@webex/plugin-authorization-browser 3.0.0-beta.9 → 3.0.0-beta.91

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/dist/authorization.js +9 -77
  2. package/dist/authorization.js.map +1 -1
  3. package/dist/config.js +0 -3
  4. package/dist/config.js.map +1 -1
  5. package/dist/index.js +1 -9
  6. package/dist/index.js.map +1 -1
  7. package/package.json +14 -14
  8. package/src/authorization.js +28 -24
  9. package/src/config.js +2 -2
  10. package/src/index.js +2 -5
  11. package/test/automation/fixtures/app.js +25 -24
  12. package/test/automation/fixtures/index.html +21 -16
  13. package/test/automation/spec/authorization-code-grant.js +74 -66
  14. package/test/automation/spec/implicit-grant.js +48 -41
  15. package/test/integration/spec/authorization.js +30 -31
  16. package/test/unit/spec/authorization.js +169 -132
package/dist/authorization.js CHANGED
@@ -1,60 +1,37 @@
1
1
  "use strict";
2
2
 
3
3
  var _Object$defineProperty = require("@babel/runtime-corejs2/core-js/object/define-property");
4
-
5
4
  var _interopRequireDefault = require("@babel/runtime-corejs2/helpers/interopRequireDefault");
6
-
7
5
  _Object$defineProperty(exports, "__esModule", {
8
6
  value: true
9
7
  });
10
-
11
8
  exports.default = void 0;
12
-
13
9
  var _applyDecoratedDescriptor2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/applyDecoratedDescriptor"));
14
-
15
10
  var _stringify = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/json/stringify"));
16
-
17
11
  var _apply = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/reflect/apply"));
18
-
19
12
  var _assign = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/object/assign"));
20
-
21
13
  var _promise = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/promise"));
22
-
23
14
  var _deleteProperty = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/reflect/delete-property"));
24
-
25
15
  var _parseInt2 = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/parse-int"));
26
-
27
16
  var _getOwnPropertyDescriptor = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/object/get-own-property-descriptor"));
28
-
29
17
  var _omit2 = _interopRequireDefault(require("lodash/omit"));
30
-
31
18
  var _isEmpty2 = _interopRequireDefault(require("lodash/isEmpty"));
32
-
33
19
  var _cloneDeep2 = _interopRequireDefault(require("lodash/cloneDeep"));
34
-
35
20
  var _querystring = _interopRequireDefault(require("querystring"));
36
-
37
21
  var _url = _interopRequireDefault(require("url"));
38
-
39
22
  var _common = require("@webex/common");
40
-
41
23
  var _webexCore = require("@webex/webex-core");
42
-
43
24
  var _uuid = _interopRequireDefault(require("uuid"));
44
-
45
25
  var _dec, _dec2, _obj;
46
-
47
26
  var OAUTH2_CSRF_TOKEN = 'oauth2-csrf-token';
48
-
49
27
  var EMPTY_OBJECT_STRING = _common.base64.encode((0, _stringify.default)({}));
28
+
50
29
  /**
51
30
  * Browser support for OAuth2. Automatically parses the URL hash for an access
52
31
  * token
53
32
  * @class
54
33
  * @name AuthorizationBrowser
55
34
  */
56
-
57
-
58
35
  var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFlight)('isAuthorizing'), _dec2 = (0, _common.whileInFlight)('isAuthorizing'), (_obj = {
59
36
  derived: {
60
37
  /**
@@ -87,7 +64,6 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
87
64
  }
88
65
  },
89
66
  namespace: 'Credentials',
90
-
91
67
  /**
92
68
  * Initializer
93
69
  * @instance
@@ -101,56 +77,44 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
101
77
  // eslint-disable-next-line complexity
102
78
  initialize: function initialize(attrs, options) {
103
79
  var _this = this;
80
+ var ret = (0, _apply.default)(_webexCore.WebexPlugin.prototype.initialize, this, [attrs, options]);
104
81
 
105
- var ret = (0, _apply.default)(_webexCore.WebexPlugin.prototype.initialize, this, [attrs, options]); // Reminder, we can't do parse based on config, because config is not
82
+ // Reminder, we can't do parse based on config, because config is not
106
83
  // available until nextTick and we want to be able to throw errors found in
107
84
  // the url.
108
-
109
85
  if (attrs.parse === false) {
110
86
  this.ready = true;
111
87
  return ret;
112
88
  }
113
-
114
89
  var location = _url.default.parse(this.webex.getWindow().location.href, true);
115
-
116
90
  this._checkForErrors(location);
117
-
118
91
  var hash = location.hash;
119
-
120
92
  if (!hash) {
121
93
  this.ready = true;
122
94
  return ret;
123
95
  }
124
-
125
96
  if (hash.includes('#')) {
126
97
  hash = hash.substr(1);
127
98
  }
128
-
129
99
  location.hash = _querystring.default.parse(hash);
130
-
131
100
  if (location.hash.state) {
132
101
  location.hash.state = JSON.parse(_common.base64.decode(location.hash.state));
133
102
  }
134
-
135
103
  var tokenData = this._parseHash(location);
136
-
137
104
  if (!tokenData) {
138
105
  return ret;
139
106
  }
107
+ this._cleanUrl(location);
140
108
 
141
- this._cleanUrl(location); // Wait until nextTick in case `credentials` hasn't initialized yet
142
-
143
-
109
+ // Wait until nextTick in case `credentials` hasn't initialized yet
144
110
  process.nextTick(function () {
145
111
  _this.webex.credentials.set({
146
112
  supertoken: tokenData
147
113
  });
148
-
149
114
  _this.ready = true;
150
115
  });
151
116
  return ret;
152
117
  },
153
-
154
118
  /**
155
119
  * Kicks off an oauth flow
156
120
  * @instance
@@ -161,16 +125,15 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
161
125
  initiateLogin: function initiateLogin() {
162
126
  var options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
163
127
  options.state = options.state || {};
164
- options.state.csrf_token = this._generateSecurityToken(); // If we're not explicitly a confidential client, assume we're a public
165
- // client
128
+ options.state.csrf_token = this._generateSecurityToken();
166
129
 
130
+ // If we're not explicitly a confidential client, assume we're a public
131
+ // client
167
132
  if (this.config.clientType === 'confidential') {
168
133
  return this.initiateAuthorizationCodeGrant(options);
169
134
  }
170
-
171
135
  return this.initiateImplicitGrant(options);
172
136
  },
173
-
174
137
  /**
175
138
  * Kicks off the Authorization Code grant flow. Typically called via
176
139
  * {@link AuthorizationBrowser#initiateLogin}
@@ -186,7 +149,6 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
186
149
  }, options));
187
150
  return _promise.default.resolve();
188
151
  },
189
-
190
152
  /**
191
153
  * Kicks off the Implicit Code grant flow. Typically called via
192
154
  * {@link AuthorizationBrowser#initiateLogin}
@@ -202,7 +164,6 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
202
164
  }, options));
203
165
  return _promise.default.resolve();
204
166
  },
205
-
206
167
  /**
207
168
  * Requests a Webex access token for a user already authenticated into
208
169
  * your product.
@@ -220,16 +181,13 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
220
181
  */
221
182
  requestAccessTokenFromJwt: function requestAccessTokenFromJwt(_ref) {
222
183
  var _this2 = this;
223
-
224
184
  var jwt = _ref.jwt;
225
185
  var hydraUri = this.webex.internal.services.get('hydra', true);
226
-
227
186
  if (hydraUri && hydraUri.slice(-1) !== '/') {
228
187
  // add a `/` to hydra's uri from the services catalog so that
229
188
  // it matches the current env service format.
