@okta/okta-auth-js 7.6.0 → 7.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +2 -0
- package/README.md +142 -0
- package/cjs/base/types.js.map +1 -1
- package/cjs/errors/OAuthError.js +9 -1
- package/cjs/errors/OAuthError.js.map +1 -1
- package/cjs/errors/WWWAuthError.js +98 -0
- package/cjs/errors/WWWAuthError.js.map +1 -0
- package/cjs/errors/index.js +14 -1
- package/cjs/errors/index.js.map +1 -1
- package/cjs/features.js +10 -1
- package/cjs/features.js.map +1 -1
- package/cjs/http/OktaUserAgent.js +2 -2
- package/cjs/http/request.js +24 -25
- package/cjs/http/request.js.map +1 -1
- package/cjs/idx/IdxTransactionManager.js +5 -0
- package/cjs/idx/IdxTransactionManager.js.map +1 -1
- package/cjs/idx/run.js +6 -3
- package/cjs/idx/run.js.map +1 -1
- package/cjs/idx/types/options.js.map +1 -1
- package/cjs/oidc/dpop.js +231 -0
- package/cjs/oidc/dpop.js.map +1 -0
- package/cjs/oidc/endpoints/token.js +77 -27
- package/cjs/oidc/endpoints/token.js.map +1 -1
- package/cjs/oidc/exchangeCodeForTokens.js +51 -28
- package/cjs/oidc/exchangeCodeForTokens.js.map +1 -1
- package/cjs/oidc/getUserInfo.js +32 -17
- package/cjs/oidc/getUserInfo.js.map +1 -1
- package/cjs/oidc/handleOAuthResponse.js +12 -0
- package/cjs/oidc/handleOAuthResponse.js.map +1 -1
- package/cjs/oidc/mixin/index.js +63 -2
- package/cjs/oidc/mixin/index.js.map +1 -1
- package/cjs/oidc/options/OAuthOptionsConstructor.js +2 -0
- package/cjs/oidc/options/OAuthOptionsConstructor.js.map +1 -1
- package/cjs/oidc/renewToken.js +4 -2
- package/cjs/oidc/renewToken.js.map +1 -1
- package/cjs/oidc/renewTokens.js +3 -1
- package/cjs/oidc/renewTokens.js.map +1 -1
- package/cjs/oidc/renewTokensWithRefresh.js +13 -2
- package/cjs/oidc/renewTokensWithRefresh.js.map +1 -1
- package/cjs/oidc/types/Token.js.map +1 -1
- package/cjs/oidc/types/api.js.map +1 -1
- package/cjs/oidc/types/options.js.map +1 -1
- package/cjs/oidc/util/defaultTokenParams.js +4 -2
- package/cjs/oidc/util/defaultTokenParams.js.map +1 -1
- package/cjs/oidc/util/prepareTokenParams.js +3 -0
- package/cjs/oidc/util/prepareTokenParams.js.map +1 -1
- package/dist/okta-auth-js.authn.min.analyzer.html +2 -2
- package/dist/okta-auth-js.authn.min.js +1 -1
- package/dist/okta-auth-js.authn.min.js.map +1 -1
- package/dist/okta-auth-js.core.min.analyzer.html +2 -2
- package/dist/okta-auth-js.core.min.js +1 -1
- package/dist/okta-auth-js.core.min.js.map +1 -1
- package/dist/okta-auth-js.idx.min.analyzer.html +2 -2
- package/dist/okta-auth-js.idx.min.js +1 -1
- package/dist/okta-auth-js.idx.min.js.map +1 -1
- package/dist/okta-auth-js.min.analyzer.html +2 -2
- package/dist/okta-auth-js.min.js +1 -1
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.myaccount.min.analyzer.html +2 -2
- package/dist/okta-auth-js.myaccount.min.js +1 -1
- package/dist/okta-auth-js.myaccount.min.js.map +1 -1
- package/esm/browser/authn/api.js +1 -0
- package/esm/browser/authn/api.js.map +1 -1
- package/esm/browser/authn/util/link2fn.js +1 -0
- package/esm/browser/authn/util/link2fn.js.map +1 -1
- package/esm/browser/authn/util/poll.js +1 -0
- package/esm/browser/authn/util/poll.js.map +1 -1
- package/esm/browser/browser/fingerprint.js +1 -0
- package/esm/browser/browser/fingerprint.js.map +1 -1
- package/esm/browser/core/AuthStateManager.js +1 -0
- package/esm/browser/core/AuthStateManager.js.map +1 -1
- package/esm/browser/core/options.js +1 -0
- package/esm/browser/core/options.js.map +1 -1
- package/esm/browser/crypto/base64.js +1 -0
- package/esm/browser/crypto/base64.js.map +1 -1
- package/esm/browser/errors/OAuthError.js +5 -1
- package/esm/browser/errors/OAuthError.js.map +1 -1
- package/esm/browser/errors/WWWAuthError.js +61 -0
- package/esm/browser/errors/WWWAuthError.js.map +1 -0
- package/esm/browser/errors/index.js +6 -1
- package/esm/browser/errors/index.js.map +1 -1
- package/esm/browser/exports/exports/authn.js +2 -1
- package/esm/browser/exports/exports/authn.js.map +1 -1
- package/esm/browser/exports/exports/core.js +2 -1
- package/esm/browser/exports/exports/core.js.map +1 -1
- package/esm/browser/exports/exports/default.js +2 -1
- package/esm/browser/exports/exports/default.js.map +1 -1
- package/esm/browser/exports/exports/idx.js +2 -1
- package/esm/browser/exports/exports/idx.js.map +1 -1
- package/esm/browser/exports/exports/myaccount.js +2 -1
- package/esm/browser/exports/exports/myaccount.js.map +1 -1
- package/esm/browser/features.js +12 -2
- package/esm/browser/features.js.map +1 -1
- package/esm/browser/http/OktaUserAgent.js +2 -2
- package/esm/browser/http/options.js +1 -0
- package/esm/browser/http/options.js.map +1 -1
- package/esm/browser/http/request.js +14 -25
- package/esm/browser/http/request.js.map +1 -1
- package/esm/browser/idx/IdxTransactionManager.js +4 -1
- package/esm/browser/idx/IdxTransactionManager.js.map +1 -1
- package/esm/browser/idx/cancel.js +1 -0
- package/esm/browser/idx/cancel.js.map +1 -1
- package/esm/browser/idx/factory/api.js +1 -0
- package/esm/browser/idx/factory/api.js.map +1 -1
- package/esm/browser/idx/flow/AccountUnlockFlow.js +1 -0
- package/esm/browser/idx/flow/AccountUnlockFlow.js.map +1 -1
- package/esm/browser/idx/flow/AuthenticationFlow.js +1 -0
- package/esm/browser/idx/flow/AuthenticationFlow.js.map +1 -1
- package/esm/browser/idx/flow/PasswordRecoveryFlow.js +1 -0
- package/esm/browser/idx/flow/PasswordRecoveryFlow.js.map +1 -1
- package/esm/browser/idx/flow/RegistrationFlow.js +1 -0
- package/esm/browser/idx/flow/RegistrationFlow.js.map +1 -1
- package/esm/browser/idx/handleInteractionCodeRedirect.js +1 -0
- package/esm/browser/idx/handleInteractionCodeRedirect.js.map +1 -1
- package/esm/browser/idx/idxState/v1/generateIdxAction.js +1 -0
- package/esm/browser/idx/idxState/v1/generateIdxAction.js.map +1 -1
- package/esm/browser/idx/idxState/v1/idxResponseParser.js +1 -0
- package/esm/browser/idx/idxState/v1/idxResponseParser.js.map +1 -1
- package/esm/browser/idx/interact.js +1 -0
- package/esm/browser/idx/interact.js.map +1 -1
- package/esm/browser/idx/proceed.js +1 -0
- package/esm/browser/idx/proceed.js.map +1 -1
- package/esm/browser/idx/recoverPassword.js +1 -0
- package/esm/browser/idx/recoverPassword.js.map +1 -1
- package/esm/browser/idx/register.js +1 -0
- package/esm/browser/idx/register.js.map +1 -1
- package/esm/browser/idx/remediate.js +1 -0
- package/esm/browser/idx/remediate.js.map +1 -1
- package/esm/browser/idx/remediators/GenericRemediator/util.js +2 -0
- package/esm/browser/idx/remediators/GenericRemediator/util.js.map +1 -1
- package/esm/browser/idx/run.js +3 -3
- package/esm/browser/idx/run.js.map +1 -1
- package/esm/browser/idx/transactionMeta.js +1 -0
- package/esm/browser/idx/transactionMeta.js.map +1 -1
- package/esm/browser/idx/unlockAccount.js +1 -0
- package/esm/browser/idx/unlockAccount.js.map +1 -1
- package/esm/browser/myaccount/request.js +1 -0
- package/esm/browser/myaccount/request.js.map +1 -1
- package/esm/browser/oidc/TokenManager.js +1 -0
- package/esm/browser/oidc/TokenManager.js.map +1 -1
- package/esm/browser/oidc/decodeToken.js +1 -0
- package/esm/browser/oidc/decodeToken.js.map +1 -1
- package/esm/browser/oidc/dpop.js +160 -0
- package/esm/browser/oidc/dpop.js.map +1 -0
- package/esm/browser/oidc/endpoints/authorize.js +1 -0
- package/esm/browser/oidc/endpoints/authorize.js.map +1 -1
- package/esm/browser/oidc/endpoints/token.js +57 -24
- package/esm/browser/oidc/endpoints/token.js.map +1 -1
- package/esm/browser/oidc/endpoints/well-known.js +1 -0
- package/esm/browser/oidc/endpoints/well-known.js.map +1 -1
- package/esm/browser/oidc/enrollAuthenticator.js +1 -0
- package/esm/browser/oidc/enrollAuthenticator.js.map +1 -1
- package/esm/browser/oidc/exchangeCodeForTokens.js +40 -25
- package/esm/browser/oidc/exchangeCodeForTokens.js.map +1 -1
- package/esm/browser/oidc/factory/api.js +1 -0
- package/esm/browser/oidc/factory/api.js.map +1 -1
- package/esm/browser/oidc/factory/baseApi.js +1 -0
- package/esm/browser/oidc/factory/baseApi.js.map +1 -1
- package/esm/browser/oidc/getToken.js +1 -0
- package/esm/browser/oidc/getToken.js.map +1 -1
- package/esm/browser/oidc/getUserInfo.js +22 -18
- package/esm/browser/oidc/getUserInfo.js.map +1 -1
- package/esm/browser/oidc/getWithPopup.js +1 -0
- package/esm/browser/oidc/getWithPopup.js.map +1 -1
- package/esm/browser/oidc/getWithRedirect.js +1 -0
- package/esm/browser/oidc/getWithRedirect.js.map +1 -1
- package/esm/browser/oidc/getWithoutPrompt.js +1 -0
- package/esm/browser/oidc/getWithoutPrompt.js.map +1 -1
- package/esm/browser/oidc/handleOAuthResponse.js +10 -0
- package/esm/browser/oidc/handleOAuthResponse.js.map +1 -1
- package/esm/browser/oidc/introspect.js +1 -0
- package/esm/browser/oidc/introspect.js.map +1 -1
- package/esm/browser/oidc/mixin/index.js +62 -2
- package/esm/browser/oidc/mixin/index.js.map +1 -1
- package/esm/browser/oidc/mixin/minimal.js +1 -0
- package/esm/browser/oidc/mixin/minimal.js.map +1 -1
- package/esm/browser/oidc/options/OAuthOptionsConstructor.js +1 -0
- package/esm/browser/oidc/options/OAuthOptionsConstructor.js.map +1 -1
- package/esm/browser/oidc/parseFromUrl.js +1 -0
- package/esm/browser/oidc/parseFromUrl.js.map +1 -1
- package/esm/browser/oidc/renewToken.js +4 -2
- package/esm/browser/oidc/renewToken.js.map +1 -1
- package/esm/browser/oidc/renewTokens.js +4 -1
- package/esm/browser/oidc/renewTokens.js.map +1 -1
- package/esm/browser/oidc/renewTokensWithRefresh.js +12 -5
- package/esm/browser/oidc/renewTokensWithRefresh.js.map +1 -1
- package/esm/browser/oidc/revokeToken.js +1 -0
- package/esm/browser/oidc/revokeToken.js.map +1 -1
- package/esm/browser/oidc/storage.js +1 -0
- package/esm/browser/oidc/storage.js.map +1 -1
- package/esm/browser/oidc/types/Token.js.map +1 -1
- package/esm/browser/oidc/util/browser.js +1 -0
- package/esm/browser/oidc/util/browser.js.map +1 -1
- package/esm/browser/oidc/util/defaultTokenParams.js +3 -2
- package/esm/browser/oidc/util/defaultTokenParams.js.map +1 -1
- package/esm/browser/oidc/util/prepareEnrollAuthenticatorParams.js +1 -0
- package/esm/browser/oidc/util/prepareEnrollAuthenticatorParams.js.map +1 -1
- package/esm/browser/oidc/util/prepareTokenParams.js +4 -0
- package/esm/browser/oidc/util/prepareTokenParams.js.map +1 -1
- package/esm/browser/oidc/util/validateToken.js +1 -0
- package/esm/browser/oidc/util/validateToken.js.map +1 -1
- package/esm/browser/oidc/verifyToken.js +1 -0
- package/esm/browser/oidc/verifyToken.js.map +1 -1
- package/esm/browser/package.json +1 -1
- package/esm/browser/services/AutoRenewService.js +1 -0
- package/esm/browser/services/AutoRenewService.js.map +1 -1
- package/esm/browser/services/SyncStorageService.js +1 -0
- package/esm/browser/services/SyncStorageService.js.map +1 -1
- package/esm/browser/session/api.js +1 -0
- package/esm/browser/session/api.js.map +1 -1
- package/esm/node/authn/api.js +1 -0
- package/esm/node/authn/api.js.map +1 -1
- package/esm/node/authn/util/link2fn.js +1 -0
- package/esm/node/authn/util/link2fn.js.map +1 -1
