@webex/plugin-authorization-browser 3.0.0-beta.14 → 3.0.0-beta.15

package/dist/authorization.js

@@ -396,7 +396,7 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
       throw new Error("CSRF token ".concat(token, " does not match stored token ").concat(sessionToken));
     }
   },
-  version: "3.0.0-beta.14"
+  version: "3.0.0-beta.15"
 }, ((0, _applyDecoratedDescriptor2.default)(_obj, "initiateImplicitGrant", [_dec], (0, _getOwnPropertyDescriptor.default)(_obj, "initiateImplicitGrant"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "initiateAuthorizationCodeGrant", [_dec2], (0, _getOwnPropertyDescriptor.default)(_obj, "initiateAuthorizationCodeGrant"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "requestAccessTokenFromJwt", [_common.oneFlight], (0, _getOwnPropertyDescriptor.default)(_obj, "requestAccessTokenFromJwt"), _obj)), _obj)));
 
 var _default = Authorization;

package/dist/authorization.js.map

@@ -1 +1 @@
-{"version":3,"names":["OAUTH2_CSRF_TOKEN","EMPTY_OBJECT_STRING","base64","encode","Authorization","WebexPlugin","extend","whileInFlight","derived","isAuthenticating","deps","fn","isAuthorizing","session","default","type","ready","namespace","initialize","attrs","options","ret","prototype","parse","location","url","webex","getWindow","href","_checkForErrors","hash","includes","substr","querystring","state","JSON","decode","tokenData","_parseHash","_cleanUrl","process","nextTick","credentials","set","supertoken","initiateLogin","csrf_token","_generateSecurityToken","config","clientType","initiateAuthorizationCodeGrant","initiateImplicitGrant","logger","info","buildLoginUrl","response_type","resolve","requestAccessTokenFromJwt","jwt","hydraUri","internal","services","get","slice","env","HYDRA_SERVICE_URL","request","method","uri","headers","authorization","then","body","access_token","token","token_type","expires_in","expiresIn","initServiceCatalogs","logout","noRedirect","buildLogoutUrl","query","error","ErrorConstructor","grantErrors","select","history","replaceState","forEach","key","stringify","format","uuid","v4","sessionStorage","setItem","_verifySecurityToken","undefined","refresh_token_expires_in","sessionToken","getItem","removeItem","Error","oneFlight"],"sources":["authorization.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\n/* eslint camelcase: [0] */\n\nimport querystring from 'querystring';\nimport url from 'url';\n\nimport {base64, oneFlight, whileInFlight} from '@webex/common';\nimport {grantErrors, WebexPlugin} from '@webex/webex-core';\nimport {cloneDeep, isEmpty, omit} from 'lodash';\nimport uuid from 'uuid';\n\nconst OAUTH2_CSRF_TOKEN = 'oauth2-csrf-token';\nconst EMPTY_OBJECT_STRING = base64.encode(JSON.stringify({}));\n\n/**\n * Browser support for OAuth2. Automatically parses the URL hash for an access\n * token\n * @class\n * @name AuthorizationBrowser\n */\nconst Authorization = WebexPlugin.extend({\n  derived: {\n    /**\n     * Alias of {@link AuthorizationBrowser#isAuthorizing}\n     * @instance\n     * @memberof AuthorizationBrowser\n     * @type {boolean}\n     */\n    isAuthenticating: {\n      deps: ['isAuthorizing'],\n      fn() {\n        return this.isAuthorizing;\n      }\n    }\n  },\n\n  session: {\n    /**\n     * Indicates if an Authorization Code exchange is inflight\n     * @instance\n     * @memberof AuthorizationBrowser\n     * @type {boolean}\n     */\n    isAuthorizing: {\n      default: false,\n      type: 'boolean'\n    },\n    ready: {\n      default: false,\n      type: 'boolean'\n    }\n  },\n\n  namespace: 'Credentials',\n\n  /**\n   * Initializer\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} attrs {@link AmpersandState}\n   * @param {boolean} attrs.parse Controls whether or not the the url should get\n   * parsed for an access token\n   * @private\n   * @returns {Authorization}\n   */\n  // eslint-disable-next-line complexity\n  initialize(attrs, options) {\n    const ret = Reflect.apply(WebexPlugin.prototype.initialize, this, [attrs, options]);\n\n    // Reminder, we can't do parse based on config, because config is not\n    // available until nextTick and we want to be able to throw errors found in\n    // the url.\n    if (attrs.parse === false) {\n      this.ready = true;\n\n      return ret;\n    }\n    const location = url.parse(this.webex.getWindow().location.href, true);\n\n    this._checkForErrors(location);\n\n    let {hash} = location;\n\n    if (!hash) {\n      this.ready = true;\n\n      return ret;\n    }\n    if (hash.includes('#')) {\n      hash = hash.substr(1);\n    }\n    location.hash = querystring.parse(hash);\n    if (location.hash.state) {\n      location.hash.state = JSON.parse(base64.decode(location.hash.state));\n    }\n    const tokenData = this._parseHash(location);\n\n    if (!tokenData) {\n      return ret;\n    }\n    this._cleanUrl(location);\n\n    // Wait until nextTick in case `credentials` hasn't initialized yet\n    process.nextTick(() => {\n      this.webex.credentials.set({supertoken: tokenData});\n      this.ready = true;\n    });\n\n    return ret;\n  },\n\n  /**\n   * Kicks off an oauth flow\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} options\n   * @returns {Promise}\n   */\n  initiateLogin(options = {}) {\n    options.state = options.state || {};\n    options.state.csrf_token = this._generateSecurityToken();\n\n    // If we're not explicitly a confidential client, assume we're a public\n    // client\n    if (this.config.clientType === 'confidential') {\n      return this.initiateAuthorizationCodeGrant(options);\n    }\n\n    return this.initiateImplicitGrant(options);\n  },\n\n  @whileInFlight('isAuthorizing')\n  /**\n   * Kicks off the Authorization Code grant flow. Typically called via\n   * {@link AuthorizationBrowser#initiateLogin}\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} options\n   * @returns {Promise}\n   */\n  initiateImplicitGrant(options) {\n    this.logger.info('authorization: initiating implicit grant flow');\n    this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(Object.assign({response_type: 'token'}, options));\n\n    return Promise.resolve();\n  },\n\n  @whileInFlight('isAuthorizing')\n  /**\n   * Kicks off the Implicit Code grant flow. Typically called via\n   * {@link AuthorizationBrowser#initiateLogin}\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} options\n   * @returns {Promise}\n   */\n  initiateAuthorizationCodeGrant(options) {\n    this.logger.info('authorization: initiating authorization code grant flow');\n    this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(Object.assign({response_type: 'code'}, options));\n\n    return Promise.resolve();\n  },\n\n  @oneFlight\n  /**\n   * Requests a Webex access token for a user already authenticated into\n   * your product.\n   *\n   * Note: You'll need to supply a jwtRefreshCallback of the form\n   * `Promise<jwt> = jwtRefreshCallback(webex)` for automatic token refresh to\n   * work.\n   *\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} options\n   * @param {Object} options.jwt This is a jwt generated by your backend that\n   * identifies a user in your system\n   * @returns {Promise}\n   */\n  requestAccessTokenFromJwt({jwt}) {\n    let hydraUri = this.webex.internal.services.get('hydra', true);\n\n    if (hydraUri && hydraUri.slice(-1) !== '/') {\n      // add a `/` to hydra's uri from the services catalog so that\n      // it matches the current env service format.