230
189
  hydraUri += '/';
231
190
  }
232
-
233
191
  hydraUri = hydraUri || process.env.HYDRA_SERVICE_URL || 'https://api.ciscospark.com/v1/';
234
192
  return this.webex.request({
235
193
  method: 'POST',
@@ -252,7 +210,6 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
252
210
  return _this2.webex.internal.services.initServiceCatalogs();
253
211
  });
254
212
  },
255
-
256
213
  /**
257
214
  * Called by {@link WebexCore#logout()}. Redirects to the logout page
258
215
  * @instance
@@ -263,12 +220,10 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
263
220
  */
264
221
  logout: function logout() {
265
222
  var options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
266
-
267
223
  if (!options.noRedirect) {
268
224
  this.webex.getWindow().location = this.webex.credentials.buildLogoutUrl(options);
269
225
  }
270
226
  },
271
-
272
227
  /**
273
228
  * Checks if the result of the login redirect contains an error string
274
229
  * @instance
@@ -279,14 +234,11 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
279
234
  */
280
235
  _checkForErrors: function _checkForErrors(location) {
281
236
  var query = location.query;
282
-
283
237
  if (query && query.error) {
284
238
  var ErrorConstructor = _webexCore.grantErrors.select(query.error);
285
-
286
239
  throw new ErrorConstructor(query);
287
240
  }
288
241
  },
289
-
290
242
  /**
291
243
  * Removes no-longer needed values from the url (access token, csrf token, etc)
292
244
  * @instance
@@ -297,27 +249,22 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
297
249
  */
298
250
  _cleanUrl: function _cleanUrl(location) {
299
251
  location = (0, _cloneDeep2.default)(location);
300
-
301
252
  if (this.webex.getWindow().history && this.webex.getWindow().history.replaceState) {
302
253
  ['access_token', 'token_type', 'expires_in', 'refresh_token', 'refresh_token_expires_in'].forEach(function (key) {
303
254
  return (0, _deleteProperty.default)(location.hash, key);
304
255
  });
305
-
306
256
  if (!(0, _isEmpty2.default)(location.hash.state)) {
307
257
  location.hash.state = _common.base64.encode((0, _stringify.default)((0, _omit2.default)(location.hash.state, 'csrf_token')));
308
-
309
258
  if (location.hash.state === EMPTY_OBJECT_STRING) {
310
259
  (0, _deleteProperty.default)(location.hash, 'state');
311
260
  }
312
261
  } else {
313
262
  (0, _deleteProperty.default)(location.hash, 'state');
314
263
  }
315
-
316
264
  location.hash = _querystring.default.stringify(location.hash);
317
265
  this.webex.getWindow().history.replaceState({}, null, _url.default.format(location));
318
266
  }
319
267
  },
320
-
321
268
  /**
322
269
  * Generates a CSRF token and sticks in in sessionStorage
323
270
  * @instance
@@ -327,13 +274,10 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
327
274
  */
328
275
  _generateSecurityToken: function _generateSecurityToken() {
329
276
  this.logger.info('authorization: generating csrf token');
330
-
331
277
  var token = _uuid.default.v4();
332
-
333
278
  this.webex.getWindow().sessionStorage.setItem('oauth2-csrf-token', token);
334
279
  return token;
335
280
  },
336
-
337
281
  /**
338
282
  * Parses the url hash into an access token object
339
283
  * @instance
@@ -344,27 +288,21 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
344
288
  */
345
289
  _parseHash: function _parseHash(location) {
346
290
  var hash = (0, _cloneDeep2.default)(location.hash);
347
-
348
291
  if (hash) {
349
292
  this._verifySecurityToken(hash);
350
293
  }
351
-
352
294
  if (!hash.access_token) {
353
295
  this.ready = true;
354
296
  return undefined;
355
297
  }
356
-
357
298
  if (hash.expires_in) {
358
299
  hash.expires_in = (0, _parseInt2.default)(hash.expires_in, 10);
359
300
  }
360
-
361
301
  if (hash.refresh_token_expires_in) {
362
302
  hash.refresh_token_expires_in = (0, _parseInt2.default)(hash.refresh_token_expires_in, 10);
363
303
  }
364
-
365
304
  return hash;
366
305
  },
367
-
368
306
  /**
369
307
  * Checks if the CSRF token in sessionStorage is the same as the one returned
370
308
  * in the url.
@@ -377,28 +315,22 @@ var Authorization = _webexCore.WebexPlugin.extend((_dec = (0, _common.whileInFli
377
315
  _verifySecurityToken: function _verifySecurityToken(hash) {
378
316
  var sessionToken = this.webex.getWindow().sessionStorage.getItem(OAUTH2_CSRF_TOKEN);
379
317
  this.webex.getWindow().sessionStorage.removeItem(OAUTH2_CSRF_TOKEN);
380
-
381
318
  if (!sessionToken) {
382
319
  return;
383
320
  }
384
-
385
321
  if (!hash.state) {
386
322
  throw new Error("Expected CSRF token ".concat(sessionToken, ", but not found in redirect hash"));
387
323
  }
388
-
389
324
  if (!hash.state.csrf_token) {
390
325
  throw new Error("Expected CSRF token ".concat(sessionToken, ", but not found in redirect hash"));
391
326
  }
392
-
393
327
  var token = hash.state.csrf_token;
394
-
395
328
  if (token !== sessionToken) {
396
329
  throw new Error("CSRF token ".concat(token, " does not match stored token ").concat(sessionToken));
397
330
  }
398
331
  },
399
- version: "3.0.0-beta.9"
332
+ version: "3.0.0-beta.91"
400
333
  }, ((0, _applyDecoratedDescriptor2.default)(_obj, "initiateImplicitGrant", [_dec], (0, _getOwnPropertyDescriptor.default)(_obj, "initiateImplicitGrant"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "initiateAuthorizationCodeGrant", [_dec2], (0, _getOwnPropertyDescriptor.default)(_obj, "initiateAuthorizationCodeGrant"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "requestAccessTokenFromJwt", [_common.oneFlight], (0, _getOwnPropertyDescriptor.default)(_obj, "requestAccessTokenFromJwt"), _obj)), _obj)));
401
-
402
334
  var _default = Authorization;
403
335
  exports.default = _default;
404
336
  //# sourceMappingURL=authorization.js.map
package/dist/authorization.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["OAUTH2_CSRF_TOKEN","EMPTY_OBJECT_STRING","base64","encode","Authorization","WebexPlugin","extend","whileInFlight","derived","isAuthenticating","deps","fn","isAuthorizing","session","default","type","ready","namespace","initialize","attrs","options","ret","prototype","parse","location","url","webex","getWindow","href","_checkForErrors","hash","includes","substr","querystring","state","JSON","decode","tokenData","_parseHash","_cleanUrl","process","nextTick","credentials","set","supertoken","initiateLogin","csrf_token","_generateSecurityToken","config","clientType","initiateAuthorizationCodeGrant","initiateImplicitGrant","logger","info","buildLoginUrl","response_type","resolve","requestAccessTokenFromJwt","jwt","hydraUri","internal","services","get","slice","env","HYDRA_SERVICE_URL","request","method","uri","headers","authorization","then","body","access_token","token","token_type","expires_in","expiresIn","initServiceCatalogs","logout","noRedirect","buildLogoutUrl","query","error","ErrorConstructor","grantErrors","select","history","replaceState","forEach","key","stringify","format","uuid","v4","sessionStorage","setItem","_verifySecurityToken","undefined","refresh_token_expires_in","sessionToken","getItem","removeItem","Error","oneFlight"],"sources":["authorization.