@okta/okta-auth-js 7.7.1 → 7.8.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -0
- package/cjs/authn/mixin.js.map +1 -1
- package/cjs/authn/types.js.map +1 -1
- package/cjs/base/types.js.map +1 -1
- package/cjs/browser/fingerprint.js +18 -12
- package/cjs/browser/fingerprint.js.map +1 -1
- package/cjs/http/OktaUserAgent.js +2 -2
- package/cjs/idx/idxState/v1/idxResponseParser.js +1 -1
- package/cjs/idx/idxState/v1/idxResponseParser.js.map +1 -1
- package/cjs/idx/mixin.js +2 -0
- package/cjs/idx/mixin.js.map +1 -1
- package/cjs/idx/mixinMinimal.js +2 -0
- package/cjs/idx/mixinMinimal.js.map +1 -1
- package/cjs/idx/types/api.js.map +1 -1
- package/cjs/util/jsonpath.js +32 -8
- package/cjs/util/jsonpath.js.map +1 -1
- package/dist/okta-auth-js.authn.min.analyzer.html +2 -2
- package/dist/okta-auth-js.authn.min.js +1 -1
- package/dist/okta-auth-js.authn.min.js.map +1 -1
- package/dist/okta-auth-js.core.min.analyzer.html +1 -1
- package/dist/okta-auth-js.core.min.js +1 -1
- package/dist/okta-auth-js.idx.min.analyzer.html +2 -2
- package/dist/okta-auth-js.idx.min.js +1 -1
- package/dist/okta-auth-js.idx.min.js.map +1 -1
- package/dist/okta-auth-js.min.analyzer.html +2 -2
- package/dist/okta-auth-js.min.js +1 -1
- package/dist/okta-auth-js.min.js.map +1 -1
- package/dist/okta-auth-js.myaccount.min.analyzer.html +1 -1
- package/dist/okta-auth-js.myaccount.min.js +1 -1
- package/esm/browser/authn/mixin.js.map +1 -1
- package/esm/browser/browser/fingerprint.js +22 -11
- package/esm/browser/browser/fingerprint.js.map +1 -1
- package/esm/browser/http/OktaUserAgent.js +2 -2
- package/esm/browser/idx/idxState/v1/idxResponseParser.js +1 -1
- package/esm/browser/idx/idxState/v1/idxResponseParser.js.map +1 -1
- package/esm/browser/idx/mixin.js +2 -0
- package/esm/browser/idx/mixin.js.map +1 -1
- package/esm/browser/idx/mixinMinimal.js +2 -0
- package/esm/browser/idx/mixinMinimal.js.map +1 -1
- package/esm/browser/idx/types/api.js.map +1 -1
- package/esm/browser/package.json +1 -1
- package/esm/browser/util/jsonpath.js +25 -5
- package/esm/browser/util/jsonpath.js.map +1 -1
- package/esm/node/authn/mixin.js.map +1 -1
- package/esm/node/browser/fingerprint.js +22 -11
- package/esm/node/browser/fingerprint.js.map +1 -1
- package/esm/node/http/OktaUserAgent.js +2 -2
- package/esm/node/idx/idxState/v1/idxResponseParser.js +1 -1
- package/esm/node/idx/idxState/v1/idxResponseParser.js.map +1 -1
- package/esm/node/idx/mixin.js +2 -0
- package/esm/node/idx/mixin.js.map +1 -1
- package/esm/node/idx/mixinMinimal.js +2 -0
- package/esm/node/idx/mixinMinimal.js.map +1 -1
- package/esm/node/idx/types/api.js.map +1 -1
- package/esm/node/package.json +1 -1
- package/esm/node/util/jsonpath.js +25 -5
- package/esm/node/util/jsonpath.js.map +1 -1
- package/package.json +3 -4
- package/types/lib/authn/types.d.ts +1 -4
- package/types/lib/base/types.d.ts +5 -0
- package/types/lib/browser/fingerprint.d.ts +1 -1
- package/types/lib/idx/types/api.d.ts +3 -1
- package/types/lib/util/jsonpath.d.ts +4 -2
- package/umd/authn.js +1 -1
- package/umd/authn.js.map +1 -1
- package/umd/core.js +1 -1
- package/umd/default.js +1 -1
- package/umd/default.js.map +1 -1
- package/umd/idx.js +1 -1
- package/umd/idx.js.map +1 -1
- package/umd/myaccount.js +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,17 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
# 7.8.1
|
|
4
|
+
|
|
5
|
+
### Bug Fix
|
|
6
|
+
- [#1547](https://github.com/okta/okta-auth-js/pull/1547) fix: replaces `jsonpath-plus` module
|
|
7
|
+
- Address https://security.snyk.io/vuln/SNYK-JS-JSONPATHPLUS-7945884
|
|
8
|
+
|
|
9
|
+
# 7.8.0
|
|
10
|
+
|
|
11
|
+
### Features
|
|
12
|
+
|
|
13
|
+
- [#1530](https://github.com/okta/okta-auth-js/pull/1530) add: fingerprint API to IDX bundle
|
|
14
|
+
|
|
3
15
|
# 7.7.1
|
|
4
16
|
|
|
5
17
|
- [#1529](https://github.com/okta/okta-auth-js/pull/1529) fix: persist `extraParams` passed to `/authorize` and include them during token refresh
|
package/cjs/authn/mixin.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mixin.js","names":["mixinAuthn","Base","OktaAuthTx","constructor","args","authn","tx","createAuthnTransactionAPI","fingerprint","bind","signIn","opts","clone","_postToTransaction","options","sendFingerprint","postToTransaction","then","headers","signInWithCredentials","forgotPassword","unlockAccount","verifyRecoveryToken"],"sources":["../../../lib/authn/mixin.ts"],"sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { \n clone,\n} from '../util';\nimport fingerprint from '../browser/fingerprint';\nimport {\n
|
|
1
|
+
{"version":3,"file":"mixin.js","names":["mixinAuthn","Base","OktaAuthTx","constructor","args","authn","tx","createAuthnTransactionAPI","fingerprint","bind","signIn","opts","clone","_postToTransaction","options","sendFingerprint","postToTransaction","then","headers","signInWithCredentials","forgotPassword","unlockAccount","verifyRecoveryToken"],"sources":["../../../lib/authn/mixin.ts"],"sourcesContent":["/* eslint-disable max-statements */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { \n clone,\n} from '../util';\nimport fingerprint from '../browser/fingerprint';\nimport {\n SigninWithCredentialsOptions,\n ForgotPasswordOptions,\n VerifyRecoveryTokenOptions,\n SigninOptions,\n OktaAuthTxInterface,\n AuthnTransaction,\n AuthnTransactionAPI\n} from './types';\nimport {\n createAuthnTransactionAPI,\n} from './factory';\nimport { StorageManagerInterface } from '../storage/types';\nimport { OktaAuthHttpInterface, OktaAuthHttpOptions } from '../http/types';\nimport { FingerprintAPI, OktaAuthConstructor } from '../base/types';\n\nexport function mixinAuthn\n<\n S extends StorageManagerInterface = StorageManagerInterface,\n O extends OktaAuthHttpOptions = OktaAuthHttpOptions,\n TBase extends OktaAuthConstructor<OktaAuthHttpInterface<S, O>>\n = OktaAuthConstructor<OktaAuthHttpInterface<S, O>>\n>\n(Base: TBase): TBase & OktaAuthConstructor<OktaAuthTxInterface<S, O>>\n{\n return class OktaAuthTx extends Base implements OktaAuthTxInterface<S, O> {\n tx: AuthnTransactionAPI; // legacy, may be removed in future version\n authn: AuthnTransactionAPI;\n fingerprint: FingerprintAPI;\n\n constructor(...args: any[]) {\n super(...args);\n\n this.authn = this.tx = createAuthnTransactionAPI(this);\n \n // Fingerprint API\n this.fingerprint = fingerprint.bind(null, this);\n }\n\n // Authn V1\n async signIn(opts: SigninOptions): Promise<AuthnTransaction> {\n opts = clone(opts || {});\n const _postToTransaction = (options?) => {\n delete opts.sendFingerprint;\n return this.tx.postToTransaction('/api/v1/authn', opts, options);\n };\n if (!opts.sendFingerprint) {\n return _postToTransaction();\n }\n return this.fingerprint()\n .then(function(fingerprint) {\n return _postToTransaction({\n headers: {\n 'X-Device-Fingerprint': fingerprint\n }\n });\n });\n }\n\n // Authn V1\n async signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthnTransaction> {\n return this.signIn(opts);\n }\n\n // { username, (relayState) }\n forgotPassword(opts): Promise<AuthnTransaction> {\n return this.tx.postToTransaction('/api/v1/authn/recovery/password', opts);\n }\n\n // { username, (relayState) }\n unlockAccount(opts: ForgotPasswordOptions): Promise<AuthnTransaction> {\n return this.tx.postToTransaction('/api/v1/authn/recovery/unlock', opts);\n }\n\n // { recoveryToken }\n verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthnTransaction> {\n return this.tx.postToTransaction('/api/v1/authn/recovery/token', opts);\n }\n\n };\n}\n"],"mappings":";;;;AAcA;AAGA;AAUA;AA3BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAsBO,SAASA,UAAU,CAOzBC,IAAW,EACZ;EACE,OAAO,MAAMC,UAAU,SAASD,IAAI,CAAsC;IAC/C;;IAIzBE,WAAW,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAGA,IAAI,CAAC;MAEd,IAAI,CAACC,KAAK,GAAG,IAAI,CAACC,EAAE,GAAG,IAAAC,kCAAyB,EAAC,IAAI,CAAC;;MAEtD;MACA,IAAI,CAACC,WAAW,GAAGA,oBAAW,CAACC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;IACjD;;IAEA;IACA,MAAMC,MAAM,CAACC,IAAmB,EAA6B;MAC3DA,IAAI,GAAG,IAAAC,WAAK,EAACD,IAAI,IAAI,CAAC,CAAC,CAAC;MACxB,MAAME,kBAAkB,GAAIC,OAAQ,IAAK;QACvC,OAAOH,IAAI,CAACI,eAAe;QAC3B,OAAO,IAAI,CAACT,EAAE,CAACU,iBAAiB,CAAC,eAAe,EAAEL,IAAI,EAAEG,OAAO,CAAC;MAClE,CAAC;MACD,IAAI,CAACH,IAAI,CAACI,eAAe,EAAE;QACzB,OAAOF,kBAAkB,EAAE;MAC7B;MACA,OAAO,IAAI,CAACL,WAAW,EAAE,CACxBS,IAAI,CAAC,UAAST,WAAW,EAAE;QAC1B,OAAOK,kBAAkB,CAAC;UACxBK,OAAO,EAAE;YACP,sBAAsB,EAAEV;UAC1B;QACF,CAAC,CAAC;MACJ,CAAC,CAAC;IACJ;;IAEA;IACA,MAAMW,qBAAqB,CAACR,IAAkC,EAA6B;MACzF,OAAO,IAAI,CAACD,MAAM,CAACC,IAAI,CAAC;IAC1B;;IAEA;IACAS,cAAc,CAACT,IAAI,EAA6B;MAC9C,OAAO,IAAI,CAACL,EAAE,CAACU,iBAAiB,CAAC,iCAAiC,EAAEL,IAAI,CAAC;IAC3E;;IAEA;IACAU,aAAa,CAACV,IAA2B,EAA6B;MACpE,OAAO,IAAI,CAACL,EAAE,CAACU,iBAAiB,CAAC,+BAA+B,EAAEL,IAAI,CAAC;IACzE;;IAEA;IACAW,mBAAmB,CAACX,IAAgC,EAA6B;MAC/E,OAAO,IAAI,CAACL,EAAE,CAACU,iBAAiB,CAAC,8BAA8B,EAAEL,IAAI,CAAC;IACxE;EAEF,CAAC;AACH"}