\n      hydraUri += '/';\n    }\n\n    hydraUri = hydraUri ||\n      process.env.HYDRA_SERVICE_URL ||\n      'https://api.ciscospark.com/v1/';\n\n    return this.webex.request({\n      method: 'POST',\n      uri: `${hydraUri}jwt/login`,\n      headers: {\n        authorization: jwt\n      }\n    })\n      .then(({body}) => ({\n        access_token: body.token,\n        token_type: 'Bearer',\n        expires_in: body.expiresIn\n      }))\n      .then((token) => {\n        this.webex.credentials.set({\n          supertoken: token\n        });\n      })\n      .then(() => this.webex.internal.services.initServiceCatalogs());\n  },\n\n  /**\n   * Called by {@link WebexCore#logout()}. Redirects to the logout page\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} options\n   * @param {boolean} options.noRedirect if true, does not redirect\n   * @returns {Promise}\n   */\n  logout(options = {}) {\n    if (!options.noRedirect) {\n      this.webex.getWindow().location = this.webex.credentials.buildLogoutUrl(options);\n    }\n  },\n\n  /**\n   * Checks if the result of the login redirect contains an error string\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} location\n   * @private\n   * @returns {Promise}\n   */\n  _checkForErrors(location) {\n    const {query} = location;\n\n    if (query && query.error) {\n      const ErrorConstructor = grantErrors.select(query.error);\n\n      throw new ErrorConstructor(query);\n    }\n  },\n\n  /**\n   * Removes no-longer needed values from the url (access token, csrf token, etc)\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} location\n   * @private\n   * @returns {Promise}\n   */\n  _cleanUrl(location) {\n    location = cloneDeep(location);\n    if (this.webex.getWindow().history && this.webex.getWindow().history.replaceState) {\n      [\n        'access_token',\n        'token_type',\n        'expires_in',\n        'refresh_token',\n        'refresh_token_expires_in'\n      ].forEach((key) => Reflect.deleteProperty(location.hash, key));\n      if (!isEmpty(location.hash.state)) {\n        location.hash.state = base64.encode(JSON.stringify(omit(location.hash.state, 'csrf_token')));\n        if (location.hash.state === EMPTY_OBJECT_STRING) {\n          Reflect.deleteProperty(location.hash, 'state');\n        }\n      }\n      else {\n        Reflect.deleteProperty(location.hash, 'state');\n      }\n      location.hash = querystring.stringify(location.hash);\n      this.webex.getWindow().history.replaceState({}, null, url.format(location));\n    }\n  },\n\n  /**\n   * Generates a CSRF token and sticks in in sessionStorage\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @private\n   * @returns {Promise}\n   */\n  _generateSecurityToken() {\n    this.logger.info('authorization: generating csrf token');\n\n    const token = uuid.v4();\n\n    this.webex.getWindow().sessionStorage.setItem('oauth2-csrf-token', token);\n\n    return token;\n  },\n\n  /**\n   * Parses the url hash into an access token object\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} location\n   * @private\n   * @returns {Object}\n   */\n  _parseHash(location) {\n    const hash = cloneDeep(location.hash);\n\n    if (hash) {\n      this._verifySecurityToken(hash);\n    }\n    if (!hash.access_token) {\n      this.ready = true;\n\n      return undefined;\n    }\n    if (hash.expires_in) {\n      hash.expires_in = parseInt(hash.expires_in, 10);\n    }\n    if (hash.refresh_token_expires_in) {\n      hash.refresh_token_expires_in = parseInt(hash.refresh_token_expires_in, 10);\n    }\n\n    return hash;\n  },\n\n  /**\n   * Checks if the CSRF token in sessionStorage is the same as the one returned\n   * in the url.\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} hash\n   * @private\n   * @returns {Promise}\n   */\n  _verifySecurityToken(hash) {\n    const sessionToken = this.webex.getWindow().sessionStorage.getItem(OAUTH2_CSRF_TOKEN);\n\n    this.webex.getWindow().sessionStorage.removeItem(OAUTH2_CSRF_TOKEN);\n    if (!sessionToken) {\n      return;\n    }\n\n    if (!hash.state) {\n      throw new Error(`Expected CSRF token ${sessionToken}, but not found in redirect hash`);\n    }\n\n    if (!hash.state.csrf_token) {\n      throw new Error(`Expected CSRF token ${sessionToken}, but not found in redirect hash`);\n    }\n\n    const token = hash.state.csrf_token;\n\n    if (token !== sessionToken) {\n      throw new Error(`CSRF token ${token} does not match stored token ${sessionToken}`);\n    }\n  }\n});\n\nexport default Authorization;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAMA;;AACA;;AAEA;;AACA;;AAEA;;;;AAEA,IAAMA,iBAAiB,GAAG,mBAA1B;;AACA,IAAMC,mBAAmB,GAAGC,cAAA,CAAOC,MAAP,CAAc,wBAAe,EAAf,CAAd,CAA5B;AAEA;AACA;AACA;AACA;AACA;AACA;;;AACA,IAAMC,aAAa,GAAGC,sBAAA,CAAYC,MAAZ,SA+GnB,IAAAC,qBAAA,EAAc,eAAd,CA/GmB,UA+HnB,IAAAA,qBAAA,EAAc,eAAd,CA/HmB,UAAmB;EACvCC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;IACIC,gBAAgB,EAAE;MAChBC,IAAI,EAAE,CAAC,eAAD,CADU;MAEhBC,EAFgB,gBAEX;QACH,OAAO,KAAKC,aAAZ;MACD;IAJe;EAPX,CAD8B;EAgBvCC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;IACID,aAAa,EAAE;MACbE,OAAO,EAAE,KADI;MAEbC,IAAI,EAAE;IAFO,CAPR;IAWPC,KAAK,EAAE;MACLF,OAAO,EAAE,KADJ;MAELC,IAAI,EAAE;IAFD;EAXA,CAhB8B;EAiCvCE,SAAS,EAAE,aAjC4B;;EAmCvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE;EACAC,UA9CuC,sBA8C5BC,KA9C4B,EA8CrBC,OA9CqB,EA8CZ;IAAA;;IACzB,IAAMC,GAAG,GAAG,oBAAchB,sBAAA,CAAYiB,SAAZ,CAAsBJ,UAApC,EAAgD,IAAhD,EAAsD,CAACC,KAAD,EAAQC,OAAR,CAAtD,CAAZ,CADyB,CAGzB;IACA;IACA;;IACA,IAAID,KAAK,CAACI,KAAN,KAAgB,KAApB,EAA2B;MACzB,KAAKP,KAAL,GAAa,IAAb;MAEA,OAAOK,GAAP;IACD;;IACD,IAAMG,QAAQ,GAAGC,YAAA,CAAIF,KAAJ,CAAU,KAAKG,KAAL,CAAWC,SAAX,GAAuBH,QAAvB,CAAgCI,IAA1C,EAAgD,IAAhD,CAAjB;;IAEA,KAAKC,eAAL,CAAqBL,QAArB;;IAEA,IAAKM,IAAL,GAAaN,QAAb,CAAKM,IAAL;;IAEA,IAAI,CAACA,IAAL,EAAW;MACT,KAAKd,KAAL,GAAa,IAAb;MAEA,OAAOK,GAAP;IACD;;IACD,IAAIS,IAAI,CAACC,QAAL,CAAc,GAAd,CAAJ,EAAwB;MACtBD,IAAI,GAAGA,IAAI,CAACE,MAAL,CAAY,CAAZ,CAAP;IACD;;IACDR,QAAQ,CAACM,IAAT,GAAgBG,oBAAA,CAAYV,KAAZ,CAAkBO,IAAlB,CAAhB;;IACA,IAAIN,QAAQ,CAACM,IAAT,CAAcI,KAAlB,EAAyB;MACvBV,QAAQ,CAACM,IAAT,CAAcI,KAAd,GAAsBC,IAAI,CAACZ,KAAL,CAAWrB,cAAA,CAAOkC,MAAP,CAAcZ,QAAQ,CAACM,IAAT,CAAcI,KAA5B,CAAX,CAAtB;IACD;;IACD,IAAMG,SAAS,GAAG,KAAKC,UAAL,CAAgBd,QAAhB,CAAlB;;IAEA,IAAI,CAACa,SAAL,EAAgB;MACd,OAAOhB,GAAP;IACD;;IACD,KAAKkB,SAAL,CAAef,QAAf,EAlCyB,CAoCzB;;;IACAgB,OAAO,CAACC,QAAR,CAAiB,YAAM;MACrB,KAAI,CAACf,KAAL,CAAWgB,WAAX,CAAuBC,GAAvB,CAA2B;QAACC,UAAU,EAAEP;MAAb,CAA3B;;MACA,KAAI,CAACrB,KAAL,GAAa,IAAb;IACD,CAHD;IAKA,OAAOK,GAAP;EACD,CAzFsC;;EA2FvC;AACF;AACA;AACA;AACA;AACA;AACA;EACEwB,aAlGuC,2BAkGX;IAAA,IAAdzB,OAAc,uEAAJ,EAAI;IAC1BA,OAAO,CAACc,KAAR,GAAgBd,OAAO,CAACc,KAAR,IAAiB,EAAjC;IACAd,OAAO,CAACc,KAAR,CAAcY,UAAd,GAA2B,KAAKC,sBAAL,EAA3B,CAF0B,CAI1B;IACA;;IACA,IAAI,KAAKC,MAAL,CAAYC,UAAZ,KAA2B,cAA/B,EAA+C;MAC7C,OAAO,KAAKC,8BAAL,CAAoC9B,OAApC,CAAP;IACD;;IAED,OAAO,KAAK+B,qBAAL,CAA2B/B,OAA3B,CAAP;EACD,CA7GsC;;EAgHvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE+B,qBAxHuC,iCAwHjB/B,OAxHiB,EAwHR;IAC7B,KAAKgC,MAAL,CAAYC,IAAZ,CAAiB,+CAAjB;IACA,KAAK3B,KAAL,CAAWC,SAAX,GAAuBH,QAAvB,GAAkC,KAAKE,KAAL,CAAWgB,WAAX,CAAuBY,aAAvB,CAAqC,qBAAc;MAACC,aAAa,EAAE;IAAhB,CAAd,EAAwCnC,OAAxC,CAArC,CAAlC;IAEA,OAAO,iBAAQoC,OAAR,EAAP;EACD,CA7HsC;;EAgIvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEN,8BAxIuC,0CAwIR9B,OAxIQ,EAwIC;IACtC,KAAKgC,MAAL,CAAYC,IAAZ,CAAiB,yDAAjB;IACA,KAAK3B,KAAL,CAAWC,SAAX,GAAuBH,