@webex/webex-core 3.0.0-beta.358 → 3.0.0-beta.359
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lib/batcher.js +1 -1
- package/dist/lib/credentials/credentials.js +1 -1
- package/dist/lib/credentials/scope.js +8 -6
- package/dist/lib/credentials/scope.js.map +1 -1
- package/dist/lib/credentials/token.js +4 -1
- package/dist/lib/credentials/token.js.map +1 -1
- package/dist/lib/services/services.js +1 -1
- package/dist/plugins/logger.js +1 -1
- package/dist/webex-core.js +2 -2
- package/package.json +14 -14
- package/src/lib/credentials/scope.js +8 -6
- package/src/lib/credentials/token.js +9 -1
- package/test/unit/spec/credentials/scope.js +64 -39
- package/test/unit/spec/credentials/token.js +11 -1
package/dist/lib/batcher.js
CHANGED
|
@@ -282,7 +282,7 @@ var Batcher = _webexPlugin.default.extend({
|
|
|
282
282
|
fingerprintResponse: function fingerprintResponse(item) {
|
|
283
283
|
throw new Error('fingerprintResponse() must be implemented');
|
|
284
284
|
},
|
|
285
|
-
version: "3.0.0-beta.
|
|
285
|
+
version: "3.0.0-beta.359"
|
|
286
286
|
});
|
|
287
287
|
var _default2 = Batcher;
|
|
288
288
|
exports.default = _default2;
|
|
@@ -558,7 +558,7 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
558
558
|
this.refresh();
|
|
559
559
|
}
|
|
560
560
|
},
|
|
561
|
-
version: "3.0.0-beta.
|
|
561
|
+
version: "3.0.0-beta.359"
|
|
562
562
|
}, ((0, _applyDecoratedDescriptor2.default)(_obj, "getUserToken", [_dec, _dec2], (0, _getOwnPropertyDescriptor.default)(_obj, "getUserToken"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "initialize", [_dec3], (0, _getOwnPropertyDescriptor.default)(_obj, "initialize"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "invalidate", [_common.oneFlight, _dec4], (0, _getOwnPropertyDescriptor.default)(_obj, "invalidate"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "refresh", [_common.oneFlight, _dec5, _dec6], (0, _getOwnPropertyDescriptor.default)(_obj, "refresh"), _obj)), _obj)));
|
|
563
563
|
var _default = Credentials;
|
|
564
564
|
exports.default = _default;
|
|
@@ -10,6 +10,8 @@ exports.filterScope = filterScope;
|
|
|
10
10
|
exports.sortScope = sortScope;
|
|
11
11
|
var _isArray = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/array/is-array"));
|
|
12
12
|
var _difference2 = _interopRequireDefault(require("lodash/difference"));
|
|
13
|
+
var SCOPE_SEPARATOR = ' ';
|
|
14
|
+
|
|
13
15
|
/**
|
|
14
16
|
* sorts a list of scopes
|
|
15
17
|
* @param {string} scope
|
|
@@ -19,7 +21,7 @@ function sortScope(scope) {
|
|
|
19
21
|
if (!scope) {
|
|
20
22
|
return '';
|
|
21
23
|
}
|
|
22
|
-
return scope.split(
|
|
24
|
+
return scope.split(SCOPE_SEPARATOR).sort().join(SCOPE_SEPARATOR);
|
|
23
25
|
}
|
|
24
26
|
|
|
25
27
|
/**
|
|
@@ -33,9 +35,9 @@ function filterScope(toFilter, scope) {
|
|
|
33
35
|
return '';
|
|
34
36
|
}
|
|
35
37
|
var toFilterArr = (0, _isArray.default)(toFilter) ? toFilter : [toFilter];
|
|
36
|
-
return scope.split(
|
|
38
|
+
return scope.split(SCOPE_SEPARATOR).filter(function (item) {
|
|
37
39
|
return !toFilterArr.includes(item);
|
|
38
|
-
}).sort().join(
|
|
40
|
+
}).sort().join(SCOPE_SEPARATOR);
|
|
39
41
|
}
|
|
40
42
|
|
|
41
43
|
/**
|
|
@@ -47,8 +49,8 @@ function filterScope(toFilter, scope) {
|
|
|
47
49
|
*/
|
|
48
50
|
function diffScopes(scopeA, scopeB) {
|
|
49
51
|
var _scopeA$split, _scopeB$split;
|
|
50
|
-
var a = (_scopeA$split = scopeA === null || scopeA === void 0 ? void 0 : scopeA.split(
|
|
51
|
-
var b = (_scopeB$split = scopeB === null || scopeB === void 0 ? void 0 : scopeB.split(
|
|
52
|
-
return (0, _difference2.default)(a, b).sort().join(
|
|
52
|
+
var a = (_scopeA$split = scopeA === null || scopeA === void 0 ? void 0 : scopeA.split(SCOPE_SEPARATOR)) !== null && _scopeA$split !== void 0 ? _scopeA$split : [];
|
|
53
|
+
var b = (_scopeB$split = scopeB === null || scopeB === void 0 ? void 0 : scopeB.split(SCOPE_SEPARATOR)) !== null && _scopeB$split !== void 0 ? _scopeB$split : [];
|
|
54
|
+
return (0, _difference2.default)(a, b).sort().join(SCOPE_SEPARATOR);
|
|
53
55
|
}
|
|
54
56
|
//# sourceMappingURL=scope.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["sortScope","scope","split","sort","join","filterScope","toFilter","toFilterArr","filter","item","includes","diffScopes","scopeA","scopeB","a","b"],"sources":["scope.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport {difference} from 'lodash';\n\n/**\n * sorts a list of scopes\n * @param {string} scope\n * @returns {string}\n */\nexport function sortScope(scope) {\n if (!scope) {\n return '';\n }\n\n return scope.split(
|
|
1
|
+
{"version":3,"names":["SCOPE_SEPARATOR","sortScope","scope","split","sort","join","filterScope","toFilter","toFilterArr","filter","item","includes","diffScopes","scopeA","scopeB","a","b"],"sources":["scope.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport {difference} from 'lodash';\n\nconst SCOPE_SEPARATOR = ' ';\n\n/**\n * sorts a list of scopes\n * @param {string} scope\n * @returns {string}\n */\nexport function sortScope(scope) {\n if (!scope) {\n return '';\n }\n\n return scope.split(SCOPE_SEPARATOR).sort().join(SCOPE_SEPARATOR);\n}\n\n/**\n * sorts a list of scopes and filters the specified scope\n * @param {string|string[]} toFilter\n * @param {string} scope\n * @returns {string}\n */\nexport function filterScope(toFilter, scope) {\n if (!scope) {\n return '';\n }\n const toFilterArr = Array.isArray(toFilter) ? toFilter : [toFilter];\n\n return scope\n .split(SCOPE_SEPARATOR)\n .filter((item) => !toFilterArr.includes(item))\n .sort()\n .join(SCOPE_SEPARATOR);\n}\n\n/**\n * Returns a string containing all items in scopeA that are not in scopeB, or an empty string if there are none.\n *\n * @param {string} scopeA\n * @param {string} scopeB\n * @returns {string}\n */\nexport function diffScopes(scopeA, scopeB) {\n const a = scopeA?.split(SCOPE_SEPARATOR) ?? [];\n const b = scopeB?.split(SCOPE_SEPARATOR) ?? [];\n\n return difference(a, b).sort().join(SCOPE_SEPARATOR);\n}\n"],"mappings":";;;;;;;;;;;;AAMA,IAAMA,eAAe,GAAG,GAAG;;AAE3B;AACA;AACA;AACA;AACA;AACO,SAASC,SAAS,CAACC,KAAK,EAAE;EAC/B,IAAI,CAACA,KAAK,EAAE;IACV,OAAO,EAAE;EACX;EAEA,OAAOA,KAAK,CAACC,KAAK,CAACH,eAAe,CAAC,CAACI,IAAI,EAAE,CAACC,IAAI,CAACL,eAAe,CAAC;AAClE;;AAEA;AACA;AACA;AACA;AACA;AACA;AACO,SAASM,WAAW,CAACC,QAAQ,EAAEL,KAAK,EAAE;EAC3C,IAAI,CAACA,KAAK,EAAE;IACV,OAAO,EAAE;EACX;EACA,IAAMM,WAAW,GAAG,sBAAcD,QAAQ,CAAC,GAAGA,QAAQ,GAAG,CAACA,QAAQ,CAAC;EAEnE,OAAOL,KAAK,CACTC,KAAK,CAACH,eAAe,CAAC,CACtBS,MAAM,CAAC,UAACC,IAAI;IAAA,OAAK,CAACF,WAAW,CAACG,QAAQ,CAACD,IAAI,CAAC;EAAA,EAAC,CAC7CN,IAAI,EAAE,CACNC,IAAI,CAACL,eAAe,CAAC;AAC1B;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASY,UAAU,CAACC,MAAM,EAAEC,MAAM,EAAE;EAAA;EACzC,IAAMC,CAAC,oBAAGF,MAAM,aAANA,MAAM,uBAANA,MAAM,CAAEV,KAAK,CAACH,eAAe,CAAC,yDAAI,EAAE;EAC9C,IAAMgB,CAAC,oBAAGF,MAAM,aAANA,MAAM,uBAANA,MAAM,CAAEX,KAAK,CAACH,eAAe,CAAC,yDAAI,EAAE;EAE9C,OAAO,0BAAWe,CAAC,EAAEC,CAAC,CAAC,CAACZ,IAAI,EAAE,CAACC,IAAI,CAACL,eAAe,CAAC;AACtD"}
|
|
@@ -262,6 +262,9 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
262
262
|
}
|
|
263
263
|
return _promise.default.reject(new Error('cannot downscope access token'));
|
|
264
264
|
}
|
|
265
|
+
if ((0, _scope.diffScopes)(scope, this.config.scope) !== '') {
|
|
266
|
+
return _promise.default.reject(new Error("new scope (".concat(scope, ") is not subset of the available scopes (").concat(this.config.scope, ")")));
|
|
267
|
+
}
|
|
265
268
|
|
|
266
269
|
// Since we're going to use scope as the index in our token collection, it's
|
|
267
270
|
// important scopes are always deterministically specified.
|
|
@@ -527,7 +530,7 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
527
530
|
return res.body;
|
|
528
531
|
});
|
|
529
532
|
},
|
|
530
|
-
version: "3.0.0-beta.