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\n/* eslint camelcase: [0] */\n\nimport querystring from 'querystring';\nimport url from 'url';\n\nimport {base64, oneFlight, whileInFlight} from '@webex/common';\nimport {grantErrors, WebexPlugin} from '@webex/webex-core';\nimport {cloneDeep, isEmpty, omit} from 'lodash';\nimport uuid from 'uuid';\n\nconst OAUTH2_CSRF_TOKEN = 'oauth2-csrf-token';\nconst EMPTY_OBJECT_STRING = base64.encode(JSON.stringify({}));\n\n/**\n * Browser support for OAuth2. Automatically parses the URL hash for an access\n * token\n * @class\n * @name AuthorizationBrowser\n */\nconst Authorization = WebexPlugin.extend({\n derived: {\n /**\n * Alias of {@link AuthorizationBrowser#isAuthorizing}\n * @instance\n * @memberof AuthorizationBrowser\n * @type {boolean}\n */\n isAuthenticating: {\n deps: ['isAuthorizing'],\n fn() {\n return this.isAuthorizing;\n }\n }\n },\n\n session: {\n /**\n * Indicates if an Authorization Code exchange is inflight\n * @instance\n * @memberof AuthorizationBrowser\n * @type {boolean}\n */\n isAuthorizing: {\n default: false,\n type: 'boolean'\n },\n ready: {\n default: false,\n type: 'boolean'\n }\n },\n\n namespace: 'Credentials',\n\n /**\n * Initializer\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} attrs {@link AmpersandState}\n * @param {boolean} attrs.parse Controls whether or not the the url should get\n * parsed for an access token\n * @private\n * @returns {Authorization}\n */\n // eslint-disable-next-line complexity\n initialize(attrs, options) {\n const ret = Reflect.apply(WebexPlugin.prototype.initialize, this, [attrs, options]);\n\n // Reminder, we can't do parse based on config, because config is not\n // available until nextTick and we want to be able to throw errors found in\n // the url.\n if (attrs.parse === false) {\n this.ready = true;\n\n return ret;\n }\n const location = url.parse(this.webex.getWindow().location.href, true);\n\n this._checkForErrors(location);\n\n let {hash} = location;\n\n if (!hash) {\n this.ready = true;\n\n return ret;\n }\n if (hash.includes('#')) {\n hash = hash.substr(1);\n }\n location.hash = querystring.parse(hash);\n if (location.hash.state) {\n location.hash.state = JSON.parse(base64.decode(location.hash.state));\n }\n const tokenData = this._parseHash(location);\n\n if (!tokenData) {\n return ret;\n }\n this._cleanUrl(location);\n\n // Wait until nextTick in case `credentials` hasn't initialized yet\n process.nextTick(() => {\n this.webex.credentials.set({supertoken: tokenData});\n this.ready = true;\n });\n\n return ret;\n },\n\n /**\n * Kicks off an oauth flow\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} options\n * @returns {Promise}\n */\n initiateLogin(options = {}) {\n options.state = options.state || {};\n options.state.csrf_token = this._generateSecurityToken();\n\n // If we're not explicitly a confidential client, assume we're a public\n // client\n if (this.config.clientType === 'confidential') {\n return this.initiateAuthorizationCodeGrant(options);\n }\n\n return this.initiateImplicitGrant(options);\n },\n\n @whileInFlight('isAuthorizing')\n /**\n * Kicks off the Authorization Code grant flow. Typically called via\n * {@link AuthorizationBrowser#initiateLogin}\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} options\n * @returns {Promise}\n */\n initiateImplicitGrant(options) {\n this.logger.info('authorization: initiating implicit grant flow');\n this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(Object.assign({response_type: 'token'}, options));\n\n return Promise.resolve();\n },\n\n @whileInFlight('isAuthorizing')\n /**\n * Kicks off the Implicit Code grant flow. Typically called via\n * {@link AuthorizationBrowser#initiateLogin}\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} options\n * @returns {Promise}\n */\n initiateAuthorizationCodeGrant(options) {\n this.logger.info('authorization: initiating authorization code grant flow');\n this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(Object.assign({response_type: 'code'}, options));\n\n return Promise.resolve();\n },\n\n @oneFlight\n /**\n * Requests a Webex access token for a user already authenticated into\n * your product.\n *\n * Note: You'll need to supply a jwtRefreshCallback of the form\n * `Promise<jwt> = jwtRefreshCallback(webex)` for automatic token refresh to\n * work.\n *\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} options\n * @param {Object} options.jwt This is a jwt generated by your backend that\n * identifies a user in your system\n * @returns {Promise}\n */\n requestAccessTokenFromJwt({jwt}) {\n let hydraUri = this.webex.internal.services.get('hydra', true);\n\n if (hydraUri && hydraUri.slice(-1) !== '/') {\n // add a `/` to hydra's uri from the services catalog so that\n // it matches the current env service format.\n hydraUri += '/';\n }\n\n hydraUri = hydraUri ||\n process.env.HYDRA_SERVICE_URL ||\n 'https://api.ciscospark.com/v1/';\n\n return this.webex.request({\n method: 'POST',\n uri: `${hydraUri}jwt/login`,\n headers: {\n authorization: jwt\n }\n })\n .then(({body}) => ({\n access_token: body.token,\n token_type: 'Bearer',\n expires_in: body.expiresIn\n }))\n .then((token) => {\n this.webex.credentials.set({\n supertoken: token\n });\n })\n .then(() => this.webex.internal.services.initServiceCatalogs());\n },\n\n /**\n * Called by {@link WebexCore#logout()}. Redirects to the logout page\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} options\n * @param {boolean} options.noRedirect if true, does not redirect\n * @returns {Promise}\n */\n logout(options = {}) {\n if (!options.noRedirect) {\n this.webex.getWindow().location = this.webex.credentials.buildLogoutUrl(options);\n }\n },\n\n /**\n * Checks if the result of the login redirect contains an error string\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} location\n * @private\n * @returns {Promise}\n */\n _checkForErrors(location) {\n const {query} = location;\n\n if (query && query.error) {\n const ErrorConstructor = grantErrors.select(query.error);\n\n throw new ErrorConstructor(query);\n }\n },\n\n /**\n * Removes no-longer needed values from the url (access token, csrf token, etc)\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} location\n * @private\n * @returns {Promise}\n */\n _cleanUrl(location) {\n location = cloneDeep(location);\n if (this.webex.getWindow().history && this.webex.getWindow().history.replaceState) {\n [\n 'access_token',\n 'token_type',\n 'expires_in',\n 'refresh_token',\n 'refresh_token_expires_in'\n ].forEach((key) => Reflect.deleteProperty(location.hash, key));\n if (!isEmpty(location.hash.state)) {\n location.hash.state = base64.encode(JSON.stringify(omit(location.hash.state, 'csrf_token')));\n if (location.hash.state === EMPTY_OBJECT_STRING) {\n Reflect.deleteProperty(location.hash, 'state');\n }\n }\n else {\n Reflect.deleteProperty(location.hash, 'state');\n }\n location.hash = querystring.stringify(location.hash);\n this.webex.getWindow().history.replaceState({}, null, url.format(location));\n }\n },\n\n /**\n * Generates a CSRF token and sticks in in sessionStorage\n * @instance\n * @memberof AuthorizationBrowser\n * @private\n * @returns {Promise}\n */\n _generateSecurityToken() {\n this.logger.info('authorization: generating csrf token');\n\n const token = uuid.v4();\n\n this.webex.getWindow().sessionStorage.setItem('oauth2-csrf-token', token);\n\n return token;\n },\n\n /**\n * Parses the url hash into an access token object\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} location\n * @private\n * @returns {Object}\n */\n _parseHash(location) {\n const hash = cloneDeep(location.hash);\n\n if (hash) {\n this._verifySecurityToken(hash);\n }\n if (!hash.access_token) {\n this.ready = true;\n\n return undefined;\n }\n if (hash.expires_in) {\n hash.expires_in = parseInt(hash.expires_in, 10);\n }\n if (hash.refresh_token_expires_in) {\n hash.refresh_token_expires_in = parseInt(hash.refresh_token_expires_in, 10);\n }\n\n return hash;\n },\n\n /**\n * Checks if the CSRF token in sessionStorage is the same as the one returned\n * in the url.