- package/esm/node/authn/util/poll.js +1 -0
- package/esm/node/authn/util/poll.js.map +1 -1
- package/esm/node/browser/fingerprint.js +1 -0
- package/esm/node/browser/fingerprint.js.map +1 -1
- package/esm/node/core/AuthStateManager.js +1 -0
- package/esm/node/core/AuthStateManager.js.map +1 -1
- package/esm/node/core/options.js +1 -0
- package/esm/node/core/options.js.map +1 -1
- package/esm/node/crypto/base64.js +1 -0
- package/esm/node/crypto/base64.js.map +1 -1
- package/esm/node/errors/OAuthError.js +5 -1
- package/esm/node/errors/OAuthError.js.map +1 -1
- package/esm/node/errors/WWWAuthError.js +61 -0
- package/esm/node/errors/WWWAuthError.js.map +1 -0
- package/esm/node/errors/index.js +6 -1
- package/esm/node/errors/index.js.map +1 -1
- package/esm/node/exports/exports/authn.js +2 -1
- package/esm/node/exports/exports/authn.js.map +1 -1
- package/esm/node/exports/exports/core.js +2 -1
- package/esm/node/exports/exports/core.js.map +1 -1
- package/esm/node/exports/exports/default.js +2 -1
- package/esm/node/exports/exports/default.js.map +1 -1
- package/esm/node/exports/exports/idx.js +2 -1
- package/esm/node/exports/exports/idx.js.map +1 -1
- package/esm/node/exports/exports/myaccount.js +2 -1
- package/esm/node/exports/exports/myaccount.js.map +1 -1
- package/esm/node/features.js +12 -2
- package/esm/node/features.js.map +1 -1
- package/esm/node/http/OktaUserAgent.js +2 -2
- package/esm/node/http/options.js +1 -0
- package/esm/node/http/options.js.map +1 -1
- package/esm/node/http/request.js +14 -25
- package/esm/node/http/request.js.map +1 -1
- package/esm/node/idx/IdxTransactionManager.js +4 -1
- package/esm/node/idx/IdxTransactionManager.js.map +1 -1
- package/esm/node/idx/cancel.js +1 -0
- package/esm/node/idx/cancel.js.map +1 -1
- package/esm/node/idx/factory/api.js +1 -0
- package/esm/node/idx/factory/api.js.map +1 -1
- package/esm/node/idx/flow/AccountUnlockFlow.js +1 -0
- package/esm/node/idx/flow/AccountUnlockFlow.js.map +1 -1
- package/esm/node/idx/flow/AuthenticationFlow.js +1 -0
- package/esm/node/idx/flow/AuthenticationFlow.js.map +1 -1
- package/esm/node/idx/flow/PasswordRecoveryFlow.js +1 -0
- package/esm/node/idx/flow/PasswordRecoveryFlow.js.map +1 -1
- package/esm/node/idx/flow/RegistrationFlow.js +1 -0
- package/esm/node/idx/flow/RegistrationFlow.js.map +1 -1
- package/esm/node/idx/handleInteractionCodeRedirect.js +1 -0
- package/esm/node/idx/handleInteractionCodeRedirect.js.map +1 -1
- package/esm/node/idx/idxState/v1/generateIdxAction.js +1 -0
- package/esm/node/idx/idxState/v1/generateIdxAction.js.map +1 -1
- package/esm/node/idx/idxState/v1/idxResponseParser.js +1 -0
- package/esm/node/idx/idxState/v1/idxResponseParser.js.map +1 -1
- package/esm/node/idx/interact.js +1 -0
- package/esm/node/idx/interact.js.map +1 -1
- package/esm/node/idx/proceed.js +1 -0
- package/esm/node/idx/proceed.js.map +1 -1
- package/esm/node/idx/recoverPassword.js +1 -0
- package/esm/node/idx/recoverPassword.js.map +1 -1
- package/esm/node/idx/register.js +1 -0
- package/esm/node/idx/register.js.map +1 -1
- package/esm/node/idx/remediate.js +1 -0
- package/esm/node/idx/remediate.js.map +1 -1
- package/esm/node/idx/remediators/GenericRemediator/util.js +2 -0
- package/esm/node/idx/remediators/GenericRemediator/util.js.map +1 -1
- package/esm/node/idx/run.js +3 -3
- package/esm/node/idx/run.js.map +1 -1
- package/esm/node/idx/transactionMeta.js +1 -0
- package/esm/node/idx/transactionMeta.js.map +1 -1
- package/esm/node/idx/unlockAccount.js +1 -0
- package/esm/node/idx/unlockAccount.js.map +1 -1
- package/esm/node/myaccount/request.js +1 -0
- package/esm/node/myaccount/request.js.map +1 -1
- package/esm/node/oidc/TokenManager.js +1 -0
- package/esm/node/oidc/TokenManager.js.map +1 -1
- package/esm/node/oidc/decodeToken.js +1 -0
- package/esm/node/oidc/decodeToken.js.map +1 -1
- package/esm/node/oidc/dpop.js +160 -0
- package/esm/node/oidc/dpop.js.map +1 -0
- package/esm/node/oidc/endpoints/authorize.js +1 -0
- package/esm/node/oidc/endpoints/authorize.js.map +1 -1
- package/esm/node/oidc/endpoints/token.js +57 -24
- package/esm/node/oidc/endpoints/token.js.map +1 -1
- package/esm/node/oidc/endpoints/well-known.js +1 -0
- package/esm/node/oidc/endpoints/well-known.js.map +1 -1
- package/esm/node/oidc/enrollAuthenticator.js +1 -0
- package/esm/node/oidc/enrollAuthenticator.js.map +1 -1
- package/esm/node/oidc/exchangeCodeForTokens.js +40 -25
- package/esm/node/oidc/exchangeCodeForTokens.js.map +1 -1
- package/esm/node/oidc/factory/api.js +1 -0
- package/esm/node/oidc/factory/api.js.map +1 -1
- package/esm/node/oidc/factory/baseApi.js +1 -0
- package/esm/node/oidc/factory/baseApi.js.map +1 -1
- package/esm/node/oidc/getToken.js +1 -0
- package/esm/node/oidc/getToken.js.map +1 -1
- package/esm/node/oidc/getUserInfo.js +22 -18
- package/esm/node/oidc/getUserInfo.js.map +1 -1
- package/esm/node/oidc/getWithPopup.js +1 -0
- package/esm/node/oidc/getWithPopup.js.map +1 -1
- package/esm/node/oidc/getWithRedirect.js +1 -0
- package/esm/node/oidc/getWithRedirect.js.map +1 -1
- package/esm/node/oidc/getWithoutPrompt.js +1 -0
- package/esm/node/oidc/getWithoutPrompt.js.map +1 -1
- package/esm/node/oidc/handleOAuthResponse.js +10 -0
- package/esm/node/oidc/handleOAuthResponse.js.map +1 -1
- package/esm/node/oidc/introspect.js +1 -0
- package/esm/node/oidc/introspect.js.map +1 -1
- package/esm/node/oidc/mixin/index.js +62 -2
- package/esm/node/oidc/mixin/index.js.map +1 -1
- package/esm/node/oidc/mixin/minimal.js +1 -0
- package/esm/node/oidc/mixin/minimal.js.map +1 -1
- package/esm/node/oidc/options/OAuthOptionsConstructor.js +1 -0
- package/esm/node/oidc/options/OAuthOptionsConstructor.js.map +1 -1
- package/esm/node/oidc/parseFromUrl.js +1 -0
- package/esm/node/oidc/parseFromUrl.js.map +1 -1
- package/esm/node/oidc/renewToken.js +4 -2
- package/esm/node/oidc/renewToken.js.map +1 -1
- package/esm/node/oidc/renewTokens.js +4 -1
- package/esm/node/oidc/renewTokens.js.map +1 -1
- package/esm/node/oidc/renewTokensWithRefresh.js +12 -5
- package/esm/node/oidc/renewTokensWithRefresh.js.map +1 -1
- package/esm/node/oidc/revokeToken.js +1 -0
- package/esm/node/oidc/revokeToken.js.map +1 -1
- package/esm/node/oidc/storage.js +1 -0
- package/esm/node/oidc/storage.js.map +1 -1
- package/esm/node/oidc/types/Token.js.map +1 -1
- package/esm/node/oidc/util/browser.js +1 -0
- package/esm/node/oidc/util/browser.js.map +1 -1
- package/esm/node/oidc/util/defaultTokenParams.js +3 -2
- package/esm/node/oidc/util/defaultTokenParams.js.map +1 -1
- package/esm/node/oidc/util/prepareEnrollAuthenticatorParams.js +1 -0
- package/esm/node/oidc/util/prepareEnrollAuthenticatorParams.js.map +1 -1
- package/esm/node/oidc/util/prepareTokenParams.js +4 -0
- package/esm/node/oidc/util/prepareTokenParams.js.map +1 -1
- package/esm/node/oidc/util/validateToken.js +1 -0
- package/esm/node/oidc/util/validateToken.js.map +1 -1
- package/esm/node/oidc/verifyToken.js +1 -0
- package/esm/node/oidc/verifyToken.js.map +1 -1
- package/esm/node/package.json +1 -1
- package/esm/node/server/serverStorage.js +1 -0
- package/esm/node/server/serverStorage.js.map +1 -1
- package/esm/node/session/api.js +1 -0
- package/esm/node/session/api.js.map +1 -1
- package/esm/node/storage/options/StorageOptionsConstructor.js +1 -0
- package/esm/node/storage/options/StorageOptionsConstructor.js.map +1 -1
- package/package.json +4 -3
- package/types/lib/base/types.d.ts +1 -0
- package/types/lib/core/options.d.ts +1 -0
- package/types/lib/errors/OAuthError.d.ts +3 -1
- package/types/lib/errors/WWWAuthError.d.ts +29 -0
- package/types/lib/errors/index.d.ts +3 -1
- package/types/lib/features.d.ts +1 -0
- package/types/lib/idx/options.d.ts +1 -0
- package/types/lib/idx/types/options.d.ts +1 -0
- package/types/lib/oidc/dpop.d.ts +35 -0
- package/types/lib/oidc/endpoints/token.d.ts +5 -2
- package/types/lib/oidc/options/OAuthOptionsConstructor.d.ts +1 -0
- package/types/lib/oidc/types/Token.d.ts +2 -0
- package/types/lib/oidc/types/api.d.ts +13 -0
- package/types/lib/oidc/types/options.d.ts +3 -0
- package/umd/authn.js +1 -1
- package/umd/authn.js.map +1 -1
- package/umd/core.js +1 -1
- package/umd/core.js.map +1 -1
- package/umd/default.js +1 -1
- package/umd/default.js.map +1 -1
- package/umd/idx.js +1 -1
- package/umd/idx.js.map +1 -1
- package/umd/myaccount.js +1 -1
- package/umd/myaccount.js.map +1 -1
|
@@ -15,7 +15,7 @@ import { isBrowser } from '../../features.js';
|
|
|
15
15
|
import { removeNils } from '../../util/object.js';
|
|
16
16
|
|
|
17
17
|
function getDefaultTokenParams(sdk) {
|
|
18
|
-
const { pkce, clientId, redirectUri, responseType, responseMode, scopes, acrValues, maxAge, state, ignoreSignature } = sdk.options;
|
|
18
|
+
const { pkce, clientId, redirectUri, responseType, responseMode, scopes, acrValues, maxAge, state, ignoreSignature, dpop } = sdk.options;
|
|
19
19
|
const defaultRedirectUri = isBrowser() ? window.location.href : undefined;
|
|
20
20
|
return removeNils({
|
|
21
21
|
pkce,
|
|
@@ -28,7 +28,8 @@ function getDefaultTokenParams(sdk) {
|
|
|
28
28
|
scopes: scopes || ['openid', 'email'],
|
|
29
29
|
acrValues,
|
|
30
30
|
maxAge,
|
|
31
|
-
ignoreSignature
|
|
31
|
+
ignoreSignature,
|
|
32
|
+
dpop,
|
|
32
33
|
});
|
|
33
34
|
}
|
|
34
35
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"defaultTokenParams.js","sources":["../../../../../lib/oidc/util/defaultTokenParams.ts"],"sourcesContent":["\n/* global window */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { generateNonce, generateState } from './oauth';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { isBrowser } from '../../features';\nimport { removeNils } from '../../util';\n\nexport function getDefaultTokenParams(sdk: OktaAuthOAuthInterface): TokenParams {\n const {\n pkce,\n clientId,\n redirectUri,\n responseType,\n responseMode,\n scopes,\n acrValues,\n maxAge,\n state,\n ignoreSignature\n } = sdk.options;\n const defaultRedirectUri = isBrowser() ? window.location.href : undefined;\n return removeNils({\n pkce,\n clientId,\n redirectUri: redirectUri || defaultRedirectUri,\n responseType: responseType || ['token', 'id_token'],\n responseMode,\n state: state || generateState(),\n nonce: generateNonce(),\n scopes: scopes || ['openid', 'email'],\n acrValues,\n maxAge,\n ignoreSignature
|
|
1
|
+