|
package/cjs/authn/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","names":[],"sources":["../../../lib/authn/types.ts"],"sourcesContent":["
|
|
1
|
+
{"version":3,"file":"types.js","names":[],"sources":["../../../lib/authn/types.ts"],"sourcesContent":["\nimport { FingerprintAPI } from '../base/types';\nimport { StorageManagerInterface } from '../storage/types';\nimport { RequestData, RequestOptions, OktaAuthHttpInterface, OktaAuthHttpOptions } from '../http/types';\n\nexport interface AuthnTransactionLink {\n name?: string;\n type: string;\n href: string;\n hints?: {\n allow?: string[];\n };\n}\n\n// Authn V1 transaction\nexport interface AuthnTransactionState {\n status: string;\n stateToken?: string;\n type?: string;\n expiresAt?: string;\n relayState?: string;\n factorResult?: string;\n factorType?: string;\n recoveryToken?: string;\n recoveryType?: string;\n autoPush?: boolean | (() => boolean);\n rememberDevice?: boolean | (() => boolean);\n profile?: {\n updatePhone?: boolean;\n };\n _links?: Record<string, AuthnTransactionLink>;\n}\n\n// eslint-disable-next-line no-use-before-define\nexport type AuthnTransactionFunction = (obj?: any) => Promise<AuthnTransaction>;\n\nexport interface AuthnTransactionFunctions {\n // common\n next?: AuthnTransactionFunction;\n cancel?: AuthnTransactionFunction;\n skip?: AuthnTransactionFunction;\n // locked_out\n unlock?: AuthnTransactionFunction;\n // password\n changePassword?: AuthnTransactionFunction;\n resetPassword?: AuthnTransactionFunction;\n // recovery\n answer?: AuthnTransactionFunction;\n recovery?: AuthnTransactionFunction;\n // recovery_challenge\n verify?: AuthnTransactionFunction;\n resend?: AuthnTransactionFunction;\n // mfa_enroll_activate\n activate?: AuthnTransactionFunction;\n poll?: AuthnTransactionFunction;\n prev?: AuthnTransactionFunction;\n}\n\nexport interface AuthnTransaction extends AuthnTransactionState, AuthnTransactionFunctions {\n sessionToken?: string;\n user?: Record<string, any>;\n factor?: Record<string, any>;\n factors?: Array<Record<string, any> >;\n policy?: Record<string, any>;\n scopes?: Array<Record<string, any> >;\n target?: Record<string, any>;\n authentication?: Record<string, any>;\n}\n\n// Authn (classic) api\nexport interface AuthnTransactionAPI {\n exists: () => boolean;\n status: (args?: object) => Promise<object>;\n resume: (args?: object) => Promise<AuthnTransaction>;\n introspect: (args?: object) => Promise<AuthnTransaction>;\n createTransaction: (res?: AuthnTransactionState) => AuthnTransaction;\n postToTransaction: (url: string, args?: RequestData, options?: RequestOptions) => Promise<AuthnTransaction>;\n}\n\nexport interface SigninOptions {\n // Only used in Authn V1\n relayState?: string;\n context?: {\n deviceToken?: string;\n };\n sendFingerprint?: boolean;\n stateToken?: string;\n \n // Optional credentials\n username?: string;\n password?: string;\n}\n\nexport interface SigninWithCredentialsOptions extends SigninOptions {\n // Required credentials\n username: string;\n password: string;\n}\n\nexport interface SigninAPI {\n signIn(opts: SigninOptions): Promise<AuthnTransaction>;\n signInWithCredentials(opts: SigninWithCredentialsOptions): Promise<AuthnTransaction>;\n}\n\nexport interface ForgotPasswordOptions {\n username: string;\n factorType: 'SMS' | 'EMAIL' | 'CALL';\n relayState?: string;\n}\n\nexport interface VerifyRecoveryTokenOptions {\n recoveryToken: string;\n}\n\nexport interface AuthnAPI extends SigninAPI {\n forgotPassword(opts): Promise<AuthnTransaction>;\n\n // { username, (relayState) }\n unlockAccount(opts: ForgotPasswordOptions): Promise<AuthnTransaction>;\n\n // { recoveryToken }\n verifyRecoveryToken(opts: VerifyRecoveryTokenOptions): Promise<AuthnTransaction>;\n}\n\nexport interface OktaAuthTxInterface\n<\n S extends StorageManagerInterface = StorageManagerInterface,\n O extends OktaAuthHttpOptions = OktaAuthHttpOptions,\n> \n extends OktaAuthHttpInterface<S, O>, AuthnAPI\n{\n tx: AuthnTransactionAPI; // legacy name\n authn: AuthnTransactionAPI; // new name\n fingerprint: FingerprintAPI;\n}\n"],"mappings":""}
|
package/cjs/base/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","names":[],"sources":["../../../lib/base/types.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport * as constants from '../constants';\n\nexport declare class EventEmitter {\n on (event: string, callback: (...args: any[]) => any, ctx?: any): EventEmitter;\n once (event: string, callback: (...args: any[]) => any, ctx?: any): EventEmitter;\n emit (event: string, ...args: any[]): EventEmitter;\n off (event: string, callback?: (...args: any[]) => any): EventEmitter;\n}\n\nexport interface FeaturesAPI {\n isLocalhost(): boolean;\n isHTTPS(): boolean;\n isPopupPostMessageSupported(): boolean;\n hasTextEncoder(): boolean;\n isTokenVerifySupported(): boolean;\n isPKCESupported(): boolean;\n isIE11OrLess(): boolean;\n isDPoPSupported(): boolean;\n}\n\n\n// options that can be passed to AuthJS\nexport interface OktaAuthBaseOptions {\n devMode?: boolean;\n}\n\n// a class that constructs options\nexport interface OktaAuthOptionsConstructor<O extends OktaAuthBaseOptions = OktaAuthBaseOptions> {\n new(args: any): O;\n}\n\n// a \"base\" instance of AuthJS\nexport interface OktaAuthBaseInterface<O extends OktaAuthBaseOptions = OktaAuthBaseOptions> {\n options: O;\n emitter: EventEmitter;\n features: FeaturesAPI;\n}\n\n// a constructor that returns an instance of AuthJS\nexport interface OktaAuthConstructor\n<\n I extends OktaAuthBaseInterface = OktaAuthBaseInterface\n> \n{\n new(...args: any[]): I;\n features: FeaturesAPI; // static class member\n constants: typeof constants;\n}\n"],"mappings":""}
|
|
1
|
+
{"version":3,"file":"types.js","names":[],"sources":["../../../lib/base/types.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport * as constants from '../constants';\n\nexport declare class EventEmitter {\n on (event: string, callback: (...args: any[]) => any, ctx?: any): EventEmitter;\n once (event: string, callback: (...args: any[]) => any, ctx?: any): EventEmitter;\n emit (event: string, ...args: any[]): EventEmitter;\n off (event: string, callback?: (...args: any[]) => any): EventEmitter;\n}\n\nexport interface FeaturesAPI {\n isLocalhost(): boolean;\n isHTTPS(): boolean;\n isPopupPostMessageSupported(): boolean;\n hasTextEncoder(): boolean;\n isTokenVerifySupported(): boolean;\n isPKCESupported(): boolean;\n isIE11OrLess(): boolean;\n isDPoPSupported(): boolean;\n}\n\n\nexport interface FingerprintOptions {\n timeout?: number;\n container?: Element | null;\n}\nexport type FingerprintAPI = (options?: FingerprintOptions) => Promise<string>;\n\n// options that can be passed to AuthJS\nexport interface OktaAuthBaseOptions {\n devMode?: boolean;\n}\n\n// a class that constructs options\nexport interface OktaAuthOptionsConstructor<O extends OktaAuthBaseOptions = OktaAuthBaseOptions> {\n new(args: any): O;\n}\n\n// a \"base\" instance of AuthJS\nexport interface OktaAuthBaseInterface<O extends OktaAuthBaseOptions = OktaAuthBaseOptions> {\n options: O;\n emitter: EventEmitter;\n features: FeaturesAPI;\n}\n\n// a constructor that returns an instance of AuthJS\nexport interface OktaAuthConstructor\n<\n I extends OktaAuthBaseInterface = OktaAuthBaseInterface\n> \n{\n new(...args: any[]): I;\n features: FeaturesAPI; // static class member\n constants: typeof constants;\n}\n"],"mappings":""}
|
|
@@ -16,25 +16,30 @@ var _oidc = require("../oidc");
|
|
|
16
16
|
* See the License for the specific language governing permissions and limitations under the License.
