeChallenge,\n codeChallengeMethod\n };\n\n return tokenParams;\n}\n\n// Prepares params for a call to /authorize or /token\nexport async function prepareTokenParams(\n sdk: OktaAuthOAuthInterface,\n tokenParams: TokenParams = {}\n): Promise<TokenParams> {\n // build params using defaults + options\n const defaults = getDefaultTokenParams(sdk);\n tokenParams = { ...defaults, ...tokenParams };\n\n if (tokenParams.dpop && !sdk.features.isDPoPSupported()) {\n throw new AuthSdkError('DPoP has been configured, but is not supported by browser');\n }\n\n if (tokenParams.pkce === false) {\n // Implicit flow or authorization_code without PKCE\n return tokenParams;\n }\n\n return preparePKCE(sdk, tokenParams);\n}"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAqBM,CAAU,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiB,CAAC,CAAA,CAAA,CAA0B,CAAA,CAAA,CAAA;AAC1D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAG,CAAA,CAAA,CAAC,QAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,EAAE,CAAE,CAAA,CAAA;QACnC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAqF,CAAC;AACzG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAG,CAAA,CAAA,CAAC,QAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,EAAE,CAAE,CAAA,CAAA;CAE3B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAkG,CAAC;AACpH,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAG,CAAA,CAAA,CAAC,QAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,EAAE,CAAE,CAAA,CAAA;CAElC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAwG,CAAC;AAC1H,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAC;AACtC,CAAA,CAAA,CAAA,CAAA,CAAA;AACH,CAAC;AAEM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAA2B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAA2B,CAAA,CAAA,CAAA,CAAE,mBAA4B,CAAA,CAAA,CAAA;CAEzG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA6B,CAAC;AAG9G,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,iBAAiB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,YAAY,CAAC,CAAA,CAAA,CAAG,CAAC,CAAC;CAClD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,OAAO,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiB,CAAC,CAAkC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC;CAC1E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,mBAAmB,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAC,CAAE,CAAA,CAAA;AAC/C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA+B,CAAC,CAAC;AACzD,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,mBAAmB,CAAC;AAC7B,CAAC;AAEM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAC/B,CAA2B,CAAA,CAAA,CAAA,CAC3B,WAAwB,CAAA,CAAA,CAAA;CAExB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CACF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CACZ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,EACb,CAAmB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACpB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC;CAGhB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,GAAG,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,GAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC;CAC3D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAE,CAAA,CAAA;QAClB,CAAiB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAC,CAAC;AACvB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,GAAG,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,IAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,EAAE,CAAC;CACvD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,GAAG,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAC3D,CAAA,CAAA,CAAA,CAAA,CAAA;CACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,GAAG,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA2B,CAAC,CAAG,CAAA,CAAA,CAAA,CAAE,CAAmB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAGlF,CAAA,CAAA,CAAA,CAAA,WAAW,mCACN,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,EAAA,CACd,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,EAAE,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QACpB,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QACZ,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACb,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,GACpB,CAAC;AAEF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,WAAW,CAAC;AACrB,CAAC;AAGM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,kBAAkB,CACtC,CAAA,CAAA,CAA2B,EAC3B,cAA2B,EAAE,CAAA,CAAA,CAAA;AAG7B,CAAA,CAAA,CAAA,CAAA,MAAM,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,qBAAqB,CAAC,CAAA,CAAA,CAAG,CAAC,CAAC;AAC5C,CAAA,CAAA,CAAA,CAAA,WAAW,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,EAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAE,CAAC;IAE9C,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAA,CAAA,CAAA,CAAI,CAAI,CAAA,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAC,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAE,CAAA,CAAA;AACvD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA2D,CAAC,CAAC;AACrF,CAAA,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,IAAI,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,KAAK,CAAE,CAAA,CAAA;AAE9B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,WAAW,CAAC;AACpB,CAAA,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,OAAO,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,GAAG,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAC;AACvC,CAAA;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validateToken.js","sources":["../../../../../lib/oidc/util/validateToken.ts"],"sourcesContent":["/* eslint-disable complexity */\n\nimport { AuthSdkError } from '../../errors';\nimport { isAccessToken, isIDToken, isRefreshToken, Token, TokenType } from '../../oidc/types';\n\nexport function validateToken(token: Token, type?: TokenType) {\n if (!isIDToken(token) && !isAccessToken(token) && !isRefreshToken(token)) {\n throw new AuthSdkError(\n 'Token must be an Object with scopes, expiresAt, and one of: an idToken, accessToken, or refreshToken property'\n );\n }\n \n if (type === 'accessToken' && !isAccessToken(token)) {\n throw new AuthSdkError('invalid accessToken');\n } \n if (type === 'idToken' && !isIDToken(token)) {\n throw new AuthSdkError('invalid idToken');\n }\n\n if (type === 'refreshToken' && !isRefreshToken(token)) {\n throw new AuthSdkError('invalid refreshToken');\n }\n}"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"validateToken.js","sources":["../../../../../lib/oidc/util/validateToken.ts"],"sourcesContent":["/* eslint-disable complexity */\n\nimport { AuthSdkError } from '../../errors';\nimport { isAccessToken, isIDToken, isRefreshToken, Token, TokenType } from '../../oidc/types';\n\nexport function validateToken(token: Token, type?: TokenType) {\n if (!isIDToken(token) && !isAccessToken(token) && !isRefreshToken(token)) {\n throw new AuthSdkError(\n 'Token must be an Object with scopes, expiresAt, and one of: an idToken, accessToken, or refreshToken property'\n );\n }\n \n if (type === 'accessToken' && !isAccessToken(token)) {\n throw new AuthSdkError('invalid accessToken');\n } \n if (type === 'idToken' && !isIDToken(token)) {\n throw new AuthSdkError('invalid idToken');\n }\n\n if (type === 'refreshToken' && !isRefreshToken(token)) {\n throw new AuthSdkError('invalid refreshToken');\n }\n}"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAKgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,IAAgB,CAAA,CAAA,CAAA;AAC1D,CAAA,CAAA,CAAA,CAAA,IAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,IAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAI,CAAA,CAAA,CAAA,CAAC,cAAc,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAE,CAAA,CAAA;AACxE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CACpB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA+G,CAChH,CAAC;AACH,CAAA,CAAA,CAAA,CAAA,CAAA;CAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAE,CAAA,CAAA;AACnD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAqB,CAAC,CAAC;AAC/C,CAAA,CAAA,CAAA,CAAA,CAAA;CACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAE,CAAA,CAAA;AAC3C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiB,CAAC,CAAC;AAC3C,CAAA,CAAA,CAAA,CAAA,CAAA;CAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAc,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAc,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAE,CAAA,CAAA;AACrD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAsB,CAAC,CAAC;AAChD,CAAA,CAAA,CAAA,CAAA,CAAA;AACH,CAAA;;"}