QAAvB,GAAkC,KAAKE,KAAL,CAAWgB,WAAX,CAAuBY,aAAvB,CAAqC,qBAAc;MAACC,aAAa,EAAE;IAAhB,CAAd,EAAuCnC,OAAvC,CAArC,CAAlC;IAEA,OAAO,iBAAQoC,OAAR,EAAP;EACD,CA7IsC;;EAgJvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,yBA/JuC,2CA+JN;IAAA;;IAAA,IAANC,GAAM,QAANA,GAAM;IAC/B,IAAIC,QAAQ,GAAG,KAAKjC,KAAL,CAAWkC,QAAX,CAAoBC,QAApB,CAA6BC,GAA7B,CAAiC,OAAjC,EAA0C,IAA1C,CAAf;;IAEA,IAAIH,QAAQ,IAAIA,QAAQ,CAACI,KAAT,CAAe,CAAC,CAAhB,MAAuB,GAAvC,EAA4C;MAC1C;MACA;MACAJ,QAAQ,IAAI,GAAZ;IACD;;IAEDA,QAAQ,GAAGA,QAAQ,IACjBnB,OAAO,CAACwB,GAAR,CAAYC,iBADH,IAET,gCAFF;IAIA,OAAO,KAAKvC,KAAL,CAAWwC,OAAX,CAAmB;MACxBC,MAAM,EAAE,MADgB;MAExBC,GAAG,YAAKT,QAAL,cAFqB;MAGxBU,OAAO,EAAE;QACPC,aAAa,EAAEZ;MADR;IAHe,CAAnB,EAOJa,IAPI,CAOC;MAAA,IAAEC,IAAF,SAAEA,IAAF;MAAA,OAAa;QACjBC,YAAY,EAAED,IAAI,CAACE,KADF;QAEjBC,UAAU,EAAE,QAFK;QAGjBC,UAAU,EAAEJ,IAAI,CAACK;MAHA,CAAb;IAAA,CAPD,EAYJN,IAZI,CAYC,UAACG,KAAD,EAAW;MACf,MAAI,CAAChD,KAAL,CAAWgB,WAAX,CAAuBC,GAAvB,CAA2B;QACzBC,UAAU,EAAE8B;MADa,CAA3B;IAGD,CAhBI,EAiBJH,IAjBI,CAiBC;MAAA,OAAM,MAAI,CAAC7C,KAAL,CAAWkC,QAAX,CAAoBC,QAApB,CAA6BiB,mBAA7B,EAAN;IAAA,CAjBD,CAAP;EAkBD,CA9LsC;;EAgMvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,MAxMuC,oBAwMlB;IAAA,IAAd3D,OAAc,uEAAJ,EAAI;;IACnB,IAAI,CAACA,OAAO,CAAC4D,UAAb,EAAyB;MACvB,KAAKtD,KAAL,CAAWC,SAAX,GAAuBH,QAAvB,GAAkC,KAAKE,KAAL,CAAWgB,WAAX,CAAuBuC,cAAvB,CAAsC7D,OAAtC,CAAlC;IACD;EACF,CA5MsC;;EA8MvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACES,eAtNuC,2BAsNvBL,QAtNuB,EAsNb;IACxB,IAAO0D,KAAP,GAAgB1D,QAAhB,CAAO0D,KAAP;;IAEA,IAAIA,KAAK,IAAIA,KAAK,CAACC,KAAnB,EAA0B;MACxB,IAAMC,gBAAgB,GAAGC,sBAAA,CAAYC,MAAZ,CAAmBJ,KAAK,CAACC,KAAzB,CAAzB;;MAEA,MAAM,IAAIC,gBAAJ,CAAqBF,KAArB,CAAN;IACD;EACF,CA9NsC;;EAgOvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE3C,SAxOuC,qBAwO7Bf,QAxO6B,EAwOnB;IAClBA,QAAQ,GAAG,yBAAUA,QAAV,CAAX;;IACA,IAAI,KAAKE,KAAL,CAAWC,SAAX,GAAuB4D,OAAvB,IAAkC,KAAK7D,KAAL,CAAWC,SAAX,GAAuB4D,OAAvB,CAA+BC,YAArE,EAAmF;MACjF,CACE,cADF,EAEE,YAFF,EAGE,YAHF,EAIE,eAJF,EAKE,0BALF,EAMEC,OANF,CAMU,UAACC,GAAD;QAAA,OAAS,6BAAuBlE,QAAQ,CAACM,IAAhC,EAAsC4D,GAAtC,CAAT;MAAA,CANV;;MAOA,IAAI,CAAC,uBAAQlE,QAAQ,CAACM,IAAT,CAAcI,KAAtB,CAAL,EAAmC;QACjCV,QAAQ,CAACM,IAAT,CAAcI,KAAd,GAAsBhC,cAAA,CAAOC,MAAP,CAAc,wBAAe,oBAAKqB,QAAQ,CAACM,IAAT,CAAcI,KAAnB,EAA0B,YAA1B,CAAf,CAAd,CAAtB;;QACA,IAAIV,QAAQ,CAACM,IAAT,CAAcI,KAAd,KAAwBjC,mBAA5B,EAAiD;UAC/C,6BAAuBuB,QAAQ,CAACM,IAAhC,EAAsC,OAAtC;QACD;MACF,CALD,MAMK;QACH,6BAAuBN,QAAQ,CAACM,IAAhC,EAAsC,OAAtC;MACD;;MACDN,QAAQ,CAACM,IAAT,GAAgBG,oBAAA,CAAY0D,SAAZ,CAAsBnE,QAAQ,CAACM,IAA/B,CAAhB;MACA,KAAKJ,KAAL,CAAWC,SAAX,GAAuB4D,OAAvB,CAA+BC,YAA/B,CAA4C,EAA5C,EAAgD,IAAhD,EAAsD/D,YAAA,CAAImE,MAAJ,CAAWpE,QAAX,CAAtD;IACD;EACF,CA9PsC;;EAgQvC;AACF;AACA;AACA;AACA;AACA;AACA;EACEuB,sBAvQuC,oCAuQd;IACvB,KAAKK,MAAL,CAAYC,IAAZ,CAAiB,sCAAjB;;IAEA,IAAMqB,KAAK,GAAGmB,aAAA,CAAKC,EAAL,EAAd;;IAEA,KAAKpE,KAAL,CAAWC,SAAX,GAAuBoE,cAAvB,CAAsCC,OAAtC,CAA8C,mBAA9C,EAAmEtB,KAAnE;IAEA,OAAOA,KAAP;EACD,CA/QsC;;EAiRvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEpC,UAzRuC,sBAyR5Bd,QAzR4B,EAyRlB;IACnB,IAAMM,IAAI,GAAG,yBAAUN,QAAQ,CAACM,IAAnB,CAAb;;IAEA,IAAIA,IAAJ,EAAU;MACR,KAAKmE,oBAAL,CAA0BnE,IAA1B;IACD;;IACD,IAAI,CAACA,IAAI,CAAC2C,YAAV,EAAwB;MACtB,KAAKzD,KAAL,GAAa,IAAb;MAEA,OAAOkF,SAAP;IACD;;IACD,IAAIpE,IAAI,CAAC8C,UAAT,EAAqB;MACnB9C,IAAI,CAAC8C,UAAL,GAAkB,wBAAS9C,IAAI,CAAC8C,UAAd,EAA0B,EAA1B,CAAlB;IACD;;IACD,IAAI9C,IAAI,CAACqE,wBAAT,EAAmC;MACjCrE,IAAI,CAACqE,wBAAL,GAAgC,wBAASrE,IAAI,CAACqE,wBAAd,EAAwC,EAAxC,CAAhC;IACD;;IAED,OAAOrE,IAAP;EACD,CA5SsC;;EA8SvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEmE,oBAvTuC,gCAuTlBnE,IAvTkB,EAuTZ;IACzB,IAAMsE,YAAY,GAAG,KAAK1E,KAAL,CAAWC,SAAX,GAAuBoE,cAAvB,CAAsCM,OAAtC,CAA8CrG,iBAA9C,CAArB;IAEA,KAAK0B,KAAL,CAAWC,SAAX,GAAuBoE,cAAvB,CAAsCO,UAAtC,CAAiDtG,iBAAjD;;IACA,IAAI,CAACoG,YAAL,EAAmB;MACjB;IACD;;IAED,IAAI,CAACtE,IAAI,CAACI,KAAV,EAAiB;MACf,MAAM,IAAIqE,KAAJ,+BAAiCH,YAAjC,sCAAN;IACD;;IAED,IAAI,CAACtE,IAAI,CAACI,KAAL,CAAWY,UAAhB,EAA4B;MAC1B,MAAM,IAAIyD,KAAJ,+BAAiCH,YAAjC,sCAAN;IACD;;IAED,IAAM1B,KAAK,GAAG5C,IAAI,CAACI,KAAL,CAAWY,UAAzB;;IAEA,IAAI4B,KAAK,KAAK0B,YAAd,EAA4B;MAC1B,MAAM,IAAIG,KAAJ,sBAAwB7B,KAAxB,0CAA6D0B,YAA7D,EAAN;IACD;EACF,CA5UsC;EAAA;AAAA,CAAnB,4ZA+InBI,iBA/ImB,6FAAtB;;eA+UepG,a"}
+{"version":3,"names":["OAUTH2_CSRF_TOKEN","EMPTY_OBJECT_STRING","base64","encode","Authorization","WebexPlugin","extend","whileInFlight","derived","isAuthenticating","deps","fn","isAuthorizing","session","default","type","ready","namespace","initialize","attrs","options","ret","prototype","parse","location","url","webex","getWindow","href","_checkForErrors","hash","includes","substr","querystring","state","JSON","decode","tokenData","_parseHash","_cleanUrl","process","nextTick","credentials","set","supertoken","initiateLogin","csrf_token","_generateSecurityToken","config","clientType","initiateAuthorizationCodeGrant","initiateImplicitGrant","logger","info","buildLoginUrl","response_type","resolve","requestAccessTokenFromJwt","jwt","hydraUri","internal","services","get","slice","env","HYDRA_SERVICE_URL","request","method","uri","headers","authorization","then","body","access_token","token","token_type","expires_in","expiresIn","initServiceCatalogs","logout","noRedirect","buildLogoutUrl","query","error","ErrorConstructor","grantErrors","select","history","replaceState","forEach","key","stringify","format","uuid","v4","sessionStorage","setItem","_verifySecurityToken","undefined","refresh_token_expires_in","sessionToken","getItem","removeItem","Error","oneFlight"],"sources":["authorization.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\n/* eslint camelcase: [0] */\n\nimport querystring from 'querystring';\nimport url from 'url';\n\nimport {base64, oneFlight, whileInFlight} from '@webex/common';\nimport {grantErrors, WebexPlugin} from '@webex/webex-core';\nimport {cloneDeep, isEmpty, omit} from 'lodash';\nimport uuid from 'uuid';\n\nconst OAUTH2_CSRF_TOKEN = 'oauth2-csrf-token';\nconst EMPTY_OBJECT_STRING = base64.encode(JSON.stringify({}));\n\n/**\n * Browser support for OAuth2. Automatically parses the URL hash for an access\n * token\n * @class\n * @name AuthorizationBrowser\n */\nconst Authorization = WebexPlugin.extend({\n  derived: {\n    /**\n     * Alias of {@link AuthorizationBrowser#isAuthorizing}\n     * @instance\n     * @memberof AuthorizationBrowser\n     * @type {boolean}\n     */\n    isAuthenticating: {\n      deps: ['isAuthorizing'],\n      fn() {\n        return this.isAuthorizing;\n      },\n    },\n  },\n\n  session: {\n    /**\n     * Indicates if an Authorization Code exchange is inflight\n     * @instance\n     * @memberof AuthorizationBrowser\n     * @type {boolean}\n     */\n    isAuthorizing: {\n      default: false,\n      type: 'boolean',\n    },\n    ready: {\n      default: false,\n      type: 'boolean',\n    },\n  },\n\n  namespace: 'Credentials',\n\n  /**\n   * Initializer\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} attrs {@link AmpersandState}\n   * @param {boolean} attrs.parse Controls whether or not the the url should get\n   * parsed for an access token\n   * @private\n   * @returns {Authorization}\n   */\n  // eslint-disable-next-line complexity\n  initialize(attrs, options) {\n    const ret = Reflect.apply(WebexPlugin.prototype.initialize, this, [attrs, options]);\n\n    // Reminder, we can't do parse based on config, because config is not\n    // available until nextTick and we want to be able to throw errors found in\n    // the url.