{"version":3,"file":"defaultTokenParams.js","sources":["../../../../../lib/oidc/util/defaultTokenParams.ts"],"sourcesContent":["\n/* global window */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { generateNonce, generateState } from './oauth';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { isBrowser } from '../../features';\nimport { removeNils } from '../../util';\n\nexport function getDefaultTokenParams(sdk: OktaAuthOAuthInterface): TokenParams {\n const {\n pkce,\n clientId,\n redirectUri,\n responseType,\n responseMode,\n scopes,\n acrValues,\n maxAge,\n state,\n ignoreSignature,\n dpop\n } = sdk.options;\n const defaultRedirectUri = isBrowser() ? window.location.href : undefined;\n return removeNils({\n pkce,\n clientId,\n redirectUri: redirectUri || defaultRedirectUri,\n responseType: responseType || ['token', 'id_token'],\n responseMode,\n state: state || generateState(),\n nonce: generateNonce(),\n scopes: scopes || ['openid', 'email'],\n acrValues,\n maxAge,\n ignoreSignature,\n dpop,\n });\n}"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAmBM,CAAU,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAqB,CAAC,CAAA,CAAA,CAA2B,CAAA,CAAA,CAAA;IAC/D,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACJ,CAAI,CAAA,CAAA,CAAA,CAAA,CACJ,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACR,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACX,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACZ,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACZ,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACN,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACT,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACN,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CACL,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACf,CAAI,CAAA,CAAA,CAAA,CAAA,CACL,CAAG,CAAA,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC;AAChB,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAkB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAE,CAAA,CAAA,CAAA,CAAG,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,SAAS,CAAC;AAC1E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,UAAU,CAAC,CAAA;QAChB,CAAI,CAAA,CAAA,CAAA,CAAA;QACJ,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QACR,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAkB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAC9C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,EAAE,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,UAAU,CAAC,CAAA;QACnD,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACZ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,aAAa,CAAE,CAAA,CAAA;CAC/B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAE,CAAA,CAAA;AACtB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,EAAE,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,OAAO,CAAC,CAAA;QACrC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QACT,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QACN,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QACf,CAAI,CAAA,CAAA,CAAA,CAAA;AACL,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AACL,CAAA;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prepareEnrollAuthenticatorParams.js","sources":["../../../../../lib/oidc/util/prepareEnrollAuthenticatorParams.ts"],"sourcesContent":["/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from '../types';\nimport { getDefaultEnrollAuthenticatorParams } from './defaultEnrollAuthenticatorParams';\n\nfunction prepareParams(\n params: EnrollAuthenticatorOptions\n): EnrollAuthenticatorOptions {\n params = {\n ...params,\n // forced params:\n responseType: 'none',\n prompt: 'enroll_authenticator',\n maxAge: 0,\n };\n\n if (!params.enrollAmrValues) {\n throw new AuthSdkError('enroll_amr_values must be specified');\n }\n if (!params.acrValues) {\n // `acr_values` is required and should equal 'urn:okta:2fa:any:ifpossible'\n // But this can be changed in future\n throw new AuthSdkError('acr_values must be specified');\n }\n\n // `scope`, `nonce` must be omitted\n delete params.scopes;\n delete params.nonce;\n\n return params;\n}\n\n// Prepares params for a call to /authorize\nexport function prepareEnrollAuthenticatorParams(\n sdk: OktaAuthOAuthInterface,\n options: EnrollAuthenticatorOptions\n): EnrollAuthenticatorOptions {\n return prepareParams({\n ...getDefaultEnrollAuthenticatorParams(sdk),\n ...options\n });\n}\n"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"prepareEnrollAuthenticatorParams.js","sources":["../../../../../lib/oidc/util/prepareEnrollAuthenticatorParams.ts"],"sourcesContent":["/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from '../types';\nimport { getDefaultEnrollAuthenticatorParams } from './defaultEnrollAuthenticatorParams';\n\nfunction prepareParams(\n params: EnrollAuthenticatorOptions\n): EnrollAuthenticatorOptions {\n params = {\n ...params,\n // forced params:\n responseType: 'none',\n prompt: 'enroll_authenticator',\n maxAge: 0,\n };\n\n if (!params.enrollAmrValues) {\n throw new AuthSdkError('enroll_amr_values must be specified');\n }\n if (!params.acrValues) {\n // `acr_values` is required and should equal 'urn:okta:2fa:any:ifpossible'\n // But this can be changed in future\n throw new AuthSdkError('acr_values must be specified');\n }\n\n // `scope`, `nonce` must be omitted\n delete params.scopes;\n delete params.nonce;\n\n return params;\n}\n\n// Prepares params for a call to /authorize\nexport function prepareEnrollAuthenticatorParams(\n sdk: OktaAuthOAuthInterface,\n options: EnrollAuthenticatorOptions\n): EnrollAuthenticatorOptions {\n return prepareParams({\n ...getDefaultEnrollAuthenticatorParams(sdk),\n ...options\n });\n}\n"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAiBA,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CACpB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAkC,CAAA,CAAA,CAAA;AAElC,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,gCACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA;QAET,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACpB,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAsB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAC9B,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC,CAAA,CAAA,CACV,CAAC;AAEF,CAAA,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAC,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,eAAe,CAAE,CAAA,CAAA;AAC3B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAqC,CAAC,CAAC;AAC/D,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAC,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,SAAS,CAAE,CAAA,CAAA;AAGrB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA8B,CAAC,CAAC;AACxD,CAAA,CAAA,CAAA,CAAA,CAAA;IAGD,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC;IACrB,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC;AAEpB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,MAAM,CAAC;AAChB,CAAC;AAGe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAC9C,CAA2B,CAAA,CAAA,CAAA,CAC3B,OAAmC,CAAA,CAAA,CAAA;CAEnC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,aAAa,gCACf,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmC,CAAC,CAAG,CAAA,CAAA,CAAC,CAAA,CACxC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CACV,CAAC;AACL,CAAA;;"}
|
|
@@ -12,6 +12,7 @@
|
|
|
12
12
|
|
|
13
13
|
import { getWellKnown } from '../endpoints/well-known.js';
|
|
14
14
|
import AuthSdkError from '../../errors/AuthSdkError.js';
|
|
15
|
+
import '../../errors/WWWAuthError.js';
|
|
15
16
|
import { getDefaultTokenParams } from './defaultTokenParams.js';
|
|
16
17
|
import { DEFAULT_CODE_CHALLENGE_METHOD } from '../../constants.js';
|
|
17
18
|
import PKCE from './pkce.js';
|
|
@@ -55,6 +56,9 @@ async function preparePKCE(sdk, tokenParams) {
|
|
|
55
56
|
async function prepareTokenParams(sdk, tokenParams = {}) {
|
|
56
57
|
const defaults = getDefaultTokenParams(sdk);
|
|
57
58
|
tokenParams = Object.assign(Object.assign({}, defaults), tokenParams);
|
|
59
|
+
if (tokenParams.dpop && !sdk.features.isDPoPSupported()) {
|
|
60
|
+
throw new AuthSdkError('DPoP has been configured, but is not supported by browser');
|
|
61
|
+
}
|
|
58
62
|
if (tokenParams.pkce === false) {
|
|
59
63
|
return tokenParams;
|
|
60
64
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prepareTokenParams.js","sources":["../../../../../lib/oidc/util/prepareTokenParams.ts"],"sourcesContent":["/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown } from '../endpoints/well-known';\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { getDefaultTokenParams } from './defaultTokenParams';\nimport { DEFAULT_CODE_CHALLENGE_METHOD } from '../../constants';\nimport PKCE from './pkce';\nimport { OktaAuthBaseInterface } from '../../base/types';\n\nexport function assertPKCESupport(sdk: OktaAuthBaseInterface) {\n if (!sdk.features.isPKCESupported()) {\n var errorMessage = 'PKCE requires a modern browser with encryption support running in a secure context.';\n if (!sdk.features.isHTTPS()) {\n // eslint-disable-next-line max-len\n errorMessage += '\\nThe current page is not being served with HTTPS protocol. PKCE requires secure HTTPS protocol.';\n }\n if (!sdk.features.hasTextEncoder()) {\n // eslint-disable-next-line max-len\n errorMessage += '\\n\"TextEncoder\" is not defined. To use PKCE, you may need to include a polyfill/shim for this browser.';\n }\n throw new AuthSdkError(errorMessage);\n }\n}\n\nexport async function validateCodeChallengeMethod(sdk: OktaAuthOAuthInterface, codeChallengeMethod?: string) {\n // set default code challenge method, if none provided\n codeChallengeMethod = codeChallengeMethod || sdk.options.codeChallengeMethod || DEFAULT_CODE_CHALLENGE_METHOD;\n\n // validate against .well-known/openid-configuration\n const wellKnownResponse = await getWellKnown(sdk);\n var methods = wellKnownResponse['code_challenge_methods_supported'] || [];\n if (methods.indexOf(codeChallengeMethod) === -1) {\n throw new AuthSdkError('Invalid code_challenge_method');\n }\n return codeChallengeMethod;\n}\n\nexport async function preparePKCE(\n sdk: OktaAuthOAuthInterface, \n tokenParams: TokenParams\n): Promise<TokenParams> {\n let {\n codeVerifier,\n codeChallenge,\n codeChallengeMethod\n } = tokenParams;\n\n // PKCE calculations can be avoided by passing a codeChallenge\n codeChallenge = codeChallenge || sdk.options.codeChallenge;\n if (!codeChallenge) {\n assertPKCESupport(sdk);\n codeVerifier = codeVerifier || PKCE.generateVerifier();\n codeChallenge = await PKCE.computeChallenge(codeVerifier);\n }\n codeChallengeMethod = await validateCodeChallengeMethod(sdk, codeChallengeMethod);\n\n // Clone/copy the params. Set PKCE values\n tokenParams = {\n ...tokenParams,\n responseType: 'code', // responseType is forced\n codeVerifier,\n codeChallenge,\n codeChallengeMethod\n };\n\n return tokenParams;\n}\n\n// Prepares params for a call to /authorize or /token\nexport async function prepareTokenParams(\n sdk: OktaAuthOAuthInterface,\n tokenParams: TokenParams = {}\n): Promise<TokenParams> {\n // build params using defaults + options\n const defaults = getDefaultTokenParams(sdk);\n tokenParams = { ...defaults, ...tokenParams };\n\n if (tokenParams.pkce === false) {\n // Implicit flow or authorization_code without PKCE\n return tokenParams;\n }\n\n return