|
|
17
17
|
*/
|
|
18
18
|
|
|
19
|
+
const isMessageFromCorrectSource = (iframe, event) => event.source === iframe.contentWindow;
|
|
19
20
|
function fingerprint(sdk, options) {
|
|
20
|
-
options = options || {};
|
|
21
21
|
if (!(0, _features.isFingerprintSupported)()) {
|
|
22
22
|
return Promise.reject(new _errors.AuthSdkError('Fingerprinting is not supported on this device'));
|
|
23
23
|
}
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
24
|
+
const container = options?.container ?? document.body;
|
|
25
|
+
let timeout;
|
|
26
|
+
let iframe;
|
|
27
|
+
let listener;
|
|
28
|
+
const promise = new Promise(function (resolve, reject) {
|
|
28
29
|
iframe = document.createElement('iframe');
|
|
29
30
|
iframe.style.display = 'none';
|
|
30
31
|
|
|
31
32
|
// eslint-disable-next-line complexity
|
|
32
33
|
listener = function listener(e) {
|
|
34
|
+
if (!isMessageFromCorrectSource(iframe, e)) {
|
|
35
|
+
return;
|
|
36
|
+
}
|
|
33
37
|
if (!e || !e.data || e.origin !== sdk.getIssuerOrigin()) {
|
|
34
38
|
return;
|
|
35
39
|
}
|
|
40
|
+
let msg;
|
|
36
41
|
try {
|
|
37
|
-
|
|
42
|
+
msg = JSON.parse(e.data);
|
|
38
43
|
} catch (err) {
|
|
39
44
|
// iframe messages should all be parsable
|
|
40
45
|
// skip not parsable messages come from other sources in same origin (browser extensions)
|
|
@@ -46,16 +51,17 @@ function fingerprint(sdk, options) {
|
|
|
46
51
|
}
|
|
47
52
|
if (msg.type === 'FingerprintAvailable') {
|
|
48
53
|
return resolve(msg.fingerprint);
|
|
49
|
-
}
|
|
50
|
-
|
|
51
|
-
e.source.postMessage(JSON.stringify({
|
|
54
|
+
} else if (msg.type === 'FingerprintServiceReady') {
|
|
55
|
+
iframe?.contentWindow?.postMessage(JSON.stringify({
|
|
52
56
|
type: 'GetFingerprint'
|
|
53
57
|
}), e.origin);
|
|
58
|
+
} else {
|
|
59
|
+
return reject(new _errors.AuthSdkError('No data'));
|
|
54
60
|
}
|
|
55
61
|
};
|
|
56
62
|
(0, _oidc.addListener)(window, 'message', listener);
|
|
57
63
|
iframe.src = sdk.getIssuerOrigin() + '/auth/services/devicefingerprint';
|
|
58
|
-
|
|
64
|
+
container.appendChild(iframe);
|
|
59
65
|
timeout = setTimeout(function () {
|
|
60
66
|
reject(new _errors.AuthSdkError('Fingerprinting timed out'));
|
|
61
67
|
}, options?.timeout || 15000);
|
|
@@ -63,8 +69,8 @@ function fingerprint(sdk, options) {
|
|
|
63
69
|
return promise.finally(function () {
|
|
64
70
|
clearTimeout(timeout);
|
|
65
71
|
(0, _oidc.removeListener)(window, 'message', listener);
|
|
66
|
-
if (
|
|
67
|
-
iframe.parentElement
|
|
72
|
+
if (container.contains(iframe)) {
|
|
73
|
+
iframe.parentElement?.removeChild(iframe);
|
|
68
74
|
}
|
|
69
75
|
});
|
|
70
76
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"fingerprint.js","names":["fingerprint","sdk","options","isFingerprintSupported","Promise","reject","AuthSdkError","
|
|
1
|
+
{"version":3,"file":"fingerprint.js","names":["isMessageFromCorrectSource","iframe","event","source","contentWindow","fingerprint","sdk","options","isFingerprintSupported","Promise","reject","AuthSdkError","container","document","body","timeout","listener","promise","resolve","createElement","style","display","e","data","origin","getIssuerOrigin","msg","JSON","parse","err","type","postMessage","stringify","addListener","window","src","appendChild","setTimeout","finally","clearTimeout","removeListener","contains","parentElement","removeChild"],"sources":["../../../lib/browser/fingerprint.ts"],"sourcesContent":["/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../errors';\nimport { isFingerprintSupported } from '../features';\nimport {\n addListener,\n removeListener\n} from '../oidc';\nimport { FingerprintOptions } from '../base/types';\nimport { OktaAuthHttpInterface } from '../http/types';\n\nconst isMessageFromCorrectSource = (iframe: HTMLIFrameElement, event: MessageEvent)\n: boolean => event.source === iframe.contentWindow;\n\nexport default function fingerprint(sdk: OktaAuthHttpInterface, options?: FingerprintOptions): Promise<string> {\n if (!isFingerprintSupported()) {\n return Promise.reject(new AuthSdkError('Fingerprinting is not supported on this device'));\n }\n\n const container = options?.container ?? document.body;\n let timeout: NodeJS.Timeout;\n let iframe: HTMLIFrameElement;\n let listener: (this: Window, ev: MessageEvent) => void;\n const promise = new Promise(function (resolve, reject) {\n iframe = document.createElement('iframe');\n iframe.style.display = 'none';\n\n // eslint-disable-next-line complexity\n listener = function listener(e: MessageEvent) {\n if (!isMessageFromCorrectSource(iframe, e)) {\n return;\n }\n\n if (!e || !e.data || e.origin !== sdk.getIssuerOrigin()) {\n return;\n }\n\n let msg;\n try {\n msg = JSON.parse(e.data);\n } catch (err) {\n // iframe messages should all be parsable\n // skip not parsable messages come from other sources in same origin (browser extensions)\n // TODO: add namespace flag in okta-core to distinguish messages that come from other sources\n return;\n }\n\n if (!msg) { return; }\n if (msg.type === 'FingerprintAvailable') {\n return resolve(msg.fingerprint as string);\n } else if (msg.type === 'FingerprintServiceReady') {\n iframe?.contentWindow?.postMessage(JSON.stringify({\n type: 'GetFingerprint'\n }), e.origin);\n } else {\n return reject(new AuthSdkError('No data'));\n }\n };\n addListener(window, 'message', listener);\n\n iframe.src = sdk.getIssuerOrigin() + '/auth/services/devicefingerprint';\n container.appendChild(iframe);\n\n timeout = setTimeout(function() {\n reject(new AuthSdkError('Fingerprinting timed out'));\n }, options?.timeout || 15000);\n });\n\n return promise.finally(function() {\n clearTimeout(timeout);\n removeListener(window, 'message', listener);\n if (container.contains(iframe)) {\n iframe.parentElement?.removeChild(iframe);\n }\n }) as Promise<string>;\n}\n"],"mappings":";;;AAaA;AACA;AACA;AAfA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAYA,MAAMA,0BAA0B,GAAG,CAACC,MAAyB,EAAEC,KAAmB,KACrEA,KAAK,CAACC,MAAM,KAAKF,MAAM,CAACG,aAAa;AAEnC,SAASC,WAAW,CAACC,GAA0B,EAAEC,OAA4B,EAAmB;EAC7G,IAAI,CAAC,IAAAC,gCAAsB,GAAE,EAAE;IAC7B,OAAOC,OAAO,CAACC,MAAM,CAAC,IAAIC,oBAAY,CAAC,gDAAgD,CAAC,CAAC;EAC3F;EAEA,MAAMC,SAAS,GAAGL,OAAO,EAAEK,SAAS,IAAIC,QAAQ,CAACC,IAAI;EACrD,IAAIC,OAAuB;EAC3B,IAAId,MAAyB;EAC7B,IAAIe,QAAkD;EACtD,MAAMC,OAAO,GAAG,IAAIR,OAAO,CAAC,UAAUS,OAAO,EAAER,MAAM,EAAE;IACrDT,MAAM,GAAGY,QAAQ,CAACM,aAAa,CAAC,QAAQ,CAAC;IACzClB,MAAM,CAACmB,KAAK,CAACC,OAAO,GAAG,MAAM;;IAE7B;IACAL,QAAQ,GAAG,SAASA,QAAQ,CAACM,CAAe,EAAE;MAC5C,IAAI,CAACtB,0BAA0B,CAACC,MAAM,EAAEqB,CAAC,CAAC,EAAE;QAC1C;MACF;MAEA,IAAI,CAACA,CAAC,IAAI,CAACA,CAAC,CAACC,IAAI,IAAID,CAAC,CAACE,MAAM,KAAKlB,GAAG,CAACmB,eAAe,EAAE,EAAE;QACvD;MACF;MAEA,IAAIC,GAAG;MACP,IAAI;QACFA,GAAG,GAAGC,IAAI,CAACC,KAAK,CAACN,CAAC,CAACC,IAAI,CAAC;MAC1B,CAAC,CAAC,OAAOM,GAAG,EAAE;QACZ;QACA;QACA;QACA;MACF;MAEA,IAAI,CAACH,GAAG,EAAE;QAAE;MAAQ;MACpB,IAAIA,GAAG,CAACI,IAAI,KAAK,sBAAsB,EAAE;QACvC,OAAOZ,OAAO,CAACQ,GAAG,CAACrB,WAAW,CAAW;MAC3C,CAAC,MAAM,IAAIqB,GAAG,CAACI,IAAI,KAAK,yBAAyB,EAAE;QACjD7B,MAAM,EAAEG,aAAa,EAAE2B,WAAW,CAACJ,IAAI,CAACK,SAAS,CAAC;UAChDF,IAAI,EAAE;QACR,CAAC,CAAC,EAAER,CAAC,CAACE,MAAM,CAAC;MACf,CAAC,MAAM;QACL,OAAOd,MAAM,CAAC,IAAIC,oBAAY,CAAC,SAAS,CAAC,CAAC;MAC5C;IACF,CAAC;IACD,IAAAsB,iBAAW,EAACC,MAAM,EAAE,SAAS,EAAElB,QAAQ,CAAC;IAExCf,MAAM,CAACkC,GAAG,GAAG7B,GAAG,CAACmB,eAAe,EAAE,GAAG,kCAAkC;IACvEb,SAAS,CAACwB,WAAW,CAACnC,MAAM,CAAC;IAE7Bc,OAAO,GAAGsB,UAAU,CAAC,YAAW;MAC9B3B,MAAM,CAAC,IAAIC,oBAAY,CAAC,0BAA0B,CAAC,CAAC;IACtD,CAAC,EAAEJ,OAAO,EAAEQ,OAAO,IAAI,KAAK,CAAC;EAC/B,CAAC,CAAC;EAEF,OAAOE,OAAO,CAACqB,OAAO,CAAC,YAAW;IAChCC,YAAY,CAACxB,OAAO,CAAC;IACrB,IAAAyB,oBAAc,EAACN,MAAM,EAAE,SAAS,EAAElB,QAAQ,CAAC;IAC3C,IAAIJ,SAAS,CAAC6B,QAAQ,CAACxC,MAAM,CAAC,EAAE;MAC9BA,MAAM,CAACyC,aAAa,EAAEC,WAAW,CAAC1C,MAAM,CAAC;IAC3C;EACF,CAAC,CAAC;AACJ;AAAC"}
|
|
@@ -20,7 +20,7 @@ var _features = require("../features");
|
|
|
20
20
|
class OktaUserAgent {
|
|
21
21
|
constructor() {
|
|
22
22
|
// add base sdk env
|
|
23
|
-
this.environments = [`okta-auth-js/${"7.