|
|
533
|
+
version: "3.0.0-beta.359"
|
|
531
534
|
}, ((0, _applyDecoratedDescriptor2.default)(_obj, "downscope", [_dec], (0, _getOwnPropertyDescriptor.default)(_obj, "downscope"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "refresh", [_common.oneFlight], (0, _getOwnPropertyDescriptor.default)(_obj, "refresh"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "revoke", [_common.oneFlight], (0, _getOwnPropertyDescriptor.default)(_obj, "revoke"), _obj)), _obj)));
|
|
532
535
|
var _default = Token;
|
|
533
536
|
exports.default = _default;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["processGrantError","res","statusCode","reject","ErrorConstructor","grantErrors","select","body","error","OAuthError","WebexHttpError","_res","Token","WebexPlugin","extend","oneFlight","keyFactory","scope","derived","canAuthorize","deps","fn","access_token","isExpired","canDownscope","config","client_id","canRefresh","inBrowser","refresh_token","refreshCallback","client_secret","expires","_isExpired","_string","token_type","namespace","props","expires_in","refresh_token_expires","refresh_token_expires_in","default","type","session","previousToken","downscope","logger","info","Error","trace","sortScope","webex","request","method","uri","tokenUrl","addAuthHeader","form","grant_type","token","self_contained_token","then","parent","initialize","attrs","options","prototype","safeSetTimeout","refresh","promise","resolve","redirect_uri","auth","user","pass","sendImmediately","shouldRefreshAccessToken","obj","process","env","NODE_ENV","revoke","unset","catch","revokeUrl","token_type_hint","set","_filterSetParameters","includes","split","now","toString","validate","service","resource","reason","convApi","CONVERSATION_SERVICE","CONVERSATION_SERVICE_URL","headers","authorization"],"sources":["token.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport {pick} from 'lodash';\nimport {inBrowser, oneFlight} from '@webex/common';\nimport {safeSetTimeout} from '@webex/common-timers';\n\nimport WebexHttpError from '../webex-http-error';\nimport WebexPlugin from '../webex-plugin';\n\nimport {sortScope} from './scope';\nimport grantErrors, {OAuthError} from './grant-errors';\n\n/* eslint-disable camelcase */\n\n/**\n * Parse response from CI and converts to structured error when appropriate\n * @param {WebexHttpError} res\n * @private\n * @returns {GrantError}\n */\nfunction processGrantError(res) {\n if (res.statusCode !== 400) {\n return Promise.reject(res);\n }\n\n const ErrorConstructor = grantErrors.select(res.body.error);\n\n if (ErrorConstructor === OAuthError && res instanceof WebexHttpError) {\n return Promise.reject(res);\n }\n if (!ErrorConstructor) {\n return Promise.reject(res);\n }\n\n return Promise.reject(new ErrorConstructor(res._res || res));\n}\n\n/**\n * @class\n */\nconst Token = WebexPlugin.extend({\n derived: {\n /**\n * Indicates if this token can be used in an auth header. `true` iff\n * {@link Token#access_token} is defined and {@link Token#isExpired} is\n * false.\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n canAuthorize: {\n deps: ['access_token', 'isExpired'],\n fn() {\n return !!this.access_token && !this.isExpired;\n },\n },\n\n /**\n * Indicates that this token can be downscoped. `true` iff\n * {@link config.credentials.client_id} is defined and if\n * {@link Token#canAuthorize} is true\n *\n * Note: since {@link config} is not evented, we can't listen for changes to\n * {@link config.credentials.client_id}. As such,\n * {@link config.credentials.client_id} must always be set before\n * instantiating a {@link Token}\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n canDownscope: {\n deps: ['canAuthorize'],\n fn() {\n return this.canAuthorize && !!this.config.client_id;\n },\n },\n\n /**\n * Indicates if this token can be refreshed. `true` iff\n * {@link Token@refresh_token} is defined and\n * {@link config.credentials.refreshCallback()} is defined\n *\n * Note: since {@link config} is not evented, we can't listen for changes to\n * {@link config.credentials.refreshCallback()}. As such,\n * {@link config.credentials.refreshCallback()} must always be set before\n * instantiating a {@link Token}\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n canRefresh: {\n deps: ['refresh_token'],\n fn() {\n if (inBrowser) {\n return !!this.refresh_token && !!this.config.refreshCallback;\n }\n\n return !!this.refresh_token && !!this.config.client_secret;\n },\n },\n\n /**\n * Indicates if this `Token` is expired. `true` iff {@link Token#expires} is\n * defined and is less than {@link Date.now()}.\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n isExpired: {\n deps: ['expires', '_isExpired'],\n fn() {\n // in order to avoid setting `cache:false`, we'll use a private property\n // and a timer rather than comparing to `Date.now()`;\n return !!this.expires && this._isExpired;\n },\n },\n\n /**\n * Cache for toString()\n * @instance\n * @memberof Token\n * @private\n * @readonly\n * @type {string}\n */\n _string: {\n deps: ['access_token', 'token_type'],\n fn() {\n if (!this.access_token || !this.token_type) {\n return '';\n }\n\n return `${this.token_type} ${this.access_token}`;\n },\n },\n },\n\n namespace: 'Credentials',\n\n props: {\n /**\n * Used for indexing in the credentials userTokens collection\n * @instance\n * @memberof Token\n * @private\n * @type {string}\n */\n scope: 'string',\n /**\n * @instance\n * @memberof Token\n * @type {string}\n */\n access_token: 'string',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n expires: 'number',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n expires_in: 'number',\n /**\n * @instance\n * @memberof Token\n * @type {string}\n */\n refresh_token: 'string',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n refresh_token_expires: 'number',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n refresh_token_expires_in: 'number',\n /**\n * @default \"Bearer\"\n * @instance\n * @memberof Token\n * @type {string}\n */\n token_type: {\n default: 'Bearer',\n type: 'string',\n },\n },\n\n session: {\n /**\n * Used by {@link Token#isExpired} to avoid doing a Date comparison.\n * @instance\n * @memberof Token\n * @private\n * @type {boolean}\n */\n _isExpired: {\n default: false,\n type: 'boolean',\n },\n /**\n * Handle to the previous token that we'll revoke when we refresh this\n * token. The idea is to keep allow two valid tokens when a refresh occurs;\n * we don't want revoke a token that's in the middle of being used, so when\n * we do a token refresh, we won't revoke the token being refreshed, but\n * we'll revoke the previous one.\n * @instance\n * @memberof Token\n * @private\n * @type {Object}\n */\n previousToken: {\n type: 'state',\n },\n },\n\n @oneFlight({\n keyFactory(scope) {\n return scope;\n },\n })\n /**\n * Uses this token to request a new Token with a subset of this Token's scopes\n * @instance\n * @memberof Token\n * @param {string} scope\n * @returns {Promise<Token>}\n */\n downscope(scope) {\n this.logger.info(`token: downscoping token to ${scope}`);\n\n if (this.isExpired) {\n this.logger.info('token: request received to downscope expired access_token');\n\n return Promise.reject(new Error('cannot downscope expired access token'));\n }\n\n if (!this.canDownscope) {\n if (this.config.client_id) {\n this.logger.info('token: request received to downscope invalid access_token');\n } else {\n this.logger.trace('token: cannot downscope without client_id');\n }\n\n return Promise.reject(new Error('cannot downscope access token'));\n }\n\n // Since we're going to use scope as the index in our token collection, it's\n // important scopes are always deterministically specified.\n if (scope) {\n scope = sortScope(scope);\n }\n\n // Ideally, we could depend on the service to communicate this error, but\n // all we get is \"invalid scope\", which, to the lay person, implies\n // something wrong with *one* of the scopes, not the whole thing.\n if (scope === sortScope(this.config.scope)) {\n return Promise.reject(new Error('token: scope reduction requires a reduced scope'));\n }\n\n return this.webex\n .request({\n method: 'POST',\n uri: this.config.tokenUrl,\n addAuthHeader: false,\n form: {\n grant_type: 'urn:cisco:oauth:grant-type:scope-reduction',\n token: this.access_token,\n scope,\n client_id: this.config.client_id,\n self_contained_token: true,\n },\n })\n .then((res) => {\n this.logger.info(`token: downscoped token to ${scope}`);\n\n return new Token(Object.assign(res.body, {scope}), {parent: this.parent});\n });\n },\n\n /**\n * Initializer\n * @instance\n * @memberof Token\n * @param {Object} [attrs={}]\n * @param {Object} [options={}]\n * @see {@link WebexPlugin#initialize()}\n * @returns {Token}\n */\n initialize(attrs = {}, options = {}) {\n Reflect.apply(WebexPlugin.prototype.initialize, this, [attrs, options]);\n\n if (typeof attrs === 'string') {\n this.access_token = attrs;\n }\n\n if (!this.access_token) {\n throw new Error('`access_token` is required');\n }\n\n // We don't want the derived property `isExpired` to need {cache:false}, so\n // we'll set up a timer the runs when this token should expire.