preparePKCE(sdk, tokenParams);\n}"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAqBM,CAAU,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiB,CAAC,CAAA,CAAA,CAA0B,CAAA,CAAA,CAAA;AAC1D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAG,CAAA,CAAA,CAAC,QAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,EAAE,CAAE,CAAA,CAAA;QACnC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAqF,CAAC;AACzG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAG,CAAA,CAAA,CAAC,QAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,EAAE,CAAE,CAAA,CAAA;CAE3B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAkG,CAAC;AACpH,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAG,CAAA,CAAA,CAAC,QAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,EAAE,CAAE,CAAA,CAAA;CAElC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAwG,CAAC;AAC1H,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAC;AACtC,CAAA,CAAA,CAAA,CAAA,CAAA;AACH,CAAC;AAEM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAA2B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAA2B,CAAA,CAAA,CAAA,CAAE,mBAA4B,CAAA,CAAA,CAAA;CAEzG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA6B,CAAC;AAG9G,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,iBAAiB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,YAAY,CAAC,CAAA,CAAA,CAAG,CAAC,CAAC;CAClD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,OAAO,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiB,CAAC,CAAkC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC;CAC1E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,mBAAmB,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAC,CAAE,CAAA,CAAA;AAC/C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA+B,CAAC,CAAC;AACzD,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,mBAAmB,CAAC;AAC7B,CAAC;AAEM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAC/B,CAA2B,CAAA,CAAA,CAAA,CAC3B,WAAwB,CAAA,CAAA,CAAA;CAExB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CACF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CACZ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,EACb,CAAmB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACpB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC;CAGhB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,GAAG,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,GAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC;CAC3D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAE,CAAA,CAAA;QAClB,CAAiB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAC,CAAC;AACvB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,GAAG,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,IAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,EAAE,CAAC;CACvD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,GAAG,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAC3D,CAAA,CAAA,CAAA,CAAA,CAAA;CACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,GAAG,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA2B,CAAC,CAAG,CAAA,CAAA,CAAA,CAAE,CAAmB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAGlF,CAAA,CAAA,CAAA,CAAA,WAAW,mCACN,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,EAAA,CACd,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,EAAE,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QACpB,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QACZ,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACb,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,GACpB,CAAC;AAEF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,WAAW,CAAC;AACrB,CAAC;AAGM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,kBAAkB,CACtC,CAAA,CAAA,CAA2B,EAC3B,cAA2B,EAAE,CAAA,CAAA,CAAA;AAG7B,CAAA,CAAA,CAAA,CAAA,MAAM,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,qBAAqB,CAAC,CAAA,CAAA,CAAG,CAAC,CAAC;AAC5C,CAAA,CAAA,CAAA,CAAA,WAAW,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,EAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAE,CAAC;AAE9C,CAAA,CAAA,CAAA,CAAA,IAAI,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,KAAK,CAAE,CAAA,CAAA;AAE9B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,WAAW,CAAC;AACpB,CAAA,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,OAAO,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,GAAG,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAC;AACvC,CAAA;;"}
|
|
1
|
+
{"version":3,"file":"prepareTokenParams.js","sources":["../../../../../lib/oidc/util/prepareTokenParams.ts"],"sourcesContent":["/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown } from '../endpoints/well-known';\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { getDefaultTokenParams } from './defaultTokenParams';\nimport { DEFAULT_CODE_CHALLENGE_METHOD } from '../../constants';\nimport PKCE from './pkce';\nimport { OktaAuthBaseInterface } from '../../base/types';\n\nexport function assertPKCESupport(sdk: OktaAuthBaseInterface) {\n if (!sdk.features.isPKCESupported()) {\n var errorMessage = 'PKCE requires a modern browser with encryption support running in a secure context.';\n if (!sdk.features.isHTTPS()) {\n // eslint-disable-next-line max-len\n errorMessage += '\\nThe current page is not being served with HTTPS protocol. PKCE requires secure HTTPS protocol.';\n }\n if (!sdk.features.hasTextEncoder()) {\n // eslint-disable-next-line max-len\n errorMessage += '\\n\"TextEncoder\" is not defined. To use PKCE, you may need to include a polyfill/shim for this browser.';\n }\n throw new AuthSdkError(errorMessage);\n }\n}\n\nexport async function validateCodeChallengeMethod(sdk: OktaAuthOAuthInterface, codeChallengeMethod?: string) {\n // set default code challenge method, if none provided\n codeChallengeMethod = codeChallengeMethod || sdk.options.codeChallengeMethod || DEFAULT_CODE_CHALLENGE_METHOD;\n\n // validate against .well-known/openid-configuration\n const wellKnownResponse = await getWellKnown(sdk);\n var methods = wellKnownResponse['code_challenge_methods_supported'] || [];\n if (methods.indexOf(codeChallengeMethod) === -1) {\n throw new AuthSdkError('Invalid code_challenge_method');\n }\n return codeChallengeMethod;\n}\n\nexport async function preparePKCE(\n sdk: OktaAuthOAuthInterface, \n tokenParams: TokenParams\n): Promise<TokenParams> {\n let {\n codeVerifier,\n codeChallenge,\n codeChallengeMethod\n } = tokenParams;\n\n // PKCE calculations can be avoided by passing a codeChallenge\n codeChallenge = codeChallenge || sdk.options.codeChallenge;\n if (!codeChallenge) {\n assertPKCESupport(sdk);\n codeVerifier = codeVerifier || PKCE.generateVerifier();\n codeChallenge = await PKCE.computeChallenge(codeVerifier);\n }\n codeChallengeMethod = await validateCodeChallengeMethod(sdk, codeChallengeMethod);\n\n // Clone/copy the params. Set PKCE values\n tokenParams = {\n ...tokenParams,\n responseType: 'code', // responseType is forced\n codeVerifier,\n codeChallenge,\n codeChallengeMethod\n };\n\n return tokenParams;\n}\n\n// Prepares params for a call to /authorize or /token\nexport async function prepareTokenParams(\n sdk: OktaAuthOAuthInterface,\n tokenParams: TokenParams = {}\n): Promise<TokenParams> {\n // build params using defaults + options\n const defaults = getDefaultTokenParams(sdk);\n tokenParams = { ...defaults, ...tokenParams };\n\n if (tokenParams.dpop && !sdk.features.isDPoPSupported()) {\n throw new AuthSdkError('DPoP has been configured, but is not supported by browser');\n }\n\n if (tokenParams.pkce === false) {\n // Implicit flow or authorization_code without PKCE\n return tokenParams;\n }\n\n return preparePKCE(sdk, tokenParams);\n}"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAqBM,CAAU,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiB,CAAC,CAAA,CAAA,CAA0B,CAAA,CAAA,CAAA;AAC1D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAG,CAAA,CAAA,CAAC,QAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,EAAE,CAAE,CAAA,CAAA;QACnC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAqF,CAAC;AACzG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAG,CAAA,CAAA,CAAC,QAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,EAAE,CAAE,CAAA,CAAA;CAE3B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAkG,CAAC;AACpH,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAG,CAAA,CAAA,CAAC,QAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,EAAE,CAAE,CAAA,CAAA;CAElC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAwG,CAAC;AAC1H,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAC;AACtC,CAAA,CAAA,CAAA,CAAA,CAAA;AACH,CAAC;AAEM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAA2B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAA2B,CAAA,CAAA,CAAA,CAAE,mBAA4B,CAAA,CAAA,CAAA;CAEzG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA6B,CAAC;AAG9G,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,iBAAiB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,YAAY,CAAC,CAAA,CAAA,CAAG,CAAC,CAAC;CAClD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,OAAO,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiB,CAAC,CAAkC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC;CAC1E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,mBAAmB,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAC,CAAE,CAAA,CAAA;AAC/C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA+B,CAAC,CAAC;AACzD,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,mBAAmB,CAAC;AAC7B,CAAC;AAEM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAC/B,CAA2B,CAAA,CAAA,CAAA,CAC3B,WAAwB,CAAA,CAAA,CAAA;CAExB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CACF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CACZ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,EACb,CAAmB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACpB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC;CAGhB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,GAAG,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,GAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC;CAC3D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAE,CAAA,CAAA;QAClB,CAAiB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAC,CAAC;AACvB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,GAAG,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,IAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,EAAE,CAAC;CACvD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,GAAG,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAC3D,CAAA,CAAA,CAAA,CAAA,CAAA;CACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,GAAG,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA2B,CAAC,CAAG,CAAA,CAAA,CAAA,CAAE,CAAmB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAGlF,CAAA,CAAA,CAAA,CAAA,WAAW,mCACN,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,EAAA,CACd,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,EAAE,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QACpB,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QACZ,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACb,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,GACpB,CAAC;AAEF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,WAAW,CAAC;AACrB,CAAC;AAGM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,kBAAkB,CACtC,CAAA,CAAA,CAA2B,EAC3B,cAA2B,EAAE,CAAA,CAAA,CAAA;AAG7B,CAAA,CAAA,CAAA,CAAA,MAAM,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,qBAAqB,CAAC,CAAA,CAAA,CAAG,CAAC,CAAC;AAC5C,CAAA,CAAA,CAAA,CAAA,WAAW,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,EAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAE,CAAC;IAE9C,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAA,CAAA,CAAA,CAAI,CAAI,CAAA,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAC,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAE,CAAA,CAAA;AACvD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA2D,CAAC,CAAC;AACrF,CAAA,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,IAAI,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,KAAK,CAAE,CAAA,CAAA;AAE9B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,WAAW,CAAC;AACpB,CAAA,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,OAAO,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,GAAG,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAC;AACvC,CAAA;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validateToken.js","sources":["../../../../../lib/oidc/util/validateToken.ts"],"sourcesContent":["/* eslint-disable