|
|
23
|
+
this.environments = [`okta-auth-js/${"7.8.1"}`];
|
|
24
24
|
this.maybeAddNodeEnvironment();
|
|
25
25
|
}
|
|
26
26
|
addEnvironment(env) {
|
|
@@ -32,7 +32,7 @@ class OktaUserAgent {
|
|
|
32
32
|
};
|
|
33
33
|
}
|
|
34
34
|
getVersion() {
|
|
35
|
-
return "7.
|
|
35
|
+
return "7.8.1";
|
|
36
36
|
}
|
|
37
37
|
maybeAddNodeEnvironment() {
|
|
38
38
|
if ((0, _features.isBrowser)() || !process || !process.versions) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"idxResponseParser.js","names":["SKIP_FIELDS","parseNonRemediations","authClient","idxResponse","toPersist","actions","context","Object","keys","filter","field","forEach","fieldIsObject","rel","name","generateIdxAction","value","fieldValue","type","info","entries","subField","expandRelatesTo","k","query","Array","isArray","result","jsonpath","path","json","AuthSdkError","innerValue","convertRemediationAction","remediation","remediationActions","generateRemediationFunctions","actionFn","action","parseIdxResponse","remediationData","relatesTo","authenticatorChallenge","remediations","map"],"sources":["../../../../../lib/idx/idxState/v1/idxResponseParser.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable max-len */\n\nimport { OktaAuthIdxInterface, IdxResponse, IdxRemediation, IdxContext } from '../../types'; // auth-js/types\nimport { IdxActions } from '../../types/idx-js';\nimport { generateRemediationFunctions } from './remediationParser';\nimport generateIdxAction from './generateIdxAction';\nimport { jsonpath } from '../../../util/jsonpath';\nimport { AuthSdkError } from '../../../errors';\n\nconst SKIP_FIELDS = {\n 'remediation': true, // remediations are put into proceed/neededToProceed\n 'context': true, // the API response of 'context' isn't externally useful. We ignore it and put all non-action (contextual) info into idxState.context\n};\n\nexport const parseNonRemediations = function parseNonRemediations( authClient: OktaAuthIdxInterface, idxResponse: IdxResponse, toPersist = {} ) {\n const actions = {};\n const context = {} as IdxContext;\n\n Object.keys(idxResponse)\n .filter( field => !SKIP_FIELDS[field])\n .forEach( field => {\n const fieldIsObject = typeof idxResponse[field] === 'object' && !!idxResponse[field];\n\n if ( !fieldIsObject ) {\n // simple fields are contextual info\n context[field] = idxResponse[field];\n return;\n }\n\n if ( idxResponse[field].rel ) {\n // top level actions\n actions[idxResponse[field].name] = generateIdxAction(authClient, idxResponse[field], toPersist);\n return;\n }\n\n const { value: fieldValue, type, ...info} = idxResponse[field];\n context[field] = { type, ...info}; // add the non-action parts as context\n\n if ( type !== 'object' ) {\n // only object values hold actions\n context[field].value = fieldValue;\n return;\n }\n\n // We are an object field containing an object value\n context[field].value = {};\n Object.entries<IdxRemediation>(fieldValue)\n .forEach( ([subField, value]) => {\n if (value.rel) { // is [field].value[subField] an action?\n // add any \"action\" value subfields to actions\n // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n // @ts-ignore\n actions[`${field}-${subField.name || subField}`] = generateIdxAction(authClient, value, toPersist);\n } else {\n // add non-action value subfields to context\n context[field].value[subField] = value;\n }\n });\n });\n\n return { context, actions };\n};\n\nconst expandRelatesTo = (idxResponse, value) => {\n Object.keys(value).forEach(k => {\n if (k === 'relatesTo') {\n const query = Array.isArray(value[k]) ? value[k][0] : value[k];\n if (typeof query === 'string') {\n const result = jsonpath({ path: query, json: idxResponse })
|
|
1
|
+
{"version":3,"file":"idxResponseParser.js","names":["SKIP_FIELDS","parseNonRemediations","authClient","idxResponse","toPersist","actions","context","Object","keys","filter","field","forEach","fieldIsObject","rel","name","generateIdxAction","value","fieldValue","type","info","entries","subField","expandRelatesTo","k","query","Array","isArray","result","jsonpath","path","json","AuthSdkError","innerValue","convertRemediationAction","remediation","remediationActions","generateRemediationFunctions","actionFn","action","parseIdxResponse","remediationData","relatesTo","authenticatorChallenge","remediations","map"],"sources":["../../../../../lib/idx/idxState/v1/idxResponseParser.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-Present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable max-len */\n\nimport { OktaAuthIdxInterface, IdxResponse, IdxRemediation, IdxContext } from '../../types'; // auth-js/types\nimport { IdxActions } from '../../types/idx-js';\nimport { generateRemediationFunctions } from './remediationParser';\nimport generateIdxAction from './generateIdxAction';\nimport { jsonpath } from '../../../util/jsonpath';\nimport { AuthSdkError } from '../../../errors';\n\nconst SKIP_FIELDS = {\n 'remediation': true, // remediations are put into proceed/neededToProceed\n 'context': true, // the API response of 'context' isn't externally useful. We ignore it and put all non-action (contextual) info into idxState.context\n};\n\nexport const parseNonRemediations = function parseNonRemediations( authClient: OktaAuthIdxInterface, idxResponse: IdxResponse, toPersist = {} ) {\n const actions = {};\n const context = {} as IdxContext;\n\n Object.keys(idxResponse)\n .filter( field => !SKIP_FIELDS[field])\n .forEach( field => {\n const fieldIsObject = typeof idxResponse[field] === 'object' && !!idxResponse[field];\n\n if ( !fieldIsObject ) {\n // simple fields are contextual info\n context[field] = idxResponse[field];\n return;\n }\n\n if ( idxResponse[field].rel ) {\n // top level actions\n actions[idxResponse[field].name] = generateIdxAction(authClient, idxResponse[field], toPersist);\n return;\n }\n\n const { value: fieldValue, type, ...info} = idxResponse[field];\n context[field] = { type, ...info}; // add the non-action parts as context\n\n if ( type !== 'object' ) {\n // only object values hold actions\n context[field].value = fieldValue;\n return;\n }\n\n // We are an object field containing an object value\n context[field].value = {};\n Object.entries<IdxRemediation>(fieldValue)\n .forEach( ([subField, value]) => {\n if (value.rel) { // is [field].value[subField] an action?\n // add any \"action\" value subfields to actions\n // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n // @ts-ignore\n actions[`${field}-${subField.name || subField}`] = generateIdxAction(authClient, value, toPersist);\n } else {\n // add non-action value subfields to context\n context[field].value[subField] = value;\n }\n });\n });\n\n return { context, actions };\n};\n\nconst expandRelatesTo = (idxResponse, value) => {\n Object.keys(value).forEach(k => {\n if (k === 'relatesTo') {\n const query = Array.isArray(value[k]) ? value[k][0] : value[k];\n if (typeof query === 'string') {\n const result = jsonpath({ path: query, json: idxResponse });\n if (result) {\n value[k] = result;\n return;\n } else {\n throw new AuthSdkError(`Cannot resolve relatesTo: ${query}`);\n }\n }\n }\n if (Array.isArray(value[k])) {\n value[k].forEach(innerValue => expandRelatesTo(idxResponse, innerValue));\n }\n });\n};\n\nconst convertRemediationAction = (authClient: OktaAuthIdxInterface, remediation, toPersist) => {\n // Only remediation that has `rel` field (indicator for form submission) can have http action\n if (remediation.rel) {\n const remediationActions = generateRemediationFunctions( authClient, [remediation], toPersist );\n const actionFn = remediationActions[remediation.name];\n return {\n ...remediation,\n action: actionFn,\n };\n }\n\n return remediation;\n};\n\nexport const parseIdxResponse = function parseIdxResponse( authClient: OktaAuthIdxInterface, idxResponse, toPersist = {} ): {\n remediations: IdxRemediation[];\n context: IdxContext;\n actions: IdxActions;\n} {\n const remediationData = idxResponse.remediation?.value || [];\n\n remediationData.forEach(\n remediation => {\n // TODO: remove once IDX is fixed - OKTA-659181\n if (remediation.name === 'launch-authenticator' &&\n remediation?.relatesTo?.