\n if (this.expires) {\n if (this.expires < Date.now()) {\n this._isExpired = true;\n } else {\n safeSetTimeout(() => {\n this._isExpired = true;\n }, this.expires - Date.now());\n }\n }\n },\n\n @oneFlight\n /**\n * Refreshes this Token. Relies on\n * {@link config.credentials.refreshCallback()}\n * @instance\n * @memberof Token\n * @returns {Promise<Token>}\n */\n refresh() {\n if (!this.canRefresh) {\n throw new Error('Not enough information available to refresh this access token');\n }\n\n let promise;\n\n if (inBrowser) {\n if (!this.config.refreshCallback) {\n throw new Error('Cannot refresh access token without refreshCallback');\n }\n\n promise = Promise.resolve(this.config.refreshCallback(this.webex, this));\n }\n\n return (\n promise ||\n this.webex\n .request({\n method: 'POST',\n uri: this.config.tokenUrl,\n form: {\n grant_type: 'refresh_token',\n redirect_uri: this.config.redirect_uri,\n refresh_token: this.refresh_token,\n },\n auth: {\n user: this.config.client_id,\n pass: this.config.client_secret,\n sendImmediately: true,\n },\n shouldRefreshAccessToken: false,\n })\n .then((res) => res.body)\n )\n .then((obj) => {\n if (!obj) {\n throw new Error('token: refreshCallback() did not produce an object');\n }\n // If the authentication server did not send back a refresh token, copy\n // the current refresh token and related values to the response (note:\n // at time of implementation, CI never sends a new refresh token)\n if (!obj.refresh_token) {\n Object.assign(\n obj,\n pick(this, 'refresh_token', 'refresh_token_expires', 'refresh_token_expires_in')\n );\n }\n\n // If the new token is the same as the previous token, then we may have\n // found a bug in CI; log the details and reject the Promise\n if (this.access_token === obj.access_token) {\n this.logger.error('token: new token matches current token');\n // log the tokens if it is not production\n if (process.env.NODE_ENV !== 'production') {\n this.logger.error('token: current token:', this.access_token);\n this.logger.error('token: new token:', obj.access_token);\n }\n\n return Promise.reject(new Error('new token matches current token'));\n }\n\n if (this.previousToken) {\n this.previousToken.revoke();\n this.unset('previousToken');\n }\n\n obj.previousToken = this;\n obj.scope = this.scope;\n\n return new Token(obj, {parent: this.parent});\n })\n .catch(processGrantError);\n },\n\n @oneFlight\n /**\n * Revokes this token and unsets its local properties\n * @instance\n * @memberof Token\n * @returns {Promise}\n */\n revoke() {\n if (this.isExpired) {\n this.logger.info('token: already expired, not making making revocation request');\n\n return Promise.resolve();\n }\n\n if (!this.canAuthorize) {\n this.logger.info('token: no longer valid, not making revocation request');\n\n return Promise.resolve();\n }\n\n // FIXME we need to use the user token revocation endpoint to revoke a token\n // without a client_secret, but it doesn't current support using a token to\n // revoke itself\n // Note: I'm not making a canRevoke property because there should be changes\n // coming to the user token revocation endpoint that allow us to do this\n // correctly.\n if (!this.config.client_secret) {\n this.logger.info('token: no client secret available, not making revocation request');\n\n return Promise.resolve();\n }\n\n this.logger.info('token: revoking access token');\n\n return this.webex\n .request({\n method: 'POST',\n uri: this.config.revokeUrl,\n form: {\n token: this.access_token,\n token_type_hint: 'access_token',\n },\n auth: {\n user: this.config.client_id,\n pass: this.config.client_secret,\n sendImmediately: true,\n },\n shouldRefreshAccessToken: false,\n })\n .then(() => {\n this.unset(['access_token', 'expires', 'expires_in', 'token_type']);\n this.logger.info('token: access token revoked');\n })\n .catch(processGrantError);\n },\n\n set(...args) {\n // eslint-disable-next-line prefer-const\n let [attrs, options] = this._filterSetParameters(...args);\n\n if (!attrs.token_type && attrs.access_token && attrs.access_token.includes(' ')) {\n const [token_type, access_token] = attrs.access_token.split(' ');\n\n attrs = {...attrs, access_token, token_type};\n }\n const now = Date.now();\n\n if (!attrs.expires && attrs.expires_in) {\n attrs.expires = now + attrs.expires_in * 1000;\n }\n\n if (!attrs.refresh_token_expires && attrs.refresh_token_expires_in) {\n attrs.refresh_token_expires = now + attrs.refresh_token_expires_in * 1000;\n }\n\n if (attrs.scope) {\n attrs.scope = sortScope(attrs.scope);\n }\n\n return Reflect.apply(WebexPlugin.prototype.set, this, [attrs, options]);\n },\n\n /**\n * Renders the token object as an HTTP Header Value\n * @instance\n * @memberof Token\n * @returns {string}\n * @see {@link Object#toString()}\n */\n toString() {\n if (!this._string) {\n throw new Error('cannot stringify Token');\n }\n\n return this._string;\n },\n\n /**\n * Uses a non-producation api to return information about this token. This\n * method is primarily for tests and will throw if NODE_ENV === production\n * @instance\n * @memberof Token\n * @private\n * @returns {Promise}\n */\n validate() {\n if (process.env.NODE_ENV === 'production') {\n throw new Error('Token#validate() must not be used in production');\n }\n\n return this.webex\n .request({\n method: 'POST',\n service: 'conversation',\n resource: 'users/validateAuthToken',\n body: {\n token: this.access_token,\n },\n })\n .catch((reason) => {\n if ('statusCode' in reason) {\n return Promise.reject(reason);\n }\n this.logger.info(\"REMINDER: If you're investigating a network error here, it's normal\");\n\n // If we got an error that isn't a WebexHttpError, assume the problem is\n // that we don't have the wdm plugin loaded and service/resource isn't\n // a valid means of identifying a request.\n const convApi =\n process.env.CONVERSATION_SERVICE ||\n process.env.CONVERSATION_SERVICE_URL ||\n 'https://conv-a.wbx2.com/conversation/api/v1';\n\n return this.webex.request({\n method: 'POST',\n uri: `${convApi}/users/validateAuthToken`,\n body: {\n token: this.access_token,\n },\n headers: {\n authorization: `Bearer ${this.access_token}`,\n },\n });\n })\n .then((res) => res.body);\n },\n});\n\nexport default Token;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAKA;AACA;AAEA;AACA;AAEA;AACA;AAAuD;AAAA;AAAA;AAAA;AAAA;AAEvD;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,iBAAiB,CAACC,GAAG,EAAE;EAC9B,IAAIA,GAAG,CAACC,UAAU,KAAK,GAAG,EAAE;IAC1B,OAAO,iBAAQC,MAAM,CAACF,GAAG,CAAC;EAC5B;EAEA,IAAMG,gBAAgB,GAAGC,oBAAW,CAACC,MAAM,CAACL,GAAG,CAACM,IAAI,CAACC,KAAK,CAAC;EAE3D,IAAIJ,gBAAgB,KAAKK,uBAAU,IAAIR,GAAG,YAAYS,uBAAc,EAAE;IACpE,OAAO,iBAAQP,MAAM,CAACF,GAAG,CAAC;EAC5B;EACA,IAAI,CAACG,gBAAgB,EAAE;IACrB,OAAO,iBAAQD,MAAM,CAACF,GAAG,CAAC;EAC5B;EAEA,OAAO,iBAAQE,MAAM,CAAC,IAAIC,gBAAgB,CAACH,GAAG,CAACU,IAAI,IAAIV,GAAG,CAAC,CAAC;AAC9D;;AAEA;AACA;AACA;AACA,IAAMW,KAAK,GAAGC,oBAAW,CAACC,MAAM,SA4L7B,IAAAC,iBAAS,EAAC;EACTC,UAAU,sBAACC,KAAK,EAAE;IAChB,OAAOA,KAAK;EACd;AACF,CAAC,CAAC,UAhM6B;EAC/BC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,YAAY,EAAE;MACZC,IAAI,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC;MACnCC,EAAE,gBAAG;QACH,OAAO,CAAC,CAAC,IAAI,CAACC,YAAY,IAAI,CAAC,IAAI,CAACC,SAAS;MAC/C;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,YAAY,EAAE;MACZJ,IAAI,EAAE,CAAC,cAAc,CAAC;MACtBC,EAAE,gBAAG;QACH,OAAO,IAAI,CAACF,YAAY,IAAI,CAAC,CAAC,IAAI,CAACM,MAAM,CAACC,SAAS;MACrD;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,UAAU,EAAE;MACVP,IAAI,EAAE,CAAC,eAAe,CAAC;MACvBC,EAAE,gBAAG;QACH,IAAIO,iBAAS,EAAE;UACb,OAAO,CAAC,CAAC,IAAI,CAACC,aAAa,IAAI,CAAC,CAAC,IAAI,CAACJ,MAAM,CAACK,eAAe;QAC9D;QAEA,OAAO,CAAC,CAAC,IAAI,CAACD,aAAa,IAAI,CAAC,CAAC,IAAI,CAACJ,MAAM,CAACM,aAAa;MAC5D;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;IACIR,SAAS,EAAE;MACTH,IAAI,EAAE,CAAC,SAAS,EAAE,YAAY,CAAC;MAC/BC,EAAE,gBAAG;QACH;QACA;QACA,OAAO,CAAC,CAAC,IAAI,CAACW,OAAO,IAAI,IAAI,CAACC,UAAU;MAC1C;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,OAAO,EAAE;MACPd,IAAI,EAAE,CAAC,cAAc,EAAE,YAAY,CAAC;MACpCC,EAAE,gBAAG;QACH,IAAI,CAAC,IAAI,CAACC,YAAY,IAAI,CAAC,IAAI,CAACa,UAAU,EAAE;UAC1C,OAAO,EAAE;QACX;QAEA,iBAAU,IAAI,CAACA,UAAU,cAAI,IAAI,CAACb,YAAY;MAChD;IACF;EACF,CAAC;EAEDc,SAAS,EAAE,aAAa;EAExBC,KAAK,EAAE;IACL;AACJ;AACA;AACA;AACA;AACA;AACA;IACIpB,KAAK,EAAE,QAAQ;IACf;AACJ;AACA;AACA;AACA;IACIK,YAAY,EAAE,QAAQ;IACtB;AACJ;AACA;AACA;AACA;IACIU,OAAO,EAAE,QAAQ;IACjB;AACJ;AACA;AACA;AACA;IACIM,UAAU,EAAE,QAAQ;IACpB;AACJ;AACA;AACA;AACA;IACIT,aAAa,EAAE,QAAQ;IACvB;AACJ;AACA;AACA;AACA;IACIU,qBAAqB,EAAE,QAAQ;IAC/B;AACJ;AACA;AACA;AACA;IACIC,wBAAwB,EAAE,QAAQ;IAClC;AACJ;AACA;AACA;AACA;AACA;IACIL,UAAU,EAAE;MACVM,OAAO,EAAE,QAAQ;MACjBC,IAAI,EAAE;IACR;EACF,CAAC;EAEDC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;AACA;IACIV,UAAU,EAAE;MACVQ,OAAO,EAAE,KAAK;MACdC,IAAI,EAAE;IACR,CAAC;IACD;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIE,aAAa,EAAE;MACbF,IAAI,EAAE;IACR;EACF,CAAC;EAOD;AACF;AACA;AACA;AACA;AACA;AACA;EACEG,SAAS,qBAAC5B,KAAK,EAAE;IAAA;IACf,IAAI,CAAC6B,MAAM,CAACC,IAAI,uCAAgC9B,KAAK,EAAG;IAExD,IAAI,IAAI,CAACM,SAAS,EAAE;MAClB,IAAI,CAACuB,MAAM,CAACC,IAAI,CAAC,2DAA2D,CAAC;MAE7E,OAAO,iBAAQ5C,MAAM,CAAC,IAAI6C,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3E;IAEA,IAAI,CAAC,IAAI,CAACxB,YAAY,EAAE;MACtB,IAAI,IAAI,CAACC,MAAM,CAACC,SAAS,EAAE;QACzB,IAAI,CAACoB,MAAM,CAACC,IAAI,CAAC,2DAA2D,CAAC;MAC/E,CAAC,MAAM;QACL,IAAI,CAACD,MAAM,CAACG,KAAK,CAAC,2CAA2C,CAAC;MAChE;MAEA,OAAO,iBAAQ9C,MAAM,CAAC,IAAI6C,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnE;;IAEA;IACA;IACA,IAAI/B,KAAK,EAAE;MACTA,KAAK,GAAG,IAAAiC,gBAAS,EAACjC,KAAK,CAAC;IAC1B;;IAEA;IACA;IACA;IACA,IAAIA,KAAK,KAAK,IAAAiC,gBAAS,EAAC,IAAI,CAACzB,MAAM,CAACR,KAAK,CAAC,EAAE;MAC1C,OAAO,iBAAQd,MAAM,CAAC,IAAI6C,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrF;IAEA,OAAO,IAAI,CAACG,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC7B,MAAM,CAAC8B,QAAQ;MACzBC,aAAa,EAAE,KAAK;MACpBC,IAAI,EAAE;QACJC,UAAU,EAAE,4CAA4C;QACxDC,KAAK,EAAE,IAAI,CAACrC,YAAY;QACxBL,KAAK,EAALA,KAAK;QACLS,SAAS,EAAE,IAAI,CAACD,MAAM,CAACC,SAAS;QAChCkC,oBAAoB,EAAE;MACxB;IACF,CAAC,CAAC,CACDC,IAAI,CAAC,UAAC5D,GAAG,EAAK;MACb,KAAI,CAAC6C,MAAM,CAACC,IAAI,sCAA+B9B,KAAK,EAAG;MAEvD,OAAO,IAAIL,KAAK,CAAC,qBAAcX,GAAG,CAACM,IAAI,EAAE;QAACU,KAAK,EAALA;MAAK,CAAC,CAAC,EAAE;QAAC6C,MAAM,EAAE,KAAI,CAACA;MAAM,CAAC,CAAC;IAC3E,CAAC,CAAC;EACN,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,UAAU,wBAA2B;IAAA;IAAA,IAA1BC,KAAK,uEAAG,CAAC,CAAC;IAAA,IAAEC,OAAO,uEAAG,CAAC,CAAC;IACjC,oBAAcpD,oBAAW,CAACqD,SAAS,CAACH,UAAU,EAAE,IAAI,EAAE,CAACC,KAAK,EAAEC,OAAO,CAAC,CAAC;IAEvE,IAAI,OAAOD,KAAK,KAAK,QAAQ,EAAE;MAC7B,IAAI,CAAC1C,YAAY,GAAG0C,KAAK;IAC3B;IAEA,IAAI,CAAC,IAAI,CAAC1C,YAAY,EAAE;MACtB,MAAM,IAAI0B,KAAK,CAAC,4BAA4B,CAAC;IAC/C;;IAEA;IACA;IACA,IAAI,IAAI,CAAChB,OAAO,EAAE;MAChB,IAAI,IAAI,CAACA,OAAO,GAAG,mBAAU,EAAE;QAC7B,IAAI,CAACC,UAAU,GAAG,IAAI;MACxB,CAAC,MAAM;QACL,IAAAkC,4BAAc,EAAC,YAAM;UACnB,MAAI,CAAClC,UAAU,GAAG,IAAI;QACxB,CAAC,EAAE,IAAI,CAACD,OAAO,GAAG,mBAAU,CAAC;MAC/B;IACF;EACF,CAAC;EAGD;AACF;AACA;AACA;AACA;AACA;AACA;EACEoC,OAAO,qBAAG;IAAA;IACR,IAAI,CAAC,IAAI,CAACzC,UAAU,EAAE;MACpB,MAAM,IAAIqB,KAAK,CAAC,+DAA+D,CAAC;IAClF;IAEA,IAAIqB,OAAO;IAEX,IAAIzC,iBAAS,EAAE;MACb,IAAI,CAAC,IAAI,CAACH,MAAM,CAACK,eAAe,EAAE;QAChC,MAAM,IAAIkB,KAAK,CAAC,qDAAqD,CAAC;MACxE;MAEAqB,OAAO,GAAG,iBAAQC,OAAO,CAAC,IAAI,CAAC7C,MAAM,CAACK,eAAe,CAAC,IAAI,CAACqB,KAAK,EAAE,IAAI,CAAC,CAAC;IAC1E;IAEA,OAAO,CACLkB,OAAO,IACP,IAAI,CAAClB,KAAK,CACPC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC7B,MAAM,CAAC8B,QAAQ;MACzBE,IAAI,EAAE;QACJC,UAAU,EAAE,eAAe;QAC3Ba,YAAY,EAAE,IAAI,CAAC9C,MAAM,CAAC8C,YAAY;QACtC1C,aAAa,EAAE,IAAI,CAACA;MACtB,CAAC;MACD2C,IAAI,EAAE;QACJC,IAAI,EAAE,IAAI,CAAChD,MAAM,CAACC,SAAS;QAC3BgD,IAAI,EAAE,IAAI,CAACjD,MAAM,CAACM,aAAa;QAC/B4C,eAAe,EAAE;MACnB,CAAC;MACDC,wBAAwB,EAAE;IAC5B,CAAC,CAAC,CACDf,IAAI,CAAC,UAAC5D,GAAG;MAAA,OAAKA,GAAG,CAACM,IAAI;IAAA,EAAC,EAEzBsD,IAAI,CAAC,UAACgB,GAAG,EAAK;MACb,IAAI,CAACA,GAAG,EAAE;QACR,MAAM,IAAI7B,KAAK,CAAC,oDAAoD,CAAC;MACvE;MACA;MACA;MACA;MACA,IAAI,CAAC6B,GAAG,CAAChD,aAAa,EAAE;QACtB,qBACEgD,GAAG,EACH,oBAAK,MAAI,EAAE,eAAe,EAAE,uBAAuB,EAAE,0BAA0B,CAAC,CACjF;MACH;;MAEA;MACA;MACA,IAAI,MAAI,CAACvD,YAAY,KAAKuD,GAAG,CAACvD,YAAY,EAAE;QAC1C,MAAI,CAACwB,MAAM,CAACtC,KAAK,CAAC,wCAAwC,CAAC;QAC3D;QACA,IAAIsE,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;UACzC,MAAI,CAAClC,MAAM,CAACtC,KAAK,CAAC,uBAAuB,EAAE,MAAI,CAACc,YAAY,CAAC;UAC7D,MAAI,CAACwB,MAAM,CAACtC,KAAK,CAAC,mBAAmB,EAAEqE,GAAG,CAACvD,YAAY,CAAC;QAC1D;QAEA,OAAO,iBAAQnB,MAAM,CAAC,IAAI6C,KAAK,CAAC,iCAAiC,CAAC,CAAC;MACrE;MAEA,IAAI,MAAI,CAACJ,aAAa,EAAE;QACtB,MAAI,CAACA,aAAa,CAACqC,MAAM,EAAE;QAC3B,MAAI,CAACC,KAAK,CAAC,eAAe,CAAC;MAC7B;MAEAL,GAAG,CAACjC,aAAa,GAAG,MAAI;MACxBiC,GAAG,CAAC5D,KAAK,GAAG,MAAI,CAACA,KAAK;MAEtB,OAAO,IAAIL,KAAK,CAACiE,GAAG,EAAE;QAACf,MAAM,EAAE,MAAI,CAACA;MAAM,CAAC,CAAC;IAC9C,CAAC,CAAC,CACDqB,KAAK,CAACnF,iBAAiB,CAAC;EAC7B,CAAC;EAGD;AACF;AACA;AACA;AACA;AACA;EACEiF,MAAM,oBAAG;IAAA;IACP,IAAI,IAAI,CAAC1D,SAAS,EAAE;MAClB,IAAI,CAACuB,MAAM,CAACC,IAAI,CAAC,8DAA8D,CAAC;MAEhF,OAAO,iBAAQuB,OAAO,EAAE;IAC1B;IAEA,IAAI,CAAC,IAAI,CAACnD,YAAY,EAAE;MACtB,IAAI,CAAC2B,MAAM,CAACC,IAAI,CAAC,uDAAuD,CAAC;MAEzE,OAAO,iBAAQuB,OAAO,EAAE;IAC1B;;IAEA;IACA;IACA;IACA;IACA;IACA;IACA,IAAI,CAAC,IAAI,CAAC7C,MAAM,CAACM,aAAa,EAAE;MAC9B,IAAI,CAACe,MAAM,CAACC,IAAI,CAAC,kEAAkE,CAAC;MAEpF,OAAO,iBAAQuB,OAAO,EAAE;IAC1B;IAEA,IAAI,CAACxB,MAAM,CAACC,IAAI,CAAC,8BAA8B,CAAC;IAEhD,OAAO,IAAI,CAACI,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC7B,MAAM,CAAC2D,SAAS;MAC1B3B,IAAI,EAAE;QACJE,KAAK,EAAE,IAAI,CAACrC,YAAY;QACxB+D,eAAe,EAAE;MACnB,CAAC;MACDb,IAAI,EAAE;QACJC,IAAI,EAAE,IAAI,CAAChD,MAAM,CAACC,SAAS;QAC3BgD,IAAI,EAAE,IAAI,CAACjD,MAAM,CAACM,aAAa;QAC/B4C,eAAe,EAAE;MACnB,CAAC;MACDC,wBAAwB,EAAE;IAC5B,CAAC,CAAC,CACDf,IAAI,CAAC,YAAM;MACV,MAAI,CAACqB,KAAK,CAAC,CAAC,cAAc,EAAE,SAAS,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC;MACnE,MAAI,CAACpC,MAAM,CAACC,IAAI,CAAC,6BAA6B,CAAC;IACjD,CAAC,CAAC,CACDoC,KAAK,CAACnF,iBAAiB,CAAC;EAC7B,CAAC;EAEDsF,GAAG,iBAAU;IACX;IACA,4BAAuB,IAAI,CAACC,oBAAoB,OAAzB,IAAI,YAA8B;MAAA;MAApDvB,KAAK;MAAEC,OAAO;IAEnB,IAAI,CAACD,KAAK,CAAC7B,UAAU,IAAI6B,KAAK,CAAC1C,YAAY,IAAI0C,KAAK,CAAC1C,YAAY,CAACkE,QAAQ,CAAC,GAAG,CAAC,EAAE;MAC/E,4BAAmCxB,KAAK,CAAC1C,YAAY,CAACmE,KAAK,CAAC,GAAG,CAAC;QAAA;QAAzDtD,UAAU;QAAEb,YAAY;MAE/B0C,KAAK,mCAAOA,KAAK;QAAE1C,YAAY,EAAZA,YAAY;QAAEa,UAAU,EAAVA;MAAU,EAAC;IAC9C;IACA,IAAMuD,GAAG,GAAG,mBAAU;IAEtB,IAAI,CAAC1B,KAAK,CAAChC,OAAO,IAAIgC,KAAK,CAAC1B,UAAU,EAAE;MACtC0B,KAAK,CAAChC,OAAO,GAAG0D,GAAG,GAAG1B,KAAK,CAAC1B,UAAU,GAAG,IAAI;IAC/C;IAEA,IAAI,CAAC0B,KAAK,CAACzB,qBAAqB,IAAIyB,KAAK,CAACxB,wBAAwB,EAAE;MAClEwB,KAAK,CAACzB,qBAAqB,GAAGmD,GAAG,GAAG1B,KAAK,CAACxB,wBAAwB,GAAG,IAAI;IAC3E;IAEA,IAAIwB,KAAK,CAAC/C,KAAK,EAAE;MACf+C,KAAK,CAAC/C,KAAK,GAAG,IAAAiC,gBAAS,EAACc,KAAK,CAAC/C,KAAK,CAAC;IACtC;IAEA,OAAO,oBAAcJ,oBAAW,CAACqD,SAAS,CAACoB,GAAG,EAAE,IAAI,EAAE,CAACtB,KAAK,EAAEC,OAAO,CAAC,CAAC;EACzE,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;EACE0B,QAAQ,sBAAG;IACT,IAAI,CAAC,IAAI,CAACzD,OAAO,EAAE;MACjB,MAAM,IAAIc,KAAK,CAAC,wBAAwB,CAAC;IAC3C;IAEA,OAAO,IAAI,CAACd,OAAO;EACrB,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE0D,QAAQ,sBAAG;IAAA;IACT,IAAId,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;MACzC,MAAM,IAAIhC,KAAK,CAAC,iDAAiD,CAAC;IACpE;IAEA,OAAO,IAAI,CAACG,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdwC,OAAO,EAAE,cAAc;MACvBC,QAAQ,EAAE,yBAAyB;MACnCvF,IAAI,EAAE;QACJoD,KAAK,EAAE,IAAI,CAACrC;MACd;IACF,CAAC,CAAC,CACD6D,KAAK,CAAC,UAACY,MAAM,EAAK;MACjB,IAAI,YAAY,IAAIA,MAAM,EAAE;QAC1B,OAAO,iBAAQ5F,MAAM,CAAC4F,MAAM,CAAC;MAC/B;MACA,MAAI,CAACjD,MAAM,CAACC,IAAI,CAAC,qEAAqE,CAAC;;MAEvF;MACA;MACA;MACA,IAAMiD,OAAO,GACXlB,OAAO,CAACC,GAAG,CAACkB,oBAAoB,IAChCnB,OAAO,CAACC,GAAG,CAACmB,wBAAwB,IACpC,6CAA6C;MAE/C,OAAO,MAAI,CAAC/C,KAAK,CAACC,OAAO,CAAC;QACxBC,MAAM,EAAE,MAAM;QACdC,GAAG,YAAK0C,OAAO,6BAA0B;QACzCzF,IAAI,EAAE;UACJoD,KAAK,EAAE,MAAI,CAACrC;QACd,CAAC;QACD6E,OAAO,EAAE;UACPC,aAAa,mBAAY,MAAI,CAAC9E,YAAY;QAC5C;MACF,CAAC,CAAC;IACJ,CAAC,CAAC,CACDuC,IAAI,CAAC,UAAC5D,GAAG;MAAA,OAAKA,GAAG,CAACM,IAAI;IAAA,EAAC;EAC5B,CAAC;EAAA;AACH,CAAC,kMArOEQ,iBAAS,4HAmFTA,iBAAS,0EAkJV;AAAC,eAEYH,KAAK;AAAA"}
|
|
1
|
+