\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} hash\n * @private\n * @returns {Promise}\n */\n _verifySecurityToken(hash) {\n const sessionToken = this.webex.getWindow().sessionStorage.getItem(OAUTH2_CSRF_TOKEN);\n\n this.webex.getWindow().sessionStorage.removeItem(OAUTH2_CSRF_TOKEN);\n if (!sessionToken) {\n return;\n }\n\n if (!hash.state) {\n throw new Error(`Expected CSRF token ${sessionToken}, but not found in redirect hash`);\n }\n\n if (!hash.state.csrf_token) {\n throw new Error(`Expected CSRF token ${sessionToken}, but not found in redirect hash`);\n }\n\n const token = hash.state.csrf_token;\n\n if (token !== sessionToken) {\n throw new Error(`CSRF token ${token} does not match stored token ${sessionToken}`);\n }\n }\n});\n\nexport default Authorization;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAMA;;AACA;;AAEA;;AACA;;AAEA;;;;AAEA,IAAMA,iBAAiB,GAAG,mBAA1B;;AACA,IAAMC,mBAAmB,GAAGC,cAAA,CAAOC,MAAP,CAAc,wBAAe,EAAf,CAAd,CAA5B;AAEA;AACA;AACA;AACA;AACA;AACA;;;AACA,IAAMC,aAAa,GAAGC,sBAAA,CAAYC,MAAZ,SA+GnB,IAAAC,qBAAA,EAAc,eAAd,CA/GmB,UA+HnB,IAAAA,qBAAA,EAAc,eAAd,CA/HmB,UAAmB;EACvCC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;IACIC,gBAAgB,EAAE;MAChBC,IAAI,EAAE,CAAC,eAAD,CADU;MAEhBC,EAFgB,gBAEX;QACH,OAAO,KAAKC,aAAZ;MACD;IAJe;EAPX,CAD8B;EAgBvCC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;IACID,aAAa,EAAE;MACbE,OAAO,EAAE,KADI;MAEbC,IAAI,EAAE;IAFO,CAPR;IAWPC,KAAK,EAAE;MACLF,OAAO,EAAE,KADJ;MAELC,IAAI,EAAE;IAFD;EAXA,CAhB8B;EAiCvCE,SAAS,EAAE,aAjC4B;;EAmCvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE;EACAC,UA9CuC,sBA8C5BC,KA9C4B,EA8CrBC,OA9CqB,EA8CZ;IAAA;;IACzB,IAAMC,GAAG,GAAG,oBAAchB,sBAAA,CAAYiB,SAAZ,CAAsBJ,UAApC,EAAgD,IAAhD,EAAsD,CAACC,KAAD,EAAQC,OAAR,CAAtD,CAAZ,CADyB,CAGzB;IACA;IACA;;IACA,IAAID,KAAK,CAACI,KAAN,KAAgB,KAApB,EAA2B;MACzB,KAAKP,KAAL,GAAa,IAAb;MAEA,OAAOK,GAAP;IACD;;IACD,IAAMG,QAAQ,GAAGC,YAAA,CAAIF,KAAJ,CAAU,KAAKG,KAAL,CAAWC,SAAX,GAAuBH,QAAvB,CAAgCI,IAA1C,EAAgD,IAAhD,CAAjB;;IAEA,KAAKC,eAAL,CAAqBL,QAArB;;IAEA,IAAKM,IAAL,GAAaN,QAAb,CAAKM,IAAL;;IAEA,IAAI,CAACA,IAAL,EAAW;MACT,KAAKd,KAAL,GAAa,IAAb;MAEA,OAAOK,GAAP;IACD;;IACD,IAAIS,IAAI,CAACC,QAAL,CAAc,GAAd,CAAJ,EAAwB;MACtBD,IAAI,GAAGA,IAAI,CAACE,MAAL,CAAY,CAAZ,CAAP;IACD;;IACDR,QAAQ,CAACM,IAAT,GAAgBG,oBAAA,CAAYV,KAAZ,CAAkBO,IAAlB,CAAhB;;IACA,IAAIN,QAAQ,CAACM,IAAT,CAAcI,KAAlB,EAAyB;MACvBV,QAAQ,CAACM,IAAT,CAAcI,KAAd,GAAsBC,IAAI,CAACZ,KAAL,CAAWrB,cAAA,CAAOkC,MAAP,CAAcZ,QAAQ,CAACM,IAAT,CAAcI,KAA5B,CAAX,CAAtB;IACD;;IACD,IAAMG,SAAS,GAAG,KAAKC,UAAL,CAAgBd,QAAhB,CAAlB;;IAEA,IAAI,CAACa,SAAL,EAAgB;MACd,OAAOhB,GAAP;IACD;;IACD,KAAKkB,SAAL,CAAef,QAAf,EAlCyB,CAoCzB;;;IACAgB,OAAO,CAACC,QAAR,CAAiB,YAAM;MACrB,KAAI,CAACf,KAAL,CAAWgB,WAAX,CAAuBC,GAAvB,CAA2B;QAACC,UAAU,EAAEP;MAAb,CAA3B;;MACA,KAAI,CAACrB,KAAL,GAAa,IAAb;IACD,CAHD;IAKA,OAAOK,GAAP;EACD,CAzFsC;;EA2FvC;AACF;AACA;AACA;AACA;AACA;AACA;EACEwB,aAlGuC,2BAkGX;IAAA,IAAdzB,OAAc,uEAAJ,EAAI;IAC1BA,OAAO,CAACc,KAAR,GAAgBd,OAAO,CAACc,KAAR,IAAiB,EAAjC;IACAd,OAAO,CAACc,KAAR,CAAcY,UAAd,GAA2B,KAAKC,sBAAL,EAA3B,CAF0B,CAI1B;IACA;;IACA,IAAI,KAAKC,MAAL,CAAYC,UAAZ,KAA2B,cAA/B,EAA+C;MAC7C,OAAO,KAAKC,8BAAL,CAAoC9B,OAApC,CAAP;IACD;;IAED,OAAO,KAAK+B,qBAAL,CAA2B/B,OAA3B,CAAP;EACD,CA7GsC;;EAgHvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE+B,qBAxHuC,iCAwHjB/B,OAxHiB,EAwHR;IAC7B,KAAKgC,MAAL,CAAYC,IAAZ,CAAiB,+CAAjB;IACA,KAAK3B,KAAL,CAAWC,SAAX,GAAuBH,QAAvB,GAAkC,KAAKE,KAAL,CAAWgB,WAAX,CAAuBY,aAAvB,CAAqC,qBAAc;MAACC,aAAa,EAAE;IAAhB,CAAd,EAAwCnC,OAAxC,CAArC,CAAlC;IAEA,OAAO,iBAAQoC,OAAR,EAAP;EACD,CA7HsC;;EAgIvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEN,8BAxIuC,0CAwIR9B,OAxIQ,EAwIC;IACtC,KAAKgC,MAAL,CAAYC,IAAZ,CAAiB,yDAAjB;IACA,KAAK3B,KAAL,CAAWC,SAAX,GAAuBH,QAAvB,GAAkC,KAAKE,KAAL,CAAWgB,WAAX,CAAuBY,aAAvB,CAAqC,qBAAc;MAACC,aAAa,EAAE;IAAhB,CAAd,EAAuCnC,OAAvC,CAArC,CAAlC;IAEA,OAAO,iBAAQoC,OAAR,EAAP;EACD,CA7IsC;;EAgJvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,yBA/JuC,2CA+JN;IAAA;;IAAA,IAANC,GAAM,QAANA,GAAM;IAC/B,IAAIC,QAAQ,GAAG,KAAKjC,KAAL,CAAWkC,QAAX,CAAoBC,QAApB,CAA6BC,GAA7B,CAAiC,OAAjC,EAA0C,IAA1C,CAAf;;IAEA,IAAIH,QAAQ,IAAIA,QAAQ,CAACI,KAAT,CAAe,CAAC,CAAhB,MAAuB,GAAvC,EAA4C;MAC1C;MACA;MACAJ,QAAQ,IAAI,GAAZ;IACD;;IAEDA,QAAQ,GAAGA,QAAQ,IACjBnB,OAAO,CAACwB,GAAR,CAAYC,iBADH,IAET,gCAFF;IAIA,OAAO,KAAKvC,KAAL,CAAWwC,OAAX,CAAmB;MACxBC,MAAM,EAAE,MADgB;MAExBC,GAAG,YAAKT,QAAL,cAFqB;MAGxBU,OAAO,EAAE;QACPC,aAAa,EAAEZ;MADR;IAHe,CAAnB,EAOJa,IAPI,CAOC;MAAA,IAAEC,IAAF,SAAEA,IAAF;MAAA,OAAa;QACjBC,YAAY,EAAED,IAAI,CAACE,KADF;QAEjBC,UAAU,EAAE,QAFK;QAGjBC,UAAU,EAAEJ,IAAI,CAACK;MAHA,CAAb;IAAA,CAPD,EAYJN,IAZI,CAYC,UAACG,KAAD,EAAW;MACf,MAAI,CAAChD,KAAL,CAAWgB,WAAX,CAAuBC,GAAvB,CAA2B;QACzBC,UAAU,EAAE8B;MADa,CAA3B;IAGD,CAhBI,EAiBJH,IAjBI,CAiBC;MAAA,OAAM,MAAI,CAAC7C,KAAL,CAAWkC,QAAX,CAAoBC,QAApB,CAA6BiB,mBAA7B,EAAN;IAAA,CAjBD,CAAP;EAkBD,CA9LsC;;EAgMvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,MAxMuC,oBAwMlB;IAAA,IAAd3D,OAAc,uEAAJ,EAAI;;IACnB,IAAI,CAACA,OAAO,CAAC4D,UAAb,EAAyB;MACvB,KAAKtD,KAAL,CAAWC,SAAX,GAAuBH,QAAvB,GAAkC,KAAKE,KAAL,CAAWgB,WAAX,CAAuBuC,cAAvB,CAAsC7D,OAAtC,CAAlC;IACD;EACF,CA5MsC;;EA8MvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACES,eAtNuC,2BAsNvBL,QAtNuB,EAsNb;IACxB,IAAO0D,KAAP,GAAgB1D,QAAhB,CAAO0D,KAAP;;IAEA,IAAIA,KAAK,IAAIA,KAAK,CAACC,KAAnB,EAA0B;MACxB,IAAMC,gBAAgB,GAAGC,sBAAA,CAAYC,MAAZ,CAAmBJ,KAAK,CAACC,KAAzB,CAAzB;;MAEA,MAAM,IAAIC,gBAAJ,CAAqBF,KAArB,CAAN;IACD;EACF,CA9NsC;;EAgOvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE3C,SAxOuC,qBAwO7Bf,QAxO6B,EAwOnB;IAClBA,QAAQ,GAAG,yBAAUA,QAAV,CAAX;;IACA,IAAI,KAAKE,KAAL,CAAWC,SAAX,GAAuB4D,OAAvB,IAAkC,KAAK7D,KAAL,CAAWC,SAAX,GAAuB4D,OAAvB,CAA+BC,YAArE,EAAmF;MACjF,CACE,cADF,EAEE,YAFF,EAGE,YAHF,EAIE,eAJF,EAKE,0BALF,EAMEC,OANF,CAMU,UAACC,GAAD;QAAA,OAAS,6BAAuBlE,QAAQ,CAACM,IAAhC,EAAsC4D,GAAtC,CAAT;MAAA,CANV;;MAOA,IAAI,CAAC,uBAAQlE,QAAQ,CAACM,IAAT,CAAcI,KAAtB,CAAL,EAAmC;QACjCV,QAAQ,CAACM,IAAT,CAAcI,KAAd,GAAsBhC,cAAA,CAAOC,MAAP,CAAc,wBAAe,oBAAKqB,QAAQ,CAACM,IAAT,CAAcI,KAAnB,EAA0B,YAA1B,CAAf,CAAd,CAAtB;;QACA,IAAIV,QAAQ,CAACM,IAAT,CAAcI,KAAd,KAAwBjC,mBAA5B,EAAiD;UAC/C,6BAAuBuB,QAAQ,CAACM,IAAhC,EAAsC,OAAtC;QACD;MACF,CALD,MAMK;QACH,6BAAuBN,QAAQ,CAACM,IAAhC,EAAsC,OAAtC;MACD;;MACDN,QAAQ,CAACM,IAAT,GAAgBG,oBAAA,CAAY0D,SAAZ,CAAsBnE,QAAQ,CAACM,IAA/B,CAAhB;MACA,KAAKJ,KAAL,CAAWC,SAAX,GAAuB4D,OAAvB,CAA+BC,YAA/B,CAA4C,EAA5C,EAAgD,IAAhD,EAAsD/D,YAAA,CAAImE,MAAJ,CAAWpE,QAAX,CAAtD;IACD;EACF,CA9PsC;;EAgQvC;AACF;AACA;AACA;AACA;AACA;AACA;EACEuB,sBAvQuC,oCAuQd;IACvB,KAAKK,MAAL,CAAYC,IAAZ,CAAiB,sCAAjB;;IAEA,IAAMqB,KAAK,GAAGmB,aAAA,CAAKC,EAAL,EAAd;;IAEA,KAAKpE,KAAL,CAAWC,SAAX,GAAuBoE,cAAvB,CAAsCC,OAAtC,CAA8C,mBAA9C,EAAmEtB,KAAnE;IAEA,OAAOA,KAAP;EACD,CA/QsC;;EAiRvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEpC,UAzRuC,sBAyR5Bd,QAzR4B,EAyRlB;IACnB,IAAMM,IAAI,GAAG,yBAAUN,QAAQ,CAACM,IAAnB,CAAb;;IAEA,IAAIA,IAAJ,EAAU;MACR,KAAKmE,oBAAL,CAA0BnE,IAA1B;IACD;;IACD,IAAI,CAACA,IAAI,CAAC2C,YAAV,EAAwB;MACtB,KAAKzD,KAAL,GAAa,IAAb;MAEA,OAAOkF,SAAP;IACD;;IACD,IAAIpE,IAAI,CAAC8C,UAAT,EAAqB;MACnB9C,IAAI,CAAC8C,UAAL,GAAkB,wBAAS9C,IAAI,CAAC8C,UAAd,EAA0B,EAA1B,CAAlB;IACD;;IACD,IAAI9C,IAAI,CAACqE,wBAAT,EAAmC;MACjCrE,IAAI,CAACqE,wBAAL,GAAgC,wBAASrE,IAAI,CAACqE,wBAAd,EAAwC,EAAxC,CAAhC;IACD;;IAED,OAAOrE,IAAP;EACD,CA5SsC;;EA8SvC;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEmE,oBAvTuC,gCAuTlBnE,IAvTkB,EAuTZ;IACzB,IAAMsE,YAAY,GAAG,KAAK1E,KAAL,CAAWC,SAAX,GAAuBoE,cAAvB,CAAsCM,OAAtC,CAA8CrG,iBAA9C,CAArB;IAEA,KAAK0B,KAAL,CAAWC,SAAX,GAAuBoE,cAAvB,CAAsCO,UAAtC,CAAiDtG,iBAAjD;;IACA,IAAI,CAACoG,YAAL,EAAmB;MACjB;IACD;;IAED,IAAI,CAACtE,IAAI,CAACI,KAAV,EAAiB;MACf,MAAM,IAAIqE,KAAJ,+BAAiCH,YAAjC,sCAAN;IACD;;IAED,IAAI,CAACtE,IAAI,CAACI,KAAL,CAAWY,UAAhB,EAA4B;MAC1B,MAAM,IAAIyD,KAAJ,+BAAiCH,YAAjC,sCAAN;IACD;;IAED,IAAM1B,KAAK,GAAG5C,IAAI,CAACI,KAAL,CAAWY,UAAzB;;IAEA,IAAI4B,KAAK,KAAK0B,YAAd,EAA4B;MAC1B,MAAM,IAAIG,KAAJ,sBAAwB7B,KAAxB,0CAA6D0B,YAA7D,EAAN;IACD;EACF,CA5UsC;EAAA;AAAA,CAAnB,4ZA+InBI,iBA/ImB,6FAAtB;;eA+UepG,a"}
1
+ {"version":3,"names":["OAUTH2_CSRF_TOKEN","EMPTY_OBJECT_STRING","base64","encode","Authorization","WebexPlugin","extend","whileInFlight","derived","isAuthenticating","deps","fn","isAuthorizing","session","default","type","ready","namespace","initialize","attrs","options","ret","prototype","parse","location","url","webex","getWindow","href","_checkForErrors","hash","includes","substr","querystring","state","JSON","decode","tokenData","_parseHash","_cleanUrl","process","nextTick","credentials","set","supertoken","initiateLogin","csrf_token","_generateSecurityToken","config","clientType","initiateAuthorizationCodeGrant","initiateImplicitGrant","logger","info","buildLoginUrl","response_type","resolve","requestAccessTokenFromJwt","jwt","hydraUri","internal","services","get","slice","env","HYDRA_SERVICE_URL","request","method","uri","headers","authorization","then","body","access_token","token","token_type","expires_in","expiresIn","initServiceCatalogs","logout","noRedirect","buildLogoutUrl","query","error","ErrorConstructor","grantErrors","select","history","replaceState","forEach","key","stringify","format","uuid","v4","sessionStorage","setItem","_verifySecurityToken","undefined","refresh_token_expires_in","sessionToken","getItem","removeItem","Error","oneFlight"],"sources":["authorization.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\n/* eslint camelcase: [0] */\n\nimport querystring from 'querystring';\nimport url from 'url';\n\nimport {base64, oneFlight, whileInFlight} from '@webex/common';\nimport {grantErrors, WebexPlugin} from '@webex/webex-core';\nimport {cloneDeep, isEmpty, omit} from 'lodash';\nimport uuid from 'uuid';\n\nconst OAUTH2_CSRF_TOKEN = 'oauth2-csrf-token';\nconst EMPTY_OBJECT_STRING = base64.encode(JSON.stringify({}));\n\n/**\n * Browser support for OAuth2. Automatically parses the URL hash for an access\n * token\n * @class\n * @name AuthorizationBrowser\n */\nconst Authorization = WebexPlugin.extend({\n derived: {\n /**\n * Alias of {@link AuthorizationBrowser#isAuthorizing}\n * @instance\n * @memberof AuthorizationBrowser\n * @type {boolean}\n */\n isAuthenticating: {\n deps: ['isAuthorizing'],\n fn() {\n return this.isAuthorizing;\n },\n },\n },\n\n session: {\n /**\n * Indicates if an Authorization Code exchange is inflight\n * @instance\n * @memberof AuthorizationBrowser\n * @type {boolean}\n */\n isAuthorizing: {\n default: false,\n type: 'boolean',\n },\n ready: {\n default: false,\n type: 'boolean',\n },\n },\n\n namespace: 'Credentials',\n\n /**\n * Initializer\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} attrs {@link AmpersandState}\n * @param {boolean} attrs.parse Controls whether or not the the url should get\n * parsed for an access token\n * @private\n * @returns {Authorization}\n */\n // eslint-disable-next-line complexity\n initialize(attrs, options) {\n const ret = Reflect.apply(WebexPlugin.prototype.initialize, this, [attrs, options]);\n\n // Reminder, we can't do parse based on config, because config is not\n // available until nextTick and we want to be able to throw errors found in\n // the url.\n if (attrs.parse === false) {\n this.ready = true;\n\n return ret;\n }\n const location = url.parse(this.webex.getWindow().location.href, true);\n\n this._checkForErrors(location);\n\n let {hash} = location;\n\n if (!hash) {\n this.ready = true;\n\n return ret;\n }\n if (hash.includes('#')) {\n hash = hash.substr(1);\n }\n location.hash = querystring.parse(hash);\n if (location.hash.state) {\n location.hash.state = JSON.parse(base64.decode(location.hash.state));\n }\n const tokenData = this._parseHash(location);\n\n if (!tokenData) {\n return ret;\n }\n this._cleanUrl(location);\n\n // Wait until nextTick in case `credentials` hasn't initialized yet\n process.nextTick(() => {\n this.webex.credentials.set({supertoken: tokenData});\n this.ready = true;\n });\n\n return ret;\n },\n\n /**\n * Kicks off an oauth flow\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} options\n * @returns {Promise}\n */\n initiateLogin(options = {}) {\n options.state = options.state || {};\n options.state.csrf_token = this._generateSecurityToken();\n\n // If we're not explicitly a confidential client, assume we're a public\n // client\n if (this.config.clientType === 'confidential') {\n return this.initiateAuthorizationCodeGrant(options);\n }\n\n return this.initiateImplicitGrant(options);\n },\n\n @whileInFlight('isAuthorizing')\n /**\n * Kicks off the Authorization Code grant flow. Typically called via\n * {@link AuthorizationBrowser#initiateLogin}\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} options\n * @returns {Promise}\n */\n initiateImplicitGrant(options) {\n this.logger.info('authorization: initiating implicit grant flow');\n this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(\n Object.assign({response_type: 'token'}, options)\n );\n\n return Promise.resolve();\n },\n\n @whileInFlight('isAuthorizing')\n /**\n * Kicks off the Implicit Code grant flow. Typically called via\n * {@link AuthorizationBrowser#initiateLogin}\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} options\n * @returns {Promise}\n */\n initiateAuthorizationCodeGrant(options) {\n this.logger.info('authorization: initiating authorization code grant flow');\n this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(\n Object.assign({response_type: 'code'}, options)\n );\n\n return Promise.resolve();\n },\n\n @oneFlight\n /**\n * Requests a Webex access token for a user already authenticated into\n * your product.