|
|
@@ -12,6 +12,7 @@
|
|
|
12
12
|
|
|
13
13
|
import { getWellKnown, getKey } from './endpoints/well-known.js';
|
|
14
14
|
import AuthSdkError from '../errors/AuthSdkError.js';
|
|
15
|
+
import '../errors/WWWAuthError.js';
|
|
15
16
|
import '../crypto/node.js';
|
|
16
17
|
import { getOidcHash } from '../crypto/oidcHash.js';
|
|
17
18
|
import { verifyToken as verifyToken$1 } from '../crypto/verifyToken.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyToken.js","sources":["../../../../lib/oidc/verifyToken.ts"],"sourcesContent":["/* eslint-disable max-len */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown, getKey } from './endpoints/well-known';\nimport { validateClaims } from './util';\nimport { AuthSdkError } from '../errors';\nimport { IDToken, OktaAuthOAuthInterface, TokenVerifyParams } from '../oidc/types';\nimport { decodeToken } from './decodeToken';\nimport * as sdkCrypto from '../crypto';\n\n// Verify the id token\nexport async function verifyToken(sdk: OktaAuthOAuthInterface, token: IDToken, validationParams: TokenVerifyParams): Promise<IDToken> {\n if (!token || !token.idToken) {\n throw new AuthSdkError('Only idTokens may be verified');\n }\n\n // Decode the Jwt object (may throw)\n const jwt = decodeToken(token.idToken);\n\n // The configured issuer may point to a frontend proxy.\n // Get the \"real\" issuer from .well-known/openid-configuration\n const configuredIssuer = validationParams?.issuer || sdk.options.issuer;\n const { issuer } = await getWellKnown(sdk, configuredIssuer);\n\n const validationOptions: TokenVerifyParams = Object.assign({\n // base options, can be overridden by params\n clientId: sdk.options.clientId,\n ignoreSignature: sdk.options.ignoreSignature\n }, validationParams, {\n // final options, cannot be overridden\n issuer\n });\n\n // Standard claim validation (may throw)\n validateClaims(sdk, jwt.payload, validationOptions);\n\n // If the browser doesn't support native crypto or we choose not\n // to verify the signature, bail early\n if (validationOptions.ignoreSignature == true || !sdk.features.isTokenVerifySupported()) {\n return token;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const key = await getKey(sdk, token.issuer, jwt.header.kid!);\n const valid = await sdkCrypto.verifyToken(token.idToken, key);\n if (!valid) {\n throw new AuthSdkError('The token signature is not valid');\n }\n if (validationParams && validationParams.accessToken && token.claims.at_hash) {\n const hash = await sdkCrypto.getOidcHash(validationParams.accessToken);\n if (hash !== token.claims.at_hash) {\n throw new AuthSdkError('Token hash verification failed');\n }\n }\n return token;\n}\n"],"names":["sdkCrypto.verifyToken","sdkCrypto.getOidcHash"],"mappings":"
|
|
1
|
+
{"version":3,"file":"verifyToken.js","sources":["../../../../lib/oidc/verifyToken.ts"],"sourcesContent":["/* eslint-disable max-len */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown, getKey } from './endpoints/well-known';\nimport { validateClaims } from './util';\nimport { AuthSdkError } from '../errors';\nimport { IDToken, OktaAuthOAuthInterface, TokenVerifyParams } from '../oidc/types';\nimport { decodeToken } from './decodeToken';\nimport * as sdkCrypto from '../crypto';\n\n// Verify the id token\nexport async function verifyToken(sdk: OktaAuthOAuthInterface, token: IDToken, validationParams: TokenVerifyParams): Promise<IDToken> {\n if (!token || !token.idToken) {\n throw new AuthSdkError('Only idTokens may be verified');\n }\n\n // Decode the Jwt object (may throw)\n const jwt = decodeToken(token.idToken);\n\n // The configured issuer may point to a frontend proxy.\n // Get the \"real\" issuer from .well-known/openid-configuration\n const configuredIssuer = validationParams?.issuer || sdk.options.issuer;\n const { issuer } = await getWellKnown(sdk, configuredIssuer);\n\n const validationOptions: TokenVerifyParams = Object.assign({\n // base options, can be overridden by params\n clientId: sdk.options.clientId,\n ignoreSignature: sdk.options.ignoreSignature\n }, validationParams, {\n // final options, cannot be overridden\n issuer\n });\n\n // Standard claim validation (may throw)\n validateClaims(sdk, jwt.payload, validationOptions);\n\n // If the browser doesn't support native crypto or we choose not\n // to verify the signature, bail early\n if (validationOptions.ignoreSignature == true || !sdk.features.isTokenVerifySupported()) {\n return token;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const key = await getKey(sdk, token.issuer, jwt.header.kid!);\n const valid = await sdkCrypto.verifyToken(token.idToken, key);\n if (!valid) {\n throw new AuthSdkError('The token signature is not valid');\n }\n if (validationParams && validationParams.accessToken && token.claims.at_hash) {\n const hash = await sdkCrypto.getOidcHash(validationParams.accessToken);\n if (hash !== token.claims.at_hash) {\n throw new AuthSdkError('Token hash verification failed');\n }\n }\n return token;\n}\n"],"names":["sdkCrypto.verifyToken","sdkCrypto.getOidcHash"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAsBO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,WAAW,CAAC,CAAA,CAAA,CAA2B,EAAE,CAAc,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,gBAAmC,CAAA,CAAA,CAAA;AAChH,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,OAAO,CAAE,CAAA,CAAA;AAC5B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA+B,CAAC,CAAC;AACzD,CAAA,CAAA,CAAA,CAAA,CAAA;CAGD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,GAAG,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAIvC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,KAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAhB,CAAgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAhB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,GAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC;IACxE,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAA,CAAE,CAAgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAE7D,CAAA,CAAA,CAAA,CAAA,MAAM,CAAiB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAsB,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,MAAM,CAAC,CAAA;AAEzD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,QAAQ,CAAE,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAC9B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,eAAe,CAAE,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAC7C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,gBAAgB,CAAE,CAAA,CAAA;QAEnB,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA;AACP,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;CAGH,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,CAAC,CAAA,CAAA,CAAG,CAAE,CAAA,CAAA,CAAA,CAAG,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAiB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAIpD,CAAA,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiB,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,IAAI,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAsB,EAAE,CAAE,CAAA,CAAA;AACvF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,KAAK,CAAC;AACd,CAAA,CAAA,CAAA,CAAA,CAAA;AAGD,CAAA,CAAA,CAAA,CAAA,MAAM,CAAG,CAAA,CAAA,CAAA,CAAA,CAAG,MAAM,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,GAAG,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,EAAE,CAAG,CAAA,CAAA,CAAC,MAAM,CAAC,CAAA,CAAA,CAAI,CAAC,CAAC;AAC7D,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAMA,CAAqB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAG,CAAA,CAAA,CAAC,CAAC;CAC9D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAE,CAAA,CAAA;AACV,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAkC,CAAC,CAAC;AAC5D,CAAA,CAAA,CAAA,CAAA,CAAA;IACD,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAE,CAAA,CAAA;CAC5E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAMC,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAqB,CAAC,CAAgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AACvE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,IAAI,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,OAAO,CAAE,CAAA,CAAA;AACjC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgC,CAAC,CAAC;AAC1D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACF,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,KAAK,CAAC;AACf,CAAA;;"}
|
package/esm/node/package.json
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"serverStorage.js","sources":["../../../../lib/server/serverStorage.ts"],"sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport NodeCache from 'node-cache';\nimport { SimpleStorage, StorageType, StorageUtil, Cookies } from '../storage/types';\nimport { AuthSdkError } from '../errors';\n// eslint-disable-next-line import/no-commonjs\n\n// this is a SHARED memory storage to support a stateless http server\nconst sharedStorage = typeof NodeCache === 'function' ? new NodeCache() : null;\n\nclass ServerCookies implements Cookies {\n nodeCache: any; // NodeCache\n \n constructor(nodeCache) {\n this.nodeCache = nodeCache;\n }\n\n set(name: string, value: string, expiresAt: string): string {\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Time to expiration in seconds\n var ttl = (Date.parse(expiresAt) - Date.now()) / 1000;\n this.nodeCache.set(name, value, ttl);\n } else {\n this.nodeCache.set(name, value);\n }\n\n return this.get(name);\n }\n\n get(name): string {\n return this.nodeCache.get(name);\n }\n\n delete(name) {\n return this.nodeCache.del(name);\n }\n}\n// Building this as an object allows us to mock the functions in our tests\nclass ServerStorage implements StorageUtil {\n nodeCache: any; // NodeCache\n storage: Cookies;\n constructor(nodeCache) {\n this.nodeCache = nodeCache;\n this.storage = new ServerCookies(nodeCache);\n }\n\n testStorageType(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'memory':\n supported = true;\n break;\n default:\n break;\n }\n return supported;\n }\n\n getStorageByType(storageType: StorageType): SimpleStorage {\n let storageProvider;\n switch (storageType) {\n case 'memory':\n storageProvider = this.getStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n }\n\n findStorageType(): StorageType {\n return 'memory';\n }\n\n // shared in-memory using node cache\n getStorage(): SimpleStorage {\n return {\n getItem: this.nodeCache.get,\n setItem: (key, value) => {\n this.nodeCache.set(key, value, '2200-01-01T00:00:00.000Z');\n },\n };\n }\n}\n\nexport default new ServerStorage(sharedStorage);\n"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"serverStorage.js","sources":["../../../../lib/server/serverStorage.ts"],"sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport NodeCache from 'node-cache';\nimport { SimpleStorage, StorageType, StorageUtil, Cookies } from '../storage/types';\nimport { AuthSdkError } from '../errors';\n// eslint-disable-next-line import/no-commonjs\n\n// this is a SHARED memory storage to support a stateless http server\nconst sharedStorage = typeof NodeCache === 'function' ? new NodeCache() : null;\n\nclass ServerCookies implements Cookies {\n nodeCache: any; // NodeCache\n \n constructor(nodeCache) {\n this.nodeCache = nodeCache;\n }\n\n set(name: string, value: string, expiresAt: string): string {\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Time to expiration in seconds\n var ttl = (Date.parse(expiresAt) - Date.now()) / 1000;\n this.nodeCache.set(name, value, ttl);\n } else {\n this.nodeCache.set(name, value);\n }\n\n return this.get(name);\n }\n\n get(name): string {\n return this.nodeCache.get(name);\n }\n\n delete(name) {\n return this.nodeCache.del(name);\n }\n}\n// Building this as an object allows us to mock the functions in our tests\nclass ServerStorage implements StorageUtil {\n nodeCache: any; // NodeCache\n storage: Cookies;\n constructor(nodeCache) {\n this.nodeCache = nodeCache;\n this.storage = new ServerCookies(nodeCache);\n }\n\n testStorageType(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'memory':\n supported = true;\n break;\n default:\n break;\n }\n return supported;\n }\n\n getStorageByType(storageType: StorageType): SimpleStorage {\n let storageProvider;\n switch (storageType) {\n case 'memory':\n storageProvider = this.getStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n }\n\n findStorageType(): StorageType {\n return 'memory';\n }\n\n // shared in-memory using node cache\n getStorage(): SimpleStorage {\n return {\n getItem: this.nodeCache.get,\n setItem: (key, value) => {\n this.nodeCache.set(key, value, '2200-01-01T00:00:00.000Z');\n },\n };\n }\n}\n\nexport default new ServerStorage(sharedStorage);\n"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAsBA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC;AAE/E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,aAAa,CAAA,CAAA;AAGjB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAA,CAAA,CAAA;AACnB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,SAAS,CAAC;CAC5B,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,GAAG,CAAC,CAAA,CAAA,CAAA,CAAY,EAAE,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,SAAiB,CAAA,CAAA,CAAA;CAEhD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAE,CAAI,CAAA,CAAA,CAAA,CAAC,KAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,CAAC,CAAE,CAAA,CAAA;AAE7B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,IAAI,CAAG,CAAA,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAI,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,GAAG,CAAI,CAAA,CAAA,CAAA,CAAC,GAAG,CAAE,CAAA,CAAA,CAAA,CAAA,CAAI,IAAI,CAAC;YACtD,CAAI,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAG,CAAA,CAAA,CAAC,CAAC;AACtC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;CACL,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,CAAA,CAAA,CAAG,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AACjC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAI,CAAA,CAAA,CAAA,CAAC,GAAG,CAAC,CAAA,CAAA,CAAA,CAAI,CAAC,CAAC;CACvB,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA;CACN,