{"version":3,"names":["processGrantError","res","statusCode","reject","ErrorConstructor","grantErrors","select","body","error","OAuthError","WebexHttpError","_res","Token","WebexPlugin","extend","oneFlight","keyFactory","scope","derived","canAuthorize","deps","fn","access_token","isExpired","canDownscope","config","client_id","canRefresh","inBrowser","refresh_token","refreshCallback","client_secret","expires","_isExpired","_string","token_type","namespace","props","expires_in","refresh_token_expires","refresh_token_expires_in","default","type","session","previousToken","downscope","logger","info","Error","trace","diffScopes","sortScope","webex","request","method","uri","tokenUrl","addAuthHeader","form","grant_type","token","self_contained_token","then","parent","initialize","attrs","options","prototype","safeSetTimeout","refresh","promise","resolve","redirect_uri","auth","user","pass","sendImmediately","shouldRefreshAccessToken","obj","process","env","NODE_ENV","revoke","unset","catch","revokeUrl","token_type_hint","set","_filterSetParameters","includes","split","now","toString","validate","service","resource","reason","convApi","CONVERSATION_SERVICE","CONVERSATION_SERVICE_URL","headers","authorization"],"sources":["token.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport {pick} from 'lodash';\nimport {inBrowser, oneFlight} from '@webex/common';\nimport {safeSetTimeout} from '@webex/common-timers';\n\nimport WebexHttpError from '../webex-http-error';\nimport WebexPlugin from '../webex-plugin';\n\nimport {sortScope, diffScopes} from './scope';\nimport grantErrors, {OAuthError} from './grant-errors';\n\n/* eslint-disable camelcase */\n\n/**\n * Parse response from CI and converts to structured error when appropriate\n * @param {WebexHttpError} res\n * @private\n * @returns {GrantError}\n */\nfunction processGrantError(res) {\n if (res.statusCode !== 400) {\n return Promise.reject(res);\n }\n\n const ErrorConstructor = grantErrors.select(res.body.error);\n\n if (ErrorConstructor === OAuthError && res instanceof WebexHttpError) {\n return Promise.reject(res);\n }\n if (!ErrorConstructor) {\n return Promise.reject(res);\n }\n\n return Promise.reject(new ErrorConstructor(res._res || res));\n}\n\n/**\n * @class\n */\nconst Token = WebexPlugin.extend({\n derived: {\n /**\n * Indicates if this token can be used in an auth header. `true` iff\n * {@link Token#access_token} is defined and {@link Token#isExpired} is\n * false.\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n canAuthorize: {\n deps: ['access_token', 'isExpired'],\n fn() {\n return !!this.access_token && !this.isExpired;\n },\n },\n\n /**\n * Indicates that this token can be downscoped. `true` iff\n * {@link config.credentials.client_id} is defined and if\n * {@link Token#canAuthorize} is true\n *\n * Note: since {@link config} is not evented, we can't listen for changes to\n * {@link config.credentials.client_id}. As such,\n * {@link config.credentials.client_id} must always be set before\n * instantiating a {@link Token}\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n canDownscope: {\n deps: ['canAuthorize'],\n fn() {\n return this.canAuthorize && !!this.config.client_id;\n },\n },\n\n /**\n * Indicates if this token can be refreshed. `true` iff\n * {@link Token@refresh_token} is defined and\n * {@link config.credentials.refreshCallback()} is defined\n *\n * Note: since {@link config} is not evented, we can't listen for changes to\n * {@link config.credentials.refreshCallback()}. As such,\n * {@link config.credentials.refreshCallback()} must always be set before\n * instantiating a {@link Token}\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n canRefresh: {\n deps: ['refresh_token'],\n fn() {\n if (inBrowser) {\n return !!this.refresh_token && !!this.config.refreshCallback;\n }\n\n return !!this.refresh_token && !!this.config.client_secret;\n },\n },\n\n /**\n * Indicates if this `Token` is expired. `true` iff {@link Token#expires} is\n * defined and is less than {@link Date.now()}.\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n isExpired: {\n deps: ['expires', '_isExpired'],\n fn() {\n // in order to avoid setting `cache:false`, we'll use a private property\n // and a timer rather than comparing to `Date.now()`;\n return !!this.expires && this._isExpired;\n },\n },\n\n /**\n * Cache for toString()\n * @instance\n * @memberof Token\n * @private\n * @readonly\n * @type {string}\n */\n _string: {\n deps: ['access_token', 'token_type'],\n fn() {\n if (!this.access_token || !this.token_type) {\n return '';\n }\n\n return `${this.token_type} ${this.access_token}`;\n },\n },\n },\n\n namespace: 'Credentials',\n\n props: {\n /**\n * Used for indexing in the credentials userTokens collection\n * @instance\n * @memberof Token\n * @private\n * @type {string}\n */\n scope: 'string',\n /**\n * @instance\n * @memberof Token\n * @type {string}\n */\n access_token: 'string',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n expires: 'number',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n expires_in: 'number',\n /**\n * @instance\n * @memberof Token\n * @type {string}\n */\n refresh_token: 'string',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n refresh_token_expires: 'number',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n refresh_token_expires_in: 'number',\n /**\n * @default \"Bearer\"\n * @instance\n * @memberof Token\n * @type {string}\n */\n token_type: {\n default: 'Bearer',\n type: 'string',\n },\n },\n\n session: {\n /**\n * Used by {@link Token#isExpired} to avoid doing a Date comparison.\n * @instance\n * @memberof Token\n * @private\n * @type {boolean}\n */\n _isExpired: {\n default: false,\n type: 'boolean',\n },\n /**\n * Handle to the previous token that we'll revoke when we refresh this\n * token. The idea is to keep allow two valid tokens when a refresh occurs;\n * we don't want revoke a token that's in the middle of being used, so when\n * we do a token refresh, we won't revoke the token being refreshed, but\n * we'll revoke the previous one.\n * @instance\n * @memberof Token\n * @private\n * @type {Object}\n */\n previousToken: {\n type: 'state',\n },\n },\n\n @oneFlight({\n keyFactory(scope) {\n return scope;\n },\n })\n /**\n * Uses this token to request a new Token with a subset of this Token's scopes\n * @instance\n * @memberof Token\n * @param {string} scope\n * @returns {Promise<Token>}\n */\n downscope(scope) {\n this.logger.info(`token: downscoping token to ${scope}`);\n\n if (this.isExpired) {\n this.logger.info('token: request received to downscope expired access_token');\n\n return Promise.reject(new Error('cannot downscope expired access token'));\n }\n\n if (!this.canDownscope) {\n if (this.config.client_id) {\n this.logger.info('token: request received to downscope invalid access_token');\n } else {\n this.logger.trace('token: cannot downscope without client_id');\n }\n\n return Promise.reject(new Error('cannot downscope access token'));\n }\n\n if (diffScopes(scope, this.config.scope) !== '') {\n return Promise.reject(\n new Error(\n `new scope (${scope}) is not subset of the available scopes (${this.config.scope})`\n )\n );\n }\n\n // Since we're going to use scope as the index in our token collection, it's\n // important scopes are always deterministically specified.\n if (scope) {\n scope = sortScope(scope);\n }\n\n // Ideally, we could depend on the service to communicate this error, but\n // all we get is \"invalid scope\", which, to the lay person, implies\n // something wrong with *one* of the scopes, not the whole thing.\n if (scope === sortScope(this.config.scope)) {\n return Promise.reject(new Error('token: scope reduction requires a reduced scope'));\n }\n\n return this.webex\n .request({\n method: 'POST',\n uri: this.config.tokenUrl,\n addAuthHeader: false,\n form: {\n grant_type: 'urn:cisco:oauth:grant-type:scope-reduction',\n token: this.access_token,\n scope,\n client_id: this.config.client_id,\n self_contained_token: true,\n },\n })\n .then((res) => {\n this.logger.info(`token: downscoped token to ${scope}`);\n\n return new Token(Object.assign(res.body, {scope}), {parent: this.parent});\n });\n },\n\n /**\n * Initializer\n * @instance\n * @memberof Token\n * @param {Object} [attrs={}]\n * @param {Object} [options={}]\n * @see {@link WebexPlugin#initialize()}\n * @returns {Token}\n */\n initialize(attrs = {}, options = {}) {\n Reflect.apply(WebexPlugin.prototype.initialize, this, [attrs, options]);\n\n if (typeof attrs === 'string') {\n this.access_token = attrs;\n }\n\n if (!this.access_token) {\n throw new Error('`access_token` is required');\n }\n\n // We don't want the derived property `isExpired` to need {cache:false}, so\n // we'll set up a timer the runs when this token should expire.