\n *\n * Note: You'll need to supply a jwtRefreshCallback of the form\n * `Promise<jwt> = jwtRefreshCallback(webex)` for automatic token refresh to\n * work.\n *\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} options\n * @param {Object} options.jwt This is a jwt generated by your backend that\n * identifies a user in your system\n * @returns {Promise}\n */\n requestAccessTokenFromJwt({jwt}) {\n let hydraUri = this.webex.internal.services.get('hydra', true);\n\n if (hydraUri && hydraUri.slice(-1) !== '/') {\n // add a `/` to hydra's uri from the services catalog so that\n // it matches the current env service format.\n hydraUri += '/';\n }\n\n hydraUri = hydraUri || process.env.HYDRA_SERVICE_URL || 'https://api.ciscospark.com/v1/';\n\n return this.webex\n .request({\n method: 'POST',\n uri: `${hydraUri}jwt/login`,\n headers: {\n authorization: jwt,\n },\n })\n .then(({body}) => ({\n access_token: body.token,\n token_type: 'Bearer',\n expires_in: body.expiresIn,\n }))\n .then((token) => {\n this.webex.credentials.set({\n supertoken: token,\n });\n })\n .then(() => this.webex.internal.services.initServiceCatalogs());\n },\n\n /**\n * Called by {@link WebexCore#logout()}. Redirects to the logout page\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} options\n * @param {boolean} options.noRedirect if true, does not redirect\n * @returns {Promise}\n */\n logout(options = {}) {\n if (!options.noRedirect) {\n this.webex.getWindow().location = this.webex.credentials.buildLogoutUrl(options);\n }\n },\n\n /**\n * Checks if the result of the login redirect contains an error string\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} location\n * @private\n * @returns {Promise}\n */\n _checkForErrors(location) {\n const {query} = location;\n\n if (query && query.error) {\n const ErrorConstructor = grantErrors.select(query.error);\n\n throw new ErrorConstructor(query);\n }\n },\n\n /**\n * Removes no-longer needed values from the url (access token, csrf token, etc)\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} location\n * @private\n * @returns {Promise}\n */\n _cleanUrl(location) {\n location = cloneDeep(location);\n if (this.webex.getWindow().history && this.webex.getWindow().history.replaceState) {\n [\n 'access_token',\n 'token_type',\n 'expires_in',\n 'refresh_token',\n 'refresh_token_expires_in',\n ].forEach((key) => Reflect.deleteProperty(location.hash, key));\n if (!isEmpty(location.hash.state)) {\n location.hash.state = base64.encode(\n JSON.stringify(omit(location.hash.state, 'csrf_token'))\n );\n if (location.hash.state === EMPTY_OBJECT_STRING) {\n Reflect.deleteProperty(location.hash, 'state');\n }\n } else {\n Reflect.deleteProperty(location.hash, 'state');\n }\n location.hash = querystring.stringify(location.hash);\n this.webex.getWindow().history.replaceState({}, null, url.format(location));\n }\n },\n\n /**\n * Generates a CSRF token and sticks in in sessionStorage\n * @instance\n * @memberof AuthorizationBrowser\n * @private\n * @returns {Promise}\n */\n _generateSecurityToken() {\n this.logger.info('authorization: generating csrf token');\n\n const token = uuid.v4();\n\n this.webex.getWindow().sessionStorage.setItem('oauth2-csrf-token', token);\n\n return token;\n },\n\n /**\n * Parses the url hash into an access token object\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} location\n * @private\n * @returns {Object}\n */\n _parseHash(location) {\n const hash = cloneDeep(location.hash);\n\n if (hash) {\n this._verifySecurityToken(hash);\n }\n if (!hash.access_token) {\n this.ready = true;\n\n return undefined;\n }\n if (hash.expires_in) {\n hash.expires_in = parseInt(hash.expires_in, 10);\n }\n if (hash.refresh_token_expires_in) {\n hash.refresh_token_expires_in = parseInt(hash.refresh_token_expires_in, 10);\n }\n\n return hash;\n },\n\n /**\n * Checks if the CSRF token in sessionStorage is the same as the one returned\n * in the url.\n * @instance\n * @memberof AuthorizationBrowser\n * @param {Object} hash\n * @private\n * @returns {Promise}\n */\n _verifySecurityToken(hash) {\n const sessionToken = this.webex.getWindow().sessionStorage.getItem(OAUTH2_CSRF_TOKEN);\n\n this.webex.getWindow().sessionStorage.removeItem(OAUTH2_CSRF_TOKEN);\n if (!sessionToken) {\n return;\n }\n\n if (!hash.state) {\n throw new Error(`Expected CSRF token ${sessionToken}, but not found in redirect hash`);\n }\n\n if (!hash.state.csrf_token) {\n throw new Error(`Expected CSRF token ${sessionToken}, but not found in redirect hash`);\n }\n\n const token = hash.state.csrf_token;\n\n if (token !== sessionToken) {\n throw new Error(`CSRF token ${token} does not match stored token ${sessionToken}`);\n }\n },\n});\n\nexport default Authorization;\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAMA;AACA;AAEA;AACA;AAEA;AAAwB;AAExB,IAAMA,iBAAiB,GAAG,mBAAmB;AAC7C,IAAMC,mBAAmB,GAAGC,cAAM,CAACC,MAAM,CAAC,wBAAe,CAAC,CAAC,CAAC,CAAC;;AAE7D;AACA;AACA;AACA;AACA;AACA;AACA,IAAMC,aAAa,GAAGC,sBAAW,CAACC,MAAM,SA+GrC,IAAAC,qBAAa,EAAC,eAAe,CAAC,UAkB9B,IAAAA,qBAAa,EAAC,eAAe,CAAC,UAjIQ;EACvCC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;IACIC,gBAAgB,EAAE;MAChBC,IAAI,EAAE,CAAC,eAAe,CAAC;MACvBC,EAAE,gBAAG;QACH,OAAO,IAAI,CAACC,aAAa;MAC3B;IACF;EACF,CAAC;EAEDC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;IACID,aAAa,EAAE;MACbE,OAAO,EAAE,KAAK;MACdC,IAAI,EAAE;IACR,CAAC;IACDC,KAAK,EAAE;MACLF,OAAO,EAAE,KAAK;MACdC,IAAI,EAAE;IACR;EACF,CAAC;EAEDE,SAAS,EAAE,aAAa;EAExB;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE;EACAC,UAAU,sBAACC,KAAK,EAAEC,OAAO,EAAE;IAAA;IACzB,IAAMC,GAAG,GAAG,oBAAchB,sBAAW,CAACiB,SAAS,CAACJ,UAAU,EAAE,IAAI,EAAE,CAACC,KAAK,EAAEC,OAAO,CAAC,CAAC;;IAEnF;IACA;IACA;IACA,IAAID,KAAK,CAACI,KAAK,KAAK,KAAK,EAAE;MACzB,IAAI,CAACP,KAAK,GAAG,IAAI;MAEjB,OAAOK,GAAG;IACZ;IACA,IAAMG,QAAQ,GAAGC,YAAG,CAACF,KAAK,CAAC,IAAI,CAACG,KAAK,CAACC,SAAS,EAAE,CAACH,QAAQ,CAACI,IAAI,EAAE,IAAI,CAAC;IAEtE,IAAI,CAACC,eAAe,CAACL,QAAQ,CAAC;IAE9B,IAAKM,IAAI,GAAIN,QAAQ,CAAhBM,IAAI;IAET,IAAI,CAACA,IAAI,EAAE;MACT,IAAI,CAACd,KAAK,GAAG,IAAI;MAEjB,OAAOK,GAAG;IACZ;IACA,IAAIS,IAAI,CAACC,QAAQ,CAAC,GAAG,CAAC,EAAE;MACtBD,IAAI,GAAGA,IAAI,CAACE,MAAM,CAAC,CAAC,CAAC;IACvB;IACAR,QAAQ,CAACM,IAAI,GAAGG,oBAAW,CAACV,KAAK,CAACO,IAAI,CAAC;IACvC,IAAIN,QAAQ,CAACM,IAAI,CAACI,KAAK,EAAE;MACvBV,QAAQ,CAACM,IAAI,CAACI,KAAK,GAAGC,IAAI,CAACZ,KAAK,CAACrB,cAAM,CAACkC,MAAM,CAACZ,QAAQ,CAACM,IAAI,CAACI,KAAK,CAAC,CAAC;IACtE;IACA,IAAMG,SAAS,GAAG,IAAI,CAACC,UAAU,CAACd,QAAQ,CAAC;IAE3C,IAAI,CAACa,SAAS,EAAE;MACd,OAAOhB,GAAG;IACZ;IACA,IAAI,CAACkB,SAAS,CAACf,QAAQ,CAAC;;IAExB;IACAgB,OAAO,CAACC,QAAQ,CAAC,YAAM;MACrB,KAAI,CAACf,KAAK,CAACgB,WAAW,CAACC,GAAG,CAAC;QAACC,UAAU,EAAEP;MAAS,CAAC,CAAC;MACnD,KAAI,CAACrB,KAAK,GAAG,IAAI;IACnB,CAAC,CAAC;IAEF,OAAOK,GAAG;EACZ,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;EACEwB,aAAa,2BAAe;IAAA,IAAdzB,OAAO,uEAAG,CAAC,CAAC;IACxBA,OAAO,CAACc,KAAK,GAAGd,OAAO,CAACc,KAAK,IAAI,CAAC,CAAC;IACnCd,OAAO,CAACc,KAAK,CAACY,UAAU,GAAG,IAAI,CAACC,sBAAsB,EAAE;;IAExD;IACA;IACA,IAAI,IAAI,CAACC,MAAM,CAACC,UAAU,KAAK,cAAc,EAAE;MAC7C,OAAO,IAAI,CAACC,8BAA8B,CAAC9B,OAAO,CAAC;IACrD;IAEA,OAAO,IAAI,CAAC+B,qBAAqB,CAAC/B,OAAO,CAAC;EAC5C,CAAC;EAGD;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE+B,qBAAqB,iCAAC/B,OAAO,EAAE;IAC7B,IAAI,CAACgC,MAAM,CAACC,IAAI,CAAC,+CAA+C,CAAC;IACjE,IAAI,CAAC3B,KAAK,CAACC,SAAS,EAAE,CAACH,QAAQ,GAAG,IAAI,CAACE,KAAK,CAACgB,WAAW,CAACY,aAAa,CACpE,qBAAc;MAACC,aAAa,EAAE;IAAO,CAAC,EAAEnC,OAAO,CAAC,CACjD;IAED,OAAO,iBAAQoC,OAAO,EAAE;EAC1B,CAAC;EAGD;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEN,8BAA8B,0CAAC9B,OAAO,EAAE;IACtC,IAAI,CAACgC,MAAM,CAACC,IAAI,CAAC,yDAAyD,CAAC;IAC3E,IAAI,CAAC3B,KAAK,CAACC,SAAS,EAAE,CAACH,QAAQ,GAAG,IAAI,CAACE,KAAK,CAACgB,WAAW,CAACY,aAAa,CACpE,qBAAc;MAACC,aAAa,EAAE;IAAM,CAAC,EAAEnC,OAAO,CAAC,CAChD;IAED,OAAO,iBAAQoC,OAAO,EAAE;EAC1B,CAAC;EAGD;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,yBAAyB,2CAAQ;IAAA;IAAA,IAANC,GAAG,QAAHA,GAAG;IAC5B,IAAIC,QAAQ,GAAG,IAAI,CAACjC,KAAK,CAACkC,QAAQ,CAACC,QAAQ,CAACC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC;IAE9D,IAAIH,QAAQ,IAAIA,QAAQ,CAACI,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;MAC1C;MACA;MACAJ,QAAQ,IAAI,GAAG;IACjB;IAEAA,QAAQ,GAAGA,QAAQ,IAAInB,OAAO,CAACwB,GAAG,CAACC,iBAAiB,IAAI,gCAAgC;IAExF,OAAO,IAAI,CAACvC,KAAK,CACdwC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,YAAKT,QAAQ,cAAW;MAC3BU,OAAO,EAAE;QACPC,aAAa,EAAEZ;MACjB;IACF,CAAC,CAAC,CACDa,IAAI,CAAC;MAAA,IAAEC,IAAI,SAAJA,IAAI;MAAA,OAAO;QACjBC,YAAY,EAAED,IAAI,CAACE,KAAK;QACxBC,UAAU,EAAE,QAAQ;QACpBC,UAAU,EAAEJ,IAAI,CAACK;MACnB,CAAC;IAAA,CAAC,CAAC,CACFN,IAAI,CAAC,UAACG,KAAK,EAAK;MACf,MAAI,CAAChD,KAAK,CAACgB,WAAW,CAACC,GAAG,CAAC;QACzBC,UAAU,EAAE8B;MACd,CAAC,CAAC;IACJ,CAAC,CAAC,CACDH,IAAI,CAAC;MAAA,OAAM,MAAI,CAAC7C,KAAK,CAACkC,QAAQ,CAACC,QAAQ,CAACiB,mBAAmB,EAAE;IAAA,EAAC;EACnE,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,MAAM,oBAAe;IAAA,IAAd3D,OAAO,uEAAG,CAAC,CAAC;IACjB,IAAI,CAACA,OAAO,CAAC4D,UAAU,EAAE;MACvB,IAAI,CAACtD,KAAK,CAACC,SAAS,EAAE,CAACH,QAAQ,GAAG,IAAI,CAACE,KAAK,CAACgB,WAAW,CAACuC,cAAc,CAAC7D,OAAO,CAAC;IAClF;EACF,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACES,eAAe,2BAACL,QAAQ,EAAE;IACxB,IAAO0D,KAAK,GAAI1D,QAAQ,CAAjB0D,KAAK;IAEZ,IAAIA,KAAK,IAAIA,KAAK,CAACC,KAAK,EAAE;MACxB,IAAMC,gBAAgB,GAAGC,sBAAW,CAACC,MAAM,CAACJ,KAAK,CAACC,KAAK,CAAC;MAExD,MAAM,IAAIC,gBAAgB,CAACF,KAAK,CAAC;IACnC;EACF,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE3C,SAAS,qBAACf,QAAQ,EAAE;IAClBA,QAAQ,GAAG,yBAAUA,QAAQ,CAAC;IAC9B,IAAI,IAAI,CAACE,KAAK,CAACC,SAAS,EAAE,CAAC4D,OAAO,IAAI,IAAI,CAAC7D,KAAK,CAACC,SAAS,EAAE,CAAC4D,OAAO,CAACC,YAAY,EAAE;MACjF,CACE,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,eAAe,EACf,0BAA0B,CAC3B,CAACC,OAAO,CAAC,UAACC,GAAG;QAAA,OAAK,6BAAuBlE,QAAQ,CAACM,IAAI,EAAE4D,GAAG,CAAC;MAAA,EAAC;MAC9D,IAAI,CAAC,uBAAQlE,QAAQ,CAACM,IAAI,CAACI,KAAK,CAAC,EAAE;QACjCV,QAAQ,CAACM,IAAI,CAACI,KAAK,GAAGhC,cAAM,CAACC,MAAM,CACjC,wBAAe,oBAAKqB,QAAQ,CAACM,IAAI,CAACI,KAAK,EAAE,YAAY,CAAC,CAAC,CACxD;QACD,IAAIV,QAAQ,CAACM,IAAI,CAACI,KAAK,KAAKjC,mBAAmB,EAAE;UAC/C,6BAAuBuB,QAAQ,CAACM,IAAI,EAAE,OAAO,CAAC;QAChD;MACF,CAAC,MAAM;QACL,6BAAuBN,QAAQ,CAACM,IAAI,EAAE,OAAO,CAAC;MAChD;MACAN,QAAQ,CAACM,IAAI,GAAGG,oBAAW,CAAC0D,SAAS,CAACnE,QAAQ,CAACM,IAAI,CAAC;MACpD,IAAI,CAACJ,KAAK,CAACC,SAAS,EAAE,CAAC4D,OAAO,CAACC,YAAY,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE/D,YAAG,CAACmE,MAAM,CAACpE,QAAQ,CAAC,CAAC;IAC7E;EACF,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;EACEuB,sBAAsB,oCAAG;IACvB,IAAI,CAACK,MAAM,CAACC,IAAI,CAAC,sCAAsC,CAAC;IAExD,IAAMqB,KAAK,GAAGmB,aAAI,CAACC,EAAE,EAAE;IAEvB,IAAI,CAACpE,KAAK,CAACC,SAAS,EAAE,CAACoE,cAAc,CAACC,OAAO,CAAC,mBAAmB,EAAEtB,KAAK,CAAC;IAEzE,OAAOA,KAAK;EACd,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEpC,UAAU,sBAACd,QAAQ,EAAE;IACnB,IAAMM,IAAI,GAAG,yBAAUN,QAAQ,CAACM,IAAI,CAAC;IAErC,IAAIA,IAAI,EAAE;MACR,IAAI,CAACmE,oBAAoB,CAACnE,IAAI,CAAC;IACjC;IACA,IAAI,CAACA,IAAI,CAAC2C,YAAY,EAAE;MACtB,IAAI,CAACzD,KAAK,GAAG,IAAI;MAEjB,OAAOkF,SAAS;IAClB;IACA,IAAIpE,IAAI,CAAC8C,UAAU,EAAE;MACnB9C,IAAI,CAAC8C,UAAU,GAAG,wBAAS9C,IAAI,CAAC8C,UAAU,EAAE,EAAE,CAAC;IACjD;IACA,IAAI9C,IAAI,CAACqE,wBAAwB,EAAE;MACjCrE,IAAI,CAACqE,wBAAwB,GAAG,wBAASrE,IAAI,CAACqE,wBAAwB,EAAE,EAAE,CAAC;IAC7E;IAEA,OAAOrE,IAAI;EACb,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEmE,oBAAoB,gCAACnE,IAAI,EAAE;IACzB,IAAMsE,YAAY,GAAG,IAAI,CAAC1E,KAAK,CAACC,SAAS,EAAE,CAACoE,cAAc,CAACM,OAAO,CAACrG,iBAAiB,CAAC;IAErF,IAAI,CAAC0B,KAAK,CAACC,SAAS,EAAE,CAACoE,cAAc,CAACO,UAAU,CAACtG,iBAAiB,CAAC;IACnE,IAAI,CAACoG,YAAY,EAAE;MACjB;IACF;IAEA,IAAI,CAACtE,IAAI,CAACI,KAAK,EAAE;MACf,MAAM,IAAIqE,KAAK,+BAAwBH,YAAY,sCAAmC;IACxF;IAEA,IAAI,CAACtE,IAAI,CAACI,KAAK,CAACY,UAAU,EAAE;MAC1B,MAAM,IAAIyD,KAAK,+BAAwBH,YAAY,sCAAmC;IACxF;IAEA,IAAM1B,KAAK,GAAG5C,IAAI,CAACI,KAAK,CAACY,UAAU;IAEnC,IAAI4B,KAAK,KAAK0B,YAAY,EAAE;MAC1B,MAAM,IAAIG,KAAK,sBAAe7B,KAAK,0CAAgC0B,YAAY,EAAG;IACpF;EACF,CAAC;EAAA;AACH,CAAC,4ZA9LEI,iBAAS,6FA8LV;AAAC,eAEYpG,aAAa;AAAA"}
package/dist/config.js CHANGED
@@ -1,13 +1,10 @@
1
1
  "use strict";
2
2
 
3
3
  var _Object$defineProperty = require("@babel/runtime-corejs2/core-js/object/define-property");
4
-
5
4
  _Object$defineProperty(exports, "__esModule", {
6
5
  value: true
7
6
  });
8
-
9
7
  exports.default = void 0;
10
-
11
8
  /*!
12
9
  * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.
13
10
  */
package/dist/config.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["credentials","clientType"],"sources":["config.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nexport default {\n credentials: {\n /**\n * Controls whether {@link Authorization#initiateLogin()} requests a token\n * or an auth code. Anything other than 'confidential' will be treated as\n * 'public'\n * @private\n * @type {string}\n */\n clientType: 'public'\n }\n};\n"],"mappings":";;;;;;;;;;AAAA;AACA;AACA;eAEe;EACbA,WAAW,EAAE;IACX;AACJ;AACA;AACA;AACA;AACA;AACA;IACIC,UAAU,EAAE;EARD;AADA,C"}
1
+ {"version":3,"names":["credentials","clientType"],"sources":["config.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nexport default {\n credentials: {\n /**\n * Controls whether {@link Authorization#initiateLogin()} requests a token\n * or an auth code. Anything other than 'confidential' will be treated as\n * 'public'\n * @private\n * @type {string}\n */\n clientType: 'public',\n },\n};\n"],"mappings":";;;;;;;AAAA;AACA;AACA;AAFA,eAIe;EACbA,WAAW,EAAE;IACX;AACJ;AACA;AACA;AACA;AACA;AACA;IACIC,UAAU,EAAE;EACd;AACF,CAAC;AAAA"}
package/dist/index.js CHANGED
@@ -1,38 +1,30 @@
1
1
  "use strict";
2
2
 
3
3
  var _Object$defineProperty = require("@babel/runtime-corejs2/core-js/object/define-property");
4
-
5
4
  var _interopRequireDefault = require("@babel/runtime-corejs2/helpers/interopRequireDefault");
6
-
7
5
  _Object$defineProperty(exports, "__esModule", {
8
6
  value: true
9
7
  });
10
-
11
8
  _Object$defineProperty(exports, "config", {
12
9
  enumerable: true,
13
10
  get: function get() {
14
11
  return _config.default;
15
12
  }
16
13
  });
17
-
18
14
  _Object$defineProperty(exports, "default", {
19
15
  enumerable: true,
20
16
  get: function get() {
21
17
  return _authorization.default;
22
18
  }
23
19
  });
24
-
25
20
  require("@webex/internal-plugin-device");
26
-
27
21
  var _webexCore = require("@webex/webex-core");
28
-
29
22
  var _authorization = _interopRequireDefault(require("./authorization"));
30
-
31
23
  var _config = _interopRequireDefault(require("./config"));
32
-
33
24
  /*!