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,IAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,CAAG,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAC,CAAC;CACjC,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA;CACT,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,IAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,CAAG,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAC,CAAC;CACjC,CAAA,CAAA,CAAA,CAAA;AACF,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,aAAa,CAAA,CAAA;AAGjB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAA,CAAA,CAAA;AACnB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,SAAS,CAAC;CAC3B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,IAAI,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;CAC7C,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAwB,CAAA,CAAA,CAAA;QACtC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC;AACtB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,QAAQ,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACjB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,KAAK,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;CACX,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC;gBACjB,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA;AAGT,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,SAAS,CAAC;CAClB,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAwB,CAAA,CAAA,CAAA;AACvC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,eAAe,CAAC;AACpB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,QAAQ,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACjB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,KAAK,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACX,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,eAAe,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,EAAE,CAAC;gBACpC,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA;AACR,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,gCAAgC,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC,CAAC;AAEzE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,eAAe,CAAC;CACxB,CAAA,CAAA,CAAA,CAAA;IAED,eAAe,CAAA,CAAA,CAAA,CAAA;AACb,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,QAAQ,CAAC;CACjB,CAAA,CAAA,CAAA,CAAA;IAGD,UAAU,CAAA,CAAA,CAAA,CAAA;QACR,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACL,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAE,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,CAAG,CAAA,CAAA,CAAA;AAC3B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAE,CAAA,CAAC,CAAG,CAAA,CAAA,CAAA,CAAE,KAAK,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA;gBACtB,CAAI,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAA,CAAE,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAA0B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;CAC5D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;SACF,CAAC;CACH,CAAA,CAAA,CAAA,CAAA;AACF,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA;;"}
|
package/esm/node/session/api.js
CHANGED
|
@@ -12,6 +12,7 @@
|
|
|
12
12
|
|
|
13
13
|
import { omit, getLink } from '../util/object.js';
|
|
14
14
|
import { toQueryString } from '../util/url.js';
|
|
15
|
+
import '../errors/WWWAuthError.js';
|
|
15
16
|
import '../crypto/node.js';
|
|
16
17
|
import { get, post, httpRequest } from '../http/request.js';
|
|
17
18
|
import 'tiny-emitter';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"api.js","sources":["../../../../lib/session/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window */\nimport { omit, getLink, toQueryString } from '../util';\nimport { get, post, httpRequest } from '../http';\n\nfunction sessionExists(sdk) {\n return sdk.session.get()\n .then(function(res) {\n if (res.status === 'ACTIVE') {\n return true;\n }\n return false;\n })\n .catch(function() {\n return false;\n });\n}\n\nfunction getSession(sdk) { \n return get(sdk, '/api/v1/sessions/me', { withCredentials: true })\n .then(function(session) {\n var res = omit(session, '_links');\n\n res.refresh = function() {\n return post(sdk, getLink(session, 'refresh').href, {}, { withCredentials: true });\n };\n\n res.user = function() {\n return get(sdk, getLink(session, 'user').href, { withCredentials: true });\n };\n\n return res;\n })\n .catch(function() {\n // Return INACTIVE status on failure\n return {status: 'INACTIVE'};\n });\n}\n\nfunction closeSession(sdk) {\n return httpRequest(sdk, {\n url: sdk.getIssuerOrigin() + '/api/v1/sessions/me',\n method: 'DELETE',\n withCredentials: true\n });\n}\n\nfunction refreshSession(sdk) {\n return post(sdk, '/api/v1/sessions/me/lifecycle/refresh', {}, { withCredentials: true });\n}\n\nfunction setCookieAndRedirect(sdk, sessionToken, redirectUrl) {\n redirectUrl = redirectUrl || window.location.href;\n window.location.assign(sdk.getIssuerOrigin() + '/login/sessionCookieRedirect' +\n toQueryString({\n checkAccountSetupComplete: true,\n token: sessionToken,\n redirectUrl: redirectUrl\n }));\n}\n\nexport {\n sessionExists,\n getSession,\n closeSession,\n refreshSession,\n setCookieAndRedirect\n};\n"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"api.js","sources":["../../../../lib/session/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window */\nimport { omit, getLink, toQueryString } from '../util';\nimport { get, post, httpRequest } from '../http';\n\nfunction sessionExists(sdk) {\n return sdk.session.get()\n .then(function(res) {\n if (res.status === 'ACTIVE') {\n return true;\n }\n return false;\n })\n .catch(function() {\n return false;\n });\n}\n\nfunction getSession(sdk) { \n return get(sdk, '/api/v1/sessions/me', { withCredentials: true })\n .then(function(session) {\n var res = omit(session, '_links');\n\n res.refresh = function() {\n return post(sdk, getLink(session, 'refresh').href, {}, { withCredentials: true });\n };\n\n res.user = function() {\n return get(sdk, getLink(session, 'user').href, { withCredentials: true });\n };\n\n return res;\n })\n .catch(function() {\n // Return INACTIVE status on failure\n return {status: 'INACTIVE'};\n });\n}\n\nfunction closeSession(sdk) {\n return httpRequest(sdk, {\n url: sdk.getIssuerOrigin() + '/api/v1/sessions/me',\n method: 'DELETE',\n withCredentials: true\n });\n}\n\nfunction refreshSession(sdk) {\n return post(sdk, '/api/v1/sessions/me/lifecycle/refresh', {}, { withCredentials: true });\n}\n\nfunction setCookieAndRedirect(sdk, sessionToken, redirectUrl) {\n redirectUrl = redirectUrl || window.location.href;\n window.location.assign(sdk.getIssuerOrigin() + '/login/sessionCookieRedirect' +\n toQueryString({\n checkAccountSetupComplete: true,\n token: sessionToken,\n redirectUrl: redirectUrl\n }));\n}\n\nexport {\n sessionExists,\n getSession,\n closeSession,\n refreshSession,\n