[0] === 'authenticatorChallenge' &&\n !idxResponse?.authenticatorChallenge\n ) {\n delete remediation.relatesTo;\n return;\n }\n\n return expandRelatesTo(idxResponse, remediation);\n }\n );\n\n const remediations = remediationData.map(remediation => convertRemediationAction( authClient, remediation, toPersist ));\n\n const { context, actions } = parseNonRemediations( authClient, idxResponse, toPersist );\n\n return {\n remediations,\n context,\n actions,\n };\n};\n"],"mappings":";;;;AAgBA;AACA;AACA;AACA;AAnBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;;AAEgG;;AAOhG,MAAMA,WAAW,GAAG;EAClB,aAAa,EAAE,IAAI;EAAE;EACrB,SAAS,EAAE,IAAI,CAAE;AACnB,CAAC;;AAEM,MAAMC,oBAAoB,GAAG,SAASA,oBAAoB,CAAEC,UAAgC,EAAEC,WAAwB,EAAEC,SAAS,GAAG,CAAC,CAAC,EAAG;EAC9I,MAAMC,OAAO,GAAG,CAAC,CAAC;EAClB,MAAMC,OAAO,GAAG,CAAC,CAAe;EAEhCC,MAAM,CAACC,IAAI,CAACL,WAAW,CAAC,CACrBM,MAAM,CAAEC,KAAK,IAAI,CAACV,WAAW,CAACU,KAAK,CAAC,CAAC,CACrCC,OAAO,CAAED,KAAK,IAAI;IACjB,MAAME,aAAa,GAAG,OAAOT,WAAW,CAACO,KAAK,CAAC,KAAK,QAAQ,IAAI,CAAC,CAACP,WAAW,CAACO,KAAK,CAAC;IAEpF,IAAK,CAACE,aAAa,EAAG;MACpB;MACAN,OAAO,CAACI,KAAK,CAAC,GAAGP,WAAW,CAACO,KAAK,CAAC;MACnC;IACF;IAEA,IAAKP,WAAW,CAACO,KAAK,CAAC,CAACG,GAAG,EAAG;MAC5B;MACAR,OAAO,CAACF,WAAW,CAACO,KAAK,CAAC,CAACI,IAAI,CAAC,GAAG,IAAAC,0BAAiB,EAACb,UAAU,EAAEC,WAAW,CAACO,KAAK,CAAC,EAAEN,SAAS,CAAC;MAC/F;IACF;IAEA,MAAM;MAAEY,KAAK,EAAEC,UAAU;MAAEC,IAAI;MAAE,GAAGC;IAAI,CAAC,GAAGhB,WAAW,CAACO,KAAK,CAAC;IAC9DJ,OAAO,CAACI,KAAK,CAAC,GAAG;MAAEQ,IAAI;MAAE,GAAGC;IAAI,CAAC,CAAC,CAAC;;IAEnC,IAAKD,IAAI,KAAK,QAAQ,EAAG;MACvB;MACAZ,OAAO,CAACI,KAAK,CAAC,CAACM,KAAK,GAAGC,UAAU;MACjC;IACF;;IAEA;IACAX,OAAO,CAACI,KAAK,CAAC,CAACM,KAAK,GAAG,CAAC,CAAC;IACzBT,MAAM,CAACa,OAAO,CAAiBH,UAAU,CAAC,CACvCN,OAAO,CAAE,CAAC,CAACU,QAAQ,EAAEL,KAAK,CAAC,KAAK;MAC/B,IAAIA,KAAK,CAACH,GAAG,EAAE;QAAE;QACf;QACA;QACA;QACAR,OAAO,CAAE,GAAEK,KAAM,IAAGW,QAAQ,CAACP,IAAI,IAAIO,QAAS,EAAC,CAAC,GAAG,IAAAN,0BAAiB,EAACb,UAAU,EAAEc,KAAK,EAAEZ,SAAS,CAAC;MACpG,CAAC,MAAM;QACL;QACAE,OAAO,CAACI,KAAK,CAAC,CAACM,KAAK,CAACK,QAAQ,CAAC,GAAGL,KAAK;MACxC;IACF,CAAC,CAAC;EACN,CAAC,CAAC;EAEJ,OAAO;IAAEV,OAAO;IAAED;EAAQ,CAAC;AAC7B,CAAC;AAAC;AAEF,MAAMiB,eAAe,GAAG,CAACnB,WAAW,EAAEa,KAAK,KAAK;EAC9CT,MAAM,CAACC,IAAI,CAACQ,KAAK,CAAC,CAACL,OAAO,CAACY,CAAC,IAAI;IAC9B,IAAIA,CAAC,KAAK,WAAW,EAAE;MACrB,MAAMC,KAAK,GAAGC,KAAK,CAACC,OAAO,CAACV,KAAK,CAACO,CAAC,CAAC,CAAC,GAAGP,KAAK,CAACO,CAAC,CAAC,CAAC,CAAC,CAAC,GAAGP,KAAK,CAACO,CAAC,CAAC;MAC9D,IAAI,OAAOC,KAAK,KAAK,QAAQ,EAAE;QAC7B,MAAMG,MAAM,GAAG,IAAAC,kBAAQ,EAAC;UAAEC,IAAI,EAAEL,KAAK;UAAEM,IAAI,EAAE3B;QAAY,CAAC,CAAC;QAC3D,IAAIwB,MAAM,EAAE;UACVX,KAAK,CAACO,CAAC,CAAC,GAAGI,MAAM;UACjB;QACF,CAAC,MAAM;UACL,MAAM,IAAII,oBAAY,CAAE,6BAA4BP,KAAM,EAAC,CAAC;QAC9D;MACF;IACF;IACA,IAAIC,KAAK,CAACC,OAAO,CAACV,KAAK,CAACO,CAAC,CAAC,CAAC,EAAE;MAC3BP,KAAK,CAACO,CAAC,CAAC,CAACZ,OAAO,CAACqB,UAAU,IAAIV,eAAe,CAACnB,WAAW,EAAE6B,UAAU,CAAC,CAAC;IAC1E;EACF,CAAC,CAAC;AACJ,CAAC;AAED,MAAMC,wBAAwB,GAAG,CAAC/B,UAAgC,EAAEgC,WAAW,EAAE9B,SAAS,KAAK;EAC7F;EACA,IAAI8B,WAAW,CAACrB,GAAG,EAAE;IACnB,MAAMsB,kBAAkB,GAAG,IAAAC,+CAA4B,EAAElC,UAAU,EAAE,CAACgC,WAAW,CAAC,EAAE9B,SAAS,CAAE;IAC/F,MAAMiC,QAAQ,GAAGF,kBAAkB,CAACD,WAAW,CAACpB,IAAI,CAAC;IACrD,OAAO;MACL,GAAGoB,WAAW;MACdI,MAAM,EAAED;IACV,CAAC;EACH;EAEA,OAAOH,WAAW;AACpB,CAAC;AAEM,MAAMK,gBAAgB,GAAG,SAASA,gBAAgB,CAAErC,UAAgC,EAAEC,WAAW,EAAEC,SAAS,GAAG,CAAC,CAAC,EAItH;EACA,MAAMoC,eAAe,GAAGrC,WAAW,CAAC+B,WAAW,EAAElB,KAAK,IAAI,EAAE;EAE5DwB,eAAe,CAAC7B,OAAO,CACrBuB,WAAW,IAAI;IACb;IACA,IAAIA,WAAW,CAACpB,IAAI,KAAK,sBAAsB,IAC7CoB,WAAW,EAAEO,SAAS,GAAG,CAAC,CAAC,KAAK,wBAAwB,IACxD,CAACtC,WAAW,EAAEuC,sBAAsB,EACpC;MACA,OAAOR,WAAW,CAACO,SAAS;MAC5B;IACF;IAEA,OAAOnB,eAAe,CAACnB,WAAW,EAAE+B,WAAW,CAAC;EAClD,CAAC,CACF;EAED,MAAMS,YAAY,GAAGH,eAAe,CAACI,GAAG,CAACV,WAAW,IAAID,wBAAwB,CAAE/B,UAAU,EAAEgC,WAAW,EAAE9B,SAAS,CAAE,CAAC;EAEvH,MAAM;IAAEE,OAAO;IAAED;EAAQ,CAAC,GAAGJ,oBAAoB,CAAEC,UAAU,EAAEC,WAAW,EAAEC,SAAS,CAAE;EAEvF,OAAO;IACLuC,YAAY;IACZrC,OAAO;IACPD;EACF,CAAC;AACH,CAAC;AAAC"}
|
package/cjs/idx/mixin.js
CHANGED
|
@@ -4,6 +4,7 @@ var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefau
|
|
|
4
4
|
exports.mixinIdx = mixinIdx;
|
|
5
5
|
var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/defineProperty"));
|
|
6
6
|
var _api = require("./factory/api");
|
|
7
|
+
var _fingerprint = _interopRequireDefault(require("../browser/fingerprint"));
|
|
7
8
|
var webauthn = _interopRequireWildcard(require("./webauthn"));
|
|
8
9
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
9
10
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
@@ -13,6 +14,7 @@ function mixinIdx(Base) {
|
|
|
13
14
|
constructor(...args) {
|
|
14
15
|
super(...args);
|
|
15
16
|
this.idx = (0, _api.createIdxAPI)(this);
|
|
17
|
+
this.fingerprint = _fingerprint.default.bind(null, this);
|
|
16
18
|
}
|
|
17
19
|
}, (0, _defineProperty2.default)(_class, "webauthn", webauthn), _class;
|
|
18
20
|
}
|
package/cjs/idx/mixin.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mixin.js","names":["mixinIdx","Base","OktaAuthIdx","constructor","args","idx","createIdxAPI","webauthn"],"sources":["../../../lib/idx/mixin.ts"],"sourcesContent":["import { OktaAuthConstructor } from '../base/types';\nimport { OktaAuthOAuthInterface } from '../oidc/types';\nimport {\n IdxAPI, \n IdxTransactionManagerInterface, \n OktaAuthIdxInterface, \n OktaAuthIdxConstructor, \n OktaAuthIdxOptions, \n WebauthnAPI\n} from './types';\nimport { IdxTransactionMeta } from './types/meta';\nimport { IdxStorageManagerInterface } from './types/storage';\nimport { createIdxAPI } from './factory/api';\nimport * as webauthn from './webauthn';\n\nexport function mixinIdx\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n = OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n>\n(Base: TBase): TBase & OktaAuthIdxConstructor<OktaAuthIdxInterface<M, S, O, TM>>\n{\n return class OktaAuthIdx extends Base implements OktaAuthIdxInterface<M, S, O, TM>\n {\n idx: IdxAPI;\n static webauthn: WebauthnAPI = webauthn;\n \n constructor(...args: any[]) {\n super(...args);\n this.idx = createIdxAPI(this);\n }\n };\n}\n"],"mappings":";;;;;AAYA;AACA;AAAuC;AAAA;AAEhC,SAASA,QAAQ,CASvBC,IAAW,EACZ;EAAA;EACE,gBAAO,MAAMC,WAAW,SAASD,IAAI,CACrC;
|
|
1
|
+
{"version":3,"file":"mixin.js","names":["mixinIdx","Base","OktaAuthIdx","constructor","args","idx","createIdxAPI","fingerprint","bind","webauthn"],"sources":["../../../lib/idx/mixin.ts"],"sourcesContent":["import { FingerprintAPI, OktaAuthConstructor } from '../base/types';\nimport { OktaAuthOAuthInterface } from '../oidc/types';\nimport {\n IdxAPI, \n IdxTransactionManagerInterface, \n OktaAuthIdxInterface, \n OktaAuthIdxConstructor, \n OktaAuthIdxOptions, \n WebauthnAPI\n} from './types';\nimport { IdxTransactionMeta } from './types/meta';\nimport { IdxStorageManagerInterface } from './types/storage';\nimport { createIdxAPI } from './factory/api';\nimport fingerprint from '../browser/fingerprint';\nimport * as webauthn from './webauthn';\n\nexport function mixinIdx\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n = OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n>\n(Base: TBase): TBase & OktaAuthIdxConstructor<OktaAuthIdxInterface<M, S, O, TM>>\n{\n return class OktaAuthIdx extends Base implements OktaAuthIdxInterface<M, S, O, TM>\n {\n idx: IdxAPI;\n fingerprint: FingerprintAPI;\n static webauthn: WebauthnAPI = webauthn;\n \n constructor(...args: any[]) {\n super(...args);\n this.idx = createIdxAPI(this);\n this.fingerprint = fingerprint.bind(null, this);\n }\n };\n}\n"],"mappings":";;;;;AAYA;AACA;AACA;AAAuC;AAAA;AAEhC,SAASA,QAAQ,CASvBC,IAAW,EACZ;EAAA;EACE,gBAAO,MAAMC,WAAW,SAASD,IAAI,CACrC;IAKEE,WAAW,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAGA,IAAI,CAAC;MACd,IAAI,CAACC,GAAG,GAAG,IAAAC,iBAAY,EAAC,IAAI,CAAC;MAC7B,IAAI,CAACC,WAAW,GAAGA,oBAAW,CAACC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;IACjD;EACF,CAAC,oDAPgCC,QAAQ;AAQ3C"}
|
package/cjs/idx/mixinMinimal.js
CHANGED
|
@@ -4,6 +4,7 @@ var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefau
|
|
|
4
4
|
exports.mixinMinimalIdx = mixinMinimalIdx;
|
|
5
5
|
var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/defineProperty"));
|
|
6
6
|
var _minimalApi = require("../idx/factory/minimalApi");
|
|
7
|
+
var _fingerprint = _interopRequireDefault(require("../browser/fingerprint"));
|
|
7
8
|
var webauthn = _interopRequireWildcard(require("./webauthn"));
|
|
8
9
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
9
10
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
@@ -13,6 +14,7 @@ function mixinMinimalIdx(Base) {
|
|