34
25
  * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.
35
26
  */
27
+
36
28
  var proxies = ['isAuthorizing', 'isAuthenticating'];
37
29
  (0, _webexCore.registerPlugin)('authorization', _authorization.default, {
38
30
  config: _config.default,
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["proxies","registerPlugin","Authorization","config"],"sources":["index.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport '@webex/internal-plugin-device';\nimport {registerPlugin} from '@webex/webex-core';\n\nimport Authorization from './authorization';\nimport config from './config';\n\nconst proxies = [\n 'isAuthorizing',\n 'isAuthenticating'\n];\n\nregisterPlugin('authorization', Authorization, {\n config,\n proxies\n});\n\nexport {default} from './authorization';\nexport {default as config} from './config';\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAIA;;AACA;;AAEA;;AACA;;AARA;AACA;AACA;AAQA,IAAMA,OAAO,GAAG,CACd,eADc,EAEd,kBAFc,CAAhB;AAKA,IAAAC,yBAAA,EAAe,eAAf,EAAgCC,sBAAhC,EAA+C;EAC7CC,MAAM,EAANA,eAD6C;EAE7CH,OAAO,EAAPA;AAF6C,CAA/C"}
1
+ {"version":3,"names":["proxies","registerPlugin","Authorization","config"],"sources":["index.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport '@webex/internal-plugin-device';\nimport {registerPlugin} from '@webex/webex-core';\n\nimport Authorization from './authorization';\nimport config from './config';\n\nconst proxies = ['isAuthorizing', 'isAuthenticating'];\n\nregisterPlugin('authorization', Authorization, {\n config,\n proxies,\n});\n\nexport {default} from './authorization';\nexport {default as config} from './config';\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAIA;AACA;AAEA;AACA;AARA;AACA;AACA;;AAQA,IAAMA,OAAO,GAAG,CAAC,eAAe,EAAE,kBAAkB,CAAC;AAErD,IAAAC,yBAAc,EAAC,eAAe,EAAEC,sBAAa,EAAE;EAC7CC,MAAM,EAANA,eAAM;EACNH,OAAO,EAAPA;AACF,CAAC,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@webex/plugin-authorization-browser",
3
- "version": "3.0.0-beta.9",
3
+ "version": "3.0.0-beta.91",
4
4
  "description": "",
5
5
  "license": "MIT",
6
6
  "main": "dist/index.js",
@@ -20,22 +20,22 @@
20
20
  ]
21
21
  },
22
22
  "devDependencies": {
23
- "@webex/plugin-authorization-browser": "3.0.0-beta.9",
24
- "@webex/test-helper-appid": "3.0.0-beta.9",
25
- "@webex/test-helper-automation": "3.0.0-beta.9",
26
- "@webex/test-helper-chai": "3.0.0-beta.9",
27
- "@webex/test-helper-mocha": "3.0.0-beta.9",
28
- "@webex/test-helper-mock-webex": "3.0.0-beta.9",
29
- "@webex/test-helper-test-users": "3.0.0-beta.9",
23
+ "@webex/plugin-authorization-browser": "3.0.0-beta.91",
24
+ "@webex/test-helper-appid": "3.0.0-beta.91",
25
+ "@webex/test-helper-automation": "3.0.0-beta.91",
26
+ "@webex/test-helper-chai": "3.0.0-beta.91",
27
+ "@webex/test-helper-mocha": "3.0.0-beta.91",
28
+ "@webex/test-helper-mock-webex": "3.0.0-beta.91",
29
+ "@webex/test-helper-test-users": "3.0.0-beta.91",
30
30
  "sinon": "^9.2.4"
31
31
  },
32
32
  "dependencies": {
33
- "@webex/common": "3.0.0-beta.9",
34
- "@webex/internal-plugin-device": "3.0.0-beta.9",
35
- "@webex/plugin-authorization-node": "3.0.0-beta.9",
36
- "@webex/storage-adapter-local-storage": "3.0.0-beta.9",
37
- "@webex/storage-adapter-spec": "3.0.0-beta.9",
38
- "@webex/webex-core": "3.0.0-beta.9",
33
+ "@webex/common": "3.0.0-beta.91",
34
+ "@webex/internal-plugin-device": "3.0.0-beta.91",
35
+ "@webex/plugin-authorization-node": "3.0.0-beta.91",
36
+ "@webex/storage-adapter-local-storage": "3.0.0-beta.91",
37
+ "@webex/storage-adapter-spec": "3.0.0-beta.91",
38
+ "@webex/webex-core": "3.0.0-beta.91",
39
39
  "lodash": "^4.17.21",
40
40
  "uuid": "^3.3.2"
41
41
  }
package/src/authorization.js CHANGED
@@ -33,8 +33,8 @@ const Authorization = WebexPlugin.extend({
33
33
  deps: ['isAuthorizing'],
34
34
  fn() {
35
35
  return this.isAuthorizing;
36
- }
37
- }
36
+ },
37
+ },
38
38
  },
39
39
 
40
40
  session: {
@@ -46,12 +46,12 @@ const Authorization = WebexPlugin.extend({
46
46
  */
47
47
  isAuthorizing: {
48
48
  default: false,
49
- type: 'boolean'
49
+ type: 'boolean',
50
50
  },
51
51
  ready: {
52
52
  default: false,
53
- type: 'boolean'
54
- }
53
+ type: 'boolean',
54
+ },
55
55
  },
56
56
 
57
57
  namespace: 'Credentials',
@@ -143,7 +143,9 @@ const Authorization = WebexPlugin.extend({
143
143
  */
144
144
  initiateImplicitGrant(options) {
145
145
  this.logger.info('authorization: initiating implicit grant flow');
146
- this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(Object.assign({response_type: 'token'}, options));
146
+ this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(
147
+ Object.assign({response_type: 'token'}, options)
148
+ );
147
149
 
148
150
  return Promise.resolve();
149
151
  },
@@ -159,7 +161,9 @@ const Authorization = WebexPlugin.extend({
159
161
  */
160
162
  initiateAuthorizationCodeGrant(options) {
161
163
  this.logger.info('authorization: initiating authorization code grant flow');
162
- this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(Object.assign({response_type: 'code'}, options));
164
+ this.webex.getWindow().location = this.webex.credentials.buildLoginUrl(
165
+ Object.assign({response_type: 'code'}, options)
166
+ );
163
167
 
164
168
  return Promise.resolve();
165
169
  },
@@ -189,25 +193,24 @@ const Authorization = WebexPlugin.extend({
189
193
  hydraUri += '/';
190
194
  }
191
195
 
192
- hydraUri = hydraUri ||
193
- process.env.HYDRA_SERVICE_URL ||
194
- 'https://api.ciscospark.com/v1/';
196
+ hydraUri = hydraUri || process.env.HYDRA_SERVICE_URL || 'https://api.ciscospark.com/v1/';
195
197
 
196
- return this.webex.request({
197
- method: 'POST',
198
- uri: `${hydraUri}jwt/login`,
199
- headers: {
200
- authorization: jwt
201
- }
202
- })
198
+ return this.webex
199
+ .request({
200
+ method: 'POST',
201
+ uri: `${hydraUri}jwt/login`,
202
+ headers: {
203
+ authorization: jwt,
204
+ },
205
+ })
203
206
  .then(({body}) => ({
204
207
  access_token: body.token,
205
208
  token_type: 'Bearer',
206
- expires_in: body.expiresIn
209
+ expires_in: body.expiresIn,
207
210
  }))
208
211
  .then((token) => {
209
212
  this.webex.credentials.set({
210
- supertoken: token
213
+ supertoken: token,
211
214
  });
212
215
  })
213
216
  .then(() => this.webex.internal.services.initServiceCatalogs());
@@ -261,15 +264,16 @@ const Authorization = WebexPlugin.extend({
261
264
  'token_type',
262
265
  'expires_in',
263
266
  'refresh_token',
264
- 'refresh_token_expires_in'
267
+ 'refresh_token_expires_in',
265
268
  ].forEach((key) => Reflect.deleteProperty(location.hash, key));
266
269
  if (!isEmpty(location.hash.state)) {
267
- location.hash.state = base64.encode(JSON.stringify(omit(location.hash.state, 'csrf_token')));
270
+ location.hash.state = base64.encode(
271
+ JSON.stringify(omit(location.hash.state, 'csrf_token'))
272
+ );
268
273
  if (location.hash.state === EMPTY_OBJECT_STRING) {
269
274
  Reflect.deleteProperty(location.hash, 'state');
270
275
  }
271
- }
272
- else {
276
+ } else {
273
277
  Reflect.deleteProperty(location.hash, 'state');
274
278
  }
275
279
  location.hash = querystring.stringify(location.hash);
@@ -353,7 +357,7 @@ const Authorization = WebexPlugin.extend({
353
357
  if (token !== sessionToken) {
354
358
  throw new Error(`CSRF token ${token} does not match stored token ${sessionToken}`);
355
359
  }
356
- }
360
+ },
357
361
  });
358
362
 
359
363
  export default Authorization;
package/src/config.js CHANGED
@@ -11,6 +11,6 @@ export default {
11
11
  * @private
12
12
  * @type {string}
13
13
  */
14
- clientType: 'public'
15
- }
14
+ clientType: 'public',
15
+ },
16
16
  };