\n    if (attrs.parse === false) {\n      this.ready = true;\n\n      return ret;\n    }\n    const location = url.parse(this.webex.getWindow().location.href, true);\n\n    this._checkForErrors(location);\n\n    let {hash} = location;\n\n    if (!hash) {\n      this.ready = true;\n\n      return ret;\n    }\n    if (hash.includes('#')) {\n      hash = hash.substr(1);\n    }\n    location.hash = querystring.parse(hash);\n    if (location.hash.state) {\n      location.hash.state = JSON.parse(base64.decode(location.hash.state));\n    }\n    const tokenData = this._parseHash(location);\n\n    if (!tokenData) {\n      return ret;\n    }\n    this._cleanUrl(location);\n\n    // Wait until nextTick in case `credentials` hasn't initialized yet\n    process.nextTick(() => {\n      this.webex.credentials.set({supertoken: tokenData});\n      this.ready = true;\n    });\n\n    return ret;\n  },\n\n  /**\n   * Kicks off an oauth flow\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} options\n   * @returns {Promise}\n   */\n  initiateLogin(options = {}) {\n    options.state = options.state || {};\n    options.state.csrf_token = this._generateSecurityToken();\n\n    // If we're not explicitly a confidential client, assume we're a public\n    // client\n    if (this.config.clientType === 'confidential') {\n      return this.initiateAuthorizationCodeGrant(options);\n    }\n\n    return this.initiateImplicitGrant(options);\n  },\n\n  @whileInFlight('isAuthorizing')\n  /**\n   * Kicks off the Authorization Code grant flow. Typically called via\n   * {@link AuthorizationBrowser#initiateLogin}\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} options\n   * @returns {Promise}\n   */\n  initiateImplicitGrant(options) {\n    this.logger.info('authorization: initiating implicit grant flow');\n    this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(\n      Object.assign({response_type: 'token'}, options)\n    );\n\n    return Promise.resolve();\n  },\n\n  @whileInFlight('isAuthorizing')\n  /**\n   * Kicks off the Implicit Code grant flow. Typically called via\n   * {@link AuthorizationBrowser#initiateLogin}\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} options\n   * @returns {Promise}\n   */\n  initiateAuthorizationCodeGrant(options) {\n    this.logger.info('authorization: initiating authorization code grant flow');\n    this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(\n      Object.assign({response_type: 'code'}, options)\n    );\n\n    return Promise.resolve();\n  },\n\n  @oneFlight\n  /**\n   * Requests a Webex access token for a user already authenticated into\n   * your product.\n   *\n   * Note: You'll need to supply a jwtRefreshCallback of the form\n   * `Promise<jwt> = jwtRefreshCallback(webex)` for automatic token refresh to\n   * work.\n   *\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} options\n   * @param {Object} options.jwt This is a jwt generated by your backend that\n   * identifies a user in your system\n   * @returns {Promise}\n   */\n  requestAccessTokenFromJwt({jwt}) {\n    let hydraUri = this.webex.internal.services.get('hydra', true);\n\n    if (hydraUri && hydraUri.slice(-1) !== '/') {\n      // add a `/` to hydra's uri from the services catalog so that\n      // it matches the current env service format.\n      hydraUri += '/';\n    }\n\n    hydraUri = hydraUri || process.env.HYDRA_SERVICE_URL || 'https://api.ciscospark.com/v1/';\n\n    return this.webex\n      .request({\n        method: 'POST',\n        uri: `${hydraUri}jwt/login`,\n        headers: {\n          authorization: jwt,\n        },\n      })\n      .then(({body}) => ({\n        access_token: body.token,\n        token_type: 'Bearer',\n        expires_in: body.expiresIn,\n      }))\n      .then((token) => {\n        this.webex.credentials.set({\n          supertoken: token,\n        });\n      })\n      .then(() => this.webex.internal.services.initServiceCatalogs());\n  },\n\n  /**\n   * Called by {@link WebexCore#logout()}. Redirects to the logout page\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} options\n   * @param {boolean} options.noRedirect if true, does not redirect\n   * @returns {Promise}\n   */\n  logout(options = {}) {\n    if (!options.noRedirect) {\n      this.webex.getWindow().location = this.webex.credentials.buildLogoutUrl(options);\n    }\n  },\n\n  /**\n   * Checks if the result of the login redirect contains an error string\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} location\n   * @private\n   * @returns {Promise}\n   */\n  _checkForErrors(location) {\n    const {query} = location;\n\n    if (query && query.error) {\n      const ErrorConstructor = grantErrors.select(query.error);\n\n      throw new ErrorConstructor(query);\n    }\n  },\n\n  /**\n   * Removes no-longer needed values from the url (access token, csrf token, etc)\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} location\n   * @private\n   * @returns {Promise}\n   */\n  _cleanUrl(location) {\n    location = cloneDeep(location);\n    if (this.webex.getWindow().history && this.webex.getWindow().history.replaceState) {\n      [\n        'access_token',\n        'token_type',\n        'expires_in',\n        'refresh_token',\n        'refresh_token_expires_in',\n      ].forEach((key) => Reflect.deleteProperty(location.hash, key));\n      if (!isEmpty(location.hash.state)) {\n        location.hash.state = base64.encode(\n          JSON.stringify(omit(location.hash.state, 'csrf_token'))\n        );\n        if (location.hash.state === EMPTY_OBJECT_STRING) {\n          Reflect.deleteProperty(location.hash, 'state');\n        }\n      } else {\n        Reflect.deleteProperty(location.hash, 'state');\n      }\n      location.hash = querystring.stringify(location.hash);\n      this.webex.getWindow().history.replaceState({}, null, url.format(location));\n    }\n  },\n\n  /**\n   * Generates a CSRF token and sticks in in sessionStorage\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @private\n   * @returns {Promise}\n   */\n  _generateSecurityToken() {\n    this.logger.info('authorization: generating csrf token');\n\n    const token = uuid.v4();\n\n    this.webex.getWindow().sessionStorage.setItem('oauth2-csrf-token', token);\n\n    return token;\n  },\n\n  /**\n   * Parses the url hash into an access token object\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} location\n   * @private\n   * @returns {Object}\n   */\n  _parseHash(location) {\n    const hash = cloneDeep(location.hash);\n\n    if (hash) {\n      this._verifySecurityToken(hash);\n    }\n    if (!hash.access_token) {\n      this.ready = true;\n\n      return undefined;\n    }\n    if (hash.expires_in) {\n      hash.expires_in = parseInt(hash.expires_in, 10);\n    }\n    if (hash.refresh_token_expires_in) {\n      hash.refresh_token_expires_in = parseInt(hash.refresh_token_expires_in, 10);\n    }\n\n    return hash;\n  },\n\n  /**\n   * Checks if the CSRF token in sessionStorage is the same as the one returned\n   * in the url.\n   * @instance\n   * @memberof AuthorizationBrowser\n   * @param {Object} hash\n   * @private\n   * @returns {Promise}\n   */\n  _verifySecurityToken(hash) {\n    const sessionToken = this.webex.getWindow().sessionStorage.getItem(OAUTH2_CSRF_TOKEN);\n\n    this.webex.getWindow().sessionStorage.removeItem(OAUTH2_CSRF_TOKEN);\n    if (!sessionToken) {\n      return;\n    }\n\n    if (!hash.state) {\n      throw new Error(`Expected CSRF token ${sessionToken}, but not found in redirect hash`);\n    }\n\n    if (!hash.state.csrf_token) {\n      throw new Error(`Expected CSRF token ${sessionToken}, but not found in redirect hash`);\n    }\n\n    const token = hash.state.csrf_token;\n\n    if (token !