setCookieAndRedirect\n};\n"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAgBA,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA;AACxB,CAAA,CAAA,CAAA,CAAA,OAAO,CAAG,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,GAAG,CAAE,CAAA;SACrB,CAAI,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA;AAChB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,IAAI,CAAG,CAAA,CAAA,CAAC,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,QAAQ,CAAE,CAAA,CAAA;AAC3B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,IAAI,CAAC;AACb,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,KAAK,CAAC;AACf,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACL,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,KAAK,CAAC;AACf,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC,CAAC;AACP,CAAC;AAED,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAC,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA;IACrB,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAG,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAqB,CAAE,CAAA,CAAA,CAAE,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC;SAChE,CAAI,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAA;CACpB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,GAAG,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;QAElC,CAAG,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;CACZ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,IAAI,CAAC,CAAA,CAAA,CAAG,EAAE,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,EAAE,CAAE,CAAA,CAAA,CAAE,eAAe,CAAE,CAAA,CAAA,CAAA,CAAA,CAAI,CAAE,CAAA,CAAC,CAAC;AACpF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;QAEF,CAAG,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACT,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,GAAG,CAAC,CAAA,CAAA,CAAG,EAAE,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,OAAO,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAC,CAAA,CAAA,CAAA,CAAI,EAAE,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,EAAE,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC,CAAC;AAC5E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAEF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,GAAG,CAAC;AACb,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAEL,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,EAAC,CAAC;AAC9B,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC,CAAC;AACL,CAAC;AAED,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA;IACvB,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAA,CAAA,CAAG,CAAE,CAAA,CAAA;AACtB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,GAAG,CAAE,CAAA,CAAA,CAAA,CAAG,CAAC,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,GAAG,CAAqB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAClD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,EAAE,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAChB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,EAAE,CAAI,CAAA,CAAA,CAAA;AACtB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AACL,CAAC;AAED,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,CAAC,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA;AACzB,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAG,EAAE,CAAuC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAE,CAAA,CAAA,CAAE,EAAE,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC,CAAC;AAC3F,CAAC;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,oBAAoB,CAAC,CAAA,CAAA,CAAG,EAAE,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,WAAW,CAAA,CAAA,CAAA;CAC1D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,GAAG,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,MAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAA,CAAA,CAAI,CAAC;CAClD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAE,CAAA,CAAA,CAAA,CAAG,CAA8B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAC3E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,aAAa,CAAC,CAAA;AACZ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAyB,EAAE,CAAI,CAAA,CAAA,CAAA,CAAA;AAC/B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,EAAE,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACnB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,EAAE,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACzB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC,CAAC;AACR,CAAA;;"}
|
|
@@ -10,6 +10,7 @@
|
|
|
10
10
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
11
11
|
*/
|
|
12
12
|
|
|
13
|
+
import '../../errors/WWWAuthError.js';
|
|
13
14
|
import '../../crypto/node.js';
|
|
14
15
|
import 'tiny-emitter';
|
|
15
16
|
import { createBaseOptionsConstructor } from '../../base/options.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"StorageOptionsConstructor.js","sources":["../../../../../lib/storage/options/StorageOptionsConstructor.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { createBaseOptionsConstructor } from '../../base';\nimport { CookieOptions, OktaAuthStorageOptions, StorageManagerOptions, StorageUtil } from '../types';\nimport { getStorage, STORAGE_MANAGER_OPTIONS, getCookieSettings } from './node';\nimport { isHTTPS } from '../../features';\n\nexport function createStorageOptionsConstructor() {\n\n const BaseOptionsConstructor = createBaseOptionsConstructor();\n return class StorageOptionsConstructor extends BaseOptionsConstructor implements Required<OktaAuthStorageOptions> {\n cookies: CookieOptions;\n storageUtil: StorageUtil;\n storageManager: StorageManagerOptions;\n \n constructor(args: any) {\n super(args);\n this.cookies = getCookieSettings(args, isHTTPS())!;\n this.storageUtil = args.storageUtil || getStorage();\n this.storageManager = { ...STORAGE_MANAGER_OPTIONS, ...args.storageManager };\n }\n };\n}\n"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"StorageOptionsConstructor.js","sources":["../../../../../lib/storage/options/StorageOptionsConstructor.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { createBaseOptionsConstructor } from '../../base';\nimport { CookieOptions, OktaAuthStorageOptions, StorageManagerOptions, StorageUtil } from '../types';\nimport { getStorage, STORAGE_MANAGER_OPTIONS, getCookieSettings } from './node';\nimport { isHTTPS } from '../../features';\n\nexport function createStorageOptionsConstructor() {\n\n const BaseOptionsConstructor = createBaseOptionsConstructor();\n return class StorageOptionsConstructor extends BaseOptionsConstructor implements Required<OktaAuthStorageOptions> {\n cookies: CookieOptions;\n storageUtil: StorageUtil;\n storageManager: StorageManagerOptions;\n \n constructor(args: any) {\n super(args);\n this.cookies = getCookieSettings(args, isHTTPS())!;\n this.storageUtil = args.storageUtil || getStorage();\n this.storageManager = { ...STORAGE_MANAGER_OPTIONS, ...args.storageManager };\n }\n };\n}\n"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;SAiBgB,+BAA+B,CAAA,CAAA,CAAA,CAAA;AAE7C,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAsB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA4B,EAAE,CAAC;IAC9D,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAA0B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,sBAAsB,CAAA,CAAA;AAKnE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAA,CAAA,CAAA,CAAS,CAAA,CAAA,CAAA;YACnB,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAC,CAAC;CACZ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,iBAAiB,CAAC,CAAA,CAAA,CAAA,CAAe,CAAE,CAAC;CACnD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAU,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC;CACpD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAc,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,MAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAA,CAAA,CAAA,CAAA,EAAA,CAAuB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,GAAK,CAAI,CAAA,CAAA,CAAA,CAAC,CAAc,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC;CAC9E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;KACF,CAAC;AACJ,CAAA;;"}
|
package/package.json
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"private": false,
|
|
3
3
|
"name": "@okta/okta-auth-js",
|
|
4
4
|
"description": "The Okta Auth SDK",
|
|
5
|
-
"version": "7.