|
13
14
|
constructor(...args) {
|
|
14
15
|
super(...args);
|
|
15
16
|
this.idx = (0, _minimalApi.createMinimalIdxAPI)(this);
|
|
17
|
+
this.fingerprint = _fingerprint.default.bind(null, this);
|
|
16
18
|
}
|
|
17
19
|
}, (0, _defineProperty2.default)(_class, "webauthn", webauthn), _class;
|
|
18
20
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mixinMinimal.js","names":["mixinMinimalIdx","Base","OktaAuthIdx","constructor","args","idx","createMinimalIdxAPI","webauthn"],"sources":["../../../lib/idx/mixinMinimal.ts"],"sourcesContent":["import { OktaAuthConstructor } from '../base/types';\nimport { MinimalOktaOAuthInterface } from '../oidc/types';\nimport {\n IdxTransactionManagerInterface,\n OktaAuthIdxConstructor,\n OktaAuthIdxOptions,\n MinimalIdxAPI,\n WebauthnAPI,\n MinimalOktaAuthIdxInterface\n} from './types';\nimport { IdxTransactionMeta } from './types/meta';\nimport { IdxStorageManagerInterface } from './types/storage';\nimport { createMinimalIdxAPI } from '../idx/factory/minimalApi';\nimport * as webauthn from './webauthn';\n\nexport function mixinMinimalIdx\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface,\n TBase extends OktaAuthConstructor<MinimalOktaOAuthInterface<M, S, O, TM>>\n = OktaAuthConstructor<MinimalOktaOAuthInterface<M, S, O, TM>>\n>\n(\n Base: TBase\n): TBase & OktaAuthIdxConstructor<MinimalOktaAuthIdxInterface<M, S, O, TM>>\n{\n return class OktaAuthIdx extends Base implements MinimalOktaAuthIdxInterface<M, S, O, TM>\n {\n idx: MinimalIdxAPI;\n static webauthn: WebauthnAPI = webauthn;\n \n constructor(...args: any[]) {\n super(...args);\n this.idx = createMinimalIdxAPI(this);\n }\n };\n}\n"],"mappings":";;;;;AAYA;AACA;AAAuC;AAAA;AAEhC,SAASA,eAAe,CAU7BC,IAAW,EAEb;EAAA;EACE,gBAAO,MAAMC,WAAW,SAASD,IAAI,CACrC;
|
|
1
|
+
{"version":3,"file":"mixinMinimal.js","names":["mixinMinimalIdx","Base","OktaAuthIdx","constructor","args","idx","createMinimalIdxAPI","fingerprint","bind","webauthn"],"sources":["../../../lib/idx/mixinMinimal.ts"],"sourcesContent":["import { FingerprintAPI, OktaAuthConstructor } from '../base/types';\nimport { MinimalOktaOAuthInterface } from '../oidc/types';\nimport {\n IdxTransactionManagerInterface,\n OktaAuthIdxConstructor,\n OktaAuthIdxOptions,\n MinimalIdxAPI,\n WebauthnAPI,\n MinimalOktaAuthIdxInterface\n} from './types';\nimport { IdxTransactionMeta } from './types/meta';\nimport { IdxStorageManagerInterface } from './types/storage';\nimport { createMinimalIdxAPI } from '../idx/factory/minimalApi';\nimport fingerprint from '../browser/fingerprint';\nimport * as webauthn from './webauthn';\n\nexport function mixinMinimalIdx\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface,\n TBase extends OktaAuthConstructor<MinimalOktaOAuthInterface<M, S, O, TM>>\n = OktaAuthConstructor<MinimalOktaOAuthInterface<M, S, O, TM>>\n>\n(\n Base: TBase\n): TBase & OktaAuthIdxConstructor<MinimalOktaAuthIdxInterface<M, S, O, TM>>\n{\n return class OktaAuthIdx extends Base implements MinimalOktaAuthIdxInterface<M, S, O, TM>\n {\n idx: MinimalIdxAPI;\n fingerprint: FingerprintAPI;\n static webauthn: WebauthnAPI = webauthn;\n \n constructor(...args: any[]) {\n super(...args);\n this.idx = createMinimalIdxAPI(this);\n this.fingerprint = fingerprint.bind(null, this);\n }\n };\n}\n"],"mappings":";;;;;AAYA;AACA;AACA;AAAuC;AAAA;AAEhC,SAASA,eAAe,CAU7BC,IAAW,EAEb;EAAA;EACE,gBAAO,MAAMC,WAAW,SAASD,IAAI,CACrC;IAKEE,WAAW,CAAC,GAAGC,IAAW,EAAE;MAC1B,KAAK,CAAC,GAAGA,IAAI,CAAC;MACd,IAAI,CAACC,GAAG,GAAG,IAAAC,+BAAmB,EAAC,IAAI,CAAC;MACpC,IAAI,CAACC,WAAW,GAAGA,oBAAW,CAACC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC;IACjD;EACF,CAAC,oDAPgCC,QAAQ;AAQ3C"}
|
package/cjs/idx/types/api.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"api.js","names":["IdxStatus","AuthenticatorKey","IdxFeature","isAuthenticator","obj","key","id"],"sources":["../../../../lib/idx/types/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { APIError } from '../../errors/types';\nimport {\n OktaAuthOAuthInterface,\n MinimalOktaOAuthInterface,\n Tokens,\n TransactionManagerConstructor,\n TransactionManagerInterface\n} from '../../oidc/types';\nimport { FlowIdentifier } from './FlowIdentifier';\nimport {\n IdxActions,\n IdxAuthenticator,\n IdxContext,\n IdxForm,\n IdxMessage,\n IdxOption,\n IdxRemediation,\n IdxResponse,\n RawIdxResponse,\n IdxActionParams,\n IdpConfig,\n IdxToPersist,\n ChallengeData,\n ActivationData,\n} from './idx-js';\nimport {\n AccountUnlockOptions,\n AuthenticationOptions,\n CancelOptions,\n InteractOptions,\n IntrospectOptions,\n OktaAuthIdxOptions,\n PasswordRecoveryOptions,\n ProceedOptions,\n RegistrationOptions,\n StartOptions,\n IdxTransactionMetaOptions\n} from './options';\nimport { IdxTransactionMeta } from './meta';\nimport { IdxStorageManagerInterface, SavedIdxResponse } from './storage';\nimport type {\n WebauthnEnrollValues,\n WebauthnVerificationValues\n} from '../authenticator';\nimport { OktaAuthConstructor } from '../../base/types';\n\nexport enum IdxStatus {\n SUCCESS = 'SUCCESS',\n PENDING = 'PENDING',\n FAILURE = 'FAILURE',\n TERMINAL = 'TERMINAL',\n CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n OKTA_PASSWORD = 'okta_password',\n OKTA_EMAIL = 'okta_email',\n PHONE_NUMBER = 'phone_number',\n GOOGLE_AUTHENTICATOR = 'google_otp',\n SECURITY_QUESTION = 'security_question',\n OKTA_VERIFY = 'okta_verify',\n WEBAUTHN = 'webauthn',\n}\n\nexport type Input = {\n name: string;\n key?: string;\n type?: string;\n label?: string;\n value?: string | {form: IdxForm} | Input[];\n minLength?: number;\n maxLength?: number;\n secret?: boolean;\n required?: boolean;\n options?: IdxOption[];\n mutable?: boolean;\n visible?: boolean;\n customLabel?: boolean\n}\n\n\nexport interface IdxPollOptions {\n required?: boolean;\n refresh?: number;\n}\n\nexport type NextStep = {\n name: string;\n authenticator?: IdxAuthenticator;\n canSkip?: boolean;\n canResend?: boolean;\n inputs?: Input[];\n poll?: IdxPollOptions;\n authenticatorEnrollments?: IdxAuthenticator[];\n // eslint-disable-next-line no-use-before-define\n action?: (params?: IdxActionParams) => Promise<IdxTransaction>;\n idp?: IdpConfig;\n href?: string;\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n refresh?: number;\n}\n\nexport enum IdxFeature {\n PASSWORD_RECOVERY = 'recover-password',\n REGISTRATION = 'enroll-profile',\n SOCIAL_IDP = 'redirect-idp',\n ACCOUNT_UNLOCK = 'unlock-account',\n}\n\n\nexport interface IdxTransaction {\n status: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError | IdxResponse;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n requestDidSucceed?: boolean;\n stepUp?: boolean;\n \n // from idx-js, used by signin widget\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n context: IdxContext;\n}\n\n\nexport type Authenticator = {\n id?: string;\n key?: string;\n methodType?: string;\n phoneNumber?: string;\n channel?: string;\n};\n\nexport function isAuthenticator(obj: any): obj is Authenticator {\n return obj && (obj.key || obj.id);\n}\n\nexport interface RemediationResponse {\n idxResponse: IdxResponse;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n terminal?: boolean;\n canceled?: boolean;\n}\n\nexport interface InteractResponse {\n state?: string;\n interactionHandle: string;\n meta: IdxTransactionMeta;\n}\n\nexport interface EmailVerifyCallbackResponse {\n state: string;\n otp: string;\n}\n\nexport interface MinimalIdxAPI {\n // lowest level api\n makeIdxResponse: (rawIdxResponse: RawIdxResponse, toPersist: IdxToPersist, requestDidSucceed: boolean) => IdxResponse;\n\n // flow control\n start: (options?: StartOptions) => Promise<IdxTransaction>;\n canProceed(options?: ProceedOptions): boolean;\n proceed: (options?: ProceedOptions) => Promise<IdxTransaction>;\n\n // call `start` instead of `startTransaction`. `startTransaction` will be removed in next major version (7.0)\n startTransaction: (options?: StartOptions) => Promise<IdxTransaction>;\n\n // transaction meta\n getSavedTransactionMeta: (options?: IdxTransactionMetaOptions) => IdxTransactionMeta | undefined;\n createTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n getTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n saveTransactionMeta: (meta: unknown) => void;\n clearTransactionMeta: () => void;\n isTransactionMetaValid: (meta: unknown) => boolean;\n}\n\nexport