complexity */\n\nimport { AuthSdkError } from '../../errors';\nimport { isAccessToken, isIDToken, isRefreshToken, Token, TokenType } from '../../oidc/types';\n\nexport function validateToken(token: Token, type?: TokenType) {\n if (!isIDToken(token) && !isAccessToken(token) && !isRefreshToken(token)) {\n throw new AuthSdkError(\n 'Token must be an Object with scopes, expiresAt, and one of: an idToken, accessToken, or refreshToken property'\n );\n }\n \n if (type === 'accessToken' && !isAccessToken(token)) {\n throw new AuthSdkError('invalid accessToken');\n } \n if (type === 'idToken' && !isIDToken(token)) {\n throw new AuthSdkError('invalid idToken');\n }\n\n if (type === 'refreshToken' && !isRefreshToken(token)) {\n throw new AuthSdkError('invalid refreshToken');\n }\n}"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"validateToken.js","sources":["../../../../../lib/oidc/util/validateToken.ts"],"sourcesContent":["/* eslint-disable complexity */\n\nimport { AuthSdkError } from '../../errors';\nimport { isAccessToken, isIDToken, isRefreshToken, Token, TokenType } from '../../oidc/types';\n\nexport function validateToken(token: Token, type?: TokenType) {\n if (!isIDToken(token) && !isAccessToken(token) && !isRefreshToken(token)) {\n throw new AuthSdkError(\n 'Token must be an Object with scopes, expiresAt, and one of: an idToken, accessToken, or refreshToken property'\n );\n }\n \n if (type === 'accessToken' && !isAccessToken(token)) {\n throw new AuthSdkError('invalid accessToken');\n } \n if (type === 'idToken' && !isIDToken(token)) {\n throw new AuthSdkError('invalid idToken');\n }\n\n if (type === 'refreshToken' && !isRefreshToken(token)) {\n throw new AuthSdkError('invalid refreshToken');\n }\n}"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAKgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,IAAgB,CAAA,CAAA,CAAA;AAC1D,CAAA,CAAA,CAAA,CAAA,IAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,IAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAI,CAAA,CAAA,CAAA,CAAC,cAAc,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAE,CAAA,CAAA;AACxE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CACpB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA+G,CAChH,CAAC;AACH,CAAA,CAAA,CAAA,CAAA,CAAA;CAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAE,CAAA,CAAA;AACnD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAqB,CAAC,CAAC;AAC/C,CAAA,CAAA,CAAA,CAAA,CAAA;CACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAE,CAAA,CAAA;AAC3C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiB,CAAC,CAAC;AAC3C,CAAA,CAAA,CAAA,CAAA,CAAA;CAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAc,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAc,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAE,CAAA,CAAA;AACrD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAsB,CAAC,CAAC;AAChD,CAAA,CAAA,CAAA,CAAA,CAAA;AACH,CAAA;;"}
|
|
@@ -12,6 +12,7 @@
|
|
|
12
12
|
|
|
13
13
|
import { getWellKnown, getKey } from './endpoints/well-known.js';
|
|
14
14
|
import AuthSdkError from '../errors/AuthSdkError.js';
|
|
15
|
+
import '../errors/WWWAuthError.js';
|
|
15
16
|
import '../crypto/node.js';
|
|
16
17
|
import { getOidcHash } from '../crypto/oidcHash.js';
|
|
17
18
|
import { verifyToken as verifyToken$1 } from '../crypto/verifyToken.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyToken.js","sources":["../../../../lib/oidc/verifyToken.ts"],"sourcesContent":["/* eslint-disable max-len */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown, getKey } from './endpoints/well-known';\nimport { validateClaims } from './util';\nimport { AuthSdkError } from '../errors';\nimport { IDToken, OktaAuthOAuthInterface, TokenVerifyParams } from '../oidc/types';\nimport { decodeToken } from './decodeToken';\nimport * as sdkCrypto from '../crypto';\n\n// Verify the id token\nexport async function verifyToken(sdk: OktaAuthOAuthInterface, token: IDToken, validationParams: TokenVerifyParams): Promise<IDToken> {\n if (!token || !token.idToken) {\n throw new AuthSdkError('Only idTokens may be verified');\n }\n\n // Decode the Jwt object (may throw)\n const jwt = decodeToken(token.idToken);\n\n // The configured issuer may point to a frontend proxy.\n // Get the \"real\" issuer from .well-known/openid-configuration\n const configuredIssuer = validationParams?.issuer || sdk.options.issuer;\n const { issuer } = await getWellKnown(sdk, configuredIssuer);\n\n const validationOptions: TokenVerifyParams = Object.assign({\n // base options, can be overridden by params\n clientId: sdk.options.clientId,\n ignoreSignature: sdk.options.ignoreSignature\n }, validationParams, {\n // final options, cannot be overridden\n issuer\n });\n\n // Standard claim validation (may throw)\n validateClaims(sdk, jwt.payload, validationOptions);\n\n // If the browser doesn't support native crypto or we choose not\n // to verify the signature, bail early\n if (validationOptions.ignoreSignature == true || !sdk.features.isTokenVerifySupported()) {\n return token;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const key = await getKey(sdk, token.issuer, jwt.header.kid!);\n const valid = await sdkCrypto.verifyToken(token.idToken, key);\n if (!valid) {\n throw new AuthSdkError('The token signature is not valid');\n }\n if (validationParams && validationParams.accessToken && token.claims.at_hash) {\n const hash = await sdkCrypto.getOidcHash(validationParams.accessToken);\n if (hash !== token.claims.at_hash) {\n throw new AuthSdkError('Token hash verification failed');\n }\n }\n return token;\n}\n"],"names":["sdkCrypto.verifyToken","sdkCrypto.getOidcHash"],"mappings":"
|
|
1
|
+
{"version":3,"file":"verifyToken.js","sources":["../../../../lib/oidc/verifyToken.ts"],"sourcesContent":["/* eslint-disable max-len */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown, getKey } from './endpoints/well-known';\nimport { validateClaims } from './util';\nimport { AuthSdkError } from '../errors';\nimport { IDToken, OktaAuthOAuthInterface, TokenVerifyParams } from '../oidc/types';\nimport { decodeToken } from './decodeToken';\nimport * as sdkCrypto from '../crypto';\n\n// Verify the id token\nexport async function verifyToken(sdk: OktaAuthOAuthInterface, token: IDToken, validationParams: TokenVerifyParams): Promise<IDToken> {\n if (!token || !token.idToken) {\n throw new AuthSdkError('Only idTokens may be verified');\n }\n\n // Decode the Jwt object (may throw)\n const jwt = decodeToken(token.idToken);\n\n // The configured issuer may point to a frontend proxy.\n // Get the \"real\" issuer from .well-known/openid-configuration\n const configuredIssuer = validationParams?.issuer || sdk.options.issuer;\n const { issuer } = await getWellKnown(sdk, configuredIssuer);\n\n const validationOptions: TokenVerifyParams = Object.assign({\n // base options, can be overridden by params\n clientId: sdk.options.clientId,\n ignoreSignature: sdk.options.ignoreSignature\n }, validationParams, {\n // final options, cannot be overridden\n issuer\n });\n\n // Standard claim validation (may throw)\n validateClaims(sdk, jwt.payload, validationOptions);\n\n // If the browser doesn't support native crypto or we choose not\n // to verify the signature, bail early\n if (validationOptions.ignoreSignature == true || !sdk.features.isTokenVerifySupported()) {\n return token;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const key = await getKey(sdk, token.issuer, jwt.header.kid!);\n const valid = await sdkCrypto.verifyToken(token.idToken, key);\n if (!valid) {\n throw new AuthSdkError('The token signature is not valid');\n }\n if (validationParams && validationParams.accessToken && token.claims.at_hash) {\n const hash = await sdkCrypto.getOidcHash(validationParams.accessToken);\n if (hash !== token.claims.at_hash) {\n throw new AuthSdkError('Token hash verification failed');\n }\n }\n return token;\n}\n"],"names":["sdkCrypto.verifyToken","sdkCrypto.getOidcHash"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAsBO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,WAAW,CAAC,CAAA,CAAA,CAA2B,EAAE,CAAc,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,gBAAmC,CAAA,CAAA,CAAA;AAChH,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,OAAO,CAAE,CAAA,CAAA;AAC5B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA+B,CAAC,CAAC;AACzD,CAAA,CAAA,CAAA,CAAA,CAAA;CAGD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,GAAG,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAIvC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,KAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAhB,CAAgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAhB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,GAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC;IACxE,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAA,CAAE,CAAgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAE7D,CAAA,CAAA,CAAA,CAAA,MAAM,CAAiB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAsB,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,MAAM,CAAC,CAAA;AAEzD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,QAAQ,CAAE,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAC9B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,eAAe,CAAE,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAC7C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,gBAAgB,CAAE,CAAA,CAAA;QAEnB,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA;AACP,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;CAGH,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,CAAC,CAAA,CAAA,CAAG,CAAE,CAAA,CAAA,CAAA,CAAG,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAiB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAIpD,CAAA,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiB,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,IAAI,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAsB,EAAE,CAAE,CAAA,CAAA;AACvF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,KAAK,CAAC;AACd,CAAA,CAAA,CAAA,CAAA,CAAA;AAGD,CAAA,CAAA,CAAA,CAAA,MAAM,CAAG,CAAA,CAAA,CAAA,CAAA,CAAG,MAAM,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,GAAG,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,EAAE,CAAG,CAAA,CAAA,CAAC,MAAM,CAAC,CAAA,CAAA,CAAI,CAAC,CAAC;AAC7D,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAMA,CAAqB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAG,CAAA,CAAA,CAAC,CAAC;CAC9D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAE,CAAA,CAAA;AACV,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAkC,CAAC,CAAC;AAC5D,CAAA,CAAA,CAAA,CAAA,CAAA;IACD,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAE,CAAA,CAAA;CAC5E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAMC,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAqB,CAAC,CAAgB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AACvE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,IAAI,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,OAAO,CAAE,CAAA,CAAA;AACjC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgC,CAAC,CAAC;AAC1D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACF,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,KAAK,CAAC;AACf,CAAA;;"}