== sessionToken) {\n      throw new Error(`CSRF token ${token} does not match stored token ${sessionToken}`);\n    }\n  },\n});\n\nexport default Authorization;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAMA;;AACA;;AAEA;;AACA;;AAEA;;;;AAEA,IAAMA,iBAAiB,GAAG,mBAA1B;;AACA,IAAMC,mBAAmB,GAAGC,cAAA,CAAOC,MAAP,CAAc,wBAAe,EAAf,CAAd,CAA5B;AAEA;AACA;AACA;AACA;AACA;AACA;;;AACA,IAAMC,aAAa,GAAGC,sBAAA,CAAYC,MAAZ,SA+GnB,IAAAC,qBAAA,EAAc,eAAd,CA/GmB,UAiInB,IAAAA,qBAAA,EAAc,eAAd,CAjImB,UAAmB;EACvCC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;IACIC,gBAAgB,EAAE;MAChBC,IAAI,EAAE,CAAC,eAAD,CADU;MAEhBC,EAFgB,gBAEX;QACH,OAAO,KAAKC,aAAZ;MACD;IAJe;EAPX,CAD8B;EAgBvCC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;IACID,aAAa,EAAE;MACbE,OAAO,EAAE,KADI;MAEbC,IAAI,EAAE;IAFO,CAPR;IAWPC,KAAK,EAAE;MACLF,OAAO,EAAE,KADJ;MAELC,IAAI,EAAE;IAFD;EAXA,CAhB8B;EAiCvCE,SAAS,EAAE,aAjC4B;;EAmCvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE;EACAC,UA9CuC,sBA8C5BC,KA9C4B,EA8CrBC,OA9CqB,EA8CZ;IAAA;;IACzB,IAAMC,GAAG,GAAG,oBAAchB,sBAAA,CAAYiB,SAAZ,CAAsBJ,UAApC,EAAgD,IAAhD,EAAsD,CAACC,KAAD,EAAQC,OAAR,CAAtD,CAAZ,CADyB,CAGzB;IACA;IACA;;IACA,IAAID,KAAK,CAACI,KAAN,KAAgB,KAApB,EAA2B;MACzB,KAAKP,KAAL,GAAa,IAAb;MAEA,OAAOK,GAAP;IACD;;IACD,IAAMG,QAAQ,GAAGC,YAAA,CAAIF,KAAJ,CAAU,KAAKG,KAAL,CAAWC,SAAX,GAAuBH,QAAvB,CAAgCI,IAA1C,EAAgD,IAAhD,CAAjB;;IAEA,KAAKC,eAAL,CAAqBL,QAArB;;IAEA,IAAKM,IAAL,GAAaN,QAAb,CAAKM,IAAL;;IAEA,IAAI,CAACA,IAAL,EAAW;MACT,KAAKd,KAAL,GAAa,IAAb;MAEA,OAAOK,GAAP;IACD;;IACD,IAAIS,IAAI,CAACC,QAAL,CAAc,GAAd,CAAJ,EAAwB;MACtBD,IAAI,GAAGA,IAAI,CAACE,MAAL,CAAY,CAAZ,CAAP;IACD;;IACDR,QAAQ,CAACM,IAAT,GAAgBG,oBAAA,CAAYV,KAAZ,CAAkBO,IAAlB,CAAhB;;IACA,IAAIN,QAAQ,CAACM,IAAT,CAAcI,KAAlB,EAAyB;MACvBV,QAAQ,CAACM,IAAT,CAAcI,KAAd,GAAsBC,IAAI,CAACZ,KAAL,CAAWrB,cAAA,CAAOkC,MAAP,CAAcZ,QAAQ,CAACM,IAAT,CAAcI,KAA5B,CAAX,CAAtB;IACD;;IACD,IAAMG,SAAS,GAAG,KAAKC,UAAL,CAAgBd,QAAhB,CAAlB;;IAEA,IAAI,CAACa,SAAL,EAAgB;MACd,OAAOhB,GAAP;IACD;;IACD,KAAKkB,SAAL,CAAef,QAAf,EAlCyB,CAoCzB;;;IACAgB,OAAO,CAACC,QAAR,CAAiB,YAAM;MACrB,KAAI,CAACf,KAAL,CAAWgB,WAAX,CAAuBC,GAAvB,CAA2B;QAACC,UAAU,EAAEP;MAAb,CAA3B;;MACA,KAAI,CAACrB,KAAL,GAAa,IAAb;IACD,CAHD;IAKA,OAAOK,GAAP;EACD,CAzFsC;;EA2FvC;AACF;AACA;AACA;AACA;AACA;AACA;EACEwB,aAlGuC,2BAkGX;IAAA,IAAdzB,OAAc,uEAAJ,EAAI;IAC1BA,OAAO,CAACc,KAAR,GAAgBd,OAAO,CAACc,KAAR,IAAiB,EAAjC;IACAd,OAAO,CAACc,KAAR,CAAcY,UAAd,GAA2B,KAAKC,sBAAL,EAA3B,CAF0B,CAI1B;IACA;;IACA,IAAI,KAAKC,MAAL,CAAYC,UAAZ,KAA2B,cAA/B,EAA+C;MAC7C,OAAO,KAAKC,8BAAL,CAAoC9B,OAApC,CAAP;IACD;;IAED,OAAO,KAAK+B,qBAAL,CAA2B/B,OAA3B,CAAP;EACD,CA7GsC;;EAgHvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE+B,qBAxHuC,iCAwHjB/B,OAxHiB,EAwHR;IAC7B,KAAKgC,MAAL,CAAYC,IAAZ,CAAiB,+CAAjB;IACA,KAAK3B,KAAL,CAAWC,SAAX,GAAuBH,QAAvB,GAAkC,KAAKE,KAAL,CAAWgB,WAAX,CAAuBY,aAAvB,CAChC,qBAAc;MAACC,aAAa,EAAE;IAAhB,CAAd,EAAwCnC,OAAxC,CADgC,CAAlC;IAIA,OAAO,iBAAQoC,OAAR,EAAP;EACD,CA/HsC;;EAkIvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEN,8BA1IuC,0CA0IR9B,OA1IQ,EA0IC;IACtC,KAAKgC,MAAL,CAAYC,IAAZ,CAAiB,yDAAjB;IACA,KAAK3B,KAAL,CAAWC,SAAX,GAAuBH,QAAvB,GAAkC,KAAKE,KAAL,CAAWgB,WAAX,CAAuBY,aAAvB,CAChC,qBAAc;MAACC,aAAa,EAAE;IAAhB,CAAd,EAAuCnC,OAAvC,CADgC,CAAlC;IAIA,OAAO,iBAAQoC,OAAR,EAAP;EACD,CAjJsC;;EAoJvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,yBAnKuC,2CAmKN;IAAA;;IAAA,IAANC,GAAM,QAANA,GAAM;IAC/B,IAAIC,QAAQ,GAAG,KAAKjC,KAAL,CAAWkC,QAAX,CAAoBC,QAApB,CAA6BC,GAA7B,CAAiC,OAAjC,EAA0C,IAA1C,CAAf;;IAEA,IAAIH,QAAQ,IAAIA,QAAQ,CAACI,KAAT,CAAe,CAAC,CAAhB,MAAuB,GAAvC,EAA4C;MAC1C;MACA;MACAJ,QAAQ,IAAI,GAAZ;IACD;;IAEDA,QAAQ,GAAGA,QAAQ,IAAInB,OAAO,CAACwB,GAAR,CAAYC,iBAAxB,IAA6C,gCAAxD;IAEA,OAAO,KAAKvC,KAAL,CACJwC,OADI,CACI;MACPC,MAAM,EAAE,MADD;MAEPC,GAAG,YAAKT,QAAL,cAFI;MAGPU,OAAO,EAAE;QACPC,aAAa,EAAEZ;MADR;IAHF,CADJ,EAQJa,IARI,CAQC;MAAA,IAAEC,IAAF,SAAEA,IAAF;MAAA,OAAa;QACjBC,YAAY,EAAED,IAAI,CAACE,KADF;QAEjBC,UAAU,EAAE,QAFK;QAGjBC,UAAU,EAAEJ,IAAI,CAACK;MAHA,CAAb;IAAA,CARD,EAaJN,IAbI,CAaC,UAACG,KAAD,EAAW;MACf,MAAI,CAAChD,KAAL,CAAWgB,WAAX,CAAuBC,GAAvB,CAA2B;QACzBC,UAAU,EAAE8B;MADa,CAA3B;IAGD,CAjBI,EAkBJH,IAlBI,CAkBC;MAAA,OAAM,MAAI,CAAC7C,KAAL,CAAWkC,QAAX,CAAoBC,QAApB,CAA6BiB,mBAA7B,EAAN;IAAA,CAlBD,CAAP;EAmBD,CAjMsC;;EAmMvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,MA3MuC,oBA2MlB;IAAA,IAAd3D,OAAc,uEAAJ,EAAI;;IACnB,IAAI,CAACA,OAAO,CAAC4D,UAAb,EAAyB;MACvB,KAAKtD,KAAL,CAAWC,SAAX,GAAuBH,QAAvB,GAAkC,KAAKE,KAAL,CAAWgB,WAAX,CAAuBuC,cAAvB,CAAsC7D,OAAtC,CAAlC;IACD;EACF,CA/MsC;;EAiNvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACES,eAzNuC,2BAyNvBL,QAzNuB,EAyNb;IACxB,IAAO0D,KAAP,GAAgB1D,QAAhB,CAAO0D,KAAP;;IAEA,IAAIA,KAAK,IAAIA,KAAK,CAACC,KAAnB,EAA0B;MACxB,IAAMC,gBAAgB,GAAGC,sBAAA,CAAYC,MAAZ,CAAmBJ,KAAK,CAACC,KAAzB,CAAzB;;MAEA,MAAM,IAAIC,gBAAJ,CAAqBF,KAArB,CAAN;IACD;EACF,CAjOsC;;EAmOvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE3C,SA3OuC,qBA2O7Bf,QA3O6B,EA2OnB;IAClBA,QAAQ,GAAG,yBAAUA,QAAV,CAAX;;IACA,IAAI,KAAKE,KAAL,CAAWC,SAAX,GAAuB4D,OAAvB,IAAkC,KAAK7D,KAAL,CAAWC,SAAX,GAAuB4D,OAAvB,CAA+BC,YAArE,EAAmF;MACjF,CACE,cADF,EAEE,YAFF,EAGE,YAHF,EAIE,eAJF,EAKE,0BALF,EAMEC,OANF,CAMU,UAACC,GAAD;QAAA,OAAS,6BAAuBlE,QAAQ,CAACM,IAAhC,EAAsC4D,GAAtC,CAAT;MAAA,CANV;;MAOA,IAAI,CAAC,uBAAQlE,QAAQ,CAACM,IAAT,CAAcI,KAAtB,CAAL,EAAmC;QACjCV,QAAQ,CAACM,IAAT,CAAcI,KAAd,GAAsBhC,cAAA,CAAOC,MAAP,CACpB,wBAAe,oBAAKqB,QAAQ,CAACM,IAAT,CAAcI,KAAnB,EAA0B,YAA1B,CAAf,CADoB,CAAtB;;QAGA,IAAIV,QAAQ,CAACM,IAAT,CAAcI,KAAd,KAAwBjC,mBAA5B,EAAiD;UAC/C,6BAAuBuB,QAAQ,CAACM,IAAhC,EAAsC,OAAtC;QACD;MACF,CAPD,MAOO;QACL,6BAAuBN,QAAQ,CAACM,IAAhC,EAAsC,OAAtC;MACD;;MACDN,QAAQ,CAACM,IAAT,GAAgBG,oBAAA,CAAY0D,SAAZ,CAAsBnE,QAAQ,CAACM,IAA/B,CAAhB;MACA,KAAKJ,KAAL,CAAWC,SAAX,GAAuB4D,OAAvB,CAA+BC,YAA/B,CAA4C,EAA5C,EAAgD,IAAhD,EAAsD/D,YAAA,CAAImE,MAAJ,CAAWpE,QAAX,CAAtD;IACD;EACF,CAlQsC;;EAoQvC;AACF;AACA;AACA;AACA;AACA;AACA;EACEuB,sBA3QuC,oCA2Qd;IACvB,KAAKK,MAAL,CAAYC,IAAZ,CAAiB,sCAAjB;;IAEA,IAAMqB,KAAK,GAAGmB,aAAA,CAAKC,EAAL,EAAd;;IAEA,KAAKpE,KAAL,CAAWC,SAAX,GAAuBoE,cAAvB,CAAsCC,OAAtC,CAA8C,mBAA9C,EAAmEtB,KAAnE;IAEA,OAAOA,KAAP;EACD,CAnRsC;;EAqRvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEpC,UA7RuC,sBA6R5Bd,QA7R4B,EA6RlB;IACnB,IAAMM,IAAI,GAAG,yBAAUN,QAAQ,CAACM,IAAnB,CAAb;;IAEA,IAAIA,IAAJ,EAAU;MACR,KAAKmE,oBAAL,CAA0BnE,IAA1B;IACD;;IACD,IAAI,CAACA,IAAI,CAAC2C,YAAV,EAAwB;MACtB,KAAKzD,KAAL,GAAa,IAAb;MAEA,OAAOkF,SAAP;IACD;;IACD,IAAIpE,IAAI,CAAC8C,UAAT,EAAqB;MACnB9C,IAAI,CAAC8C,UAAL,GAAkB,wBAAS9C,IAAI,CAAC8C,UAAd,EAA0B,EAA1B,CAAlB;IACD;;IACD,IAAI9C,IAAI,CAACqE,wBAAT,EAAmC;MACjCrE,IAAI,CAACqE,wBAAL,GAAgC,wBAASrE,IAAI,CAACqE,wBAAd,EAAwC,EAAxC,CAAhC;IACD;;IAED,OAAOrE,IAAP;EACD,CAhTsC;;EAkTvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEmE,oBA3TuC,gCA2TlBnE,IA3TkB,EA2TZ;IACzB,IAAMsE,YAAY,GAAG,KAAK1E,KAAL,CAAWC,SAAX,GAAuBoE,cAAvB,CAAsCM,OAAtC,CAA8CrG,iBAA9C,CAArB;IAEA,KAAK0B,KAAL,CAAWC,SAAX,GAAuBoE,cAAvB,CAAsCO,UAAtC,CAAiDtG,iBAAjD;;IACA,IAAI,CAACoG,YAAL,EAAmB;MACjB;IACD;;IAED,IAAI,CAACtE,IAAI,CAACI,KAAV,EAAiB;MACf,MAAM,IAAIqE,KAAJ,+BAAiCH,YAAjC,sCAAN;IACD;;IAED,IAAI,CAACtE,IAAI,CAACI,KAAL,CAAWY,UAAhB,EAA4B;MAC1B,MAAM,IAAIyD,KAAJ,+BAAiCH,YAAjC,sCAAN;IACD;;IAED,IAAM1B,KAAK,GAAG5C,IAAI,CAACI,KAAL,CAAWY,UAAzB;;IAEA,IAAI4B,KAAK,KAAK0B,YAAd,EAA4B;MAC1B,MAAM,IAAIG,KAAJ,sBAAwB7B,KAAxB,0CAA6D0B,YAA7D,EAAN;IACD;EACF,CAhVsC;EAAA;AAAA,CAAnB,4ZAmJnBI,iBAnJmB,6FAAtB;;eAmVepG,a"}