\n if (this.expires) {\n if (this.expires < Date.now()) {\n this._isExpired = true;\n } else {\n safeSetTimeout(() => {\n this._isExpired = true;\n }, this.expires - Date.now());\n }\n }\n },\n\n @oneFlight\n /**\n * Refreshes this Token. Relies on\n * {@link config.credentials.refreshCallback()}\n * @instance\n * @memberof Token\n * @returns {Promise<Token>}\n */\n refresh() {\n if (!this.canRefresh) {\n throw new Error('Not enough information available to refresh this access token');\n }\n\n let promise;\n\n if (inBrowser) {\n if (!this.config.refreshCallback) {\n throw new Error('Cannot refresh access token without refreshCallback');\n }\n\n promise = Promise.resolve(this.config.refreshCallback(this.webex, this));\n }\n\n return (\n promise ||\n this.webex\n .request({\n method: 'POST',\n uri: this.config.tokenUrl,\n form: {\n grant_type: 'refresh_token',\n redirect_uri: this.config.redirect_uri,\n refresh_token: this.refresh_token,\n },\n auth: {\n user: this.config.client_id,\n pass: this.config.client_secret,\n sendImmediately: true,\n },\n shouldRefreshAccessToken: false,\n })\n .then((res) => res.body)\n )\n .then((obj) => {\n if (!obj) {\n throw new Error('token: refreshCallback() did not produce an object');\n }\n // If the authentication server did not send back a refresh token, copy\n // the current refresh token and related values to the response (note:\n // at time of implementation, CI never sends a new refresh token)\n if (!obj.refresh_token) {\n Object.assign(\n obj,\n pick(this, 'refresh_token', 'refresh_token_expires', 'refresh_token_expires_in')\n );\n }\n\n // If the new token is the same as the previous token, then we may have\n // found a bug in CI; log the details and reject the Promise\n if (this.access_token === obj.access_token) {\n this.logger.error('token: new token matches current token');\n // log the tokens if it is not production\n if (process.env.NODE_ENV !== 'production') {\n this.logger.error('token: current token:', this.access_token);\n this.logger.error('token: new token:', obj.access_token);\n }\n\n return Promise.reject(new Error('new token matches current token'));\n }\n\n if (this.previousToken) {\n this.previousToken.revoke();\n this.unset('previousToken');\n }\n\n obj.previousToken = this;\n obj.scope = this.scope;\n\n return new Token(obj, {parent: this.parent});\n })\n .catch(processGrantError);\n },\n\n @oneFlight\n /**\n * Revokes this token and unsets its local properties\n * @instance\n * @memberof Token\n * @returns {Promise}\n */\n revoke() {\n if (this.isExpired) {\n this.logger.info('token: already expired, not making making revocation request');\n\n return Promise.resolve();\n }\n\n if (!this.canAuthorize) {\n this.logger.info('token: no longer valid, not making revocation request');\n\n return Promise.resolve();\n }\n\n // FIXME we need to use the user token revocation endpoint to revoke a token\n // without a client_secret, but it doesn't current support using a token to\n // revoke itself\n // Note: I'm not making a canRevoke property because there should be changes\n // coming to the user token revocation endpoint that allow us to do this\n // correctly.\n if (!this.config.client_secret) {\n this.logger.info('token: no client secret available, not making revocation request');\n\n return Promise.resolve();\n }\n\n this.logger.info('token: revoking access token');\n\n return this.webex\n .request({\n method: 'POST',\n uri: this.config.revokeUrl,\n form: {\n token: this.access_token,\n token_type_hint: 'access_token',\n },\n auth: {\n user: this.config.client_id,\n pass: this.config.client_secret,\n sendImmediately: true,\n },\n shouldRefreshAccessToken: false,\n })\n .then(() => {\n this.unset(['access_token', 'expires', 'expires_in', 'token_type']);\n this.logger.info('token: access token revoked');\n })\n .catch(processGrantError);\n },\n\n set(...args) {\n // eslint-disable-next-line prefer-const\n let [attrs, options] = this._filterSetParameters(...args);\n\n if (!attrs.token_type && attrs.access_token && attrs.access_token.includes(' ')) {\n const [token_type, access_token] = attrs.access_token.split(' ');\n\n attrs = {...attrs, access_token, token_type};\n }\n const now = Date.now();\n\n if (!attrs.expires && attrs.expires_in) {\n attrs.expires = now + attrs.expires_in * 1000;\n }\n\n if (!attrs.refresh_token_expires && attrs.refresh_token_expires_in) {\n attrs.refresh_token_expires = now + attrs.refresh_token_expires_in * 1000;\n }\n\n if (attrs.scope) {\n attrs.scope = sortScope(attrs.scope);\n }\n\n return Reflect.apply(WebexPlugin.prototype.set, this, [attrs, options]);\n },\n\n /**\n * Renders the token object as an HTTP Header Value\n * @instance\n * @memberof Token\n * @returns {string}\n * @see {@link Object#toString()}\n */\n toString() {\n if (!this._string) {\n throw new Error('cannot stringify Token');\n }\n\n return this._string;\n },\n\n /**\n * Uses a non-producation api to return information about this token. This\n * method is primarily for tests and will throw if NODE_ENV === production\n * @instance\n * @memberof Token\n * @private\n * @returns {Promise}\n */\n validate() {\n if (process.env.NODE_ENV === 'production') {\n throw new Error('Token#validate() must not be used in production');\n }\n\n return this.webex\n .request({\n method: 'POST',\n service: 'conversation',\n resource: 'users/validateAuthToken',\n body: {\n token: this.access_token,\n },\n })\n .catch((reason) => {\n if ('statusCode' in reason) {\n return Promise.reject(reason);\n }\n this.logger.info(\"REMINDER: If you're investigating a network error here, it's normal\");\n\n // If we got an error that isn't a WebexHttpError, assume the problem is\n // that we don't have the wdm plugin loaded and service/resource isn't\n // a valid means of identifying a request.\n const convApi =\n process.env.CONVERSATION_SERVICE ||\n process.env.CONVERSATION_SERVICE_URL ||\n 'https://conv-a.wbx2.com/conversation/api/v1';\n\n return this.webex.request({\n method: 'POST',\n uri: `${convApi}/users/validateAuthToken`,\n body: {\n token: this.access_token,\n },\n headers: {\n authorization: `Bearer ${this.access_token}`,\n },\n });\n })\n .then((res) => res.body);\n },\n});\n\nexport default Token;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAKA;AACA;AAEA;AACA;AAEA;AACA;AAAuD;AAAA;AAAA;AAAA;AAAA;AAEvD;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,iBAAiB,CAACC,GAAG,EAAE;EAC9B,IAAIA,GAAG,CAACC,UAAU,KAAK,GAAG,EAAE;IAC1B,OAAO,iBAAQC,MAAM,CAACF,GAAG,CAAC;EAC5B;EAEA,IAAMG,gBAAgB,GAAGC,oBAAW,CAACC,MAAM,CAACL,GAAG,CAACM,IAAI,CAACC,KAAK,CAAC;EAE3D,IAAIJ,gBAAgB,KAAKK,uBAAU,IAAIR,GAAG,YAAYS,uBAAc,EAAE;IACpE,OAAO,iBAAQP,MAAM,CAACF,GAAG,CAAC;EAC5B;EACA,IAAI,CAACG,gBAAgB,EAAE;IACrB,OAAO,iBAAQD,MAAM,CAACF,GAAG,CAAC;EAC5B;EAEA,OAAO,iBAAQE,MAAM,CAAC,IAAIC,gBAAgB,CAACH,GAAG,CAACU,IAAI,IAAIV,GAAG,CAAC,CAAC;AAC9D;;AAEA;AACA;AACA;AACA,IAAMW,KAAK,GAAGC,oBAAW,CAACC,MAAM,SA4L7B,IAAAC,iBAAS,EAAC;EACTC,UAAU,sBAACC,KAAK,EAAE;IAChB,OAAOA,KAAK;EACd;AACF,CAAC,CAAC,UAhM6B;EAC/BC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,YAAY,EAAE;MACZC,IAAI,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC;MACnCC,EAAE,gBAAG;QACH,OAAO,CAAC,CAAC,IAAI,CAACC,YAAY,IAAI,CAAC,IAAI,CAACC,SAAS;MAC/C;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,YAAY,EAAE;MACZJ,IAAI,EAAE,CAAC,cAAc,CAAC;MACtBC,EAAE,gBAAG;QACH,OAAO,IAAI,CAACF,YAAY,IAAI,CAAC,CAAC,IAAI,CAACM,MAAM,CAACC,SAAS;MACrD;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,UAAU,EAAE;MACVP,IAAI,EAAE,CAAC,eAAe,CAAC;MACvBC,EAAE,gBAAG;QACH,IAAIO,iBAAS,EAAE;UACb,OAAO,CAAC,CAAC,IAAI,CAACC,aAAa,IAAI,CAAC,CAAC,IAAI,CAACJ,MAAM,CAACK,eAAe;QAC9D;QAEA,OAAO,CAAC,CAAC,IAAI,CAACD,aAAa,IAAI,CAAC,CAAC,IAAI,CAACJ,MAAM,CAACM,aAAa;MAC5D;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;IACIR,SAAS,EAAE;MACTH,IAAI,EAAE,CAAC,SAAS,EAAE,YAAY,CAAC;MAC/BC,EAAE,gBAAG;QACH;QACA;QACA,OAAO,CAAC,CAAC,IAAI,CAACW,OAAO,IAAI,IAAI,CAACC,UAAU;MAC1C;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,OAAO,EAAE;MACPd,IAAI,EAAE,CAAC,cAAc,EAAE,YAAY,CAAC;MACpCC,EAAE,gBAAG;QACH,IAAI,CAAC,IAAI,CAACC,YAAY,IAAI,CAAC,IAAI,CAACa,UAAU,EAAE;UAC1C,OAAO,EAAE;QACX;QAEA,iBAAU,IAAI,CAACA,UAAU,cAAI,IAAI,CAACb,YAAY;MAChD;IACF;EACF,CAAC;EAEDc,SAAS,EAAE,aAAa;EAExBC,KAAK,EAAE;IACL;AACJ;AACA;AACA;AACA;AACA;AACA;IACIpB,KAAK,EAAE,QAAQ;IACf;AACJ;AACA;AACA;AACA;IACIK,YAAY,EAAE,QAAQ;IACtB;AACJ;AACA;AACA;AACA;IACIU,OAAO,EAAE,QAAQ;IACjB;AACJ;AACA;AACA;AACA;IACIM,UAAU,EAAE,QAAQ;IACpB;AACJ;AACA;AACA;AACA;IACIT,aAAa,EAAE,QAAQ;IACvB;AACJ;AACA;AACA;AACA;IACIU,qBAAqB,EAAE,QAAQ;IAC/B;AACJ;AACA;AACA;AACA;IACIC,wBAAwB,EAAE,QAAQ;IAClC;AACJ;AACA;AACA;AACA;AACA;IACIL,UAAU,EAAE;MACVM,OAAO,EAAE,QAAQ;MACjBC,IAAI,EAAE;IACR;EACF,CAAC;EAEDC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;AACA;IACIV,UAAU,EAAE;MACVQ,OAAO,EAAE,KAAK;MACdC,IAAI,EAAE;IACR,CAAC;IACD;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIE,aAAa,EAAE;MACbF,IAAI,EAAE;IACR;EACF,CAAC;EAOD;AACF;AACA;AACA;AACA;AACA;AACA;EACEG,SAAS,qBAAC5B,KAAK,EAAE;IAAA;IACf,IAAI,CAAC6B,MAAM,CAACC,IAAI,uCAAgC9B,KAAK,EAAG;IAExD,IAAI,IAAI,CAACM,SAAS,EAAE;MAClB,IAAI,CAACuB,MAAM,CAACC,IAAI,CAAC,2DAA2D,CAAC;MAE7E,OAAO,iBAAQ5C,MAAM,CAAC,IAAI6C,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3E;IAEA,IAAI,CAAC,IAAI,CAACxB,YAAY,EAAE;MACtB,IAAI,IAAI,CAACC,MAAM,CAACC,SAAS,EAAE;QACzB,IAAI,CAACoB,MAAM,CAACC,IAAI,CAAC,2DAA2D,CAAC;MAC/E,CAAC,MAAM;QACL,IAAI,CAACD,MAAM,CAACG,KAAK,CAAC,2CAA2C,CAAC;MAChE;MAEA,OAAO,iBAAQ9C,MAAM,CAAC,IAAI6C,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnE;IAEA,IAAI,IAAAE,iBAAU,EAACjC,KAAK,EAAE,IAAI,CAACQ,MAAM,CAACR,KAAK,CAAC,KAAK,EAAE,EAAE;MAC/C,OAAO,iBAAQd,MAAM,CACnB,IAAI6C,KAAK,sBACO/B,KAAK,sDAA4C,IAAI,CAACQ,MAAM,CAACR,KAAK,OACjF,CACF;IACH;;IAEA;IACA;IACA,IAAIA,KAAK,EAAE;MACTA,KAAK,GAAG,IAAAkC,gBAAS,EAAClC,KAAK,CAAC;IAC1B;;IAEA;IACA;IACA;IACA,IAAIA,KAAK,KAAK,IAAAkC,gBAAS,EAAC,IAAI,CAAC1B,MAAM,CAACR,KAAK,CAAC,EAAE;MAC1C,OAAO,iBAAQd,MAAM,CAAC,IAAI6C,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrF;IAEA,OAAO,IAAI,CAACI,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC9B,MAAM,CAAC+B,QAAQ;MACzBC,aAAa,EAAE,KAAK;MACpBC,IAAI,EAAE;QACJC,UAAU,EAAE,4CAA4C;QACxDC,KAAK,EAAE,IAAI,CAACtC,YAAY;QACxBL,KAAK,EAALA,KAAK;QACLS,SAAS,EAAE,IAAI,CAACD,MAAM,CAACC,SAAS;QAChCmC,oBAAoB,EAAE;MACxB;IACF,CAAC,CAAC,CACDC,IAAI,CAAC,UAAC7D,GAAG,EAAK;MACb,KAAI,CAAC6C,MAAM,CAACC,IAAI,sCAA+B9B,KAAK,EAAG;MAEvD,OAAO,IAAIL,KAAK,CAAC,qBAAcX,GAAG,CAACM,IAAI,EAAE;QAACU,KAAK,EAALA;MAAK,CAAC,CAAC,EAAE;QAAC8C,MAAM,EAAE,KAAI,CAACA;MAAM,CAAC,CAAC;IAC3E,CAAC,CAAC;EACN,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,UAAU,wBAA2B;IAAA;IAAA,IAA1BC,KAAK,uEAAG,CAAC,CAAC;IAAA,IAAEC,OAAO,uEAAG,CAAC,CAAC;IACjC,oBAAcrD,oBAAW,CAACsD,SAAS,CAACH,UAAU,EAAE,IAAI,EAAE,CAACC,KAAK,EAAEC,OAAO,CAAC,CAAC;IAEvE,IAAI,OAAOD,KAAK,KAAK,QAAQ,EAAE;MAC7B,IAAI,CAAC3C,YAAY,GAAG2C,KAAK;IAC3B;IAEA,IAAI,CAAC,IAAI,CAAC3C,YAAY,EAAE;MACtB,MAAM,IAAI0B,KAAK,CAAC,4BAA4B,CAAC;IAC/C;;IAEA;IACA;IACA,IAAI,IAAI,CAAChB,OAAO,EAAE;MAChB,IAAI,IAAI,CAACA,OAAO,GAAG,mBAAU,EAAE;QAC7B,IAAI,CAACC,UAAU,GAAG,IAAI;MACxB,CAAC,MAAM;QACL,IAAAmC,4BAAc,EAAC,YAAM;UACnB,MAAI,CAACnC,UAAU,GAAG,IAAI;QACxB,CAAC,EAAE,IAAI,CAACD,OAAO,GAAG,mBAAU,CAAC;MAC/B;IACF;EACF,CAAC;EAGD;AACF;AACA;AACA;AACA;AACA;AACA;EACEqC,OAAO,qBAAG;IAAA;IACR,IAAI,CAAC,IAAI,CAAC1C,UAAU,EAAE;MACpB,MAAM,IAAIqB,KAAK,CAAC,+DAA+D,CAAC;IAClF;IAEA,IAAIsB,OAAO;IAEX,IAAI1C,iBAAS,EAAE;MACb,IAAI,CAAC,IAAI,CAACH,MAAM,CAACK,eAAe,EAAE;QAChC,MAAM,IAAIkB,KAAK,CAAC,qDAAqD,CAAC;MACxE;MAEAsB,OAAO,GAAG,iBAAQC,OAAO,CAAC,IAAI,CAAC9C,MAAM,CAACK,eAAe,CAAC,IAAI,CAACsB,KAAK,EAAE,IAAI,CAAC,CAAC;IAC1E;IAEA,OAAO,CACLkB,OAAO,IACP,IAAI,CAAClB,KAAK,CACPC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC9B,MAAM,CAAC+B,QAAQ;MACzBE,IAAI,EAAE;QACJC,UAAU,EAAE,eAAe;QAC3Ba,YAAY,EAAE,IAAI,CAAC/C,MAAM,CAAC+C,YAAY;QACtC3C,aAAa,EAAE,IAAI,CAACA;MACtB,CAAC;MACD4C,IAAI,EAAE;QACJC,IAAI,EAAE,IAAI,CAACjD,MAAM,CAACC,SAAS;QAC3BiD,IAAI,EAAE,IAAI,CAAClD,MAAM,CAACM,aAAa;QAC/B6C,eAAe,EAAE;MACnB,CAAC;MACDC,wBAAwB,EAAE;IAC5B,CAAC,CAAC,CACDf,IAAI,CAAC,UAAC7D,GAAG;MAAA,OAAKA,GAAG,CAACM,IAAI;IAAA,EAAC,EAEzBuD,IAAI,CAAC,UAACgB,GAAG,EAAK;MACb,IAAI,CAACA,GAAG,EAAE;QACR,MAAM,IAAI9B,KAAK,CAAC,oDAAoD,CAAC;MACvE;MACA;MACA;MACA;MACA,IAAI,CAAC8B,GAAG,CAACjD,aAAa,EAAE;QACtB,qBACEiD,GAAG,EACH,oBAAK,MAAI,EAAE,eAAe,EAAE,uBAAuB,EAAE,0BAA0B,CAAC,CACjF;MACH;;MAEA;MACA;MACA,IAAI,MAAI,CAACxD,YAAY,KAAKwD,GAAG,CAACxD,YAAY,EAAE;QAC1C,MAAI,CAACwB,MAAM,CAACtC,KAAK,CAAC,wCAAwC,CAAC;QAC3D;QACA,IAAIuE,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;UACzC,MAAI,CAACnC,MAAM,CAACtC,KAAK,CAAC,uBAAuB,EAAE,MAAI,CAACc,YAAY,CAAC;UAC7D,MAAI,CAACwB,MAAM,CAACtC,KAAK,CAAC,mBAAmB,EAAEsE,GAAG,CAACxD,YAAY,CAAC;QAC1D;QAEA,OAAO,iBAAQnB,MAAM,CAAC,IAAI6C,KAAK,CAAC,iCAAiC,CAAC,CAAC;MACrE;MAEA,IAAI,MAAI,CAACJ,aAAa,EAAE;QACtB,MAAI,CAACA,aAAa,CAACsC,MAAM,EAAE;QAC3B,MAAI,CAACC,KAAK,CAAC,eAAe,CAAC;MAC7B;MAEAL,GAAG,CAAClC,aAAa,GAAG,MAAI;MACxBkC,GAAG,CAAC7D,KAAK,GAAG,MAAI,CAACA,KAAK;MAEtB,OAAO,IAAIL,KAAK,CAACkE,GAAG,EAAE;QAACf,MAAM,EAAE,MAAI,CAACA;MAAM,CAAC,CAAC;IAC9C,CAAC,CAAC,CACDqB,KAAK,CAACpF,iBAAiB,CAAC;EAC7B,CAAC;EAGD;AACF;AACA;AACA;AACA;AACA;EACEkF,MAAM,oBAAG;IAAA;IACP,IAAI,IAAI,CAAC3D,SAAS,EAAE;MAClB,IAAI,CAACuB,MAAM,CAACC,IAAI,CAAC,8DAA8D,CAAC;MAEhF,OAAO,iBAAQwB,OAAO,EAAE;IAC1B;IAEA,IAAI,CAAC,IAAI,CAACpD,YAAY,EAAE;MACtB,IAAI,CAAC2B,MAAM,CAACC,IAAI,CAAC,uDAAuD,CAAC;MAEzE,OAAO,iBAAQwB,OAAO,EAAE;IAC1B;;IAEA;IACA;IACA;IACA;IACA;IACA;IACA,IAAI,CAAC,IAAI,CAAC9C,MAAM,CAACM,aAAa,EAAE;MAC9B,IAAI,CAACe,MAAM,CAACC,IAAI,CAAC,kEAAkE,CAAC;MAEpF,OAAO,iBAAQwB,OAAO,EAAE;IAC1B;IAEA,IAAI,CAACzB,MAAM,CAACC,IAAI,CAAC,8BAA8B,CAAC;IAEhD,OAAO,IAAI,CAACK,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC9B,MAAM,CAAC4D,SAAS;MAC1B3B,IAAI,EAAE;QACJE,KAAK,EAAE,IAAI,CAACtC,YAAY;QACxBgE,eAAe,EAAE;MACnB,CAAC;MACDb,IAAI,EAAE;QACJC,IAAI,EAAE,IAAI,CAACjD,MAAM,CAACC,SAAS;QAC3BiD,IAAI,EAAE,IAAI,CAAClD,MAAM,CAACM,aAAa;QAC/B6C,eAAe,EAAE;MACnB,CAAC;MACDC,wBAAwB,EAAE;IAC5B,CAAC,CAAC,CACDf,IAAI,CAAC,YAAM;MACV,MAAI,CAACqB,KAAK,CAAC,CAAC,cAAc,EAAE,SAAS,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC;MACnE,MAAI,CAACrC,MAAM,CAACC,IAAI,CAAC,6BAA6B,CAAC;IACjD,CAAC,CAAC,CACDqC,KAAK,CAACpF,iBAAiB,CAAC;EAC7B,CAAC;EAEDuF,GAAG,iBAAU;IACX;IACA,4BAAuB,IAAI,CAACC,oBAAoB,OAAzB,IAAI,YAA8B;MAAA;MAApDvB,KAAK;MAAEC,OAAO;IAEnB,IAAI,CAACD,KAAK,CAAC9B,UAAU,IAAI8B,KAAK,CAAC3C,YAAY,IAAI2C,KAAK,CAAC3C,YAAY,CAACmE,QAAQ,CAAC,GAAG,CAAC,EAAE;MAC/E,4BAAmCxB,KAAK,CAAC3C,YAAY,CAACoE,KAAK,CAAC,GAAG,CAAC;QAAA;QAAzDvD,UAAU;QAAEb,YAAY;MAE/B2C,KAAK,mCAAOA,KAAK;QAAE3C,YAAY,EAAZA,YAAY;QAAEa,UAAU,EAAVA;MAAU,EAAC;IAC9C;IACA,IAAMwD,GAAG,GAAG,mBAAU;IAEtB,IAAI,CAAC1B,KAAK,CAACjC,OAAO,IAAIiC,KAAK,CAAC3B,UAAU,EAAE;MACtC2B,KAAK,CAACjC,OAAO,GAAG2D,GAAG,GAAG1B,KAAK,CAAC3B,UAAU,GAAG,IAAI;IAC/C;IAEA,IAAI,CAAC2B,KAAK,CAAC1B,qBAAqB,IAAI0B,KAAK,CAACzB,wBAAwB,EAAE;MAClEyB,KAAK,CAAC1B,qBAAqB,GAAGoD,GAAG,GAAG1B,KAAK,CAACzB,wBAAwB,GAAG,IAAI;IAC3E;IAEA,IAAIyB,KAAK,CAAChD,KAAK,EAAE;MACfgD,KAAK,CAAChD,KAAK,GAAG,IAAAkC,gBAAS,EAACc,KAAK,CAAChD,KAAK,CAAC;IACtC;IAEA,OAAO,oBAAcJ,oBAAW,CAACsD,SAAS,CAACoB,GAAG,EAAE,IAAI,EAAE,CAACtB,KAAK,EAAEC,OAAO,CAAC,CAAC;EACzE,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;EACE0B,QAAQ,sBAAG;IACT,IAAI,CAAC,IAAI,CAAC1D,OAAO,EAAE;MACjB,MAAM,IAAIc,KAAK,CAAC,wBAAwB,CAAC;IAC3C;IAEA,OAAO,IAAI,CAACd,OAAO;EACrB,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE2D,QAAQ,sBAAG;IAAA;IACT,IAAId,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;MACzC,MAAM,IAAIjC,KAAK,CAAC,iDAAiD,CAAC;IACpE;IAEA,OAAO,IAAI,CAACI,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdwC,OAAO,EAAE,cAAc;MACvBC,QAAQ,EAAE,yBAAyB;MACnCxF,IAAI,EAAE;QACJqD,KAAK,EAAE,IAAI,CAACtC;MACd;IACF,CAAC,CAAC,CACD8D,KAAK,CAAC,UAACY,MAAM,EAAK;MACjB,IAAI,YAAY,IAAIA,MAAM,EAAE;QAC1B,OAAO,iBAAQ7F,MAAM,CAAC6F,MAAM,CAAC;MAC/B;MACA,MAAI,CAAClD,MAAM,CAACC,IAAI,CAAC,qEAAqE,CAAC;;MAEvF;MACA;MACA;MACA,IAAMkD,OAAO,GACXlB,OAAO,CAACC,GAAG,CAACkB,oBAAoB,IAChCnB,OAAO,CAACC,GAAG,CAACmB,wBAAwB,IACpC,6CAA6C;MAE/C,OAAO,MAAI,CAAC/C,KAAK,CAACC,OAAO,CAAC;QACxBC,MAAM,EAAE,MAAM;QACdC,GAAG,YAAK0C,OAAO,6BAA0B;QACzC1F,IAAI,EAAE;UACJqD,KAAK,EAAE,MAAI,CAACtC;QACd,CAAC;QACD8E,OAAO,EAAE;UACPC,aAAa,mBAAY,MAAI,CAAC/E,YAAY;QAC5C;MACF,CAAC,CAAC;IACJ,CAAC,CAAC,CACDwC,IAAI,CAAC,UAAC7D,GAAG;MAAA,OAAKA,GAAG,CAACM,IAAI;IAAA,EAAC;EAC5B,CAAC;EAAA;AACH,CAAC,kMArOEQ,iBAAS,4HAmFTA,iBAAS,0EAkJV;AAAC,eAEYH,KAAK;AAAA"}
|
package/dist/plugins/logger.js
CHANGED
|
@@ -57,7 +57,7 @@ var Logger = _webexPlugin.default.extend({
|
|
|
57
57
|
info: wrapConsoleMethod('info'),
|
|
58
58
|
debug: wrapConsoleMethod('debug'),
|
|
59
59
|
trace: wrapConsoleMethod('trace'),
|
|
60
|
-
version: "3.0.0-beta.
|
|
60
|
+
version: "3.0.0-beta.359"
|
|
61
61
|
});
|
|
62
62
|
(0, _webexCore.registerPlugin)('logger', Logger);
|
|
63
63
|
var _default = Logger;
|
package/dist/webex-core.js
CHANGED
|
@@ -99,7 +99,7 @@ var MAX_FILE_SIZE_IN_MB = 2048;
|
|
|
99
99
|
* @class
|
|
100
100
|
*/
|
|
101
101
|
var WebexCore = _ampersandState.default.extend((_obj = {
|
|
102
|
-
version: "3.0.0-beta.
|
|
102
|
+
version: "3.0.0-beta.359",
|
|
103
103
|
children: {
|
|
104
104
|
internal: _webexInternalCore.default
|
|
105
105
|
},
|
|
@@ -641,7 +641,7 @@ var WebexCore = _ampersandState.default.extend((_obj = {
|
|
|
641
641
|
});
|
|
642
642
|
}
|
|
643
643
|
}, ((0, _applyDecoratedDescriptor2.default)(_obj, "_uploadPhaseUpload", [_common.retry], (0, _getOwnPropertyDescriptor.default)(_obj, "_uploadPhaseUpload"), _obj)), _obj));
|
|
644
|
-
WebexCore.version = "3.0.0-beta.
|
|
644
|
+
WebexCore.version = "3.0.0-beta.359";
|
|
645
645
|
(0, _webexInternalCorePluginMixin.default)(_webexInternalCore.default, _config.default, interceptors);
|
|
646
646
|
(0, _webexCorePluginMixin.default)(WebexCore, _config.default, interceptors);
|
|
647
647
|
var _default = WebexCore;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@webex/webex-core",
|
|
3
|
-
"version": "3.0.0-beta.
|
|
3
|
+
"version": "3.0.0-beta.359",
|
|
4
4
|
"description": "Plugin handling for Cisco Webex",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"contributors": [
|
|
@@ -31,24 +31,24 @@
|
|
|
31
31
|
},
|
|
32
32
|
"devDependencies": {
|
|
33
33
|
"@sinonjs/fake-timers": "^6.0.1",
|
|
34
|
-
"@webex/test-helper-chai": "3.0.0-beta.
|
|
35
|
-
"@webex/test-helper-make-local-url": "3.0.0-beta.
|
|
36
|
-
"@webex/test-helper-mocha": "3.0.0-beta.
|
|
37
|
-
"@webex/test-helper-mock-webex": "3.0.0-beta.
|
|
38
|
-
"@webex/test-helper-refresh-callback": "3.0.0-beta.
|
|
39
|
-
"@webex/test-helper-test-users": "3.0.0-beta.