|
package/esm/node/package.json
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"serverStorage.js","sources":["../../../../lib/server/serverStorage.ts"],"sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport NodeCache from 'node-cache';\nimport { SimpleStorage, StorageType, StorageUtil, Cookies } from '../storage/types';\nimport { AuthSdkError } from '../errors';\n// eslint-disable-next-line import/no-commonjs\n\n// this is a SHARED memory storage to support a stateless http server\nconst sharedStorage = typeof NodeCache === 'function' ? new NodeCache() : null;\n\nclass ServerCookies implements Cookies {\n nodeCache: any; // NodeCache\n \n constructor(nodeCache) {\n this.nodeCache = nodeCache;\n }\n\n set(name: string, value: string, expiresAt: string): string {\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Time to expiration in seconds\n var ttl = (Date.parse(expiresAt) - Date.now()) / 1000;\n this.nodeCache.set(name, value, ttl);\n } else {\n this.nodeCache.set(name, value);\n }\n\n return this.get(name);\n }\n\n get(name): string {\n return this.nodeCache.get(name);\n }\n\n delete(name) {\n return this.nodeCache.del(name);\n }\n}\n// Building this as an object allows us to mock the functions in our tests\nclass ServerStorage implements StorageUtil {\n nodeCache: any; // NodeCache\n storage: Cookies;\n constructor(nodeCache) {\n this.nodeCache = nodeCache;\n this.storage = new ServerCookies(nodeCache);\n }\n\n testStorageType(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'memory':\n supported = true;\n break;\n default:\n break;\n }\n return supported;\n }\n\n getStorageByType(storageType: StorageType): SimpleStorage {\n let storageProvider;\n switch (storageType) {\n case 'memory':\n storageProvider = this.getStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n }\n\n findStorageType(): StorageType {\n return 'memory';\n }\n\n // shared in-memory using node cache\n getStorage(): SimpleStorage {\n return {\n getItem: this.nodeCache.get,\n setItem: (key, value) => {\n this.nodeCache.set(key, value, '2200-01-01T00:00:00.000Z');\n },\n };\n }\n}\n\nexport default new ServerStorage(sharedStorage);\n"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"serverStorage.js","sources":["../../../../lib/server/serverStorage.ts"],"sourcesContent":["/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport NodeCache from 'node-cache';\nimport { SimpleStorage, StorageType, StorageUtil, Cookies } from '../storage/types';\nimport { AuthSdkError } from '../errors';\n// eslint-disable-next-line import/no-commonjs\n\n// this is a SHARED memory storage to support a stateless http server\nconst sharedStorage = typeof NodeCache === 'function' ? new NodeCache() : null;\n\nclass ServerCookies implements Cookies {\n nodeCache: any; // NodeCache\n \n constructor(nodeCache) {\n this.nodeCache = nodeCache;\n }\n\n set(name: string, value: string, expiresAt: string): string {\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Time to expiration in seconds\n var ttl = (Date.parse(expiresAt) - Date.now()) / 1000;\n this.nodeCache.set(name, value, ttl);\n } else {\n this.nodeCache.set(name, value);\n }\n\n return this.get(name);\n }\n\n get(name): string {\n return this.nodeCache.get(name);\n }\n\n delete(name) {\n return this.nodeCache.del(name);\n }\n}\n// Building this as an object allows us to mock the functions in our tests\nclass ServerStorage implements StorageUtil {\n nodeCache: any; // NodeCache\n storage: Cookies;\n constructor(nodeCache) {\n this.nodeCache = nodeCache;\n this.storage = new ServerCookies(nodeCache);\n }\n\n testStorageType(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'memory':\n supported = true;\n break;\n default:\n break;\n }\n return supported;\n }\n\n getStorageByType(storageType: StorageType): SimpleStorage {\n let storageProvider;\n switch (storageType) {\n case 'memory':\n storageProvider = this.getStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n }\n\n findStorageType(): StorageType {\n return 'memory';\n }\n\n // shared in-memory using node cache\n getStorage(): SimpleStorage {\n return {\n getItem: this.nodeCache.get,\n setItem: (key, value) => {\n this.nodeCache.set(key, value, '2200-01-01T00:00:00.000Z');\n },\n };\n }\n}\n\nexport default new ServerStorage(sharedStorage);\n"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAsBA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC;AAE/E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,aAAa,CAAA,CAAA;AAGjB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAA,CAAA,CAAA;AACnB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,SAAS,CAAC;CAC5B,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,GAAG,CAAC,CAAA,CAAA,CAAA,CAAY,EAAE,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,SAAiB,CAAA,CAAA,CAAA;CAEhD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAE,CAAI,CAAA,CAAA,CAAA,CAAC,KAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,CAAC,CAAE,CAAA,CAAA;AAE7B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,IAAI,CAAG,CAAA,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAI,CAAC,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,GAAG,CAAI,CAAA,CAAA,CAAA,CAAC,GAAG,CAAE,CAAA,CAAA,CAAA,CAAA,CAAI,IAAI,CAAC;YACtD,CAAI,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAG,CAAA,CAAA,CAAC,CAAC;AACtC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;CACL,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,CAAA,CAAA,CAAG,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AACjC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAI,CAAA,CAAA,CAAA,CAAC,GAAG,CAAC,CAAA,CAAA,CAAA,CAAI,CAAC,CAAC;CACvB,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA;CACN,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,IAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,CAAG,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAC,CAAC;CACjC,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA;CACT,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,IAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,CAAG,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAC,CAAC;CACjC,CAAA,CAAA,CAAA,CAAA;AACF,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,aAAa,CAAA,CAAA;AAGjB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAA,CAAA,CAAA;AACnB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,SAAS,CAAC;CAC3B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,IAAI,CAAa,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;CAC7C,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAwB,CAAA,CAAA,CAAA;QACtC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC;AACtB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,QAAQ,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACjB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,KAAK,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;CACX,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC;gBACjB,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA;AAGT,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,SAAS,CAAC;CAClB,CAAA,CAAA,CAAA,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAwB,CAAA,CAAA,CAAA;AACvC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,eAAe,CAAC;AACpB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,QAAQ,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACjB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,KAAK,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACX,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,eAAe,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,EAAE,CAAC;gBACpC,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA;AACR,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,gCAAgC,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC,CAAC;AAEzE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,eAAe,CAAC;CACxB,CAAA,CAAA,CAAA,CAAA;IAED,eAAe,CAAA,CAAA,CAAA,CAAA;AACb,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,QAAQ,CAAC;CACjB,CAAA,CAAA,CAAA,CAAA;IAGD,UAAU,CAAA,CAAA,CAAA,CAAA;QACR,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACL,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAE,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,CAAG,CAAA,CAAA,CAAA;AAC3B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAE,CAAA,CAAC,CAAG,CAAA,CAAA,CAAA,CAAE,KAAK,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA;gBACtB,CAAI,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAC,CAAG,CAAA,CAAA,CAAA,CAAE,CAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAA0B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;CAC5D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;SACF,CAAC;CACH,CAAA,CAAA,CAAA,CAAA;AACF,CAAA;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA;;"}
|
package/esm/node/session/api.js
CHANGED
|
@@ -12,6 +12,7 @@
|
|
|
12
12
|
|
|
13
13
|
import { omit, getLink } from '../util/object.js';
|
|
14
14
|
import { toQueryString } from '../util/url.js';
|
|
15
|
+
import '../errors/WWWAuthError.js';
|
|
15
16
|
import '../crypto/node.js';
|
|
16
17
|
import { get, post, httpRequest } from '../http/request.js';
|
|
17
18
|