package/dist/config.js.map

@@ -1 +1 @@
-{"version":3,"names":["credentials","clientType"],"sources":["config.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nexport default {\n  credentials: {\n    /**\n     * Controls whether {@link Authorization#initiateLogin()} requests a token\n     * or an auth code. Anything other than 'confidential' will be treated as\n     * 'public'\n     * @private\n     * @type {string}\n     */\n    clientType: 'public'\n  }\n};\n"],"mappings":";;;;;;;;;;AAAA;AACA;AACA;eAEe;EACbA,WAAW,EAAE;IACX;AACJ;AACA;AACA;AACA;AACA;AACA;IACIC,UAAU,EAAE;EARD;AADA,C"}
+{"version":3,"names":["credentials","clientType"],"sources":["config.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nexport default {\n  credentials: {\n    /**\n     * Controls whether {@link Authorization#initiateLogin()} requests a token\n     * or an auth code. Anything other than 'confidential' will be treated as\n     * 'public'\n     * @private\n     * @type {string}\n     */\n    clientType: 'public',\n  },\n};\n"],"mappings":";;;;;;;;;;AAAA;AACA;AACA;eAEe;EACbA,WAAW,EAAE;IACX;AACJ;AACA;AACA;AACA;AACA;AACA;IACIC,UAAU,EAAE;EARD;AADA,C"}