interface IdxAPI {\n // lowest level api\n interact: (options?: InteractOptions) => Promise<InteractResponse>;\n introspect: (options?: IntrospectOptions) => Promise<IdxResponse>;\n makeIdxResponse: (rawIdxResponse: RawIdxResponse, toPersist: IdxToPersist, requestDidSucceed: boolean) => IdxResponse;\n\n // flow entrypoints\n authenticate: (options?: AuthenticationOptions) => Promise<IdxTransaction>;\n register: (options?: RegistrationOptions) => Promise<IdxTransaction>;\n recoverPassword: (options?: PasswordRecoveryOptions) => Promise<IdxTransaction>;\n unlockAccount: (options?: AccountUnlockOptions) => Promise<IdxTransaction>;\n poll: (options?: IdxPollOptions) => Promise<IdxTransaction>;\n\n // flow control\n start: (options?: StartOptions) => Promise<IdxTransaction>;\n canProceed(options?: ProceedOptions): boolean;\n proceed: (options?: ProceedOptions) => Promise<IdxTransaction>;\n cancel: (options?: CancelOptions) => Promise<IdxTransaction>;\n getFlow(): FlowIdentifier | undefined;\n setFlow(flow: FlowIdentifier): void;\n\n // call `start` instead of `startTransaction`. `startTransaction` will be removed in next major version (7.0)\n startTransaction: (options?: StartOptions) => Promise<IdxTransaction>;\n\n // redirect callbacks\n isInteractionRequired: (hashOrSearch?: string) => boolean;\n isInteractionRequiredError: (error: Error) => boolean; \n handleInteractionCodeRedirect: (url: string) => Promise<void>;\n isEmailVerifyCallback: (search: string) => boolean;\n parseEmailVerifyCallback: (search: string) => EmailVerifyCallbackResponse;\n handleEmailVerifyCallback: (search: string) => Promise<IdxTransaction | undefined>;\n isEmailVerifyCallbackError: (error: Error) => boolean;\n\n // transaction meta\n getSavedTransactionMeta: (options?: IdxTransactionMetaOptions) => IdxTransactionMeta | undefined;\n createTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n getTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n saveTransactionMeta: (meta: unknown) => void;\n clearTransactionMeta: () => void;\n isTransactionMetaValid: (meta: unknown) => boolean;\n}\n\nexport interface IdxTransactionManagerInterface extends TransactionManagerInterface {\n saveIdxResponse(data: SavedIdxResponse): void;\n loadIdxResponse(options?: IntrospectOptions): SavedIdxResponse | null;\n clearIdxResponse(): void;\n}\n\nexport type IdxTransactionManagerConstructor = TransactionManagerConstructor<IdxTransactionManagerInterface>;\n\nexport interface WebauthnAPI {\n getAssertion(credential: PublicKeyCredential): WebauthnVerificationValues;\n getAttestation(credential: PublicKeyCredential): WebauthnEnrollValues;\n buildCredentialRequestOptions(\n challengeData: ChallengeData, authenticatorEnrollments: IdxAuthenticator[]\n ): CredentialRequestOptions;\n buildCredentialCreationOptions(\n activationData: ActivationData, authenticatorEnrollments: IdxAuthenticator[]\n ): CredentialCreationOptions;\n}\n\nexport interface OktaAuthIdxInterface\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface\n>\n extends OktaAuthOAuthInterface<M, S, O, TM>\n{\n idx: IdxAPI;\n}\n\nexport interface MinimalOktaAuthIdxInterface\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface\n>\n extends MinimalOktaOAuthInterface<M, S, O, TM>\n{\n idx: MinimalIdxAPI;\n}\n\nexport interface OktaAuthIdxConstructor\n<\n I extends MinimalOktaAuthIdxInterface = OktaAuthIdxInterface\n>\n extends OktaAuthConstructor<I>\n{\n new(...args: any[]): I;\n webauthn: WebauthnAPI;\n}\n"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,GAVA,IA0DYA,SAAS;AAAA;AAAA,WAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;AAAA,GAATA,SAAS,yBAATA,SAAS;AAAA,IAQTC,gBAAgB;AAAA;AAAA,WAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;AAAA,GAAhBA,gBAAgB,gCAAhBA,gBAAgB;AAAA,IAmDhBC,UAAU;AAAA;AAAA,WAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;AAAA,GAAVA,UAAU,0BAAVA,UAAU;AAsCf,SAASC,eAAe,CAACC,GAAQ,EAAwB;EAC9D,OAAOA,GAAG,KAAKA,GAAG,CAACC,GAAG,IAAID,GAAG,CAACE,EAAE,CAAC;AACnC"}
|
|
1
|
+
{"version":3,"file":"api.js","names":["IdxStatus","AuthenticatorKey","IdxFeature","isAuthenticator","obj","key","id"],"sources":["../../../../lib/idx/types/api.ts"],"sourcesContent":["/*!\n * Copyright (c) 2021-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { APIError } from '../../errors/types';\nimport {\n OktaAuthOAuthInterface,\n MinimalOktaOAuthInterface,\n Tokens,\n TransactionManagerConstructor,\n TransactionManagerInterface\n} from '../../oidc/types';\nimport { FlowIdentifier } from './FlowIdentifier';\nimport {\n IdxActions,\n IdxAuthenticator,\n IdxContext,\n IdxForm,\n IdxMessage,\n IdxOption,\n IdxRemediation,\n IdxResponse,\n RawIdxResponse,\n IdxActionParams,\n IdpConfig,\n IdxToPersist,\n ChallengeData,\n ActivationData,\n} from './idx-js';\nimport {\n AccountUnlockOptions,\n AuthenticationOptions,\n CancelOptions,\n InteractOptions,\n IntrospectOptions,\n OktaAuthIdxOptions,\n PasswordRecoveryOptions,\n ProceedOptions,\n RegistrationOptions,\n StartOptions,\n IdxTransactionMetaOptions\n} from './options';\nimport { IdxTransactionMeta } from './meta';\nimport { IdxStorageManagerInterface, SavedIdxResponse } from './storage';\nimport type {\n WebauthnEnrollValues,\n WebauthnVerificationValues\n} from '../authenticator';\nimport { OktaAuthConstructor, FingerprintAPI } from '../../base/types';\n\nexport enum IdxStatus {\n SUCCESS = 'SUCCESS',\n PENDING = 'PENDING',\n FAILURE = 'FAILURE',\n TERMINAL = 'TERMINAL',\n CANCELED = 'CANCELED',\n}\n\nexport enum AuthenticatorKey {\n OKTA_PASSWORD = 'okta_password',\n OKTA_EMAIL = 'okta_email',\n PHONE_NUMBER = 'phone_number',\n GOOGLE_AUTHENTICATOR = 'google_otp',\n SECURITY_QUESTION = 'security_question',\n OKTA_VERIFY = 'okta_verify',\n WEBAUTHN = 'webauthn',\n}\n\nexport type Input = {\n name: string;\n key?: string;\n type?: string;\n label?: string;\n value?: string | {form: IdxForm} | Input[];\n minLength?: number;\n maxLength?: number;\n secret?: boolean;\n required?: boolean;\n options?: IdxOption[];\n mutable?: boolean;\n visible?: boolean;\n customLabel?: boolean\n}\n\n\nexport interface IdxPollOptions {\n required?: boolean;\n refresh?: number;\n}\n\nexport type NextStep = {\n name: string;\n authenticator?: IdxAuthenticator;\n canSkip?: boolean;\n canResend?: boolean;\n inputs?: Input[];\n poll?: IdxPollOptions;\n authenticatorEnrollments?: IdxAuthenticator[];\n // eslint-disable-next-line no-use-before-define\n action?: (params?: IdxActionParams) => Promise<IdxTransaction>;\n idp?: IdpConfig;\n href?: string;\n relatesTo?: {\n type?: string;\n value: IdxAuthenticator;\n };\n refresh?: number;\n}\n\nexport enum IdxFeature {\n PASSWORD_RECOVERY = 'recover-password',\n REGISTRATION = 'enroll-profile',\n SOCIAL_IDP = 'redirect-idp',\n ACCOUNT_UNLOCK = 'unlock-account',\n}\n\n\nexport interface IdxTransaction {\n status: IdxStatus;\n tokens?: Tokens;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n error?: APIError | IdxResponse;\n meta?: IdxTransactionMeta;\n enabledFeatures?: IdxFeature[];\n availableSteps?: NextStep[];\n requestDidSucceed?: boolean;\n stepUp?: boolean;\n \n // from idx-js, used by signin widget\n proceed: (remediationName: string, params: unknown) => Promise<IdxResponse>;\n neededToProceed: IdxRemediation[];\n rawIdxState: RawIdxResponse;\n interactionCode?: string;\n actions: IdxActions;\n context: IdxContext;\n}\n\n\nexport type Authenticator = {\n id?: string;\n key?: string;\n methodType?: string;\n phoneNumber?: string;\n channel?: string;\n};\n\nexport function isAuthenticator(obj: any): obj is Authenticator {\n return obj && (obj.key || obj.id);\n}\n\nexport interface RemediationResponse {\n idxResponse: IdxResponse;\n nextStep?: NextStep;\n messages?: IdxMessage[];\n terminal?: boolean;\n canceled?: boolean;\n}\n\nexport interface InteractResponse {\n state?: string;\n interactionHandle: string;\n meta: IdxTransactionMeta;\n}\n\nexport interface EmailVerifyCallbackResponse {\n state: string;\n otp: string;\n}\n\nexport interface MinimalIdxAPI {\n // lowest level api\n makeIdxResponse: (rawIdxResponse: RawIdxResponse, toPersist: IdxToPersist, requestDidSucceed: boolean) => IdxResponse;\n\n // flow control\n start: (options?: StartOptions) => Promise<IdxTransaction>;\n canProceed(options?: ProceedOptions): boolean;\n proceed: (options?: ProceedOptions) => Promise<IdxTransaction>;\n\n // call `start` instead of `startTransaction`. `startTransaction` will be removed in next major version (7.0)\n startTransaction: (options?: StartOptions) => Promise<IdxTransaction>;\n\n // transaction meta\n getSavedTransactionMeta: (options?: IdxTransactionMetaOptions) => IdxTransactionMeta | undefined;\n createTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n getTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n saveTransactionMeta: (meta: unknown) => void;\n clearTransactionMeta: () => void;\n isTransactionMetaValid: (meta: unknown) => boolean;\n}\n\nexport interface IdxAPI {\n // lowest level api\n interact: (options?: InteractOptions) => Promise<InteractResponse>;\n introspect: (options?: IntrospectOptions) => Promise<IdxResponse>;\n makeIdxResponse: (rawIdxResponse: RawIdxResponse, toPersist: IdxToPersist, requestDidSucceed: boolean) => IdxResponse;\n\n // flow entrypoints\n authenticate: (options?: AuthenticationOptions) => Promise<IdxTransaction>;\n register: (options?: RegistrationOptions) => Promise<IdxTransaction>;\n recoverPassword: (options?: PasswordRecoveryOptions) => Promise<IdxTransaction>;\n unlockAccount: (options?: AccountUnlockOptions) => Promise<IdxTransaction>;\n poll: (options?: IdxPollOptions) => Promise<IdxTransaction>;\n\n // flow control\n start: (options?: StartOptions) => Promise<IdxTransaction>;\n canProceed(options?: ProceedOptions): boolean;\n proceed: (options?: ProceedOptions) => Promise<IdxTransaction>;\n cancel: (options?: CancelOptions) => Promise<IdxTransaction>;\n getFlow(): FlowIdentifier | undefined;\n setFlow(flow: FlowIdentifier): void;\n\n // call `start` instead of `startTransaction`. `startTransaction` will be removed in next major version (7.0)\n startTransaction: (options?: StartOptions) => Promise<IdxTransaction>;\n\n // redirect callbacks\n isInteractionRequired: (hashOrSearch?: string) => boolean;\n isInteractionRequiredError: (error: Error) => boolean; \n handleInteractionCodeRedirect: (url: string) => Promise<void>;\n isEmailVerifyCallback: (search: string) => boolean;\n parseEmailVerifyCallback: (search: string) => EmailVerifyCallbackResponse;\n handleEmailVerifyCallback: (search: string) => Promise<IdxTransaction | undefined>;\n isEmailVerifyCallbackError: (error: Error) => boolean;\n\n // transaction meta\n getSavedTransactionMeta: (options?: IdxTransactionMetaOptions) => IdxTransactionMeta | undefined;\n createTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n getTransactionMeta: (options?: IdxTransactionMetaOptions) => Promise<IdxTransactionMeta>;\n saveTransactionMeta: (meta: unknown) => void;\n clearTransactionMeta: () => void;\n isTransactionMetaValid: (meta: unknown) => boolean;\n}\n\nexport interface IdxTransactionManagerInterface extends TransactionManagerInterface {\n saveIdxResponse(data: SavedIdxResponse): void;\n loadIdxResponse(options?: IntrospectOptions): SavedIdxResponse | null;\n clearIdxResponse(): void;\n}\n\nexport type IdxTransactionManagerConstructor = TransactionManagerConstructor<IdxTransactionManagerInterface>;\n\nexport interface WebauthnAPI {\n getAssertion(credential: PublicKeyCredential): WebauthnVerificationValues;\n getAttestation(credential: PublicKeyCredential): WebauthnEnrollValues;\n buildCredentialRequestOptions(\n challengeData: ChallengeData, authenticatorEnrollments: IdxAuthenticator[]\n ): CredentialRequestOptions;\n buildCredentialCreationOptions(\n activationData: ActivationData, authenticatorEnrollments: IdxAuthenticator[]\n ): CredentialCreationOptions;\n}\n\n\nexport interface OktaAuthIdxInterface\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface\n>\n extends OktaAuthOAuthInterface<M, S, O, TM>\n{\n idx: IdxAPI;\n fingerprint: FingerprintAPI;\n}\n\nexport interface MinimalOktaAuthIdxInterface\n<\n M extends IdxTransactionMeta = IdxTransactionMeta,\n S extends IdxStorageManagerInterface<M> = IdxStorageManagerInterface<M>,\n O extends OktaAuthIdxOptions = OktaAuthIdxOptions,\n TM extends IdxTransactionManagerInterface = IdxTransactionManagerInterface\n>\n extends MinimalOktaOAuthInterface<M, S, O, TM>\n{\n idx: MinimalIdxAPI;\n fingerprint: FingerprintAPI;\n}\n\nexport interface OktaAuthIdxConstructor\n<\n I extends MinimalOktaAuthIdxInterface = OktaAuthIdxInterface\n>\n extends OktaAuthConstructor<I>\n{\n new(...args: any[]): I;\n webauthn: WebauthnAPI;\n}\n"],"mappings":";;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,GAVA,IA0DYA,SAAS;AAAA;AAAA,WAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAATA,SAAS;AAAA,GAATA,SAAS,yBAATA,SAAS;AAAA,IAQTC,gBAAgB;AAAA;AAAA,WAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;EAAhBA,gBAAgB;AAAA,GAAhBA,gBAAgB,gCAAhBA,gBAAgB;AAAA,IAmDhBC,UAAU;AAAA;AAAA,WAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;AAAA,GAAVA,UAAU,0BAAVA,UAAU;AAsCf,SAASC,eAAe,CAACC,GAAQ,EAAwB;EAC9D,OAAOA,GAAG,KAAKA,GAAG,CAACC,GAAG,IAAID,GAAG,CAACE,EAAE,CAAC;AACnC"}
|
package/cjs/util/jsonpath.js
CHANGED
|
@@ -1,13 +1,37 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
3
|
exports.jsonpath = jsonpath;
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
4
|
+
const jsonpathRegex = /\$?(?<step>\w+)|(?:\[(?<index>\d+)\])/g;
|
|
5
|
+
|
|
6
|
+
/* eslint complexity:[0,8] */
|
|
7
|
+
function jsonpath({
|
|
8
|
+
path,
|
|
9
|
+
json
|
|
10
|
+
}) {
|
|
11
|
+
const steps = [];
|
|
12
|
+
let match;
|
|
13
|
+
while ((match = jsonpathRegex.exec(path)) !== null) {
|
|
14
|
+
const step = match?.groups?.step ?? match?.groups?.index;
|
|
15
|
+
if (step) {
|
|
16
|
+
steps.push(step);
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
if (steps.length < 1) {
|
|
20
|
+
return undefined;
|
|
21
|
+
}
|
|
22
|
+
|
|
23
|
+
// array length check above guarantees .pop() will return a value
|
|
24
|
+
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
|
|
25
|
+
const lastStep = steps.pop();
|
|
26
|
+
let curr = json;
|
|
27
|
+
for (const step of steps) {
|
|
28
|
+
if (Object.prototype.hasOwnProperty.call(curr, step)) {
|
|
29
|
+
if (typeof curr[step] !== 'object') {
|
|
30
|
+
return undefined;
|
|
31
|
+
}
|
|
32
|
+
curr = curr[step];
|
|
33
|
+
}
|
|
34
|
+
}
|
|
35
|
+
return curr[lastStep];
|
|
12
36
|
}
|
|
13
37
|
//# sourceMappingURL=jsonpath.js.map
|
package/cjs/util/jsonpath.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jsonpath.js","names":["jsonpath","
|
|
1
|
+
{"version":3,"file":"jsonpath.js","names":["jsonpathRegex","jsonpath","path","json","steps","match","exec","step","groups","index","push","length","undefined","lastStep","pop","curr","Object","prototype","hasOwnProperty","call"],"sources":["../../../lib/util/jsonpath.ts"],"sourcesContent":["const jsonpathRegex = /\\$?(?<step>\\w+)|(?:\\[(?<index>\\d+)\\])/g;\n\n/* eslint complexity:[0,8] */\nexport function jsonpath({ path, json }) {\n const steps: string[] = [];\n let match: RegExpExecArray | null;\n while ((match = jsonpathRegex.exec(path)) !== null) {\n const step = match?.groups?.step ?? match?.groups?.index;\n if (step) {\n steps.push(step);\n }\n }\n\n if (steps.length < 1) {\n return undefined;\n }\n\n // array length check above guarantees .pop() will return a value\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const lastStep = steps.pop()!;\n let curr = json;\n for (const step of steps) {\n if (Object.prototype.hasOwnProperty.call(curr, step)) {\n if (typeof curr[step] !== 'object') {\n return undefined;\n }\n\n curr = curr[step];\n }\n }\n\n return curr[lastStep];\n}\n"],"mappings":";;;AAAA,MAAMA,aAAa,GAAG,wCAAwC;;AAE9D;AACO,SAASC,QAAQ,CAAC;EAAEC,IAAI;EAAEC;AAAK,CAAC,EAAE;EACvC,MAAMC,KAAe,GAAG,EAAE;EAC1B,IAAIC,KAA6B;EACjC,OAAO,CAACA,KAAK,GAAGL,aAAa,CAACM,IAAI,CAACJ,IAAI,CAAC,MAAM,IAAI,EAAE;IAClD,MAAMK,IAAI,GAAGF,KAAK,EAAEG,MAAM,EAAED,IAAI,IAAIF,KAAK,EAAEG,MAAM,EAAEC,KAAK;IACxD,IAAIF,IAAI,EAAE;MACRH,KAAK,CAACM,IAAI,CAACH,IAAI,CAAC;IAClB;EACF;EAEA,IAAIH,KAAK,CAACO,MAAM,GAAG,CAAC,EAAE;IACpB,OAAOC,SAAS;EAClB;;EAEA;EACA;EACA,MAAMC,QAAQ,GAAGT,KAAK,CAACU,GAAG,EAAG;EAC7B,IAAIC,IAAI,GAAGZ,IAAI;EACf,KAAK,MAAMI,IAAI,IAAIH,KAAK,EAAE;IACxB,IAAIY,MAAM,CAACC,SAAS,CAACC,cAAc,CAACC,IAAI,CAACJ,IAAI,EAAER,IAAI,CAAC,EAAE;MACpD,IAAI,OAAOQ,IAAI,CAACR,IAAI,CAAC,KAAK,QAAQ,EAAE;QAClC,OAAOK,SAAS;MAClB;MAEAG,IAAI,GAAGA,IAAI,CAACR,IAAI,CAAC;IACnB;EACF;EAEA,OAAOQ,IAAI,CAACF,QAAQ,CAAC;AACvB"}
|