import 'tiny-emitter';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"api.js","sources":["../../../../lib/session/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window */\nimport { omit, getLink, toQueryString } from '../util';\nimport { get, post, httpRequest } from '../http';\n\nfunction sessionExists(sdk) {\n return sdk.session.get()\n .then(function(res) {\n if (res.status === 'ACTIVE') {\n return true;\n }\n return false;\n })\n .catch(function() {\n return false;\n });\n}\n\nfunction getSession(sdk) { \n return get(sdk, '/api/v1/sessions/me', { withCredentials: true })\n .then(function(session) {\n var res = omit(session, '_links');\n\n res.refresh = function() {\n return post(sdk, getLink(session, 'refresh').href, {}, { withCredentials: true });\n };\n\n res.user = function() {\n return get(sdk, getLink(session, 'user').href, { withCredentials: true });\n };\n\n return res;\n })\n .catch(function() {\n // Return INACTIVE status on failure\n return {status: 'INACTIVE'};\n });\n}\n\nfunction closeSession(sdk) {\n return httpRequest(sdk, {\n url: sdk.getIssuerOrigin() + '/api/v1/sessions/me',\n method: 'DELETE',\n withCredentials: true\n });\n}\n\nfunction refreshSession(sdk) {\n return post(sdk, '/api/v1/sessions/me/lifecycle/refresh', {}, { withCredentials: true });\n}\n\nfunction setCookieAndRedirect(sdk, sessionToken, redirectUrl) {\n redirectUrl = redirectUrl || window.location.href;\n window.location.assign(sdk.getIssuerOrigin() + '/login/sessionCookieRedirect' +\n toQueryString({\n checkAccountSetupComplete: true,\n token: sessionToken,\n redirectUrl: redirectUrl\n }));\n}\n\nexport {\n sessionExists,\n getSession,\n closeSession,\n refreshSession,\n setCookieAndRedirect\n};\n"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"api.js","sources":["../../../../lib/session/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window */\nimport { omit, getLink, toQueryString } from '../util';\nimport { get, post, httpRequest } from '../http';\n\nfunction sessionExists(sdk) {\n return sdk.session.get()\n .then(function(res) {\n if (res.status === 'ACTIVE') {\n return true;\n }\n return false;\n })\n .catch(function() {\n return false;\n });\n}\n\nfunction getSession(sdk) { \n return get(sdk, '/api/v1/sessions/me', { withCredentials: true })\n .then(function(session) {\n var res = omit(session, '_links');\n\n res.refresh = function() {\n return post(sdk, getLink(session, 'refresh').href, {}, { withCredentials: true });\n };\n\n res.user = function() {\n return get(sdk, getLink(session, 'user').href, { withCredentials: true });\n };\n\n return res;\n })\n .catch(function() {\n // Return INACTIVE status on failure\n return {status: 'INACTIVE'};\n });\n}\n\nfunction closeSession(sdk) {\n return httpRequest(sdk, {\n url: sdk.getIssuerOrigin() + '/api/v1/sessions/me',\n method: 'DELETE',\n withCredentials: true\n });\n}\n\nfunction refreshSession(sdk) {\n return post(sdk, '/api/v1/sessions/me/lifecycle/refresh', {}, { withCredentials: true });\n}\n\nfunction setCookieAndRedirect(sdk, sessionToken, redirectUrl) {\n redirectUrl = redirectUrl || window.location.href;\n window.location.assign(sdk.getIssuerOrigin() + '/login/sessionCookieRedirect' +\n toQueryString({\n checkAccountSetupComplete: true,\n token: sessionToken,\n redirectUrl: redirectUrl\n }));\n}\n\nexport {\n sessionExists,\n getSession,\n closeSession,\n refreshSession,\n setCookieAndRedirect\n};\n"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAgBA,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA;AACxB,CAAA,CAAA,CAAA,CAAA,OAAO,CAAG,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,GAAG,CAAE,CAAA;SACrB,CAAI,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA;AAChB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,IAAI,CAAG,CAAA,CAAA,CAAC,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,QAAQ,CAAE,CAAA,CAAA;AAC3B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,IAAI,CAAC;AACb,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,KAAK,CAAC;AACf,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACL,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,KAAK,CAAC;AACf,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC,CAAC;AACP,CAAC;AAED,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAC,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA;IACrB,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAG,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAqB,CAAE,CAAA,CAAA,CAAE,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC;SAChE,CAAI,CAAA,CAAA,CAAA,CAAC,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAA;CACpB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,GAAG,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;QAElC,CAAG,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;CACZ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,IAAI,CAAC,CAAA,CAAA,CAAG,EAAE,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,EAAE,CAAE,CAAA,CAAA,CAAE,eAAe,CAAE,CAAA,CAAA,CAAA,CAAA,CAAI,CAAE,CAAA,CAAC,CAAC;AACpF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;QAEF,CAAG,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACT,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,GAAG,CAAC,CAAA,CAAA,CAAG,EAAE,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,OAAO,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAC,CAAA,CAAA,CAAA,CAAI,EAAE,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,EAAE,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC,CAAC;AAC5E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AAEF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,GAAG,CAAC;AACb,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAEL,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,EAAC,CAAC;AAC9B,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC,CAAC;AACL,CAAC;AAED,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA;IACvB,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAA,CAAA,CAAG,CAAE,CAAA,CAAA;AACtB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,GAAG,CAAE,CAAA,CAAA,CAAA,CAAG,CAAC,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,GAAG,CAAqB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAClD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,EAAE,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAChB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,EAAE,CAAI,CAAA,CAAA,CAAA;AACtB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC;AACL,CAAC;AAED,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,CAAC,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA;AACzB,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAG,EAAE,CAAuC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAE,CAAA,CAAA,CAAE,EAAE,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAI,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC,CAAC;AAC3F,CAAC;AAED,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,oBAAoB,CAAC,CAAA,CAAA,CAAG,EAAE,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,WAAW,CAAA,CAAA,CAAA;CAC1D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,GAAG,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,MAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAA,CAAA,CAAI,CAAC;CAClD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAE,CAAA,CAAA,CAAA,CAAG,CAA8B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AAC3E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,aAAa,CAAC,CAAA;AACZ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAyB,EAAE,CAAI,CAAA,CAAA,CAAA,CAAA;AAC/B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAK,EAAE,CAAY,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACnB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,EAAE,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;AACzB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC,CAAC,CAAC;AACR,CAAA;;"}
|
|
@@ -10,6 +10,7 @@
|
|
|
10
10
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
11
11
|
*/
|
|
12
12
|
|
|
13
|
+
import '../../errors/WWWAuthError.js';
|
|
13
14
|
import '../../crypto/node.js';
|
|
14
15
|
import 'tiny-emitter';
|
|
15
16
|
import { createBaseOptionsConstructor } from '../../base/options.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"StorageOptionsConstructor.js","sources":["../../../../../lib/storage/options/StorageOptionsConstructor.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { createBaseOptionsConstructor } from '../../base';\nimport { CookieOptions, OktaAuthStorageOptions, StorageManagerOptions, StorageUtil } from '../types';\nimport { getStorage, STORAGE_MANAGER_OPTIONS, getCookieSettings } from './node';\nimport { isHTTPS } from '../../features';\n\nexport function createStorageOptionsConstructor() {\n\n const BaseOptionsConstructor = createBaseOptionsConstructor();\n return class StorageOptionsConstructor extends BaseOptionsConstructor implements Required<OktaAuthStorageOptions> {\n cookies: CookieOptions;\n storageUtil: StorageUtil;\n storageManager: StorageManagerOptions;\n \n constructor(args: any) {\n super(args);\n this.cookies = getCookieSettings(args, isHTTPS())!;\n this.storageUtil = args.storageUtil || getStorage();\n this.storageManager = { ...STORAGE_MANAGER_OPTIONS, ...args.storageManager };\n }\n };\n}\n"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"StorageOptionsConstructor.js","sources":["../../../../../lib/storage/options/StorageOptionsConstructor.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { createBaseOptionsConstructor } from '../../base';\nimport { CookieOptions, OktaAuthStorageOptions, StorageManagerOptions, StorageUtil } from '../types';\nimport { getStorage, STORAGE_MANAGER_OPTIONS, getCookieSettings } from './node';\nimport { isHTTPS } from '../../features';\n\nexport function createStorageOptionsConstructor() {\n\n const BaseOptionsConstructor = createBaseOptionsConstructor();\n return class StorageOptionsConstructor extends BaseOptionsConstructor implements Required<OktaAuthStorageOptions> {\n cookies: CookieOptions;\n storageUtil: StorageUtil;\n storageManager: StorageManagerOptions;\n \n constructor(args: any) {\n super(args);\n this.cookies = getCookieSettings(args, isHTTPS())!;\n this.storageUtil = args.storageUtil || getStorage();\n this.storageManager = { ...STORAGE_MANAGER_OPTIONS, ...args.storageManager };\n }\n };\n}\n"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;SAiBgB,+BAA+B,CAAA,CAAA,CAAA,CAAA;AAE7C,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAsB,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA4B,EAAE,CAAC;IAC9D,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAA0B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,sBAAsB,CAAA,CAAA;AAKnE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAA,CAAA,CAAA,CAAS,CAAA,CAAA,CAAA;YACnB,CAAK,CAAA,CAAA,CAAA,CAAA,CAAC,CAAI,CAAA,CAAA,CAAA,CAAC,CAAC;CACZ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAG,iBAAiB,CAAC,CAAA,CAAA,CAAA,CAAe,CAAE,CAAC;CACnD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAW,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAU,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC;CACpD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAc,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,MAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAA,CAAA,CAAA,CAAA,EAAA,CAAuB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,GAAK,CAAI,CAAA,CAAA,CAAA,CAAC,CAAc,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAE,CAAC;CAC9E,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;KACF,CAAC;AACJ,CAAA;;"}
|
package/package.json
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"private": false,
|
|
3
3
|
"name": "@okta/okta-auth-js",
|
|
4
4
|
"description": "The Okta Auth SDK",
|
|
5
|
-
"version": "7.