|
|
34
|
+
"@webex/test-helper-chai": "3.0.0-beta.359",
|
|
35
|
+
"@webex/test-helper-make-local-url": "3.0.0-beta.359",
|
|
36
|
+
"@webex/test-helper-mocha": "3.0.0-beta.359",
|
|
37
|
+
"@webex/test-helper-mock-webex": "3.0.0-beta.359",
|
|
38
|
+
"@webex/test-helper-refresh-callback": "3.0.0-beta.359",
|
|
39
|
+
"@webex/test-helper-test-users": "3.0.0-beta.359",
|
|
40
40
|
"chai": "^4.3.4",
|
|
41
41
|
"chai-as-promised": "^7.1.1",
|
|
42
42
|
"sinon": "^9.2.4"
|
|
43
43
|
},
|
|
44
44
|
"dependencies": {
|
|
45
|
-
"@webex/common": "3.0.0-beta.
|
|
46
|
-
"@webex/common-timers": "3.0.0-beta.
|
|
47
|
-
"@webex/http-core": "3.0.0-beta.
|
|
48
|
-
"@webex/internal-plugin-device": "3.0.0-beta.
|
|
49
|
-
"@webex/plugin-logger": "3.0.0-beta.
|
|
50
|
-
"@webex/storage-adapter-spec": "3.0.0-beta.
|
|
51
|
-
"@webex/webex-core": "3.0.0-beta.
|
|
45
|
+
"@webex/common": "3.0.0-beta.359",
|
|
46
|
+
"@webex/common-timers": "3.0.0-beta.359",
|
|
47
|
+
"@webex/http-core": "3.0.0-beta.359",
|
|
48
|
+
"@webex/internal-plugin-device": "3.0.0-beta.359",
|
|
49
|
+
"@webex/plugin-logger": "3.0.0-beta.359",
|
|
50
|
+
"@webex/storage-adapter-spec": "3.0.0-beta.359",
|
|
51
|
+
"@webex/webex-core": "3.0.0-beta.359",
|
|
52
52
|
"ampersand-collection": "^2.0.2",
|
|
53
53
|
"ampersand-events": "^2.0.2",
|
|
54
54
|
"ampersand-state": "^5.0.3",
|
|
@@ -4,6 +4,8 @@
|
|
|
4
4
|
|
|
5
5
|
import {difference} from 'lodash';
|
|
6
6
|
|
|
7
|
+
const SCOPE_SEPARATOR = ' ';
|
|
8
|
+
|
|
7
9
|
/**
|
|
8
10
|
* sorts a list of scopes
|
|
9
11
|
* @param {string} scope
|
|
@@ -14,7 +16,7 @@ export function sortScope(scope) {
|
|
|
14
16
|
return '';
|
|
15
17
|
}
|
|
16
18
|
|
|
17
|
-
return scope.split(
|
|
19
|
+
return scope.split(SCOPE_SEPARATOR).sort().join(SCOPE_SEPARATOR);
|
|
18
20
|
}
|
|
19
21
|
|
|
20
22
|
/**
|
|
@@ -30,10 +32,10 @@ export function filterScope(toFilter, scope) {
|
|
|
30
32
|
const toFilterArr = Array.isArray(toFilter) ? toFilter : [toFilter];
|
|
31
33
|
|
|
32
34
|
return scope
|
|
33
|
-
.split(
|
|
35
|
+
.split(SCOPE_SEPARATOR)
|
|
34
36
|
.filter((item) => !toFilterArr.includes(item))
|
|
35
37
|
.sort()
|
|
36
|
-
.join(
|
|
38
|
+
.join(SCOPE_SEPARATOR);
|
|
37
39
|
}
|
|
38
40
|
|
|
39
41
|
/**
|
|
@@ -44,8 +46,8 @@ export function filterScope(toFilter, scope) {
|
|
|
44
46
|
* @returns {string}
|
|
45
47
|
*/
|
|
46
48
|
export function diffScopes(scopeA, scopeB) {
|
|
47
|
-
const a = scopeA?.split(
|
|
48
|
-
const b = scopeB?.split(
|
|
49
|
+
const a = scopeA?.split(SCOPE_SEPARATOR) ?? [];
|
|
50
|
+
const b = scopeB?.split(SCOPE_SEPARATOR) ?? [];
|
|
49
51
|
|
|
50
|
-
return difference(a, b).sort().join(
|
|
52
|
+
return difference(a, b).sort().join(SCOPE_SEPARATOR);
|
|
51
53
|
}
|
|
@@ -9,7 +9,7 @@ import {safeSetTimeout} from '@webex/common-timers';
|
|
|
9
9
|
import WebexHttpError from '../webex-http-error';
|
|
10
10
|
import WebexPlugin from '../webex-plugin';
|
|
11
11
|
|
|
12
|
-
import {sortScope} from './scope';
|
|
12
|
+
import {sortScope, diffScopes} from './scope';
|
|
13
13
|
import grantErrors, {OAuthError} from './grant-errors';
|
|
14
14
|
|
|
15
15
|
/* eslint-disable camelcase */
|
|
@@ -259,6 +259,14 @@ const Token = WebexPlugin.extend({
|
|
|
259
259
|
return Promise.reject(new Error('cannot downscope access token'));
|
|
260
260
|
}
|
|
261
261
|
|
|
262
|
+
if (diffScopes(scope, this.config.scope) !== '') {
|
|
263
|
+
return Promise.reject(
|
|
264
|
+
new Error(
|
|
265
|
+
`new scope (${scope}) is not subset of the available scopes (${this.config.scope})`
|
|
266
|
+
)
|
|
267
|
+
);
|
|
268
|
+
}
|
|
269
|
+
|
|
262
270
|
// Since we're going to use scope as the index in our token collection, it's
|
|
263
271
|
// important scopes are always deterministically specified.
|
|
264
272
|
if (scope) {
|
|
@@ -1,55 +1,80 @@
|
|
|
1
1
|
import {assert} from '@webex/test-helper-chai';
|
|
2
|
-
import {
|
|
2
|
+
import {
|
|
3
|
+
sortScope,
|
|
4
|
+
filterScope,
|
|
5
|
+
diffScopes,
|
|
6
|
+
isGuestScope,
|
|
7
|
+
} from '@webex/webex-core/src/lib/credentials/scope';
|
|
3
8
|
|
|
4
9
|
describe('webex-core', () => {
|
|
5
10
|
describe('scope utils', () => {
|
|
6
11
|
describe('sortScope', () => {
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
})
|
|
12
|
+
[
|
|
13
|
+
{scope: undefined, expected: ''},
|
|
14
|
+
{scope: '', expected: ''},
|
|
15
|
+
{scope: 'a', expected: 'a'},
|
|
16
|
+
{scope: 'b c a', expected: 'a b c'},
|
|
17
|
+
].forEach(({scope, expected}) =>
|
|
18
|
+
it(`should sort "${scope}" alphabetically`, () => {
|
|
19
|
+
assert.equal(sortScope(scope), expected);
|
|
20
|
+
})
|
|
21
|
+
);
|
|
13
22
|
});
|
|
14
23
|
|
|
15
24
|
describe('filterScope', () => {
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
})
|
|
25
|
+
[
|
|
26
|
+
{toFilter: 'a', scope: undefined, expected: ''},
|
|
27
|
+
{toFilter: 'a', scope: '', expected: ''},
|
|
28
|
+
{toFilter: 'a', scope: 'a', expected: ''},
|
|
29
|
+
{toFilter: 'a', scope: 'a b c', expected: 'b c'},
|
|
30
|
+
{toFilter: 'c', scope: 'a c b', expected: 'a b'},
|
|
31
|
+
].forEach(({toFilter, scope, expected}) =>
|
|
32
|
+
it(`should filter out ${toFilter} scope from ${scope} scope and sort the result`, () => {
|
|
33
|
+
assert.equal(filterScope(toFilter, scope), expected);
|
|
34
|
+
})
|
|
35
|
+
);
|
|
23
36
|
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
})
|
|
37
|
+
[
|
|
38
|
+
{toFilter: [], scope: 'a', expected: 'a'},
|
|
39
|
+
{toFilter: ['a', 'b'], scope: undefined, expected: ''},
|
|
40
|
+
{toFilter: ['a', 'b'], scope: '', expected: ''},
|
|
41
|
+
{toFilter: ['a', 'b'], scope: 'a', expected: ''},
|
|
42
|
+
{toFilter: ['a', 'b'], scope: 'a b c', expected: 'c'},
|
|
43
|
+
{toFilter: ['a', 'd'], scope: 'a c a b', expected: 'b c'},
|
|
44
|
+
].forEach(({toFilter, scope, expected}) =>
|
|
45
|
+
it(`should filter out ${toFilter} from ${scope} and sort the result`, () => {
|
|
46
|
+
assert.equal(filterScope(toFilter, scope), expected);
|
|
47
|
+
})
|
|
48
|
+
);
|
|
32
49
|
});
|
|
33
50
|
|
|
34
51
|
describe('diffScopes', () => {
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
})
|
|
52
|
+
[
|
|
53
|
+
{scope1: undefined, scope2: undefined, expected: ''},
|
|
54
|
+
{scope1: undefined, scope2: '', expected: ''},
|
|
55
|
+
{scope1: '', scope2: undefined, expected: ''},
|
|
56
|
+
{scope1: '', scope2: '', expected: ''},
|
|
57
|
+
{scope1: 'a', scope2: 'a', expected: ''},
|
|
58
|
+
{scope1: 'a b c', scope2: 'a b c', expected: ''},
|
|
59
|
+
{scope1: undefined, scope2: 'a b c', expected: ''},
|
|
60
|
+
{scope1: 'a b c', scope2: 'a b c d', expected: ''},
|
|
61
|
+
].forEach(({scope1, scope2, expected}) =>
|
|
62
|
+
it(`should return an empty string, when all items in ${scope1} scope are contained in the ${scope2} scope`, () => {
|
|
63
|
+
assert.deepEqual(diffScopes(scope1, scope2), expected);
|
|
64
|
+
})
|
|
65
|
+
);
|
|
45
66
|
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
})
|
|
67
|
+
[
|
|
68
|
+
{scope1: 'a', scope2: undefined, expected: 'a'},
|
|
69
|
+
{scope1: 'a', scope2: 'b', expected: 'a'},
|
|
70
|
+
{scope1: 'a b c', scope2: 'a b', expected: 'c'},
|
|
71
|
+
{scope1: 'a b c d', scope2: 'a b c', expected: 'd'},
|
|
72
|
+
{scope1: 'a b c', scope2: undefined, expected: 'a b c'},
|
|
73
|
+
].forEach(({scope1, scope2, expected}) =>
|
|
74
|
+
it(`should return a string containing all items in the ${scope1} scope that are not in the ${scope2} scope`, () => {
|
|
75
|
+
assert.deepEqual(diffScopes(scope1, scope2), expected);
|
|
76
|
+
})
|
|
77
|
+
);
|
|
53
78
|
});
|
|
54
79
|
});
|
|
55
80
|
});
|
|
@@ -166,11 +166,21 @@ describe('webex-core', () => {
|
|
|
166
166
|
);
|
|
167
167
|
});
|
|
168
168
|
|
|
169
|
+
it('rejects downscope when the new scope is not super set of the available scopes', () => {
|
|
170
|
+
const token = makeToken();
|
|
171
|
+
token.config.scope = 'scopeY scopeZ';
|
|
172
|
+
|
|
173
|
+
return assert.isRejected(
|
|
174
|
+
token.downscope('scopeX'),
|
|
175
|
+
/new scope \(scopeX\) is not subset of the available scopes \(scopeY scopeZ\)/
|
|
176
|
+
);
|
|
177
|
+
});
|
|
178
|
+
|
|
169
179
|
it('alphabetizes the requested scope', () => {
|
|
170
180
|
const token = makeToken();
|
|
171
181
|
|
|
172
182
|
webex.request.returns(Promise.resolve({body: {access_token: 'AT2'}}));
|
|
173
|
-
|
|
183
|
+
token.config.scope = 'a b c';
|
|
174
184
|
return token
|
|
175
185
|
.downscope('b a')
|
|
176
186
|
.then(() => assert.equal(webex.request.args[0][0].form.scope, 'a b'));
|