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["proxies","registerPlugin","Authorization","config"],"sources":["index.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport '@webex/internal-plugin-device';\nimport {registerPlugin} from '@webex/webex-core';\n\nimport Authorization from './authorization';\nimport config from './config';\n\nconst proxies = [\n  'isAuthorizing',\n  'isAuthenticating'\n];\n\nregisterPlugin('authorization', Authorization, {\n  config,\n  proxies\n});\n\nexport {default} from './authorization';\nexport {default as config} from './config';\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAIA;;AACA;;AAEA;;AACA;;AARA;AACA;AACA;AAQA,IAAMA,OAAO,GAAG,CACd,eADc,EAEd,kBAFc,CAAhB;AAKA,IAAAC,yBAAA,EAAe,eAAf,EAAgCC,sBAAhC,EAA+C;EAC7CC,MAAM,EAANA,eAD6C;EAE7CH,OAAO,EAAPA;AAF6C,CAA/C"}
+{"version":3,"names":["proxies","registerPlugin","Authorization","config"],"sources":["index.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport '@webex/internal-plugin-device';\nimport {registerPlugin} from '@webex/webex-core';\n\nimport Authorization from './authorization';\nimport config from './config';\n\nconst proxies = ['isAuthorizing', 'isAuthenticating'];\n\nregisterPlugin('authorization', Authorization, {\n  config,\n  proxies,\n});\n\nexport {default} from './authorization';\nexport {default as config} from './config';\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAIA;;AACA;;AAEA;;AACA;;AARA;AACA;AACA;AAQA,IAAMA,OAAO,GAAG,CAAC,eAAD,EAAkB,kBAAlB,CAAhB;AAEA,IAAAC,yBAAA,EAAe,eAAf,EAAgCC,sBAAhC,EAA+C;EAC7CC,MAAM,EAANA,eAD6C;EAE7CH,OAAO,EAAPA;AAF6C,CAA/C"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@webex/plugin-authorization-browser",
-  "version": "3.0.0-beta.14",
+  "version": "3.0.0-beta.15",
   "description": "",
   "license": "MIT",
   "main": "dist/index.js",
@@ -20,22 +20,22 @@
     ]
   },
   "devDependencies": {
-    "@webex/plugin-authorization-browser": "3.0.0-beta.14",
-    "@webex/test-helper-appid": "3.0.0-beta.14",
-    "@webex/test-helper-automation": "3.0.0-beta.14",
-    "@webex/test-helper-chai": "3.0.0-beta.14",
-    "@webex/test-helper-mocha": "3.0.0-beta.14",
-    "@webex/test-helper-mock-webex": "3.0.0-beta.14",
-    "@webex/test-helper-test-users": "3.0.0-beta.14",
+    "@webex/plugin-authorization-browser": "3.0.0-beta.15",
+    "@webex/test-helper-appid": "3.0.0-beta.15",
+    "@webex/test-helper-automation": "3.0.0-beta.15",
+    "@webex/test-helper-chai": "3.0.0-beta.15",
+    "@webex/test-helper-mocha": "3.0.0-beta.15",
+    "@webex/test-helper-mock-webex": "3.0.0-beta.15",
+    "@webex/test-helper-test-users": "3.0.0-beta.15",
     "sinon": "^9.2.4"
   },
   "dependencies": {
-    "@webex/common": "3.0.0-beta.14",
-    "@webex/internal-plugin-device": "3.0.0-beta.14",
-    "@webex/plugin-authorization-node": "3.0.0-beta.14",
-    "@webex/storage-adapter-local-storage": "3.0.0-beta.14",
-    "@webex/storage-adapter-spec": "3.0.0-beta.14",
-    "@webex/webex-core": "3.0.0-beta.14",
+    "@webex/common": "3.0.0-beta.15",
+    "@webex/internal-plugin-device": "3.0.0-beta.15",
+    "@webex/plugin-authorization-node": "3.0.0-beta.15",
+    "@webex/storage-adapter-local-storage": "3.0.0-beta.15",
+    "@webex/storage-adapter-spec": "3.0.0-beta.15",
+    "@webex/webex-core": "3.0.0-beta.15",
     "lodash": "^4.17.21",
     "uuid": "^3.3.2"
   }

package/src/authorization.js

@@ -33,8 +33,8 @@ const Authorization = WebexPlugin.extend({
       deps: ['isAuthorizing'],
       fn() {
         return this.isAuthorizing;
-      }
-    }
+      },
+    },
   },
 
   session: {
@@ -46,12 +46,12 @@ const Authorization = WebexPlugin.extend({
      */
     isAuthorizing: {
       default: false,
-      type: 'boolean'
+      type: 'boolean',
     },
     ready: {
       default: false,
-      type: 'boolean'
-    }
+      type: 'boolean',
+    },
   },
 
   namespace: 'Credentials',
@@ -143,7 +143,9 @@ const Authorization = WebexPlugin.extend({
    */
   initiateImplicitGrant(options) {
     this.logger.info('authorization: initiating implicit grant flow');
-    this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(Object.assign({response_type: 'token'}, options));
+    this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(
+      Object.assign({response_type: 'token'}, options)
+    );
 
     return Promise.resolve();
   },
@@ -159,7 +161,9 @@ const Authorization = WebexPlugin.extend({
    */
   initiateAuthorizationCodeGrant(options) {
     this.logger.info('authorization: initiating authorization code grant flow');
-    this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(Object.assign({response_type: 'code'}, options));
+    this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(
+      Object.assign({response_type: 'code'}, options)
+    );
 
     return Promise.resolve();
   },
@@ -189,25 +193,24 @@ const Authorization = WebexPlugin.extend({
       hydraUri += '/';
     }
 
-    hydraUri = hydraUri ||
-      process.env.HYDRA_SERVICE_URL ||
-      'https://api.ciscospark.com/v1/';
+    hydraUri = hydraUri || process.env.HYDRA_SERVICE_URL || 'https://api.ciscospark.com/v1/';
 
-    return this.webex.request({
-      method: 'POST',
-      uri: `${hydraUri}jwt/login`,
-      headers: {
-        authorization: jwt
-      }
-    })
+    return this.webex
+      .request({
+        method: 'POST',
+        uri: `${hydraUri}jwt/login`,
+        headers: {
+          authorization: jwt,
+        },
+      })
       .then(({body}) => ({
         access_token: body.token,
         token_type: 'Bearer',
-        expires_in: body.expiresIn
+        expires_in: body.expiresIn,
       }))
       .then((token) => {
         this.webex.credentials.set({
-          supertoken: token
+          supertoken: token,
         });
       })
       .then(() => this.webex.internal.services.initServiceCatalogs());
@@ -261,15 +264,16 @@ const Authorization = WebexPlugin.extend({
         'token_type',
         'expires_in',
         'refresh_token',
-        'refresh_token_expires_in'
+        'refresh_token_expires_in',
       ].forEach((key) => Reflect.deleteProperty(location.hash, key));
       if (!isEmpty(location.hash.state)) {
-        location.hash.state = base64.encode(JSON.stringify(omit(location.hash.state, 'csrf_token')));
+        location.hash.state = base64.encode(
+          JSON.stringify(omit(location.hash.state, 'csrf_token'))
+        );
         if (location.hash.state === EMPTY_OBJECT_STRING) {
           Reflect.deleteProperty(location.hash, 'state');
         }
-      }
-      else {
+      } else {
         Reflect.deleteProperty(location.hash, 'state');
       }
       location.hash = querystring.stringify(location.hash);
@@ -353,7 +357,7 @@ const Authorization = WebexPlugin.extend({
     if (token !== sessionToken) {
       throw new Error(`CSRF token ${token} does not match stored token ${sessionToken}`);
     }
-  }
+  },
 });
 
 export default Authorization;

package/src/config.js

@@ -11,6 +11,6 @@ export default {
      * @private
      * @type {string}
      */
-    clientType: 'public'
-  }
+    clientType: 'public',
+  },
 };

package/src/index.js

@@ -8,14 +8,11 @@ import {registerPlugin} from '@webex/webex-core';
 import Authorization from './authorization';
 import config from './config';
 
-const proxies = [
-  'isAuthorizing',
-  'isAuthenticating'
-];
+const proxies = ['isAuthorizing', 'isAuthenticating'];
 
 registerPlugin('authorization', Authorization, {
   config,
-  proxies
+  proxies,
 });
 
 export {default} from './authorization';

package/test/automation/fixtures/app.js

@@ -10,35 +10,37 @@ import WebexCore from '@webex/webex-core';
 
 import pkg from '../../../package';
 
-const webex = window.webex = new WebexCore({
+const webex = (window.webex = new WebexCore({
   config: {
     credentials: {
       refreshCallback(webex, token) {
-        return webex.request({
-          method: 'POST',
-          uri: '/refresh',
-          body: {
-            // eslint-disable-next-line camelcase
-            refresh_token: token.refresh_token
-          }
-        })
+        return webex
+          .request({
+            method: 'POST',
+            uri: '/refresh',
+            body: {
+              // eslint-disable-next-line camelcase
+              refresh_token: token.refresh_token,
+            },
+          })
           .then((res) => res.body);
-      }
+      },
     },
     storage: {
-      boundedAdapter: new StorageAdapterLocalStorage('webex')
-    }
-  }
-});
+      boundedAdapter: new StorageAdapterLocalStorage('webex'),
+    },
+  },
+}));
 
 webex.once('ready', () => {
   if (webex.canAuthorize) {
     document.getElementById('access-token').innerHTML = webex.credentials.supertoken.access_token;
     document.getElementById('refresh-token').innerHTML = webex.credentials.supertoken.refresh_token;
 