|
|
5
|
+
"version": "7.7.0",
|
|
6
6
|
"homepage": "https://github.com/okta/okta-auth-js",
|
|
7
7
|
"license": "Apache-2.0",
|
|
8
8
|
"main": "cjs/exports/default.js",
|
|
@@ -195,6 +195,7 @@
|
|
|
195
195
|
"eslint-plugin-jasmine": "^2.10.1",
|
|
196
196
|
"eslint-plugin-jsdoc": "^25.4.2",
|
|
197
197
|
"eslint-plugin-node": "^11.1.0",
|
|
198
|
+
"fake-indexeddb": "4.0.2",
|
|
198
199
|
"globby": "^6.1.0",
|
|
199
200
|
"husky": ">=6",
|
|
200
201
|
"jasmine-ajax": "^4.0.0",
|
|
@@ -238,7 +239,7 @@
|
|
|
238
239
|
"directory": "test/types"
|
|
239
240
|
},
|
|
240
241
|
"okta": {
|
|
241
|
-
"commitSha": "
|
|
242
|
-
"fullVersion": "7.
|
|
242
|
+
"commitSha": "7deec3d5f2c612f527c146f4eb75404af7e5c743",
|
|
243
|
+
"fullVersion": "7.7.0-g7deec3d"
|
|
243
244
|
}
|
|
244
245
|
}
|
|
@@ -32,6 +32,7 @@ export declare function createCoreOptionsConstructor(): {
|
|
|
32
32
|
codeChallengeMethod: string;
|
|
33
33
|
acrValues: string;
|
|
34
34
|
maxAge: string | number;
|
|
35
|
+
dpop: boolean;
|
|
35
36
|
tokenManager: import("../oidc").TokenManagerOptions;
|
|
36
37
|
postLogoutRedirectUri: string;
|
|
37
38
|
restoreOriginalUri: (oktaAuth: import("../oidc").OktaAuthOAuthInterface<import("../oidc").PKCETransactionMeta, import("../oidc").OAuthStorageManagerInterface<import("../oidc").PKCETransactionMeta>, import("../oidc").OktaAuthOAuthOptions, import("../oidc").TransactionManagerInterface>, originalUri?: string | undefined) => Promise<void>;
|
|
@@ -10,10 +10,12 @@
|
|
|
10
10
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
11
11
|
*/
|
|
12
12
|
import CustomError from './CustomError';
|
|
13
|
+
import type { HttpResponse } from '../http';
|
|
13
14
|
export default class OAuthError extends CustomError {
|
|
14
15
|
errorCode: string;
|
|
15
16
|
errorSummary: string;
|
|
16
17
|
error: string;
|
|
17
18
|
error_description: string;
|
|
18
|
-
|
|
19
|
+
resp: HttpResponse | null;
|
|
20
|
+
constructor(errorCode: string, summary: string, resp?: HttpResponse);
|
|
19
21
|
}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
/*!
|
|
2
|
+
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
|
|
3
|
+
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
|
|
4
|
+
*
|
|
5
|
+
* You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
|
|
6
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
7
|
+
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
8
|
+
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
9
|
+
*
|
|
10
|
+
* See the License for the specific language governing permissions and limitations under the License.
|
|
11
|
+
*/
|
|
12
|
+
import type { HttpResponse } from '../http';
|
|
13
|
+
import CustomError from './CustomError';
|
|
14
|
+
export default class WWWAuthError extends CustomError {
|
|
15
|
+
static UNKNOWN_ERROR: string;
|
|
16
|
+
scheme: string;
|
|
17
|
+
parameters: Record<string, string>;
|
|
18
|
+
name: string;
|
|
19
|
+
resp: HttpResponse | null;
|
|
20
|
+
constructor(scheme: string, parameters: Record<string, string>, resp?: HttpResponse);
|
|
21
|
+
get error(): string;
|
|
22
|
+
get errorCode(): string;
|
|
23
|
+
get error_description(): string;
|
|
24
|
+
get errorDescription(): string;
|
|
25
|
+
get errorSummary(): string;
|
|
26
|
+
get realm(): string;
|
|
27
|
+
static parseHeader(header: string): WWWAuthError | null;
|
|
28
|
+
static getWWWAuthenticateHeader(headers?: HeadersInit): string | null;
|
|
29
|
+
}
|
|
@@ -13,7 +13,9 @@ import AuthApiError from './AuthApiError';
|
|
|
13
13
|
import AuthPollStopError from './AuthPollStopError';
|
|
14
14
|
import AuthSdkError from './AuthSdkError';
|
|
15
15
|
import OAuthError from './OAuthError';
|
|
16
|
+
import WWWAuthError from './WWWAuthError';
|
|
16
17
|
declare function isAuthApiError(obj: any): obj is AuthApiError;
|
|
17
18
|
declare function isOAuthError(obj: any): obj is OAuthError;
|
|
18
|
-
|
|
19
|
+
declare function isWWWAuthError(obj: any): obj is WWWAuthError;
|
|
20
|
+
export { isAuthApiError, isOAuthError, isWWWAuthError, AuthApiError, AuthPollStopError, AuthSdkError, OAuthError, WWWAuthError };
|
|
19
21
|
export * from './types';
|
package/types/lib/features.d.ts
CHANGED
|
@@ -39,6 +39,7 @@ export declare function createIdxOptionsConstructor(): {
|
|
|
39
39
|
codeChallengeMethod: string;
|
|
40
40
|
acrValues: string;
|
|
41
41
|
maxAge: string | number;
|
|
42
|
+
dpop: boolean;
|
|
42
43
|
tokenManager: import("../oidc").TokenManagerOptions;
|
|
43
44
|
postLogoutRedirectUri: string;
|
|
44
45
|
restoreOriginalUri: (oktaAuth: import("../oidc").OktaAuthOAuthInterface<import("../oidc").PKCETransactionMeta, import("../oidc").OAuthStorageManagerInterface<import("../oidc").PKCETransactionMeta>, import("../oidc").OktaAuthOAuthOptions, import("../oidc").TransactionManagerInterface>, originalUri?: string | undefined) => Promise<void>;
|
|
@@ -40,6 +40,7 @@ export interface IntrospectOptions extends IdxOptions {
|
|
|
40
40
|
interactionHandle?: string;
|
|
41
41
|
stateHandle?: string;
|
|
42
42
|
version?: string;
|
|
43
|
+
useGenericRemediator?: boolean;
|
|
43
44
|
}
|
|
44
45
|
export interface RemediateOptions extends IdxOptions {
|
|
45
46
|
remediators?: RemediationFlow;
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
import { OAuthError, WWWAuthError } from '../errors';
|
|
2
|
+
import { Tokens } from './types';
|
|
3
|
+
export interface DPoPClaims {
|
|
4
|
+
htm: string;
|
|
5
|
+
htu: string;
|
|
6
|
+
iat: number;
|
|
7
|
+
jti: string;
|
|
8
|
+
nonce?: string;
|
|
9
|
+
ath?: string;
|
|
10
|
+
}
|
|
11
|
+
export interface DPoPProofParams {
|
|
12
|
+
keyPair: CryptoKeyPair;
|
|
13
|
+
url: string;
|
|
14
|
+
method: string;
|
|
15
|
+
nonce?: string;
|
|
16
|
+
accessToken?: string;
|
|
17
|
+
}
|
|
18
|
+
export declare type ResourceDPoPProofParams = Omit<DPoPProofParams, 'keyPair' | 'nonce'>;
|
|
19
|
+
declare type DPoPProofTokenRequestParams = Omit<DPoPProofParams, 'accessToken'>;
|
|
20
|
+
export declare function isDPoPNonceError(obj: any): obj is OAuthError | WWWAuthError;
|
|
21
|
+
export declare function createJwt(header: object, claims: object, signingKey: CryptoKey): Promise<string>;
|
|
22
|
+
export declare function cryptoRandomValue(byteLen?: number): string;
|
|
23
|
+
export declare function generateKeyPair(): Promise<CryptoKeyPair>;
|
|
24
|
+
export declare type StoreMethod = 'get' | 'add' | 'delete' | 'clear';
|
|
25
|
+
export declare function findKeyPair(pairId?: string): Promise<CryptoKeyPair>;
|
|
26
|
+
export declare function clearDPoPKeyPair(pairId: string): Promise<void>;
|
|
27
|
+
export declare function clearAllDPoPKeyPairs(): Promise<void>;
|
|
28
|
+
export declare function createDPoPKeyPair(): Promise<{
|
|
29
|
+
keyPair: CryptoKeyPair;
|
|
30
|
+
keyPairId: string;
|
|
31
|
+
}>;
|
|
32
|
+
export declare function clearDPoPKeyPairAfterRevoke(revokedToken: 'access' | 'refresh', tokens: Tokens): Promise<void>;
|
|
33
|
+
export declare function generateDPoPProof({ keyPair, url, method, nonce, accessToken }: DPoPProofParams): Promise<string>;
|
|
34
|
+
export declare function generateDPoPForTokenRequest({ keyPair, url, method, nonce }: DPoPProofTokenRequestParams): Promise<string>;
|
|
35
|
+
export {};
|
|
@@ -11,5 +11,8 @@
|
|
|
11
11
|
*/
|
|
12
12
|
import { CustomUrls, OAuthResponse, RefreshToken, TokenParams } from '../types';
|
|
13
13
|
import { OktaAuthHttpInterface } from '../../http';
|
|
14
|
-
export
|
|
15
|
-
|
|
14
|
+
export interface TokenEndpointParams extends TokenParams {
|
|
15
|
+
dpopKeyPair?: CryptoKeyPair;
|
|
16
|
+
}
|
|
17
|
+
export declare function postToTokenEndpoint(sdk: any, options: TokenEndpointParams, urls: CustomUrls): Promise<OAuthResponse>;
|
|
18
|
+
export declare function postRefreshToken(sdk: OktaAuthHttpInterface, options: TokenEndpointParams, refreshToken: RefreshToken): Promise<OAuthResponse>;
|
|
@@ -30,6 +30,7 @@ export declare function createOAuthOptionsConstructor(): {
|
|
|
30
30
|
codeChallengeMethod: string;
|
|
31
31
|
acrValues: string;
|
|
32
32
|
maxAge: string | number;
|
|
33
|
+
dpop: boolean;
|
|
33
34
|
tokenManager: TokenManagerOptions;
|
|
34
35
|
postLogoutRedirectUri: string;
|
|
35
36
|
restoreOriginalUri: (oktaAuth: OktaAuthOAuthInterface, originalUri?: string) => Promise<void>;
|
|
@@ -21,11 +21,13 @@ export interface AccessToken extends AbstractToken {
|
|
|
21
21
|
claims: UserClaims;
|
|
22
22
|
tokenType: string;
|
|
23
23
|
userinfoUrl: string;
|
|
24
|
+
dpopPairId?: string;
|
|
24
25
|
}
|
|
25
26
|
export interface RefreshToken extends AbstractToken {
|
|
26
27
|
refreshToken: string;
|
|
27
28
|
tokenUrl: string;
|
|
28
29
|
issuer: string;
|
|
30
|
+
dpopPairId?: string;
|
|
29
31
|
}
|
|
30
32
|
export interface IDToken extends AbstractToken {
|
|
31
33
|
idToken: string;
|