|
|
5
|
+
"version": "7.7.0",
|
|
6
6
|
"homepage": "https://github.com/okta/okta-auth-js",
|
|
7
7
|
"license": "Apache-2.0",
|
|
8
8
|
"main": "cjs/exports/default.js",
|
|
@@ -178,7 +178,6 @@
|
|
|
178
178
|
"@rollup/plugin-alias": "^3.1.8",
|
|
179
179
|
"@rollup/plugin-babel": "^5.3.0",
|
|
180
180
|
"@rollup/plugin-replace": "^3.0.0",
|
|
181
|
-
"@tsd/typescript": "^4.6.4",
|
|
182
181
|
"@types/jest": "^27.5.1",
|
|
183
182
|
"@types/node": "^14.0.3",
|
|
184
183
|
"@typescript-eslint/eslint-plugin": "^5.18.0",
|
|
@@ -196,6 +195,7 @@
|
|
|
196
195
|
"eslint-plugin-jasmine": "^2.10.1",
|
|
197
196
|
"eslint-plugin-jsdoc": "^25.4.2",
|
|
198
197
|
"eslint-plugin-node": "^11.1.0",
|
|
198
|
+
"fake-indexeddb": "4.0.2",
|
|
199
199
|
"globby": "^6.1.0",
|
|
200
200
|
"husky": ">=6",
|
|
201
201
|
"jasmine-ajax": "^4.0.0",
|
|
@@ -204,7 +204,6 @@
|
|
|
204
204
|
"jest-jasmine2": "^28.1.0",
|
|
205
205
|
"jest-junit": "^13.0.0",
|
|
206
206
|
"jest-runner": "^28.1.0",
|
|
207
|
-
"jest-runner-tsd": "^3.0.0",
|
|
208
207
|
"json-loader": "0.5.4",
|
|
209
208
|
"lodash": "4.17.21",
|
|
210
209
|
"rollup": "^2.70.2",
|
|
@@ -215,7 +214,7 @@
|
|
|
215
214
|
"rollup-plugin-visualizer": "~5.5.4",
|
|
216
215
|
"shelljs": "0.8.5",
|
|
217
216
|
"ts-jest": "^28.0.2",
|
|
218
|
-
"
|
|
217
|
+
"tstyche": "^1.1.0",
|
|
219
218
|
"typedoc": "^0.23.19",
|
|
220
219
|
"typedoc-plugin-markdown": "^3.13.6",
|
|
221
220
|
"typescript": "^4.7.3",
|
|
@@ -240,7 +239,7 @@
|
|
|
240
239
|
"directory": "test/types"
|
|
241
240
|
},
|
|
242
241
|
"okta": {
|
|
243
|
-
"commitSha": "
|
|
244
|
-
"fullVersion": "7.
|
|
242
|
+
"commitSha": "7deec3d5f2c612f527c146f4eb75404af7e5c743",
|
|
243
|
+
"fullVersion": "7.7.0-g7deec3d"
|
|
245
244
|
}
|
|
246
245
|
}
|
|
@@ -32,6 +32,7 @@ export declare function createCoreOptionsConstructor(): {
|
|
|
32
32
|
codeChallengeMethod: string;
|
|
33
33
|
acrValues: string;
|
|
34
34
|
maxAge: string | number;
|
|
35
|
+
dpop: boolean;
|
|
35
36
|
tokenManager: import("../oidc").TokenManagerOptions;
|
|
36
37
|
postLogoutRedirectUri: string;
|
|
37
38
|
restoreOriginalUri: (oktaAuth: import("../oidc").OktaAuthOAuthInterface<import("../oidc").PKCETransactionMeta, import("../oidc").OAuthStorageManagerInterface<import("../oidc").PKCETransactionMeta>, import("../oidc").OktaAuthOAuthOptions, import("../oidc").TransactionManagerInterface>, originalUri?: string | undefined) => Promise<void>;
|
|
@@ -24,4 +24,10 @@ export interface LeaderElectionServiceOptions {
|
|
|
24
24
|
electionChannelName?: string;
|
|
25
25
|
broadcastChannelName?: string;
|
|
26
26
|
}
|
|
27
|
-
|
|
27
|
+
declare type seconds = number;
|
|
28
|
+
export interface RenewOnTabActivationServiceOptions {
|
|
29
|
+
renewOnTabActivation?: boolean;
|
|
30
|
+
tabInactivityDuration?: seconds;
|
|
31
|
+
}
|
|
32
|
+
export declare type ServiceManagerOptions = AutoRenewServiceOptions & SyncStorageServiceOptions & LeaderElectionServiceOptions & RenewOnTabActivationServiceOptions;
|
|
33
|
+
export {};
|
|
@@ -10,10 +10,12 @@
|
|
|
10
10
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
11
11
|
*/
|
|
12
12
|
import CustomError from './CustomError';
|
|
13
|
+
import type { HttpResponse } from '../http';
|
|
13
14
|
export default class OAuthError extends CustomError {
|
|
14
15
|
errorCode: string;
|
|
15
16
|
errorSummary: string;
|
|
16
17
|
error: string;
|
|
17
18
|
error_description: string;
|
|
18
|
-
|
|
19
|
+
resp: HttpResponse | null;
|
|
20
|
+
constructor(errorCode: string, summary: string, resp?: HttpResponse);
|
|
19
21
|
}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
/*!