-    webex.request({
-      uri: 'https://locus-a.wbx2.com/locus/api/v1/ping'
-    })
+    webex
+      .request({
+        uri: 'https://locus-a.wbx2.com/locus/api/v1/ping',
+      })
       .then(() => {
         document.getElementById('ping-complete').innerHTML = 'success';
       });
@@ -50,24 +52,23 @@ document.body.classList.add('ready');
 
 document.getElementById('initiate-implicit-grant').addEventListener('click', () => {
   webex.authorization.initiateLogin({
-    state: {name: pkg.name}
+    state: {name: pkg.name},
   });
 });
 
 document.getElementById('initiate-authorization-code-grant').addEventListener('click', () => {
   webex.config.credentials.clientType = 'confidential';
   webex.authorization.initiateLogin({
-    state: {name: pkg.name}
+    state: {name: pkg.name},
   });
 });
 
 document.getElementById('token-refresh').addEventListener('click', () => {
   document.getElementById('access-token').innerHTML = '';
-  webex.refresh({force: true})
-    .then(() => {
-      document.getElementById('access-token').innerHTML = webex.credentials.supertoken.access_token;
-      document.getElementById('refresh-token').innerHTML = webex.credentials.supertoken.refresh_token;
-    });
+  webex.refresh({force: true}).then(() => {
+    document.getElementById('access-token').innerHTML = webex.credentials.supertoken.access_token;
+    document.getElementById('refresh-token').innerHTML = webex.credentials.supertoken.refresh_token;
+  });
 });
 
 document.getElementById('logout').addEventListener('click', () => {

package/test/automation/fixtures/index.html

@@ -1,22 +1,27 @@
 <!DOCTYPE html>
 <html>
-<head>
-  <title>Authorization Automation Test</title>
-</head>
-<body class="authorization-automation-test">
-  <button title="Login with Implicit Grant" id="initiate-implicit-grant">Login with Implicit Grant</button>
-  <button title="Login with Authorization Code Grant" id="initiate-authorization-code-grant">Login with Authorization Code Grant</button>
-  <button title="Refresh Access Token" id="token-refresh">Refresh Access Token</button>
+  <head>
+    <title>Authorization Automation Test</title>
+  </head>
+  <body class="authorization-automation-test">
+    <button title="Login with Implicit Grant" id="initiate-implicit-grant">
+      Login with Implicit Grant
+    </button>
+    <button title="Login with Authorization Code Grant" id="initiate-authorization-code-grant">
+      Login with Authorization Code Grant
+    </button>
+    <button title="Refresh Access Token" id="token-refresh">Refresh Access Token</button>
 
-  <h1>Access Token</h1>
-  <div id="access-token"></div>
-  <h1>Refresh Token</h1>
-  <div id="refresh-token"></div>
+    <h1>Access Token</h1>
+    <div id="access-token"></div>
+    <h1>Refresh Token</h1>
+    <div id="refresh-token"></div>
 
-  <h1>Pinging WDM</h1>
-  <div id="ping-complete"></div>
+    <h1>Pinging WDM</h1>
+    <div id="ping-complete"></div>
 
-  <button title="Logout" id="logout">Logout</button>
+    <button title="Logout" id="logout">Logout</button>
 
-  <script src="app.js"></script>
-</body>
+    <script src="app.js"></script>
+  </body>
+</html>

package/test/automation/spec/authorization-code-grant.js

@@ -18,98 +18,106 @@ describe('plugin-authorization-browser', function () {
     describe.skip('Authorization Code Grant', () => {
       let browser, user;
 
-      before(() => testUsers.create({count: 1})
-        .then((users) => {
+      before(() =>
+        testUsers.create({count: 1}).then((users) => {
           user = users[0];
-        }));
+        })
+      );
 
-      before(() => createBrowser(pkg)
-        .then((b) => {
+      before(() =>
+        createBrowser(pkg).then((b) => {
           browser = b;
-        }));
+        })
+      );
 
       after(() => browser && browser.printLogs());
 
-      after(() => browser && browser.quit()
-        .catch((reason) => {
-          console.warn(reason);
-        }));
-
-      it('authorizes a user', () => browser
-        .get(`${redirectUri}/${pkg.name}`)
-        .waitForElementByClassName('ready')
-        .title()
+      after(
+        () =>
+          browser &&
+          browser.quit().catch((reason) => {
+            console.warn(reason);
+          })
+      );
+
+      it('authorizes a user', () =>
+        browser
+          .get(`${redirectUri}/${pkg.name}`)
+          .waitForElementByClassName('ready')
+          .title()
           .should.eventually.become('Authorization Automation Test')
-        .waitForElementByCssSelector('[title="Login with Authorization Code Grant"]')
+          .waitForElementByCssSelector('[title="Login with Authorization Code Grant"]')
           .click()
-        .login(user)
-        .waitForElementByClassName('authorization-automation-test')
-        .waitForElementById('refresh-token')
+          .login(user)
+          .waitForElementByClassName('authorization-automation-test')
+          .waitForElementById('refresh-token')
           .text()
-            .should.eventually.not.be.empty
-        .waitForElementByCssSelector('#ping-complete:not(:empty)')
+          .should.eventually.not.be.empty.waitForElementByCssSelector('#ping-complete:not(:empty)')
           .text()
-            .should.eventually.become('success'));
+          .should.eventually.become('success'));
 
-      it('is still logged in after reloading the page', () => browser
-        .waitForElementById('access-token')
-          .text()
-            .should.eventually.not.be.empty
-        .get(`${redirectUri}/${pkg.name}`)
-        .sleep(500)
-        .waitForElementById('access-token')
+      it('is still logged in after reloading the page', () =>
+        browser
+          .waitForElementById('access-token')
           .text()
-            .should.eventually.not.be.empty);
+          .should.eventually.not.be.empty.get(`${redirectUri}/${pkg.name}`)
+          .sleep(500)
+          .waitForElementById('access-token')
+          .text().should.eventually.not.be.empty);
 
-      it('refreshes the user\'s access token', () => {
+      it("refreshes the user's access token", () => {
         let accessToken = '';
 
-        return browser
-          .waitForElementByCssSelector('#access-token:not(:empty)')
+        return (
+          browser
+            .waitForElementByCssSelector('#access-token:not(:empty)')
             .text()
-              .then((text) => {
-                accessToken = text;
-                assert.isString(accessToken);
-                assert.isAbove(accessToken.length, 0);
-
-                return browser;
-              })
-          .waitForElementByCssSelector('[title="Refresh Access Token"]')
+            .then((text) => {
+              accessToken = text;
+              assert.isString(accessToken);
+              assert.isAbove(accessToken.length, 0);
+
+              return browser;
+            })
+            .waitForElementByCssSelector('[title="Refresh Access Token"]')
             .click()
-          // Not thrilled by a sleep, but we just need to give the button click
-          // enough time to clear the #access-token box
-          .sleep(500)
-          .waitForElementByCssSelector('#access-token:not(:empty)')
+            // Not thrilled by a sleep, but we just need to give the button click
+            // enough time to clear the #access-token box
+            .sleep(500)
+            .waitForElementByCssSelector('#access-token:not(:empty)')
             .text()
-              .then((text) => {
-                assert.isString(text);
-                assert.isAbove(text.length, 0);
-                assert.notEqual(text, accessToken);
-
-                return browser;
-              });
+            .then((text) => {
+              assert.isString(text);
+              assert.isAbove(text.length, 0);
+              assert.notEqual(text, accessToken);
+
+              return browser;
+            })
+        );
       });
 
-      it('logs out a user', () => browser
-        .title()
+      it('logs out a user', () =>
+        browser
+          .title()
           .should.eventually.become('Authorization Automation Test')
-        .waitForElementByCssSelector('[title="Logout"]')
+          .waitForElementByCssSelector('[title="Logout"]')
           .click()
-        // We need to revoke three tokens before the window.location assignment.
-        // So far, I haven't found any ques to wait for, so sleep seems to be
-        // the only option.
-        .sleep(3000)
-        .title()
+          // We need to revoke three tokens before the window.location assignment.
+          // So far, I haven't found any ques to wait for, so sleep seems to be
+          // the only option.
+          .sleep(3000)
+          .title()
           .should.eventually.become('Redirect Dispatcher')
-        .get(`${redirectUri}/${pkg.name}`)
-        .title()
+          .get(`${redirectUri}/${pkg.name}`)
+          .title()
           .should.eventually.become('Authorization Automation Test')
-        .waitForElementById('access-token')
+          .waitForElementById('access-token')
           .text()
-            .should.eventually.be.empty
-        .waitForElementByCssSelector('[title="Login with Authorization Code Grant"]')
+          .should.eventually.be.empty.waitForElementByCssSelector(
+            '[title="Login with Authorization Code Grant"]'
+          )
           .click()
-        .waitForElementById('IDToken1'));
+          .waitForElementById('IDToken1'));
     });
   });
 });