|
|
2
|
+
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
3
|
+
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
4
|
+
*
|
|
5
|
+
* You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
|
|
6
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
7
|
+
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
8
|
+
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
9
|
+
*
|
|
10
|
+
* See the License for the specific language governing permissions and limitations under the License.
|
|
11
|
+
*/
|
|
12
|
+
import type { HttpResponse } from '../http';
|
|
13
|
+
import CustomError from './CustomError';
|
|
14
|
+
export default class WWWAuthError extends CustomError {
|
|
15
|
+
static UNKNOWN_ERROR: string;
|
|
16
|
+
scheme: string;
|
|
17
|
+
parameters: Record<string, string>;
|
|
18
|
+
name: string;
|
|
19
|
+
resp: HttpResponse | null;
|
|
20
|
+
constructor(scheme: string, parameters: Record<string, string>, resp?: HttpResponse);
|
|
21
|
+
get error(): string;
|
|
22
|
+
get errorCode(): string;
|
|
23
|
+
get error_description(): string;
|
|
24
|
+
get errorDescription(): string;
|
|
25
|
+
get errorSummary(): string;
|
|
26
|
+
get realm(): string;
|
|
27
|
+
static parseHeader(header: string): WWWAuthError | null;
|
|
28
|
+
static getWWWAuthenticateHeader(headers?: HeadersInit): string | null;
|
|
29
|
+
}
|
|
@@ -13,7 +13,9 @@ import AuthApiError from './AuthApiError';
|
|
|
13
13
|
import AuthPollStopError from './AuthPollStopError';
|
|
14
14
|
import AuthSdkError from './AuthSdkError';
|
|
15
15
|
import OAuthError from './OAuthError';
|
|
16
|
+
import WWWAuthError from './WWWAuthError';
|
|
16
17
|
declare function isAuthApiError(obj: any): obj is AuthApiError;
|
|
17
18
|
declare function isOAuthError(obj: any): obj is OAuthError;
|
|
18
|
-
|
|
19
|
+
declare function isWWWAuthError(obj: any): obj is WWWAuthError;
|
|
20
|
+
export { isAuthApiError, isOAuthError, isWWWAuthError, AuthApiError, AuthPollStopError, AuthSdkError, OAuthError, WWWAuthError };
|
|
19
21
|
export * from './types';
|
package/types/lib/features.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { IdxAuthenticator, IdxRemediationValue } from '../types/idx-js';
|
|
2
2
|
export interface Credentials {
|
|
3
|
-
[key: string]: string | undefined;
|
|
3
|
+
[key: string]: string | boolean | number | undefined;
|
|
4
4
|
}
|
|
5
5
|
export declare abstract class Authenticator<Values> {
|
|
6
6
|
meta: IdxAuthenticator;
|
|
@@ -3,9 +3,10 @@ export interface OktaPasswordInputValues {
|
|
|
3
3
|
password?: string;
|
|
4
4
|
passcode?: string;
|
|
5
5
|
credentials?: Credentials;
|
|
6
|
+
revokeSessions?: boolean;
|
|
6
7
|
}
|
|
7
8
|
export declare class OktaPassword extends Authenticator<OktaPasswordInputValues> {
|
|
8
9
|
canVerify(values: OktaPasswordInputValues): boolean;
|
|
9
10
|
mapCredentials(values: OktaPasswordInputValues): Credentials | undefined;
|
|
10
|
-
getInputs(idxRemediationValue: any): any;
|
|
11
|
+
getInputs(idxRemediationValue: any): any[];
|
|
11
12
|
}
|
|
@@ -39,6 +39,7 @@ export declare function createIdxOptionsConstructor(): {
|
|
|
39
39
|
codeChallengeMethod: string;
|
|
40
40
|
acrValues: string;
|
|
41
41
|
maxAge: string | number;
|
|
42
|
+
dpop: boolean;
|
|
42
43
|
tokenManager: import("../oidc").TokenManagerOptions;
|
|
43
44
|
postLogoutRedirectUri: string;
|
|
44
45
|
restoreOriginalUri: (oktaAuth: import("../oidc").OktaAuthOAuthInterface<import("../oidc").PKCETransactionMeta, import("../oidc").OAuthStorageManagerInterface<import("../oidc").PKCETransactionMeta>, import("../oidc").OktaAuthOAuthOptions, import("../oidc").TransactionManagerInterface>, originalUri?: string | undefined) => Promise<void>;
|
|
@@ -40,6 +40,7 @@ export interface IntrospectOptions extends IdxOptions {
|
|
|
40
40
|
interactionHandle?: string;
|
|
41
41
|
stateHandle?: string;
|
|
42
42
|
version?: string;
|
|
43
|
+
useGenericRemediator?: boolean;
|
|
43
44
|
}
|
|
44
45
|
export interface RemediateOptions extends IdxOptions {
|
|
45
46
|
remediators?: RemediationFlow;
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
import { OAuthError, WWWAuthError } from '../errors';
|
|
2
|
+
import { Tokens } from './types';
|
|
3
|
+
export interface DPoPClaims {
|
|
4
|
+
htm: string;
|
|
5
|
+
htu: string;
|
|
6
|
+
iat: number;
|
|
7
|
+
jti: string;
|
|
8
|
+
nonce?: string;
|
|
9
|
+
ath?: string;
|
|
10
|
+
}
|
|
11
|
+
export interface DPoPProofParams {
|
|
12
|
+
keyPair: CryptoKeyPair;
|
|
13
|
+
url: string;
|
|
14
|
+
method: string;
|
|
15
|
+
nonce?: string;
|
|
16
|
+
accessToken?: string;
|
|
17
|
+
}
|
|
18
|
+
export declare type ResourceDPoPProofParams = Omit<DPoPProofParams, 'keyPair' | 'nonce'>;
|
|
19
|
+
declare type DPoPProofTokenRequestParams = Omit<DPoPProofParams, 'accessToken'>;
|
|
20
|
+
export declare function isDPoPNonceError(obj: any): obj is OAuthError | WWWAuthError;
|
|
21
|
+
export declare function createJwt(header: object, claims: object, signingKey: CryptoKey): Promise<string>;
|
|
22
|
+
export declare function cryptoRandomValue(byteLen?: number): string;
|
|
23
|
+
export declare function generateKeyPair(): Promise<CryptoKeyPair>;
|
|
24
|
+
export declare type StoreMethod = 'get' | 'add' | 'delete' | 'clear';
|
|
25
|
+
export declare function findKeyPair(pairId?: string): Promise<CryptoKeyPair>;
|
|
26
|
+
export declare function clearDPoPKeyPair(pairId: string): Promise<void>;
|
|
27
|
+
export declare function clearAllDPoPKeyPairs(): Promise<void>;
|
|
28
|
+
export declare function createDPoPKeyPair(): Promise<{
|
|
29
|
+
keyPair: CryptoKeyPair;
|
|
30
|
+
keyPairId: string;
|
|
31
|
+
}>;
|
|
32
|
+
export declare function clearDPoPKeyPairAfterRevoke(revokedToken: 'access' | 'refresh', tokens: Tokens): Promise<void>;
|
|
33
|
+
export declare function generateDPoPProof({ keyPair, url, method, nonce, accessToken }: DPoPProofParams): Promise<string>;
|
|
34
|
+
export declare function generateDPoPForTokenRequest({ keyPair, url, method, nonce }: DPoPProofTokenRequestParams): Promise<string>;
|
|
35
|
+
export {};
|
|
@@ -11,5 +11,8 @@
|
|
|
11
11
|
*/
|
|
12
12
|
import { CustomUrls, OAuthResponse, RefreshToken, TokenParams } from '../types';
|
|
13
13
|
import { OktaAuthHttpInterface } from '../../http';
|
|
14
|
-
export
|
|
15
|
-
|
|
14
|
+
export interface TokenEndpointParams extends TokenParams {
|
|
15
|
+
dpopKeyPair?: CryptoKeyPair;
|
|
16
|
+
}
|
|
17
|
+
export declare function postToTokenEndpoint(sdk: any, options: TokenEndpointParams, urls: CustomUrls): Promise<OAuthResponse>;
|
|
18
|
+
export declare function postRefreshToken(sdk: OktaAuthHttpInterface, options: TokenEndpointParams, refreshToken: RefreshToken): Promise<OAuthResponse>;
|
|
@@ -30,6 +30,7 @@ export declare function createOAuthOptionsConstructor(): {
|
|
|
30
30
|
codeChallengeMethod: string;
|
|
31
31
|
acrValues: string;
|
|
32
32
|
maxAge: string | number;
|
|
33
|
+
dpop: boolean;
|
|
33
34
|
tokenManager: TokenManagerOptions;
|
|
34
35
|
postLogoutRedirectUri: string;
|
|
35
36
|
restoreOriginalUri: (oktaAuth: OktaAuthOAuthInterface, originalUri?: string) => Promise<void>;
|
|
@@ -21,11 +21,13 @@ export interface AccessToken extends AbstractToken {
|
|
|
21
21
|
claims: UserClaims;
|
|
22
22
|
tokenType: string;
|
|
23
23
|
userinfoUrl: string;
|
|
24
|
+
dpopPairId?: string;
|
|
24
25
|
}
|
|
25
26
|
export interface RefreshToken extends AbstractToken {
|
|
26
27
|
refreshToken: string;
|
|
27
28
|
tokenUrl: string;
|
|
28
29
|
issuer: string;
|
|
30
|
+
dpopPairId?: string;
|
|
29
31
|
}
|
|
30
32
|
export interface IDToken extends AbstractToken {
|
|
31
33
|
idToken: string;
|
|
@@ -99,6 +99,16 @@ export interface OriginalUriApi {
|
|
|
99
99
|
setOriginalUri(originalUri: string, state?: string): void;
|
|
100
100
|
removeOriginalUri(state?: string): void;
|
|
101
101
|
}
|
|
102
|
+
export interface DPoPRequest {
|
|
103
|
+
url: string;
|
|
104
|
+
method: string;
|
|
105
|
+
nonce?: string;
|
|
106
|
+
accessToken?: AccessToken;
|
|
107
|
+
}
|
|
108
|
+
export interface DPoPHeaders {
|
|
109
|
+
Authorization: string;
|
|
110
|
+
Dpop: string;
|
|
111
|
+
}
|
|
102
112
|
export interface MinimalOktaOAuthInterface<M extends OAuthTransactionMeta = PKCETransactionMeta, S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>, O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions, TM extends TransactionManagerInterface = TransactionManagerInterface> extends OktaAuthSessionInterface<S, O> {
|
|
103
113
|
token: BaseTokenAPI;
|
|
104
114
|
transactionManager: TM;
|
|
@@ -116,6 +126,7 @@ export interface OktaAuthOAuthInterface<M extends OAuthTransactionMeta = PKCETra
|
|
|
116
126
|
getIdToken(): string | undefined;
|
|
117
127
|
getAccessToken(): string | undefined;
|
|
118
128
|
getRefreshToken(): string | undefined;
|
|
129
|
+
getOrRenewAccessToken(): Promise<string | null>;
|
|
119
130
|
isAuthenticated(options?: IsAuthenticatedOptions): Promise<boolean>;
|
|
120
131
|
signOut(opts?: SignoutOptions): Promise<boolean>;
|
|
121
132
|
isLoginRedirect(): boolean;
|
|
@@ -125,4 +136,7 @@ export interface OktaAuthOAuthInterface<M extends OAuthTransactionMeta = PKCETra
|
|
|
125
136
|
signInWithRedirect(opts?: SigninWithRedirectOptions): Promise<void>;
|
|
126
137
|
revokeAccessToken(accessToken?: AccessToken): Promise<unknown>;
|
|
127
138
|
revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown>;
|
|
139
|
+
getDPoPAuthorizationHeaders(params: DPoPRequest): Promise<DPoPHeaders>;
|
|
140
|
+
clearDPoPStorage(clearAll: boolean): Promise<void>;
|
|
141
|
+
parseUseDPoPNonceError(headers: HeadersInit): string | null;
|
|
128
142
|
}
|